The thing you might not have taken into account is the actual experience of the teacher who would like to introduce students to programming. I have no experience with the British school system, but I did work for IT in a K-12 U.S. school system not too long ago, so I think I have something to say about this.
Where I worked, students' computers were heavily locked down Windows machines running a restricted set of software. Because of the machines' age, the bad third-party GPO-wannabe software that the school district used to manage the systems, and various virus infections, these computers were not the friendliest things to teachers and students – and both groups were perpetually scared to death of "messing up" the computers and getting in trouble. In reality, these PCs were used primarily as overcomplicated interfaces to various bits of flash- and web-based educational software, and anything else was deemed too troublesome.
The point is that between the technical deficiencies and the bureaucratic ones, getting school IT to allow students to run a new type of program and then support it can frankly be a nightmare. You say these computers are capable of running Python, and this is true in the strictest sense, but in reality it's just not going to happen when half of the admins don't even know what Python is, and the other half are too scared of deploying a new, "nonstandard" interpreter.
And if that's how IT feels about the prospect, just think of how frightening it looks to the teachers.
Now contrast that with using something like the Raspberry PI. You can program without messing up your "real" computer! No IT support required, you can reset it to factory configuration in a heartbeat, and even if you do manage to physically break it somehow... hey, it was only $25. Perhaps most importantly, you can write a grant proposal to get a classroom full of them without having to go through the IT department. The Raspberry PI, or something like it, is the programming tool that teachers will be able to use in practice.
For Android phones with the Market app installed, an explicit backdoor isn't even necessary. Application installation is performed by the user requesting something from the Market, and the Market subsequently "pushing" the application to the device by sending an install command through Google's XMPP-based notification service. The installation itself does not require any interaction from the user. This is why, for example, you can install an app on your phone from the Android Market web site.
Well guess what, this means that Google, or anyone who can leverage control over them, doesn't need a backdoor already on your phone. The government could just use the Market's normal installation mechanisms to install SpyOnStuff.apk over the air on an as-needed basis.
I expect Android to be where the lion's share of Java development happens in the next few years
This is a joke, right? You must have no sense of how broadly Java is used in the industry. Even if Android were to surpass the iPhone in popularity, all the Android apps put together would be just a drop in the bucket next to the massive, active Java codebase in other sectors.
You're onto something with regard to JavaScript's importance, on the other hand, but I'd hardly call that "regrettable". It has its quirks (coerced concatenation with the + operator, some math gotchas), but on the whole it's an excellent programming language, as dynamic imperative languages go. I'm surprised at the extent to which the language is still misunderstood... think of it as Lisp in C's clothing.
The various "scripting" languages have been moving towards VM architectures, and some are quite good, but none that I know of actually feature any kind of ahead-of-time compilation, even to bytecode. That includes Perl, Python, Ruby, JavaScript, and plenty of others.
Just a minor correction, Python can be pre-compiled to bytecode:
I agree. The thing generally missed by people who criticize the OpenBSD upgrade process without having actually tried it themselves, is that OpenBSD is so cleanly designed and well documented that it's actually possible to hold a thorough understanding of the operating system in one's head, so to speak. It's like the Arch Linux philosophy:
Relying on complex tools to manage and build your system is going to hurt the end users. [...] "If you try to hide the complexity of the system, you'll end up with a more complex system". Layers of abstraction that serve to hide internals are never a good thing. Instead, the internals should be designed in a way such that they NEED no hiding.
except applied to an entire operating system, built from the ground up and maintained as a cohesive package.
The result of this is that, unlike with Windows or even most Linux distributions, there's little need for automated upgrade utilities because there's really quite little going on under the hood in the upgrade process. This means little chance of things breaking. And if something does break, you'll know precisely what it was and how to fix it.
I've been burned by even the best of the automated upgrade tools (Debian's). Frankly, OpenBSD is the only operating system I ever try to upgrade in place between major versions any more, because the upgrade process is so straightforward and transparent.
One of the things I really liked about Avatar was that, in addition to not being anti-technology, it stood firm against easy temptations to go down the anti-science route as well.
So many films propagate the false stereotypes that scientists are cold-hearted, or amoral, or lacking in a sense of wonder, or somehow fundamentally limited in their understanding of reality due to what promoters of various types of woo often characterize as "scientism". In particular, Hollywood generally seems obsessed with old dualist notions of reality, portraying the evidence-based materialism of science as a hindrance rather than as the intellectual shovel with which we dug our way out of the dark ages.
So it was a nice surprise to see that in this film, for a change, the scientists were the "good guys". The scientists' experiments with Pandoran biology allowed them to understand the true significance of Eywa and all the other trees in the forest, and this knowledge drove them to fight against Eywa's destruction. Science didn't make Grace unfeeling and amoral; anthropology caused her to fall in love with the Na'vi people, and ultimately die to protect them.
Among Grace's last words, on seeing that she had been brought to Eywa, was that she wanted to "collect some samples". But this wasn't some pot shot against "scientism". It was a warm reflection upon Grace's character, showing that for her, the sense of awe she felt of the universe was best expressed through and addressed by science.
Whether it was conscious or not, I really have to commend the attitudes toward science conveyed by Avatar. Perhaps if more films were willing to show science and scientists in a similarly positive light we could begin to see a turnaround in attitudes among society at large.
That's a good thought, but the problem is that tunneling TCP over TCP (such as HTTP over SSH) is subject to the TCP retransmission cascading effect, a.k.a. TCP-over-TCP meltdown, which is particularly likely to be a problem for him given the kind of Internet connections he may be stuck with on his travels.
It would be better to tunnel over a protocol that does not attempt to ensure reliable transport, such as UDP or pure IPsec. So I agree with you that he should find some inexpensive, reputable host to use as his endpoint, but I recommend that he use OpenVPN over UDP rather than SSH over TCP for his tunnel. OpenVPN is easy to set up, penetrates NATs well, and will be compatible with pretty much any inexpensive VPS provider (but be sure to check with potential hosts' terms of services first to make sure they're OK with tunneling your personal web browsing traffic through their servers).
Wrong. The two properties of Flash that make it vulnerable to this class of attack are:
It relies upon a same-origin security model, and
Unlike JavaScript code, Flash objects can be executed by simply being loaded by a browser
Both of these things are just as true for Silverlight as for Flash, so this issue will affect Microsoft Silverlight and its users as well. The reason that this is being advertised as a "Flash vulnerability" instead of a "Silverlight vulnerability" is, I'm sure, simply due to Silverlight's relatively tiny market share.
On the other hand, HTML 5 + JavaScript, Canvas, etc. is a solution to this.
In my opinion, the biggest advantage of FreeBSD is how coherent the system is. Everything, from documentation to userspace utilities to the kernel, was developed and tested and released as a single project.
This allows for neat features that require cooperation between several system components, which would be more difficult to implement in the Linux world. For instance, in FreeBSD you can press ^T while cp is copying some huge file, and this will send SIGINFO to cp, causing it to print a progress report to STDERR. Handy.
So it seems to me that this Debian project defeats the most attractive feature of the FreeBSD operating system (by separating its kernel from its tightly integrated BSD userspace), while simultaneously casting aside Linux's advantages over FreeBSD (more drivers, more supported architectures, somewhat better performance, and--this may be controversial--in my experience, better stability). On the other hand, maybe Debian really can improve on the FreeBSD experience; apt rocks, and the Debian project does perhaps a better job than anyone of combining the disparate parts of the GNU/Linux ecosystem into a coherent operating system. So kneejerk reactions aside, I guess I shouldn't judge this until I have the chance to try it... still, I don't see myself trading in my Debian GNU/Linux anytime soon.
MS shouldn't really be allowing such poor practices. Why should my memory be eaten up by loads of DLL files that are nearly identical. Let's face it, there isn't going to be huge differences between version X and Y.
Versions X and Y of a DLL will be flat-out incompatible if that DLL is written in C++ and the author has changed the number of attributes in an interface class (unless he uses tricks such as pimpl), or if he's added or removed any virtual functions.
And the fact that Microsoft is so good at preserving application backward compatibility, even in the face of "poor practices", is frankly one of the main reasons that Windows is the #1 business desktop operating system in the world.
The ribbon is an abomination and no amount of marketing or brainwashed hyperbole from idiots parroting the marketing is going to change my mind - yeah I can use it just fine but it eats up a lot of screen real estate and it isn't better
If you had actually measured it, you'd know that the Office 2007 ribbon takes up less space than the default Office 2003 menus + toolbars. I guess that would make you the brainwashed idiot, huh?
I second your recommendation of the Level3 DNS servers (4.2.2.X), if you don't want to run your own DNS server and if your ISP's servers are breaking DNS. There's no point whatsoever to using OpenDNS.
Typical commuter here. My bicycle computer will gladly show you that I average between 17-18 mph to and from work, and I know plenty stronger riders than myself.
Despite their claims to the contrary, OpenDNS's servers are likely farther away from you than your local ISP's.
Absolutely right. Out of curiosity, I recently tested DNS performance as experienced from my home network, using Steve Gibson's excellent DNS benchmark tool. The test was between:
My LAN's OpenBSD gateway & DNS server (10.19.0.1)
My ISP's (BellSouth's) DNS servers (205.152.*)
OpenDNS (208.67.*)
Level 3's anycast servers (4.2.2.*)
OpenDNS was the clear loser in this test. (Sorry for the lack of numeric labels on this screenshot, but the graph is to scale.) Querying the local DNS server was of course faster than anything that had to go across the DSL modem, but OpenDNS was also significantly slower than the other remote servers tested.
Everyday I have to run apt-get update && apt-get upgrade to keep my system secure. Not everyday it is a possible remote exploit, but there is always some security related bug to fix. Linux may have a better implementation to keep those risks from escalating quickly compared to windows, but I would not run nation-critical apps on it. Not at this point in time.
I think you're making the classic mistake of equating the number of patches seen with the actual number, and severity, of vulnerabilities. Of course Debian gets more patches more often than Windows: the Debian security team sends out fixes for security vulnerabilities as soon as they're discovered, rather than leaving users exposed by waiting up to a month and fixing (some, but often not all) of the most critical known vulnerabilities in monthly roll-ups. And of course Debian sees more patches, when nearly all of the desktop applications on a Debian system are handled by apt; Windows Update only takes care of patching the operating system itself.
So when it comes to a question of which operating system to run sensitive government services on, patch counting is worse than useless. Things that are worth considering are the tractibility of the system's security model, and exploit mitigation techniques or fine-grained mechanisms for least-privilege, such as SELinux.
The most I was hoping for was lefties having to admit that their guy wasn't any better.
The problem, precisely, is that we liberals don't have "a guy". He may be a bit more sane than the last guy on social issues such as stem cell research and abortion rights, but in practice Obama represents a wholly inadequate shift to the left from the previous administration.
Ubuntu gets 25% longer battery life on my netbook, but cannot play youtube videos (on either version) without lurching video.
That has everything to do with Adobe's poor implementation of Flash Player on Linux, and little or nothing to do with the underlying operating system. You're drawing conclusions where none can reasonably be drawn.
No it couldn't be ext2/3/4 because of the GPL. It just couldn't so give that idea up.
Absolutely wrong. It couldn't be the *Linux implementation* of ext2/3/4, because of the GPL. But there's nothing to stop someone else from creating a new extN implementation under an arbitrary, non-GPL license: in fact, it's already been done.
Slashdot Mirror
The thing you might not have taken into account is the actual experience of the teacher who would like to introduce students to programming. I have no experience with the British school system, but I did work for IT in a K-12 U.S. school system not too long ago, so I think I have something to say about this.
Where I worked, students' computers were heavily locked down Windows machines running a restricted set of software. Because of the machines' age, the bad third-party GPO-wannabe software that the school district used to manage the systems, and various virus infections, these computers were not the friendliest things to teachers and students – and both groups were perpetually scared to death of "messing up" the computers and getting in trouble. In reality, these PCs were used primarily as overcomplicated interfaces to various bits of flash- and web-based educational software, and anything else was deemed too troublesome.
The point is that between the technical deficiencies and the bureaucratic ones, getting school IT to allow students to run a new type of program and then support it can frankly be a nightmare. You say these computers are capable of running Python, and this is true in the strictest sense, but in reality it's just not going to happen when half of the admins don't even know what Python is, and the other half are too scared of deploying a new, "nonstandard" interpreter.
And if that's how IT feels about the prospect, just think of how frightening it looks to the teachers.
Now contrast that with using something like the Raspberry PI. You can program without messing up your "real" computer! No IT support required, you can reset it to factory configuration in a heartbeat, and even if you do manage to physically break it somehow... hey, it was only $25. Perhaps most importantly, you can write a grant proposal to get a classroom full of them without having to go through the IT department. The Raspberry PI, or something like it, is the programming tool that teachers will be able to use in practice.
For Android phones with the Market app installed, an explicit backdoor isn't even necessary. Application installation is performed by the user requesting something from the Market, and the Market subsequently "pushing" the application to the device by sending an install command through Google's XMPP-based notification service. The installation itself does not require any interaction from the user. This is why, for example, you can install an app on your phone from the Android Market web site.
Well guess what, this means that Google, or anyone who can leverage control over them, doesn't need a backdoor already on your phone. The government could just use the Market's normal installation mechanisms to install SpyOnStuff.apk over the air on an as-needed basis.
Linux doesn't enforce DEP or ASLR, either. OS X doesn't even support real ASLR.
You're blatantly wrong here, and your attitude toward the parent poster speaks poorly of your character.
This is a joke, right? You must have no sense of how broadly Java is used in the industry. Even if Android were to surpass the iPhone in popularity, all the Android apps put together would be just a drop in the bucket next to the massive, active Java codebase in other sectors.
You're onto something with regard to JavaScript's importance, on the other hand, but I'd hardly call that "regrettable". It has its quirks (coerced concatenation with the + operator, some math gotchas), but on the whole it's an excellent programming language, as dynamic imperative languages go. I'm surprised at the extent to which the language is still misunderstood... think of it as Lisp in C's clothing.
Just a minor correction, Python can be pre-compiled to bytecode:
http://effbot.org/zone/python-compile.htm
But I definitely agree with you on the whole.
I agree. The thing generally missed by people who criticize the OpenBSD upgrade process without having actually tried it themselves, is that OpenBSD is so cleanly designed and well documented that it's actually possible to hold a thorough understanding of the operating system in one's head, so to speak. It's like the Arch Linux philosophy:
except applied to an entire operating system, built from the ground up and maintained as a cohesive package.
The result of this is that, unlike with Windows or even most Linux distributions, there's little need for automated upgrade utilities because there's really quite little going on under the hood in the upgrade process. This means little chance of things breaking. And if something does break, you'll know precisely what it was and how to fix it.
I've been burned by even the best of the automated upgrade tools (Debian's). Frankly, OpenBSD is the only operating system I ever try to upgrade in place between major versions any more, because the upgrade process is so straightforward and transparent.
(bluetooth support, fm radio)
Don't forget about forcing iMac users to buy an "upgrade" online in order to enable their computers' 802.11n capabilities.
More importantly, is there a way to disable F1 in Windows?
Possibly. Press F1 and look it up in Windows Help.
One of the things I really liked about Avatar was that, in addition to not being anti-technology, it stood firm against easy temptations to go down the anti-science route as well.
So many films propagate the false stereotypes that scientists are cold-hearted, or amoral, or lacking in a sense of wonder, or somehow fundamentally limited in their understanding of reality due to what promoters of various types of woo often characterize as "scientism". In particular, Hollywood generally seems obsessed with old dualist notions of reality, portraying the evidence-based materialism of science as a hindrance rather than as the intellectual shovel with which we dug our way out of the dark ages.
So it was a nice surprise to see that in this film, for a change, the scientists were the "good guys". The scientists' experiments with Pandoran biology allowed them to understand the true significance of Eywa and all the other trees in the forest, and this knowledge drove them to fight against Eywa's destruction. Science didn't make Grace unfeeling and amoral; anthropology caused her to fall in love with the Na'vi people, and ultimately die to protect them.
Among Grace's last words, on seeing that she had been brought to Eywa, was that she wanted to "collect some samples". But this wasn't some pot shot against "scientism". It was a warm reflection upon Grace's character, showing that for her, the sense of awe she felt of the universe was best expressed through and addressed by science.
Whether it was conscious or not, I really have to commend the attitudes toward science conveyed by Avatar. Perhaps if more films were willing to show science and scientists in a similarly positive light we could begin to see a turnaround in attitudes among society at large.
Oh snap, you're right, I stand corrected.
That's a good thought, but the problem is that tunneling TCP over TCP (such as HTTP over SSH) is subject to the TCP retransmission cascading effect, a.k.a. TCP-over-TCP meltdown, which is particularly likely to be a problem for him given the kind of Internet connections he may be stuck with on his travels.
It would be better to tunnel over a protocol that does not attempt to ensure reliable transport, such as UDP or pure IPsec. So I agree with you that he should find some inexpensive, reputable host to use as his endpoint, but I recommend that he use OpenVPN over UDP rather than SSH over TCP for his tunnel. OpenVPN is easy to set up, penetrates NATs well, and will be compatible with pretty much any inexpensive VPS provider (but be sure to check with potential hosts' terms of services first to make sure they're OK with tunneling your personal web browsing traffic through their servers).
Wrong. The two properties of Flash that make it vulnerable to this class of attack are:
Both of these things are just as true for Silverlight as for Flash, so this issue will affect Microsoft Silverlight and its users as well. The reason that this is being advertised as a "Flash vulnerability" instead of a "Silverlight vulnerability" is, I'm sure, simply due to Silverlight's relatively tiny market share.
On the other hand, HTML 5 + JavaScript, Canvas, etc. is a solution to this.
In my opinion, the biggest advantage of FreeBSD is how coherent the system is. Everything, from documentation to userspace utilities to the kernel, was developed and tested and released as a single project.
This allows for neat features that require cooperation between several system components, which would be more difficult to implement in the Linux world. For instance, in FreeBSD you can press ^T while cp is copying some huge file, and this will send SIGINFO to cp, causing it to print a progress report to STDERR. Handy.
So it seems to me that this Debian project defeats the most attractive feature of the FreeBSD operating system (by separating its kernel from its tightly integrated BSD userspace), while simultaneously casting aside Linux's advantages over FreeBSD (more drivers, more supported architectures, somewhat better performance, and--this may be controversial--in my experience, better stability). On the other hand, maybe Debian really can improve on the FreeBSD experience; apt rocks, and the Debian project does perhaps a better job than anyone of combining the disparate parts of the GNU/Linux ecosystem into a coherent operating system. So kneejerk reactions aside, I guess I shouldn't judge this until I have the chance to try it... still, I don't see myself trading in my Debian GNU/Linux anytime soon.
MS shouldn't really be allowing such poor practices. Why should my memory be eaten up by loads of DLL files that are nearly identical. Let's face it, there isn't going to be huge differences between version X and Y.
Versions X and Y of a DLL will be flat-out incompatible if that DLL is written in C++ and the author has changed the number of attributes in an interface class (unless he uses tricks such as pimpl), or if he's added or removed any virtual functions.
And the fact that Microsoft is so good at preserving application backward compatibility, even in the face of "poor practices", is frankly one of the main reasons that Windows is the #1 business desktop operating system in the world.
The ribbon is an abomination and no amount of marketing or brainwashed hyperbole from idiots parroting the marketing is going to change my mind - yeah I can use it just fine but it eats up a lot of screen real estate and it isn't better
If you had actually measured it, you'd know that the Office 2007 ribbon takes up less space than the default Office 2003 menus + toolbars. I guess that would make you the brainwashed idiot, huh?
OK, so buy a domain name for a few bucks a year, and point its MX records at an email provider of your choosing in your own country.
It's worse than that, actually: not only does OpenDNS also fail to return a proper NXDOMAIN response to queries for invalid domain names, but it is often significantly slower than your ISP's own DNS servers.
I second your recommendation of the Level3 DNS servers (4.2.2.X), if you don't want to run your own DNS server and if your ISP's servers are breaking DNS. There's no point whatsoever to using OpenDNS.
Typical commuter here. My bicycle computer will gladly show you that I average between 17-18 mph to and from work, and I know plenty stronger riders than myself.
Sorry, looks like you're the one full of shit.
Despite their claims to the contrary, OpenDNS's servers are likely farther away from you than your local ISP's.
Absolutely right. Out of curiosity, I recently tested DNS performance as experienced from my home network, using Steve Gibson's excellent DNS benchmark tool. The test was between:
OpenDNS was the clear loser in this test. (Sorry for the lack of numeric labels on this screenshot, but the graph is to scale.) Querying the local DNS server was of course faster than anything that had to go across the DSL modem, but OpenDNS was also significantly slower than the other remote servers tested.
By getting the professional opinion of a doctor or registered dietitian.
Everyday I have to run apt-get update && apt-get upgrade to keep my system secure. Not everyday it is a possible remote exploit, but there is always some security related bug to fix. Linux may have a better implementation to keep those risks from escalating quickly compared to windows, but I would not run nation-critical apps on it. Not at this point in time.
I think you're making the classic mistake of equating the number of patches seen with the actual number, and severity, of vulnerabilities. Of course Debian gets more patches more often than Windows: the Debian security team sends out fixes for security vulnerabilities as soon as they're discovered, rather than leaving users exposed by waiting up to a month and fixing (some, but often not all) of the most critical known vulnerabilities in monthly roll-ups. And of course Debian sees more patches, when nearly all of the desktop applications on a Debian system are handled by apt; Windows Update only takes care of patching the operating system itself.
So when it comes to a question of which operating system to run sensitive government services on, patch counting is worse than useless. Things that are worth considering are the tractibility of the system's security model, and exploit mitigation techniques or fine-grained mechanisms for least-privilege, such as SELinux.
There's a huge advantage cars have in this area. In the US the highway system is paid for entirely by gas taxes
That's false
The most I was hoping for was lefties having to admit that their guy wasn't any better.
The problem, precisely, is that we liberals don't have "a guy". He may be a bit more sane than the last guy on social issues such as stem cell research and abortion rights, but in practice Obama represents a wholly inadequate shift to the left from the previous administration.
Ubuntu gets 25% longer battery life on my netbook, but cannot play youtube videos (on either version) without lurching video.
That has everything to do with Adobe's poor implementation of Flash Player on Linux, and little or nothing to do with the underlying operating system. You're drawing conclusions where none can reasonably be drawn.
No it couldn't be ext2/3/4 because of the GPL. It just couldn't so give that idea up.
Absolutely wrong. It couldn't be the *Linux implementation* of ext2/3/4, because of the GPL. But there's nothing to stop someone else from creating a new extN implementation under an arbitrary, non-GPL license: in fact, it's already been done.