The rovers weren't overengineered, they were underestimated. In business it's called under promising and over delivering. It doesn't make any sense to build a Mars rover to last three months or even a year when most of the cost is getting there, not designing or building the rover.
"I wonder how many people who believe this don't believe a bar owner should be able to allow smoking if he wishes."
So does everyone who thinks a bar owner should allow smoking think he or she should be able poison your beer? Health issues are different from free speech issues.
Considering that Wine has been around for somewhere around twelve years, going beta *is* a big step for it. It's almost as impressive as if Duke Nukem Forever went into beta.
"PHP as little to none default protection so much so that they make it insecure by default. You would have to go through a considerable amount of work to make any script secure."
Really? So in what way is 'echo "hello world";' insecure? The only PHP scripts that are insecure are the ones where programmers made stupid decisions or wasn't thinking the design through, just like in any other language. 99% of these PHP problems are using external data without checking it. 99% of those cases are where the programmer didn't use the readily available tools such as prepared SQL statements.
In fact, with PHP in its default configuration, a script that does not accept user data has zero chance for exploitation. You do get cases where programmers do exceedingly stupid things such as get data in such a way as so internal data can be injected, but programming that way is actually much more difficult than doing it the right way. Programs ported from very old versions of PHP may suffer from this if they weren't ported properly.
Anyway, this is all aside from the fact that the TinyURL issue isn't a vulnerability caused by PHP. The program is working exactly as intended, but the programmers didn't think about it being used in this way. They could have easily written a couple lines of code to check to make sure the URL is valid before accepting it.
The analogy works for as far as I took it, which is all analogies are meant to do. Arguably, non-security related bug fixes are similar to automobile preventative maintenance, or at least similar to auto recalls.
"Its too cool that I can always find an exploit in my credit card company's computer system, my bank's computer system, and the IRS computer system"
You have no access to those systems. They are not on the Net. Give a good hacker access to a banker's terminal for a long period of time and you'll see him get access he shouldn't.
Given his comments on input devices on PCs being so far ahead of those on consoles, I wonder what Sid Meier thinks of the Nintendo Revolution controller. It seems to close some gaps while widening others. Then it also does things the PC hasn't yet dreamed of. IMO, it will be perfect for playing strategy games.
I'm sick and tired of hearing talk about holding vendors or developers legally responsible for writing insecure code. It's impossible to write any complex application and not have security problems.
The software industry operates more like the automobile industry: they know their cars will have problems, so they freely fix those problems for the warranty period. Software's warranty period is as long as the vendor or developer say they'll support that software.
The major difference is with closed source software, after the "warrany" period is up you can't usually pay someone to fix the problems. Open source provides a great car analogy, because after, say, Red Hat stops supporting your OS you can still fix it yourself or hire a developer to fix it for you.
This is why nobody would buy a car with the hood welded shut. For the life of me I can't figure out why anybody would buy software with the "hood" welded shut.
"if someone asked me to do that same thing for $20, I would probably be more willing to go along with it."
But how much money would you be willing to part with in order to earn $20? Scammers don't need a lot of people to fall for their scam, they just need a couple people who think it makes sense to send a few thousand dollars so they can get millions back.
"Where else do you see people react to being in an accident like they won the lottery? Be it medical, car, workplace. Get hurt and bingo, how can I get paid."
I can think of a few countries where some people are greedy enough to scam foriegners out of thousands of dollars.
Seriously, greed is human nature. The scammers are greedy, too. They're after a lot of money.
There is nothing in PHP that discourages you from mixing logic and presentation, but there is also nothing discouraging you from separating them either. This is exactly what makes PHP great for dirty hacks and large web apps alike.
Templating is part of the solution, but so is good app design. If you don't want to mix your logic, you simply need to code it that way. Zend PHP Framework will help enforce some of the same separation as Java does, but it's not strictly necessary. You can do MVC app design without much trouble. Take a look at Sitepoint's PHP Application Design forum (http://www.sitepoint.com/forums/forumdisplay.php? f=147).
Actually, php-gtk is very useful when you have an existing PHP web app that you want to port into a desktop app. It's a great project, but is definitely not meant for large-scale apps.
Swap "J2EE" for "Windows" and you have the same argument as is used against Linux. PHP is supported by Zend and several other companies. As the article says, Oracle and IBM are both showing support for PHP.
And nobody said J2EE was going to die. It's just that more people are realizing it isn't always the best way to develop a web app. IMO (and some people say I'm wrong sometimes), Java excels where you need to interface with legacy and/or disparate systems. If you don't need to do that, Java and J2EE might not be for you. This is why it's so great for banks that need to interface their online banking web site with their banking and account data. It's also why it's overkill for 99% of web sites. It makes more sense on an intranet where you don't need to worry as much about security when linking many internal systems (not because Java is insecure, but because linking web apps to critical business systems in inherently dangerous, moreso when you're exposing the web app to the general public).
"If you only want to display MSOffice documents, MS have a free download of a viewer program on their web site. It's lighter and faster than OO.o, and probably opens a larger percentage of docs correctly."
It's reasonably safe to assume that he needs to occasionally modify or create a new document. Most people do.
I also wouldn't count on Microsoft's own reader opening older.docs better than OpenOffice. Word is notorious for failing to open its own documents when they are not created in the same version of Word.
There is nearly zero Linux comfort factor with most execs these days. Windows isn't going to go away, but Linux will be able to compete on a more level mindshare playing field.
"...are used to having a big company behind their Unix OS and are more comfortable with Windows in general, so just that alone works against Linux migration"
Execs are warming up to Red Hat and Novell. They know IBM and other large companies are behind Linux. They are learning that they can get "enterprise" support.
What will really change things is when today's 15 - 30 year olds are more often the people making the decisions. Many young people have grown up messing around with Linux. High school students are installing it on old computers right now. Once there is a generation of execs comfortable with Linux you'll see major migration rates.
What's interesting, and perhaps addressed in your link, is that flying on Mars is completely different from flying on Earth. With low gravity it may seem easier, but at only 1% of Earth's atmosphere there is not enough air viscosity for a standard airplane to fly. It cannot generate lift nor maneuver once in the air.
X-Plane (http://www.x-plane.com/) provides a simulated Mars flight and includes a couple of airplanes that are designed to fly on Mars, but even those planes still do not provide enough control over the craft for it to be useful.
I was under the impression that Mars was once most likely covered in a shallow sea. This would explain the topography better than a deep ocean would. It could also explain the lack of crater impacts (dark color or not... there are less crater impacts where this sea supposedly is).
It's also possible that the low-lying portions of the planet are or were more susceptable to tectonic forces, so the topography has been smoothed by more recently replaced ground.
Linux is trying to make it easier for Windows users to convert while MS was never the underdog trying to make it easier for Mac users to convert.
I will agree that OSS borrows quite a bit from various commercial companies, but in the case of UI features it's almost always to ease user transition to the new product.
More importantly, it hasn't "become a common means of storing files on all manner of computers". I've yet to use it in Linux except for a floppy disk I had to share with a Windows machine a few years ago. If I didn't have FAT I'd have just burned a CD. If I didn't have to share it with Windows I'd have just formatted the floppy with ext2.
Slashdot Mirror
"Today's Fastest Retail LCD"
I tried to buy one last night, but I couldn't catch it!
The rovers weren't overengineered, they were underestimated. In business it's called under promising and over delivering. It doesn't make any sense to build a Mars rover to last three months or even a year when most of the cost is getting there, not designing or building the rover.
"I wonder how many people who believe this don't believe a bar owner should be able to allow smoking if he wishes."
So does everyone who thinks a bar owner should allow smoking think he or she should be able poison your beer? Health issues are different from free speech issues.
"I can't imagine having that much data I didn't care about."
Hollywood script archive.
"I don't know what FS they use, but apprently it is redudent."
I think they use FAT32 FAT32.
Considering that Wine has been around for somewhere around twelve years, going beta *is* a big step for it. It's almost as impressive as if Duke Nukem Forever went into beta.
"PHP as little to none default protection so much so that they make it insecure by default. You would have to go through a considerable amount of work to make any script secure."
Really? So in what way is 'echo "hello world";' insecure? The only PHP scripts that are insecure are the ones where programmers made stupid decisions or wasn't thinking the design through, just like in any other language. 99% of these PHP problems are using external data without checking it. 99% of those cases are where the programmer didn't use the readily available tools such as prepared SQL statements.
In fact, with PHP in its default configuration, a script that does not accept user data has zero chance for exploitation. You do get cases where programmers do exceedingly stupid things such as get data in such a way as so internal data can be injected, but programming that way is actually much more difficult than doing it the right way. Programs ported from very old versions of PHP may suffer from this if they weren't ported properly.
Anyway, this is all aside from the fact that the TinyURL issue isn't a vulnerability caused by PHP. The program is working exactly as intended, but the programmers didn't think about it being used in this way. They could have easily written a couple lines of code to check to make sure the URL is valid before accepting it.
The analogy works for as far as I took it, which is all analogies are meant to do. Arguably, non-security related bug fixes are similar to automobile preventative maintenance, or at least similar to auto recalls.
"Its too cool that I can always find an exploit in my credit card company's computer system, my bank's computer system, and the IRS computer system"
You have no access to those systems. They are not on the Net. Give a good hacker access to a banker's terminal for a long period of time and you'll see him get access he shouldn't.
Given his comments on input devices on PCs being so far ahead of those on consoles, I wonder what Sid Meier thinks of the Nintendo Revolution controller. It seems to close some gaps while widening others. Then it also does things the PC hasn't yet dreamed of. IMO, it will be perfect for playing strategy games.
I'm sick and tired of hearing talk about holding vendors or developers legally responsible for writing insecure code. It's impossible to write any complex application and not have security problems.
The software industry operates more like the automobile industry: they know their cars will have problems, so they freely fix those problems for the warranty period. Software's warranty period is as long as the vendor or developer say they'll support that software.
The major difference is with closed source software, after the "warrany" period is up you can't usually pay someone to fix the problems. Open source provides a great car analogy, because after, say, Red Hat stops supporting your OS you can still fix it yourself or hire a developer to fix it for you.
This is why nobody would buy a car with the hood welded shut. For the life of me I can't figure out why anybody would buy software with the "hood" welded shut.
"if someone asked me to do that same thing for $20, I would probably be more willing to go along with it."
But how much money would you be willing to part with in order to earn $20? Scammers don't need a lot of people to fall for their scam, they just need a couple people who think it makes sense to send a few thousand dollars so they can get millions back.
"Where else do you see people react to being in an accident like they won the lottery? Be it medical, car, workplace. Get hurt and bingo, how can I get paid."
I can think of a few countries where some people are greedy enough to scam foriegners out of thousands of dollars.
Seriously, greed is human nature. The scammers are greedy, too. They're after a lot of money.
There is nothing in PHP that discourages you from mixing logic and presentation, but there is also nothing discouraging you from separating them either. This is exactly what makes PHP great for dirty hacks and large web apps alike.
? f=147).
Templating is part of the solution, but so is good app design. If you don't want to mix your logic, you simply need to code it that way. Zend PHP Framework will help enforce some of the same separation as Java does, but it's not strictly necessary. You can do MVC app design without much trouble. Take a look at Sitepoint's PHP Application Design forum (http://www.sitepoint.com/forums/forumdisplay.php
There are also Ruby on Rails-type frameworks such as CakePHP (http://www.cakephp.org./
Sure, that's what php-gtk (http://gtk.php.net/) is all about :)
Actually, php-gtk is very useful when you have an existing PHP web app that you want to port into a desktop app. It's a great project, but is definitely not meant for large-scale apps.
Swap "J2EE" for "Windows" and you have the same argument as is used against Linux. PHP is supported by Zend and several other companies. As the article says, Oracle and IBM are both showing support for PHP.
And nobody said J2EE was going to die. It's just that more people are realizing it isn't always the best way to develop a web app. IMO (and some people say I'm wrong sometimes), Java excels where you need to interface with legacy and/or disparate systems. If you don't need to do that, Java and J2EE might not be for you. This is why it's so great for banks that need to interface their online banking web site with their banking and account data. It's also why it's overkill for 99% of web sites. It makes more sense on an intranet where you don't need to worry as much about security when linking many internal systems (not because Java is insecure, but because linking web apps to critical business systems in inherently dangerous, moreso when you're exposing the web app to the general public).
"If you only want to display MSOffice documents, MS have a free download of a viewer program on their web site. It's lighter and faster than OO.o, and probably opens a larger percentage of docs correctly."
.docs better than OpenOffice. Word is notorious for failing to open its own documents when they are not created in the same version of Word.
It's reasonably safe to assume that he needs to occasionally modify or create a new document. Most people do.
I also wouldn't count on Microsoft's own reader opening older
There is nearly zero Linux comfort factor with most execs these days. Windows isn't going to go away, but Linux will be able to compete on a more level mindshare playing field.
"...are used to having a big company behind their Unix OS and are more comfortable with Windows in general, so just that alone works against Linux migration"
Execs are warming up to Red Hat and Novell. They know IBM and other large companies are behind Linux. They are learning that they can get "enterprise" support.
What will really change things is when today's 15 - 30 year olds are more often the people making the decisions. Many young people have grown up messing around with Linux. High school students are installing it on old computers right now. Once there is a generation of execs comfortable with Linux you'll see major migration rates.
What's interesting, and perhaps addressed in your link, is that flying on Mars is completely different from flying on Earth. With low gravity it may seem easier, but at only 1% of Earth's atmosphere there is not enough air viscosity for a standard airplane to fly. It cannot generate lift nor maneuver once in the air.
X-Plane (http://www.x-plane.com/) provides a simulated Mars flight and includes a couple of airplanes that are designed to fly on Mars, but even those planes still do not provide enough control over the craft for it to be useful.
I was under the impression that Mars was once most likely covered in a shallow sea. This would explain the topography better than a deep ocean would. It could also explain the lack of crater impacts (dark color or not... there are less crater impacts where this sea supposedly is).
It's also possible that the low-lying portions of the planet are or were more susceptable to tectonic forces, so the topography has been smoothed by more recently replaced ground.
"there are indications of volcanic activity as recent as 100 million years ago"
Actually, there are indications of lava flows on Olympus Mons as recent as two million years ago.
Magnetic storage is a stupid invention. As if anybody would keep their information on magents when hard disks are so cheap!
Not to mention relational databases. How important is keeping track of your family tree anyway? What's wrong with the old flow-chart-on-paper method?
I wish IBM would invent something useful.
Linux is trying to make it easier for Windows users to convert while MS was never the underdog trying to make it easier for Mac users to convert.
I will agree that OSS borrows quite a bit from various commercial companies, but in the case of UI features it's almost always to ease user transition to the new product.
More importantly, it hasn't "become a common means of storing files on all manner of computers". I've yet to use it in Linux except for a floppy disk I had to share with a Windows machine a few years ago. If I didn't have FAT I'd have just burned a CD. If I didn't have to share it with Windows I'd have just formatted the floppy with ext2.