You already have a lot of experiences recorded here...here's mine.
When I was in High School ('87-'91) we had lunch-hour gaming. However the games were paid for entirely by individual dues (the school didn't pay for the games). The games were pretty tame at that time (Hardball!, Impossible Mission II, etc.), so the issue of violence in the schools was hardly relevant.
It was a good time, and a number of people became much more familiar with computers than they would have otherwise. And even though computer literacy is obviously much higher now, I'd imagine that still high schoolers get educational benefit from the experience. For example, understanding the difference that certain hardware makes. How come this machine with 128MB RAM and a 64MB video card performs better than one with 256MB RAM and a 32MB card (as a very weak example)? Maybe try to get them to tweak their settings to maximize framerate. We/.ers might think everyone does this, but a better understanding of the hardware/software relationship (for example) would be a very real side effect.
Maybe some games allow for the creation of 'bots. (God knows, I don't know many games any more.) Set up bot tournaments! Very educational.
The failure must cause thousands of deaths or hundreds of billions of dollars in loss or damage. [...] I'm actually hoping that this will occur sooner than later.
Jesus, I'd actually prefer this never happen, regardless of how bad you think MSes code is. Seriously, you want people to die just so you can show the emperor's new clothing? That is what you are saying.
I would prefer pointing to and laughing at the emperor.
In this case, a lockout that is specific to remote address or address block might be useful. Add in some checks for stuff like AOL (different IP each connect and a pile of users) and dialup blocks (lockout a class C network for that login to frustrate redial attempts) and keep stats on where a user comes from (repeated attempts from a commonly used net block may be treated more leniently and trigger an email to the user's registered address, whereas an unusual address generates a longer lockout and no email to the user).
Then you agree that blocking isn't that simple!;-)
But I think you're missing the point. You don't want people hacking other people's accounts, so you need to lock down access after some n tries. However, that means that anyone can lock the account after n tries. Don't matter how many overly complex checks you put in--either you're making it easier to hack the account--or easier to lock the account.
I think it's pretty silly to imagine that the solution to spam will be through technology. It would be very hard to differentiate spam and legitimate mailing lists.
And of course a legal solution can work...to the extent that other laws work and are enforceable. Many forms of mail fraud are illegal, but that doesn't mean you won't get mail scams and such sent to you. However it severely reduces the amount that you receive and also determines a path for you or the goverment to prosecute offenders.
now, i understand they are talking about thieves, on the whole, but it seems easy enough to track massive hits from another server and then to block it. i mean, it's 2002. let's fix these problems.
Often, it's not a matter of restricting access. The description of the E-Bay situation where other people would generate bad logins as a competitor to lock them out is a good example. You need to provide this functionality, to keep from having your client's accounts broken into. Yet, that very policy can be used effectively as a denial of service against your clients.
I run into sysadmins who assume that issues are binary--something is bad, cut it off; something is good, allow it. Usually more complex applications require much more of an understanding of a balance between business functionality and security. In the case of E-Bay and user lockout, there is no exact solution--you need to satisfy two opposing interests--so you make a compromise between the two and try to forge a workable solution.
I think the biggest challenge for the security community will be how to modify their practices (and others') to be able to quantify risk in applications so that businesses can make good functional decisions. Security teams have largely focused on perimeter security and things like web parameter checking, but they don't usually stray into the gray area of functional requirements--or if they do, usually only to, as some have put it, cut the wings off flies.
So, to get back to the original point of the post--it's not so easy to solve as just blocking traffic. Nope, sorry, it's a lot more work than that.
Statistics warning? I was surprised by the lack of statistics used. For one, they tried to make claims of efficiency based off of having only two reference points for each modification (speed 1 vs. speed 2; 128MB vs. 256MB). Seems like you'd need more data points to get a useful curve.
Also, they didn't seem to consider possibilities like the fact that a default install of RH Linux may run updatedb daily, which if using a slow drive with a lot of files could easily describe the variation. Instead, their first guess is 'unstable packages.' Wazzup? Academics...they love bizarre conclusions in favor of putting in that extra effort to find the truth. They spent enough time setting up the survey...why didn't they finish the job? (Answer: they were working on a deadline...and didn't allocate time to research the variation)
The authors of the article drew a very idiotic conclusion, which is that because there was a difference in performance in NT between 128 and 256 MB, that this mean that NT used memory efficiently. The OPPOSITE is true. It means that memory utilization overall was poorer in 128 MB and it required 256 MB to operate better. Only with 256 MB could the process run more smoothly. An OS which uses memory efficiently will have a lower performance plateau.
As for the fact that it beat Linux, I would guess that the code is optimized for Windows, then ported to Linux.
Also, in my experience setiathome on Linux has blown Windows out of the water...when running without the GUI.
An interesting study, though I'm surprised by their lack of understanding of the memory issue.
Um, how stupid is this. Any organization who wants security is not going to let some unknowns come in and poke around. If they're friends, yeah, but otherwise you're either dealing with incompetents--not a good business move when you are looking for a trusting relationship.
As a sometime web developer and sysadmin type, I run into this very situation you describe a lot. I will preface the rest of my comments by saying that just using ASP/NT isn't a security threat; the security of a system is relative to the overall security measures of the developers and architects. I am personally interested in this discussion because I'm thinking of focusing more on become a computer security professional
First, if you are competing with a place you feel is providing insecure solutions, then you should treat the entire matter with kid gloves. That is, don't go out publicly and accuse them of bad practices--that can lead to court battles and the like. And certainly, if there are specific vulnerabilities you know of you are obligated to report them to the developers privately (and don't just say "'cuz you're using NT.")
Second, clearly the organizations which are hiring these less-secure firms are less security-focused themselves. What can you do about that? Tattle-taling and bad-mouthing the competition doesn't work. If you have any other professional work you do for the organization, maybe promote a seminar or security newsletter. However, if the organization is unresponsive to security issues, and many are, then your concerns will fall on deaf ears. The market for developers, in other words, does not yet have strong support or understanding of 'security.'
I've been in the same boat as the poster and at times and it can be really disappointing for someone more attuned to security matters to see someone else ignore such problems. On the other hand, your disappointment is not unlike that of the annoying Fire Marshall, who, at your house for a family visit, is abhorred by how many loose wall hangings and covered lamps you have! Yes, they are right, your house is a fire trap, but on the other hand, that's how you like it!
But we -are- techincal people, and the results of bad security are arguably more likely or more disastrous than a fire, and certainly the criteria for safety in computing is less regulated.
Sadly, like with anything else, I think people, and by that businesses, will eventually learn to pay heed to issues of security, once they hear real stories of damage. Such cases are already in existence, but because no business wants their names associated with such a faux pas as a security breach, these stories rarely make the news.
Finally, to your questions, from a marketing standpoint, it's hard at this point to claim a better grasp of 'security' than anyone else--and to what degree that qualifies you for the rest of the work you are bidding on. I am even now skeptical of what you, as a developer, bring to the table if your very first concern is security. I absolutely agree that it is a baseline requirement, and that gives you an advantage over others, but it is hardly a trump card. Let's say the 'less-secure' firm gets hired. Were they cheaper? Did they have more resources? Do they deliver more inventive solutions? So in reply: How can your solutions top their solutions? (And don't just whine: 'security!')
The fact is that organizations that hire developers are often leaving out an important aspect of planning, which is security, and perhaps if that is your interest, you should focus on it and figure out how to market that to organizations. Maybe you run network-security audits for people. Maybe you establish intrusion detection systems. Either way, I agree that the industry should become more aware of actual risk--but that's separate from OS-bashing, or competitor-bashing.
I am amazed by the amount of thought that must have gone into the strategy of the speech.
It is interesting that he completely omits the main point of his speech (the alleged threat of GPL & OSS) from the first half; he presents his speech as being largely about economic viability of the technology industry. Slowly but surely, he swivels the turrets until he reaches his target: GPL.
All this posturing seems strange to me; not that Microsoft has never postured themselves (that is, after all, the cornerstone of their success), but I am surprised that they should make such public cries against GPL/OSS (I know they're not the same, but I will refer to them alongside for a while). What is their objective? FUD alone? It seems like their best FUD is to continue to dismiss OSS as a cheap, flimsy imitation of a 'real,' commercial system. Most MSFT-philes I know still follow that doctrine and slurp it up happily. If it's simply more FUD, it's taken a sharp turn, which I will call Microsoft FUD 2.0.
Are they trying to actually wage some sort of legislative war, perhaps trying to prompt some sort of legislative orders that state-sponsored groups like universities and research labs should not use GPL? Allchin said as much, but this seems like a completely absurd objective--it will not fly. Organizations which have received the benefits of these tools for decades are not likely to shed them.
The best guess I can come up with, certainly described by others, is that as they embark upon a strange journey to change their licensing structure, they want to pull what ESR properly termed a 'shell-game,' and hope people focus their IP lawyers' attention on the implications of the GPL, while at the same time signing onto costly and convoluted licensing agreements for HailStorm/other services.
But I admit, from a strategic standpoint, I don't understand what this sudden anti-{GPL|OSS|etc} blitz is all about. It seems to me that by raising these arguments, they actually bolster the validity of these solutions.
Sorry for this incoherent ramble...what do you think?
It's when the company moves from a user of Open Source to a developer of Open Source that the problems arise.
I disagree. Yes, in general it can be a bad thing for a company to itself develop OS SW, if it doesn't have a strategy for making $$ off something besides the product. But in many cases, you gain a lot more from the adoption of a really good product than off-the-shelf profits. Many companies get profits from consulting fees, not from product sales. Developing good components can garner better work and experience. I won't get evangelistic on this subject, but I felt your sentence was overstated.
Yep, good point. There's a difference between use of code, however, and rights to code. Also, I'm not trying to resell open-source code--just have it available, and be an expert in it, so that adds value to the work I bring to a company. Company B can use GPLd products to their heart's content, just as almost every organization benefits from various open-source products. Using a GPLd works as a component in a larger system does not mean the entire system needs to be GPLd--just the specific component in question. To Company B, it's as good as your typical open-source tools.
Yes, perhaps GPL/public domain is something I need to clarify. Thanks for helping out.
My goal really is not to simply go reselling the code all over the place, it's more like I want the flexibility to continue to develop certain components, for the sake of continuing the idea of basing tools on some open standards. I leave the choice to the company, after laying out the options. They can determine if GPL is too crazy for them.
Thanks for the posts, particularly the critical ones!
For the critics, I will describe my plans a little more. I would NOT be open-sourcing the end product, I am talking about open-sourcing the smaller but more useful components, such as XML translators, etc.--the stuff that applies to far more than the specific project. Again, if that doesn't suit the company, cool with me! These may be things for which the company doesn't really have much of a use aside of this particular project, but which I would use greatly.
Thus, it's not like I'm using Company A to fund me for a product I will sell completlely to Company B. It's more like: I will discount for the following components, which then lie in the public domain--anyone may use them if they want. If you've been in consulting shops you know that the shops will typically either demand some sort of reuse clause for code they develop, or unethically reuse it anyway. Instead, I'm just offering the company the option of open-sourcing specific parts of their work.
With corporate clients, I imagine they will say, 'thanks, but we'll pay your full rate,' and less-profitable or more open-source friendly organizations may say, 'hey, it's not like our business plan requires full source control. OK.'
In either case, I will spell out very clearly what the decision means.
This is good because it ensures the long-term survival of Blogger.
Hm. A company taking on a charity case doesn't ensure long-term survival. They still have to overcome their current obstacles. Don't get me wrong--I think it's great that its life has been extended, but only because it keeps the market aware of this kind of service. Other services like MSN & co. will realize that they can make a better Blogger, and do so. Users win!
Can some with some hands-on experience with these things explain the difference between them and the super-high priced content management systems like Broadvision and Vignette?
Blogger's really a single-thread posting system, not even a threaded discussion or messaging system. The nice thing about it is just how simple it is. Though you can format your output page, it is completely incomparable to an environment like BroadVision and Vignette, which allows for all sorts of extended programming and content management.
Also, Blogger is hardly a product. My personal opinion is that they should have made the code free for installation, and yet continue their service for those that didn't want to/couldn't install the software. That would buy down their scalability problems a bit, give others a chance to hack at their dubious code, and also set up the possibility to sell it as a product into intranets. As a proprietary service, they'll forever be stuck with scalability and security concerns.
Productizing Blogger would also make it available to corporate intranets, which can't/shouldn't really use blogger because its security is so hazy.
I've been aware of Blogger from pretty much the time it became available to the public, and have fairly mixed feelings about it.
I think it's great that it's opened up the publishing aspect of the web to many people; that seems wonderful. But I've been concerned about the service and its future for some time, not without good reason.
The company, Pyra, has itself seen very hard times, and last I knew was down to one employee, its president (evhead). This is largely because they've been unable to figure out how to make this thing make money. And if it's not viable, it will cease to be useful.
Personally, I've found stablity and security to be a big problem with this service. It has had major problems with downtime because of the immense scalability it must endure--users * # of posts, with both increasing. Also, from looking at its errors it seems sort of programming-error prone--direct calls to SQL Server thru ODBC, no parameter checking, that sort of thing. And worst of all, it seems to store (though it is an option) people's usernames/passwords to their ISP accounts, making the site a major cracking target. If I were them I'd be very concerned about the liability of holding people's passwords in plaintext in a database.
And though I very much respect the cult that has built around it, without solid answers to the problems of income, operating stability and security, people are setting themselves up for disappointment.
Sorry to be a sour puss. I do wish Blogger success, but think they have set out a hard road for themselves.
Exile III was ported to Linux, and is one of the best Ultima-style games I've every played. The port is thanks to Boutell.com and works marvelously.
If only Spiderweb Software would recognize that they should have more of their games ported to Linux...They were originally Mac-centric and have since been doing Mac->Windows ports.
I think it's not just 'open standards' that allow for this access; it's a framework in which multiple standards, perhaps slightly conflicting standards, can coexist.
I think that regardless of your computer ontological religion, it is much more likely and feasible to have the sort of information exchange that TB-L describes, than to have an MS mega-farm that holds everything for everybody. These are the same reasons that client-server became popular after the days of coherent, controlled mainframe-terminal systems--distribution and localization of computing and other resources makes many tasks much easier.
In the article, the author notes that people may want greater stability (not OS stability, but rather an unchanging, simple interface) rather than greater features.
Frankly, my mom, who (until quite recently) used AppleWorks on her Apple ][e for all her writing, is an example of someone who (again, until recently) fit into this category. So, if stability is what the author wants, there are plenty of ways to make your computer not change--don't change your computer! Stick with what works!
As a geek, I enjoy the revolutionary aspect of a computer, which allows me the opportunity on one machine to do innumerable activities. This doesn't mean that I will stop using those other tools which are honed to a specific end, such as my 60-year-old Remington typewriter, or a power drill. On the other hand, I don't want to have a separate appliance for each thing for which I use my computer! The multi-purpose workstation is perhaps a way of curbing appliance sprawl.
Pizza Hut seems to like Russian connections...Gorbachev in ads, Russian rocket launches? Perhaps a longing for old Soviet 'Red' Russia days, to match their hut roof? I see a PH-sponsored Mars launch in the works... (silliness) I suppose if PH feels it's worth it, then it's OK...as long as they don't start polluting the night sky with glowing ads.
Slashdot Mirror
You already have a lot of experiences recorded here...here's mine.
/.ers might think everyone does this, but a better understanding of the hardware/software relationship (for example) would be a very real side effect.
When I was in High School ('87-'91) we had lunch-hour gaming. However the games were paid for entirely by individual dues (the school didn't pay for the games). The games were pretty tame at that time (Hardball!, Impossible Mission II, etc.), so the issue of violence in the schools was hardly relevant.
It was a good time, and a number of people became much more familiar with computers than they would have otherwise. And even though computer literacy is obviously much higher now, I'd imagine that still high schoolers get educational benefit from the experience. For example, understanding the difference that certain hardware makes. How come this machine with 128MB RAM and a 64MB video card performs better than one with 256MB RAM and a 32MB card (as a very weak example)? Maybe try to get them to tweak their settings to maximize framerate. We
Maybe some games allow for the creation of 'bots. (God knows, I don't know many games any more.) Set up bot tournaments! Very educational.
Jesus, I'd actually prefer this never happen, regardless of how bad you think MSes code is. Seriously, you want people to die just so you can show the emperor's new clothing? That is what you are saying.
I would prefer pointing to and laughing at the emperor.
Then you agree that blocking isn't that simple! ;-)
But I think you're missing the point. You don't want people hacking other people's accounts, so you need to lock down access after some n tries. However, that means that anyone can lock the account after n tries. Don't matter how many overly complex checks you put in--either you're making it easier to hack the account--or easier to lock the account.
I think it's pretty silly to imagine that the solution to spam will be through technology. It would be very hard to differentiate spam and legitimate mailing lists.
And of course a legal solution can work...to the extent that other laws work and are enforceable. Many forms of mail fraud are illegal, but that doesn't mean you won't get mail scams and such sent to you. However it severely reduces the amount that you receive and also determines a path for you or the goverment to prosecute offenders.
Often, it's not a matter of restricting access. The description of the E-Bay situation where other people would generate bad logins as a competitor to lock them out is a good example. You need to provide this functionality, to keep from having your client's accounts broken into. Yet, that very policy can be used effectively as a denial of service against your clients.
I run into sysadmins who assume that issues are binary--something is bad, cut it off; something is good, allow it. Usually more complex applications require much more of an understanding of a balance between business functionality and security. In the case of E-Bay and user lockout, there is no exact solution--you need to satisfy two opposing interests--so you make a compromise between the two and try to forge a workable solution.
I think the biggest challenge for the security community will be how to modify their practices (and others') to be able to quantify risk in applications so that businesses can make good functional decisions. Security teams have largely focused on perimeter security and things like web parameter checking, but they don't usually stray into the gray area of functional requirements--or if they do, usually only to, as some have put it, cut the wings off flies.
So, to get back to the original point of the post--it's not so easy to solve as just blocking traffic. Nope, sorry, it's a lot more work than that.
For God's Sake, please fix the typo. -20- bytes, not 2. Jeezis.
Also, they didn't seem to consider possibilities like the fact that a default install of RH Linux may run updatedb daily, which if using a slow drive with a lot of files could easily describe the variation. Instead, their first guess is 'unstable packages.' Wazzup? Academics...they love bizarre conclusions in favor of putting in that extra effort to find the truth. They spent enough time setting up the survey...why didn't they finish the job? (Answer: they were working on a deadline...and didn't allocate time to research the variation)
As for the fact that it beat Linux, I would guess that the code is optimized for Windows, then ported to Linux.
Also, in my experience setiathome on Linux has blown Windows out of the water...when running without the GUI.
An interesting study, though I'm surprised by their lack of understanding of the memory issue.
Um, how stupid is this. Any organization who wants security is not going to let some unknowns come in and poke around. If they're friends, yeah, but otherwise you're either dealing with incompetents--not a good business move when you are looking for a trusting relationship.
First, if you are competing with a place you feel is providing insecure solutions, then you should treat the entire matter with kid gloves. That is, don't go out publicly and accuse them of bad practices--that can lead to court battles and the like. And certainly, if there are specific vulnerabilities you know of you are obligated to report them to the developers privately (and don't just say "'cuz you're using NT.")
Second, clearly the organizations which are hiring these less-secure firms are less security-focused themselves. What can you do about that? Tattle-taling and bad-mouthing the competition doesn't work. If you have any other professional work you do for the organization, maybe promote a seminar or security newsletter. However, if the organization is unresponsive to security issues, and many are, then your concerns will fall on deaf ears. The market for developers, in other words, does not yet have strong support or understanding of 'security.'
I've been in the same boat as the poster and at times and it can be really disappointing for someone more attuned to security matters to see someone else ignore such problems. On the other hand, your disappointment is not unlike that of the annoying Fire Marshall, who, at your house for a family visit, is abhorred by how many loose wall hangings and covered lamps you have! Yes, they are right, your house is a fire trap, but on the other hand, that's how you like it!
But we -are- techincal people, and the results of bad security are arguably more likely or more disastrous than a fire, and certainly the criteria for safety in computing is less regulated.
Sadly, like with anything else, I think people, and by that businesses, will eventually learn to pay heed to issues of security, once they hear real stories of damage. Such cases are already in existence, but because no business wants their names associated with such a faux pas as a security breach, these stories rarely make the news.
Finally, to your questions, from a marketing standpoint, it's hard at this point to claim a better grasp of 'security' than anyone else--and to what degree that qualifies you for the rest of the work you are bidding on. I am even now skeptical of what you, as a developer, bring to the table if your very first concern is security. I absolutely agree that it is a baseline requirement, and that gives you an advantage over others, but it is hardly a trump card. Let's say the 'less-secure' firm gets hired. Were they cheaper? Did they have more resources? Do they deliver more inventive solutions? So in reply: How can your solutions top their solutions? (And don't just whine: 'security!')
The fact is that organizations that hire developers are often leaving out an important aspect of planning, which is security, and perhaps if that is your interest, you should focus on it and figure out how to market that to organizations. Maybe you run network-security audits for people. Maybe you establish intrusion detection systems. Either way, I agree that the industry should become more aware of actual risk--but that's separate from OS-bashing, or competitor-bashing.
It is interesting that he completely omits the main point of his speech (the alleged threat of GPL & OSS) from the first half; he presents his speech as being largely about economic viability of the technology industry. Slowly but surely, he swivels the turrets until he reaches his target: GPL.
All this posturing seems strange to me; not that Microsoft has never postured themselves (that is, after all, the cornerstone of their success), but I am surprised that they should make such public cries against GPL/OSS (I know they're not the same, but I will refer to them alongside for a while). What is their objective? FUD alone? It seems like their best FUD is to continue to dismiss OSS as a cheap, flimsy imitation of a 'real,' commercial system. Most MSFT-philes I know still follow that doctrine and slurp it up happily. If it's simply more FUD, it's taken a sharp turn, which I will call Microsoft FUD 2.0.
Are they trying to actually wage some sort of legislative war, perhaps trying to prompt some sort of legislative orders that state-sponsored groups like universities and research labs should not use GPL? Allchin said as much, but this seems like a completely absurd objective--it will not fly. Organizations which have received the benefits of these tools for decades are not likely to shed them.
The best guess I can come up with, certainly described by others, is that as they embark upon a strange journey to change their licensing structure, they want to pull what ESR properly termed a 'shell-game,' and hope people focus their IP lawyers' attention on the implications of the GPL, while at the same time signing onto costly and convoluted licensing agreements for HailStorm/other services.
But I admit, from a strategic standpoint, I don't understand what this sudden anti-{GPL|OSS|etc} blitz is all about. It seems to me that by raising these arguments, they actually bolster the validity of these solutions.
Sorry for this incoherent ramble...what do you think?
Play with your dog, have dinner with your fiancee. Don't get led by the $$$ carrot.
I disagree. Yes, in general it can be a bad thing for a company to itself develop OS SW, if it doesn't have a strategy for making $$ off something besides the product. But in many cases, you gain a lot more from the adoption of a really good product than off-the-shelf profits. Many companies get profits from consulting fees, not from product sales. Developing good components can garner better work and experience. I won't get evangelistic on this subject, but I felt your sentence was overstated.
Yep, good point. There's a difference between use of code, however, and rights to code. Also, I'm not trying to resell open-source code--just have it available, and be an expert in it, so that adds value to the work I bring to a company. Company B can use GPLd products to their heart's content, just as almost every organization benefits from various open-source products. Using a GPLd works as a component in a larger system does not mean the entire system needs to be GPLd--just the specific component in question. To Company B, it's as good as your typical open-source tools.
My goal really is not to simply go reselling the code all over the place, it's more like I want the flexibility to continue to develop certain components, for the sake of continuing the idea of basing tools on some open standards. I leave the choice to the company, after laying out the options. They can determine if GPL is too crazy for them.
Thanks for the posts, particularly the critical ones!
For the critics, I will describe my plans a little more. I would NOT be open-sourcing the end product, I am talking about open-sourcing the smaller but more useful components, such as XML translators, etc.--the stuff that applies to far more than the specific project. Again, if that doesn't suit the company, cool with me! These may be things for which the company doesn't really have much of a use aside of this particular project, but which I would use greatly.
Thus, it's not like I'm using Company A to fund me for a product I will sell completlely to Company B. It's more like: I will discount for the following components, which then lie in the public domain--anyone may use them if they want. If you've been in consulting shops you know that the shops will typically either demand some sort of reuse clause for code they develop, or unethically reuse it anyway. Instead, I'm just offering the company the option of open-sourcing specific parts of their work.
With corporate clients, I imagine they will say, 'thanks, but we'll pay your full rate,' and less-profitable or more open-source friendly organizations may say, 'hey, it's not like our business plan requires full source control. OK.'
In either case, I will spell out very clearly what the decision means.
Thanks!
This is good because it ensures the long-term survival of Blogger.
Hm. A company taking on a charity case doesn't ensure long-term survival. They still have to overcome their current obstacles. Don't get me wrong--I think it's great that its life has been extended, but only because it keeps the market aware of this kind of service. Other services like MSN & co. will realize that they can make a better Blogger, and do so. Users win!
Blogger's really a single-thread posting system, not even a threaded discussion or messaging system. The nice thing about it is just how simple it is. Though you can format your output page, it is completely incomparable to an environment like BroadVision and Vignette, which allows for all sorts of extended programming and content management.
Also, Blogger is hardly a product. My personal opinion is that they should have made the code free for installation, and yet continue their service for those that didn't want to/couldn't install the software. That would buy down their scalability problems a bit, give others a chance to hack at their dubious code, and also set up the possibility to sell it as a product into intranets. As a proprietary service, they'll forever be stuck with scalability and security concerns.
Productizing Blogger would also make it available to corporate intranets, which can't/shouldn't really use blogger because its security is so hazy.
I think it's great that it's opened up the publishing aspect of the web to many people; that seems wonderful. But I've been concerned about the service and its future for some time, not without good reason.
The company, Pyra, has itself seen very hard times, and last I knew was down to one employee, its president (evhead). This is largely because they've been unable to figure out how to make this thing make money. And if it's not viable, it will cease to be useful.
Personally, I've found stablity and security to be a big problem with this service. It has had major problems with downtime because of the immense scalability it must endure--users * # of posts, with both increasing. Also, from looking at its errors it seems sort of programming-error prone--direct calls to SQL Server thru ODBC, no parameter checking, that sort of thing. And worst of all, it seems to store (though it is an option) people's usernames/passwords to their ISP accounts, making the site a major cracking target. If I were them I'd be very concerned about the liability of holding people's passwords in plaintext in a database.
And though I very much respect the cult that has built around it, without solid answers to the problems of income, operating stability and security, people are setting themselves up for disappointment.
Sorry to be a sour puss. I do wish Blogger success, but think they have set out a hard road for themselves.
If only Spiderweb Software would recognize that they should have more of their games ported to Linux...They were originally Mac-centric and have since been doing Mac->Windows ports.
I think that regardless of your computer ontological religion, it is much more likely and feasible to have the sort of information exchange that TB-L describes, than to have an MS mega-farm that holds everything for everybody. These are the same reasons that client-server became popular after the days of coherent, controlled mainframe-terminal systems--distribution and localization of computing and other resources makes many tasks much easier.
Frankly, my mom, who (until quite recently) used AppleWorks on her Apple ][e for all her writing, is an example of someone who (again, until recently) fit into this category. So, if stability is what the author wants, there are plenty of ways to make your computer not change--don't change your computer! Stick with what works!
As a geek, I enjoy the revolutionary aspect of a computer, which allows me the opportunity on one machine to do innumerable activities. This doesn't mean that I will stop using those other tools which are honed to a specific end, such as my 60-year-old Remington typewriter, or a power drill. On the other hand, I don't want to have a separate appliance for each thing for which I use my computer! The multi-purpose workstation is perhaps a way of curbing appliance sprawl.
Pizza Hut seems to like Russian connections...Gorbachev in ads, Russian rocket launches? Perhaps a longing for old Soviet 'Red' Russia days, to match their hut roof? I see a PH-sponsored Mars launch in the works... (silliness) I suppose if PH feels it's worth it, then it's OK...as long as they don't start polluting the night sky with glowing ads.