"if Debian is going to continue scaling to 5-digit package listings, the project might want to look into the possible benefits of switching to a source-based distribution system."
I'm not convinced about that; as someone's already said, the whole reason for doing it this binary way is to have traceable versions of packages so Manglement can be happy - and of course you lose out on./configure-ability as well, which is unfortunate. (I *want* to be able to enable ipv6 across the board; or to choose to build teapop with/out mysql hooks... not to be dependent on debian's package choices!)
"Doing it the current way with 30,000 packages to maintain, we might not see Debian 4.0 until 2010. And there are probably a lot of people who can't or won't wait that long."
The options seem simple to me. Either sit it out and wait, or track Testing daily, or contribute time and expertise to helping the cause (it's not forbidden, y'know!), or go elsewhere. I'm not very inclined to agree with the position that debian should somehow change a very flexible working system just for the impatient.
"The risk just isn't worth it, hang up and drive!"
It would be far more to the point to say get out the car and make a phonecall. That way you reduce the number of idiots who can't cope with 2 things at once.
The alternative is to use a set of name-servers that isn't part of root-servers.net, then. Partly you gain in reliability through using them as forwarders for existing TLDs, but you also stand to gain your own TLDs as well.
Can't say *I* noticed any DNS problems on the colo server or at home yesterday...:)
"Don't expect UNCRACKABLE software - that's just silly."
Agreed. Note also the move towards running fewer services and firewalling so that only ports 22 and 80 are open - and wide open, at that. It is my guess that we wouldn't see so many PHP scripting vulnerabilities on bugtraq if people wrote native applications instead of web-apps for e.g. calendaring, groupware, etc, but using their own custom port#s for the purpose instead of flattening everything onto 80. I'm not surprised that sort of thing has brought forth a rash of ssh updates.
I'd also like an alternative to openssl and openssh, other than freessh and lsh which aren't all that well developed yet, but time will tell on that front.
Your sysadmins are obviously pillocks if they either (a) believe everything in a version banner or (b) don't understand that it's better to have a fixed bug than a multitude of unknown bugs. Time to update the CV...
Agreed. Both on the macro scale you cite, and on the micro; to some extent, I've come to the conclusion that in this day and age, the best you can hope for is not "secure" (because that's impossible and illogical), and obviously not "insecure" (as that is undesirable), but maybe "unknown until there's a better version around". E.g., apache-1.3.9 had its hey-day until a small series of fixes including one or two vulnerabilities pushed it up to 1.3.27 today. At all stages, if you were tracking the latest version, you were fine until the next.
"that remote hole will probably affect 80% of all deployed systems"
Agreed; you are correct to say that a given bug's severity should include both seriousness (depth of potential break into the system - remote or local, root or user) and impact on the entire user-base.
"Besides, if the UI scares away newbies, then there will be less users and thus less people willing to support and improve it and make add-ons."
I've not got this version of Blender up and running yet so I'm not making a specific comment. However, as we've got onto generalities: newbies don't support and improve projects, they suck support-time from those who could be improving software.
> The current situation, where "everbody" goes a > "little" faster just invites selective > enforcement.
Question is, what's to stop people going `just a bit faster' if the limit is higher?
> People driving into the intersection when they > shouldn't are a major nuisance.
This is a social education problem, not a technological one.
Here in the UK we have some junctions with yellow cross-hatching which means "don't enter the junction until your way out is clear or you're turning right", but that doesn't stop people in towns totally ignoring them. Maybe actually getting a real live policeman on the job would be a good idea - someone to walk up to a car sat in the middle of the junction and slap a ticket on them then and there.
And I know what you mean - even this morning on the way into work I had to blast some eejit who pulled out onto a mini-roundabout in front of me. ("give way to folks approaching from the right"? Naaaaaah, we don't need to do that...)
Yes, and "pro-sumer" is just some damnyankeeism marketroid-speak trying to mask what they really mean - Dilbert had it right calling them the "stupid rich";)
Me, I've got a Fuji s602. 3.x Mpel interpolated up to 6, pics coming in at 2.5Mb (6mpel fine) or 18Mb (6mpel TIFF). Works nicely in the dark, emulating up to ISO1600. And my local Jessops price-matched against some of the better online pricing as well: GBP 600 for the camera, 128M smartcard, batteries & charger. It's a step up from my old Sony DSC-F505 (2.1Mpel); it's a rather nice toy, will keep me in jpegs for the next ~2 years or so.
"What every distribution should focus on, is to contribute to the opensource projects with functionality they think is lacking."
Bingo, so well said!
Right from the word go, the whole idea of "*the* Xandros desktop" makes me wonder why anyone would want something with a cut-down installation - these commercial distributions seem only interested in saying "this is your desktop, these are your packages, WE CONTROL YOU NOW!!", sort of thing. At least RH tend to GPL anything they write, including linuxconf (oh boy did that go down well), as do debian of course...
Most, that I've seen. If not, what are you doing whining here? But it really is an insignificant concern, as long as the mails you want to have encrypted are sent encrypted, anyway.
"There's no good reason to require you to have windows looking at acting in four different ways on the same desktop!"
There is no requirement to have 4 different windowing systems in place at once.
"Redhat was trying to fix that."
No, they were pandering to the likes of you folks who install "workstation" setup and then wonder what you're doing with it. There's nothing that needs fixing at all other than a bunch of windoze-heads with no clue what they're talking about.
Why do you complain about applications you've chosen to install?
The last thing I'd want is some silly argument "oh dear, the GUI sucks, therefore linux sucks" - because putting all your eggs in one visual basket is just what M$loth and Apple have done, and now they feel they have to protect "the Aqua look", and suchlike stuff. Bunch of crap. Variety wins, every time, and if you don't like how the application works, don't install it! Gnome has its look, KDE has its look and feel. If you only want one thing, only install one.
"I won't say that Linux can never succeed on the desktop. It just needs a shitload of work,"
No, it needs the luser-base to either wisen-up and learn to use something for what it's worth *before* complaining, or to piss off and use Windoze where they belong.
I've been running GNU/Linux on my desktop for the last 4.bit years, I don't need someone telling me I'm doing the impossible - they should get to grips with emacs with Gnus, vim, vi on a bunch of other OSs, galeon, Konqueror, multi-gnome-terminal, zsh, and a whole host of other toys I use interchangeably on an hourly basis, then refrain from criticizing my chosen way of working.
"if yahoo was just a single column of words and link, it would have the same use of it currently does. No way,"
Have a look at http://www.paulgraham.com/ for "layout" considerations. Certainly struck me as different, and very usable.
"yahoo still is tring to support non-CSS enabled browsers, why should they write two versions"
Which bit of what-CSS-is did you not read? Nobody *has* to support it - I regularly browse in links-2.x, myself, which doesn't, and standards-compliant sites look just as good without. CSS is *exactly* what they want.
I think it might be more a case of dependencies - "if you're going to have ACPI, you need..." and so on. This was something Eric's system sort of touched on, mostly - regrouping things in a slightly more sensible way is fine by me.
The thing is, there are some quite interesting perspectives out there on spam, which should be given a bit more consideration all-round.
First, there's the guy who received an email from a colleague at my previous company, sent only to addresses of folks at a local computer expo who expressed an interest - ranting loudly, "I'm sure Spews will be interested to hear of your bulk-mail!" (to all of 20 people anyway) etc etc. Strangely enough, after I replied in person I didn't hear as much as an apology. Rate this chap how you may.
Second, there's the role of a sysadmin in a company where several forms of regular and/or bulk mail-shots are either required and/or requested. Specifically, I can think of at least one financial-services website where there was a weekly newsletter, a monthly newsletter (both opt-in at signup time) and a service for receiving stock-price alerts as well. Of course you get people who forget they opted-in to things, or make a mistake and click the wrong buttons, or change their mind and want to opt out... that's where being a real sysadmin who *does* honour the "mail us here to opt out" line in an email gets quite interesting as I'm well aware of it being a spam-harvester line (as is everyone else) rather than a genuine attempt, which it actually can be.
And thirdly, there's the dubious joy of being on the receiving end of a spammer using an open relay somewhere in Turkey with envelope headers set to your domain name. Just watch all the net-weenies reply to *you* complaining lots thinking "from, subject, to" constitutes "all the headers"...
There are these extremes, but if people know the companies with which they have regular dealings, and if they stop to think, a lot of the heat and anger can be taken out of this "anti-spam activism" crap, and a genuine mission to stamp out real spam undertaken in a more gentlemanly / professional / calm-headed manner.
I have one opinion that might want to jump in here: if a country can't cope with its inhabitants having a wide range of views, it has problems all its own.
Sure there'll be techie ways around it, as always; it doesn't serve any good purpose except to chop their own foot off - see what happens when they want to go for a jog.
Slashdot Mirror
"if Debian is going to continue scaling to 5-digit package listings, the project might want to look into the possible benefits of switching to a source-based distribution system."
./configure-ability as well, which is unfortunate. (I *want* to be able to enable ipv6 across the board; or to choose to build teapop with/out mysql hooks... not to be dependent on debian's package choices!)
I'm not convinced about that; as someone's already said, the whole reason for doing it this binary way is to have traceable versions of packages so Manglement can be happy - and of course you lose out on
"Doing it the current way with 30,000 packages to maintain, we might not see Debian 4.0 until 2010. And there are probably a lot of people who can't or won't wait that long."
The options seem simple to me. Either sit it out and wait, or track Testing daily, or contribute time and expertise to helping the cause (it's not forbidden, y'know!), or go elsewhere. I'm not very inclined to agree with the position that debian should somehow change a very flexible working system just for the impatient.
"The risk just isn't worth it, hang up and drive!"
It would be far more to the point to say get out the car and make a phonecall. That way you reduce the number of idiots who can't cope with 2 things at once.
The alternative is to use a set of name-servers that isn't part of root-servers.net, then. Partly you gain in reliability through using them as forwarders for existing TLDs, but you also stand to gain your own TLDs as well.
:)
Can't say *I* noticed any DNS problems on the colo server or at home yesterday...
Whatever happened to TRNS and friends?
"Don't expect UNCRACKABLE software - that's just silly."
Agreed. Note also the move towards running fewer services and firewalling so that only ports 22 and 80 are open - and wide open, at that. It is my guess that we wouldn't see so many PHP scripting vulnerabilities on bugtraq if people wrote native applications instead of web-apps for e.g. calendaring, groupware, etc, but using their own custom port#s for the purpose instead of flattening everything onto 80.
I'm not surprised that sort of thing has brought forth a rash of ssh updates.
I'd also like an alternative to openssl and openssh, other than freessh and lsh which aren't all that well developed yet, but time will tell on that front.
Your sysadmins are obviously pillocks if they either (a) believe everything in a version banner or (b) don't understand that it's better to have a fixed bug than a multitude of unknown bugs.
Time to update the CV...
"Newer != Insecure."
Agreed. Both on the macro scale you cite, and on the micro; to some extent, I've come to the conclusion that in this day and age, the best you can hope for is not "secure" (because that's impossible and illogical), and obviously not "insecure" (as that is undesirable), but maybe "unknown until there's a better version around".
E.g., apache-1.3.9 had its hey-day until a small series of fixes including one or two vulnerabilities pushed it up to 1.3.27 today. At all stages, if you were tracking the latest version, you were fine until the next.
"that remote hole will probably affect 80% of all deployed systems"
Agreed; you are correct to say that a given bug's severity should include both seriousness (depth of potential break into the system - remote or local, root or user) and impact on the entire user-base.
"Besides, if the UI scares away newbies, then there will be less users and thus less people willing to support and improve it and make add-ons."
I've not got this version of Blender up and running yet so I'm not making a specific comment. However, as we've got onto generalities: newbies don't support and improve projects, they suck support-time from those who could be improving software.
> The current situation, where "everbody" goes a
> "little" faster just invites selective
> enforcement.
Question is, what's to stop people going `just a bit faster' if the limit is higher?
> People driving into the intersection when they
> shouldn't are a major nuisance.
This is a social education problem, not a technological one.
Here in the UK we have some junctions with yellow cross-hatching which means "don't enter the junction until your way out is clear or you're turning right", but that doesn't stop people in towns totally ignoring them. Maybe actually getting a real live policeman on the job would be a good idea - someone to walk up to a car sat in the middle of the junction and slap a ticket on them then and there.
And I know what you mean - even this morning on the way into work I had to blast some eejit who pulled out onto a mini-roundabout in front of me. ("give way to folks approaching from the right"? Naaaaaah, we don't need to do that...)
"Oh the stories they must have! Hey, do you think they've found the secret of life yet?"
;)
If you're talking with one....
"A good weight-loss pill? Cure for cancer?!"
How to make slashdot authors more clueful?
"A nice demographic to target..."
;)
Yes, and "pro-sumer" is just some damnyankeeism marketroid-speak trying to mask what they really mean - Dilbert had it right calling them the "stupid rich"
Me, I've got a Fuji s602. 3.x Mpel interpolated up to 6, pics coming in at 2.5Mb (6mpel fine) or 18Mb (6mpel TIFF). Works nicely in the dark, emulating up to ISO1600.
And my local Jessops price-matched against some of the better online pricing as well: GBP 600 for the camera, 128M smartcard, batteries & charger.
It's a step up from my old Sony DSC-F505 (2.1Mpel); it's a rather nice toy, will keep me in jpegs for the next ~2 years or so.
Ruddy "professional" cameras, indeed...
"Since when is giving out information unethical?"
Ever since you subscribed to a utilitarian view of ethics and there was a better option, I should think.
"If I find a problem with the tires that causes the car to flip I anm going to tell people about it."
Before or after it's flipped? And who exactly are you going to tell?
"All americans aren't morons."
I suspect you didn't mean that. Damn' yankees and their "idiomatic", ie illogical and imprecise, approach to the poor innocent English language.
"Also, we have hip-hop, and you betta reckognize how much of a global influence hip-hop music has had."
Yes, I despise every last mangled over-produced note of it.
"What every distribution should focus on, is to contribute to the opensource projects with functionality they think is lacking."
Bingo, so well said!
Right from the word go, the whole idea of "*the* Xandros desktop" makes me wonder why anyone would want something with a cut-down installation - these commercial distributions seem only interested in saying "this is your desktop, these are your packages, WE CONTROL YOU NOW!!", sort of thing.
At least RH tend to GPL anything they write, including linuxconf (oh boy did that go down well), as do debian of course...
"And how many ISP's use this?"
Most, that I've seen. If not, what are you doing whining here?
But it really is an insignificant concern, as long as the mails you want to have encrypted are sent encrypted, anyway.
"There's no good reason to require you to have windows looking at acting in four different ways on the same desktop!"
There is no requirement to have 4 different windowing systems in place at once.
"Redhat was trying to fix that."
No, they were pandering to the likes of you folks who install "workstation" setup and then wonder what you're doing with it. There's nothing that needs fixing at all other than a bunch of windoze-heads with no clue what they're talking about.
Why do you complain about applications you've chosen to install?
The last thing I'd want is some silly argument "oh dear, the GUI sucks, therefore linux sucks" - because putting all your eggs in one visual basket is just what M$loth and Apple have done, and now they feel they have to protect "the Aqua look", and suchlike stuff.
Bunch of crap. Variety wins, every time, and if you don't like how the application works, don't install it!
Gnome has its look, KDE has its look and feel. If you only want one thing, only install one.
"I won't say that Linux can never succeed on the desktop. It just needs a shitload of work,"
No, it needs the luser-base to either wisen-up and learn to use something for what it's worth *before* complaining, or to piss off and use Windoze where they belong.
I've been running GNU/Linux on my desktop for the last 4.bit years, I don't need someone telling me I'm doing the impossible - they should get to grips with emacs with Gnus, vim, vi on a bunch of other OSs, galeon, Konqueror, multi-gnome-terminal, zsh, and a whole host of other toys I use interchangeably on an hourly basis, then refrain from criticizing my chosen way of working.
"you send your password in clear text across the net"
Well, dunno about you, but I don't. Have ssh, will travel.
There's also no need to do so with POP either - APOP and POP-over-SSL both exist.
Besides, if the mail is encrypted, what's the point in intercepting the POP3 password? Isn't that exactly why you *should* be encrypting the mail?
Well, there is this. There's also the accepted plural of "automoton" as "automota", as well. Damn' yanks, can't speak a word of English, etc etc.
"if yahoo was just a single column of words and link, it would have the same use of it currently does. No way,"
Have a look at http://www.paulgraham.com/ for "layout" considerations. Certainly struck me as different, and very usable.
"yahoo still is tring to support non-CSS enabled browsers, why should they write two versions"
Which bit of what-CSS-is did you not read? Nobody *has* to support it - I regularly browse in links-2.x, myself, which doesn't, and standards-compliant sites look just as good without. CSS is *exactly* what they want.
Why don't you fork a copy under the GPL if you don't like it?
I think it might be more a case of dependencies - "if you're going to have ACPI, you need..." and so on. This was something Eric's system sort of touched on, mostly - regrouping things in a slightly more sensible way is fine by me.
The thing is, there are some quite interesting perspectives out there on spam, which should be given a bit more consideration all-round.
First, there's the guy who received an email from a colleague at my previous company, sent only to addresses of folks at a local computer expo who expressed an interest - ranting loudly, "I'm sure Spews will be interested to hear of your bulk-mail!" (to all of 20 people anyway) etc etc. Strangely enough, after I replied in person I didn't hear as much as an apology. Rate this chap how you may.
Second, there's the role of a sysadmin in a company where several forms of regular and/or bulk mail-shots are either required and/or requested. Specifically, I can think of at least one financial-services website where there was a weekly newsletter, a monthly newsletter (both opt-in at signup time) and a service for receiving stock-price alerts as well. Of course you get people who forget they opted-in to things, or make a mistake and click the wrong buttons, or change their mind and want to opt out... that's where being a real sysadmin who *does* honour the "mail us here to opt out" line in an email gets quite interesting as I'm well aware of it being a spam-harvester line (as is everyone else) rather than a genuine attempt, which it actually can be.
And thirdly, there's the dubious joy of being on the receiving end of a spammer using an open relay somewhere in Turkey with envelope headers set to your domain name. Just watch all the net-weenies reply to *you* complaining lots thinking "from, subject, to" constitutes "all the headers"...
There are these extremes, but if people know the companies with which they have regular dealings, and if they stop to think, a lot of the heat and anger can be taken out of this "anti-spam activism" crap, and a genuine mission to stamp out real spam undertaken in a more gentlemanly / professional / calm-headed manner.
"But maybe it's a liquid"
FFS, what do you think a fluid is? Fluid is well defined in GCSE Chemistry - if not before - as something in either the liquid or gaseous states.
Also, solid was well defined as something with a very regular molecular layout and as being resistent to deformation under pressure.
Seems pretty obvious to me, looking at my windows here...
Latin doesn't come into it. We're speaking English here, so the plural is "viruses".
I have one opinion that might want to jump in here: if a country can't cope with its inhabitants having a wide range of views, it has problems all its own.
Sure there'll be techie ways around it, as always; it doesn't serve any good purpose except to chop their own foot off - see what happens when they want to go for a jog.