Though this might
be of interest to some, the only people who really care are developers, and I'm sure they're going to wait for Intel's superior offering.
I'm not sure you're really in touch with what developers think. I'm a developer, and I'm intensely interested. AMD's K7 was a killer punch, 3D Now is pretty successful in spite of the odds, and now I'm in the mood to take a close look at *anything* AMD puts forward. --
That was a very, very good article by Miguel. Unfortunately the first few posts I have read are from posters who obviously didn't read it and instead are making personal
attacks at Miguel.
Huh. I saw Miguel deliver the talk in person and I spoke with him afterward. He seemed quite uninterested in hearing anything about the large number of small, irritating little things about Gnome that suck. The problem with Miguel is that he's quite unwilling to admit that Gnome *does* suck in many small, irritating little ways that could be easily fixed. Until the guy at the top understands that his project is going to *continue* to suck in many small, irritating little ways, well, hmm, it's going to continue to suck in many small, irritating little ways. What part of this is hard to understand? --
They're couting shipments of Linux, which totally misses out on all of the downloads.
IDC has always had the habit of telling their paying customers what they want to hear. It just makes good business sense. (How do you sell an ad concept every time? Put the boss's picture in it.</cynicism>)
Right now, the last thing Microsoft wants to hear from IDC is that Linux is making major inroads on the desktop. --
I'm wondering just how that cryptography is implemented, whereby having less than n of n shares still permits us to read the document.
Let me take a try at it. Caveat: I don't really have a clue how this works, ok? So unless you enjoy reading random speculation, now is a good time to quit reading.:-)
Take a file A and a file R filled with (truly) random bits, the same length as A. Now create file B = A xor R. Looked at in isolation, each bit in B is completely unpredictable because the corresponding source bit in A was either inverted or not with equal probability. File B is indistinquishable from white noise, as is file R. But there is a simple method of recovering A from B and R: A = B xor R.
So, given any file, we can generate two files that together give us the original file, but in isolation look exactly like noise. We can take file B and a new random file S and do the same thing, giving file C and discarding B. We now have three files, C R and S all of which are needed to recover A. You can continue this to generate as many files as you like.
I imagine that this is only one of a large number of ways you could do this, and it's probably not even a good way because it misses an obviously desireable property: it would be nice if the two generated files together were less than twice the size of the orginal file. It seems to me intuitively obviously it's possible, but I'm pretty sure I'm not going to derive an algorithm to do it in the next 5 minutes.:-)
See? I warned you - this is all pure speculation. But thanks for reading this far anyway.
--
Re:I actually have good things to say about Mozill
on
Mozilla M17 Is Out
·
· Score: 1
As for startup time (always the problem with normal Mozillas) - it is now much, much quicker than Netscape 4 on either Windows of Linux, and getting close to IE5
(which is the fastest starting browser I've ever seen, except maybe Lynx or something).
Then you haven't used Opera or Konqueror. But it's great that Gecko in its Galeon incarnation, which supports a much broader spectrum of web standards than either of the above, can compete in load speed. That's a really big hot buttom for me. --
MS has been promising to make DOS a thing of the past since 3.1, they've just finally delivered.
Microsoft's intentions towards Dos have been clear for some time... try 10 years. They don't like it: it's too easy to build something that competes with Windows on top of it. Now that it's halfway useful as a way of converting a Windows box a little bit at a time into a Linux box, the *really* don't like it. Never mind that they still need it to run Windows ME. They can easily disable it at the front end so you, poor user, can't use it, why they, in their infinite wisdom, can. This is apparently what they've done.
Two years ago, this might actually have mattered. That time is long gone: it's already too late for Microsoft to slow us down at all with such a stunt. Having trouble getting Linux to coexist with Windows? Fine, just trash Windows - you don't need it. Especially if it's going to be a pain.
Two years ago you couldn't have used that argument. Today you can, and it works. Joe user is fed up with Microsoft's less-than-excellent product, Joe knows about Linux, Joe is willing to try Linux, and if that means losing Windows, well ok, that's just too darn bad. Progress marches on.
Microsoft's last hope is to keep the gamers locked in, and I think that's what this move is all about. Bill, don't count on it. --
A new package format that would combine the strengths of the current various is a good idea, but (and it's a big but) I hope the author isn't the guy to do it (he doesn't
have a good grasp of security..)
He mentions making the package self-extracting - "just do a chmod +x on it, and away you go"
Sorry, but that's why "security" in Windows is so abysmal..
Think about it - to install, you're running this file as ROOT - would you run a binary from an unknown source as root? (I don't even untar source as root!) - this is
inherently a bad idea.
The vast majority of RPM packages don't have any valid reason for being installed as root. The main reason you have to have root right now is to be able to write the RPM database. Fix that. For example, give me a local branch of the RPM database and give root the ability to merge that with the main, shared RPM database.
Miscellaneous other reasons for needing to install as root:
Making the package available system-wide. Why can't I install a package in my home directory, then ask via a root-privileged command to link it from/usr/bin? Or, more permanently, to move it there. Such a privileged command would still require security checks of course, but these checks can be very well-defined, and it would be easy to ensure that no suid programs were being installed. With a little more work, it could satisfy itself that no common user commands were being overridden (a technique favored by script-kiddies for hiding their root-kits).
Installing device drivers. Solution: user-space device drivers. We're some distance away from being able to do that just now. For now, elevate privilege to root just long enough to install the device driver, and require root's password to install such a package.
Installing daemons and privileged programs. Obviously, only root should be installing them. In many cases a daemon doesn't really need root privilege, and in that case it should run in user space and be installable by a normal user for their own use, or be shareable by the mechanism mentioned above.
Changing system config files. The author should try to write the program so it does this only as a last resort. We should have a way of overriding certain system config files locally, for example, resolv.conf, so that we have a per-user view of the system configuration. As a last resort, the installer can invoke a root-privileged utility just to change the config files, and require root's password.
(Other reasons, please enumerate.)
This is all by way of saying that we can have mindless (read: stressless; user-friendly) auto-installing packages just like Windows, without breaking security.
--
Während des Versuches, die URL
http://123.45.678.9:8080/usr/local/ zu laden,
trat der folgende Fehler auf:
Verbindung schlug fehl
Das System gab:
(111) Connection refused
zurück.
Der Zielrechner oder das Zielnetzwerk könnten deaktiviert sein. Bitte versuchen Sie die Anfrage später nocheinmal.
(The given URL couldn'd be loaded. While trying to load the following URL xxx.xxx.xxx.xxx the following error occured: Connection failed. The system reported: Connection refused.
The destination couldn't be reached. Please try again later.)
Can someone give me a reason why I shouldn't feel smug?
--
Man, I had to wade through a fat stack of default-2 posts of the worthless "yah!!! see Netscape always sucked!!! IE Sucks worse!!!! Bill Gates eats babies!!!" kind to get to this, the first informed technical post in the list. Mod it up, please. --
Title: MICROSOFT OUSTS XML EDITOR AT W3C By Maureen O'Gara
Synopsis: Microsoft wielded its terrific power to get Tim Bray, co-author of XML, the
Extensible Markup Language, dismissed as the potential spec's co-editor by the World
Wide Web Consortium in late June, according...
--
Moderate this down if you like. This guy went over to the dark side. I wonder how much that cost? Pains me. What if this guy was actually working for the good guys? --
This mistake here is to assume that in order for there to be winners, there must be losers. That just ain't so. When we get new tech we all win, whether we're yankee or not. --
...with Napster doing this as a business, it seems fair that the record companies should get a cut...
Oh yeah, hey, good idea: the record companies should get a cut of Napster's profit - hmmm, let me see, that would be about -$1bazillion. Good idea.
Seriously, I support the idea that if Napster is actually making money then they ought to pay the copyright holders, whoever they may be, a part of it. But until they manage to make money, requiring such tribute would just be a way for RIAA to set it at an unreasonable level and choke off Napster's air supply (where have we heard that before?) and perpetuate RIAA's precious monopoly on famous artists. Exactly how high a fee does the RIAA deserve when you let your friends listen to the music you own? --
Don't tell me about the god damned nightly builds. The last time I tried one it wouldn't even run on my box, so I deleted everything even remotly related to mozilla and tried it again (coming down on my butt slow 56k modem) and it still wouldn't run.
Did you delete ~/.mozilla??
*** ToughLove regards Anonomous troll with bemused and slightly scornful expression. --
Maybe so. But it's two years and four months in the making. Methinks it ought to do a bit better. It certainly isn't as good as you say.
No, you're right. It's better. Why should I err on the side of exaggeration? Two years is fsck-all for a software project of this magnitude. Please get a clue. --
What a load of crap! I just downloaded M16 and ran it. Firstly, I couldn't just type in a URL at the top of the window like you normally should be able to. I have to click FILE --> open web location... After I finally got going, it rendered 7 pages before crashing.
My, what a polite young man you are.:p Try a nightly build. M16 is old. --
If Mozilla is dead, then what is this browser I'm using?
As for dead... Waning in popularity. Remember last year? It was HOT. EVERYBODY was grabbing a copy of Mozilla. What happened? Mozilla was pretty much Netscape, and everybody was like, I already have Netscape, look, it's just a different Netscape, who cares, I'm keeping Netscape.
Mozilla is hot *now*. The difference between this year and last year is that people are grabbing it and using it, as opposed to just grabbing it. As far as websurfing on Linux goes, you don't really have a choice. Netscape 4.xx just can't render a lot of the sites out there today. None of the other browsers is anywhere near being fullly functional. If you want to surf with Linux, you have to use Mozilla. Period.
Not that that's such a bad thing. Mozilla is that hands-down champ at render speed. Themes are *very* cool. (If you don't think so, maybe you should think about switching to Lynx. Check out the MozBilla theme that makes Mozilla look just like IE - of course, the little picture of a borg in the corner kind of gives it away.) Stability has improved a lot and it is now most certainly more stable than Netscape 4.7 on my machine. YMMV.
On the other hand, memory pigness still sucks, some of the UI processing is slow, Java and newsgroups are still not in the standard distribution. (With some fiddling you can plug in your own JVM.) I'm willing to wait patiently for such goodies, thanks, and in the meantime I'll just keep downloading those nightly builds and using them. It just keeps getting better. --
Jeez, I just want to weigh in on this - Chris, that's one of the most lucid posts I've ever seen on Slashdot. Keep it up guy! And oh by the way I'm a musician and I couldn't agree with you more. But I could never say it like you did. Umm, how about a song then????? --
Freenet, or a system much like it, is the only acceptable longterm answer to such attacks on the rights of us, the user community. Fair use. Fair Use. Repeat that over and over again. Fair use is being attacked - the correct response is for us to use technology to enshrine Fair use as a basic right. --
Not exactly. Note that the information is recorded statistically in the headers. If you only send a few packets like a normal human being you won't be particularly traceable. On the other hand, a massive download is going to be quite traceable and therein lies and important question from the point of view of anonymity.
Now, particular this development is as inevitable as people locking their doors and putting in security cameras in a big city. There is *no way in hell* that we will be able to prevent it. I'm of two minds about it. On the one hand, I am a big supporter of the principle that the only way to gaurantee freedom of speech on the net is to have technologically-enforced anonymity. On the other hand, I think script-kiddies are scum of the earth. On the third hand, I think script kiddies, like roaches, at least perform the useful function of showing us where the weak spots in the net are. --
Though this might be of interest to some, the only people who really care are developers, and I'm sure they're going to wait for Intel's superior offering.
I'm not sure you're really in touch with what developers think. I'm a developer, and I'm intensely interested. AMD's K7 was a killer punch, 3D Now is pretty successful in spite of the odds, and now I'm in the mood to take a close look at *anything* AMD puts forward.
--
IBM is running X11 (R6.3) on a wristwatch.
--
That was a very, very good article by Miguel. Unfortunately the first few posts I have read are from posters who obviously didn't read it and instead are making personal attacks at Miguel.
Huh. I saw Miguel deliver the talk in person and I spoke with him afterward. He seemed quite uninterested in hearing anything about the large number of small, irritating little things about Gnome that suck. The problem with Miguel is that he's quite unwilling to admit that Gnome *does* suck in many small, irritating little ways that could be easily fixed. Until the guy at the top understands that his project is going to *continue* to suck in many small, irritating little ways, well, hmm, it's going to continue to suck in many small, irritating little ways. What part of this is hard to understand?
--
They're couting shipments of Linux, which totally misses out on all of the downloads.
IDC has always had the habit of telling their paying customers what they want to hear. It just makes good business sense. (How do you sell an ad concept every time? Put the boss's picture in it.</cynicism>)
Right now, the last thing Microsoft wants to hear from IDC is that Linux is making major inroads on the desktop.
--
Please figure it out.
--
I'm wondering just how that cryptography is implemented, whereby having less than n of n shares still permits us to read the document.
:-)
:-)
Let me take a try at it. Caveat: I don't really have a clue how this works, ok? So unless you enjoy reading random speculation, now is a good time to quit reading.
Take a file A and a file R filled with (truly) random bits, the same length as A. Now create file B = A xor R. Looked at in isolation, each bit in B is completely unpredictable because the corresponding source bit in A was either inverted or not with equal probability. File B is indistinquishable from white noise, as is file R. But there is a simple method of recovering A from B and R: A = B xor R.
So, given any file, we can generate two files that together give us the original file, but in isolation look exactly like noise. We can take file B and a new random file S and do the same thing, giving file C and discarding B. We now have three files, C R and S all of which are needed to recover A. You can continue this to generate as many files as you like.
I imagine that this is only one of a large number of ways you could do this, and it's probably not even a good way because it misses an obviously desireable property: it would be nice if the two generated files together were less than twice the size of the orginal file. It seems to me intuitively obviously it's possible, but I'm pretty sure I'm not going to derive an algorithm to do it in the next 5 minutes.
See? I warned you - this is all pure speculation. But thanks for reading this far anyway.
--
As for startup time (always the problem with normal Mozillas) - it is now much, much quicker than Netscape 4 on either Windows of Linux, and getting close to IE5 (which is the fastest starting browser I've ever seen, except maybe Lynx or something).
Then you haven't used Opera or Konqueror. But it's great that Gecko in its Galeon incarnation, which supports a much broader spectrum of web standards than either of the above, can compete in load speed. That's a really big hot buttom for me.
--
MS has been promising to make DOS a thing of the past since 3.1, they've just finally delivered.
Microsoft's intentions towards Dos have been clear for some time... try 10 years. They don't like it: it's too easy to build something that competes with Windows on top of it. Now that it's halfway useful as a way of converting a Windows box a little bit at a time into a Linux box, the *really* don't like it. Never mind that they still need it to run Windows ME. They can easily disable it at the front end so you, poor user, can't use it, why they, in their infinite wisdom, can. This is apparently what they've done.
Two years ago, this might actually have mattered. That time is long gone: it's already too late for Microsoft to slow us down at all with such a stunt. Having trouble getting Linux to coexist with Windows? Fine, just trash Windows - you don't need it. Especially if it's going to be a pain.
Two years ago you couldn't have used that argument. Today you can, and it works. Joe user is fed up with Microsoft's less-than-excellent product, Joe knows about Linux, Joe is willing to try Linux, and if that means losing Windows, well ok, that's just too darn bad. Progress marches on.
Microsoft's last hope is to keep the gamers locked in, and I think that's what this move is all about. Bill, don't count on it.
--
The vast majority of RPM packages don't have any valid reason for being installed as root. The main reason you have to have root right now is to be able to write the RPM database. Fix that. For example, give me a local branch of the RPM database and give root the ability to merge that with the main, shared RPM database.
Miscellaneous other reasons for needing to install as root:
- Making the package available system-wide. Why can't I install a package in my home directory, then ask via a root-privileged command to link it from
/usr/bin? Or, more permanently, to move it there. Such a privileged command would still require security checks of course, but these checks can be very well-defined, and it would be easy to ensure that no suid programs were being installed. With a little more work, it could satisfy itself that no common user commands were being overridden (a technique favored by script-kiddies for hiding their root-kits).
- Installing device drivers. Solution: user-space device drivers. We're some distance away from being able to do that just now. For now, elevate privilege to root just long enough to install the device driver, and require root's password to install such a package.
- Installing daemons and privileged programs. Obviously, only root should be installing them. In many cases a daemon doesn't really need root privilege, and in that case it should run in user space and be installable by a normal user for their own use, or be shareable by the mechanism mentioned above.
- Changing system config files. The author should try to write the program so it does this only as a last resort. We should have a way of overriding certain system config files locally, for example, resolv.conf, so that we have a per-user view of the system configuration. As a last resort, the installer can invoke a root-privileged utility just to change the config files, and require root's password.
- (Other reasons, please enumerate.)
This is all by way of saying that we can have mindless (read: stressless; user-friendly) auto-installing packages just like Windows, without breaking security.--
It didn't get through my firewall:
FEHLER
Die angeforderte URL konnte nicht geladen werden
Während des Versuches, die URL
http://123.45.678.9:8080/usr/local/ zu laden,
trat der folgende Fehler auf:
Verbindung schlug fehl
Das System gab:
(111) Connection refused
zurück.
Der Zielrechner oder das Zielnetzwerk könnten deaktiviert sein. Bitte versuchen Sie die Anfrage später nocheinmal.
(The given URL couldn'd be loaded. While trying to load the following URL xxx.xxx.xxx.xxx the following error occured: Connection failed. The system reported: Connection refused. The destination couldn't be reached. Please try again later.)
Can someone give me a reason why I shouldn't feel smug?
--
Don't panic. Sure, it's bulkier than some binary formats (not all!) but that can be fixed after the fact.
It's much more important to keep your high-level syntax clean, compact and orthogonal. See SOAP for a good example of how to do that part wrong.
--
Man, I had to wade through a fat stack of default-2 posts of the worthless "yah!!! see Netscape always sucked!!! IE Sucks worse!!!! Bill Gates eats babies!!!" kind to get to this, the first informed technical post in the list. Mod it up, please.
--
Microsoft doesn't support the CSS standard? Are you insane? Internet Explorer 5.5 is the most standard-compliant browser in the universe.
That's flat wrong.
Mozilla is the most standards-compliant browser in the universe.
Where is Microsoft going today?:
Title: MICROSOFT OUSTS XML EDITOR AT W3C By Maureen O'Gara
Synopsis: Microsoft wielded its terrific power to get Tim Bray, co-author of XML, the Extensible Markup Language, dismissed as the potential spec's co-editor by the World Wide Web Consortium in late June, according...
--
Moderate this down if you like. This guy went over to the dark side. I wonder how much that cost? Pains me. What if this guy was actually working for the good guys?
--
This mistake here is to assume that in order for there to be winners, there must be losers. That just ain't so. When we get new tech we all win, whether we're yankee or not.
--
...with Napster doing this as a business, it seems fair that the record companies should get a cut...
Oh yeah, hey, good idea: the record companies should get a cut of Napster's profit - hmmm, let me see, that would be about -$1bazillion. Good idea.
Seriously, I support the idea that if Napster is actually making money then they ought to pay the copyright holders, whoever they may be, a part of it. But until they manage to make money, requiring such tribute would just be a way for RIAA to set it at an unreasonable level and choke off Napster's air supply (where have we heard that before?) and perpetuate RIAA's precious monopoly on famous artists. Exactly how high a fee does the RIAA deserve when you let your friends listen to the music you own?
--
Consider losing the casters on the swivel chairs. :-) Mars is *bumpy*.
--
Don't tell me about the god damned nightly builds. The last time I tried one it wouldn't even run on my box, so I deleted everything even remotly related to mozilla and tried it again (coming down on my butt slow 56k modem) and it still wouldn't run.
Did you delete ~/.mozilla??
*** ToughLove regards Anonomous troll with bemused and slightly scornful expression.
--
"Try a nightly build. M16 is old."
Maybe so. But it's two years and four months in the making. Methinks it ought to do a bit better. It certainly isn't as good as you say.
No, you're right. It's better. Why should I err on the side of exaggeration? Two years is fsck-all for a software project of this magnitude. Please get a clue.
--
What a load of crap! I just downloaded M16 and ran it. Firstly, I couldn't just type in a URL at the top of the window like you normally should be able to. I have to click FILE --> open web location... After I finally got going, it rendered 7 pages before crashing.
:p Try a nightly build. M16 is old.
My, what a polite young man you are.
--
If Mozilla is dead, then what is this browser I'm using?
As for dead... Waning in popularity. Remember last year? It was HOT. EVERYBODY was grabbing a copy of Mozilla. What happened? Mozilla was pretty much Netscape, and everybody was like, I already have Netscape, look, it's just a different Netscape, who cares, I'm keeping Netscape.
Mozilla is hot *now*. The difference between this year and last year is that people are grabbing it and using it, as opposed to just grabbing it. As far as websurfing on Linux goes, you don't really have a choice. Netscape 4.xx just can't render a lot of the sites out there today. None of the other browsers is anywhere near being fullly functional. If you want to surf with Linux, you have to use Mozilla. Period.
Not that that's such a bad thing. Mozilla is that hands-down champ at render speed. Themes are *very* cool. (If you don't think so, maybe you should think about switching to Lynx. Check out the MozBilla theme that makes Mozilla look just like IE - of course, the little picture of a borg in the corner kind of gives it away.) Stability has improved a lot and it is now most certainly more stable than Netscape 4.7 on my machine. YMMV.
On the other hand, memory pigness still sucks, some of the UI processing is slow, Java and newsgroups are still not in the standard distribution. (With some fiddling you can plug in your own JVM.) I'm willing to wait patiently for such goodies, thanks, and in the meantime I'll just keep downloading those nightly builds and using them. It just keeps getting better.
--
Jeez, I just want to weigh in on this - Chris, that's one of the most lucid posts I've ever seen on Slashdot. Keep it up guy! And oh by the way I'm a musician and I couldn't agree with you more. But I could never say it like you did. Umm, how about a song then?????
--
Freenet, or a system much like it, is the only acceptable longterm answer to such attacks on the rights of us, the user community. Fair use. Fair Use. Repeat that over and over again. Fair use is being attacked - the correct response is for us to use technology to enshrine Fair use as a basic right.
--
Not exactly. Note that the information is recorded statistically in the headers. If you only send a few packets like a normal human being you won't be particularly traceable. On the other hand, a massive download is going to be quite traceable and therein lies and important question from the point of view of anonymity.
Now, particular this development is as inevitable as people locking their doors and putting in security cameras in a big city. There is *no way in hell* that we will be able to prevent it. I'm of two minds about it. On the one hand, I am a big supporter of the principle that the only way to gaurantee freedom of speech on the net is to have technologically-enforced anonymity. On the other hand, I think script-kiddies are scum of the earth. On the third hand, I think script kiddies, like roaches, at least perform the useful function of showing us where the weak spots in the net are.
--