I wish I hadn't used all my moderator points already. Oh well, at least I get to post instead.
You make a very, very good point. Isn't there a way the Linux and *BSD kernel could be patched to disallow execution from a stack? I know there's plenty of memory protection and such in there, so can't we put in one more layer of protection?
Even if such a fix required patching of a large number of utilities, I'm sure it would be worth it!
This is something I have needed desperately in the past and had to create a hacked-up solution to achieve the correct results.
This is how it could work.
synchronized(obj) { } else { }
If the lock can't be acquired immediately, the "else" clause would be executed instead. This would have to be implemented at the VM level. Perhaps "else" is not the best keyword, but other languages stretch the syntax in similar ways.
With all of the battle surrounding Java of late, however, it seems that we may have to wait a very long time before we'll see this kind of change. I've been branching to other languages lately...
- No cookies at all. - Very reliable. Session state is retained without problems. - Works even in Lynx.
Cons:
- Search engines record the URL with the session ID. Although the session ID is invalid after only a short time, it's quite ugly. - When people would try to tell each other what URL to visit, they would try to pronounce the session ID. - Absolute links always cause the browser to ignore the ID. Solution: dynamic HTML or no absolute links. - The browser reveals the session ID to other sites when the user follows a link there. The ID is even recorded in the referrer log. - Browser redirects are required. However, cookie solutions often face the same problem.
Eventually, I decided that cookies were a better solution for our purposes and switched over.
One thing that people need to understand, however, is that there are cookies that never make it to the user's hard drive. It puzzles me that browser makers put all cookies in the same category. The Best Way, at this time, to keep session state is to send a cookie to the user's browser that is never stored anywhere but in memory.
Well, I've been thinking about the Linux on x86 security model lately and I noticed something.
Say you're a random visitor to a company and you get two minutes' access to a critical workstation. Push Ctrl-Alt-F1 at any time. Then push Ctrl-Alt-Delete. Of course, if you're in a hurry, push the reset button.
Insert a floppy loaded with the Linux Kernel. You could use a Debian installer disk--or a customized disk would be ideal. Get to a console, which of course is an instant root shell. Mount the main hard drive, add your sniffer or whatever to/etc/rc, and reboot. With a customized disk, the whole job would be done efficiently and almost undetectably.
The point is that any time a stranger has physical access to an x86 (be it Unix, Windows, or whatever) and no one is watching, security is lost. This factor should be added to your attack trees!
Can it really decrypt things right under my nose without showing what transformations are being applied when analyzed carefully?
No, it cannot. Even if the algorithm were made too complex for humans to ever comprehend, it would still be possible to eventually lift the code and use it for unintended purposes. Legal? Hard to say. Difficult enough to keep 99% of the people out? IMHO Absolutely!
DVD-Video requires a part-hardware solution to keep the secrets under tight control. That solution would have worked well enough if someone hadn't made the mistake of implementing an all-software solution.
However, the objective of the RIAA was to keep the masses from copying DVD's. It would have been more effective to create some kind of special licensing requirements than to try to withhold the inherent ability to copy. That way, the people who want to watch videos using Linux could license the code under a NDA.
I have pondered a few ideas that would make my desktop a lot more useful. Certainly these should spark a few ideas of your own.
- The little icon in the top-left corner of most windows would be much more useful if it were DND enabled. Wouldn't it be efficient to move emacs, Netscape, or a shell window to another desktop by dragging its icon to the "taskbar" button? Or even better, drag the icon for my emacs window into an open Mozilla window (or the Mozilla icon) and have the file I'm editing pop up instantly in the browser. Drag the icon to the file manager and instantly manipulate the directory where it's stored.
- Wouldn't it be sensible if the desktop showed the most recently used documents instead of a duplicate of the menu?
- There is a terrible flaw IMHO in both Mac and Windows with the action taken by double-clicking a document. Documents are always registered with one specific application. Because of the way applications install themselves, the ambiguous command "open" may refer (mutually exclusively) to Netscape, LViewPro, Photoshop, Visual Page, or a hex editor. The current context menus do not solve the problem. If a document type is registered with more than one application, double-clicking should bring up the context menu.
- "Find" should be on the context menu of every "directory" object. Additionally, the "find" window should have the power and flexibility of the shell version, including pipes.
It's probably "/usr/X11R6/bin/xcalc". Just type "xcalc" and it might come up. If it's not already there, hmmm...
Insert RH5 CD, mount it, then cd to the RPM directory. Type:
rpm -qpli * > ~/rpmindex less ~/rpmindex
While in less, type "/xcalc". That will find which RPM contains it, which you can then rpm -install. Leave rpmindex for future reference. (I just recently studied "rpm" and figured out all the right command line arguments to find and install any given file, and I thought I'd share my discoveries. This knowledge would have saved me a great deal of time when I was first figuring out Linux!)
BTW the upgrade to version 6 is a lot smoother than you might expect. Nothing like the installer for a certain nameless but shameless OS...
"What this could portend is a return of a healthy competition at the next round of technological change. It's too late for the browser. But for the next round of technology, it could be a far more open environment with better prices, easier-to-use-products and better support."
What about Mozilla? It seems to me that Mozilla will help us recover from the damage done by Microsoft.
I wonder how many have considered an idea that I have been tossing about in my head as of late. I don't believe this is very far-fetched: proper use of the Unix process model could be considered a form of component-based programming!
I can hear it now: "Boo! Hiss! Components have to be built on CORBA or DCOM or (name your acronym)!" Let me try to describe my view. Feel free to disagree!
The major benefits, in my view, of component-based programming are:
1. Components can be assembled with minimal effort. 2. The system scales well because additional hardware can simply be added. 3. Components are isolated from each other, so debugging is much simpler. 4. The developer has many choices of programming languages and platforms.
Which of these things can't be duplicated by a Unix script? Since multitasking is inherent and clustering is available, assembling a system using familiar Unix languages and multiple processes can be just as efficient as a CORBA equivalent. A Unix process does indeed have a component-like interface, though it may not be apparent at first: command-line arguments, the environment, pipes, signals, and sockets.
Therefore, it could be argued that the "component repository" is already on any Linux user's HD. Image manipulation utilities, formatted document generators, network protocol implementations, forms-based GUI generators, widgets, etc.
I'm going to provide a counterargument as well, however. An object-oriented component model needs to have easily defined and flexible interfaces. All Unix-based interfaces depend on a serialized stream of bytes. That is not appropriate when you want to send a polymorphic object!
Thought number two (much simpler thought and probably more useful): as long as we can first decide on a standard model (CORBA would be a good choice), we could begin building components out of the GPL utilities already out there. "wget", "ispell", XML processors, and more are good candidates.
Thought number three: The KDE people are already building lots of components. We have to build on their efforts as well as others'.
Just recently I have had to deal with the mess created on two FAT32-formatted hard drives in unrelated locations. One of them apparently lost all long filename support and the other cannot be fixed by Scandisk at all. I had to use the Linux implementation of FAT32 (vfat) to recover data from one of the drives. In fact, Linux couldn't quite read it either and I had to reboot Linux repeatedly (the kernel, version 2.2.13, froze whenever it found an inconsistency.)
Both drives will have to be reformatted to be useful again. Nothing of this magnitude has happened with the ext2 partitions I've been using, but as always, YMMV.
Do transporters (as in matter-to-energy converters) require FCC approval? Would that make the old contraption in every geek's garage illegal to operate?;-)
I am in charge of the technical side of the distance learning program at a major college and I'd have to say that the experiences in the class mentioned in the article don't at all match our own experience. But that's because we built a reasonable technological infrastructure before we started classes. We keep e-mail to a minimum, along with browser requirements and required technological background.
We have over 1100 students enrolled in Web-based classes right now. A large number of them have already taken Internet courses, so apparently they liked the experience. Yes, there have been technological hurdles, but the students don't get too frustrated as long as we take care of the issues right away.
Our program is quite different from other schools in at least one regard: we give the instructors complete freedom over the pages that make up their course. They can put their big odd-looking photograph right on the home page if they want to. We want both the instructor and the students to feel like they're in a friendly classroom, not in a perfected, white-walled corporate training session.
On the technological side we took care to make it so that tests and assignments behaved just like paper assignments, where teachers can write their own comments on the form and students can look at their past assignments. It is a world away from e-mail assignments.
Something else that makes a difference is that we have a Distance Learning department which runs the Distance Learning Service Center. Students and faculty can call the center at any time for assistance.
Digital age politics prevent all but the smallest countries from even considering repeating such a foolish move. That's why I don't think we can take this patent seriously at all. If implemented in the U.S. or other large countries, the offending politicians could be thrown out of office. In other cases the UN or the US military would march right in. And rightfully so.
What we need to watch out for, however, is the more subtle ways people might be digitally fingerprinted. We've all seen recent moves by large corporations that would allow them to track our purchases or discover our preferences and contact information without our knowledge. That is what we must oppose.
Now is as good a time as any to throw on the table a little hypothesis I've been thinking about.
In all our struggles to understand the brain, I don't think very many have approached it from the following direction: could it be that the patterns we develop in hardware and software are subconsciously based on the way our brain functions? And if so, could we not use our own complex creations to learn more about ourselves?
For example, dead cells reviving sounds similar to garbage collection in Smalltalk and Java. The concepts of input/output, memory, and a central processing unit are all obviously modeled on ourselves. Even packet-based communication is modeled on our own form of speech: instead of attaching a wire to each other's heads, we broadcast a few words and hope they arrive correctly. A conversation is like a TCP/IP connection in that the connection is only perceived.
So, as technology advances and new solutions are discovered, we intuitively better understand ourselves. If the hypothesis is correct, brain research is being indirectly benefitted by the advancement of computer science!
All of the ATI boards listed are based on the 128 bit chip. I was also quite disappointed as a result of the misleading link. I would be quite happy, however, if someone could show me that ATI Rage II+ is supported...
Actually both Windows and MacOS have this type of functionality. Windows registers MIME types in its registry database, but because OLE (ActiveX) was not designed with browser plug-in capability in mind, plug-in authors have to put their components directly into the Netscape/MSIE plug-ins folder anyway. MacOS has the most user-friendly method of registering applications and if you move an app to a different folder or different hard drive, the "shortcuts" continue to work. However, the OS knows nothing of MIME types.
IMHO all operating systems would benefit by having some form of a centralized registry. (On a side note, if anyone is sufferring from repeated "Windows Registry" errors, I have written a utility that can fix that problem in certain circumstances under Win95/98. Open source. Will release to public soon. E-mail me.)
I'm going to take the opportunity here to congratulate you on your success. I feel much safer knowing that someone in the public safety area has done their research and taken the time to make the 911 service more reliable and cost-effective. I hope that other cities will take a serious look at their options now. Do you know whether other cities in Utah are considering a change?
Now that's cool. I hope this gets moderated up. You know, if I were Intel/AMD/Motorola/whatever, I would put a great deal of funding into this Japanese lab right now.
Although the statement was incorrect, Darik brought up a good point and if there's anyone watching who's creating a secure web site, remember that you should also encrypt the form itself. It's more user-friendly and will avoid confusion.
Re:Will Mozilla ever gain outside contributors?
on
Mozilla M9 Released
·
· Score: 2
The suggestion to make object-oriented models for all of Mozilla was in a/. discussion a while ago and I took it upon myself to investigate the idea. Well, I did it, and I had to conclude that Mozilla is moving so fast that the models would be obsolete too quickly. I like the idea that the module owners would supply the models.
Even in my own programming I find that when working on a new project, it's extremely difficult to model the code except with the code itself. Until the classes are written, the ideas exist only in my head and can't be easily translated to visual information. By the time the ideas are concrete enough to visualize, the classes are already written and there's not much reason to concretely document anything but the interfaces and the less obvious sections of code. I have a friend who says some people are "visual" learners and some are not; well, I suppose many coders think in a non-visual way. To them, the addition of a GUI to an IDE is only helpful if it means fewer keystrokes.:)
Once Mozilla 1.0 is out, though, I think we'll start seeing a lot more OO models. Then it will be easier for all of us to tack on our own little mods.
That's a good insight because you were able to relate to the author. I see how the concepts might be confused. I can tell you that the subnet number, even if it were transmitted, cannot be used to augment the address. The only real purpose of having a subnet number is for multicasting to all machines in a subnet. Think of each machine as having two IP addresses, one being the multicast address. If a machine has the address 10.20.30.40 and its subnet number is 255.255.0.0, its multicast address is 10.20.255.255. When it wants to broadcast to all machines on the subnet, it simply sends to 10.20.255.255. All machines on the same subnet will listen.
An example: I like to use class A addresses (10.x.x.x) in my masqueraded network. Within the little network, I set up Samba to communicate with my laptop. Initially, I set the subnet number of the Linux box as 255.0.0.0 while I set the laptop to use subnet 255.255.255.0. Samba has to use multicasting to perform some of its functions. When broadcasting, the Linux box was broadcasting to the address 10.255.255.255 while the laptop was listening for broadcasts on the address 10.0.0.255. Thus Samba did not work.
On the other hand, when I did not understand the subnet number, I set up many computers that should have been 255.255.255.0 as 255.255.0.0. Nothing ever went wrong! The computers were able to browse anywhere on the Internet and log in to the IPX-based Novell network, which was all that seemed to matter.
This event has shown that writing viruses is no longer reserved for highly skilled crackers with a great deal of time. Hinting at another post, I would compare the skill required to write (or modify) a macro virus with that of a good car stereo thief. The difference is that even the best car stereo thief has to steal one at a time. Why waste your time when you can bring down all the computers in corporate America? During the panic you might be able to target a vault or something...
This could become an extremely serious problem. Microsoft will not lose profits, however, until the public can understand the issue. But that will never happen. Like Y2K, it just doesn't make sense to most people.
- "Will my PC stop working in the year 2000?" - "No." - "Then what's this Y2K thing?" - "Some programs store only 2 digits of the year to save space. Those programs may interpret the year 2000 as the year 0. Since 0 will come after 99, some date-related calculations will be incorrect. Their may be hiccups in deliveries, payments, interest rates, bank accounts, and public utilities." - "But 0 doesn't come after 99. How come the programs can't just figure that out?" - "Computers can only perform calculations, and in general cannot adapt to special situations unless they have been programmed to do so. That's why there are so many people reprogramming the computers." - "It's Microsoft's fault, isn't it? Windows always crashes for me." - "No, Microsoft doesn't have much at all to do with it. Microsoft has dominated personal computers but not the older servers and mainframes, where the problem is." - "So who would make a computer that crashes just because the date changes?" - "Well, in general it's not the computer that's incorrect, it's the software. A lot of programmers didn't believe their programs would still be in use when we switched to the 21st century." - "Microsoft released a Y2K patch for Windows. If I don't get it, will my computer stop working?" - "No. Certain older components of Windows will display the year as 00 rather than 99. On the other hand, you do need to make sure you have the latest software updates if you run financial or other date-sensitive software." - "So does that mean my PC will stop working in the year 2000?"
Slashdot Mirror
I wish I hadn't used all my moderator points already. Oh well, at least I get to post instead.
You make a very, very good point. Isn't there a way the Linux and *BSD kernel could be patched to disallow execution from a stack? I know there's plenty of memory protection and such in there, so can't we put in one more layer of protection?
Even if such a fix required patching of a large number of utilities, I'm sure it would be worth it!
Regarding thread locking--
This is something I have needed desperately in the past and had to create a hacked-up solution to achieve the correct results.
This is how it could work.
synchronized(obj) {
}
else {
}
If the lock can't be acquired immediately, the "else" clause would be executed instead. This would have to be implemented at the VM level. Perhaps "else" is not the best keyword, but other languages stretch the syntax in similar ways.
With all of the battle surrounding Java of late, however, it seems that we may have to wait a very long time before we'll see this kind of change. I've been branching to other languages lately...
When I started writing my own HTTP server I decided to try a new way of keeping sessions without using cookies. URL's looked like this:
i le.html
http://www.wherever.com/ss.asdf98cs/some/path/f
I tested it for months. Pros:
- No cookies at all.
- Very reliable. Session state is retained without problems.
- Works even in Lynx.
Cons:
- Search engines record the URL with the session ID. Although the session ID is invalid after only a short time, it's quite ugly.
- When people would try to tell each other what URL to visit, they would try to pronounce the session ID.
- Absolute links always cause the browser to ignore the ID. Solution: dynamic HTML or no absolute links.
- The browser reveals the session ID to other sites when the user follows a link there. The ID is even recorded in the referrer log.
- Browser redirects are required. However, cookie solutions often face the same problem.
Eventually, I decided that cookies were a better solution for our purposes and switched over.
One thing that people need to understand, however, is that there are cookies that never make it to the user's hard drive. It puzzles me that browser makers put all cookies in the same category. The Best Way, at this time, to keep session state is to send a cookie to the user's browser that is never stored anywhere but in memory.
Well, I've been thinking about the Linux on x86 security model lately and I noticed something.
/etc/rc, and reboot. With a customized disk, the whole job would be done efficiently and almost undetectably.
Say you're a random visitor to a company and you get two minutes' access to a critical workstation. Push Ctrl-Alt-F1 at any time. Then push Ctrl-Alt-Delete. Of course, if you're in a hurry, push the reset button.
Insert a floppy loaded with the Linux Kernel. You could use a Debian installer disk--or a customized disk would be ideal. Get to a console, which of course is an instant root shell. Mount the main hard drive, add your sniffer or whatever to
The point is that any time a stranger has physical access to an x86 (be it Unix, Windows, or whatever) and no one is watching, security is lost. This factor should be added to your attack trees!
No, it cannot. Even if the algorithm were made too complex for humans to ever comprehend, it would still be possible to eventually lift the code and use it for unintended purposes. Legal? Hard to say. Difficult enough to keep 99% of the people out? IMHO Absolutely!
DVD-Video requires a part-hardware solution to keep the secrets under tight control. That solution would have worked well enough if someone hadn't made the mistake of implementing an all-software solution.
However, the objective of the RIAA was to keep the masses from copying DVD's. It would have been more effective to create some kind of special licensing requirements than to try to withhold the inherent ability to copy. That way, the people who want to watch videos using Linux could license the code under a NDA.
Perhaps he meant "obsoleteness", referring to old attitudes becoming antiquated. How is this incorrect?
I have pondered a few ideas that would make my desktop a lot more useful. Certainly these should spark a few ideas of your own.
- The little icon in the top-left corner of most windows would be much more useful if it were DND enabled. Wouldn't it be efficient to move emacs, Netscape, or a shell window to another desktop by dragging its icon to the "taskbar" button? Or even better, drag the icon for my emacs window into an open Mozilla window (or the Mozilla icon) and have the file I'm editing pop up instantly in the browser. Drag the icon to the file manager and instantly manipulate the directory where it's stored.
- Wouldn't it be sensible if the desktop showed the most recently used documents instead of a duplicate of the menu?
- There is a terrible flaw IMHO in both Mac and Windows with the action taken by double-clicking a document. Documents are always registered with one specific application. Because of the way applications install themselves, the ambiguous command "open" may refer (mutually exclusively) to Netscape, LViewPro, Photoshop, Visual Page, or a hex editor. The current context menus do not solve the problem. If a document type is registered with more than one application, double-clicking should bring up the context menu.
- "Find" should be on the context menu of every "directory" object. Additionally, the "find" window should have the power and flexibility of the shell version, including pipes.
It's probably "/usr/X11R6/bin/xcalc". Just type "xcalc" and it might come up. If it's not already there, hmmm...
Insert RH5 CD, mount it, then cd to the RPM directory. Type:
rpm -qpli * > ~/rpmindex
less ~/rpmindex
While in less, type "/xcalc". That will find which RPM contains it, which you can then rpm -install. Leave rpmindex for future reference. (I just recently studied "rpm" and figured out all the right command line arguments to find and install any given file, and I thought I'd share my discoveries. This knowledge would have saved me a great deal of time when I was first figuring out Linux!)
BTW the upgrade to version 6 is a lot smoother than you might expect. Nothing like the installer for a certain nameless but shameless OS...
What about Mozilla? It seems to me that Mozilla will help us recover from the damage done by Microsoft.
I wonder how many have considered an idea that I have been tossing about in my head as of late. I don't believe this is very far-fetched: proper use of the Unix process model could be considered a form of component-based programming!
I can hear it now: "Boo! Hiss! Components have to be built on CORBA or DCOM or (name your acronym)!" Let me try to describe my view. Feel free to disagree!
The major benefits, in my view, of component-based programming are:
1. Components can be assembled with minimal effort.
2. The system scales well because additional hardware can simply be added.
3. Components are isolated from each other, so debugging is much simpler.
4. The developer has many choices of programming languages and platforms.
Which of these things can't be duplicated by a Unix script? Since multitasking is inherent and clustering is available, assembling a system using familiar Unix languages and multiple processes can be just as efficient as a CORBA equivalent. A Unix process does indeed have a component-like interface, though it may not be apparent at first: command-line arguments, the environment, pipes, signals, and sockets.
Therefore, it could be argued that the "component repository" is already on any Linux user's HD. Image manipulation utilities, formatted document generators, network protocol implementations, forms-based GUI generators, widgets, etc.
I'm going to provide a counterargument as well, however. An object-oriented component model needs to have easily defined and flexible interfaces. All Unix-based interfaces depend on a serialized stream of bytes. That is not appropriate when you want to send a polymorphic object!
Thought number two (much simpler thought and probably more useful): as long as we can first decide on a standard model (CORBA would be a good choice), we could begin building components out of the GPL utilities already out there. "wget", "ispell", XML processors, and more are good candidates.
Thought number three: The KDE people are already building lots of components. We have to build on their efforts as well as others'.
AHEM!!!
Just recently I have had to deal with the mess created on two FAT32-formatted hard drives in unrelated locations. One of them apparently lost all long filename support and the other cannot be fixed by Scandisk at all. I had to use the Linux implementation of FAT32 (vfat) to recover data from one of the drives. In fact, Linux couldn't quite read it either and I had to reboot Linux repeatedly (the kernel, version 2.2.13, froze whenever it found an inconsistency.)
Both drives will have to be reformatted to be useful again. Nothing of this magnitude has happened with the ext2 partitions I've been using, but as always, YMMV.
I would love to give a deed to all my friends for Christmas if only I could get a plot for $10. It would be a great gift!
Do transporters (as in matter-to-energy converters) require FCC approval? Would that make the old contraption in every geek's garage illegal to operate? ;-)
I am in charge of the technical side of the distance learning program at a major college and I'd have to say that the experiences in the class mentioned in the article don't at all match our own experience. But that's because we built a reasonable technological infrastructure before we started classes. We keep e-mail to a minimum, along with browser requirements and required technological background.
We have over 1100 students enrolled in Web-based classes right now. A large number of them have already taken Internet courses, so apparently they liked the experience. Yes, there have been technological hurdles, but the students don't get too frustrated as long as we take care of the issues right away.
Our program is quite different from other schools in at least one regard: we give the instructors complete freedom over the pages that make up their course. They can put their big odd-looking photograph right on the home page if they want to. We want both the instructor and the students to feel like they're in a friendly classroom, not in a perfected, white-walled corporate training session.
On the technological side we took care to make it so that tests and assignments behaved just like paper assignments, where teachers can write their own comments on the form and students can look at their past assignments. It is a world away from e-mail assignments.
Something else that makes a difference is that we have a Distance Learning department which runs the Distance Learning Service Center. Students and faculty can call the center at any time for assistance.
Digital age politics prevent all but the smallest countries from even considering repeating such a foolish move. That's why I don't think we can take this patent seriously at all. If implemented in the U.S. or other large countries, the offending politicians could be thrown out of office. In other cases the UN or the US military would march right in. And rightfully so.
What we need to watch out for, however, is the more subtle ways people might be digitally fingerprinted. We've all seen recent moves by large corporations that would allow them to track our purchases or discover our preferences and contact information without our knowledge. That is what we must oppose.
Now is as good a time as any to throw on the table a little hypothesis I've been thinking about.
In all our struggles to understand the brain, I don't think very many have approached it from the following direction: could it be that the patterns we develop in hardware and software are subconsciously based on the way our brain functions? And if so, could we not use our own complex creations to learn more about ourselves?
For example, dead cells reviving sounds similar to garbage collection in Smalltalk and Java. The concepts of input/output, memory, and a central processing unit are all obviously modeled on ourselves. Even packet-based communication is modeled on our own form of speech: instead of attaching a wire to each other's heads, we broadcast a few words and hope they arrive correctly. A conversation is like a TCP/IP connection in that the connection is only perceived.
So, as technology advances and new solutions are discovered, we intuitively better understand ourselves. If the hypothesis is correct, brain research is being indirectly benefitted by the advancement of computer science!
All of the ATI boards listed are based on the 128 bit chip. I was also quite disappointed as a result of the misleading link. I would be quite happy, however, if someone could show me that ATI Rage II+ is supported...
I must agree. Will this get marked down also?!
Actually both Windows and MacOS have this type of functionality. Windows registers MIME types in its registry database, but because OLE (ActiveX) was not designed with browser plug-in capability in mind, plug-in authors have to put their components directly into the Netscape/MSIE plug-ins folder anyway. MacOS has the most user-friendly method of registering applications and if you move an app to a different folder or different hard drive, the "shortcuts" continue to work. However, the OS knows nothing of MIME types.
IMHO all operating systems would benefit by having some form of a centralized registry. (On a side note, if anyone is sufferring from repeated "Windows Registry" errors, I have written a utility that can fix that problem in certain circumstances under Win95/98. Open source. Will release to public soon. E-mail me.)
I'm going to take the opportunity here to congratulate you on your success. I feel much safer knowing that someone in the public safety area has done their research and taken the time to make the 911 service more reliable and cost-effective. I hope that other cities will take a serious look at their options now. Do you know whether other cities in Utah are considering a change?
Now that's cool. I hope this gets moderated up. You know, if I were Intel/AMD/Motorola/whatever, I would put a great deal of funding into this Japanese lab right now.
Although the statement was incorrect, Darik brought up a good point and if there's anyone watching who's creating a secure web site, remember that you should also encrypt the form itself. It's more user-friendly and will avoid confusion.
The suggestion to make object-oriented models for all of Mozilla was in a /. discussion a while ago and I took it upon myself to investigate the idea. Well, I did it, and I had to conclude that Mozilla is moving so fast that the models would be obsolete too quickly. I like the idea that the module owners would supply the models.
:)
Even in my own programming I find that when working on a new project, it's extremely difficult to model the code except with the code itself. Until the classes are written, the ideas exist only in my head and can't be easily translated to visual information. By the time the ideas are concrete enough to visualize, the classes are already written and there's not much reason to concretely document anything but the interfaces and the less obvious sections of code. I have a friend who says some people are "visual" learners and some are not; well, I suppose many coders think in a non-visual way. To them, the addition of a GUI to an IDE is only helpful if it means fewer keystrokes.
Once Mozilla 1.0 is out, though, I think we'll start seeing a lot more OO models. Then it will be easier for all of us to tack on our own little mods.
That's a good insight because you were able to relate to the author. I see how the concepts might be confused. I can tell you that the subnet number, even if it were transmitted, cannot be used to augment the address. The only real purpose of having a subnet number is for multicasting to all machines in a subnet. Think of each machine as having two IP addresses, one being the multicast address. If a machine has the address 10.20.30.40 and its subnet number is 255.255.0.0, its multicast address is 10.20.255.255. When it wants to broadcast to all machines on the subnet, it simply sends to 10.20.255.255. All machines on the same subnet will listen.
An example: I like to use class A addresses (10.x.x.x) in my masqueraded network. Within the little network, I set up Samba to communicate with my laptop. Initially, I set the subnet number of the Linux box as 255.0.0.0 while I set the laptop to use subnet 255.255.255.0. Samba has to use multicasting to perform some of its functions. When broadcasting, the Linux box was broadcasting to the address 10.255.255.255 while the laptop was listening for broadcasts on the address 10.0.0.255. Thus Samba did not work.
On the other hand, when I did not understand the subnet number, I set up many computers that should have been 255.255.255.0 as 255.255.0.0. Nothing ever went wrong! The computers were able to browse anywhere on the Internet and log in to the IPX-based Novell network, which was all that seemed to matter.
This event has shown that writing viruses is no longer reserved for highly skilled crackers with a great deal of time. Hinting at another post, I would compare the skill required to write (or modify) a macro virus with that of a good car stereo thief. The difference is that even the best car stereo thief has to steal one at a time. Why waste your time when you can bring down all the computers in corporate America? During the panic you might be able to target a vault or something...
This could become an extremely serious problem. Microsoft will not lose profits, however, until the public can understand the issue. But that will never happen. Like Y2K, it just doesn't make sense to most people.
- "Will my PC stop working in the year 2000?"
- "No."
- "Then what's this Y2K thing?"
- "Some programs store only 2 digits of the year to save space. Those programs may interpret the year 2000 as the year 0. Since 0 will come after 99, some date-related calculations will be incorrect. Their may be hiccups in deliveries, payments, interest rates, bank accounts, and public utilities."
- "But 0 doesn't come after 99. How come the programs can't just figure that out?"
- "Computers can only perform calculations, and in general cannot adapt to special situations unless they have been programmed to do so. That's why there are so many people reprogramming the computers."
- "It's Microsoft's fault, isn't it? Windows always crashes for me."
- "No, Microsoft doesn't have much at all to do with it. Microsoft has dominated personal computers but not the older servers and mainframes, where the problem is."
- "So who would make a computer that crashes just because the date changes?"
- "Well, in general it's not the computer that's incorrect, it's the software. A lot of programmers didn't believe their programs would still be in use when we switched to the 21st century."
- "Microsoft released a Y2K patch for Windows. If I don't get it, will my computer stop working?"
- "No. Certain older components of Windows will display the year as 00 rather than 99. On the other hand, you do need to make sure you have the latest software updates if you run financial or other date-sensitive software."
- "So does that mean my PC will stop working in the year 2000?"
Arghhh...