Not to be a dick, but mysql.com is written in php and you cannot bind variables in php (based on a simple google search).
Are you sure you actually fired up a Google search? The second result of a search for "php mysql bind variables" leads you directly to this function. Not to mention ADOdb can fake it even if you don't use the mysqli driver, and I'd bet PDO and the other libraries can do the same. Seriously, even if you're a PHP developer (I'm one), you have NO EXCUSES for not using bind variables. The hassle is quite low, and the peace of mind is priceless...
1. Why was a key-gen server connected to the Internet? Shouldn't certificates be delivered out-of-band, such as on a CD delivered to the indicated registered address?
For the very same reason some resellers of this pitiful excuse for a CA deliver certificates to you before you've even scanned a single document proving you're authorized to ask for it (yes, seriously): Because it would be Bad For Business[tm]. People want to start their damn online shops Real Quick, and people who make these shops don't want to irk the customer by asking for lots of papers and delaying the setup. Like always, business efficiency and security do not mix well.
2. Why exactly do we still trust Comodo as a CA, when the like of cacert.org cannot meet the "requirements" to be added as a CA in Mozilla products?
According to CAcert, we (or rather, the browser vendors) trust anybody who passes an expensive audit by those guys. The CAs are just like registrars, they've a big incentive to sell as much certificates as they can, they can have resellers even more hungry for business, and everything goes naturally downhill from there. Here's an alternative idea: IRL, who does certify your identity (or that of your business) and has pockets deep enough to handle any liability lawsuit if they made a mistake? Right: Your government. Hence, they're in the best position to know if you can legitimately ask for a certificate in the name of ACME Corp. Let certificate issuing be a public service, then. Personal certificates are already being embedded in some ID cards (IIRC, Belgium provides something like this). Why not getting an account to generate SSL server certs tagged with your identity along with your passport (or the identity of your business along with your certificate of incorporation)? I know I would trust such certificates much more than those issued by a random corporation on the basis of (at best) crappy scans or facsimiles that could as well have been photoshopped in the first place.
As for certificates that are just domain validated and do not embed any identity in addition to the CN, browser vendors should (1) relax the audit procedures so there can be people providing those certificates for a negligible sum (or even for free, at least one real CA already does it) so people can easily encrypt their communications without revealing their identity, and (2) find a conspicuous way to inform the user about the real assurances provided by a certificate. Sorry, but it is now painfully obvious that the nice closed lock in the address bar means absolutely nothing, and I very much doubt most people are paying attention to those blue and green bars after years of having been told to "look at the lock and the HTTPS URL".
Can you imagine Hugo Chavez with his 5-10 hour speeches broken into 140 characters?
While I understand it's always fun to lambast Hugo Chávez, I'd like to point out he indeed has a Twitter account, and he even attracted more than one million followers. Not so shabby, eh?
*Sigh* No flames, but if I may say so, a bit of investigation wouldn't have hurt, either. Two command lines (dig -t ns ly. and whois `dig +noall +answer bit.ly | cut -f7`) would have told you two things:
The.ly ccTLD has got secondary nameservers outside Lybia, courtesy of RIPE, UUNet and the University of Oregon
bit.ly uses a Lybian domain but is hosted in the US (by NTT)
As far as the "Lybian firewall" is concerned, it appears to exist, in a very crude form (they drop their BGP sessions, which cuts them off from the rest of the Internet as a matter of fact), but it seems it's intermittently on and off (currently, I can reach LTT's network, at least). As to what is really going on, I haven't the faintest clue.
Like the AC above, I hold Italian citizenship (amongst others, so I may be a bit less biased, though), and I think I can say without a doubt that I wish Berlusconi would be sent away (the nearest galaxy would be a tolerable distance in my eyes). Still, I've to agree with him: Your analysis shows that you never went to Italy, and never had a serious look at it over the usual stereotypes. The “brute squad” was maybe used by Mussolini in the 30s, and there's has been an ugly period of leftist (and not-so-leftist: Gladio, anyone?) terrorism in the seventies, but to imply that Berlusconi can actually unleash thugs against opponents just bewilders me. Instead of inventing mob squads going around like in some weird African country, people would be better advised to have a look at some less violent but still disturbing events. For instance, the number of break-ins by mysterious “thieves” into judges and photographers' offices (some sources for Italian readers: 1, 2). Just sayin'...
The city of Nice, in France, did the sums recently and still dug up the roads and built a tramway with overhead cables.
There was no choice: Batteries are still not powerful enough, plus you can't expect the trams to spend dozens of minutes at the termini while the batteries charge (BTW, Nice's trams have got propulsion batteries, but they only serve on two limited stretches where the OHLE is absent for dubious æsthetic reasons). There was talk of using a sophisticated third rail system for line 2, but I think this was one more of Mr. Estrosi's regular wild proclamations without actual consequences.
This is a city that has run all its vehicles (buses, cars) on natural gas for decades
Actually, the CNG buses are only part of the fleet, and at least the non-articulated ones are disliked by the drivers (who have nicknamed them “gas stoves”) for being unreliable and lacking torque in the hilly landscape. Indeed, the most recently acquired buses have been diesel ones.
Sure there are many other vehicles that interrupt the flow of traffic - so the more the merrier? I don't see your point at all, one less is still better.
My point is that I don't see yours either: You didn't point to a trolleybus-specific property that makes them more prone to interrupt the flow of traffic (I can see why a frequently-stopping transport vehicle can impede traffic flow, of course, but a bus, tram or truck would have the same issues).
However, playing devil's advocate here, but batteries or a diesel generator drive up cost significantly whereas the OP was promoting trolleybuses because they are cheaper.
Depends. A few batteries to pass works areas or obstacles in the way do not add that much (Rome has such a system to avoid running the overhead wires in the historic city center). Anyway, the added flexibility and efficiency in my opinion more than make up for the added cost.
"The people" being everyone. Unreliable trolleybuses are bad for motorists, but I would say probably even worse for the people that attempt to use them. So no, my comments weren't some one-sided rant against people that use public transport in the slightest, barking up the wrong tree there.
I think we can agree that unreliable trolleybuses are bad, but precisely because they're unreliable. Well-maintained trolleybuses don't keep breaking down (disclaimer: My experiences with trolleys was primarily in Lyon and Milan. Other cities may have had more trouble; for instance, Nancy and their weird guided trolleybus had a huge lot of teething problems). As for my supposition, I've probably grown so accustomed to hear motorists moaning about every surface public transport that I just made a bad assumption.
I agree that this is totally subjective and you of course have a right to judge the aesthetics of power lines any way you please, but you're the first person I've met to like the chaotic scenery they create.
For the record, I also like streetcar tracks (and trains, and the looks of technical infrastructures in general. This is news for/nerds/, remember?;-)
For one, they are a nuisance on the road - they really do interrupt the flow of traffic and often get in the way.
How exactly is this specific to trolleybuses? I can think of lots of vehicles interrupting the flow of traffic: Delivery vans parked anarchically, for instance.
Another one is the fact that if one breaks down, it can either a) completely block the flow for other trolley buses or hopefully b) create a large obstacle which other trolley buses have to somehow pass very slowly because their "antlers" have a limited reach, which of course means 2 lanes of road that get clogged.
It looks like Moscow's mayor is a cheapskate who didn't pay a little more to buy trolleybuses equipped with onboard batteries/diesel generators like every modern system has done since the eighties. Well, tough. Anyway, without that oversight, this is a non-issue
With this year's winter, loads of them stalled as well because the lines frosted over, etc.
Again, having no backup system is dumb, plus not performing a defrosting run in the morning (with a trolleybus pole-equipped diesel truck, for instance) is even dumber. Don't blame trolleybuses, blame the dumb people running them.
I will grant you that I'm sure there are ways to minimize these effects that aren't implemented here in Moscow because... well because no one gives a shit what the people have to endure, basically.
I suppose you define “the people” as “the motorists”. I can see each day people served by frequent public transport taking their cars to commute, then complaining that the traffic is unbearable and they've to wake up early to find free parking space. Well, duh! They're just part of the problem.
Trolley buses vs buses in a nutshell:
1) Less reliable
2) Impede traffic
Allow me to point out that the first point is just wrong (electric vehicles are less prone to mechanical failure, not more) and the second, like I said above, is due to bad technical choices. Also, you forget to mention that trolleybuses are more durable (less vibrations than a diesel engine, hence less load on the chassis) and quieter, in addition to being cleaner.
The power lines aren't exactly pretty either =)
Beauty is in the eye of the beholder. I personally like the overhead line's arabesques. Also, a practical advantage is that they advertise the public transport offer to local residents.
OK, I suppose I should comment on this since I live in that city, and am only two blocks from the building where cops watch those video cameras. Actually, there are pros and cons to this idea (but mainly cons):
Pro: Nice is an old city, squeezed between hills, which doesn't exactly spell “car-friendly”. Large avenues are few, and traffic regularly suffers from congestion (even more so since the main avenue has been nearly closed to traffic when they built the light rail line). Obviously, idiots parked in the middle of the road, on bus stops, on pedestrian passages, etc., do nothing to help and should be fought
Pro: Due to perceived lax enforcement, local motorists have got a bad rep for driving like monkeys. Since I know for a fact that people can't change their habits unless you hit at their wallet, this initiative looks actually good (red light running cameras are also being installed, before you ask)
Cons: This is at best a money grabbing scheme. While (as told above) motorists park just about anywhere, the lack of car parks may have something to do with that. The underground geology prevents digging very far, and surface real estate is at a premium, but still, there aren't IMHO enough car parks compared to the cars driving around (especially outside the central business district). The existing car parks are not cheap, either, which means people who have a car but can't rent a garage can hardly use them. That doesn't excuse rogue parking habits, but I would like such an initiative to get a companion car-park-building effort
Cons: At worst, it shows that those cameras are going to be abused for whatever suits the local politicians' goals. The previous mayor “solved” the issue of homeless people by removing them forcefully to some shelter kilometres away (and letting them return on foot. I'm all for eradicating homelessness, mind you, just not that way). The next iteration of this kind of stunt will be even easier thanks to Estrosi's all-singing, all-dancing, repurposable cameras
Cons: Mayor Estrosi made a big deal of his cameras having allegedly permitted to arrest a few dozens violent people, but the cameras have been placed everywhere, not just in places known for frequent muggings. This basically means the people behind those screens can track your movements throughout the city. But that's OK, you say, because those people are police? Well yes, they're police, but the municipal police, paid by the city, and less competent than a nationwide law enforcement agency (for instance, they have no investigative powers).And reliability of cops in this case is paramount: Nice (like the whole southeastern area and Corsica) has been infamously known for corruption affairs regularly showing up at the municipality. The perspective of having a corrupt official persuading a cop to spy on an innocent citizen doesn't exactly please me. At a minimum, I would have liked the system to be manned by personnel unconnected with the city council
In short, this is a truly bad idea, but since no one cares (and since ethnic issues and the accompanying fear-mongering run high at the moment), politicians can happily bamboozle people into thinking they should accept any weird proposal in the name of security. Trying to explain the underlying issues to the average city dweller (which are basically seniors and right-wingers) will just get you a “think-of-the-children”-like answer (the best line I've found is pointing out how the cameras won't do shit to prevent an attacker from hitting them, and that their tax money would have been better spent on more policemen on the beat). I suspect it will be some time before people actually realise the dangers of this global surveillance system, and when they do, it may well be much too late. Just like all those people that go around yelling that the law “protects too much the criminals' rights”—until of course, a relative of them gets beaten at the hands of the police *sigh*
> I'm sorry... but he's right. Do you think that most of the people are adopting open source software because it's better?
As far as I can tell, none of the people quoted in the article asserted that people switch to FOSS because of better technical performance (although, in my humble and biased opinion, it *is* usually way better than proprietary software, especially wrt flexibility). What they said is, FOSS gives users freedoms absent from proprietary software, and cheapness is only a corollary, a by-product of those freedoms.
As an interesting aside, most people I encountered recently who have installed Linux did so because they were fed up with their previous OS letting malware install freely on their machine. They wanted to take back control, and that's one of the benefits of FOSS: since you've got the source, you can change or disable things you don't like (which I did myself in a few occasions, BTW). Price was less of a big consideration, in fact a number of them went to me with a Mandriva or SuSE boxed distro. We aren't all here for the free lunch.
> for people that build WITH free software, price matters more. In the corporate world, most people build WITH free software
Again, I disagree. In a corporate environment, you can justify a big purchase much more easily on the ground of better efficiency/ROI. Businesses don't use FOSS because it's cheaper, but rather because it's flexible and can be easily adapted to the task at hand (hiring contractors for this, if needed). Around here, some governmental entities have the same approach. Access to the source and freedom to tinker are at the earth of the problem, not just marginal issues.
> The majority of Java developers [are] not concerned [about Open Source]
Well, what can I say ? Java developers probably do not value their freedom. Maybe.Net developers do not, either, but that doesn't mean the rest of the world should stop caring for their freedom, too. Especially given that, with Java being a widely used language, Sun's licence affects us all (I need Java to file my tax return, for instance). Maybe GNU ClassPath will render all this moot one of these days, but for the moment, the issue stays open, whatever a bunch of developers at a Sun conference think.
> This is just another story people are using to bash Sun.
Sure, and we're out to get you, too:-) Let's be serious : it's normal, and healthy, that people criticize such an influential company, especially when some of its executives make controversial statements. Schwartz is no different than Jobs and Ballmer, as a public figure he should expect criticism.
> Boo em when they're trying to push linux on the desktop and then Boo em when they stop.
Did it occur to you that maybe the opinion was widely divided on their initiative, and that the booers were probably not the same at the beginning and the end ? Let's apply Occam's razor before suggesting there is some sort of anti-Sun conspiracy, will we ? [BTW, the JDS was never very publicized, IMHO. I just read about it on/., and nowhere else. Not what I'd call a push for the Linux desktop, Novell is certainly closer in that area]
You're both right, in fact. The TGV (or rather, a heavily modified version of the TGV-A) managed to run at 515.3 km/h on a high-speed test track in a huge publicity stunt for the then-Alsthom corporation. But in revenue service, for reasons like power consumption and track wear, the TGV runs at 270 km/h (for the older TGV-PSE trainsets) or 300 km/h (TGV-A, TGV-R, Thalys and Eurostar trainsets. I can't remember how fast the Spanish and Korean versions go, sorry).
Although railroad executives recently talked about upping the speed to 350 km/h to counter low-cost airlines, nothing tangible has been announced. In contrast, the Fastech train is expected to run at 360 km/h, thus making it the fastest train *in revenue service* in the world, unless someone else reacts, preferably before 2011:-)
> I don't know if you saw, hear or read ANYthing about Steve Jobs' announcement on this, but I don't think checking an extra box to support both platforms is going to cost money.
Two words : little endian. This alone will require (comparatively) much more work than checking a box. Not to mention programs that use optimized ASM routines to speed up processing, and we could go on and on. Jobs' box-checking gimmicks notwithstanding, I would be extremely surprised if a sizable development effort was not required, like it's the case currently for people going multiplatform on $insert_your_unix_clone_here...
> if you keep your sources.list pointed at "testing" all the time, you would get more or less this behavior, with the caveat that cruft would probably never be removed.
Like I said in another post above, Aptitude can help you in such a case, as it will automatically remove unused dependencies (assuming you checked the "Remove unused packages automatically" checkbox) when installing new packages. For the packages that are already installed, use the `M' (_capital_ M) key on those you don't explicitly want. If they aren't needed anymore, they'll be immediately marked for deletion (I suggest you further use the `_' key to make sure their config files are purged, too). Hope this helps.
> Its not the end of the world mind you but you can't kill a zombie since it is already dead.
Sure you can, just aim for the head. Haven't you seen the movies ?:-)
More seriously, I recently stumbled on this kernel module. I don't know what it's worth (still haven't tested it), and it looks old and unmaintained, but maybe that could help in your situation.
Okay, I *know* I'm feeding the troll, but whatever, I just can't refrain myself...
> How to kill Debian in five ("Three, sir!") easy steps:
How to troll about Debian in three easy steps:
>* Take freaking forever to freeze a release.
* Ignore the fact that Testing was usable (and used) all along. Hell, I've got a *dozen* of servers running Testing since a few years, and you know what, I've had very few problems with them (in contrast, the Mandrake servers kept being broken, especially on upgrades)
>* Take freaking forever to ship after freezing.
* Inflate everything for FUD purposes and call "barely a month", "freaking forever"
>* Ship a broken upgrade even after all the damn testing.
* In the same spirit, call "some problems if you didn't RTFM", "a broken upgrade"
> Seriously, WTF? I like Debian, but those folks need to get their heads out of their asses.
* Insult the FOSS developers that bring you the software you run for free
> They need to stop wasting time trying to officially support the two dozen or so architectures nobody gives a damn about
* Give stupid advice about how volunteers should spend the time they donate to a project ; also shit on people who happen not to have the same setup as you (if you keep doing this long enough, you eventually morph into an eWeek columnist and proceed to write moronic articles where you explain to "the Linux community" that they need to drop every desktop environment but KDE to compete with Microsoft and Apple)
> stop engaging in wars about whether non-free belongs in Debian
* Clearly show that you don't give a damn about those wacky "Open Source" and "Free Software" concepts, and that you just want more warez, quick !
> and concentrate on releasing something that's reasonably current and also supported by security updates.
* Demonstrate to the world you don't know how to read security.d.o and use the information to backport the fixes into your packages. As an added bonus, show that you're unaware of recent projects
> Oh, and it would be nice if doing an 'apt-get dist-upgrade' didn't break things.
* Finally, make sure everyone understands you didn't look at the release notes for your distro before upgrading, since, as we all know, manuals are for losers
If you closely follow all the steps graciously demonstrated by the parent poster, your Debian trolls will have the most impact. For added points, you could also make some reference to "Debian stale" and/or launch the installer in expert mode, then claim it's difficult to install Debian. There is no limit to the FUD, really.
> Well, the last time I used aptitude I looked at the screen. It was UGLY!!!
For those who are wondering what this software really looks like, here's a screenshot. Note the description area at the bottom can be hidden, leaving all the screen real estate for the package tree (incidentally, that tree display is an excellent idea, as it makes browsing through the packages much more comfortable than a flat view).
> Compared to Aptitude, dselect is a work of art and beauty.
Well, how to put this... you see, I do *not* choose my system administration software on aesthetic qualities, but rather on their efficiency and adequation to the task at hand. Aptitude allows me to easily (1) locate packages (with `/' like in Vi), (2) add or remove them (with `+', `-' or `_' to purge), and (3) review what will be done (including what dependencies will be (de)installed). Plus, it has nifty features like marking dependency packages as being automatically installed, so they'll be removed if all the packages that depend on those are removed. No more cruft on my systems !
> If aptitude has some good features, they REALLY need to graft another front end onto it. REALLY, seriously.
Well, I for one find Aptitude intuitive and efficient enough (more than enough, even). But if you really feel there must be another interface, by all means, fork it. After all, Open Source is *also* about your right to disagree with the upstream authors.
> And, also, once when I was having trouble with an upgrade, I decided to check out aptitude to see just how well it handled dependencies. I ended up hosing my system.
Well, that sounds unlikely. You see, if Aptitude detects your choices of packages breaks other packages' dependencies, it will (depending on the configuration) either (1) revert your choices before proceeding or (2) show you the broken packages (in red) and flatly refuse to proceed with the installation. So, you can't hose your system unless you fool Aptitude with some hackery (using equivs, editing/var/lib/dpkg/available, etc.). Note I'm *not* saying that's what you did. I'd be more inclined to suspect the breakage you encountered was caused by faulty packages, hence it would have been just the same with synaptic or the good old apt-get.
In summary, I'm sorry you had a bad experience with Aptitude. In my case, this software has been a very valuable tool, especially on headless servers where synaptic is not an option. And it's clearly way, *WAY* more intuitive than the dreaded dselect, at least for me. I hope you will have less problems with it next time. Meanwhile, you would maybe like to get out the reportbug(1) program and file a bug at the wishlist level about the colors. If you can suggest more legible colors (keeping in mind that terminals have a limited set of colors available), it could probably help.
> It'd suck if copyright was forfeited one day after publication if it so happens that you get struck by lightning that night.
This is easily solved by declaring that copyright runs for a fixed numbers of years (say, 20) after the first publication. If you die while coming back from the copyright office, your heirs will still have that time to profit off your work. The current state of copyright just serves to uselessly impoverish public domain (and BTW, chances of reverting this unfortunate situation are very slim, since the Berne convention requires a minimal copyright duration of life of the author + 50 years, which is IMHO just insane).
> Back then the publishers were opposed to copyrights. Now they twisted it and corrupted the system so that they once again get to screw people over.
"twisted" is an understatement. In Beaumarchais' own country, copyright now runs for the author's entire life, plus seventy years. I'm still trying to grasp why the hell some guy that's been dead for decades would need a financial incentive to produce new works...
... Another court has upheld the right for Slashdot editors to post dupes every two or three days, and not to be bothered with the "search" feature of their own Website</sarcasm>
> Where can I get the Tux Guevara T-shirt? It ought to look good with my Red Hat cap.
Try this link. And remember not to get out your AK-47 next time you get into a flamefest with the local *BSD advocate;-)
Re:Its only the bad things we head about?
on
Safari vs. KHTML
·
· Score: 1
> You're talking out both sides of your mouth now. Forks are absolutely needed in OSS. Never forget this.
Did I say otherwise ? I don't remember doing that.
> [a hostile fork is] not what Apple has done. Rather, Apple has done what I would call a 'closed' fork.
A rose by any other name is still a rose. I stand by my opinion : a fork that doesn't give a chance to the original developers to keep in sync is hostile, by definition.
> they forked the code and went their own way with it. As a result, their changes become more meaningless every day as the two projects go off in different directions. This is what the grandparent poster was referring to when comparing Safari/KHTML to XFree86/X.org
The *BIG* difference being that the XFree86 developers can look at the X.Org CVS and integrate X.Org enhancements without the need to reverse-engineer a huge, unwieldy patch. If a commit in the CVS says "fixes bugzilla #x", they can go to the Bugzilla and see what that bug was about. In fact, the Debian X Strike Force managed to pull bits of X.Org in their modified XFree86 for a while. They'd most probably not been able to do so if X.Org had just periodically released big chunks of patches without change history. Apple's fork is *way* more hostile than X.Org's !
> Obviously Apple's code isn't going to mean a lot to you.
Why would that be ? A patch for a rendering bug in the kHTML code would definitely be relevant for the kHTML developers. Of course, there are parts that are meaningless for them (the KWQ code, for instance) but that's not what they are after.
> the KHTML devs don't give two flying shits about the Apple changes
Are you sure ? Zack Rusin, at least, seems to give a little more than "two flying shits" in his last post...
> can you really expect Apple to attempt to keep their code as synched as possible?
I was under the impression that, rather than getting Apple to keep in sync, the goal was more to allow the kHTML devs to be able to keep in sync with Apple.
> the problem is that people [...] are going around blowing the "Yay, Apple loves Open Source!" horn, which is both true and false.
Well, sure it is. A corporation the size of Apple will obviously have different approaches according to the department in charge. The problem here is that the Safari dept. is not that cooperative.
> Apple wants to use OSS code, but they want to have the freedom to go their own way with the product. That's why it's called a FORK.
Absolutely. They're entitled to act like jerks. But if they choose to do so, people are surely entitled to say that they act like jerks, too.
> If you don't like it, [...] use the GPL, that's why it exists.
The GPL wouldn't have helped a bit, there. There is nothing in the GPL forcing you to give public CVS access or clean patches, just the modified source, exactly like the LGPL. This is not a license violation problem ; it's a lack-of-niceness (or even a lack-of-decency) problem.
> What really pisses me off about your post, however, is your lovely little piece of "o look at me i'm going to go against the grain on slashdot, i'm so much BETTER than you fanboys."
That's fine. What pissed *me* off was the whole lot of posts rudely dismissing the KDE guys' concerns, and basically likening them to a bunch of whiners, an attitude that seems to be pervasive everytime there is a story about a conflict involving Apple Corp. or Google, Inc. (the best bit of nonsense being the guys that always suggest Google purges people that oppose them from their engine. It never fails to make me laugh). If my bit of sarcasm offended you, then please accept my apologies, next time I'll put up a disclaimer.
Re:Its only the bad things we head about?
on
Safari vs. KHTML
·
· Score: 1, Flamebait
> Apple quite simply forked Safari.
No, they forked kHTML. Safari is an Apple-made product, without any OSS code whatsoever.
> This happens all the time in the OSS world.
And, most of the time, hostile forks are frowned upon.
> Hello, does anyone really expect that X.org patches will remain 100% compatible with the XFree86 code structure ad aeternam ?
Make their patches in useful, small self-contained patches with clear descriptions ("frobs the master foobox" instead of "fixes bug #14567894 in our internal, private bug tracker")
Apple does nothing of this, they just release multimegabyte hunks of code that are just *useless* (you would probably spend more time trying to separate the big blob into small patches than to rewrite these independently). Your example thus falls completely flat.
> Could someone please tell me what exactly the problem is in the Apple-Safari case ?
Right where I told you. But don't let this detract you from praising Apple at every opportunity. I know that (on/. at least), praising Apple and Google whatever they do is Really Hip...
> Do you know how many/.ers would kill for a 20 Mb access
Like all those poor schmucks just out of the ADSL-covered zone who seem to be eternally condemned to dial-up ? 'Cause that's another thing I forgot to bitch about : the regulation authority doesn't seem very interested in getting all these nice operators to venture out of big (and lucrative) cities. The end result : if you live out of town, you can either (a) resign yourself to using 56k, (b) pray for a DSLAM to materialize near you (you'd better pray to multiple gods if you want to have even a slight chance), or (c) pay through your nose for bidi satellite access at near-broadband speed and near-unbearable roundtrip times. Talk about digital divide...
> Does that count as one of the 5 times you've had to use your ID?
I'm not the grandparent poster (and I'm not Belgian, either). I get asked for some ID more times than he apparently does (especially since cops seem to "love" me for whatever reason--must be my terrorist look, you see). Anyway, I'm more surprised that I'm *not* asked for it more often. Regularly, I find bank tellers just accept that someone can show up ID-less and withdraw money. One of them, when challenged to explain how she would tell I was not a fraudster emptying someone else's account, told me "but you gave me a name and account number that matched". Sheesh ! With such *stringent* security measures, I'm totally confident my money is secure in their hands. Not!
> Something that can print on a plastic card? These devices are available commercially.
The format is not that common, but I'll gladly admit that with enough investment, you can fake everything, even those Australian anti-counterfeiting plastic banknotes. The operative word here is "with enough investment". If you've to go buy an offset printing press to fake a document, it raises the bar. If you've to use special paper/plastic, use special ink, copy some hologram, most people will just give up. The remaining ones are easier to track down (hint : they're probably printers by trade;-)
> You just handed your name, address, signature, and ID card number to the nice lady at the supermarket, above (assuming that your cheques have your address printed on them).
They do have it. And sure, she could be a fraudster. But then, the cop asking for ID could be one, too. I fail to see what the lack of an ID card would change here, except that they would copy the data off a driver's licence or other document...
> It's through concern over forgery that we get to the best argument in favour of RFID chips. Harder to forge one of those.
Do RFID chips have embedded cryptography ? If yes, what's done to make sure only authorized recipients can decrypt it ? Assuming these two questions are answered in a satisfactory manner it could be all right, except for a little fact : today, if a cop (or someone else) wants my ID, he has to ask for it. RFID would make "ID wardriving" a bit more of a reality. If your project includes mandatory embedded RFID chips, I agree you've some serious reason to worry (I said just that in my previous post, anyway).
> The "government is evil" people usually take a pretty dim view of the general electorate as well.
Well, you may be right on that one. As I'm not "on the field", I may have been fooled into mistaking a vocal minority with a majority. I shouldn't have made such a generalization too fast, I guess...
> But no supporter of these cards will be giving much time to rational arguments. These cards, with RFIDs chirping merrily, will Stop Terrorism.
It depends. I support decent authentication methods, and I believe I'm fairly open to rational argument. But if you're talking about the *ahem* unwashed masses, then yes, I agree most people will just swallow whatever the people who are "supposed to know" will tell them. And I equally agree that thinking of ID cards as antiterrorism devices is moronic, BTW.
> Most of these problems would likely not of occured if they hadn't privatised BT.
I agree _in part_ with you. I've witnessed first hand the result of the deregulation of another telco market (the French one, with France Télécom as the Ugly Monopolist From Hell), and here's what happened:
You can now transfer your local loop to another provider, either just for ADSL (in which case the signal is split at the exchange between voice--to FT--and DSL--to the competitor's DSLAM) or completely (in which case the entire pair is routed to the competitor's equipment--still not widely practiced). I understand that FT charges the competitors a nominal fee for caring over the physical loop)
If you've a problem with your DSL (or, in the latter case, your entire line), you need to call your provider (FT won't process your call). This implies calling an overpriced hotline which often won't be open 24/7 (in some cases, it's a far cry from that). In turn, your provider's technical services will call a FT service called the GAMOT. This is a service which *only* deals with operators, not customers. The GAMOT will then dispatch FT techs to the exchange and report the tech's findings to your provider, who will (or not !) tell you what they found. If they weren't able to diagnose the problem, you'll be in for a wild ride, trying to get your operator to call back the GAMOT with more technical details, and hoping nothing will get lost in the process. The situation can even get worse if your provider uses the services of a third-party operator for hauling the traffic to their routers, since you know have *three* levels of indirection. And throughout this, you've no way at all to communicate with the guys who will really act on the field, or even their dispatchers, nor any way to know firsthand what they found
To add insult to injury, some resellers practice slamming : they will happily sign you up for their provider (even if you said "no thanks"), thus grabbing some affiliate proceeds. Of course, since you aren't that interested in changing providers, you will need to get the slammed provider to retake the line, and make sure the slamming one understands they've acted on a false request and doesn't charge anything. In the end, you're sure to win (provided you weren't dumb enough to sign anything), but it's a time-consuming process
Finally, there is wide confusion about what services exactly you're eligible to, especially since different providers have different standards, you'll maybe find that your line would support 2 Mbps with $provider_one but your $chosen_provider refuses to give you more than 1 Mbps. At times, the databases are also confused, your provider telling you initially you're eligible, then changing tune when they check with their operator's realtime database. Tiring. There even exists websites dedicated to checking the databases to find out exactly what you can get with whom.
On the other hand, before deregulation you would only get 1024 kbps at cut-throat prices. Now, most providers go up to 8 Mbps, and a few will even provide 20 Mbps ADSL2 with free national long-distance phone calls and TV service. So, I will stop short of saying "there shouldn't have been any deregulation", it was clearly good since it spawned a lot of interesting offers. But the way it has been done is quite stupid, especially the fact that you no longer get a free hotline in touch with the actual people doing the work. The market was stagnant, right. But the way it is now is more like "anarchy in the.FR"... I can see why they did it this way (avoid confusing the users with multiple points of contact) but the end result is that many problems take longer (in some cases *much* longer) to be solved. The most knowledgeable people still have a separate DSL traffic hauling contract with FT and an Internet service contract with a third-party provider that still does it (there aren't many that do anymore) for reliability (yo
Slashdot Mirror
Not to be a dick, but mysql.com is written in php and you cannot bind variables in php (based on a simple google search).
Are you sure you actually fired up a Google search? The second result of a search for "php mysql bind variables" leads you directly to this function. Not to mention ADOdb can fake it even if you don't use the mysqli driver, and I'd bet PDO and the other libraries can do the same. Seriously, even if you're a PHP developer (I'm one), you have NO EXCUSES for not using bind variables. The hassle is quite low, and the peace of mind is priceless...
1. Why was a key-gen server connected to the Internet? Shouldn't certificates be delivered out-of-band, such as on a CD delivered to the indicated registered address?
For the very same reason some resellers of this pitiful excuse for a CA deliver certificates to you before you've even scanned a single document proving you're authorized to ask for it (yes, seriously): Because it would be Bad For Business[tm]. People want to start their damn online shops Real Quick, and people who make these shops don't want to irk the customer by asking for lots of papers and delaying the setup. Like always, business efficiency and security do not mix well.
2. Why exactly do we still trust Comodo as a CA, when the like of cacert.org cannot meet the "requirements" to be added as a CA in Mozilla products?
According to CAcert, we (or rather, the browser vendors) trust anybody who passes an expensive audit by those guys. The CAs are just like registrars, they've a big incentive to sell as much certificates as they can, they can have resellers even more hungry for business, and everything goes naturally downhill from there. Here's an alternative idea: IRL, who does certify your identity (or that of your business) and has pockets deep enough to handle any liability lawsuit if they made a mistake? Right: Your government. Hence, they're in the best position to know if you can legitimately ask for a certificate in the name of ACME Corp. Let certificate issuing be a public service, then. Personal certificates are already being embedded in some ID cards (IIRC, Belgium provides something like this). Why not getting an account to generate SSL server certs tagged with your identity along with your passport (or the identity of your business along with your certificate of incorporation)? I know I would trust such certificates much more than those issued by a random corporation on the basis of (at best) crappy scans or facsimiles that could as well have been photoshopped in the first place.
As for certificates that are just domain validated and do not embed any identity in addition to the CN, browser vendors should (1) relax the audit procedures so there can be people providing those certificates for a negligible sum (or even for free, at least one real CA already does it) so people can easily encrypt their communications without revealing their identity, and (2) find a conspicuous way to inform the user about the real assurances provided by a certificate. Sorry, but it is now painfully obvious that the nice closed lock in the address bar means absolutely nothing, and I very much doubt most people are paying attention to those blue and green bars after years of having been told to "look at the lock and the HTTPS URL".
My .2 €
Can you imagine Hugo Chavez with his 5-10 hour speeches broken into 140 characters?
While I understand it's always fun to lambast Hugo Chávez, I'd like to point out he indeed has a Twitter account, and he even attracted more than one million followers. Not so shabby, eh?
*Sigh* No flames, but if I may say so, a bit of investigation wouldn't have hurt, either. Two command lines (dig -t ns ly. and whois `dig +noall +answer bit.ly | cut -f7`) would have told you two things:
As far as the "Lybian firewall" is concerned, it appears to exist, in a very crude form (they drop their BGP sessions, which cuts them off from the rest of the Internet as a matter of fact), but it seems it's intermittently on and off (currently, I can reach LTT's network, at least). As to what is really going on, I haven't the faintest clue.
Like the AC above, I hold Italian citizenship (amongst others, so I may be a bit less biased, though), and I think I can say without a doubt that I wish Berlusconi would be sent away (the nearest galaxy would be a tolerable distance in my eyes). Still, I've to agree with him: Your analysis shows that you never went to Italy, and never had a serious look at it over the usual stereotypes. The “brute squad” was maybe used by Mussolini in the 30s, and there's has been an ugly period of leftist (and not-so-leftist: Gladio, anyone?) terrorism in the seventies, but to imply that Berlusconi can actually unleash thugs against opponents just bewilders me. Instead of inventing mob squads going around like in some weird African country, people would be better advised to have a look at some less violent but still disturbing events. For instance, the number of break-ins by mysterious “thieves” into judges and photographers' offices (some sources for Italian readers: 1, 2). Just sayin'...
The city of Nice, in France, did the sums recently and still dug up the roads and built a tramway with overhead cables.
There was no choice: Batteries are still not powerful enough, plus you can't expect the trams to spend dozens of minutes at the termini while the batteries charge (BTW, Nice's trams have got propulsion batteries, but they only serve on two limited stretches where the OHLE is absent for dubious æsthetic reasons). There was talk of using a sophisticated third rail system for line 2, but I think this was one more of Mr. Estrosi's regular wild proclamations without actual consequences.
This is a city that has run all its vehicles (buses, cars) on natural gas for decades
Actually, the CNG buses are only part of the fleet, and at least the non-articulated ones are disliked by the drivers (who have nicknamed them “gas stoves”) for being unreliable and lacking torque in the hilly landscape. Indeed, the most recently acquired buses have been diesel ones.
Sure there are many other vehicles that interrupt the flow of traffic - so the more the merrier? I don't see your point at all, one less is still better.
My point is that I don't see yours either: You didn't point to a trolleybus-specific property that makes them more prone to interrupt the flow of traffic (I can see why a frequently-stopping transport vehicle can impede traffic flow, of course, but a bus, tram or truck would have the same issues).
However, playing devil's advocate here, but batteries or a diesel generator drive up cost significantly whereas the OP was promoting trolleybuses because they are cheaper.
Depends. A few batteries to pass works areas or obstacles in the way do not add that much (Rome has such a system to avoid running the overhead wires in the historic city center). Anyway, the added flexibility and efficiency in my opinion more than make up for the added cost.
"The people" being everyone. Unreliable trolleybuses are bad for motorists, but I would say probably even worse for the people that attempt to use them. So no, my comments weren't some one-sided rant against people that use public transport in the slightest, barking up the wrong tree there.
I think we can agree that unreliable trolleybuses are bad, but precisely because they're unreliable. Well-maintained trolleybuses don't keep breaking down (disclaimer: My experiences with trolleys was primarily in Lyon and Milan. Other cities may have had more trouble; for instance, Nancy and their weird guided trolleybus had a huge lot of teething problems). As for my supposition, I've probably grown so accustomed to hear motorists moaning about every surface public transport that I just made a bad assumption.
I agree that this is totally subjective and you of course have a right to judge the aesthetics of power lines any way you please, but you're the first person I've met to like the chaotic scenery they create.
For the record, I also like streetcar tracks (and trains, and the looks of technical infrastructures in general. This is news for /nerds/, remember? ;-)
For one, they are a nuisance on the road - they really do interrupt the flow of traffic and often get in the way.
How exactly is this specific to trolleybuses? I can think of lots of vehicles interrupting the flow of traffic: Delivery vans parked anarchically, for instance.
Another one is the fact that if one breaks down, it can either a) completely block the flow for other trolley buses or hopefully b) create a large obstacle which other trolley buses have to somehow pass very slowly because their "antlers" have a limited reach, which of course means 2 lanes of road that get clogged.
It looks like Moscow's mayor is a cheapskate who didn't pay a little more to buy trolleybuses equipped with onboard batteries/diesel generators like every modern system has done since the eighties. Well, tough. Anyway, without that oversight, this is a non-issue
With this year's winter, loads of them stalled as well because the lines frosted over, etc.
Again, having no backup system is dumb, plus not performing a defrosting run in the morning (with a trolleybus pole-equipped diesel truck, for instance) is even dumber. Don't blame trolleybuses, blame the dumb people running them.
I will grant you that I'm sure there are ways to minimize these effects that aren't implemented here in Moscow because... well because no one gives a shit what the people have to endure, basically.
I suppose you define “the people” as “the motorists”. I can see each day people served by frequent public transport taking their cars to commute, then complaining that the traffic is unbearable and they've to wake up early to find free parking space. Well, duh! They're just part of the problem.
Trolley buses vs buses in a nutshell: 1) Less reliable 2) Impede traffic
Allow me to point out that the first point is just wrong (electric vehicles are less prone to mechanical failure, not more) and the second, like I said above, is due to bad technical choices. Also, you forget to mention that trolleybuses are more durable (less vibrations than a diesel engine, hence less load on the chassis) and quieter, in addition to being cleaner.
The power lines aren't exactly pretty either =)
Beauty is in the eye of the beholder. I personally like the overhead line's arabesques. Also, a practical advantage is that they advertise the public transport offer to local residents.
OK, I suppose I should comment on this since I live in that city, and am only two blocks from the building where cops watch those video cameras. Actually, there are pros and cons to this idea (but mainly cons):
In short, this is a truly bad idea, but since no one cares (and since ethnic issues and the accompanying fear-mongering run high at the moment), politicians can happily bamboozle people into thinking they should accept any weird proposal in the name of security. Trying to explain the underlying issues to the average city dweller (which are basically seniors and right-wingers) will just get you a “think-of-the-children”-like answer (the best line I've found is pointing out how the cameras won't do shit to prevent an attacker from hitting them, and that their tax money would have been better spent on more policemen on the beat). I suspect it will be some time before people actually realise the dangers of this global surveillance system, and when they do, it may well be much too late. Just like all those people that go around yelling that the law “protects too much the criminals' rights”—until of course, a relative of them gets beaten at the hands of the police *sigh*
> I'm sorry... but he's right. Do you think that most of the people are adopting open source software because it's better?
As far as I can tell, none of the people quoted in the article asserted that people switch to FOSS because of better technical performance (although, in my humble and biased opinion, it *is* usually way better than proprietary software, especially wrt flexibility). What they said is, FOSS gives users freedoms absent from proprietary software, and cheapness is only a corollary, a by-product of those freedoms.
As an interesting aside, most people I encountered recently who have installed Linux did so because they were fed up with their previous OS letting malware install freely on their machine. They wanted to take back control, and that's one of the benefits of FOSS: since you've got the source, you can change or disable things you don't like (which I did myself in a few occasions, BTW). Price was less of a big consideration, in fact a number of them went to me with a Mandriva or SuSE boxed distro. We aren't all here for the free lunch.
> for people that build WITH free software, price matters more. In the corporate world, most people build WITH free software
Again, I disagree. In a corporate environment, you can justify a big purchase much more easily on the ground of better efficiency/ROI. Businesses don't use FOSS because it's cheaper, but rather because it's flexible and can be easily adapted to the task at hand (hiring contractors for this, if needed). Around here, some governmental entities have the same approach. Access to the source and freedom to tinker are at the earth of the problem, not just marginal issues.
> The majority of Java developers [are] not concerned [about Open Source]
Well, what can I say ? Java developers probably do not value their freedom. Maybe .Net developers do not, either, but that doesn't mean the rest of the world should stop caring for their freedom, too. Especially given that, with Java being a widely used language, Sun's licence affects us all (I need Java to file my tax return, for instance). Maybe GNU ClassPath will render all this moot one of these days, but for the moment, the issue stays open, whatever a bunch of developers at a Sun conference think.
> This is just another story people are using to bash Sun.
Sure, and we're out to get you, too :-) Let's be serious : it's normal, and healthy, that people criticize such an influential company, especially when some of its executives make controversial statements. Schwartz is no different than Jobs and Ballmer, as a public figure he should expect criticism.
> Boo em when they're trying to push linux on the desktop and then Boo em when they stop.
Did it occur to you that maybe the opinion was widely divided on their initiative, and that the booers were probably not the same at the beginning and the end ? Let's apply Occam's razor before suggesting there is some sort of anti-Sun conspiracy, will we ? [BTW, the JDS was never very publicized, IMHO. I just read about it on /., and nowhere else. Not what I'd call a push for the Linux desktop, Novell is certainly closer in that area]
You're both right, in fact. The TGV (or rather, a heavily modified version of the TGV-A) managed to run at 515.3 km/h on a high-speed test track in a huge publicity stunt for the then-Alsthom corporation. But in revenue service, for reasons like power consumption and track wear, the TGV runs at 270 km/h (for the older TGV-PSE trainsets) or 300 km/h (TGV-A, TGV-R, Thalys and Eurostar trainsets. I can't remember how fast the Spanish and Korean versions go, sorry).
Although railroad executives recently talked about upping the speed to 350 km/h to counter low-cost airlines, nothing tangible has been announced. In contrast, the Fastech train is expected to run at 360 km/h, thus making it the fastest train *in revenue service* in the world, unless someone else reacts, preferably before 2011 :-)
> I don't know if you saw, hear or read ANYthing about Steve Jobs' announcement on this, but I don't think checking an extra box to support both platforms is going to cost money.
Two words : little endian. This alone will require (comparatively) much more work than checking a box. Not to mention programs that use optimized ASM routines to speed up processing, and we could go on and on. Jobs' box-checking gimmicks notwithstanding, I would be extremely surprised if a sizable development effort was not required, like it's the case currently for people going multiplatform on $insert_your_unix_clone_here...
> if you keep your sources.list pointed at "testing" all the time, you would get more or less this behavior, with the caveat that cruft would probably never be removed.
Like I said in another post above, Aptitude can help you in such a case, as it will automatically remove unused dependencies (assuming you checked the "Remove unused packages automatically" checkbox) when installing new packages. For the packages that are already installed, use the `M' (_capital_ M) key on those you don't explicitly want. If they aren't needed anymore, they'll be immediately marked for deletion (I suggest you further use the `_' key to make sure their config files are purged, too). Hope this helps.
> Its not the end of the world mind you but you can't kill a zombie since it is already dead.
Sure you can, just aim for the head. Haven't you seen the movies ? :-)
More seriously, I recently stumbled on this kernel module. I don't know what it's worth (still haven't tested it), and it looks old and unmaintained, but maybe that could help in your situation.
Okay, I *know* I'm feeding the troll, but whatever, I just can't refrain myself...
> How to kill Debian in five ("Three, sir!") easy steps:
How to troll about Debian in three easy steps :
>* Take freaking forever to freeze a release.
* Ignore the fact that Testing was usable (and used) all along. Hell, I've got a *dozen* of servers running Testing since a few years, and you know what, I've had very few problems with them (in contrast, the Mandrake servers kept being broken, especially on upgrades)
>* Take freaking forever to ship after freezing.
* Inflate everything for FUD purposes and call "barely a month", "freaking forever"
>* Ship a broken upgrade even after all the damn testing.
* In the same spirit, call "some problems if you didn't RTFM", "a broken upgrade"
> Seriously, WTF? I like Debian, but those folks need to get their heads out of their asses.
* Insult the FOSS developers that bring you the software you run for free
> They need to stop wasting time trying to officially support the two dozen or so architectures nobody gives a damn about
* Give stupid advice about how volunteers should spend the time they donate to a project ; also shit on people who happen not to have the same setup as you (if you keep doing this long enough, you eventually morph into an eWeek columnist and proceed to write moronic articles where you explain to "the Linux community" that they need to drop every desktop environment but KDE to compete with Microsoft and Apple)
> stop engaging in wars about whether non-free belongs in Debian
* Clearly show that you don't give a damn about those wacky "Open Source" and "Free Software" concepts, and that you just want more warez, quick !
> and concentrate on releasing something that's reasonably current and also supported by security updates.
* Demonstrate to the world you don't know how to read security.d.o and use the information to backport the fixes into your packages. As an added bonus, show that you're unaware of recent projects
> Oh, and it would be nice if doing an 'apt-get dist-upgrade' didn't break things.
* Finally, make sure everyone understands you didn't look at the release notes for your distro before upgrading, since, as we all know, manuals are for losers
If you closely follow all the steps graciously demonstrated by the parent poster, your Debian trolls will have the most impact. For added points, you could also make some reference to "Debian stale" and/or launch the installer in expert mode, then claim it's difficult to install Debian. There is no limit to the FUD, really.
> Well, the last time I used aptitude I looked at the screen. It was UGLY!!!
For those who are wondering what this software really looks like, here's a screenshot. Note the description area at the bottom can be hidden, leaving all the screen real estate for the package tree (incidentally, that tree display is an excellent idea, as it makes browsing through the packages much more comfortable than a flat view).
> Compared to Aptitude, dselect is a work of art and beauty.
Well, how to put this... you see, I do *not* choose my system administration software on aesthetic qualities, but rather on their efficiency and adequation to the task at hand. Aptitude allows me to easily (1) locate packages (with `/' like in Vi), (2) add or remove them (with `+', `-' or `_' to purge), and (3) review what will be done (including what dependencies will be (de)installed). Plus, it has nifty features like marking dependency packages as being automatically installed, so they'll be removed if all the packages that depend on those are removed. No more cruft on my systems !
> If aptitude has some good features, they REALLY need to graft another front end onto it. REALLY, seriously.
Well, I for one find Aptitude intuitive and efficient enough (more than enough, even). But if you really feel there must be another interface, by all means, fork it. After all, Open Source is *also* about your right to disagree with the upstream authors.
> And, also, once when I was having trouble with an upgrade, I decided to check out aptitude to see just how well it handled dependencies. I ended up hosing my system.
Well, that sounds unlikely. You see, if Aptitude detects your choices of packages breaks other packages' dependencies, it will (depending on the configuration) either (1) revert your choices before proceeding or (2) show you the broken packages (in red) and flatly refuse to proceed with the installation. So, you can't hose your system unless you fool Aptitude with some hackery (using equivs, editing /var/lib/dpkg/available, etc.). Note I'm *not* saying that's what you did. I'd be more inclined to suspect the breakage you encountered was caused by faulty packages, hence it would have been just the same with synaptic or the good old apt-get.
In summary, I'm sorry you had a bad experience with Aptitude. In my case, this software has been a very valuable tool, especially on headless servers where synaptic is not an option. And it's clearly way, *WAY* more intuitive than the dreaded dselect, at least for me. I hope you will have less problems with it next time. Meanwhile, you would maybe like to get out the reportbug(1) program and file a bug at the wishlist level about the colors. If you can suggest more legible colors (keeping in mind that terminals have a limited set of colors available), it could probably help.
> It'd suck if copyright was forfeited one day after publication if it so happens that you get struck by lightning that night.
This is easily solved by declaring that copyright runs for a fixed numbers of years (say, 20) after the first publication. If you die while coming back from the copyright office, your heirs will still have that time to profit off your work. The current state of copyright just serves to uselessly impoverish public domain (and BTW, chances of reverting this unfortunate situation are very slim, since the Berne convention requires a minimal copyright duration of life of the author + 50 years, which is IMHO just insane).
> I'm trying to remember his name... he was involved in the american war of independance...
The guy you're searching for is Pierre de Beaumarchais.
> Back then the publishers were opposed to copyrights. Now they twisted it and corrupted the system so that they once again get to screw people over.
"twisted" is an understatement. In Beaumarchais' own country, copyright now runs for the author's entire life, plus seventy years. I'm still trying to grasp why the hell some guy that's been dead for decades would need a financial incentive to produce new works...
... Another court has upheld the right for Slashdot editors to post dupes every two or three days, and not to be bothered with the "search" feature of their own Website</sarcasm>
> Where can I get the Tux Guevara T-shirt? It ought to look good with my Red Hat cap.
Try this link. And remember not to get out your AK-47 next time you get into a flamefest with the local *BSD advocate ;-)
> You're talking out both sides of your mouth now. Forks are absolutely needed in OSS. Never forget this.
Did I say otherwise ? I don't remember doing that.
> [a hostile fork is] not what Apple has done. Rather, Apple has done what I would call a 'closed' fork.
A rose by any other name is still a rose. I stand by my opinion : a fork that doesn't give a chance to the original developers to keep in sync is hostile, by definition.
> they forked the code and went their own way with it. As a result, their changes become more meaningless every day as the two projects go off in different directions. This is what the grandparent poster was referring to when comparing Safari/KHTML to XFree86/X.org
The *BIG* difference being that the XFree86 developers can look at the X.Org CVS and integrate X.Org enhancements without the need to reverse-engineer a huge, unwieldy patch. If a commit in the CVS says "fixes bugzilla #x", they can go to the Bugzilla and see what that bug was about. In fact, the Debian X Strike Force managed to pull bits of X.Org in their modified XFree86 for a while. They'd most probably not been able to do so if X.Org had just periodically released big chunks of patches without change history. Apple's fork is *way* more hostile than X.Org's !
> Obviously Apple's code isn't going to mean a lot to you.
Why would that be ? A patch for a rendering bug in the kHTML code would definitely be relevant for the kHTML developers. Of course, there are parts that are meaningless for them (the KWQ code, for instance) but that's not what they are after.
> the KHTML devs don't give two flying shits about the Apple changes
Are you sure ? Zack Rusin, at least, seems to give a little more than "two flying shits" in his last post...
> can you really expect Apple to attempt to keep their code as synched as possible?
I was under the impression that, rather than getting Apple to keep in sync, the goal was more to allow the kHTML devs to be able to keep in sync with Apple.
> the problem is that people [...] are going around blowing the "Yay, Apple loves Open Source!" horn, which is both true and false.
Well, sure it is. A corporation the size of Apple will obviously have different approaches according to the department in charge. The problem here is that the Safari dept. is not that cooperative.
> Apple wants to use OSS code, but they want to have the freedom to go their own way with the product. That's why it's called a FORK.
Absolutely. They're entitled to act like jerks. But if they choose to do so, people are surely entitled to say that they act like jerks, too.
> If you don't like it, [...] use the GPL, that's why it exists.
The GPL wouldn't have helped a bit, there. There is nothing in the GPL forcing you to give public CVS access or clean patches, just the modified source, exactly like the LGPL. This is not a license violation problem ; it's a lack-of-niceness (or even a lack-of-decency) problem.
> What really pisses me off about your post, however, is your lovely little piece of "o look at me i'm going to go against the grain on slashdot, i'm so much BETTER than you fanboys."
That's fine. What pissed *me* off was the whole lot of posts rudely dismissing the KDE guys' concerns, and basically likening them to a bunch of whiners, an attitude that seems to be pervasive everytime there is a story about a conflict involving Apple Corp. or Google, Inc. (the best bit of nonsense being the guys that always suggest Google purges people that oppose them from their engine. It never fails to make me laugh). If my bit of sarcasm offended you, then please accept my apologies, next time I'll put up a disclaimer.
> Apple quite simply forked Safari.
No, they forked kHTML. Safari is an Apple-made product, without any OSS code whatsoever.
> This happens all the time in the OSS world.
And, most of the time, hostile forks are frowned upon.
> Hello, does anyone really expect that X.org patches will remain 100% compatible with the XFree86 code structure ad aeternam ?
No, but everyone expects X.Org to
Apple does nothing of this, they just release multimegabyte hunks of code that are just *useless* (you would probably spend more time trying to separate the big blob into small patches than to rewrite these independently). Your example thus falls completely flat.
> Could someone please tell me what exactly the problem is in the Apple-Safari case ?
Right where I told you. But don't let this detract you from praising Apple at every opportunity. I know that (on /. at least), praising Apple and Google whatever they do is Really Hip...
> Do you know how many /.ers would kill for a 20 Mb access
Like all those poor schmucks just out of the ADSL-covered zone who seem to be eternally condemned to dial-up ? 'Cause that's another thing I forgot to bitch about : the regulation authority doesn't seem very interested in getting all these nice operators to venture out of big (and lucrative) cities. The end result : if you live out of town, you can either (a) resign yourself to using 56k, (b) pray for a DSLAM to materialize near you (you'd better pray to multiple gods if you want to have even a slight chance), or (c) pay through your nose for bidi satellite access at near-broadband speed and near-unbearable roundtrip times. Talk about digital divide...
> Does that count as one of the 5 times you've had to use your ID?
I'm not the grandparent poster (and I'm not Belgian, either). I get asked for some ID more times than he apparently does (especially since cops seem to "love" me for whatever reason--must be my terrorist look, you see). Anyway, I'm more surprised that I'm *not* asked for it more often. Regularly, I find bank tellers just accept that someone can show up ID-less and withdraw money. One of them, when challenged to explain how she would tell I was not a fraudster emptying someone else's account, told me "but you gave me a name and account number that matched". Sheesh ! With such *stringent* security measures, I'm totally confident my money is secure in their hands. Not!
> Something that can print on a plastic card? These devices are available commercially.
The format is not that common, but I'll gladly admit that with enough investment, you can fake everything, even those Australian anti-counterfeiting plastic banknotes. The operative word here is "with enough investment". If you've to go buy an offset printing press to fake a document, it raises the bar. If you've to use special paper/plastic, use special ink, copy some hologram, most people will just give up. The remaining ones are easier to track down (hint : they're probably printers by trade ;-)
> You just handed your name, address, signature, and ID card number to the nice lady at the supermarket, above (assuming that your cheques have your address printed on them).
They do have it. And sure, she could be a fraudster. But then, the cop asking for ID could be one, too. I fail to see what the lack of an ID card would change here, except that they would copy the data off a driver's licence or other document...
> It's through concern over forgery that we get to the best argument in favour of RFID chips. Harder to forge one of those.
Do RFID chips have embedded cryptography ? If yes, what's done to make sure only authorized recipients can decrypt it ? Assuming these two questions are answered in a satisfactory manner it could be all right, except for a little fact : today, if a cop (or someone else) wants my ID, he has to ask for it. RFID would make "ID wardriving" a bit more of a reality. If your project includes mandatory embedded RFID chips, I agree you've some serious reason to worry (I said just that in my previous post, anyway).
> The "government is evil" people usually take a pretty dim view of the general electorate as well.
Well, you may be right on that one. As I'm not "on the field", I may have been fooled into mistaking a vocal minority with a majority. I shouldn't have made such a generalization too fast, I guess...
> But no supporter of these cards will be giving much time to rational arguments. These cards, with RFIDs chirping merrily, will Stop Terrorism.
It depends. I support decent authentication methods, and I believe I'm fairly open to rational argument. But if you're talking about the *ahem* unwashed masses, then yes, I agree most people will just swallow whatever the people who are "supposed to know" will tell them. And I equally agree that thinking of ID cards as antiterrorism devices is moronic, BTW.
> Most of these problems would likely not of occured if they hadn't privatised BT .
I agree _in part_ with you. I've witnessed first hand the result of the deregulation of another telco market (the French one, with France Télécom as the Ugly Monopolist From Hell), and here's what happened :
On the other hand, before deregulation you would only get 1024 kbps at cut-throat prices. Now, most providers go up to 8 Mbps, and a few will even provide 20 Mbps ADSL2 with free national long-distance phone calls and TV service. So, I will stop short of saying "there shouldn't have been any deregulation", it was clearly good since it spawned a lot of interesting offers. But the way it has been done is quite stupid, especially the fact that you no longer get a free hotline in touch with the actual people doing the work. The market was stagnant, right. But the way it is now is more like "anarchy in the .FR"... I can see why they did it this way (avoid confusing the users with multiple points of contact) but the end result is that many problems take longer (in some cases *much* longer) to be solved. The most knowledgeable people still have a separate DSL traffic hauling contract with FT and an Internet service contract with a third-party provider that still does it (there aren't many that do anymore) for reliability (yo