How does this tell the difference between a hardware and software fault. I have seen many systems that would bluescreen in the nvidia or ati driver but replacing the power supply with a better one would completely eliminate the crashes. From what I have seen when dealing with good hardware most crashes are actually related to things other then the drivers or windows itself. Most of them seem to be the power supply, cooling or stuff like the norton suite of software.
I still have not figured out why but I have seen people spend several thousand on motherboard, cpu, ram, video cards, hard drives etc but they will put a $40 power supply in the box and then pissed at windows, ati, nvidia, amd, intel etc etc when the system crashes fairly often. The same can be said of cooling.
The other leading cause seems to be stuff like the internet security programs. Darned if I know exactly how they do what they do but they seem to be adept at crashing computers. There are quite a lot of programs that try to hook into how windows operates, screw with drivers etc. From what I understand most of the copy protection stuff you see tries to hook into the cd, ide, etc drivers to try to enforce what it is doing. So if the system crashes does the cdrom driver get nailed or does starforce or whatever other copy protection that screwed things up get nailed? This kind of stuff is actually a good reason to stay away from the games that have almost any copy protection. It is one the reasons I like the MMO style of games. Most of them have no copy protection at all and they don't try to do weird things to windows, play with drivers etc.
So while I would like to see crappy drivers get nailed I suspect that what will end up happening is that the wrong drivers will get blamed since ati, nvidia etc will play by the rules but companies like starforce and other drm stuff won't.
That seems strange to me. I have been using debian systems for the last 5 years or so and install updates is just
apt-get update apt-get dist-upgade if you want to do it manually.
However now there is stuff like adept where you can just click the adept updater. It will download and install all updates. You even get a tray icon in kde that there are updates available and you just have to click that for the updater to install them.
When I last used redhat they also had a very easy update program. What linux dists are you using that don't have some automatic update system with notifications etc? I have never even looked at the debian security lists to watch to updates, when they are available they will be in the archives and the system will install them.
1) Okay that does seem like a good reason. They are too broad and scope and so need to be limited.
2) Hmm I did not know that Coke is a generic term or Coca Cola. At least where I live (Colorado,USA and where I used to live (Seattle, Washington). If you asked for a Coke they did not just give you any cola product. If they did not actually have Coke they would tell you they did not have it and would offer pepsi or something else instead. So at least in some areas it certainly seems to be treated as a proper name and not as a generic one. However that football example is one of the things I don't really want. Unless what he was selling was VERY clearly marked as non official so there is no way to confuse it with official merchandise I don't think it should be sold. Since if you sell something with someone elses logo on it you can damage their reputation if your product is defective in some way. If there is no doubt that it is not official in any way then I would not have a problem with it.
Basically what I want of them of trademarks is that they are a way of guarateeing who made the product. If it breaks, works well etc I want to know who actually made it so I can find/avoid it in the future. I certainly don't want to end up with an american dvd player when I am looking for a panasonic for obvious reasons.;)
Copyrights and Patents I totally agree with you on.
What is wrong with Trademarks though? I always though of trademarks as something like forcing companies to tell a limited ammount of the truth. Ie Pepsi can't make a drink and call it Coke and make it look like a coke can etc. It means that when I buy a Panasonic device that is what it is. It is not something else that anyone can just put that name on it.
I don't think that people should be able to call their products by the name of some other product and even make them look the same. It makes it far too hard to find what you are looking for if people can do that.
I can deploy on at least as many platforms as java does with python. 32bit vs 64bit makes not difference and both of them are vm based languages. Java has a better optimizer right now but I have not found that any issue in practice since the language is almost never a slow point in a program, the problems are almost always algorithmic.
Actually there are other systems that have ported across architectures very easily also. IIRC clisp programs work just fine on 32bit, 64bit, different os etc.
I know all this stuff seems revolutionary and it is nice that the software industry is paying attention to some of this stuff but it is not new. Heck most c apps for unixes have only needed a recompile to run on just about any platform out there. It is pretty easy to write architecture independent code, it is just that most people that write software should be flipping burgers instead.
My job is a programmer not a sysadmin. I just have to do sysadmin tasks also. All of our apps are written in python and are for zope. None of the systems need java in any way. Since my main job is writing custom software and I do that with zope why should I make my life harder then it has to be?
Checking once per month is also not even close to appropriate. You would have to check at least every few days. If there is an exploit you can't leave it on your servers for a month. You are just going to get nailed that way.
I have been using debian systems for about 7 years now and I have not had problems getting stuff updated during that time. Java makes things far more difficult then anything else is. I just need to keep everything running as securely as I can do it feasibly. Staying with the main archives makes that job massively simpler.
I have written some java apps in the past and I don't see a need for me doing it again in the future. It is an interesting language but I don't like it. None of our customers care what the stuff is written with so long as it works and python and zope have worked extremely well for us.
I don't do custom kernels on servers either at least not in many years now. I need the stuff to work correctly not play around with it like some kind of toy.
If sun wants me to have java installed on machines then they can make it so the license is compatible with the various linux dists so it can go into their archives. Until that happens I don't see the point in even trying to use it. It is not like it is a vastly better language then anything else out there. Heck it is not even as good as many languages out there. It has a lot of support and lots of people use it neither of which is a selling point for me.
Actually that java is not in the main archives of debian is precisely the reason that I don't use it since it is a pain. It not just a pain to install but it is a pain to keep it updated. Why should I have to track down updates manually for java? I can run kde, zope, python, perl, etc etc and trivially keep it all updated.
Heck when I go to look for solutions to a problem I check the debian main archives, if there is a solution in there I will use that one first and will only abandon it if it does not work well enough. That there is something else outside the archives that is marginally better it not enough of a reason to use it since then I have to keep track of updates manually.
This is about being able to maintain the desktops and servers a lot more feasibly. If you have to go out manually and keep track of x different programs that are outside of the regular update mechanism then you have x more chances to screw up. If just wants java to be used more then they should play with the systems that already exist. There is no shortage of people willing to package java, the stumbling block is on sun's end. I use python for all of my work but if I have to choose between c# and java my choice will be c# because mono is trivial to install and keep updated.
getElementById confuses name and id. If you have an item with a name that is the same as the id you are looking for if the name was defined first then opera will return that. That is flat out broken behavior and it was copied from IE and it is still broken in Opera 9. http://www.gtalbot.org/BrowserBugsSection/Opera9Bu gs/ Look at bug 17 for the example.
That is the reason why neither opera or IE are supported for our more advanced editing interfaces. It just takes too much money to code around the bugs in those browers compared to the customers just downloading firefox, safari, konqueror etc. We have even given them a choice and they preferred to just download firefox.
There has been a pure 64bit linux since linux was ported to the alpha. For about 10 years now you could get a pure 64bit linux. The distros for x86-64 are mostly pure 64bit. The 32bit code they have is proprietary stuff that does not have a 64bit version and the 32bit support libraries since x86-64 can run 32bit code and 64bit code side by side.
The java virtual machine I think can use the noexec bit as a security feature which x86-64 has. Windows XP 64 and the various linux distros also use noexec on x86-64 processors. So you get some security advantages on those processors.
However any x86 program that is recompiled for x86-64 gets at least some benefit of the newer things on the chip. Mostly x86-64 has more registers then x86 does which speeds up programs by around 10-30% on average from what I have see. So even if you don't need the larger memory space going to x86-64 from x86 has a heck of a lot of benefits.
There are other things that help also like for video editing software. There are a lot of kludges you need to do in software to work with files larger then 4gb in size because of address space issues. Even though you may not need 4gigs of ram if you use a 64bit computer it makes the code simpler and simpler code is far less likely to break.
There are applications that people do use computers for that can use 64bit features right now. Rendering, video editing, software developement, database development, cad work etc. Just because they are not things you do does not mean that there are not a heck of a lot of people that do those things.
Not all the frameworks are equivalent though. Feel free to look around but I don't think you will find anything that has the security capabilities that zope does. I have looked a lot and I have not found squat with the security capabilities of zope. If you determine that you need those capabilities then you have to use python since that is what zope uses. However you can probably find other stuff written only in ruby, perl, php etc that does something else you need. Trying to do it all in one framework will range from infeasible to workable depending on what your requirements are.
If your people want to use other tools then they should be able to explain the why to you and use those tools if they make more financial sense then using other tools. Sure I could probably make ruby on rails do the security things that zope will do for me with a few minutes of work but I don't have a year to add those features to it and there is no way to justify it.
On windows my experience is that if you do that then all kinds of apps draw incorrectly with text drawing outside buttons, etc etc. Under linux I have not even had to set the displaysize in a year or so. It figures it out on its one and I can take an 8pt font and put a ruler up to the screen and check it. I use kde as my desktop and have had no problems of any kind with it running under all kinds of dpi settings. It seems like windows is hard pixel coded but kde/qt at least seems to be resolution independent.
So would that be similar to a footnote and endnote bug that has existed since word 2.0 through word 2000 at least? I know it has been reported many times and I have even found documentation on it on the ms web site at one point.
My point is that I have run into exactly that same problem with proprietary software. By your logic since ms is a proprietary software company and they have obligations to users and would have fixed the bug but that is not the case.
How about the IE rendering engine? I am not sure it is possible to end up any buggier then it has been. Look up things like the "peekaboo" bug in IE and see how long they have been in there and reported and still not fixed.
Go play a massive multiplayer game some time and see some of the bugs that have been in those games for years. You pay a monthly fee to play those games and many of them are very buggy and rarely do the bugs get fixed unless they are so bad that they stop people from playing.
You are holding open source software up to a standard that proprietary software does not meet either. I don't know why you are assuming that proprietary vendors actually do care that much about their customers and fix all of these issues but my experience has been that when I report bugs they are far more likely to get fixed in a free software project then a proprietary one. That is not to say that all of them are fixed, just that I have had a higher percentage fixed in free software.
I have been using free software for a long time also. Actually my business could not run without it. I challenge you to find another web app server that has even close to as good of a security system as zope does. I have looked very carefully and it is the finest grained I have ever run across. It is stable, fast, secure and easy for me to add new features to.
There are many excellent pieces of free software that I use every day that don't even have closed source equivalents. Python is a very good free software project and I have not run into any other closed source equivelent that is even close to as productive for me. A big one would be kde. I don't know of anything even close to that for the kinds of things that I do. The KDE io slave system means that from any app I use I can open and save to almost any kind of resource possible. So I can use sftp to open a file remotely in my editor and then just save it all transparently. However that is not all that kde has to offer, kde has a great component system. I configure spell check ONCE for all my apps, I configure how my editor functions ONCE, I configure proxy settings ONCE etc etc. These items are reused all over the system and no other environment I have run into so far can do that.
Koffice is also an excellent piece of software. For what I need an office suite for I don't care about word compatibility and I don't need a huge list of features. I just need to be able to make documents and turn them into pdf files and it does a very good job at that and with very low overhead.
If you don't see any good free software out there then the problem is with your outlook now with the software. People that don't think something exists can't see it no matter how much evidence is given.
So far in my business I have not ONCE ran into this problem and I have been doing this for about 6 years. One of the early rules we adopted is that closed source is NEVER allowed to be used for anything important. So you can have a closed source browser to do some testing or a closed source pdf reader to check how it renders something but if those apps should break for any reason then all you lose is a compatibility test and no work of any kind.
Actually we try to use python as much as possible and failing that we tend to use things that are done in c that are well supported enough that I can just recompile them however that has not been an issue.
When you install software that your business relies on you have to think about the consequences of doing so. If you rely on something closed source and it goes away or dictates that you have to change in a certain way then you don't have many choices. By the same arguement if you use a free software project and the project goes away etc you have to deal with that also.
If you replace glibc then you have upgraded the os for all intents and purposes. However you have upgraded it to a version that no vendor on the planet will support without a very large sum to do it. You are running a completely custom os that is just not out there anywhere else.
If you get to the point of needing to update glibc and you are not running debian or gentoo based distributions then you just upgrade to a newer version of the dist after testing it of course.
Well if I ever needed a reason not to fly in or out of israel you just solved it for me. I already fly as a method of travel of last resort. It takes far too much time already to get somewhere and it just ends up easier not to travel and do things electronically. For example flying home for christmas it will be a 3 hour flight. However it will cost me about 2 hours on each end just to deal with the dang airport.
Actually the security people in the airport worry me more then before they where there.
I want to see the airplane problem solved by taking away the entire motive. Rip out the ENTIRE cockpit and have the plane flown on autopilot from takeoff to landing. Work on the technology needed to make it work and put the computers needed to do it somewhere that can not be accessed in flight by any means. No remote access either. You program the plane to take off, flight to the destination and land. At that point you won't have terrorist attacks anymore since there is no way to negotiate. The worse they can do is just blow up the plane. They can't ram it into a building, they can't take it somewhere to get hostages released and they can't threaten the pilots in any way.
I don't want to go after symptoms and just make the whole experience more and more annoying to those that use it. The airline industry is having a problem in that more people are just choosing not to fly and a large part of that reason is how annoying it is to deal with. Just fix the dang problem by making it so that planes can not be abused.
However until we can make the computers fly the plane seperate the cockpit. Put plate steel or something over the door and add another door to the aircarft on the outside.
Well my experience going into ebgames, compusa etc is that they will not sell games that are rated older then you are to you and if you look like a parent they will tell you that the game you are getting is not intended for children, not intended for people under the age of 13 etc depending on the rating.
If your child gets one of these games then an adult bought it for them and ignored what the store told them. I have been in a store more then a few times when some 10 year old or so kept asking their mother for a rated M game and even though the store clerk told her it was very violent, not for kids etc she bought if for her son anyways. It seems to me that it is her fault the kid has the game not the stores fault.
Given my experience with hardware that follows a common spec compared to those that need their own drivers I prefer the ones that follow a common spec. I can print to a postscript printer without anything but a general postscript driver instead of a device specific driver. I would prefer that the driver was part of the device and it just presented a common interface to the os. You would flash the device or something like that if the driver had to be updated but the os would not have a specific driver per se. Just like at one point we could just use vesa to connect to a video card and not a video card specific driver. Now a days it seems that the video card could just have an opengl and directx interface as part of the card, a sound card could do openal or something like that and so on and so forth. We actually have this kind of thing for a lot of other devices. Look at the usb situation where we have 3 drivers total to run all ofthem (ehci, uhci, ohci). Or how about SATA where is there is a spec now for that, or usb mass storage devices etc. I can install a zip drive, fuji camera, usb flash drive etc with no drivers at all.
Putting a custom driver for every hardware type into the os is just a larger waste of time. You have a lot more software that has to be written and debugged on all sides. Putting the driver in the hardware and presenting a common interface or set of interfaces to the os would make it easier for people like ati and nvidia since they would not have anything to protect. They don't need to provide jack for documenation other then how to send the opengl, directx etc commands to it.
I run a quad monitor kde setup. KDE actually worked with xinerama far before gnome ever did. As long as the multiple monitors work in X then there should be no problems with KDE at all. I also have a dual head setup in another room that is also running kde. My main desktop has a radeon x850 and radeon 9200 in it to run 4 monitors.
How about this for usability. Open up konqueror to any kind of remote resource you want ie sftp, ftp,webdav, etc and then drag one of those files to a file upload control in a webpage in konqueror and hit submit the form. KDE will appropriately download the file from the remote resource and upload it to the website. KDE makes drag and drop really work transparently. If you try the same thing in windows in any browser I tested (firefox, opera and IE) it loads the item you drag onto the file upload control. If you try it on firefox, opera etc on linux it does not do anything at all.
Yeah gnome looks a little simpler but looks don't count for much and I have helped customers actually get their jobs done faster and easier using the ioslave system in kde. I just don't want to waste time using gnome, windows, macs etc to get my work done when all of them will cost me more time with their "easier" systems and make my job harder to actually get done.
Well I am sure that the people that build homes are aware of the risks of the windows, doors, walls etc and how easy it is to break through them. Yet they have chosen not to address those issues. I guess we should make them responsible for that by your logic.
I write software for a living and I have to deal with what customers will pay and all the tradeoffs involved. I tell them that doing something in a certain way will cause a certain type of security problem and that to avoid that problem the solution needs to be more complex. They choose not to pay what it takes to do it right and so they have to live with the security problem. Sure I know about the issues and sure I could fix it but it is not justified. Your home was not build to fort knox standards and you would not pay even the raw material costs if it was so why should software be different.
Making software secure against all the various ways it can be abused is very difficult and time consuming. Why should I spend 9 months or more writing something when a customer is only willing to pay for 2 weeks of time? I tell them the risk and they decide what it is worth to them just the way that you choose your house, car etc. If you want a safer car you pay a lot more for it, if you want a safer house you pay more, if you want more secure software you pay more for it the same way. I feel that so long as I tell my clients the major security tradeoffs that I can see in what they ask for that it is their decision on what they want to be done. I try to take all reasonable security precautions and use tools that are less susceptible to security mistakes but there is a limit to what you can do.
Windows is usually easy to install video drivers for but sometimes it suck beyond the ability to describe. I have Windows 2000 on a box that has an X850 and a radeon 9200 in it. In order to update a video driver you have to uninstall the old one first. However for some reason even when I tell both cards to use the vga driver before I reboot it won't come up. The display just won't initialize. I have then tried using the safe mode system to enable vga mode that way and it also won't work. In order for the system to bring one of the video devices back up I have to physically remove one of the video cards from the system and then I can get a gui and update the video driver. Then I can put the other card back in and the system will work.
I have to do the same process when installing windows on the box. I can have only one video card in the box or I can't get a gui to come up. Under linux the whole thing just worked transparently. I run a quad head setup and I did have to setup an x.org config file, well actually it detected just about everything but I had to change the arrangement of the heads. However I can update the driver by just updating x.org and I don't have to screw with removing a card physically from the box to get things to work again.
Sure windows can normally work fairly well but if you want to see some truly screwed up problems try putting it in a strange hardware config. Try putting a whole bunch of video cards in a box, multiple sound cards etc.
For my hardware setufp and what I do for work linux is vastly easier for me to get working and keep working.
Also before you blame ATI for the problem remember the problem only occurs when there is NO ATI software installed, once I get their software installed it all works. I have also run into the same issues with nvidia, matrox etc. It is a windows problem.
Reality does not have to be fair. It is easier to install mono then the sun jvm or any other jvm for that matter and so it will get used more and depended on more. It comes down to the path of least resistance and people will tend to use c,c++,perl,python,ruby as first choices, mono stuff as a second and java farther out mostly because of how easy it is to install that stuff and how standard it is.
I know when writing python software when I need something outside the standard lib the first place I look is the debian package archives. If there is a package in the archive that can do what I need then it will get the first shot at me using it, if it works without problems I won't look further. The reason is simple I have a lot of work to get done and not enough time to do it all and if something works and was easier for me to get working then why look further especially if it got the job done?
Java has that problem, it takes a lot more effort to use it then to use something else that will still get the job done.
I have to admit I would probably make the same choice. Happily I don't have to since I get my work done with python just fine. The problem is that getting java installed on any unix is a pain in the neck and it is far harder on linux then other software is. I use debian and to install mono I can just do apt-get install mono but for various license issues with sun you can't do java the same way.
Most other distributions make it very easy to install mono also, I think it is in the main archives of almost everyone except for redhat but java is not really in any of them because of some license thing. So if I where to develop with c# I could do it easily on just about any linux and it would be trivially easy to install, java does not have that at this point and sun could easily change that.
Python and Perl gain a lot of advantage from them being base utilities in just about every linux distribution. I can make a program to run on linux and have it use python or perl and you would be hard pressed to find a dist that did not have those installed. However this works in a circle, since they are always there more stuff is written to use them and since more stuff uses them it becomes more likely that it will be there.
Java has the exact opposite problem under linux. Since it is hard to install not many people write for it and so there is not much demand for it to be installed... so not many people write for it. Sun is the only one that can fix that problem and so far they have not shown much interest in it that I can see.
Unless microsoft uses some legal thing to kill mono it is likely that mono will win out in the end. If microsoft is just willing to wait the odds are in the end that the clr will become the defacto standard since they can enforce that on windows and sun is enforcing that on linux although that is not their intent.
I have to agree with the other entertainment aspect. When I go to watch a movie it is because I think it will be more entertaining for 2 hours then 2 hours of x-men legends 2, everquest, empire earth etc. Honestly it takes a darn good movie to compete with those for every 2 hours when I could just wait for it to come out on dvd. Heck it has to be pretty decent for me to even bother to rent it on dvd.
TV has already lost out for me. I have not watched tv in about 3 years now but I do sometimes pick up dvds for the series that are interesting to me. (rent first and then buy) These massive game worlds are just more interesting and fun then more passive forms of entertainment. Recently I have been looking at eve online also and while I won't quit everquest for it the game looks very impressive and seems to be very deep. My point is that new mmo games are coming out all the time now and on average they are getting to be better games. Why would you go watch tv or a movie when you could be a wizard, space ship captain etc and have a lot of fun doing it?
Slashdot Mirror
How does this tell the difference between a hardware and software fault. I have seen many systems that would bluescreen in the nvidia or ati driver but replacing the power supply with a better one would completely eliminate the crashes. From what I have seen when dealing with good hardware most crashes are actually related to things other then the drivers or windows itself. Most of them seem to be the power supply, cooling or stuff like the norton suite of software.
I still have not figured out why but I have seen people spend several thousand on motherboard, cpu, ram, video cards, hard drives etc but they will put a $40 power supply in the box and then pissed at windows, ati, nvidia, amd, intel etc etc when the system crashes fairly often. The same can be said of cooling.
The other leading cause seems to be stuff like the internet security programs. Darned if I know exactly how they do what they do but they seem to be adept at crashing computers. There are quite a lot of programs that try to hook into how windows operates, screw with drivers etc. From what I understand most of the copy protection stuff you see tries to hook into the cd, ide, etc drivers to try to enforce what it is doing. So if the system crashes does the cdrom driver get nailed or does starforce or whatever other copy protection that screwed things up get nailed? This kind of stuff is actually a good reason to stay away from the games that have almost any copy protection. It is one the reasons I like the MMO style of games. Most of them have no copy protection at all and they don't try to do weird things to windows, play with drivers etc.
So while I would like to see crappy drivers get nailed I suspect that what will end up happening is that the wrong drivers will get blamed since ati, nvidia etc will play by the rules but companies like starforce and other drm stuff won't.
That seems strange to me. I have been using debian systems for the last 5 years or so and install updates is just
apt-get update apt-get dist-upgade if you want to do it manually.
However now there is stuff like adept where you can just click the adept updater. It will download and install all updates. You even get a tray icon in kde that there are updates available and you just have to click that for the updater to install them.
When I last used redhat they also had a very easy update program. What linux dists are you using that don't have some automatic update system with notifications etc? I have never even looked at the debian security lists to watch to updates, when they are available they will be in the archives and the system will install them.
1) Okay that does seem like a good reason. They are too broad and scope and so need to be limited.
;)
2) Hmm I did not know that Coke is a generic term or Coca Cola. At least where I live (Colorado,USA and where I used to live (Seattle, Washington). If you asked for a Coke they did not just give you any cola product. If they did not actually have Coke they would tell you they did not have it and would offer pepsi or something else instead. So at least in some areas it certainly seems to be treated as a proper name and not as a generic one. However that football example is one of the things I don't really want. Unless what he was selling was VERY clearly marked as non official so there is no way to confuse it with official merchandise I don't think it should be sold. Since if you sell something with someone elses logo on it you can damage their reputation if your product is defective in some way. If there is no doubt that it is not official in any way then I would not have a problem with it.
Basically what I want of them of trademarks is that they are a way of guarateeing who made the product. If it breaks, works well etc I want to know who actually made it so I can find/avoid it in the future. I certainly don't want to end up with an american dvd player when I am looking for a panasonic for obvious reasons.
Copyrights and Patents I totally agree with you on.
What is wrong with Trademarks though? I always though of trademarks as something like forcing companies to tell a limited ammount of the truth. Ie Pepsi can't make a drink and call it Coke and make it look like a coke can etc. It means that when I buy a Panasonic device that is what it is. It is not something else that anyone can just put that name on it.
I don't think that people should be able to call their products by the name of some other product and even make them look the same. It makes it far too hard to find what you are looking for if people can do that.
I can deploy on at least as many platforms as java does with python. 32bit vs 64bit makes not difference and both of them are vm based languages. Java has a better optimizer right now but I have not found that any issue in practice since the language is almost never a slow point in a program, the problems are almost always algorithmic.
Actually there are other systems that have ported across architectures very easily also. IIRC clisp programs work just fine on 32bit, 64bit, different os etc.
I know all this stuff seems revolutionary and it is nice that the software industry is paying attention to some of this stuff but it is not new. Heck most c apps for unixes have only needed a recompile to run on just about any platform out there. It is pretty easy to write architecture independent code, it is just that most people that write software should be flipping burgers instead.
My job is a programmer not a sysadmin. I just have to do sysadmin tasks also. All of our apps are written in python and are for zope. None of the systems need java in any way. Since my main job is writing custom software and I do that with zope why should I make my life harder then it has to be?
Checking once per month is also not even close to appropriate. You would have to check at least every few days. If there is an exploit you can't leave it on your servers for a month. You are just going to get nailed that way.
I have been using debian systems for about 7 years now and I have not had problems getting stuff updated during that time. Java makes things far more difficult then anything else is. I just need to keep everything running as securely as I can do it feasibly. Staying with the main archives makes that job massively simpler.
I have written some java apps in the past and I don't see a need for me doing it again in the future. It is an interesting language but I don't like it. None of our customers care what the stuff is written with so long as it works and python and zope have worked extremely well for us.
I don't do custom kernels on servers either at least not in many years now. I need the stuff to work correctly not play around with it like some kind of toy.
If sun wants me to have java installed on machines then they can make it so the license is compatible with the various linux dists so it can go into their archives. Until that happens I don't see the point in even trying to use it. It is not like it is a vastly better language then anything else out there. Heck it is not even as good as many languages out there. It has a lot of support and lots of people use it neither of which is a selling point for me.
Actually that java is not in the main archives of debian is precisely the reason that I don't use it since it is a pain. It not just a pain to install but it is a pain to keep it updated. Why should I have to track down updates manually for java? I can run kde, zope, python, perl, etc etc and trivially keep it all updated.
Heck when I go to look for solutions to a problem I check the debian main archives, if there is a solution in there I will use that one first and will only abandon it if it does not work well enough. That there is something else outside the archives that is marginally better it not enough of a reason to use it since then I have to keep track of updates manually.
This is about being able to maintain the desktops and servers a lot more feasibly. If you have to go out manually and keep track of x different programs that are outside of the regular update mechanism then you have x more chances to screw up. If just wants java to be used more then they should play with the systems that already exist. There is no shortage of people willing to package java, the stumbling block is on sun's end. I use python for all of my work but if I have to choose between c# and java my choice will be c# because mono is trivial to install and keep updated.
I am sorry but opera does have broken javascript.
u gs/ Look at bug 17 for the example.
getElementById confuses name and id. If you have an item with a name that is the same as the id you are looking for if the name was defined first then opera will return that. That is flat out broken behavior and it was copied from IE and it is still broken in Opera 9. http://www.gtalbot.org/BrowserBugsSection/Opera9B
That is the reason why neither opera or IE are supported for our more advanced editing interfaces. It just takes too much money to code around the bugs in those browers compared to the customers just downloading firefox, safari, konqueror etc. We have even given them a choice and they preferred to just download firefox.
There has been a pure 64bit linux since linux was ported to the alpha. For about 10 years now you could get a pure 64bit linux. The distros for x86-64 are mostly pure 64bit. The 32bit code they have is proprietary stuff that does not have a 64bit version and the 32bit support libraries since x86-64 can run 32bit code and 64bit code side by side.
The java virtual machine I think can use the noexec bit as a security feature which x86-64 has. Windows XP 64 and the various linux distros also use noexec on x86-64 processors. So you get some security advantages on those processors.
However any x86 program that is recompiled for x86-64 gets at least some benefit of the newer things on the chip. Mostly x86-64 has more registers then x86 does which speeds up programs by around 10-30% on average from what I have see. So even if you don't need the larger memory space going to x86-64 from x86 has a heck of a lot of benefits.
There are other things that help also like for video editing software. There are a lot of kludges you need to do in software to work with files larger then 4gb in size because of address space issues. Even though you may not need 4gigs of ram if you use a 64bit computer it makes the code simpler and simpler code is far less likely to break.
There are applications that people do use computers for that can use 64bit features right now. Rendering, video editing, software developement, database development, cad work etc. Just because they are not things you do does not mean that there are not a heck of a lot of people that do those things.
Not all the frameworks are equivalent though. Feel free to look around but I don't think you will find anything that has the security capabilities that zope does. I have looked a lot and I have not found squat with the security capabilities of zope. If you determine that you need those capabilities then you have to use python since that is what zope uses. However you can probably find other stuff written only in ruby, perl, php etc that does something else you need. Trying to do it all in one framework will range from infeasible to workable depending on what your requirements are.
If your people want to use other tools then they should be able to explain the why to you and use those tools if they make more financial sense then using other tools. Sure I could probably make ruby on rails do the security things that zope will do for me with a few minutes of work but I don't have a year to add those features to it and there is no way to justify it.
On windows my experience is that if you do that then all kinds of apps draw incorrectly with text drawing outside buttons, etc etc. Under linux I have not even had to set the displaysize in a year or so. It figures it out on its one and I can take an 8pt font and put a ruler up to the screen and check it. I use kde as my desktop and have had no problems of any kind with it running under all kinds of dpi settings. It seems like windows is hard pixel coded but kde/qt at least seems to be resolution independent.
So would that be similar to a footnote and endnote bug that has existed since word 2.0 through word 2000 at least? I know it has been reported many times and I have even found documentation on it on the ms web site at one point.
My point is that I have run into exactly that same problem with proprietary software. By your logic since ms is a proprietary software company and they have obligations to users and would have fixed the bug but that is not the case.
How about the IE rendering engine? I am not sure it is possible to end up any buggier then it has been. Look up things like the "peekaboo" bug in IE and see how long they have been in there and reported and still not fixed.
Go play a massive multiplayer game some time and see some of the bugs that have been in those games for years. You pay a monthly fee to play those games and many of them are very buggy and rarely do the bugs get fixed unless they are so bad that they stop people from playing.
You are holding open source software up to a standard that proprietary software does not meet either. I don't know why you are assuming that proprietary vendors actually do care that much about their customers and fix all of these issues but my experience has been that when I report bugs they are far more likely to get fixed in a free software project then a proprietary one. That is not to say that all of them are fixed, just that I have had a higher percentage fixed in free software.
I have been using free software for a long time also. Actually my business could not run without it. I challenge you to find another web app server that has even close to as good of a security system as zope does. I have looked very carefully and it is the finest grained I have ever run across. It is stable, fast, secure and easy for me to add new features to.
There are many excellent pieces of free software that I use every day that don't even have closed source equivalents. Python is a very good free software project and I have not run into any other closed source equivelent that is even close to as productive for me. A big one would be kde. I don't know of anything even close to that for the kinds of things that I do. The KDE io slave system means that from any app I use I can open and save to almost any kind of resource possible. So I can use sftp to open a file remotely in my editor and then just save it all transparently. However that is not all that kde has to offer, kde has a great component system. I configure spell check ONCE for all my apps, I configure how my editor functions ONCE, I configure proxy settings ONCE etc etc. These items are reused all over the system and no other environment I have run into so far can do that.
Koffice is also an excellent piece of software. For what I need an office suite for I don't care about word compatibility and I don't need a huge list of features. I just need to be able to make documents and turn them into pdf files and it does a very good job at that and with very low overhead.
If you don't see any good free software out there then the problem is with your outlook now with the software. People that don't think something exists can't see it no matter how much evidence is given.
So far in my business I have not ONCE ran into this problem and I have been doing this for about 6 years. One of the early rules we adopted is that closed source is NEVER allowed to be used for anything important. So you can have a closed source browser to do some testing or a closed source pdf reader to check how it renders something but if those apps should break for any reason then all you lose is a compatibility test and no work of any kind.
Actually we try to use python as much as possible and failing that we tend to use things that are done in c that are well supported enough that I can just recompile them however that has not been an issue.
When you install software that your business relies on you have to think about the consequences of doing so. If you rely on something closed source and it goes away or dictates that you have to change in a certain way then you don't have many choices. By the same arguement if you use a free software project and the project goes away etc you have to deal with that also.
If you replace glibc then you have upgraded the os for all intents and purposes. However you have upgraded it to a version that no vendor on the planet will support without a very large sum to do it. You are running a completely custom os that is just not out there anywhere else.
If you get to the point of needing to update glibc and you are not running debian or gentoo based distributions then you just upgrade to a newer version of the dist after testing it of course.
Well if I ever needed a reason not to fly in or out of israel you just solved it for me. I already fly as a method of travel of last resort. It takes far too much time already to get somewhere and it just ends up easier not to travel and do things electronically. For example flying home for christmas it will be a 3 hour flight. However it will cost me about 2 hours on each end just to deal with the dang airport.
Actually the security people in the airport worry me more then before they where there.
I want to see the airplane problem solved by taking away the entire motive. Rip out the ENTIRE cockpit and have the plane flown on autopilot from takeoff to landing. Work on the technology needed to make it work and put the computers needed to do it somewhere that can not be accessed in flight by any means. No remote access either. You program the plane to take off, flight to the destination and land. At that point you won't have terrorist attacks anymore since there is no way to negotiate. The worse they can do is just blow up the plane. They can't ram it into a building, they can't take it somewhere to get hostages released and they can't threaten the pilots in any way.
I don't want to go after symptoms and just make the whole experience more and more annoying to those that use it. The airline industry is having a problem in that more people are just choosing not to fly and a large part of that reason is how annoying it is to deal with. Just fix the dang problem by making it so that planes can not be abused.
However until we can make the computers fly the plane seperate the cockpit. Put plate steel or something over the door and add another door to the aircarft on the outside.
Well my experience going into ebgames, compusa etc is that they will not sell games that are rated older then you are to you and if you look like a parent they will tell you that the game you are getting is not intended for children, not intended for people under the age of 13 etc depending on the rating.
If your child gets one of these games then an adult bought it for them and ignored what the store told them. I have been in a store more then a few times when some 10 year old or so kept asking their mother for a rated M game and even though the store clerk told her it was very violent, not for kids etc she bought if for her son anyways. It seems to me that it is her fault the kid has the game not the stores fault.
Given my experience with hardware that follows a common spec compared to those that need their own drivers I prefer the ones that follow a common spec. I can print to a postscript printer without anything but a general postscript driver instead of a device specific driver. I would prefer that the driver was part of the device and it just presented a common interface to the os. You would flash the device or something like that if the driver had to be updated but the os would not have a specific driver per se. Just like at one point we could just use vesa to connect to a video card and not a video card specific driver. Now a days it seems that the video card could just have an opengl and directx interface as part of the card, a sound card could do openal or something like that and so on and so forth. We actually have this kind of thing for a lot of other devices. Look at the usb situation where we have 3 drivers total to run all ofthem (ehci, uhci, ohci). Or how about SATA where is there is a spec now for that, or usb mass storage devices etc. I can install a zip drive, fuji camera, usb flash drive etc with no drivers at all.
Putting a custom driver for every hardware type into the os is just a larger waste of time. You have a lot more software that has to be written and debugged on all sides. Putting the driver in the hardware and presenting a common interface or set of interfaces to the os would make it easier for people like ati and nvidia since they would not have anything to protect. They don't need to provide jack for documenation other then how to send the opengl, directx etc commands to it.
I run a quad monitor kde setup. KDE actually worked with xinerama far before gnome ever did. As long as the multiple monitors work in X then there should be no problems with KDE at all. I also have a dual head setup in another room that is also running kde. My main desktop has a radeon x850 and radeon 9200 in it to run 4 monitors.
How about this for usability. Open up konqueror to any kind of remote resource you want ie sftp, ftp,webdav, etc and then drag one of those files to a file upload control in a webpage in konqueror and hit submit the form. KDE will appropriately download the file from the remote resource and upload it to the website. KDE makes drag and drop really work transparently. If you try the same thing in windows in any browser I tested (firefox, opera and IE) it loads the item you drag onto the file upload control. If you try it on firefox, opera etc on linux it does not do anything at all.
Yeah gnome looks a little simpler but looks don't count for much and I have helped customers actually get their jobs done faster and easier using the ioslave system in kde. I just don't want to waste time using gnome, windows, macs etc to get my work done when all of them will cost me more time with their "easier" systems and make my job harder to actually get done.
Well I am sure that the people that build homes are aware of the risks of the windows, doors, walls etc and how easy it is to break through them. Yet they have chosen not to address those issues. I guess we should make them responsible for that by your logic.
I write software for a living and I have to deal with what customers will pay and all the tradeoffs involved. I tell them that doing something in a certain way will cause a certain type of security problem and that to avoid that problem the solution needs to be more complex. They choose not to pay what it takes to do it right and so they have to live with the security problem. Sure I know about the issues and sure I could fix it but it is not justified. Your home was not build to fort knox standards and you would not pay even the raw material costs if it was so why should software be different.
Making software secure against all the various ways it can be abused is very difficult and time consuming. Why should I spend 9 months or more writing something when a customer is only willing to pay for 2 weeks of time? I tell them the risk and they decide what it is worth to them just the way that you choose your house, car etc. If you want a safer car you pay a lot more for it, if you want a safer house you pay more, if you want more secure software you pay more for it the same way. I feel that so long as I tell my clients the major security tradeoffs that I can see in what they ask for that it is their decision on what they want to be done. I try to take all reasonable security precautions and use tools that are less susceptible to security mistakes but there is a limit to what you can do.
Windows is usually easy to install video drivers for but sometimes it suck beyond the ability to describe. I have Windows 2000 on a box that has an X850 and a radeon 9200 in it. In order to update a video driver you have to uninstall the old one first. However for some reason even when I tell both cards to use the vga driver before I reboot it won't come up. The display just won't initialize. I have then tried using the safe mode system to enable vga mode that way and it also won't work. In order for the system to bring one of the video devices back up I have to physically remove one of the video cards from the system and then I can get a gui and update the video driver. Then I can put the other card back in and the system will work.
I have to do the same process when installing windows on the box. I can have only one video card in the box or I can't get a gui to come up. Under linux the whole thing just worked transparently. I run a quad head setup and I did have to setup an x.org config file, well actually it detected just about everything but I had to change the arrangement of the heads. However I can update the driver by just updating x.org and I don't have to screw with removing a card physically from the box to get things to work again.
Sure windows can normally work fairly well but if you want to see some truly screwed up problems try putting it in a strange hardware config. Try putting a whole bunch of video cards in a box, multiple sound cards etc.
For my hardware setufp and what I do for work linux is vastly easier for me to get working and keep working.
Also before you blame ATI for the problem remember the problem only occurs when there is NO ATI software installed, once I get their software installed it all works. I have also run into the same issues with nvidia, matrox etc. It is a windows problem.
Reality does not have to be fair. It is easier to install mono then the sun jvm or any other jvm for that matter and so it will get used more and depended on more. It comes down to the path of least resistance and people will tend to use c,c++,perl,python,ruby as first choices, mono stuff as a second and java farther out mostly because of how easy it is to install that stuff and how standard it is.
I know when writing python software when I need something outside the standard lib the first place I look is the debian package archives. If there is a package in the archive that can do what I need then it will get the first shot at me using it, if it works without problems I won't look further. The reason is simple I have a lot of work to get done and not enough time to do it all and if something works and was easier for me to get working then why look further especially if it got the job done?
Java has that problem, it takes a lot more effort to use it then to use something else that will still get the job done.
I have to admit I would probably make the same choice. Happily I don't have to since I get my work done with python just fine. The problem is that getting java installed on any unix is a pain in the neck and it is far harder on linux then other software is. I use debian and to install mono I can just do apt-get install mono but for various license issues with sun you can't do java the same way.
... so not many people write for it. Sun is the only one that can fix that problem and so far they have not shown much interest in it that I can see.
Most other distributions make it very easy to install mono also, I think it is in the main archives of almost everyone except for redhat but java is not really in any of them because of some license thing. So if I where to develop with c# I could do it easily on just about any linux and it would be trivially easy to install, java does not have that at this point and sun could easily change that.
Python and Perl gain a lot of advantage from them being base utilities in just about every linux distribution. I can make a program to run on linux and have it use python or perl and you would be hard pressed to find a dist that did not have those installed. However this works in a circle, since they are always there more stuff is written to use them and since more stuff uses them it becomes more likely that it will be there.
Java has the exact opposite problem under linux. Since it is hard to install not many people write for it and so there is not much demand for it to be installed
Unless microsoft uses some legal thing to kill mono it is likely that mono will win out in the end. If microsoft is just willing to wait the odds are in the end that the clr will become the defacto standard since they can enforce that on windows and sun is enforcing that on linux although that is not their intent.
I have to agree with the other entertainment aspect. When I go to watch a movie it is because I think it will be more entertaining for 2 hours then 2 hours of x-men legends 2, everquest, empire earth etc. Honestly it takes a darn good movie to compete with those for every 2 hours when I could just wait for it to come out on dvd. Heck it has to be pretty decent for me to even bother to rent it on dvd.
TV has already lost out for me. I have not watched tv in about 3 years now but I do sometimes pick up dvds for the series that are interesting to me. (rent first and then buy) These massive game worlds are just more interesting and fun then more passive forms of entertainment. Recently I have been looking at eve online also and while I won't quit everquest for it the game looks very impressive and seems to be very deep. My point is that new mmo games are coming out all the time now and on average they are getting to be better games. Why would you go watch tv or a movie when you could be a wizard, space ship captain etc and have a lot of fun doing it?