The point of OpenOffice would be in having an alternative in the office suites marketplace to prevent MS from charging exorbitant rates for Office, with which money it'll continue to improve its enterprise offerings, thereby ruining Oracle.
The same goes for other open source projects (Java, etc.).
The question is whether Larry can see that. Here's hoping he does.
It's the new math, previously put forth by Sun when they started calling Java 1.2 "Java 2".
Not to mention version jumps from SunOS to Solaris:
After Solaris 2.6, Sun dropped the "2." from the number, so Solaris 7 incorporates SunOS 5.7, and the latest release SunOS 5.10 forms the core of Solaris 10.
Seriously, though, it'd be good to have Gnome Shell as an option for those who want it. It's possible Mark has backed down from his previous position of making change just for the sake of change.
On the other hand, Gnome Shell is truly innovative, and I commend the devs for that, and it's a good answer to MS fans who talk about the FOSS community not innovating. It'll be good to have a choice, though.
By now you may have seen my follow-up that I mistyped when I said "un-md5" (meant compare hashes on the server).
But I disagree that all logins (even for large sites) are encrypted.
For example, I use Slashdot just fine without JavaScript. I haven't checked the source, but the standard HTML FORM element doesn't encrypt anything when sending form submissions over the network. So the password must obviously be sent (at least the first time) in the clear.
That's why I was encouraging people to md5 their passwords on the client before sending it over. That won't stop this attack, but it'll stop others (security in-depth).
Please somebody mod my original post as Funny and not Informative to avoid future PHP-Nukes.
What you actually need to do at the very least is:
1. md5 (or another algo) with Javascript on the client and compare that hash to the one saved in the DB. If the password is stored in cleartext (which it shouldn't be, but sometimes external systems are out of your control), md5 it with PHP.
2. Some people use SSL on the login page.
3. But this attack shows crackers just intercepting an replaying the creds. Discouraging that might involve IP or other checks. Defeating it might involve total encryption.
That's a great set of links. Thanks for sharing. I've bookmarked them.
It's one thing to have a neutral set of rules, and let the chips fall where they may. But it seems the new rule is Goldman Sachs must always win, and if it doesn't, you go to jail.
For the libertarians out there, this does not concern ownership of the means of production. This is about free and open markets.
The thing is, I could live with many phone models, if Nokia had a policy of making one phone to rule them all, with a superset of features.
The way it is now, some phones have some of the good features, others have others. The consumer is left in a quandary, and sometimes that just means he waits it out.
>Are we paying attention to the same market? Symbian hasn't been relevant for a long time for smartphone use; they've been feature phones, as far as I'm concerned, and not terribly good ones at that.
Umm, what? Symbian constitutes 41% of the smartphone market, the single largest share. The next smaller share is RIM at 18%.
It's amazing how people badmouth Symbian without knowing how the latest Symbian^3 devices work. Hold down the center key (equivalent to the iPhone's single key), and you get a list of running apps with thumbnails and an X to close them. Simple, and powerful.
Listen to music while you're browsing your photos or the web or doing something else.
Qt is definitely the ace for Nokia. Increasingly, the MS monopoly is being weakened, both in desktops (the rise of Mac), and alternative computing devices (smartphones, tablets, etc.).
If you want to write a program once, you'd be smart to use Qt.
Even if you had to do another GUI for small screens, Qt will still span between iPhone, Android, and Meego. And you can leverage your existing Qt knowledge.
Actually, that's the Qt SDK. And it's good that they're supporting Win/Lin/Mac going forward.
But the Symbian SDK basically seems to be Windows-oriented. The S40 SDK, even though it's for Java, is actually delivered as a Windows expanding.EXE instead of a ZIP.
Although, you'd probably want to target Qt from this point on.
> I wouldn't want to put my money into buying an applications from the Ovi store if I knew that the phone's OS could be dead by the time the next handset came out.
Well, Nokia just announced that they're focusing exclusively on Qt as the preferred app environment going forward, and that Qt apps will run on both Symbian and Meego phones.
So, I think the answer would be to buy/use Qt apps.
Well, but Meego is actually Linux (combination of Moblin and Maemo).
The reason for Symbian staying on is that it's great for low-battery usage. If someone buys a smartphone, they can expect to do a lot of charging. The least you can give lower/medium end users is long battery life.
I'm glad to hear that Nokia "gets it", if only now rather than sooner.
I'm rooting for Nokia because I see it as one of the "good guys": -Nokia historically doesn't tie you in to a particular carrier, a kind of network neutrality. Tie-ins are anathema to the geek ethos. -Nokia bought Qt, the framework behind KDE, and is a KDE Patron. -They don't try to lock you out of your own phone like Apple does. They usually have SD ports for exandability, and easily changeable batteries (even the N8 only requires opening 2 screws). -You can develop on Windows, Mac, Linux for Windows, Mac, Linux, and phones.
What I'd like to see is: -Good marketing, not the geeky ads for the N8 -Eye-catching UI/graphics. The icons for Meego don't seem to be gradient-filled, drop-shadowed, anti-aliased. -Besting the iPhone in all aspects. Don't make consumers think about it, even if that means price parity. You can have cheaper phones with 80% of the features, too. -Stable, catchy names for flagship products. Not "N8", "C7", etc. Have a name that consumers and non-Nokia fans can remember. Everybody knows about the iPhone, even people who can't afford it.
I think the reason it counts is that all those hundreds of millions of people with "dumb" Nokias will look first at Nokia for their first smartphone purchase.
People are creatures of habit, and just as it's tough to get Windows users to switch to Linux, and iPhone users to Android, I think Nokia users are going to stick with what's familiar. I've tried Sony-Ericson, and it was horrible (for me).
The decline in Nokias share is due to other manufacturers coming in the market; otherwise Nokia's sales are up 61%.
I'm using ext3 on a 1TB WD Green. I used to experience huge fsck times in Karmic (hours), but ext3 in Lucid seems fine except that it takes 45 seconds to create a directory if I haven't created on in the last 5 min.
Are the "exotic" filesystems good for normal use and low fsck times? Is Reiser dead? Has btrfs reached a fork in the road?
Slashdot Mirror
Does that mean putting a second microphone up into 4chan and then propagating reverse white noise?
explode when overheated?
Exploding gadgets -- it's not just laptops
The point of OpenOffice would be in having an alternative in the office suites marketplace to prevent MS from charging exorbitant rates for Office, with which money it'll continue to improve its enterprise offerings, thereby ruining Oracle.
The same goes for other open source projects (Java, etc.).
The question is whether Larry can see that. Here's hoping he does.
It's the new math, previously put forth by Sun when they started calling Java 1.2 "Java 2".
Not to mention version jumps from SunOS to Solaris:
Did there used to be configuration other than which screensaver you want and how many minutes of idle after which to activate it?
Mark politely refuses to sip the Kool-Aid!
Seriously, though, it'd be good to have Gnome Shell as an option for those who want it. It's possible Mark has backed down from his previous position of making change just for the sake of change.
On the other hand, Gnome Shell is truly innovative, and I commend the devs for that, and it's a good answer to MS fans who talk about the FOSS community not innovating. It'll be good to have a choice, though.
By now you may have seen my follow-up that I mistyped when I said "un-md5" (meant compare hashes on the server).
But I disagree that all logins (even for large sites) are encrypted.
For example, I use Slashdot just fine without JavaScript. I haven't checked the source, but the standard HTML FORM element doesn't encrypt anything when sending form submissions over the network. So the password must obviously be sent (at least the first time) in the clear.
That's why I was encouraging people to md5 their passwords on the client before sending it over. That won't stop this attack, but it'll stop others (security in-depth).
Please somebody mod my original post as Funny and not Informative to avoid future PHP-Nukes.
What you actually need to do at the very least is:
1. md5 (or another algo) with Javascript on the client and compare that hash to the one saved in the DB. If the password is stored in cleartext (which it shouldn't be, but sometimes external systems are out of your control), md5 it with PHP.
2. Some people use SSL on the login page.
3. But this attack shows crackers just intercepting an replaying the creds. Discouraging that might involve IP or other checks. Defeating it might involve total encryption.
Sorry, man, you caught me. Lesson: Don't post while drowsy.
un-md5?
Is that slated to be the next Slashdot meme?
Did I really say un-md5 ?!! Sorry, I meant "compare the hash sent by the client to that saved in the DB".
Even so, this technique uses cookies, and not the password or hash. (Note to self: Read the articles!)
Typo3 is one CMS that you can set to check the incoming IP and make sure it's the same as the IP that originally authenticated.
Drupal 6 is abysmal in that it doesn't even use salt; probably half the passwords in table users are likely to be in an md5 database somewhere.
That's a great set of links. Thanks for sharing. I've bookmarked them.
It's one thing to have a neutral set of rules, and let the chips fall where they may. But it seems the new rule is Goldman Sachs must always win, and if it doesn't, you go to jail.
For the libertarians out there, this does not concern ownership of the means of production. This is about free and open markets.
Leaving aside md5 cracks (use another algo if you want):
md5 the password with Javascript on the client end before sending it. Then un-md5 it with PHP on the server.
Plenty of security-conscious CMS's have been doing this before Mark Z even thought of an electronic facebook.
The thing is, I could live with many phone models, if Nokia had a policy of making one phone to rule them all, with a superset of features.
The way it is now, some phones have some of the good features, others have others. The consumer is left in a quandary, and sometimes that just means he waits it out.
>Are we paying attention to the same market? Symbian hasn't been relevant for a long time for smartphone use; they've been feature phones, as far as I'm concerned, and not terribly good ones at that.
Umm, what? Symbian constitutes 41% of the smartphone market, the single largest share. The next smaller share is RIM at 18%.
http://en.wikipedia.org/wiki/Smartphone
Yeah, multitasking is a strong point of Nokia.
It's amazing how people badmouth Symbian without knowing how the latest Symbian^3 devices work. Hold down the center key (equivalent to the iPhone's single key), and you get a list of running apps with thumbnails and an X to close them. Simple, and powerful.
Listen to music while you're browsing your photos or the web or doing something else.
Nokia will now sign the cert for your app on the Ovi store.
You don't have to be a company anymore; you can just be an individual with an app.
Nokia will even critique your app and UI for you:
http://www.forum.nokia.com/Develop/Development_process/
Qt is definitely the ace for Nokia. Increasingly, the MS monopoly is being weakened, both in desktops (the rise of Mac), and alternative computing devices (smartphones, tablets, etc.).
If you want to write a program once, you'd be smart to use Qt.
Even if you had to do another GUI for small screens, Qt will still span between iPhone, Android, and Meego. And you can leverage your existing Qt knowledge.
Actually, that's the Qt SDK. And it's good that they're supporting Win/Lin/Mac going forward.
But the Symbian SDK basically seems to be Windows-oriented. The S40 SDK, even though it's for Java, is actually delivered as a Windows expanding .EXE instead of a ZIP.
Although, you'd probably want to target Qt from this point on.
> I wouldn't want to put my money into buying an applications from the Ovi store if I knew that the phone's OS could be dead by the time the next handset came out.
Well, Nokia just announced that they're focusing exclusively on Qt as the preferred app environment going forward, and that Qt apps will run on both Symbian and Meego phones.
So, I think the answer would be to buy/use Qt apps.
Well, but Meego is actually Linux (combination of Moblin and Maemo).
The reason for Symbian staying on is that it's great for low-battery usage. If someone buys a smartphone, they can expect to do a lot of charging. The least you can give lower/medium end users is long battery life.
I'm glad to hear that Nokia "gets it", if only now rather than sooner.
I'm rooting for Nokia because I see it as one of the "good guys":
-Nokia historically doesn't tie you in to a particular carrier, a kind of network neutrality. Tie-ins are anathema to the geek ethos.
-Nokia bought Qt, the framework behind KDE, and is a KDE Patron.
-They don't try to lock you out of your own phone like Apple does. They usually have SD ports for exandability, and easily changeable batteries (even the N8 only requires opening 2 screws).
-You can develop on Windows, Mac, Linux for Windows, Mac, Linux, and phones.
What I'd like to see is:
-Good marketing, not the geeky ads for the N8
-Eye-catching UI/graphics. The icons for Meego don't seem to be gradient-filled, drop-shadowed, anti-aliased.
-Besting the iPhone in all aspects. Don't make consumers think about it, even if that means price parity. You can have cheaper phones with 80% of the features, too.
-Stable, catchy names for flagship products. Not "N8", "C7", etc. Have a name that consumers and non-Nokia fans can remember. Everybody knows about the iPhone, even people who can't afford it.
I think the reason it counts is that all those hundreds of millions of people with "dumb" Nokias will look first at Nokia for their first smartphone purchase.
People are creatures of habit, and just as it's tough to get Windows users to switch to Linux, and iPhone users to Android, I think Nokia users are going to stick with what's familiar. I've tried Sony-Ericson, and it was horrible (for me).
The decline in Nokias share is due to other manufacturers coming in the market; otherwise Nokia's sales are up 61%.
in this corner, our old overlord, Adobe Systems Incorporated, purveyor of buggy, virusy, CPU-hoggy Flash.
And in this corner, your new overlord, Steve Jobs, who with the One Token Ring wants to rule them all.
Which overlord to welcome ... choices, choices.
Doesn't using mmap mean tying your app to Linux, whereas normal fopen at alia would just be C library calls also available on Solaris, NT, MacOS, etc?
What do you use? Genuinely curious.
I'm using ext3 on a 1TB WD Green. I used to experience huge fsck times in Karmic (hours), but ext3 in Lucid seems fine except that it takes 45 seconds to create a directory if I haven't created on in the last 5 min.
Are the "exotic" filesystems good for normal use and low fsck times? Is Reiser dead? Has btrfs reached a fork in the road?