I didn't say the developers or maintainers are FREE. The GPL is viral in that it enlivens the software. As long as the software can find a succession of developers and maintainers, the software stays alive. This is in direct contrast to most Closed Source Proprietary Software, who will have the plug pulled whenever it happens to fit some management's fancy.
You sweat blood and tears to bring some software into being. The GPL gives it a fighting chance of staying alive.
Business people need to understand that they have two distinct choices in producing products containing software:
For the most part, business is a consumer of software rather than a producer. Most of the readers of Forbes are consumers of sofware rather than producers.
Lyons is setting the stage for the fight of the century. You have sweet innocent IBM being defended by FSF thugs. (You can't make up that scene;)
Information Technology will continue to grow, at least in terms of what we should be able to get out of it. We've probably passed the point where the expenditures for IT outpace GNP. What will matter more and more into the future is the ability of software to interoperate, across brands, across versions, and to be able to trust it and be sure that there is no funny business going on with it. You get the trust, not from your own competence in detecting stuff, nor from the trustworthiness of the authors. You get the trust when the NSA is using CHICOM code on their internal stuff. And the Chinese are returning the honor.
Re:Keep putting it off. Please !
on
Longhorn in 2006
·
· Score: 1
DRM is not going to help you. In fact methinks it would do the opposite.
"out-of-date printed copies aren't laying on people's desks during an audit" Nothing wrong with that, as long as it doesn't pretend to be an up-to-date printed copy.
You and your buddy collide and your packets go flying. Simple, you reprint the packets. Easier and safer than insuring correctly exactly which sheet belongs to whom. The pages that went flying were good, but once they lose their identity they are just scrap paper. You can print the entire packet by yourself, but to replace one soiled page, it's probably less hassle to reprint the whole thing.
Seems like there is a progression of Microsoft "malware", starting with Melissa and ending I know not where. Nothing that Microsoft has done will have any significant effect on that trend (other than making things worse;). Spillover effects will affect Linux, etc., including attacks "because it's there". I get the impression that the Information System is being taken on a shakedown cruise, probably essential if we will have to rely on it. It is not enough to stay afloat in calm waters, it must be survivable. What I've seen indicates that Open Source is very survivable, not because of well conceived coordinated response, but because, regardless (because?) of the discoordination, somebody/something survives and they all wind up on the pieces that float. Open Source can and does have it both ways.
I am always more concerned about incompetent good guys, as those are sadly in the majority.
Good one, that! In fact I'm halfway of a mind that your only chance of a "friend in the business" is from the black hats. The risks from automated systems increases with both volume and complexity. The real risks come from incompetent good guys, nobody's perfect and we shouldn't have to assume that they are. What we want are noisy, spectacular, and non-damaging demonstrations of where the booby traps are in the system. The alternative is that systems fail catastrophicly with noone having a clue. I'm wondering how long before Microsoft becomes just too dangerous an environment.
Shorter answer? As soon as government mandated reports, filings, etc. are required to be filed in readable formats.
Microsoft is very very good at not being at fault for things. Have been. It's starting to catch up with them. In fact, "Always blame Microsoft" is a surprisingly effective strategy. It's not dumb user that click on things they shouldn't, it's Microsoft subtly and not-so-subtly telling them to click on everything.
and implicitly trusting their systems integrity may cause a disaster.
we don't know which of those "a *lot* of stuff" is fixed already [Emphasis added]
It will slow down the incompetents a bit. "We" are left more in the dark. The competent bad guys, assuming there are any, have a bit less noise to contend with.
This doesn't sound like it came from a security specialist. I'm reading that somewhat differently. "ENOUGH IS ENOUGH!" as in "I'm no longer sticking my neck out to be an early warning system for Microsoft holes."
Few companies can continue to function if even 30% of their systems fail catastrophically.
Assuming that number is realistic, there are two things to look at.
First, there is the probability of causing that failure. Patches applied blindly, particularly patches to what you shouldn't be running anyway, would seem to increase that probability. Knowing exactly what the patch does and affects would strongly decrease that probability.
Second, if there is a catastrophic failure, can you do anything about it? In a monoculture, somewhere between probably and certainly not. In a heterogeneous environment, there will probably be two or three alternatives to get you out of the catastrophe.
I you use Linux and I use FreeBSD (or vice-versa) we get most of the benefits and few of the liabilities of a monoculture.
"Getting it right the first time" is extraordinarily difficult... I'd say conservatively that the difficulty varies with the square of the size of the product. WinXP was 50 million lines. You simply cannot build something that large, with no bugs in it, within the lifetime of any single programmer.
Yes, there will be bugs. But this should be taken into account in the system design, not used as an excuse after the fact. Bugs are not created equal and their consequences vary enormously. Designing software that assumes everything else is perfect seems somehow suicidal.
Red Hat 9 had 43 security vulnerabilities in the first 150 days after release - Win Server 2k3 had 4. Hmmmm, Microsoft has a security problem. Red Hat does not. Somebody's looking in the wrong place.
The smallest addressable unit of a hard disk that has been formatted with 512 byte sectors is a 512 byte sector. The storage capacity of the hard disk would be considerably greater if it were formatted with 3000 byte sectors. Or even better if the physical records were sized according to the size of their contents.
it was because the cpu was dead, and things didn't work that the attempt was made They won't get any help from anywhere else. Everything to gain, nothing to lose. This is a different world. It has almost nothing in common with normal development.
The critical information is that is wasn't as hard as one might expect. Since this is dead-end anyway, it does not matter what side-issues you wreck. This does give anecdotal evidence of the value of Open Source for legacy enterprise applications. Old unsupported software on old unsupported hardware (you never manage to upgrade everything) does NOT mean you're SOL.
No need to ditch anything. k means 1,000, M means 1,000,000, G means 1,000,000,000.
from http://www.keidel.com/mech/pvf/pipe-intro.htm
Pipe was originally sized based on the inside diameter of the pipe that was typical of the period, which was cast iron. A half inch cast iron pipe was exactly one half inch inside diameter. The thickness of its wall determined the outside diameter. In order to insure that all pipes and fittings would go together, the standard was established based on that specific outside diameter.
Today, that size remains the standard by which pipe is measured, but since materials have changed, wall thicknesses of pipe, and therefore the inside diameters vary. Consequently, a half inch pipe is neither a half inch on the inside nor the outside, but it is still called a half inch pipe based on the Nominal size established by Iron Pipe of yesteryear. Hence the terms NPS for "Nominal Pipe Size" or IPS (Iron Pipe Size). The terms are interchangeable.
64M is shorthand for 64*1024*1024 bytes. You will not find memory with a capacity of exactly 64,000,000 bytes. There are only a very few legitimate sizes for memory. Furthermore, only very simple arithmetic is allowed on memory sizes. You just don't add 64M plus 2k. Disk capacities, even if based on 512 byte hard-coded sectors, comes in a large variety of possible sizes. It is completely feasible to add disk capacities of dispartite sizes, as in 120G plus 200M. Adding the sizes works decently only if the places after the decimal work as expected, ie half of a G is 500M, not 512M. Try adding up your file sizes expressed in gigabytes if 1 gigabyte is the nominal 1024*1024*1024. How do you express 1 byte in such a system?
The problem is that while memory is sold in "bakers dozen" type nominal units, this does not dictate these units anywhere else, just like the half-inch of half-inch pipe does not dictate anyone else's half-inch.
LOL for a cutting edge super user friendly OS: Make the Print Screen key actually work and PRINT THE FREAKIN' SCREEN! IIRC, the PrintScreen on the Techtronix 4014 (4096 x 3072 screen resolution) would do exactly that. It's called progress;-(
Censorship is the act of removing from view objectionable material.
Hmmm, sounds like the rows of trees planted facing the highway to obstruct the view of junkyards.
One junked car on the front lawn is quaint and picturesque. A lot of them on one lawn or one each on a lot of lawns is an eyesore. If there is suddenly a lot of junk, somebody is a position to do something about it is likely to do something about it.
To my mind, one unsolicited commercial advertisement email is not spam. Spam is the unrelenting barrage of the same things over and over again. One GET/c/winnt/system32/cmd.exe will not by itself take down the internet. A barrage of the right kind will. Reacting to a barrage, even to the point of shutting it down completely, is not censorship, even though if it has an extremely high correlation with the things that should be censored if anything get censored. Remember, it's this willingness and ability to react that keeps the internet from falling over whenever there's a new Microsoft worm.
The Frech have a saying to the effect that the more it changes, the more it stays the same. Oh, I accept change, not that I really have a choice in the matter.
It's when I make changes that other people have to accept, that I need to be careful. Change something, something reacts. Change it back, it doesn't quite go back the way it was. If it ain't broke, don't fix it. Oddly enough, when you can see what's broke and understand why, you can do most anything you like and it will work.
Everything in moderation. Especially moderation Sorry, couldn't resist.
While it is true that progress requires change, change is, in and of itself, bad. Even when change is required, it's important to make changes going in the right direction. Change the places where you attach the leeches will generally make things worse.
What you say is all very true. I just saw the term innovation one time too many.
That's the theory. And it will work, mostly, and for a while. The problem is that it's long and complicated, and keeps repeating itself over and over again. Even if all the individual parts are extremely well done, the overall system is almost guaranteed to have some fatal flaw. It's worse than a chain is only as strong as its weakest link. There's other places to attack a chain. Now you can make something essentially crack-proof, by self-destructing on any sign of an intruder. Should be a very useful tool against your enemies.
Slashdot Mirror
Is Linux _REALLY_ FREE??
Yep.
I didn't say the developers or maintainers are FREE. The GPL is viral in that it enlivens the software. As long as the software can find a succession of developers and maintainers, the software stays alive.
This is in direct contrast to most Closed Source Proprietary Software, who will have the plug pulled whenever it happens to fit some management's fancy.
You sweat blood and tears to bring some software into being. The GPL gives it a fighting chance of staying alive.
Business people need to understand that they have two distinct choices in producing products containing software:
For the most part, business is a consumer of software rather than a producer. Most of the readers of Forbes are consumers of sofware rather than producers.
Lyons is setting the stage for the fight of the century. You have sweet innocent IBM being defended by FSF thugs. (You can't make up that scene;)
Information Technology will continue to grow, at least in terms of what we should be able to get out of it. We've probably passed the point where the expenditures for IT outpace GNP. What will matter more and more into the future is the ability of software to interoperate, across brands, across versions, and to be able to trust it and be sure that there is no funny business going on with it. You get the trust, not from your own competence in detecting stuff, nor from the trustworthiness of the authors. You get the trust when the NSA is using CHICOM code on their internal stuff. And the Chinese are returning the honor.
DRM is not going to help you.
In fact methinks it would do the opposite.
"out-of-date printed copies aren't laying on people's desks during an audit"
Nothing wrong with that, as long as it doesn't pretend to be an up-to-date printed copy.
You and your buddy collide and your packets go flying. Simple, you reprint the packets. Easier and safer than insuring correctly exactly which sheet belongs to whom. The pages that went flying were good, but once they lose their identity they are just scrap paper. You can print the entire packet by yourself, but to replace one soiled page, it's probably less hassle to reprint the whole thing.
The English plural of 'virus' is 'viruses'
The Internet plural of 'virus' is 'Microsoft'.
Seems like there is a progression of Microsoft "malware", starting with Melissa and ending I know not where. Nothing that Microsoft has done will have any significant effect on that trend (other than making things worse;). Spillover effects will affect Linux, etc., including attacks "because it's there". I get the impression that the Information System is being taken on a shakedown cruise, probably essential if we will have to rely on it. It is not enough to stay afloat in calm waters, it must be survivable. What I've seen indicates that Open Source is very survivable, not because of well conceived coordinated response, but because, regardless (because?) of the discoordination, somebody/something survives and they all wind up on the pieces that float. Open Source can and does have it both ways.
I am always more concerned about incompetent good guys, as those are sadly in the majority.
Good one, that!
In fact I'm halfway of a mind that your only chance of a "friend in the business" is from the black hats.
The risks from automated systems increases with both volume and complexity. The real risks come from incompetent good guys, nobody's perfect and we shouldn't have to assume that they are. What we want are noisy, spectacular, and non-damaging demonstrations of where the booby traps are in the system. The alternative is that systems fail catastrophicly with noone having a clue. I'm wondering how long before Microsoft becomes just too dangerous an environment.
Shorter answer?
As soon as government mandated reports, filings, etc. are required to be filed in readable formats.
Microsoft is very very good at not being at fault for things.
Have been. It's starting to catch up with them. In fact, "Always blame Microsoft" is a surprisingly effective strategy. It's not dumb user that click on things they shouldn't, it's Microsoft subtly and not-so-subtly telling them to click on everything.
and implicitly trusting their systems integrity may cause a disaster.
we don't know which of those "a *lot* of stuff" is fixed already [Emphasis added]
It will slow down the incompetents a bit.
"We" are left more in the dark.
The competent bad guys, assuming there are any, have a bit less noise to contend with.
Backup early. Backup often.
This doesn't sound like it came from a security specialist.
I'm reading that somewhat differently. "ENOUGH IS ENOUGH!" as in "I'm no longer sticking my neck out to be an early warning system for Microsoft holes."
Backup early. Backup often.
Assuming that number is realistic, there are two things to look at.
First, there is the probability of causing that failure. Patches applied blindly, particularly patches to what you shouldn't be running anyway, would seem to increase that probability. Knowing exactly what the patch does and affects would strongly decrease that probability.
Second, if there is a catastrophic failure, can you do anything about it? In a monoculture, somewhere between probably and certainly not. In a heterogeneous environment, there will probably be two or three alternatives to get you out of the catastrophe.
I you use Linux and I use FreeBSD (or vice-versa) we get most of the benefits and few of the liabilities of a monoculture.
Securing the perimeter is not just guarding the gates. Any crack anywhere will do.
"Getting it right the first time" is extraordinarily difficult ... I'd say conservatively that the difficulty varies with the square of the size of the product. WinXP was 50 million lines. You simply cannot build something that large, with no bugs in it, within the lifetime of any single programmer.
Yes, there will be bugs. But this should be taken into account in the system design, not used as an excuse after the fact. Bugs are not created equal and their consequences vary enormously. Designing software that assumes everything else is perfect seems somehow suicidal.
Red Hat 9 had 43 security vulnerabilities in the first 150 days after release - Win Server 2k3 had 4.
Hmmmm, Microsoft has a security problem. Red Hat does not. Somebody's looking in the wrong place.
Please stop building up false hopes in young, impressionable, email admins, it's just not nice!
Always blame Microsoft.
That's what you do first. Then you find out why.
Works incredibly well.
Steve Irwin is nobody's stereotype. Anyone who can get comfy with a rattlesnake is not a stereotype.
The smallest addressable unit of a hard disk that has been formatted with 512 byte sectors is a 512 byte sector.
The storage capacity of the hard disk would be considerably greater if it were formatted with 3000 byte sectors. Or even better if the physical records were sized according to the size of their contents.
it was because the cpu was dead, and things didn't work that the attempt was made
They won't get any help from anywhere else.
Everything to gain, nothing to lose.
This is a different world. It has almost nothing in common with normal development.
The critical information is that is wasn't as hard as one might expect.
Since this is dead-end anyway, it does not matter what side-issues you wreck.
This does give anecdotal evidence of the value of Open Source for legacy enterprise applications. Old unsupported software on old unsupported hardware (you never manage to upgrade everything) does NOT mean you're SOL.
from http://www.keidel.com/mech/pvf/pipe-intro.htm
64M is shorthand for 64*1024*1024 bytes. You will not find memory with a capacity of exactly 64,000,000 bytes. There are only a very few legitimate sizes for memory. Furthermore, only very simple arithmetic is allowed on memory sizes. You just don't add 64M plus 2k.
Disk capacities, even if based on 512 byte hard-coded sectors, comes in a large variety of possible sizes. It is completely feasible to add disk capacities of dispartite sizes, as in 120G plus 200M. Adding the sizes works decently only if the places after the decimal work as expected, ie half of a G is 500M, not 512M. Try adding up your file sizes expressed in gigabytes if 1 gigabyte is the nominal 1024*1024*1024. How do you express 1 byte in such a system?
The problem is that while memory is sold in "bakers dozen" type nominal units, this does not dictate these units anywhere else, just like the half-inch of half-inch pipe does not dictate anyone else's half-inch.
LOL ;-(
for a cutting edge super user friendly OS: Make the Print Screen key actually work and PRINT THE FREAKIN' SCREEN!
IIRC, the PrintScreen on the Techtronix 4014 (4096 x 3072 screen resolution) would do exactly that. It's called progress
Censorship is the act of removing from view objectionable material.
/c/winnt/system32/cmd.exe will not by itself take down the internet. A barrage of the right kind will.
Hmmm, sounds like the rows of trees planted facing the highway to obstruct the view of junkyards.
One junked car on the front lawn is quaint and picturesque. A lot of them on one lawn or one each on a lot of lawns is an eyesore. If there is suddenly a lot of junk, somebody is a position to do something about it is likely to do something about it.
To my mind, one unsolicited commercial advertisement email is not spam. Spam is the unrelenting barrage of the same things over and over again. One GET
Reacting to a barrage, even to the point of shutting it down completely, is not censorship, even though if it has an extremely high correlation with the things that should be censored if anything get censored.
Remember, it's this willingness and ability to react that keeps the internet from falling over whenever there's a new Microsoft worm.
The French ...
That'll teach me to trust my fingers.
The Frech have a saying to the effect that the more it changes, the more it stays the same.
Oh, I accept change, not that I really have a choice in the matter.
It's when I make changes that other people have to accept, that I need to be careful. Change something, something reacts. Change it back, it doesn't quite go back the way it was. If it ain't broke, don't fix it. Oddly enough, when you can see what's broke and understand why, you can do most anything you like and it will work.
Everything in moderation.
Especially moderation
Sorry, couldn't resist.
While it is true that progress requires change, change is, in and of itself, bad. Even when change is required, it's important to make changes going in the right direction. Change the places where you attach the leeches will generally make things worse.
What you say is all very true. I just saw the term innovation one time too many.
Why is everybody assuming that innovation is a good thing? Seems to me it is really a bad thing.
The idea, not the year.
Painted bleaker and rather more plausible.
Wouldn't it be a lovely twist of fate if the black hats turn out to be the saviors of Information Technology?
That's the theory. And it will work, mostly, and for a while.
The problem is that it's long and complicated, and keeps repeating itself over and over again. Even if all the individual parts are extremely well done, the overall system is almost guaranteed to have some fatal flaw. It's worse than a chain is only as strong as its weakest link. There's other places to attack a chain.
Now you can make something essentially crack-proof, by self-destructing on any sign of an intruder. Should be a very useful tool against your enemies.