Why not run wireless unencrypted. and run anything you actually care about being encrypted either over ssl, through an ssh tunnel, or some other form of real encryption?
WEP is a little more secure than telnet, but not much, and telnet with OPIE may be more secure than WEP on a high traffic wireless access point.
WPA2 is unproven while IPSEC, tls, ssl, and ssh all use proven encryption.
If you care about security you would use proven security, and find that the unproven security in WPA2 is just overhead as you cannot trust it to not be compromised.
Wireless security is just for keeping people from borrowing your internet connection, not real security, although that is there eventual goal.
And if you are like most people you don't access your home server but a server on the internet as the ultimate destination of your wireless connection in which case open wifi may be the least hostile network that you are connecting through.
There is the argument that fake security is worse than no security and bruce schneier seems to be of that mind set.
Blog posts are one example where a prepared query would fail.
Names are another place that you can quickly run into problems if the name is something like Søren, where the name is not ascii.
Sanitizing data is a task you sometimes have to do.
But, you should always try to use prepared statements or try and find some other way to avoid ever using input as something to test, not execute or pass on.
The site will be almost entirely content. It will need to be updated by non-technical staff, specifically uploading PDFs, creating new pages, and applying tags from multiple fixed taxonomies. It will need to handle user accounts and control editing permissions down to the page level. We do our own design so theming should be too hard, and the more flexible in content placement the better.
Thanks in advance.
As a big Joomla! fan I would not recommend you use Joomla unless you are planning on checking out 1.6 from subversion.
Plone has the highest learing curve of Drupal, Joomla!, and Plone., but it requires no tweaking to get what you need.
Skinning Plone is harder than Joomla and Drupal but spending the extra time skinning it so you can use a CMS that exactly solves your problem with no coding or extensions is what I would strongly recommend.
What specifically do you not like about Drupal? Thanks.
A user interface that makes kittens cry? (That is a description by one of the core drupal developers about one of the admin screens.)
Drupal's user interface has gotten a lot better lately, and in 6.0 is approaching not bad and if any one is looking at drupal for the first time I would recommend Acquia's version of drupal it has a lot of the drupal annoyances papered over but is not a fork but drupal with a nice set of extensions that you were going to spend a couple weeks tracking down and installing.
Rabbits are very good at eating the non poisonous tips off of trees that are otherwise poisonous to them and striping electrical wires. Seems to be the same skill set.
First, modern *N*X systems have a user group security model that is implemented about as well as can be done. Additionally, there are the beginnings of acl implementations being done.
Windows has ACL security which is theoretically much better than user group security, unfortunately it is in the off position, and turning it on requires all the work of getting a PhD. in computer science, this makes it useless unless you wish to pay someone $200K to secure your desktop.
Second, I think windows XP, Vista, OS X, and every other current desktop is not yet ready for general use. The bugs in Firefox, IE, and Safari are just the tip of the problems that they have. Yes, *n*x systems tend to be fairly good at protecting everything but ~/ from malicious software, but that is the location of most of the important data on most workstations.
Linux is showing some of the best progress towards a solution to this problem. and if you said that Debian/Redhat/SuSE/etc. doesn't suck as bad as Microsoft's current workstation software I would agree, but we are talking degrees of suckage, not degrees of goodness. refinements of the openid, opensocial stack should help solve some of the desktop problems.
In theory Microsoft has a good product, in reality they have a product that has been trojaned by legacy libraries and a set of default security settings that do more to interfere with the legitimate use of the system than to interfere with malicious software.
I have heard of very few people that argue for one server one service outside of microsoft. Privilage separation, and multiple user accounts and nothing running as nobody seems to be adequate.
Better arguments for opensource would be qmail and postfix. If you installed qmail on a server that had no other services exposed in 2000 and you had not patched it and it was still running today, it would probably be just fine as long as it was set up correctly in the first place.
I don't know of a web server that is provably correct, but I wouldn't be surprised if one exists. Most of the time you are stuck picking software that is closest to what you want, not perfect software.
I would talk to the client about how little software is provably secure, and the fact that many people seem to be ripping out secure software for increased features, the fact that windows lost its security ranking due to bugs, the fact that the NSA contributes security code to Linux, and then have a talk about where the real security weaknesses are in there system and what the cost would be to harden them. you might be able to get a little more business out of them if you pitch it right.
I would go with Linux has never had a rapidly spreading virus, or the standard security settings in Linux have so far prevented the spread of Linux viruses without anti-virus software,
If you run the windows task manager you will typically see about three users with processes running. (as opposed to the typical linux machine that has over a dozen users, bind, www, mail, etc.)
Windows security model is closer to that of linuxSE than traditional unix permissions. The big problem with windows security is that configuration is left as an exercise for the end user.
So basically you need to do all the work for a masters degree in computer science in order to secure your windows computer.
Or in other words windows security is left unconfigured.
Just like Linux borrows a lot from UNIX, Windows NT copies a lot from VMS.
According to a study released by Microsoft 90% of the Windows malware would not run if people did not run as administrator.
Proper security is thwarted by many of the leading applications for windows, including quicken and office. implementing unix level security on a windows machine was really hard the last time I tried. Much less implementing full usage of the ACL.
SELinux is creeping into Debian, Redhat, and SuSE. But only for a few services and there are a lot of problems getting everything right.
Personally I believe that when SELinux makes it to web browsers and filemanagers, then Linux may be ready for the desktop, in the meantime it is as close as anything else.
You might look at Joomla 1.5. Unless the migration is going to take a while in which case look at Joomla 1.6.
The amount of shared code between Joomla 1.0.x and 1.5.x is extremely small.
Joomla 1.5 has a very nice MVC framework that was written because of the performance problems they were having with cake. (Cake does somethings really well, but the rewrite that would be needed for Joomla to work well on Cake inspired the Joomla developers to write their own framework.)
The foundation of Joomla 1.5 is really nice. Don't let the 1.0 code scare you away from migrating to 1.5.
Plone is really nice if you have the hardware and are willing to deal with the smallish community.
Drupal is really nice to code on althought the difference between joomla 1.5 and drupal 6 is not that huge, Drupal does use jQuery as it's native javascript library which is nice.
Look at wordpress just because if it meets your needs it will save so much time.
My favorite for multilingual sites are plone and Joomla.
Joomla! big strength is complete control of the view with template overrides.
Mediawiki works, but it is a bit of a pain to do graft the template on.
Personally I would advise porting to joomla 1.5 on a test server taking note of everything that doesn't work as you would like, and then feature shop other content management systems.
Drupal, Joomla, and Plone can all do more or less everything with custom extensions. The question is which one is closest to your needs out of the box.
While I would not use gentoo for a home machine, if you have hundereds of machines and a couple build servers for your in house custom software, Gentoo works well. Build the stack. QA the stack. Deploy the stack. (Etrade.com runs on gentoo and does this, I am sure there are others, portage is mentioned a lot in corporate linux howto guides.)
chkrootkit, tripwire, clamav, shorewall, john-the-ripper, and snort run on a lot of systems considered super secure by their users.
Some people consider their systems super secure because they know they are not they guess they are.
The question on freebsd-security a few years ago was what was the best way to avoid denial of service attacks if you are logging to lpr. (one of the obvious suggestions is do not log repeated messages, just the number of times the message has repeated. this will increase the work required to kill your server by running through all the paper and hanging until more boxes of paper are fed to the printers.)
That was the same list that made me realize that you should not have passwords on multiuser systems, or servers in general.
Do you really think that people use passwords like this
makepasswd --char=32 --count=10 CLWwBsm1c15IFadg4KTjrHhCBjFP8RNI -- for slashdot RLQaXqSEfRHgLnwjjbgoJU5y4Uya2hM6 -- for gmail NebgFMATH990vB8US8CE4zMgeR7uum02 -- for Administrator SFa0qT5nIQuLYtTsq44I8336ghEBApiD -- for user account smcruMr8rzE6PFHzus8AmPcIoKNFy0Rh -- for facebook L6wynpgAHoINdQm2CWwXdfSiJrBzQ8YG -- for myspace Q3D1JBVXtgPNNo4bm16WAcKPMhox8s6C -- for banking L1hEhuisoFcnoyGEYxPYqW8Hq4Qs2EmY -- for retirement account 2RqaobNEKyQIIoUVoFPty6EruLQhVE0F -- for work login s0zJFsLiWCSN0e5fCEvpi48GV4D0PjyH -- for paypal
Phishing sites are one of the best ways to effectively get the information and tools needed to illicitly act on behalf of someone else.
At some point public key logins via ssl will become the norm, until then, passwords will be the week point in most systems.
Realize that even though debian had the ultra limp ssl keys generated it was still seems to be more productive to use password guessing than trying to try brute forcing an almost known key. Passwords suck that bad.
I would not be surprised if a sizable number of systems (more than 10%) in Arizona could be broken into this week with a dictionary attack of:
cardinals cardina1s Cardina1s
For those that want an analogy, imagine zoning laws that required NORAD style doors on all buildings and twenty percent of the population deciding that it is stupid and refusing to lock their doors. You would have a situation similar to the computer landscape today.
r-cran is what I usually google for or just cran with the problem.
It isn't perfect but I tend to get somewhat close.
apt-get install r-cran-* will get you a large subset of the R extensions if you are interested in playing with it. I suppose you could just install r-base but what's the fun in that:-)
For me 32bit flash on amd64 is always on the top layer (on top of drop down menus) and crashes every few hours.
(I assume that is what is causing it as my laptop that runs in 32bit mode has none of those issues.)
Hopefully 64bit flash will fix those issues. (or GNASH will finally close the gap enough to work better than 32bit Flash. for youtube GNASH is better than Adobe Flash, but other than that one case GNASH fails so much more than Adobe Flash that it is hard to migrate. I wish I could spec GNASH with Midori and Galeon and Adobe Flash with Konquerer and Iceweasel, Hmm time to file a bug report, now if only I can figure out which packages to file it against...)
If an large expensive app will make me money what does the existence of 99cent ringtones have to do with my purchasing decision?
It sounds to me like developers of useless, unusable, and or badly marketed applications are not finding buyers and blaming free cheap apps for their failings.
Personally I have a hard time seeing many cases where it is worth signing the apple developers license (or whatever it is called, I cannot remember and cannot be bothered to download it again.)
As I recall the license that the developers agreed to basically said: All Your Base Belong to Apple, Suck it up.
OpenMoko, Symbian, and Android seem to have much better terms for developers. If you have a killer app and someone will buy the phone for your app, why put yourself at Apples mercy?
BSD Networking Release 1 was $1,000 per tape. and sold several hundred copies.
If you can sell BSD licensed software for $1,000 a pop, don't tell me you can't sell a high priced useful program on the iTune app store.
Do know that it is generally estimated that less than 20% of programmers work for software companies?
Lots of companies have in house programmers. I have even seen cities with "hiring freezes" post ads for programmers and sys admins.
Every estimate I have seen for the failure rate for computer projects is 80% or higher.
More or less everything with computers has been a disaster.
Bespoke solutions, off the shelf solutions, a combination of the two, you name it, your work will be harder and the money spent will never be recovered. (at least that is the way to bet.)
Of course we see the relatively rare successes and assume that the massive carnage was just the unenlightened fools that didn't know what they were doing.
Call me jaded, old, and behind the times... But what ever happened to a web browser just being a web browser instead of a development platform...
Netscape 2.0beta3 was released and then 1996 happened.
It is arguable that the reason for the popularity of the web is because Netscape 2 gave a platform for cross platform client server application development.
Even thought the tools sucked the probable direction was obvious to many (Including Bill Gates) which is why Microsoft pushed for ActiveX and did so much to destroy Netscape.
I'm just starting out with javascript. I've only done bug fixing on existing sites, and have never used a framework. What are the pros and cons of Dojo and jQuery?
Pros of Dojo and jQuery:
Much less developer time.
Fairly good cross browser support.
Much easier to debug code.
Cons:
Simple tasks require a much bigger download. (in the case of yui can be somewhat mitigated by leaching off of yahoo's hosting.)
Encourage the use of javascript as a band-aid for broken cms logic.
Regulatory compliance options with the paid service seems to actually be a selling point of google apps.
The fact that the apps are clunky, the protocols seem a little off, and Google being the new new evil seem like reasons to sort of avoid Google. Google apps is the cheapest way to get CYA satisfy the regulators and legal compliance that I know of. The only options I know of are configure Google apps or pay an admin that knows what they are doing six figures to set up and maintain Exchange/Zimbra/Notes/etc. are the only options I know of.
The latter will probably result in happier users, but I can see how Google for email would get chosen.
Slashdot Mirror
Well there has been some progress on what you can do for moderate expense.
http://pyrit.wordpress.com/the-twilight-of-wi-fi-protected-access/
Why not run wireless unencrypted. and run anything you actually care about being encrypted either over ssl, through an ssh tunnel, or some other form of real encryption?
WEP is a little more secure than telnet, but not much, and telnet with OPIE may be more secure than WEP on a high traffic wireless access point.
WPA2 is unproven while IPSEC, tls, ssl, and ssh all use proven encryption.
If you care about security you would use proven security, and find that the unproven security in WPA2 is just overhead as you cannot trust it to not be compromised.
Wireless security is just for keeping people from borrowing your internet connection, not real security, although that is there eventual goal.
And if you are like most people you don't access your home server but a server on the internet as the ultimate destination of your wireless connection in which case open wifi may be the least hostile network that you are connecting through.
There is the argument that fake security is worse than no security and bruce schneier seems to be of that mind set.
Blog posts are one example where a prepared query would fail.
Names are another place that you can quickly run into problems if the name is something like Søren, where the name is not ascii.
Sanitizing data is a task you sometimes have to do.
But, you should always try to use prepared statements or try and find some other way to avoid ever using input as something to test, not execute or pass on.
The site will be almost entirely content. It will need to be updated by non-technical staff, specifically uploading PDFs, creating new pages, and applying tags from multiple fixed taxonomies. It will need to handle user accounts and control editing permissions down to the page level. We do our own design so theming should be too hard, and the more flexible in content placement the better.
Thanks in advance.
As a big Joomla! fan I would not recommend you use Joomla unless you are planning on checking out 1.6 from subversion.
Plone has the highest learing curve of Drupal, Joomla!, and Plone., but it requires no tweaking to get what you need.
Plone does all of those thing out of the box.
Because Plone uses Zope instead of MySQL your PDF's will be objects that can have attributes http://www.example.com/mypdf.pdf can have the attribute http://www.example.com/mypdf.pdf/copyright.html
Skinning Plone is harder than Joomla and Drupal but spending the extra time skinning it so you can use a CMS that exactly solves your problem with no coding or extensions is what I would strongly recommend.
What specifically do you not like about Drupal? Thanks.
A user interface that makes kittens cry? (That is a description by one of the core drupal developers about one of the admin screens.)
Drupal's user interface has gotten a lot better lately, and in 6.0 is approaching not bad and if any one is looking at drupal for the first time I would recommend Acquia's version of drupal it has a lot of the drupal annoyances papered over but is not a fork but drupal with a nice set of extensions that you were going to spend a couple weeks tracking down and installing.
Rabbits are very good at eating the non poisonous tips off of trees that are otherwise poisonous to them and striping electrical wires. Seems to be the same skill set.
You seem to be missing my point(s).
First, modern *N*X systems have a user group security model that is implemented about as well as can be done. Additionally, there are the beginnings of acl implementations being done.
Windows has ACL security which is theoretically much better than user group security, unfortunately it is in the off position, and turning it on requires all the work of getting a PhD. in computer science, this makes it useless unless you wish to pay someone $200K to secure your desktop.
Second, I think windows XP, Vista, OS X, and every other current desktop is not yet ready for general use. The bugs in Firefox, IE, and Safari are just the tip of the problems that they have. Yes, *n*x systems tend to be fairly good at protecting everything but ~/ from malicious software, but that is the location of most of the important data on most workstations.
Linux is showing some of the best progress towards a solution to this problem. and if you said that Debian/Redhat/SuSE/etc. doesn't suck as bad as Microsoft's current workstation software I would agree, but we are talking degrees of suckage, not degrees of goodness. refinements of the openid, opensocial stack should help solve some of the desktop problems.
In theory Microsoft has a good product, in reality they have a product that has been trojaned by legacy libraries and a set of default security settings that do more to interfere with the legitimate use of the system than to interfere with malicious software.
I have heard of very few people that argue for one server one service outside of microsoft. Privilage separation, and multiple user accounts and nothing running as nobody seems to be adequate.
Better arguments for opensource would be qmail and postfix. If you installed qmail on a server that had no other services exposed in 2000 and you had not patched it and it was still running today, it would probably be just fine as long as it was set up correctly in the first place.
I don't know of a web server that is provably correct, but I wouldn't be surprised if one exists. Most of the time you are stuck picking software that is closest to what you want, not perfect software.
I would talk to the client about how little software is provably secure, and the fact that many people seem to be ripping out secure software for increased features, the fact that windows lost its security ranking due to bugs, the fact that the NSA contributes security code to Linux, and then have a talk about where the real security weaknesses are in there system and what the cost would be to harden them. you might be able to get a little more business out of them if you pitch it right.
I would go with Linux has never had a rapidly spreading virus, or the standard security settings in Linux have so far prevented the spread of Linux viruses without anti-virus software,
If you run the windows task manager you will typically see about three users with processes running. (as opposed to the typical linux machine that has over a dozen users, bind, www, mail, etc.)
Windows security model is closer to that of linuxSE than traditional unix permissions. The big problem with windows security is that configuration is left as an exercise for the end user.
So basically you need to do all the work for a masters degree in computer science in order to secure your windows computer.
Or in other words windows security is left unconfigured.
Just like Linux borrows a lot from UNIX, Windows NT copies a lot from VMS.
According to a study released by Microsoft 90% of the Windows malware would not run if people did not run as administrator.
Proper security is thwarted by many of the leading applications for windows, including quicken and office. implementing unix level security on a windows machine was really hard the last time I tried. Much less implementing full usage of the ACL.
SELinux is creeping into Debian, Redhat, and SuSE. But only for a few services and there are a lot of problems getting everything right.
Personally I believe that when SELinux makes it to web browsers and filemanagers, then Linux may be ready for the desktop, in the meantime it is as close as anything else.
Point out that Linux has never had a virus and was designed to be multi-user unlike Windows.
You might want to skip that part. Linux has had proof of concept viruses, and the windows NT family was designed to be multi user.
You might look at Joomla 1.5. Unless the migration is going to take a while in which case look at Joomla 1.6.
The amount of shared code between Joomla 1.0.x and 1.5.x is extremely small.
Joomla 1.5 has a very nice MVC framework that was written because of the performance problems they were having with cake. (Cake does somethings really well, but the rewrite that would be needed for Joomla to work well on Cake inspired the Joomla developers to write their own framework.)
The foundation of Joomla 1.5 is really nice. Don't let the 1.0 code scare you away from migrating to 1.5.
Plone is really nice if you have the hardware and are willing to deal with the smallish community.
Drupal is really nice to code on althought the difference between joomla 1.5 and drupal 6 is not that huge, Drupal does use jQuery as it's native javascript library which is nice.
Look at wordpress just because if it meets your needs it will save so much time.
My favorite for multilingual sites are plone and Joomla.
Joomla! big strength is complete control of the view with template overrides.
Mediawiki works, but it is a bit of a pain to do graft the template on.
Personally I would advise porting to joomla 1.5 on a test server taking note of everything that doesn't work as you would like, and then feature shop other content management systems.
Drupal, Joomla, and Plone can all do more or less everything with custom extensions. The question is which one is closest to your needs out of the box.
Gentoo should be added to that list.
While I would not use gentoo for a home machine, if you have hundereds of machines and a couple build servers for your in house custom software, Gentoo works well. Build the stack. QA the stack. Deploy the stack. (Etrade.com runs on gentoo and does this, I am sure there are others, portage is mentioned a lot in corporate linux howto guides.)
chkrootkit, tripwire, clamav, shorewall, john-the-ripper, and snort run on a lot of systems considered super secure by their users.
Some people consider their systems super secure because they know they are not they guess they are.
The question on freebsd-security a few years ago was what was the best way to avoid denial of service attacks if you are logging to lpr. (one of the obvious suggestions is do not log repeated messages, just the number of times the message has repeated. this will increase the work required to kill your server by running through all the paper and hanging until more boxes of paper are fed to the printers.)
That was the same list that made me realize that you should not have passwords on multiuser systems, or servers in general.
Do you really think that people use passwords like this
makepasswd --char=32 --count=10
CLWwBsm1c15IFadg4KTjrHhCBjFP8RNI -- for slashdot
RLQaXqSEfRHgLnwjjbgoJU5y4Uya2hM6 -- for gmail
NebgFMATH990vB8US8CE4zMgeR7uum02 -- for Administrator
SFa0qT5nIQuLYtTsq44I8336ghEBApiD -- for user account
smcruMr8rzE6PFHzus8AmPcIoKNFy0Rh -- for facebook
L6wynpgAHoINdQm2CWwXdfSiJrBzQ8YG -- for myspace
Q3D1JBVXtgPNNo4bm16WAcKPMhox8s6C -- for banking
L1hEhuisoFcnoyGEYxPYqW8Hq4Qs2EmY -- for retirement account
2RqaobNEKyQIIoUVoFPty6EruLQhVE0F -- for work login
s0zJFsLiWCSN0e5fCEvpi48GV4D0PjyH -- for paypal
Phishing sites are one of the best ways to effectively get the information and tools needed to illicitly act on behalf of someone else.
At some point public key logins via ssl will become the norm, until then, passwords will be the week point in most systems.
Realize that even though debian had the ultra limp ssl keys generated it was still seems to be more productive to use password guessing than trying to try brute forcing an almost known key. Passwords suck that bad.
I would not be surprised if a sizable number of systems (more than 10%) in Arizona could be broken into this week with a dictionary attack of:
cardinals
cardina1s
Cardina1s
For those that want an analogy, imagine zoning laws that required NORAD style doors on all buildings and twenty percent of the population deciding that it is stupid and refusing to lock their doors. You would have a situation similar to the computer landscape today.
r-cran is what I usually google for or just cran with the problem.
It isn't perfect but I tend to get somewhat close.
apt-get install r-cran-* will get you a large subset of the R extensions if you are interested in playing with it. I suppose you could just install r-base but what's the fun in that :-)
and if the server is slow authentication takes about four times as long.
We can only hope,
But unfortunately we are more likely to have them appointed to the Attorney General's office than commit suicide.
"You can build database driven apps with VB or Access incredibly quickly. "
Please don't use the words Access and Database in the same sentence....
Grandparent is talking about access as a gui for MSSQL
That and proof of concepts that need done ASAP are what Access is good for.
You can accomplish small data management tasks in access very quickly.
That said I would much rather have a gui builder that generates python and jquery code for me to tweak.
But, that is a ways off.
For me 32bit flash on amd64 is always on the top layer (on top of drop down menus) and crashes every few hours.
(I assume that is what is causing it as my laptop that runs in 32bit mode has none of those issues.)
Hopefully 64bit flash will fix those issues. (or GNASH will finally close the gap enough to work better than 32bit Flash. for youtube GNASH is better than Adobe Flash, but other than that one case GNASH fails so much more than Adobe Flash that it is hard to migrate. I wish I could spec GNASH with Midori and Galeon and Adobe Flash with Konquerer and Iceweasel, Hmm time to file a bug report, now if only I can figure out which packages to file it against...)
This seems like a complete non-sequitur.
If an large expensive app will make me money what does the existence of 99cent ringtones have to do with my purchasing decision?
It sounds to me like developers of useless, unusable, and or badly marketed applications are not finding buyers and blaming free cheap apps for their failings.
Personally I have a hard time seeing many cases where it is worth signing the apple developers license (or whatever it is called, I cannot remember and cannot be bothered to download it again.)
As I recall the license that the developers agreed to basically said: All Your Base Belong to Apple, Suck it up.
OpenMoko, Symbian, and Android seem to have much better terms for developers. If you have a killer app and someone will buy the phone for your app, why put yourself at Apples mercy?
BSD Networking Release 1 was $1,000 per tape. and sold several hundred copies.
If you can sell BSD licensed software for $1,000 a pop, don't tell me you can't sell a high priced useful program on the iTune app store.
High priced crap on the other hand . . .
Do know that it is generally estimated that less than 20% of programmers work for software companies?
Lots of companies have in house programmers. I have even seen cities with "hiring freezes" post ads for programmers and sys admins.
Every estimate I have seen for the failure rate for computer projects is 80% or higher.
More or less everything with computers has been a disaster.
Bespoke solutions, off the shelf solutions, a combination of the two, you name it, your work will be harder and the money spent will never be recovered. (at least that is the way to bet.)
Of course we see the relatively rare successes and assume that the massive carnage was just the unenlightened fools that didn't know what they were doing.
Call me jaded, old, and behind the times... But what ever happened to a web browser just being a web browser instead of a development platform ...
Netscape 2.0beta3 was released and then 1996 happened.
It is arguable that the reason for the popularity of the web is because Netscape 2 gave a platform for cross platform client server application development.
Even thought the tools sucked the probable direction was obvious to many (Including Bill Gates) which is why Microsoft pushed for ActiveX and did so much to destroy Netscape.
I would guess it is a reference to The Hampster Dance (warning not safe for people with taste.).
And it's not like you cannot use http://www.lulu.com/ to keep it in print.
Self publish at 400% mark up to keep copyright seems fair enough.
If you cannot bother with that, I cannot see any reason to keep it under copyright.
I'm just starting out with javascript. I've only done bug fixing on existing sites, and have never used a framework. What are the pros and cons of Dojo and jQuery?
Pros of Dojo and jQuery:
Cons:
(they claim they have the lib more or less finished).
And it will be finished just as soon as samba 4 mapi is finished.
I have a small list of machines that are moving over to linux on the desktop when samba 4 is stable.
There are a lot of problems with Google Apps, as they stand presently.
On top of that, they provide no kind of regulatory compliance that I've seen.
http://www.google.com/apps/intl/en/business/security_discovery.html/
Regulatory compliance options with the paid service seems to actually be a selling point of google apps.
The fact that the apps are clunky, the protocols seem a little off, and Google being the new new evil seem like reasons to sort of avoid Google. Google apps is the cheapest way to get CYA satisfy the regulators and legal compliance that I know of. The only options I know of are configure Google apps or pay an admin that knows what they are doing six figures to set up and maintain Exchange/Zimbra/Notes/etc. are the only options I know of.
The latter will probably result in happier users, but I can see how Google for email would get chosen.