Back when BeOS was still cool, and Rhapsody was hot, and NT was still counting by numbers instead of names, I installed BeOS, Rhapsody DR1, and NT 4 on the same hardware... a Pentium with 16MB of RAM... not exactly state of the art but not ridiculous for the time either.
BeOS showed no exceptional capabilities. Both Rhapsody and NT were easily able to run multiple concurrent applications without slowdown, and BeOS was at least as often bottlenecked on I/O.
BeOS was certainly a competent OS design, but the "remarkable" performance was only remarkable when it was compared with the classic Mac OS and mainstream Windows 9x. With those as the "competition", the legend of BeOS has grown over the years, but any contemporary preemptive multitasking OS could do as well.
Well if Ubuntu released a mobile handheld computer running its software distribution and called it "Ubuntoo" it would be the same thing.
If they put as little of their distro as what could even conceivably be in the iPod, it wouldn't be "Ubuntu". And since Apple isn't calling what's in the iPod OS X, it's not.
The iPhone quite obviously [...]
What does that have to do with whether the iPod is running OS X or not?
If you're getting upset [...]
The term is "debunking", not "getting upset".
Re:Got the reasons backwards...
on
iPods Don't Run OS X
·
· Score: 2, Interesting
XNU is the Darwin kernel. It's not a "whack hybrid" of anything, it's a pretty standard Mach single-server implementation, using a FreeBSD derivative instead of the original 4.3 BSD kernel as the server. It's not that much different from 4.4-Lites or Tru64 or any other contempory Mach-based kernel.
The file listing presented in the Roughly Drafted included several directories that implied the presence of Darwin userland components... applications and utilities... as well as the kernel. I suppose all those directories could have been empty, but I don't think that's likely.
WinCE is the underlying OS, like Darwin is the underlying OS in OSX.
but the Windows mentality still pervades some of the devices, representing a serious Inability To Get It.
Oh, I agree. I wasted a couple years trying a Jornada and ended up back on Palm. I'm not saying I *like* Microsoft's Windows CE based software, but no matter how much I might *wish* it otherwise, Windows CE is far from dead.
Windows CE is in a number of markets. It's had success in some. Failures in others, like any other product. Microsoft has a huge ego problem, and has spent a lot of money trying to target the cellphone market with WinCE-based software, and that *application* of Windows CE has done poorly... but that application is not Windows CE.
Windows CE is an embedded OS. It's built around the same programming model as Win32 with a set of libraries targeted for different platforms. I don't like the design, myself, but I'm not in their target market... I don't like Windows design either, but that hasn't kept it from being a success.
Windows CE is not Microsoft's "Stinger" phone, though it's built on top of Windows CE.
Windows CE is not the Pocket PC, though that is built on top of Windows CE.
Windows CE is not Pocket Internet Explorer, though Pocket IE runs on top of Windows CE. Opera runs on top of it, too, you know.
You're making HUGE category errors, the same kind of category errors as the people claiming the iPod runs OSX just because it runs a Darwin-based kernel, or (for that matter) the people claiming that OSX is a failure because it hasn't toppled Windows on the desktop.
Marketshare is not the big problem with Windows
on
Zune DRM Cracked
·
· Score: 1
For years now we've been hearing that Mac OS X is less vulnerable to viruses and cracking because it has a far smaller marketshare than Windows.
No.
OS X is less vulnerable because its components expose a much smaller surface area to attack.
OS X is attacked less often because it has a smaller marketshare.
These are both in OSX favor, but it's the first that is the really important one. Yes, black hats preferentially target the more popular platform. But they don't *exclusively* target it... if that were the major factor in OS X relative security then you would expect it to have *fewer* active viruses in the wild... but not so near to zero that you can basically ignore them.
What's an example of the kind of component I'm talking about?
Between 1997 and 1998 the virus problem on Windows went from an annoyance to a disaster. Up to then Windows was a lot more like OS X today than Windows today... or even Windows in 2000. Up to then the typical user had been pretty much safe from malware so long as they did not download dodgy software from BBSes or online archives.
Windows market share did not also increase thousands of times over that period... but something did change, and that was the surface area exposed to attack. In particular, what was originally called "Active Desktop" created a whole new *kind* of attack, because it was actually designed to allow web pages (and anything else that used the HTML control, including mail messages) to install and run native Windows plugins through a mechanism called ActiveX.
Oh, yes, they have all kinds of checks to keep it from happening when you don't want it to, but the fact that it's possible at all was something unique to Windows and IE.
It's that kind of design, one that is much more common in Windows than anywhere else, that makes Windows so uniquely attractive to attackers. It's not just that Windows is everywhere... it leaves the key under the mat as well.
No, the soi-disant Microskernel is Mach, and it's not a Microkernel in any useful sense.
This is why we could move Mac OS X so easily to the Intel platform.
The OS kernel in Darwin ran on Intel long before it ran on the Power PC. The GUI layers over the UNIX kernel and utilities are probably *less* device independent than most of the system, due to their close integration with the GPU and OpenGL (have a look at all the Apple-specific OpenGL extensions on a Mac video card some time). The ancestors of the components in Darwin - BSD, Mach, the shells and utilities - were designed (after Bell Labs failed to acquire a Multics system because AT&T dropped out of the project) for hardware independence from the start. The first actual port (from the PDP-11 to the Interdata 7/32) took place a few years later in 1976 (the year the Apple I shipped), and have run on every major hardware platform from thumb drives to mainframes... let alone common systems like Intel.
It's not that the GUI was hardware independent so you could shove a new kernel under it. It's that the underlying OS was designed from the ground up for hardware independence before Apple existed.
Incidentally, WinCE is hardly dead...
on
iPods Don't Run OS X
·
· Score: 4, Informative
Apple's OS X is actually doing what Microsoft promised but failed to do over a decade of WinCE development.
Now, let me say up front that my own experience with Windows CE based devices has not been a bed of roses, but then neither has my experience with desktop Windows... which is a market success despite failing to deliver what Microsoft promised. Not only is Pocket PC, now known as Windows Mobile, used in an awful lot of devices... but it's even penetrated the stronghold of its arch-rival Palm. Yes, Palm created that situation by dropping the ball around 2002, but Palm tried their own embedded UNIX as well as their inevitably doomed BeOS spinoff and ended up deciding to embrace the "failed" Windows CE anyway.
In addition, there's a plethora of applications for it, something that Apple shows no interest in even making possible. No, supporting fancy web-based applets is not at all comparable to running actual local applications... particularly when it's rather likely those "iPhone apps" will happily run on Pocket PC as well: if not now, just as soon as someone ports Webcore to it.
And that's just *one* application of Windows CE. You can't license Apple's ARM port of Darwin or any of the rest of the software in the iPod or iPhone, like you can Windows CE. There's no developer's kit, no porting kit, no product.
So not only is Windows CE not a failure, it's not even the same kind of product as Apple's closed fork of OS X on the iPhone or their closed fork of Darwin on the iPod. Most of what Microsoft promised, Apple's declining to even offer. And Microsoft has done a surprisingly good job with Windows CE... in many ways it's a far better and more secure product than desktop Windows.
Does it make money for Microsoft? Who cares, other than Microsoft stockholders? Does it do what Microsoft promised? Absolutely.
Oh dear, it turns out the iPod is running Mac OS X--with a Mach kernel and a Unix userland--and has been for years.
Nonsense.
What this listing shows is not an iPod running "Mac OS X". It shows an iPod that may be running "a Mach-based version of UNIX", presumably a variant of Darwin. Darwin is not OS X. This would be like finding a copy of "vmlinuz" in an embedded device and claiming it's running Ubuntu.
In Second Life: skins, hair, clothes, animations, weapons, sensors, shields, jewelry, gestures, flight enhancers, teleporters, wings, tails, complete avatar makeovers (including species and gender changes),... and, I guess, genitals.
In First Life: clothes, food, shelter, cosmetics, drugs, jewelry, weapons, transportation, and entertainment (including stories and movies about people who can change their skins, hair, clothes, gender, species, etc...)
In Star Trek: clothes, food, shelter, cosmetics, drugs, jewelry, weapons, sensors, shields, teleporters, and holodeck privileges (where they can pretend to change their skins, hair, clothes, gender, species, etc...)
Yeah, and hope that the server isn't running in someone's "bargain basement" and is protected from such things as power outages, hard-drive failures and 3rd party tampering.
All the servers in SL are hosted by Linden Labs. They're all backed up in periodic checkpoints, they migrate from one physical computer to another as needed, and can be restored to any recent checkpoint if necessary. There is a separate project to create an open source sim, but it's completely independent of Linden Labs... currently only the client (the viewer application) is open course.
Around the same time political bloggers caught "Bush '08"-tag-wearing vandals defacing former senator John Edwards' Second Life headquarters with excrement and covering his photo in blackface.
What actually happened?
What does it mean?
When you buy an "island" (a server) from Linden Labs, what you get is configured to only allow *you* to create objects on it. In addition, unless you deliberately set out to make it happen, nothing in Second Life can be damaged, destroyed, defaced, or in any way modified except by the owner. Even if you do allow people to create objects, you get to set a time limit beyond which they vanish. THe only think you can effect are objects marked as being as being subject to normal physics, which has to be done deliberately, and pretty much the only "physical" objects in most places in SL are the avatars themselves.
If the people who built the Kerry site mistakenly turned on building for other people without setting a time limit, and didn't keep someone there to monitor it, then they did the equivalent of renting space in a mall, putting up posters, setting out leaflets, and walking away with the doors unlocked... and they were a lot safer doing that than they'd have been in RL.
There's no feces to smear on things. You can create a picture of them and post them on top, like a second layer of posters. There's no way to remove anything anyone put there, or break it.
So... someone came along and put up new posters, with *pictures* of feces on them. Which (if they had any sense) the Kerry people would have removed, permanently, as soon as they returned. After making sure they had some pictures to show everyone what jerks Bush supporters were.
If they'd done the same thing in RL they'd have been lucky if they didn't get everything movable stolen as well. And canned from the campaign. No, there's much less chance of anything seriously unpleasant happening to your marketing campaign in SL than in RL.
The biggest problem I've seen with people marketing in SL is simply not understanding what they're doing.
For example, objects in SL are infinitely and freely replicable by the creator. If you set up a website online, advertising your product, you typically let people download screen savers and branded games and things for free. If you're a car company, you don't charge people money for the driving game and desktop wallpaper and AOL icons... you want people to walk out with them and keep them around. At car shows you give people freebies, you don't charge money for the toy cars and tee-shirts with your logo on them.
So I went to this auto maker's island. They wanted you to pay the equivalent of a dollar to buy a "car" in SL. That's a bunch of painted boxes configured to use the "driving" code built into SL. A car, mind you, that costs them no more than the wallpaper and mini driving game you could download at their website... and cost less to create than the model cars in that driving game. No thanks, I'll save that buck for an iTunes download. So their thousands of dollars for renting that island in SL is all thrown away because they tried to recover the costs by charging the people they're advertising to for what they'd be giving away as a freebie online or at the auto show.
You see this again and again. One electronics store wanted you to buy "computers" and "iPods" from them... all of which are just boxes with photos pasted on the sides. Another company was charging money for a logo T-shirt. What this kind of product is, is basically an uploaded copy of their logo, positioned so that when you "wore" it it showed up on your chest... they didn't even bother creating a "cloth" texture, stitches, folds, or any of the baked-in lighting effects that hobbyists making levels and skins for video games are used to doing. The T-shirts they give away at trade shows cost approximately infinity times as much to reproduce.
Meanwhile, the average person selling clothes in-game with a monthly budget that *might* pay for the typical
I don't like putting the closing braces at the end, though I know that's very popular with Lisp coders of the "parentheses are invisible" school. I know this makes me weird but I *like* my parentheses, they're useful, they help me lay out the code to better explain (and understand) it.
Java updates have side effects sometimes, like browser reconfiguration.
So can any security fix. Hell, there's some whopping design flaws in the Microsoft HTML control that *will* break software if Microsoft ever gets the balls to fix them, and they *have* broken stuff with security patches before.
The point is, if people are holding off security fixes because they're worried about a patch to an image reading library in the Java runtime having unintended consequences, how do they ever summon the courage to perform ANY security patches.
Or do they just not apply them?
That would help explain the "robust viral ecosystem" out there.
It differs substantially from "any other" security patch, because it's specifically a language patch.
It's a *library patch*. The library is shipped as part of the language runtime, but *just* patching that library is no different than patching any other library.
Yes, the vendor could sneak in other patches, but that's no different to *any* other patch from *any* vendor that provides a language runtime, whether it's Microsoft (CLR, MSVCRT,...), IBM (Lotus), SAP, Mozilla.org (Firefox), Adobe (Flash), or anyone else.
Are you saying you'd hold out on a patch for a security hole in IE because it might include a modified version of any of Microsoft's runtimes? Microsoft is notorious for being cavalier about slipping new runtimes in under the hood.
1. I followed your links and on the first page I hit I was asked to load a *signed applet*.
If you need to run a trusted applet to do the work, then you're just making the same point I was, with perhaps a bit more subtlety.
2. SWT looks like the direction the Java GUI API should have taken from the start. The other fellow who replied to my post seems to be a bit defeatist about things, and even less enthusiastic about Java's potential (even now) than I am. A bit ironic that... anyway, he seemed to put SWT down. Have you any idea why?
3. Sun released a Java browser too, early on. I used it for a while, but they never gave it the resources it would have needed to really take off, even if it could have solved the plugin problem (or, since it was written in Java, kept the plugin problem from happening by making Java applets work really quickly and smoothly... it *was* early enough to have a chance at that).
I'm not quite sure what you mean. Java has used DirectX/OpenGL as its renderer for some time now. It's simply hidden beneath the covers of the Java core libraries.
I think you're misunderstanding, or reading more into it than I put there.
First, I completely agree that writing code that CAN be written in Java in Java is the best approach.
First, that's calling native code. The OP was pointing out that writing code in Java solves a number of security flaws, and I agree. My point here is that this can only go so far. DirectX and OpenGL are not written in Java. Neither is the Quicktime for Java library that things like Processing use. If these libraries have bugs (like Quicktime for Java, if you've been following that), or capabilities that aren't bugs but shouldn't be exposed to untrusted code (like, well, just about anything... even an image file reader with NO security holes if you don't limit what images it's allowed to open) then you've still got to address them... you can't write them in Java.
Second, you still need to have a richer library available for trusted applications. Whether Java uses OpenGL or DirectX under the hood doesn't matter if what your application needs to do is feed in a shader program, and there's no API for it.
On another point... defeatism is "the bright side"?
On the bright side, Java wouldn't have done any better on the desktop even if had been given the perfect solution to a cross platform GUI. [Office and Netscape and... already exist]
By that logic, one might as well not bother trying to write any new software... it's all been written.
If Java provided a high enough level API for enough common controls the majority of the application... including all the controls that people generally gripe about when they don't work right because they *are* the common ones people are used to... would just work. This could be a thin implementation (calling the native code fairly early on for each platform) or a thick one (duplicating the native look and feel in Java for each platform)... the application shouldn't be able to tell.
And that would have done a lot to make Java applications attractive. There have been a lot of good Java apps, I've used them myself, but when I've been able to find a more-native application... I've ended up switching away from the Java one.
You have to have native code implementation of some methods, at some point.
I have to admit that I have been very impressed by the overall security of Java. The design is not inherently safe, so the implementation has to be flawless, and I was extremely skeptical of this approach... but Sun has done an excellent job of implementing the Java security model in Java itself with untrusted code running in the same fully capable virtual machine as trusted code.
This means that for untrusted code, implementing as much as possible in Java is the most secure way to go. And avoiding native OS- or application-specific extensions (like, for a recent example, animated cursors in Firefox) keeps Java from being a carrier for indirect attacks.
There are, however, some caveats:
First, for trusted code (for example, normal applications) avoiding native libraries has a potentially huge performance cost. I'm not talking so much about the overhead of Java itself, but portable OS- and application-independent code can't take advantage things like a native graphics API that's directly mapped to GPU operations. I'm sure you can call OpenGL from Java, but I would hope that you can't do it from a Java applet - so applications should perhaps not be held to such a strict regimen.
Second, one of the problems with Java as a "run anywhere" language for applications is that so much of Java is implemented in Java, emulating a Windows style user interface (I don't have a problem with Sun choosing Windows here, that's where the market is, but it does make Java less attractive to people wanting to "run anywhere".
Third, solving this problem for Java may be less useful when it comes to security than fixing the native libraries so they're secure whether they're called from Java or some other component for the display of untrusted content (like a browser).
The flip side of this last point is that implementing a good browser purely in Java would seem to be a way to avoid that problem... but the catch-22 there is the first and second problems, plus so much of the web now *depends on* plugins like Flash, media players, and even Java itself.:)
Which means, a full release cycle. Most enterprises (a catch-all phrase that usually maps to the largest corporate environments, involving thousands of employees) support a range of in-house and 3rd party applications, utilities and infrastructure tools. QA on a release cycle for desktops can cost hundreds of thousands of dollars in employee time and delayed projects, but to perform the release any more cavalierly can result in even more damage.
How does this differ from any other security patch? It's not because Java is ubiquitous - the components that are patched by many security fixes... particularly from companies like Microsoft and Adobe... are even more widely used. How do you roll out security fixes now? Or do you just not bother to keep up to date?
The only source for this is a throwaway line in a book about OSX saying that Apple isn't putting a TPM on the motherboard of those systems. The reason it isn't true is that Apple will be shipping Intel processor with TPMs built in.
The systems in question shipped last year. What is this "will be" business?
Ahh, right. So it was Reagan's liberal agenda behind such left-wing radicals as C. Everett Koop. But of course only liberals get taken in by the alleged links between tobacco and lung cancer, right?
The President has released statements that use fear to control people's voting beliefs, behavior, and actions. He has released statements known at the time to be false, and the press reported them as factual and even know people refuse to believe that they were false. He uses fear to control people the way a terrorist uses fear, he uses lies to control people the way a con-artist uses lies. He takes advice from companies that want him to make statements that use fear to control Congress and loosen the purse strings so he can spend our tax money on their products and services. He does this for Halliburton, Qualcomm, and others to get them contracts in Iraq, to force people who think they're being "patriotic" to support his foolish war... the war that is a scam. The "New American" religion is built on distorted readings of old religion, spawned by neoconservatives to control people and eventually control the world.
BootCamp, for example, is part of Apple's move to Trusted Computing... since they require a signed and official bootloader to go with a signed and official kernel, and the TPM hardware they put in their Intel Apple Macs.
The thing is, Apple isn't putting the TPM chip in the Mac Pro or any later Macs. And Apple has shown no signs of pushing "trusted computing" in any other way. And the business of having to have a signed bootloader sounds more like a Microsoft requirement than an Apple one. Do you mean a signed CSM? You don't need Apple's CSM to boot Windows, and it's Microsoft's bootloader that takes over after that.
Right now, in the US, when you buy a phone, you get the options dictated by the service. We have no phone transportability. Wy have mystery-meat restrictions (Sprint will cancel you if you call support "too often").
Having the options dictated by the phone manufacturer will at least give us the choice of picking a phone from a company that's forced the options we want through the carrier. That's not as good a deal as I hear you get over the pond, but it's better than we have now.
Back when BeOS was still cool, and Rhapsody was hot, and NT was still counting by numbers instead of names, I installed BeOS, Rhapsody DR1, and NT 4 on the same hardware... a Pentium with 16MB of RAM... not exactly state of the art but not ridiculous for the time either.
BeOS showed no exceptional capabilities. Both Rhapsody and NT were easily able to run multiple concurrent applications without slowdown, and BeOS was at least as often bottlenecked on I/O.
BeOS was certainly a competent OS design, but the "remarkable" performance was only remarkable when it was compared with the classic Mac OS and mainstream Windows 9x. With those as the "competition", the legend of BeOS has grown over the years, but any contemporary preemptive multitasking OS could do as well.
Well if Ubuntu released a mobile handheld computer running its software distribution and called it "Ubuntoo" it would be the same thing.
If they put as little of their distro as what could even conceivably be in the iPod, it wouldn't be "Ubuntu". And since Apple isn't calling what's in the iPod OS X, it's not.
The iPhone quite obviously [...]
What does that have to do with whether the iPod is running OS X or not?
If you're getting upset [...]
The term is "debunking", not "getting upset".
XNU is the Darwin kernel. It's not a "whack hybrid" of anything, it's a pretty standard Mach single-server implementation, using a FreeBSD derivative instead of the original 4.3 BSD kernel as the server. It's not that much different from 4.4-Lites or Tru64 or any other contempory Mach-based kernel.
The file listing presented in the Roughly Drafted included several directories that implied the presence of Darwin userland components... applications and utilities... as well as the kernel. I suppose all those directories could have been empty, but I don't think that's likely.
I thought the CE name was dead now?
WinCE is the underlying OS, like Darwin is the underlying OS in OSX.
but the Windows mentality still pervades some of the devices, representing a serious Inability To Get It.
Oh, I agree. I wasted a couple years trying a Jornada and ended up back on Palm. I'm not saying I *like* Microsoft's Windows CE based software, but no matter how much I might *wish* it otherwise, Windows CE is far from dead.
Windows CE is in a number of markets. It's had success in some. Failures in others, like any other product. Microsoft has a huge ego problem, and has spent a lot of money trying to target the cellphone market with WinCE-based software, and that *application* of Windows CE has done poorly... but that application is not Windows CE.
Windows CE is an embedded OS. It's built around the same programming model as Win32 with a set of libraries targeted for different platforms. I don't like the design, myself, but I'm not in their target market... I don't like Windows design either, but that hasn't kept it from being a success.
Windows CE is not Microsoft's "Stinger" phone, though it's built on top of Windows CE.
Windows CE is not the Pocket PC, though that is built on top of Windows CE.
Windows CE is not Pocket Internet Explorer, though Pocket IE runs on top of Windows CE. Opera runs on top of it, too, you know.
You're making HUGE category errors, the same kind of category errors as the people claiming the iPod runs OSX just because it runs a Darwin-based kernel, or (for that matter) the people claiming that OSX is a failure because it hasn't toppled Windows on the desktop.
For years now we've been hearing that Mac OS X is less vulnerable to viruses and cracking because it has a far smaller marketshare than Windows.
No.
OS X is less vulnerable because its components expose a much smaller surface area to attack.
OS X is attacked less often because it has a smaller marketshare.
These are both in OSX favor, but it's the first that is the really important one. Yes, black hats preferentially target the more popular platform. But they don't *exclusively* target it... if that were the major factor in OS X relative security then you would expect it to have *fewer* active viruses in the wild... but not so near to zero that you can basically ignore them.
What's an example of the kind of component I'm talking about?
Between 1997 and 1998 the virus problem on Windows went from an annoyance to a disaster. Up to then Windows was a lot more like OS X today than Windows today... or even Windows in 2000. Up to then the typical user had been pretty much safe from malware so long as they did not download dodgy software from BBSes or online archives.
Windows market share did not also increase thousands of times over that period... but something did change, and that was the surface area exposed to attack. In particular, what was originally called "Active Desktop" created a whole new *kind* of attack, because it was actually designed to allow web pages (and anything else that used the HTML control, including mail messages) to install and run native Windows plugins through a mechanism called ActiveX.
Oh, yes, they have all kinds of checks to keep it from happening when you don't want it to, but the fact that it's possible at all was something unique to Windows and IE.
It's that kind of design, one that is much more common in Windows than anywhere else, that makes Windows so uniquely attractive to attackers. It's not just that Windows is everywhere... it leaves the key under the mat as well.
Isn't the microkernel Darwin?
No, the soi-disant Microskernel is Mach, and it's not a Microkernel in any useful sense.
This is why we could move Mac OS X so easily to the Intel platform.
The OS kernel in Darwin ran on Intel long before it ran on the Power PC. The GUI layers over the UNIX kernel and utilities are probably *less* device independent than most of the system, due to their close integration with the GPU and OpenGL (have a look at all the Apple-specific OpenGL extensions on a Mac video card some time). The ancestors of the components in Darwin - BSD, Mach, the shells and utilities - were designed (after Bell Labs failed to acquire a Multics system because AT&T dropped out of the project) for hardware independence from the start. The first actual port (from the PDP-11 to the Interdata 7/32) took place a few years later in 1976 (the year the Apple I shipped), and have run on every major hardware platform from thumb drives to mainframes... let alone common systems like Intel.
It's not that the GUI was hardware independent so you could shove a new kernel under it. It's that the underlying OS was designed from the ground up for hardware independence before Apple existed.
Apple's OS X is actually doing what Microsoft promised but failed to do over a decade of WinCE development.
Now, let me say up front that my own experience with Windows CE based devices has not been a bed of roses, but then neither has my experience with desktop Windows... which is a market success despite failing to deliver what Microsoft promised. Not only is Pocket PC, now known as Windows Mobile, used in an awful lot of devices... but it's even penetrated the stronghold of its arch-rival Palm. Yes, Palm created that situation by dropping the ball around 2002, but Palm tried their own embedded UNIX as well as their inevitably doomed BeOS spinoff and ended up deciding to embrace the "failed" Windows CE anyway.
In addition, there's a plethora of applications for it, something that Apple shows no interest in even making possible. No, supporting fancy web-based applets is not at all comparable to running actual local applications... particularly when it's rather likely those "iPhone apps" will happily run on Pocket PC as well: if not now, just as soon as someone ports Webcore to it.
And that's just *one* application of Windows CE. You can't license Apple's ARM port of Darwin or any of the rest of the software in the iPod or iPhone, like you can Windows CE. There's no developer's kit, no porting kit, no product.
So not only is Windows CE not a failure, it's not even the same kind of product as Apple's closed fork of OS X on the iPhone or their closed fork of Darwin on the iPod. Most of what Microsoft promised, Apple's declining to even offer. And Microsoft has done a surprisingly good job with Windows CE... in many ways it's a far better and more secure product than desktop Windows.
Does it make money for Microsoft? Who cares, other than Microsoft stockholders? Does it do what Microsoft promised? Absolutely.
Oh dear, it turns out the iPod is running Mac OS X--with a Mach kernel and a Unix userland--and has been for years.
Nonsense.
What this listing shows is not an iPod running "Mac OS X". It shows an iPod that may be running "a Mach-based version of UNIX", presumably a variant of Darwin. Darwin is not OS X. This would be like finding a copy of "vmlinuz" in an embedded device and claiming it's running Ubuntu.
In Second Life: skins, hair, clothes, animations, weapons, sensors, shields, jewelry, gestures, flight enhancers, teleporters, wings, tails, complete avatar makeovers (including species and gender changes), ... and, I guess, genitals.
In First Life: clothes, food, shelter, cosmetics, drugs, jewelry, weapons, transportation, and entertainment (including stories and movies about people who can change their skins, hair, clothes, gender, species, etc...)
In Star Trek: clothes, food, shelter, cosmetics, drugs, jewelry, weapons, sensors, shields, teleporters, and holodeck privileges (where they can pretend to change their skins, hair, clothes, gender, species, etc...)
Yeah, and hope that the server isn't running in someone's "bargain basement" and is protected from such things as power outages, hard-drive failures and 3rd party tampering.
All the servers in SL are hosted by Linden Labs. They're all backed up in periodic checkpoints, they migrate from one physical computer to another as needed, and can be restored to any recent checkpoint if necessary. There is a separate project to create an open source sim, but it's completely independent of Linden Labs... currently only the client (the viewer application) is open course.
Around the same time political bloggers caught "Bush '08"-tag-wearing vandals defacing former senator John Edwards' Second Life headquarters with excrement and covering his photo in blackface.
What actually happened?
What does it mean?
When you buy an "island" (a server) from Linden Labs, what you get is configured to only allow *you* to create objects on it. In addition, unless you deliberately set out to make it happen, nothing in Second Life can be damaged, destroyed, defaced, or in any way modified except by the owner. Even if you do allow people to create objects, you get to set a time limit beyond which they vanish. THe only think you can effect are objects marked as being as being subject to normal physics, which has to be done deliberately, and pretty much the only "physical" objects in most places in SL are the avatars themselves.
If the people who built the Kerry site mistakenly turned on building for other people without setting a time limit, and didn't keep someone there to monitor it, then they did the equivalent of renting space in a mall, putting up posters, setting out leaflets, and walking away with the doors unlocked... and they were a lot safer doing that than they'd have been in RL.
There's no feces to smear on things. You can create a picture of them and post them on top, like a second layer of posters. There's no way to remove anything anyone put there, or break it.
So... someone came along and put up new posters, with *pictures* of feces on them. Which (if they had any sense) the Kerry people would have removed, permanently, as soon as they returned. After making sure they had some pictures to show everyone what jerks Bush supporters were.
If they'd done the same thing in RL they'd have been lucky if they didn't get everything movable stolen as well. And canned from the campaign. No, there's much less chance of anything seriously unpleasant happening to your marketing campaign in SL than in RL.
The biggest problem I've seen with people marketing in SL is simply not understanding what they're doing.
For example, objects in SL are infinitely and freely replicable by the creator. If you set up a website online, advertising your product, you typically let people download screen savers and branded games and things for free. If you're a car company, you don't charge people money for the driving game and desktop wallpaper and AOL icons... you want people to walk out with them and keep them around. At car shows you give people freebies, you don't charge money for the toy cars and tee-shirts with your logo on them.
So I went to this auto maker's island. They wanted you to pay the equivalent of a dollar to buy a "car" in SL. That's a bunch of painted boxes configured to use the "driving" code built into SL. A car, mind you, that costs them no more than the wallpaper and mini driving game you could download at their website... and cost less to create than the model cars in that driving game. No thanks, I'll save that buck for an iTunes download. So their thousands of dollars for renting that island in SL is all thrown away because they tried to recover the costs by charging the people they're advertising to for what they'd be giving away as a freebie online or at the auto show.
You see this again and again. One electronics store wanted you to buy "computers" and "iPods" from them... all of which are just boxes with photos pasted on the sides. Another company was charging money for a logo T-shirt. What this kind of product is, is basically an uploaded copy of their logo, positioned so that when you "wore" it it showed up on your chest... they didn't even bother creating a "cloth" texture, stitches, folds, or any of the baked-in lighting effects that hobbyists making levels and skins for video games are used to doing. The T-shirts they give away at trade shows cost approximately infinity times as much to reproduce.
Meanwhile, the average person selling clothes in-game with a monthly budget that *might* pay for the typical
I don't like putting the closing braces at the end, though I know that's very popular with Lisp coders of the "parentheses are invisible" school. I know this makes me weird but I *like* my parentheses, they're useful, they help me lay out the code to better explain (and understand) it.
:p
And I never even used a machine without a GUI
Making me feel old.
Java updates have side effects sometimes, like browser reconfiguration.
So can any security fix. Hell, there's some whopping design flaws in the Microsoft HTML control that *will* break software if Microsoft ever gets the balls to fix them, and they *have* broken stuff with security patches before.
The point is, if people are holding off security fixes because they're worried about a patch to an image reading library in the Java runtime having unintended consequences, how do they ever summon the courage to perform ANY security patches.
Or do they just not apply them?
That would help explain the "robust viral ecosystem" out there.
It differs substantially from "any other" security patch, because it's specifically a language patch.
...), IBM (Lotus), SAP, Mozilla.org (Firefox), Adobe (Flash), or anyone else.
It's a *library patch*. The library is shipped as part of the language runtime, but *just* patching that library is no different than patching any other library.
Yes, the vendor could sneak in other patches, but that's no different to *any* other patch from *any* vendor that provides a language runtime, whether it's Microsoft (CLR, MSVCRT,
Are you saying you'd hold out on a patch for a security hole in IE because it might include a modified version of any of Microsoft's runtimes? Microsoft is notorious for being cavalier about slipping new runtimes in under the hood.
1. I followed your links and on the first page I hit I was asked to load a *signed applet*.
If you need to run a trusted applet to do the work, then you're just making the same point I was, with perhaps a bit more subtlety.
2. SWT looks like the direction the Java GUI API should have taken from the start. The other fellow who replied to my post seems to be a bit defeatist about things, and even less enthusiastic about Java's potential (even now) than I am. A bit ironic that... anyway, he seemed to put SWT down. Have you any idea why?
3. Sun released a Java browser too, early on. I used it for a while, but they never gave it the resources it would have needed to really take off, even if it could have solved the plugin problem (or, since it was written in Java, kept the plugin problem from happening by making Java applets work really quickly and smoothly... it *was* early enough to have a chance at that).
I'm not quite sure what you mean. Java has used DirectX/OpenGL as its renderer for some time now. It's simply hidden beneath the covers of the Java core libraries.
... already exist]
I think you're misunderstanding, or reading more into it than I put there.
First, I completely agree that writing code that CAN be written in Java in Java is the best approach.
First, that's calling native code. The OP was pointing out that writing code in Java solves a number of security flaws, and I agree. My point here is that this can only go so far. DirectX and OpenGL are not written in Java. Neither is the Quicktime for Java library that things like Processing use. If these libraries have bugs (like Quicktime for Java, if you've been following that), or capabilities that aren't bugs but shouldn't be exposed to untrusted code (like, well, just about anything... even an image file reader with NO security holes if you don't limit what images it's allowed to open) then you've still got to address them... you can't write them in Java.
Second, you still need to have a richer library available for trusted applications. Whether Java uses OpenGL or DirectX under the hood doesn't matter if what your application needs to do is feed in a shader program, and there's no API for it.
On another point... defeatism is "the bright side"?
On the bright side, Java wouldn't have done any better on the desktop even if had been given the perfect solution to a cross platform GUI. [Office and Netscape and
By that logic, one might as well not bother trying to write any new software... it's all been written.
If Java provided a high enough level API for enough common controls the majority of the application... including all the controls that people generally gripe about when they don't work right because they *are* the common ones people are used to... would just work. This could be a thin implementation (calling the native code fairly early on for each platform) or a thick one (duplicating the native look and feel in Java for each platform)... the application shouldn't be able to tell.
And that would have done a lot to make Java applications attractive. There have been a lot of good Java apps, I've used them myself, but when I've been able to find a more-native application... I've ended up switching away from the Java one.
Severe Tire Damage broadcasting on the old mbone isn't "internet radio", any more than daVinci's sketches were an airline industry.
You have to have native code implementation of some methods, at some point.
:)
I have to admit that I have been very impressed by the overall security of Java. The design is not inherently safe, so the implementation has to be flawless, and I was extremely skeptical of this approach... but Sun has done an excellent job of implementing the Java security model in Java itself with untrusted code running in the same fully capable virtual machine as trusted code.
This means that for untrusted code, implementing as much as possible in Java is the most secure way to go. And avoiding native OS- or application-specific extensions (like, for a recent example, animated cursors in Firefox) keeps Java from being a carrier for indirect attacks.
There are, however, some caveats:
First, for trusted code (for example, normal applications) avoiding native libraries has a potentially huge performance cost. I'm not talking so much about the overhead of Java itself, but portable OS- and application-independent code can't take advantage things like a native graphics API that's directly mapped to GPU operations. I'm sure you can call OpenGL from Java, but I would hope that you can't do it from a Java applet - so applications should perhaps not be held to such a strict regimen.
Second, one of the problems with Java as a "run anywhere" language for applications is that so much of Java is implemented in Java, emulating a Windows style user interface (I don't have a problem with Sun choosing Windows here, that's where the market is, but it does make Java less attractive to people wanting to "run anywhere".
Third, solving this problem for Java may be less useful when it comes to security than fixing the native libraries so they're secure whether they're called from Java or some other component for the display of untrusted content (like a browser).
The flip side of this last point is that implementing a good browser purely in Java would seem to be a way to avoid that problem... but the catch-22 there is the first and second problems, plus so much of the web now *depends on* plugins like Flash, media players, and even Java itself.
Which means, a full release cycle. Most enterprises (a catch-all phrase that usually maps to the largest corporate environments, involving thousands of employees) support a range of in-house and 3rd party applications, utilities and infrastructure tools. QA on a release cycle for desktops can cost hundreds of thousands of dollars in employee time and delayed projects, but to perform the release any more cavalierly can result in even more damage.
How does this differ from any other security patch? It's not because Java is ubiquitous - the components that are patched by many security fixes... particularly from companies like Microsoft and Adobe... are even more widely used. How do you roll out security fixes now? Or do you just not bother to keep up to date?
The only source for this is a throwaway line in a book about OSX saying that Apple isn't putting a TPM on the motherboard of those systems. The reason it isn't true is that Apple will be shipping Intel processor with TPMs built in.
The systems in question shipped last year. What is this "will be" business?
Ahh, right. So it was Reagan's liberal agenda behind such left-wing radicals as C. Everett Koop. But of course only liberals get taken in by the alleged links between tobacco and lung cancer, right?
The President has released statements that use fear to control people's voting beliefs, behavior, and actions. He has released statements known at the time to be false, and the press reported them as factual and even know people refuse to believe that they were false. He uses fear to control people the way a terrorist uses fear, he uses lies to control people the way a con-artist uses lies. He takes advice from companies that want him to make statements that use fear to control Congress and loosen the purse strings so he can spend our tax money on their products and services. He does this for Halliburton, Qualcomm, and others to get them contracts in Iraq, to force people who think they're being "patriotic" to support his foolish war... the war that is a scam. The "New American" religion is built on distorted readings of old religion, spawned by neoconservatives to control people and eventually control the world.
BootCamp, for example, is part of Apple's move to Trusted Computing... since they require a signed and official bootloader to go with a signed and official kernel, and the TPM hardware they put in their Intel Apple Macs.
The thing is, Apple isn't putting the TPM chip in the Mac Pro or any later Macs. And Apple has shown no signs of pushing "trusted computing" in any other way. And the business of having to have a signed bootloader sounds more like a Microsoft requirement than an Apple one. Do you mean a signed CSM? You don't need Apple's CSM to boot Windows, and it's Microsoft's bootloader that takes over after that.
Could you finish your thought, here?
Right now, in the US, when you buy a phone, you get the options dictated by the service. We have no phone transportability. Wy have mystery-meat restrictions (Sprint will cancel you if you call support "too often").
Having the options dictated by the phone manufacturer will at least give us the choice of picking a phone from a company that's forced the options we want through the carrier. That's not as good a deal as I hear you get over the pond, but it's better than we have now.