Have you ever found a CPU that was designed to run programs slowly?
Have you ever used a web browser that was designed to run web apps slowly? No, of course not - processors and web browsers are both designed to do what they are intended to do as fast as they can. And, in both cases, there is a large range of programs for which this is fast enough, and some for which it isn't.
Web apps have similarities with desktop apps - they have a UI written in a page description language, and code that supplies the functionality for that interface. There are lots of apps for which interpreted code is fast enough, because they are not limited by processing speed, but by IO speeds, or by the speed at which the user can use them, or something else. For these apps, a desktop app written in python, or a web app written in javascript, could be just fine.
Do you really think that we'll be able to do everything that we can do with our relatively behemoth desktop machines on a web browser?
Of course not, but no-one's suggesting that. I might be able to do all the stuff I want to do on a netbook, in a web browser, though.
If you use x86, you've been running all interpreted code since the mid 90s - all x86 processors since the Pentium Pro are RISC processors with an on-chip virtual machine for the x86 instructions. This objection to interpreted code seems to be based on, well, nothing - why should we care what implementation strategy our software happens to be using?
This looks a bit like the OS used on the litl webbooks. It's an interesting idea, to choose a specific niche with specific constraints, and really target it. I'm still unsure whether this precise niche (almost-always online, only apps that can be delivered via the browser) is a large enough niche to be useful.
Hardware accelerated video is a weakness, I agree, but the problem is predominantly a lack of driver support (the VIA driver appears to be the only open source driver with support at the moment, with the closed source nvidia drivers also supporting it); X already has an API for hardware accelerated video. There are apparently some limitations with this API, and so a new one is being developed. Nonetheless, there doesn't seem to be any difficulty adding this new API to X - it's a limitation of current X implementations, but not a fundamental problem with the X architecture, so I don't think it provides a good reason to abandon X.
Training users to type in their password whenever they need to install software is a usability problem that leads to a security problem of users typing in their password in order to install a trojan with elevated permissions.
Yes, this is a really good point. The most secure system is the one that asks the user least; the more questions you ask them, the less attention they'll pay to them, and so the less security-conscious their responses are likely to be.
Yes, that sounds sensible - somewhere in the thread mentioned in the article, the Fedora devs talk about various plans they have to make this system more fine-grained in future releases, and using a group seems like it would be the obvious way to do that.
Really? An FTP server that doesn't get run automatically, and that can't accept connections due to firewall rules, even if it does get run, is a "huge security risk"?
I really don't understand the basis for this move. From a desktop usability perspective, having the gui password prompt for an elevated privilege such as a package install works fine.
It makes sense if you have other users on the machine who should be able to install trusted software, but not perform other administrative tasks - perhaps your child wants to install some games, or your spouse needs some additional graphics application, or something. You don't want to give them full admin access, or even unrestricted access to the package manager (which would allow them to uninstall important stuff).
Now, whether this should be the default is more questionable; it probably makes more sense to have something that can be turned on on a user-by-user basis. But letting at least some users install signed packages without elevated privileges could be quite useful on a home system.
The idea of UAC is fine, but the implementation, at least in Vista, leaves a lot to be desired. The most annoying thing about UAC is that a lot of things that you need to authenticate to do also have a confirmation dialog in the application. So you end up being asked if you want to do something, clicking yes, then being asked if you want UAC to allow the application to do that. It almost seems like MS didn't actually test their software with UAC switched on.
Why should the average user have a web or FTP server running on the desktop?
They shouldn't, but PackageKit doesn't allow them to do so - they can install a web server, but they can't run it, or open the ports to allow it to listen on the network.
Moreover, if you draw a window it will take up the whole screen - X has no concept of multiple windows.
That's not true - X understands the idea of multiple windows. The window manager just provides a UI for manipulating (moving, closing, etc) these windows.
There are no more layers in the Linux GUI system than in Windows. X, which provides the basic graphics operations, is roughly equivalent to the Windows GDI; the window manager and the desktop environment provide the functions provided by the Windows shell; and the toolkits like GTK and QT are the equivalent of the standard controls in win32. The basic architecture is not very different - it's just that, on Linux, the separate pieces are independent and properly specified, so that you can use a variety of different options at each level.
If you want to replace X, the question you should be asking is, what does X do worse than Quartz? There's no point replacing X just for the sake of it - if you want people to think about replacing X, you need to explain what's wrong with X.
Here in the UK, when you do a degree you study aspects of that subject only.
That's true in England and Wales, but not entirely true of Scotland, where the undergraduate degree typically takes four years and includes some subjects outside of your primary field (although I don't think the Scottish universities have the same kind of breadth requirements you get in the US). I seem to remember reading somewhere that the Scottish system (along with the German system) was an influence on the development of US universities.
Only if "Computer Science" is a vocational degree about teaching students how to be computer programmers. Teaching computer science majors source control is kind of like teaching English majors how to use Word - it may be an important tool in making practical use of what one has learnt, but it's not relevant to the theoretical underpinnings of the subject, and university degrees are usually about the latter, not the former.
Which is why calculus is a reasonable prerequisite for a Computer Science degree. Calculus is a fairly important part of higher-level maths, so, first, if you can't do calculus there's a good chance you won't be able to do the non-calculus math that a CS degree needs, and, second, calculus is actually used in a fair amount of Computer Science - I would think some calculus was important in understanding complexity proofs, for instance.
Calculus isn't a good prerequisite for a vocational qualification in software development, but a BA or BSc in Computer Science probably isn't that kind of vocational qualification.
Presumably, if the author of the software says it doesn't infringe, the site will put it back up. The whole point of the DMCA safe harbor provisions is that the host doesn't have to judge whether there is any copyright infringement - they just have to (first) trust the claim of copyright infringement by the complainant, and take the material down when requested, and (then) trust the claim of non-infringement by the uploader, and put it back up when requested. After that, it's up to the courts to decide, and any penalties will be against the person who uploaded the material, not the host.
you have to disclose the source code of every application you build against MySQL under the GPL
No, you have to disclose the source code of every application you distribute that links against MySQL. If you use MySQL in the backend of your website, you don't need to distribute your source code or license it under the GPL.
I'm not sure how this is a sensible response to a poster complaining about security through obscurity: security through obscurity is exactly the problem here. We use information like SSN and address which are not in any way secret, merely obscure, as a way to supposedly verify identity, and that's why we have so much identity theft. The reason no-one wants to post their SSN and address on Slashdot is precisely because security through obscurity sucks.
You're right about the simplicity of some of the models (although I'm pretty sure they are using bump mapping), but that's not because they were originally targeting consoles.
There's ongoing work to add gstreamer backend support to Firefox, which (if you have gstreamer-ffmpeg installed) would let you use ffmpeg codecs. I'm not sure how well it's working; the bug is marked as blocking Gecko 1.9.2, which is going to be the rendering engine of 3.6, so maybe we'll see this in 3.6 when it comes out.
Slashdot Mirror
Have you ever found a CPU that was designed to run programs slowly?
Have you ever used a web browser that was designed to run web apps slowly? No, of course not - processors and web browsers are both designed to do what they are intended to do as fast as they can. And, in both cases, there is a large range of programs for which this is fast enough, and some for which it isn't.
Web apps have similarities with desktop apps - they have a UI written in a page description language, and code that supplies the functionality for that interface. There are lots of apps for which interpreted code is fast enough, because they are not limited by processing speed, but by IO speeds, or by the speed at which the user can use them, or something else. For these apps, a desktop app written in python, or a web app written in javascript, could be just fine.
Do you really think that we'll be able to do everything that we can do with our relatively behemoth desktop machines on a web browser?
Of course not, but no-one's suggesting that. I might be able to do all the stuff I want to do on a netbook, in a web browser, though.
If you use x86, you've been running all interpreted code since the mid 90s - all x86 processors since the Pentium Pro are RISC processors with an on-chip virtual machine for the x86 instructions. This objection to interpreted code seems to be based on, well, nothing - why should we care what implementation strategy our software happens to be using?
This looks a bit like the OS used on the litl webbooks. It's an interesting idea, to choose a specific niche with specific constraints, and really target it. I'm still unsure whether this precise niche (almost-always online, only apps that can be delivered via the browser) is a large enough niche to be useful.
What's wrong with the font rendering?
Hardware accelerated video is a weakness, I agree, but the problem is predominantly a lack of driver support (the VIA driver appears to be the only open source driver with support at the moment, with the closed source nvidia drivers also supporting it); X already has an API for hardware accelerated video. There are apparently some limitations with this API, and so a new one is being developed. Nonetheless, there doesn't seem to be any difficulty adding this new API to X - it's a limitation of current X implementations, but not a fundamental problem with the X architecture, so I don't think it provides a good reason to abandon X.
PackageKit is developed by Richard Hughes, a RedHat employee. It's not like this is some totally separate upstream that has nothing to do with Fedora.
Training users to type in their password whenever they need to install software is a usability problem that leads to a security problem of users typing in their password in order to install a trojan with elevated permissions.
Yes, this is a really good point. The most secure system is the one that asks the user least; the more questions you ask them, the less attention they'll pay to them, and so the less security-conscious their responses are likely to be.
Yes, that sounds sensible - somewhere in the thread mentioned in the article, the Fedora devs talk about various plans they have to make this system more fine-grained in future releases, and using a group seems like it would be the obvious way to do that.
Really? An FTP server that doesn't get run automatically, and that can't accept connections due to firewall rules, even if it does get run, is a "huge security risk"?
I really don't understand the basis for this move. From a desktop usability perspective, having the gui password prompt for an elevated privilege such as a package install works fine.
It makes sense if you have other users on the machine who should be able to install trusted software, but not perform other administrative tasks - perhaps your child wants to install some games, or your spouse needs some additional graphics application, or something. You don't want to give them full admin access, or even unrestricted access to the package manager (which would allow them to uninstall important stuff).
Now, whether this should be the default is more questionable; it probably makes more sense to have something that can be turned on on a user-by-user basis. But letting at least some users install signed packages without elevated privileges could be quite useful on a home system.
I bet the package sets it to start in all runlevels by default.
You bet wrong. Fedora packages don't set anything to start by default.
The idea of UAC is fine, but the implementation, at least in Vista, leaves a lot to be desired. The most annoying thing about UAC is that a lot of things that you need to authenticate to do also have a confirmation dialog in the application. So you end up being asked if you want to do something, clicking yes, then being asked if you want UAC to allow the application to do that. It almost seems like MS didn't actually test their software with UAC switched on.
Why should the average user have a web or FTP server running on the desktop?
They shouldn't, but PackageKit doesn't allow them to do so - they can install a web server, but they can't run it, or open the ports to allow it to listen on the network.
Moreover, if you draw a window it will take up the whole screen - X has no concept of multiple windows.
That's not true - X understands the idea of multiple windows. The window manager just provides a UI for manipulating (moving, closing, etc) these windows.
There are no more layers in the Linux GUI system than in Windows. X, which provides the basic graphics operations, is roughly equivalent to the Windows GDI; the window manager and the desktop environment provide the functions provided by the Windows shell; and the toolkits like GTK and QT are the equivalent of the standard controls in win32. The basic architecture is not very different - it's just that, on Linux, the separate pieces are independent and properly specified, so that you can use a variety of different options at each level.
If you want to replace X, the question you should be asking is, what does X do worse than Quartz? There's no point replacing X just for the sake of it - if you want people to think about replacing X, you need to explain what's wrong with X.
No it's not - it's been in development for the PC for five years, and the console versions were only announced last year.
Taxes are slavery in exactly the same way paid work is indentured servitude.
Here in the UK, when you do a degree you study aspects of that subject only.
That's true in England and Wales, but not entirely true of Scotland, where the undergraduate degree typically takes four years and includes some subjects outside of your primary field (although I don't think the Scottish universities have the same kind of breadth requirements you get in the US). I seem to remember reading somewhere that the Scottish system (along with the German system) was an influence on the development of US universities.
Only if "Computer Science" is a vocational degree about teaching students how to be computer programmers. Teaching computer science majors source control is kind of like teaching English majors how to use Word - it may be an important tool in making practical use of what one has learnt, but it's not relevant to the theoretical underpinnings of the subject, and university degrees are usually about the latter, not the former.
Which is why calculus is a reasonable prerequisite for a Computer Science degree. Calculus is a fairly important part of higher-level maths, so, first, if you can't do calculus there's a good chance you won't be able to do the non-calculus math that a CS degree needs, and, second, calculus is actually used in a fair amount of Computer Science - I would think some calculus was important in understanding complexity proofs, for instance.
Calculus isn't a good prerequisite for a vocational qualification in software development, but a BA or BSc in Computer Science probably isn't that kind of vocational qualification.
Presumably, if the author of the software says it doesn't infringe, the site will put it back up. The whole point of the DMCA safe harbor provisions is that the host doesn't have to judge whether there is any copyright infringement - they just have to (first) trust the claim of copyright infringement by the complainant, and take the material down when requested, and (then) trust the claim of non-infringement by the uploader, and put it back up when requested. After that, it's up to the courts to decide, and any penalties will be against the person who uploaded the material, not the host.
you have to disclose the source code of every application you build against MySQL under the GPL
No, you have to disclose the source code of every application you distribute that links against MySQL. If you use MySQL in the backend of your website, you don't need to distribute your source code or license it under the GPL.
I'm not sure how this is a sensible response to a poster complaining about security through obscurity: security through obscurity is exactly the problem here. We use information like SSN and address which are not in any way secret, merely obscure, as a way to supposedly verify identity, and that's why we have so much identity theft. The reason no-one wants to post their SSN and address on Slashdot is precisely because security through obscurity sucks.
this was pretty obviously an Xbox game originally
Not so much - it's been in development since 2004, and was originally planned as PC only, and indeed was still being talked about as PC only back in 2008.
You're right about the simplicity of some of the models (although I'm pretty sure they are using bump mapping), but that's not because they were originally targeting consoles.
with enough changes to avoid lawsuit.
Though I think they might face some legal trouble about the music.
There's ongoing work to add gstreamer backend support to Firefox, which (if you have gstreamer-ffmpeg installed) would let you use ffmpeg codecs. I'm not sure how well it's working; the bug is marked as blocking Gecko 1.9.2, which is going to be the rendering engine of 3.6, so maybe we'll see this in 3.6 when it comes out.