"I can guarantee you that this answer isn't good enough for the Free Software hackers working on Gnome, and it probably wouldn't be good enough for your lawyer if you happened to ask him if it was safe to embed the JVM in your GPLed application. With Python (or guile, or whatever) you are far safer from a legal perspective."
IANAL, but I disagree. I think that you wouldn't embed a JVM into your application -- you'd implement the JNI interface in your application, through which you'd use whatever JVM is available on the system you're running on. Since you're using a generic interface, and not packaging your application with a JVM, it's pretty hard to argue that your application's license would apply to whichever JVM the user happened to use, or vice versa.
I remember many, many years ago seeing people working on this sort of thing at the MIT Media Lab. The idea was that you could take a standard resolution video that panned across a scene, and by merging the frames over time create amazingly high resolution images. I remember motion being tricky to deal with (as in, things moving in the scene) because it would either confuse the algorithm that tried to figure out exactly where the camera was pointed for each frame, or cause things to blur. But if you panned across a landscape, the result was an amazingly high quality image.
NEC and the Nara Institute of Science and Technology have cooperated to develop technology which allows for phones with cameras - even low resolution cameras - to act as scanners, by having users move their camera over the surface of the page.
NEC and the Nara Institute of Science and Technology have devloped technology which uses movie recordings to produce high quality images, on par with those of a scanner. This technology will be aimed atcellular phones and video cameras.
The technique involves recording a part of the subject to a movie, while moving the camera; the "Mosaicing Technology" analyzes the moving image and estimates the three-dimensional position of the subject, and under the supervision of the "Ultra Resolution Technology," the joining points of the image are deleted, thereby optimizing it so that even low resolution cameras can produce scanner like output. In other words, even cellular phones and video cameras can produce high quality images.
Up until now, there were certain cameras that contained equipment to turn low quality images into high quality ones, but this technology marks the first time that this sort of technique can be accomplished with existing equipment. For example, a high quality image can be produced of an A4 size sheet of paper from video cameras currently on the market.
"Yours is the predictable Mac defense when confronted with an "unusual" app found on the PC but not on the Mac: "no one does that anyway""
There are certainly Windows app's that don't have Mac equivalents. There are, of course, also Mac app's that don't have Windows equivalents, and UNIX app's that don't have Windows or Mac equivalents. Different platforms have different strengths, and you pick the appropriate platform for your needs.
From my perspective, I want to get work done, which for me means developing web server software, I have a huge digital photography habit, and use the usual "productivity" app's (email, word processing, etc.). So a Mac works perfectly -- I can do everything I need to, and don't have to worry about viruses or getting spammed by the OS ("are you sure you don't want to use MSN as your ISP?").
If I had a PC application that I needed to run, I could use Virtual PC, it works quite well for running the occasional obscure app.
When I play games, I use my PS2. Works out great, and there are plenty of fishing games out for the PS2.:-)
"He knew you had spotty employment caused by the marketplace when he started the conversation, why did he even bother trying to talk to you in the first place?"
He asked because it matters how you answer. If you bounced between companies because you've got an inability to deliver, or you get bored and quit, that might be a problem. If the company cancelled your project, or shut down, etc., then it's a different matter. Or perhaps they've run out of other questions, and just want to learn a little more about the interviewee -- understanding why people left a job gives you a sense of how they may work out in this job. If they left because the company was unstable, that tells you that they highly value stability, and that may make them a good or bad fit for your company. Or if they left several companies in a row because their boss doesn't understand them, they may have a personal issue. Or they may have had the bad luck to work at companies with failed business models (hardly rare).
I've interviewed hundreds of people (and hired lots of them) and I can say that an interviewed asks questions for a reason, but that reason may not be to get the answer, but to see how the interviewee responds to the question.
For example, I have learned a lot from using a question I came up with many years ago -- "the lego question": "do you prefer the big boxes of generic lego's or the pre-packaged kits with instructions". I don't care at all what the answer is; there is no right or wrong answer, because it's "just a toy". What I care about is how someone reacts to an unexpected question, whether they can think flexibly and coherently and express themselves articulately. I've had responses range from "I don't like lego's to 15 minute obsessively detailed explanations about exactly _why_ pre-built kits are evil, and one person even objected in offended tones to being asked a "religious question". It's an astoundingly illuminating question -- you learn a lot about a candidate's personality! I recommend trying it.
"The United States position... is that no software development methodology -- closed and proprietary versus open source -- be recommended over any other."
Wait -- does this mean the the official US position is that they won't ever advocate for closed source software over open source software? Cool!
But what is accomplished making the bar code hard to read if the plain text is right there just inches away on the same ballot?"
The voter places the ballot in a folder that covers everything but the barcode before leaving the polling booth.
The drawbacks of scanning text (IMO, I can't speak authoritatively) are: - The text must be visible to poll workers (when they scan the ballot), so there's the possibility of coercion, etc. - optical character recognition costs more, and is less reliable than, barcode scanning.
That being said, the OCR vs. barcode debate has been fairly active within the project. Feel free to drop by the web site and express your opinions.:-)
"I don't want to use Java. First of all, I've never used it to develop software.... since I adopted C# about a year and a half ago, my production has roughly tripled, maybe more."
Having done a little in C# and a lot in Java, my personal opinion is that the development environments are comparable, with the caveat that you've got way more options for tools and components on the Java side since it's a much more mature and broadly supported platform.
I'm curious about why you don't want to use Java. Java and C# are remarkably similar -- aside from some Windows-specific bits in C#, I'd guess that anything you like about C# development would also be true of Java development.
While it's true that the original Java GUI API's were quite primitive, they've made a lot of advances. As another poster commented, the vast majority of Java code these days is server-side, but there are some rather nice Java applications out there. The look of the buttons, etc., is actually up to the runtime environment -- Java app's look great on MacOS X, for example, but a little more primitive under Unix. But I've seen some really slick Java app's, so I think that the "primitive look" is more a product of someone not focusing on getting the UI right than of a limitation of the Java GUI tools.
"I've read the license quickly and I can definitely say that section 3F will cause problems"
IANAL, but 3F is phrased as a request, not a requirement. So they ask that people that use their software (or enhance it) let them know, but aren't conditioning the license on them doing so. I'd guess that since it can be ignored, it doesn't really belong in the license, but it doesn't do any harm there.
I found your article quite thought provoking, as the arguments seem logical, but they do not match with my several decades of engineering and operating enterprise class software systems. I think that there's a disconnect between the theoretical weaknessess of the open source software development model that you raise and it's actual practice.
With open source software, anyone can in theory contribute code, but in practice there are two strong limits on abuse: open source projects are actually closely controlled by a core set of trusted developers, so outsiders can't submit code directly into the repository, and anyone who is concerned can inspect the code. So, to actually get an intentional flaw into an open source project, one would have to spend time becoming a trusted developer, then construct a flaw subtle enough that it would not be detected by other developers working on the project. And because the process is completely transparent and thoroughly auditable, once any intentional code defects are located the source can be determined and addressed, other code from the same source inspected, and so on. So while in theory there's the risk that you mention, it doesn't seem to actually occur.
With closed source software, in theory access to the source code is limited to trusted employees, but in practice most software companies are fairly easy to penetrate (via new hires, consultants, and outsourcing) so that a malicious engineer could gain access to the source code and submit changes, and for most closed source projects there is far less peer review of the code, so those changes are less likely to be noticed. And since there is no public visibility into the situation, there is less incentive to fix the actual problem, and technical concerns can be overridden by business goals. You can read the widely disseminated Diebold emails for an example of this sort of thinking. So while in theory closed source software might seem better controlled, in practice there are numerous occurrances of engineers injecting code into their projects for personal gain (in Nevada, for example, they regularly catch engineers inserting "cheats" into gambling machines, sometimes after amassing small fortunes).
The end result is that in practice, open source projects have much less trouble with errant code getting into their projects than do closed source projects.
While I believe that "you get what you pay for" is generally good advice, I think that you're missing the ways that companies "pay for" open source software, i.e. by "barter" rather than cash. The many companies using open source software all "pay for" the development of the operating system, but they do so through contributing engineering effort (e.g. IBM, SGI, HP) and by submitting bug reports, rather than by paying a vendor to do the engineering and testing. Of course, many companies purchase support contracts for open source software, in which case they're "getting what they pay for" through the more traditional mechanism of money. So you're not getting something for nothing -- you're just paying by effort, or by purchasing a support contract, instead of for software licensing costs.
When companies that I've been with have used open source software it's rarely for the simplistic reason that there's no purchase price -- it is because the total cost of ownership is lower. I've run extremely large server farms of a wide range of operating systems (NT, BSD, Linux, Solaris, Digital UNIX, HP/UX, etc.) and in every case the purchase price of the software was insignificant compared to the operational costs (hardware, staffing, etc.). Rather pleasantly, open source systems have matured to the point where they're not only easier and less expensive to acquire (no vendor negotiations, etc.) but are often as low or lower in cost to deploy and operate, and as efficient or more efficient. Of course, the specific situations shape the issues -- if you need an enterprise class database, MySQL isn't an option, and if your application only runs on NT, you run NT. But in my experience, when picking between comparable open and closed source solutions, it's better for the customer to pick the open source solution and spend the offset licensing fees on staff or training.
Sales: Fred H. Abbott fhabbott@valleyviewventures.com
Is a guy who does sales and marketing for independent analysts.
Media Relations: Amy Riemer amy@riemercommunications.com
Is a woman who runs a one-person PR firm that has about 15 clients.
So basically the "Enderle Group" is Rob, who hired a tiny PR firm and a tiny Sales & Marketing firm. All three companies appear to be "one-person" shops.
There's nothing wrong with small companies or independent consultants, but it's pretty funny seeing how hard they're trying to inflate themselves so that they look like large, credible companies. In particular, Rob's bio is astoundingly funny if you know how to read it -- he lists a bunch of "Board/Advisory" positions, all of which are meaningless "Member, Industry Advisory Council" (i.e. he's not on anyone's board) and he even thinks it's impressive to mention that he "has done special segments for United Airlines in flight programming." And one can only assume that "As he became better known and the traditional research firms fell into decline his clients recommended he go out on his own and form a company to better address their emerging need" translates to "Rob was laid off."
Just reading his bio makes me feel slimy. Can you imagine what he's like in person?
I have to admit that I've not used RentACoder, so I don't know exactly how they work. If all they do is provide a service to match programmers with jobs, then you're right, they aren't responsible for the situatuation. But if they're like a normal placement agency, they're at least somewhat responsible for the people that they place, and in most states that'd make them partially liable.
"why would any programmer be working with the whole, real database?"
While it's true that you can do most of the development using a subset of the data, you can only do the final testing using the real, full database because any subset may be non-representative. Also, it may be that the "product" wasn't a conversion routine by the converted data, in which case by definition he'd need the full data set.
That being said, this screw-up had better cost RendACoder a _ton_ of money. Even if the individual programmer didn't realize the privacy implications of posting the details of hundreds of kids on a public BBS, his management should have -- and fired him. For missing this, they should be hurt, badly.
"Of course, the thrashing could be inflicted faster & with less preliminary legal wrangling if the culprit had been a regular employee & not an outsourced "consultant.""
Actually, it's far easier in most states to manage a consultant or vendor than an employee, because employees are covered by labor protection laws, while vendors have to live up to their contract. So if the contract is at all reasonable, their should be immediate, significant financial penalties for their violating professional ethics, while for an employee, particularly a state employee, there's a fairly detailed disciplinary process that has to be followed.
"let's not forget that this problem isn't a result of outsourcing, but an unscrupulous programmer"
I'm not sure it's "unscrupulous" as clueless. Whether he's paid as an employee, a consultant, or a sub-contractor, he's just as responsible to treat sensitive data appropriately. He should have been fired the first time, or at least warned in writing and fired the second time. Allowing this to happen three times exposes both the agency (who's responsible for managing its vendors) and the vendor to tremendous liability because they've obviously not taken this issue seriously.
"They could have had at least cooperative multitasking a long time ago."
To provide a little more detail, PalmOS has always been multitasking, but only one process was allocated to user applications based as a UI decision; they wanted to avoid the UI complexity of managing multiple "active" applications. There are (from what I recall) four processes licensed in the underlying kernel license and that PalmOS licensees could negotiate to get additional processes (e.g. telephone manufacturers would want an additional process to handle the phone). So PalmOS is multitasking, but it only supports one active user application -- kinda a weird model, but there you go.
Now that they're adding "multiple active applications" to PalmOS 6, it'll be interesting to see how they address the UI issues. I'd hate to see Palm's UI get as cluttered as WinCE...
"Strech the Palm OS concept to a tiny cell phone screen that doesn't even have a touch screen, all the benefits and reasons that design choices were made break down."
I don't think that they're trying to cover quite that broad a range. The sense I get is that they're intending for PalmOS 5 to run on the class of machines it already runs on (ARM processor, 160x160 pixel or larger touchscreen, 8 MB or more of RAM, perhaps an SD slot), which they project will drop in price over time. PalmOS 6 will run on more muscular hardware (larger touchscreen, more RAM, faster CPU, SD slot) and provide richer multimedia and multitasking capabilities. So it's not so much for this year's cell phones as perhaps set top boxes, G3 cell phones, or high-end PDA's or tablet computers.
It's not clear (to me, at least) how much of a fundamental difference there is between PalmOS 5 and 6. So it's hard to say if it's essentially the same OS with more frameworks (like NT vs. NT Server) or a real forking (like Win95 vs. NT). Perhaps someone with some inside info could comment?
"Does DBM have a GTK/Qt interface, or is it only through a Perl CGI?"
DBM is a C library, so it's trivial to use from C and C++, and has API's for Java, Perl, Python, PHP and Tcl. It doesn't have a GUI, unless you consider an IDE a GUI:-). So you could write GTK/Qt code to talk to DBM, but it's not tied to any particular GUI. So it's not a drop-in replacement for Access -- it's 100x smaller and 100x faster (YMMV), but requires you to write code. The parallel with Access would be that it's an embedded filesystem-based database, as opposed to a stand-alone database server (a la SQL Server, MySQL, etc.).
"Hmm, does DBM allow you to run SQL queries against it?"
Nope, and they'd call that an advantage -- dbm is an extremely small and efficient C library -- making your app generate SQL, then pass the SQL to the database to parse out your meaning would just add complexity and slow things down. Of course, there are times when SQL is important, but for straightforward applications where efficiency is critical (i.e. when you need a database embedded in an application, not for use as a general database) dbm is a nice way to go.
If you want to use SQL, you can uselibmysqld. It's not as efficient as DBM, of course, but it does give you full SQL, which has a lot of value, too.
"We use some type of fancy sensor to convert a real world analog signal to digital information, then we convert the digital information back to analog to humans can understand it intuitively?"
In this product, it's much weirder than that. We pay someone somewhere on the internet to monitor a digital representation of something analog that we're interested in (e.g. screen scrape weather.com), then when they notice a change they send the info digitally to a gateway to the pager network, which broadcasts the info all over the US, which our orb picks up, parses, checks against its configuration, and converts into an digital waveform that controls the color of an LED that's flickering between red, green, and yellow a zillion times a second, which we perceive as an analog color.
"I'd remove the "wasting resources" part from that description, because it's behaving like any server process does in that regard. Your SMTP server and HTTP server are also "wasting resources" while they're sitting there waiting for inbound connections."
Good point. I'll elaborate in case someone doesn't get the point -- under UNIX (or Linux) there's essentially zero system cost to having a server running if it's not active -- it just gets swapped to disk by the OS' virtual memory system, and doesn't take up any CPU time unless it's called, so all CPU and RAM resources are available to other applications. So unless you _really_ care about a few MB of disk space, or a second or two of boot time, you'd never notice that MySQL is running.
"The RIAA sues unspecified users of certain IP addresses for exposes files who names are similiar to copyrighted materials and whose content may parially match said materials."
My understanding is that they actually download and listen to the files as a part of making the case. Now there's a job...
"If you want the domain to be in google, you have to have a robots.txt."
This is incorrect. Google will index any site UNLESS it has a robots.txt file that says that it doesn't want to be spidered. I've got several sites indexed by Google, and no robots.txt files on any of them, because I want people interested in their subjects to find them.
Of course, if the sites get slashdotted, they're going down almost instantly. My ISP is a great deal ($9.95 a month for unlimited storage and no bandwidth surcharges) but they're not superhuman.:-)
How do you say that you'd like for your site to be indexed and would appreciate normal levels of visitors, but would want the site to be mirrored if it gets linked to by slashdot?
While I get your point, I think that _both_ gun manufacturers and p2p application manufacturers could legitimately face liability for the actions of their customers because they're encouraging illegal use. For example, when a p2p company advertises on their web site things like "XXX is the first and only peer 2 peer network to openly publicize serial numbers, passwords, and key generators. Why should you pay for a program if you can get it for free? Click on the red arrow and be exposed to thousands of serial numbers and passwords to open any/all programs." it's pretty hard to argue that it's a value neutral technology being misused by a few users. And when Glock makes guns out of plastic, specifically to avoid detection by metal detectors, they're making a gun specifically so that it can be taken where it shouldn't be. Admittedly in the US we have a fascination with guns, but I don't think it's a very good idea to encourage people to own guns that can't be kept out of airports, sports arenas, etc.
Slashdot Mirror
"I can guarantee you that this answer isn't good enough for the Free Software hackers working on Gnome, and it probably wouldn't be good enough for your lawyer if you happened to ask him if it was safe to embed the JVM in your GPLed application. With Python (or guile, or whatever) you are far safer from a legal perspective."
IANAL, but I disagree. I think that you wouldn't embed a JVM into your application -- you'd implement the JNI interface in your application, through which you'd use whatever JVM is available on the system you're running on. Since you're using a generic interface, and not packaging your application with a JVM, it's pretty hard to argue that your application's license would apply to whichever JVM the user happened to use, or vice versa.
I remember many, many years ago seeing people working on this sort of thing at the MIT Media Lab. The idea was that you could take a standard resolution video that panned across a scene, and by merging the frames over time create amazingly high resolution images. I remember motion being tricky to deal with (as in, things moving in the scene) because it would either confuse the algorithm that tried to figure out exactly where the camera was pointed for each frame, or cause things to blur. But if you panned across a landscape, the result was an amazingly high quality image.
NEC and the Nara Institute of Science and Technology have cooperated to develop technology which allows for phones with cameras - even low resolution cameras - to act as scanners, by having users move their camera over the surface of the page.
t oppag e/17729.html
. html
NEC and the Nara Institute of Science and Technology have devloped technology which uses movie recordings to produce high quality images, on par with those of a scanner. This technology will be aimed atcellular phones and video cameras.
The technique involves recording a part of the subject to a movie, while moving the camera; the "Mosaicing Technology" analyzes the moving image and estimates the three-dimensional position of the subject, and under the supervision of the "Ultra Resolution Technology," the joining points of the image are deleted, thereby optimizing it so that even low resolution cameras can produce scanner like output. In other words, even cellular phones and video cameras can produce high quality images.
Up until now, there were certain cameras that contained equipment to turn low quality images into high quality ones, but this technology marks the first time that this sort of technique can be accomplished with existing equipment. For example, a high quality image can be produced of an A4 size sheet of paper from video cameras currently on the market.
Inspired by:
http://k-tai.impress.co.jp/cda/article/news_
News Release:
http://www.nec.co.jp/press/ja/0402/2303
"Yours is the predictable Mac defense when confronted with an "unusual" app found on the PC but not on the Mac: "no one does that anyway""
:-)
There are certainly Windows app's that don't have Mac equivalents. There are, of course, also Mac app's that don't have Windows equivalents, and UNIX app's that don't have Windows or Mac equivalents. Different platforms have different strengths, and you pick the appropriate platform for your needs.
From my perspective, I want to get work done, which for me means developing web server software, I have a huge digital photography habit, and use the usual "productivity" app's (email, word processing, etc.). So a Mac works perfectly -- I can do everything I need to, and don't have to worry about viruses or getting spammed by the OS ("are you sure you don't want to use MSN as your ISP?").
If I had a PC application that I needed to run, I could use Virtual PC, it works quite well for running the occasional obscure app.
When I play games, I use my PS2. Works out great, and there are plenty of fishing games out for the PS2.
"He knew you had spotty employment caused by the marketplace when he started the conversation, why did he even bother trying to talk to you in the first place?"
He asked because it matters how you answer. If you bounced between companies because you've got an inability to deliver, or you get bored and quit, that might be a problem. If the company cancelled your project, or shut down, etc., then it's a different matter. Or perhaps they've run out of other questions, and just want to learn a little more about the interviewee -- understanding why people left a job gives you a sense of how they may work out in this job. If they left because the company was unstable, that tells you that they highly value stability, and that may make them a good or bad fit for your company. Or if they left several companies in a row because their boss doesn't understand them, they may have a personal issue. Or they may have had the bad luck to work at companies with failed business models (hardly rare).
I've interviewed hundreds of people (and hired lots of them) and I can say that an interviewed asks questions for a reason, but that reason may not be to get the answer, but to see how the interviewee responds to the question.
For example, I have learned a lot from using a question I came up with many years ago -- "the lego question": "do you prefer the big boxes of generic lego's or the pre-packaged kits with instructions". I don't care at all what the answer is; there is no right or wrong answer, because it's "just a toy". What I care about is how someone reacts to an unexpected question, whether they can think flexibly and coherently and express themselves articulately. I've had responses range from "I don't like lego's to 15 minute obsessively detailed explanations about exactly _why_ pre-built kits are evil, and one person even objected in offended tones to being asked a "religious question". It's an astoundingly illuminating question -- you learn a lot about a candidate's personality! I recommend trying it.
"The United States position ... is that no software development methodology -- closed and proprietary versus open source -- be recommended over any other."
Wait -- does this mean the the official US position is that they won't ever advocate for closed source software over open source software? Cool!
But what is accomplished making the bar code hard to read if the plain text is right there just inches away on the same ballot?"
The voter places the ballot in a folder that covers everything but the barcode before leaving the polling booth.
The drawbacks of scanning text (IMO, I can't speak authoritatively) are:
- The text must be visible to poll workers (when they scan the ballot), so there's the possibility of coercion, etc.
- optical character recognition costs more, and is less reliable than, barcode scanning.
That being said, the OCR vs. barcode debate has been fairly active within the project. Feel free to drop by the web site and express your opinions.
This is exactly how the open source voting system being implemented by the Open Voting Consortium with the development going on Source Forge.
"I don't want to use Java. First of all, I've never used it to develop software. ... since I adopted C# about a year and a half ago, my production has roughly tripled, maybe more."
Having done a little in C# and a lot in Java, my personal opinion is that the development environments are comparable, with the caveat that you've got way more options for tools and components on the Java side since it's a much more mature and broadly supported platform.
I'm curious about why you don't want to use Java. Java and C# are remarkably similar -- aside from some Windows-specific bits in C#, I'd guess that anything you like about C# development would also be true of Java development.
While it's true that the original Java GUI API's were quite primitive, they've made a lot of advances. As another poster commented, the vast majority of Java code these days is server-side, but there are some rather nice Java applications out there. The look of the buttons, etc., is actually up to the runtime environment -- Java app's look great on MacOS X, for example, but a little more primitive under Unix. But I've seen some really slick Java app's, so I think that the "primitive look" is more a product of someone not focusing on getting the UI right than of a limitation of the Java GUI tools.
"I've read the license quickly and I can definitely say that section 3F will cause problems"
IANAL, but 3F is phrased as a request, not a requirement. So they ask that people that use their software (or enhance it) let them know, but aren't conditioning the license on them doing so. I'd guess that since it can be ignored, it doesn't really belong in the license, but it doesn't do any harm there.
I found your article quite thought provoking, as the arguments seem logical, but they do not match with my several decades of engineering and operating enterprise class software systems. I think that there's a disconnect between the theoretical weaknessess of the open source software development model that you raise and it's actual practice.
With open source software, anyone can in theory contribute code, but in practice there are two strong limits on abuse: open source projects are actually closely controlled by a core set of trusted developers, so outsiders can't submit code directly into the repository, and anyone who is concerned can inspect the code. So, to actually get an intentional flaw into an open source project, one would have to spend time becoming a trusted developer, then construct a flaw subtle enough that it would not be detected by other developers working on the project. And because the process is completely transparent and thoroughly auditable, once any intentional code defects are located the source can be determined and addressed, other code from the same source inspected, and so on. So while in theory there's the risk that you mention, it doesn't seem to actually occur.
With closed source software, in theory access to the source code is limited to trusted employees, but in practice most software companies are fairly easy to penetrate (via new hires, consultants, and outsourcing) so that a malicious engineer could gain access to the source code and submit changes, and for most closed source projects there is far less peer review of the code, so those changes are less likely to be noticed. And since there is no public visibility into the situation, there is less incentive to fix the actual problem, and technical concerns can be overridden by business goals. You can read the widely disseminated Diebold emails for an example of this sort of thinking. So while in theory closed source software might seem better controlled, in practice there are numerous occurrances of engineers injecting code into their projects for personal gain (in Nevada, for example, they regularly catch engineers inserting "cheats" into gambling machines, sometimes after amassing small fortunes).
The end result is that in practice, open source projects have much less trouble with errant code getting into their projects than do closed source projects.
While I believe that "you get what you pay for" is generally good advice, I think that you're missing the ways that companies "pay for" open source software, i.e. by "barter" rather than cash. The many companies using open source software all "pay for" the development of the operating system, but they do so through contributing engineering effort (e.g. IBM, SGI, HP) and by submitting bug reports, rather than by paying a vendor to do the engineering and testing. Of course, many companies purchase support contracts for open source software, in which case they're "getting what they pay for" through the more traditional mechanism of money. So you're not getting something for nothing -- you're just paying by effort, or by purchasing a support contract, instead of for software licensing costs.
When companies that I've been with have used open source software it's rarely for the simplistic reason that there's no purchase price -- it is because the total cost of ownership is lower. I've run extremely large server farms of a wide range of operating systems (NT, BSD, Linux, Solaris, Digital UNIX, HP/UX, etc.) and in every case the purchase price of the software was insignificant compared to the operational costs (hardware, staffing, etc.). Rather pleasantly, open source systems have matured to the point where they're not only easier and less expensive to acquire (no vendor negotiations, etc.) but are often as low or lower in cost to deploy and operate, and as efficient or more efficient. Of course, the specific situations shape the issues -- if you need an enterprise class database, MySQL isn't an option, and if your application only runs on NT, you run NT. But in my experience, when picking between comparable open and closed source solutions, it's better for the customer to pick the open source solution and spend the offset licensing fees on staff or training.
Nope. Check out the email addresses:
Research: Rob Enderle renderle@enderlegroup.com
Sales: Fred H. Abbott fhabbott@valleyviewventures.com
Is a guy who does sales and marketing for independent analysts.
Media Relations:
Amy Riemer
amy@riemercommunications.com
Is a woman who runs a one-person PR firm that has about 15 clients.
So basically the "Enderle Group" is Rob, who hired a tiny PR firm and a tiny Sales & Marketing firm. All three companies appear to be "one-person" shops.
There's nothing wrong with small companies or independent consultants, but it's pretty funny seeing how hard they're trying to inflate themselves so that they look like large, credible companies. In particular, Rob's bio is astoundingly funny if you know how to read it -- he lists a bunch of "Board/Advisory" positions, all of which are meaningless "Member, Industry
Advisory Council" (i.e. he's not on anyone's board) and he even thinks it's impressive to mention that he "has done special segments for United Airlines in flight programming." And one can only assume that "As he became better known and the traditional research firms fell into decline his clients recommended he go out on his own and form a company to better address their emerging need" translates to "Rob was laid off."
Just reading his bio makes me feel slimy. Can you imagine what he's like in person?
I have to admit that I've not used RentACoder, so I don't know exactly how they work. If all they do is provide a service to match programmers with jobs, then you're right, they aren't responsible for the situatuation. But if they're like a normal placement agency, they're at least somewhat responsible for the people that they place, and in most states that'd make them partially liable.
"why would any programmer be working with the whole, real database?"
While it's true that you can do most of the development using a subset of the data, you can only do the final testing using the real, full database because any subset may be non-representative. Also, it may be that the "product" wasn't a conversion routine by the converted data, in which case by definition he'd need the full data set.
That being said, this screw-up had better cost RendACoder a _ton_ of money. Even if the individual programmer didn't realize the privacy implications of posting the details of hundreds of kids on a public BBS, his management should have -- and fired him. For missing this, they should be hurt, badly.
"Of course, the thrashing could be inflicted faster & with less preliminary legal wrangling if the culprit had been a regular employee & not an outsourced "consultant.""
Actually, it's far easier in most states to manage a consultant or vendor than an employee, because employees are covered by labor protection laws, while vendors have to live up to their contract. So if the contract is at all reasonable, their should be immediate, significant financial penalties for their violating professional ethics, while for an employee, particularly a state employee, there's a fairly detailed disciplinary process that has to be followed.
"let's not forget that this problem isn't a result of outsourcing, but an unscrupulous programmer"
I'm not sure it's "unscrupulous" as clueless. Whether he's paid as an employee, a consultant, or a sub-contractor, he's just as responsible to treat sensitive data appropriately. He should have been fired the first time, or at least warned in writing and fired the second time. Allowing this to happen three times exposes both the agency (who's responsible for managing its vendors) and the vendor to tremendous liability because they've obviously not taken this issue seriously.
"They could have had at least cooperative multitasking a long time ago."
To provide a little more detail, PalmOS has always been multitasking, but only one process was allocated to user applications based as a UI decision; they wanted to avoid the UI complexity of managing multiple "active" applications. There are (from what I recall) four processes licensed in the underlying kernel license and that PalmOS licensees could negotiate to get additional processes (e.g. telephone manufacturers would want an additional process to handle the phone). So PalmOS is multitasking, but it only supports one active user application -- kinda a weird model, but there you go.
Now that they're adding "multiple active applications" to PalmOS 6, it'll be interesting to see how they address the UI issues. I'd hate to see Palm's UI get as cluttered as WinCE...
"Strech the Palm OS concept to a tiny cell phone screen that doesn't even have a touch screen, all the benefits and reasons that design choices were made break down."
I don't think that they're trying to cover quite that broad a range. The sense I get is that they're intending for PalmOS 5 to run on the class of machines it already runs on (ARM processor, 160x160 pixel or larger touchscreen, 8 MB or more of RAM, perhaps an SD slot), which they project will drop in price over time. PalmOS 6 will run on more muscular hardware (larger touchscreen, more RAM, faster CPU, SD slot) and provide richer multimedia and multitasking capabilities. So it's not so much for this year's cell phones as perhaps set top boxes, G3 cell phones, or high-end PDA's or tablet computers.
It's not clear (to me, at least) how much of a fundamental difference there is between PalmOS 5 and 6. So it's hard to say if it's essentially the same OS with more frameworks (like NT vs. NT Server) or a real forking (like Win95 vs. NT). Perhaps someone with some inside info could comment?
DBM is a C library, so it's trivial to use from C and C++, and has API's for Java, Perl, Python, PHP and Tcl. It doesn't have a GUI, unless you consider an IDE a GUI :-). So you could write GTK/Qt code to talk to DBM, but it's not tied to any particular GUI. So it's not a drop-in replacement for Access -- it's 100x smaller and 100x faster (YMMV), but requires you to write code. The parallel with Access would be that it's an embedded filesystem-based database, as opposed to a stand-alone database server (a la SQL Server, MySQL, etc.).
"Hmm, does DBM allow you to run SQL queries against it?"
Nope, and they'd call that an advantage -- dbm is an extremely small and efficient C library -- making your app generate SQL, then pass the SQL to the database to parse out your meaning would just add complexity and slow things down. Of course, there are times when SQL is important, but for straightforward applications where efficiency is critical (i.e. when you need a database embedded in an application, not for use as a general database) dbm is a nice way to go.
If you want to use SQL, you can uselibmysqld. It's not as efficient as DBM, of course, but it does give you full SQL, which has a lot of value, too.
"We use some type of fancy sensor to convert a real world analog signal to digital information, then we convert the digital information back to analog to humans can understand it intuitively?"
In this product, it's much weirder than that. We pay someone somewhere on the internet to monitor a digital representation of something analog that we're interested in (e.g. screen scrape weather.com), then when they notice a change they send the info digitally to a gateway to the pager network, which broadcasts the info all over the US, which our orb picks up, parses, checks against its configuration, and converts into an digital waveform that controls the color of an LED that's flickering between red, green, and yellow a zillion times a second, which we perceive as an analog color.
Cool!
"This is why MySQL will *never* be a replacement for Access, despite what I often see on slashdot."
That's true -- it would be more accurate to describe DBM as a replacment for Access, and MySQL or PostgreSQL as a replacement for SQL Server.
"I'd remove the "wasting resources" part from that description, because it's behaving like any server process does in that regard. Your SMTP server and HTTP server are also "wasting resources" while they're sitting there waiting for inbound connections."
Good point. I'll elaborate in case someone doesn't get the point -- under UNIX (or Linux) there's essentially zero system cost to having a server running if it's not active -- it just gets swapped to disk by the OS' virtual memory system, and doesn't take up any CPU time unless it's called, so all CPU and RAM resources are available to other applications. So unless you _really_ care about a few MB of disk space, or a second or two of boot time, you'd never notice that MySQL is running.
"The RIAA sues unspecified users of certain IP addresses for exposes files who names are similiar to copyrighted materials and whose content may parially match said materials."
My understanding is that they actually download and listen to the files as a part of making the case. Now there's a job...
"If you want the domain to be in google, you have to have a robots.txt."
:-)
This is incorrect. Google will index any site UNLESS it has a robots.txt file that says that it doesn't want to be spidered. I've got several sites indexed by Google, and no robots.txt files on any of them, because I want people interested in their subjects to find them.
Of course, if the sites get slashdotted, they're going down almost instantly. My ISP is a great deal ($9.95 a month for unlimited storage and no bandwidth surcharges) but they're not superhuman.
How do you say that you'd like for your site to be indexed and would appreciate normal levels of visitors, but would want the site to be mirrored if it gets linked to by slashdot?
While I get your point, I think that _both_ gun manufacturers and p2p application manufacturers could legitimately face liability for the actions of their customers because they're encouraging illegal use. For example, when a p2p company advertises on their web site things like "XXX is the first and only peer 2 peer network to openly publicize serial numbers, passwords, and key generators. Why should you pay for a program if you can get it for free? Click on the red arrow and be exposed to thousands of serial numbers and passwords to open any/all programs." it's pretty hard to argue that it's a value neutral technology being misused by a few users. And when Glock makes guns out of plastic, specifically to avoid detection by metal detectors, they're making a gun specifically so that it can be taken where it shouldn't be. Admittedly in the US we have a fascination with guns, but I don't think it's a very good idea to encourage people to own guns that can't be kept out of airports, sports arenas, etc.