And for those that are too young to remember, blank audio cassettes were probably one of the largest expenses for students back in the 80s and early 90s. Most people had shelves of copied albums and mix tapes.
MP3s (etc.) just add a different medium for the same music sharing impulse.
There's a big difference between a country caving, and an EU representative caving. The problem is that EU reps are much more easily bought than are individual countries' laws. The EU offers a bonanza for corporate corruption.
I believe you and agree it's an interesting metric, and not to contradict it, but in my experience the number of machines doesn't always describe the number of services or level of services (in a server environment at least).
For example, I know many small/mid-size businesses that run Windows servers and have one server for each service (mail, file server, etc.). Comparable businesses with Linux or BSD solutions often merge all these onto a single server.
My only point being that # of machines (servers, at least) is not always a good metric to use.
Your post was humorous, but your analogy (as with most analogies) doesn't shed light on this situation.
You aren't allowed access to many government facilities (esp. military) because of the extreme risk of harm to the greater populace, either through access to dangerous resources (a tank) or information (that could be harmful to millions).
Seeing the source code to an application that serves a tax-filing purpose makes sense because there is, or at least should be, no inherent risk in releasing it. Hacking the protocols would be pointless because the client program, if hacked, could not achieve more access to the service than someone could do using a homebrew client program.
Unless, of course, the government has released software on the client or server side which is inherently not secure, in which case they shouldn't be using this anyway (which is probably the case).
I would like to complain about the previous complaint.
I agree that the guy that said 'stupid article' was a little blunt, but I think it's fair for readers of Ask Slashdot to complain when topics are at the level of 'how do I tie my own shoe?' I have no problem with someone asking for help--there are no stupid questions--but this doesn't seem like the forum for this kind of question (front page, etc.).
I didn't get your point about technical complexity. The sysadmin/programmer's job is to understand these technologies (they listed WebDAV, & Apache in the posting after all), and the end users in this case hardly need to know anything (they just map drives or whatever, same as any other solution).
sorry but anyone who can't get it to work probably should go back to school and learn how to administrate a real server.
[reply] might you mean "administer?"
No, no, you see where he works they administrate their web servers as part of their effort to strategify maintenential servifaction. His suggestion that the parent educatify himself was within reasonification.
I second that. It's slim (one disc) and yet has all the Debian niceness that (some) people admire. I've been testing its server capabilities and so far I like it. Haven't done a lot with Ubuntu on funky hardware, so obviously you'd want to experiment relative to your server environment.
First, contrary to what some people think, to access a site with HTTPS which has a certificate, you do NOT contact the CA over the internet. This is because your browser already has the public key of that CA installed. The signature of the certificate you are shown by the real or fake site is verified/rejected not by looking something else up on the internet, but by performing cryptographic tests against that installed public key of the CA. This is not only an efficient process, it is much more secure (for the spoofing reasons you suggest).
That's if you're talking about SSL stuff. If you are talking about the digital signature of the file(s) from windows update, you're using a very similar approach. I don't know the details of Windows Update, but I'll bet there is a local public key or set of keys from MS that are used to check the signature...nothing to download or look up over the internet.
If I explained that rather poorly, I apologize. I just wanted to express that, contrary to what most people think, you do NOT use connections to the CA to verify a certificate.
Same thing happened to the auto industry -- it used to be that they focused all their energy on the new model year (starting in September, if I remember). Now, although most of the major manufacturers still release new models in the fall, it's become more of a year round effort.
Happened to TV, too. Now the idea of a 'season' for all but the most standard prime time shows is gone.
Right, does this mean that people should now just take a bootable CD that claims it's from their bank, and pop it in and log into their bank system? All it would take would be a proxy/keylogger to capture all the info about the user's sessions. All your previous firewall/spyware stuff on your system would be useless.
Worse off, if booting from the CD it has full access to your system, as opposed to just running client software within a normal user account (I know, most Windows users don't use normal user accounts).
Now, there are probably easier/more cost-effective ways than sending CDs around for spam/phishing purposes, so it's doubtful that would be likely threat vector, but I'd be unwilling to use a boot-from-CD system just for the sake of 'security.' I'd prefer my bank to use a more standard approach, and to do their due diligence to ensure their clients are protected at least on the server side.
Government oversteps its boundaries when it starts to impose moral judgements on (most) speech. Would a news article covering a gay pride march be inappropriate? What about a gay-culture magazine? Although I admit this is grey area, having a government body fund and support a list of 'inappropriate' matter is a serious concern.
I will prove Godwin's Law in bringing this up, but perhaps you should research 'degenerate art.'
I'd suggest that any company dumb enough to purchase these licenses got what was coming to them. Almost any lawyer would advise the prudent course of NOT responding to such a call for license payments from a third party if you've had no prior contact.
Content: The creator(s) must be trying to 'say' something about our/their world.
Form: They must have a fairly unique approach to expressing this content.
Execution: They must execute the completion of the art in a way that distinguishes that they are masters of the medium they're using.
So, an actual painting by Mondrian is significantly different from a computer generated PNG image similar to the form of a Mondrian, from evaluating whether it is 'good' art.'
So, by my stodgy definition this particular program doesn't make 'good' art. But it may make something interesting to look at, which is completely different.
I believe market forces take care of this. Red Hat, like them or not, proposes a fee for support and for delivery of updates to a particular distro. You don't have to take that offer, though many places do. The original license is sufficient that other, free as in beer distros are available. Presuming the license is generally 'open' in the meaning that it's distributable/available without cost initially, then such a specific clause as you suggest is unnecessary.
Apologies for my numerous spelling errors. I was at some clunky terminal at the time I transcribed this (5 years ago) and didn't know how to go back and make corrections.
Apologies in advance, this reminded me of something I ran into a few years go. This is a two-page ad from a New Yorker magazine in 1968 (or 1969, not sure which). I was so interested in the ad that I transcribed it and put editorials in brackets.
[A two page ad. A middle-age man with a youthful, shy grin, dark
horn-rimmed glasses, slicked, short hair, and the premonition of a
hairy chest emerging from a blue denim(?) shirt, fills the left page;
the vista of urban sprawl outside a window behind him; painted scrawls
of mathematical formulas superimposed. On the right hand page is a
block of sans-serif text]
Meet an elder statesman in the computer business.
IBM's Jon Backus is 43, pretty young for an elder statesman in most
industries. But then, the computer business is less than 20 years old
and a mathematician Bakcus has been in it since the beginning.
He started workig with computers in the early 1950's. It was
about the time a leading business magazine estimated that no more than
50 companies would ever have use for a comptuer.
Today, it is estimated that there are well over 50,000 comptuer
installations in the United States alone. Part of the reason for this
astonishing growth: the progress made in programming. In this field,
John Backus was a pioneer.
"It bothered us, in the early days of computers, that so few people
coluld use them" he says. "One reason was, programming cost as much as
the machine. A small compnay just couldn't afford data processing."
With a small group of associates, John Backus tackled the problem
and stayed with it for three years. The result was the simplified
programming system called FORTRAN (FORmula TRANslator) which made
programming considerably less expensive than before. Today, FORTRAN is
probably the most widely used programming system in the world.
Currently, John Backus is working on a new mathematical concept which
is still in the realm of pure theory. But his theories, like the work
of many IBM scientists, ultimately have a way of making computers more
useful.
[A red line runs across the text. A matching red 'IBM' (not the blue,
CRT lines version) appears in the margin.]
From a beginning less than two decades ago, computer technology has
made remarkable progress. John Backus is one of many outstanding men
and women in the industry who have turned a laboratory marvel into tens
of thousands of computers helping people around the world.
There are lots of things that Java is perfectly suited for. Databases are not one of those things.
Slashdotters love broad, generalized statements. (oops);-)
I disagree with you completely. For example, simple embedded databases (see HSQLDB) can be very useful. I know someone who's teaching an class with Java and wanted to touch on databases. A java-based database (in this case, HSQLDB can run in-process) is great for this. You don't have to install a huge server on your development system just to learn the ins and outs of SQL. You just drop the hsqldb.jar file in your lib directory or whatever, and you are ready to go.
Another guy I know has a very successful company that uses HSQLDB embedded in their client app to provide very basic database functions internal to the application. This way persistent data can be managed by the app without having to resort to wonky homebrew data storage or super-large XML files (they would be VERY large in this app's case). Installation of their app doesn't require some humungous install of a data server. They just want something that will run in the app process that will be reliable and perform basic database functions.
By the way, HSQLDB can be run as a server as well, I was just focusing on the advantages of using it in-process.
I'm looking forward to exploring the new parts of 8.0. If they have cleared up some of the 'issues' I mentioned (not so terribly important in the big picture), then I'm a very happy man.
I believe you are incorrect. Under your interpretation any system that accesses any GPL system or *service* must be GPL'd. There is a difference between referring directly to a GPL's product's libraries , and making use of a GPL'd resource. Under your interpretation, a browser accessing a GPL'd web server would have to be GPL'd. This is simply not the case.
You're probably referring to BCP or a similar function, which dumps a single table of data at a time to a text file in a specified format. What the original poster is probably referring to is the ability to dump a database into an SQL script that, when run, completely re-creates the schema, data and other features of the database. It's a very simple backup/restore mechanism and makes various conversions and other operations much easier.
GPL licenses apply to the distribution of derivatives, not products that happen to use a GPL'd service. Were PostgreSQL GPL, then when you modify *PostgreSQL* and want to distribute it, yes, you'd need to distribute the source code. However, if you have a product that happens to talk to a GPL'd dataserver, by no means would you have to release the source of your application on your app's distribution.
I agree that PostgreSQL sometimes takes itself out for a spin--the optimizer seems to get more confused by some queries in PostgreSQL than in other databases. Generally the problems are solved with indexes in logical places.
The optimizer in PostgreSQL (in my experience) gets somewhat confused by how to best handle certain types of views. Most of the time it's a query structure problem, but other times it just seems to make 'dumber' mistakes than other databases. Granted, you can tweak the settings for the optimizer and sometimes this helps, but I'd like to see some improvements in the optimizer esp. with regards to the treatment of views.
Slashdot Mirror
MP3s (etc.) just add a different medium for the same music sharing impulse.
Definately.
There's a big difference between a country caving, and an EU representative caving. The problem is that EU reps are much more easily bought than are individual countries' laws. The EU offers a bonanza for corporate corruption.
Exactly. You don't say 'We all live in AN yellow submarine.'
For example, I know many small/mid-size businesses that run Windows servers and have one server for each service (mail, file server, etc.). Comparable businesses with Linux or BSD solutions often merge all these onto a single server.
My only point being that # of machines (servers, at least) is not always a good metric to use.
You aren't allowed access to many government facilities (esp. military) because of the extreme risk of harm to the greater populace, either through access to dangerous resources (a tank) or information (that could be harmful to millions).
Seeing the source code to an application that serves a tax-filing purpose makes sense because there is, or at least should be, no inherent risk in releasing it. Hacking the protocols would be pointless because the client program, if hacked, could not achieve more access to the service than someone could do using a homebrew client program.
Unless, of course, the government has released software on the client or server side which is inherently not secure, in which case they shouldn't be using this anyway (which is probably the case).
I agree that the guy that said 'stupid article' was a little blunt, but I think it's fair for readers of Ask Slashdot to complain when topics are at the level of 'how do I tie my own shoe?' I have no problem with someone asking for help--there are no stupid questions--but this doesn't seem like the forum for this kind of question (front page, etc.).
I didn't get your point about technical complexity. The sysadmin/programmer's job is to understand these technologies (they listed WebDAV, & Apache in the posting after all), and the end users in this case hardly need to know anything (they just map drives or whatever, same as any other solution).
[reply] might you mean "administer?"
No, no, you see where he works they administrate their web servers as part of their effort to strategify maintenential servifaction. His suggestion that the parent educatify himself was within reasonification.
I second that. It's slim (one disc) and yet has all the Debian niceness that (some) people admire. I've been testing its server capabilities and so far I like it. Haven't done a lot with Ubuntu on funky hardware, so obviously you'd want to experiment relative to your server environment.
First, contrary to what some people think, to access a site with HTTPS which has a certificate, you do NOT contact the CA over the internet. This is because your browser already has the public key of that CA installed. The signature of the certificate you are shown by the real or fake site is verified/rejected not by looking something else up on the internet, but by performing cryptographic tests against that installed public key of the CA. This is not only an efficient process, it is much more secure (for the spoofing reasons you suggest).
That's if you're talking about SSL stuff. If you are talking about the digital signature of the file(s) from windows update, you're using a very similar approach. I don't know the details of Windows Update, but I'll bet there is a local public key or set of keys from MS that are used to check the signature...nothing to download or look up over the internet.
If I explained that rather poorly, I apologize. I just wanted to express that, contrary to what most people think, you do NOT use connections to the CA to verify a certificate.
Happened to TV, too. Now the idea of a 'season' for all but the most standard prime time shows is gone.
Worse off, if booting from the CD it has full access to your system, as opposed to just running client software within a normal user account (I know, most Windows users don't use normal user accounts).
Now, there are probably easier/more cost-effective ways than sending CDs around for spam/phishing purposes, so it's doubtful that would be likely threat vector, but I'd be unwilling to use a boot-from-CD system just for the sake of 'security.' I'd prefer my bank to use a more standard approach, and to do their due diligence to ensure their clients are protected at least on the server side.
I will prove Godwin's Law in bringing this up, but perhaps you should research 'degenerate art.'
I'd suggest that any company dumb enough to purchase these licenses got what was coming to them. Almost any lawyer would advise the prudent course of NOT responding to such a call for license payments from a third party if you've had no prior contact.
- Content: The creator(s) must be trying to 'say' something about our/their world.
- Form: They must have a fairly unique approach to expressing this content.
- Execution: They must execute the completion of the art in a way that distinguishes that they are masters of the medium they're using.
So, an actual painting by Mondrian is significantly different from a computer generated PNG image similar to the form of a Mondrian, from evaluating whether it is 'good' art.'So, by my stodgy definition this particular program doesn't make 'good' art. But it may make something interesting to look at, which is completely different.
Yes, I AM an elitist!
I believe market forces take care of this. Red Hat, like them or not, proposes a fee for support and for delivery of updates to a particular distro. You don't have to take that offer, though many places do. The original license is sufficient that other, free as in beer distros are available. Presuming the license is generally 'open' in the meaning that it's distributable/available without cost initially, then such a specific clause as you suggest is unnecessary.
Apologies for my numerous spelling errors. I was at some clunky terminal at the time I transcribed this (5 years ago) and didn't know how to go back and make corrections.
[A two page ad. A middle-age man with a youthful, shy grin, dark horn-rimmed glasses, slicked, short hair, and the premonition of a hairy chest emerging from a blue denim(?) shirt, fills the left page; the vista of urban sprawl outside a window behind him; painted scrawls of mathematical formulas superimposed. On the right hand page is a block of sans-serif text]
Meet an elder statesman in the computer business.
IBM's Jon Backus is 43, pretty young for an elder statesman in most industries. But then, the computer business is less than 20 years old and a mathematician Bakcus has been in it since the beginning. He started workig with computers in the early 1950's. It was about the time a leading business magazine estimated that no more than 50 companies would ever have use for a comptuer. Today, it is estimated that there are well over 50,000 comptuer installations in the United States alone. Part of the reason for this astonishing growth: the progress made in programming. In this field, John Backus was a pioneer. "It bothered us, in the early days of computers, that so few people coluld use them" he says. "One reason was, programming cost as much as the machine. A small compnay just couldn't afford data processing." With a small group of associates, John Backus tackled the problem and stayed with it for three years. The result was the simplified programming system called FORTRAN (FORmula TRANslator) which made programming considerably less expensive than before. Today, FORTRAN is probably the most widely used programming system in the world. Currently, John Backus is working on a new mathematical concept which is still in the realm of pure theory. But his theories, like the work of many IBM scientists, ultimately have a way of making computers more useful.
[A red line runs across the text. A matching red 'IBM' (not the blue, CRT lines version) appears in the margin.]
From a beginning less than two decades ago, computer technology has made remarkable progress. John Backus is one of many outstanding men and women in the industry who have turned a laboratory marvel into tens of thousands of computers helping people around the world.
Slashdotters love broad, generalized statements. (oops) ;-)
I disagree with you completely. For example, simple embedded databases (see HSQLDB) can be very useful. I know someone who's teaching an class with Java and wanted to touch on databases. A java-based database (in this case, HSQLDB can run in-process) is great for this. You don't have to install a huge server on your development system just to learn the ins and outs of SQL. You just drop the hsqldb.jar file in your lib directory or whatever, and you are ready to go.
Another guy I know has a very successful company that uses HSQLDB embedded in their client app to provide very basic database functions internal to the application. This way persistent data can be managed by the app without having to resort to wonky homebrew data storage or super-large XML files (they would be VERY large in this app's case). Installation of their app doesn't require some humungous install of a data server. They just want something that will run in the app process that will be reliable and perform basic database functions.
By the way, HSQLDB can be run as a server as well, I was just focusing on the advantages of using it in-process.
I'm looking forward to exploring the new parts of 8.0. If they have cleared up some of the 'issues' I mentioned (not so terribly important in the big picture), then I'm a very happy man.
I believe you are incorrect. Under your interpretation any system that accesses any GPL system or *service* must be GPL'd. There is a difference between referring directly to a GPL's product's libraries , and making use of a GPL'd resource. Under your interpretation, a browser accessing a GPL'd web server would have to be GPL'd. This is simply not the case.
GPL licenses apply to the distribution of derivatives, not products that happen to use a GPL'd service. Were PostgreSQL GPL, then when you modify *PostgreSQL* and want to distribute it, yes, you'd need to distribute the source code. However, if you have a product that happens to talk to a GPL'd dataserver, by no means would you have to release the source of your application on your app's distribution.
The optimizer in PostgreSQL (in my experience) gets somewhat confused by how to best handle certain types of views. Most of the time it's a query structure problem, but other times it just seems to make 'dumber' mistakes than other databases. Granted, you can tweak the settings for the optimizer and sometimes this helps, but I'd like to see some improvements in the optimizer esp. with regards to the treatment of views.