I blame schools. Secondary education is big business. There's only a handful of schools with quality programs. Here in Louisiana, many schools still teach pascal and basic. Later courses are taught by underqualified professors who've been out of the loop for years. For my C++ course, I had to constantly argue with the teacher over every program I would write because he did not know the ANSI standards. The class barely covered the first three chapters of a "teach yourself C++ in 24 hours" type book. Classes tend to "gear down" to the accomodate the dumbest person in the class, which is just wrong. I got fed up, left school, got six years experience, then came back and got a business degree.
I've had this done by my dentist, without anesthetic. It's an odd feeling... I wouldn't say its completely painless though. It feels like a little pneumatic hammer action banging on your tooth.
It's very nice so far, especially the controller portion. There's lots of addons and plugins for it, all of which are entirely optional. It's actually very open-ended and easy to extend.
I use the controller classes extensively, but write my own model, view, and support classes. Catalyst culture seems to encourage Class::DBI parentage as a base model class, but it's simple to roll your own (I hate CDBI, so I based mine on Ima::DBI instead). Your classes can work independently of Catalyst... it imposes no restrictions or inheritance constraints on you. Worth checking out.
Compatibility
on
Ajax in Action
·
· Score: 4, Insightful
AJAX represents a new paradigm in UI design for web applications. I don't think there's much question about AJAX's value. You will see two problems though: 1) browser compatibility, and 2) bad code and interface design.
You have to think hard when deciding if your client base is ready for it. The same browser issues exist with AJAX that exist for any other "new" client-side technology. By relying on it, you will exclude visitors.
As for my second point, get ready for a lot of bad AJAX. People have a hard enough time designing interfaces as it is (think of all the bad ones out there), and building dynamic ones that work like people expect them to will be that more complicated.
Beware that if you plan to run PHP5 on a large scale, you really need to buy Zend Platform ($1500 per multi-cpu server). Running a large application without an opcode cache requires ALOT more memory, and the free opcode caches (apc and eaccelerator) do not optimize PHP5's new object syntax well, if at all. Do some simple testing on such an app with memory_get_usage() or a debugger and you will quickly see what I mean.
I was looking at PHP5 as a platform for a rails-like MVC framework, but it would cost over $15,000 in licensing for it to run on our cluster on the scale we need. The free accelerators are finicky and questionably stable. I do not trust them yet, though I'm sure they'll improve. We decided to go with mod_perl and Catalyst with custom model classes as a framework.
Frankly, Zend makes me nervous (it took two weeks to get a response to a sales inquiry). If I were to spend this kind of money it would probably be on.NET, which I think is a nicer framework. Too bad I don't like windows as a server.
I was more interested in the rumors of PHP6 running on top of parrot. Many (most?) of the PHP developers are employed at Zend, so I don't see why they would do this. Of course, anyone could make a PHP-like language, but I believe their license prevents you from naming it something similar to PHP.... we all know the language needs alot of work anyways.:)
PHP5 would cost us $15,000 to run
on
Spring Into PHP 5
·
· Score: 2, Interesting
PHP5 is a memory hog. I realized this after writing a sizeable application in PHP5's new object syntax for our 7-server cluster. Everyone is so busy comparing PHP4 to PHP5 by benchmarking a script that prints "hello world" 5000 times, nobody has noticed the memory usage.
PHP5 DOES runs great if you run it through Zend Platform (an opcode accelerator), which costs $1500 a year per dual-CPU server. There are free alternatives to this (eAccelerator and APC), but none of them optimize the new PHP5 class syntax like Zend, and talk of instability is common. Do some simple memory benchmarks and you will see (just load your classes, you dont even run any code it to see it guzzle memory!!).
For us to run PHP5, it would cost over $15,000 per year, which is more than our servers are worth!
I feel held at ransom by Zend. Small shops like us are left out in the cold. We are abandoning it and switching to mod_perl and Catalyst on CentOS4.
PHP does not feel "free" the way Perl or Apache are. I guess it is Zend's language after all.
There are companies that provide offsite storage. We used Iron Mountain. They'd stop by daily and pickup a locked box containing our backup tapes, and drop off a box containing the set coming out of rotation to be recycled. The tapes are taken to their secure facility for storage.
We had alot of problems at the SomethingAwful forums when word of GWA got out and everyone started trying it out. Our users were able to retrieve the web-based private messages of other users, view their login screen, etc.
We recommended that our users NOT use proxies such as GWA. We did not do this because it's buggy (though it may be), but more because it is a public proxy being marketed as a web accelerator. Most web users do not understand what a proxy is much less the serious security and privacy implications using one can have.
GWA seemed to not always honor cache headers as the RFC describes, though I couldn't see any real pattern.
RHEL was definitely far out of our price range, especially since we have absolutely no use for the support that we would be paying for. We ended up going with CentOS on our fourteen Dell servers that run everything for somethingawful.com.
CentOS is a community-supported build of the RHEL source RPMS. They closely follow RedHat errata and release updated packages shortly after the official RedHat packages appear. We've used it for over six months now and it's been great. It's perfectly stable, and it's easy to rollout updates via a local yum repository that rsyncs off the CentOS mirrors.
I think it's best to just reject mail addressed to non-existent users during the SMTP transaction. My outside relay uses Postfix's relay_recipient_map to validate all recipients before relaying inside... anything not matching gets rejected with a 550. This saves my content filters (amavis/clamav) alot of work since we get TONS of spam to non-existent recipients.
If you don't validate recipients, then you probably SHOULD use a catch-all address. The alternative to this would be bouncing spam back to the (usually forged) sender, in which case you become part of the problem and can cause yourself major queueing problems.
This is the equivalent of arresting someone for pointing at a bank vault with no door.
I've worked for GameSpy in the past, and I'm sure this behavior comes as no surprise to anyone familiar with their dilusional take on business ethics.
The original GameSpy 3D developers (the ones that cared) have long been out of the picture. Don't bother. If you belong to the minority (those preferring quality over advertising), try this instead:
http://www.udpsoft.com/eye2/index.html
You can barely read a gaming article these days without four "Punch the Monkey" banners and a 600x400 javascripted Ronald McDonald pissing all over your desktop.
We're a small company (70 people), so we just have a helpdesk mailbox on our exchange server that we monitor for requests. When a request is done, its moved to a "closed" folder. Pretty weak, but its quick and easy and it's worked.
So you suggest investing all of my effort in 'mastering' a single language/technology which may or may not be in demand 5-10 years from now? No thanks. Careful or you may end up hanging out with ex-Pascal developers.
One thing I haven't seen mentioned yet is that a filesystem of this type is only useful if there is quality metadata accompanying every file you expect to find. Searching for "all jazz music" would return nothing unless the filesystem was told about each file that qualifies as "jazz music". What if I wanted to be more specific and say "jazz horn music"? Even more specific, "jazz trumpet solo"? The filesystem would have to know all of this data to be effective.
Where does this metadata come from? I assume I have to enter it myself. This means the more files I have, the more detailed and specific my data entry becomes. And that much more tedious.
Even worse is the uncertainty that would arise. Is my search for "horn solos" not returning results because there are no such files, or because the filesystem does not have meta data describing the files I want as such?
At this point, hierarchial organization once again becomes much more appealing again.
MPlayer used to be a gaming network and server browser. Back in 2000, GameSpy purchased MPlayer, and likely holds all copyrights and trademarks as a result.
Finally, my parents can evacuate when a hurricane or flood threat is looming. I'm buying my parents this as soon as I make $850,000 so they can cruise to safety while making cheddar cheese omelettes and listening to Willie Nelson.
Just out of curiosity, do you live in the US and enjoy the freedom here? If you don't support the military here or what it affords us, maybe you are in the wrong country.
Maybe its just me, but I see horrible code everywhere. Anyone who has worked in corporate IT will tell you that most commercial enterprise and specialty software out there is rather horrible. From flaky conferencing software like Centra, to bloated sales and marketing tools like SalesLogix, most software my company uses is pretty shabby. We bought one of "the best" financial systems out there, and even that's crumby!
Take a look at the database structure for some of these "enterprise" applications and you'll probably laugh. Even funnier is how SalesLogix sorts columns in its GUI... it sorts dates as strings rather than numerically. Its bad enough this kind of thing gets written into a product, and even passes QA.
And these are not cheap applications either. Alot of this software costs tens of thousands of dollars. Its a joke.
1) Nothing is wrong with NATs by themselves. Our corporate network had alot of NATs from outside into our private LAN with open ports. THAT's bad.
In a corporate network, you should always avoid opening ports into your LAN if possible. Now, if your private network contains nothing but a cluster of public web, email, and DNS servers, then there's not much you can do to avoid opening ports into your network. In our case, we have alot of employee data, databases, source code, and IP behind our firewall, so NAT'ing into it is very dangerous.
2) Once a system is compromised, I don't trust it. Its often more work to clean up after a rootkit than to just start over. Save what data you can or revert to backup and start from scratch.
3) A DMZ is usually a lower-security private network behind the firewall. Most people use at least one DMZ network to host non-critical or public-facing systems on so that if they are compromised, will not affect the integrity of any higher security private LANs.
4) Stay patched. It may be easiest to stay with standardized packages (like rpm or deb) until you get more experience. Its most important to patch systems running on public ports, like Apache (and any modules you may use), sendmail, named, ftp, etc., since this is where people are most likely to get onto your system.
Also, signup for a list like the Bugtraq mailing list and visit sites like securityfocus.com.
Slashdot Mirror
I blame schools. Secondary education is big business. There's only a handful of schools with quality programs. Here in Louisiana, many schools still teach pascal and basic. Later courses are taught by underqualified professors who've been out of the loop for years. For my C++ course, I had to constantly argue with the teacher over every program I would write because he did not know the ANSI standards. The class barely covered the first three chapters of a "teach yourself C++ in 24 hours" type book. Classes tend to "gear down" to the accomodate the dumbest person in the class, which is just wrong. I got fed up, left school, got six years experience, then came back and got a business degree.
I've had this done by my dentist, without anesthetic. It's an odd feeling... I wouldn't say its completely painless though. It feels like a little pneumatic hammer action banging on your tooth.
Try something for me. Go to a job search engine and search for "ruby". Now try the same thing for "perl". I'll hedge my bets on perl for now.
This is an MVC framework for Perl that resembles RoR in a lot of ways.
http://catalyst.perl.org/
It's very nice so far, especially the controller portion. There's lots of addons and plugins for it, all of which are entirely optional. It's actually very open-ended and easy to extend.
I use the controller classes extensively, but write my own model, view, and support classes. Catalyst culture seems to encourage Class::DBI parentage as a base model class, but it's simple to roll your own (I hate CDBI, so I based mine on Ima::DBI instead). Your classes can work independently of Catalyst... it imposes no restrictions or inheritance constraints on you. Worth checking out.
AJAX represents a new paradigm in UI design for web applications. I don't think there's much question about AJAX's value. You will see two problems though: 1) browser compatibility, and 2) bad code and interface design.
You have to think hard when deciding if your client base is ready for it. The same browser issues exist with AJAX that exist for any other "new" client-side technology. By relying on it, you will exclude visitors.
As for my second point, get ready for a lot of bad AJAX. People have a hard enough time designing interfaces as it is (think of all the bad ones out there), and building dynamic ones that work like people expect them to will be that more complicated.
Beware that if you plan to run PHP5 on a large scale, you really need to buy Zend Platform ($1500 per multi-cpu server). Running a large application without an opcode cache requires ALOT more memory, and the free opcode caches (apc and eaccelerator) do not optimize PHP5's new object syntax well, if at all. Do some simple testing on such an app with memory_get_usage() or a debugger and you will quickly see what I mean.
.NET, which I think is a nicer framework. Too bad I don't like windows as a server.
I was looking at PHP5 as a platform for a rails-like MVC framework, but it would cost over $15,000 in licensing for it to run on our cluster on the scale we need. The free accelerators are finicky and questionably stable. I do not trust them yet, though I'm sure they'll improve. We decided to go with mod_perl and Catalyst with custom model classes as a framework.
Frankly, Zend makes me nervous (it took two weeks to get a response to a sales inquiry). If I were to spend this kind of money it would probably be on
At any rate, be careful.
I was more interested in the rumors of PHP6 running on top of parrot. Many (most?) of the PHP developers are employed at Zend, so I don't see why they would do this. Of course, anyone could make a PHP-like language, but I believe their license prevents you from naming it something similar to PHP. ... we all know the language needs alot of work anyways. :)
PHP5 is a memory hog. I realized this after writing a sizeable application in PHP5's new object syntax for our 7-server cluster. Everyone is so busy comparing PHP4 to PHP5 by benchmarking a script that prints "hello world" 5000 times, nobody has noticed the memory usage.
PHP5 DOES runs great if you run it through Zend Platform (an opcode accelerator), which costs $1500 a year per dual-CPU server. There are free alternatives to this (eAccelerator and APC), but none of them optimize the new PHP5 class syntax like Zend, and talk of instability is common. Do some simple memory benchmarks and you will see (just load your classes, you dont even run any code it to see it guzzle memory!!).
For us to run PHP5, it would cost over $15,000 per year, which is more than our servers are worth!
I feel held at ransom by Zend. Small shops like us are left out in the cold. We are abandoning it and switching to mod_perl and Catalyst on CentOS4.
PHP does not feel "free" the way Perl or Apache are. I guess it is Zend's language after all.
There are companies that provide offsite storage. We used Iron Mountain. They'd stop by daily and pickup a locked box containing our backup tapes, and drop off a box containing the set coming out of rotation to be recycled. The tapes are taken to their secure facility for storage.
We recommended that our users NOT use proxies such as GWA. We did not do this because it's buggy (though it may be), but more because it is a public proxy being marketed as a web accelerator. Most web users do not understand what a proxy is much less the serious security and privacy implications using one can have.
GWA seemed to not always honor cache headers as the RFC describes, though I couldn't see any real pattern.
Ken
RHEL was definitely far out of our price range, especially since we have absolutely no use for the support that we would be paying for. We ended up going with CentOS on our fourteen Dell servers that run everything for somethingawful.com.
CentOS is a community-supported build of the RHEL source RPMS. They closely follow RedHat errata and release updated packages shortly after the official RedHat packages appear. We've used it for over six months now and it's been great. It's perfectly stable, and it's easy to rollout updates via a local yum repository that rsyncs off the CentOS mirrors.
Try CentOS or WhiteBox!!!
CentOS
http://www.caosity.org/
WhiteBox Linux
http://www.whiteboxlinux.org/
I think it's best to just reject mail addressed to non-existent users during the SMTP transaction. My outside relay uses Postfix's relay_recipient_map to validate all recipients before relaying inside... anything not matching gets rejected with a 550. This saves my content filters (amavis/clamav) alot of work since we get TONS of spam to non-existent recipients.
e cipient_maps = mysql:/etc/postfix/mysql-recipient.cf,t = relay:mx2.somethingawful.com
relay_domains = mysql:/etc/postfix/mysql-relaydomains.cf
relay_r
mysql:/etc/postfix/mysql-alias.cf
relay_transpor
If you don't validate recipients, then you probably SHOULD use a catch-all address. The alternative to this would be bouncing spam back to the (usually forged) sender, in which case you become part of the problem and can cause yourself major queueing problems.
This is the equivalent of arresting someone for pointing at a bank vault with no door.
I've worked for GameSpy in the past, and I'm sure this behavior comes as no surprise to anyone familiar with their dilusional take on business ethics.
The original GameSpy 3D developers (the ones that cared) have long been out of the picture. Don't bother. If you belong to the minority (those preferring quality over advertising), try this instead:
http://www.udpsoft.com/eye2/index.html
You can barely read a gaming article these days without four "Punch the Monkey" banners and a 600x400 javascripted Ronald McDonald pissing all over your desktop.
GG GAMESPY
We're a small company (70 people), so we just have a helpdesk mailbox on our exchange server that we monitor for requests. When a request is done, its moved to a "closed" folder. Pretty weak, but its quick and easy and it's worked.
So you suggest investing all of my effort in 'mastering' a single language/technology which may or may not be in demand 5-10 years from now? No thanks. Careful or you may end up hanging out with ex-Pascal developers.
Where does this metadata come from? I assume I have to enter it myself. This means the more files I have, the more detailed and specific my data entry becomes. And that much more tedious.
Even worse is the uncertainty that would arise. Is my search for "horn solos" not returning results because there are no such files, or because the filesystem does not have meta data describing the files I want as such?
At this point, hierarchial organization once again becomes much more appealing again.
That's arguable. GameSpy has a history of involvement in music, and has even had two related products, RadioSpy and MP3Spy.
http://www.gaming-age.com/news/2000/12/20-115
What a great way to encourage businesses to setup shop in your state! I'm sure companies will flock to Florida now.
Finally, my parents can evacuate when a hurricane or flood threat is looming. I'm buying my parents this as soon as I make $850,000 so they can cruise to safety while making cheddar cheese omelettes and listening to Willie Nelson.
As an added bonus, coworkers will really appreciate your 30 flights worth of sweat as you sit in your cube and rot in your own liquid filth!
Canadian... oh ok, that explains alot then.
Just out of curiosity, do you live in the US and enjoy the freedom here? If you don't support the military here or what it affords us, maybe you are in the wrong country.
Maybe its just me, but I see horrible code everywhere. Anyone who has worked in corporate IT will tell you that most commercial enterprise and specialty software out there is rather horrible. From flaky conferencing software like Centra, to bloated sales and marketing tools like SalesLogix, most software my company uses is pretty shabby. We bought one of "the best" financial systems out there, and even that's crumby!
Take a look at the database structure for some of these "enterprise" applications and you'll probably laugh. Even funnier is how SalesLogix sorts columns in its GUI... it sorts dates as strings rather than numerically. Its bad enough this kind of thing gets written into a product, and even passes QA.
And these are not cheap applications either. Alot of this software costs tens of thousands of dollars. Its a joke.
1) Nothing is wrong with NATs by themselves. Our corporate network had alot of NATs from outside into our private LAN with open ports. THAT's bad.
In a corporate network, you should always avoid opening ports into your LAN if possible. Now, if your private network contains nothing but a cluster of public web, email, and DNS servers, then there's not much you can do to avoid opening ports into your network. In our case, we have alot of employee data, databases, source code, and IP behind our firewall, so NAT'ing into it is very dangerous.
2) Once a system is compromised, I don't trust it. Its often more work to clean up after a rootkit than to just start over. Save what data you can or revert to backup and start from scratch.
3) A DMZ is usually a lower-security private network behind the firewall. Most people use at least one DMZ network to host non-critical or public-facing systems on so that if they are compromised, will not affect the integrity of any higher security private LANs.
4) Stay patched. It may be easiest to stay with standardized packages (like rpm or deb) until you get more experience. Its most important to patch systems running on public ports, like Apache (and any modules you may use), sendmail, named, ftp, etc., since this is where people are most likely to get onto your system.
Also, signup for a list like the Bugtraq mailing list and visit sites like securityfocus.com.