In practice, few companies switch servers anyhow unless something drastic happens to the vendor. Over a thirty year time span? There is a lot of code that has not been changed in the last 30 years, and a lot more code that will not be changed in the next 30 years. The code is long, tedious, dull, boring, etc, none of which is helped by a better language. Tweak-free isn't so much a problem as implicit and insidious assumptions about implementation details. Both work, but they don't work the same way. Can you imagine a bunch of COBOL programmers thinking Lisp? Can you deterministically determine rounding errors in Perl or Python?
Portability of code to many platforms is a major consideration at the server level, particularly if you can only have one server at a time. If it runs right on one standards-conforming server, it should also run right on another standards-conforming server, with no nasty surprises. The realistic choices are COBOL, PL/I, ADA, and Java provided Sun can keep everybody from screwing up the language. That's of course assuming that the stuff on the server is actually important.
Right. /. is about what's happening NOW. Like watching a live performance versus a tape-delay performance. It's watching the ongoing battle between the site authors and the meepts and later. If the site is slashdotted, somebody usually manages to post any relevant cached information. For a moment of glory, I think I'd gladly suffer being slashdotted.
Major culprit for the ice ages is probably the Himalayan(sp?) Mountains. Disturbs air flow and pulls CO2 from the atmosphere. If you consider the earth as a heat engine which basically takes in heat at the equater and radiates it out to space from the poles, where the boundaries of this engine are made of air and water, and no good idea as to what it takes to switch from one equilibrium state to another,.... A plausible consequence of "global warming" is another ice age, not the most likely, but not unreasonable. Somebody that actually knows the stuff could fill in better than this, but the minor contributers are probably just that, minor.
...ten years ago, I actually joked with my friends about sending emails to people with batch/script/program attachments that deleted files with a message that sez "run this c00l program d00dez!" but it didn't occur to me that anyone would actually fall for it and that's what the human-engineering-virus "revolution" (Melissa, ILOVEYOU, et. al.) was all about. That's the problem with systems/applications that think they are smarter than the user and hide things from the user. Not showing file extensions, even the DOS batch file @ECHO OFF is a bad idea.
There is also no country (in the "western" world anyway) which I am aware of which is as insular and generally unaware of the outside world as the US. An oversimplification, but is, IMHO, an accurate accessment, but hardly unique to Americans, and hardly uniform within America. Americans can for the most part safely ignore the rest of the world in their daily routine. Canadians tend to be acutely aware of what's going on stateside, because the Canadian economy tends to flow North-South rather than East-West and small changes within the US can have large impacts on Canadians. New Yorkers safely ignore the rest of the country, except maybe Los Angeles. I suspect that good Parisians safely ignore the Provinces and the same type of situation should apply to Berliners. The awareness is not "being able to point to my hometown", but like the awareness you would have of New York City when you are somewhere in rural New Jersey. It's the persistent pressure of your neighbors' existence.
I think there's some practical experience running spy rings that demonstrates that all your data in one place is a very bad idea. Among other things, I have no need or interest in maintaining data in places I will never go back to. Sure it's easier for the opposition to get something, sometime, but it's much harder for them to get much or current or to be able to connect stuff. Putting my personal information anywhere that seems a bit too interested in having it seems somehow rather risky.
I dunno about checklists, but "limit your exposure" has to be the sine qua non of security. The other part is to know where you are exposed. Anything new, neat, wowser on a server (Microsoft, that is) is almost certainly a bad idea. Unless Task Manager accounts for all PIDs and used memory, anything installed but not running is a security risk in that these tend to have DLLs loaded and things running invisibly. Best to never have them even come close to a server. One of the simpler stunts is for the server to NOT have a gateway address. Stops a lot of junk without even patching stuff.
Oh I'm sure that Microsoft has reviewed their entire code base (about like I review/. every day). Knowing what to look for and what to do about it is an entirely different matter, and doesn't happen in anything resembling a big hurry.
"I'd be astonished if the open-source community has in total done as many man-years of computer security code reviews as we have done in the last two months." There's no way the open-source community has done that little.
That's like the local bank being a less secure version of Fort Knox. Actually the user/group/world read/write/execute permissions are very effective considering their simplicity.
The.NET "ideology" is no more/less inherintly secure then the J2EE "ideology". That's like saying that Microsoft technology is no more/less inherently secure than Sun technology, or that the local garbage dump is nor more/less inherently secure than Fort Knox. The devil is in the details, and Sun is much more likely to keep J2EE secure in opposition to the convenience and wishes of programmers.
Marketing might be insecure. I cannot imagine marketing being secure.
Counting bugs or security fixes can be extremely misleading. Each system is at some point in finding, fixing, and creating new bugs.
"Researchers at GreyMagic Software have uncovered three novel vulnerabilities provided by Microsoft Office Web Components (OWC), which can override security settings in Internet Explorer." Sounds like there's plenty more where that came from.
"Updated tcpdump, libpcap, and arpwatch packages are available for Red Hat Linux 6.2 and 7.x. These updates close vulnerabilities present in versions of tcpdump up to 3.5.1 and various other bugs." Sounds like the low-hanging fruit is pretty much gone. Next round will be even harder. This is at the pro-active stage (where OpenBSD has been for a few years).
Tomorrows RedHat will be significantly more secure than yesterdays. Unless Microsoft significantly changes their vision of what user experience should be, tomorrows Microsoft Windows will be essentially as open to wormage as yesterdays, with a smarter crop of worms. Backup early. Backup often.
Even if you did manage to secure against external threats, what's your protection from Rose in benefits? (stolen shamelessly from ca ad)
Cardinality for "how many elements are in the set". Two sets have the same cardinality iff there exists a one-one function from one set onto the other set. Thus there are exactly as many primes as there are rationals. In all cases, the power set (set of all subsets) has strictly more elements than the original set. The power set of the null set has exactly one element, the null set. The null set has no elements.
You can also have infinite ordinals. Addition defined but not necessarily subtraction. 1,2,3,...,INFINITY,INFINITY+1,...,2INFINITY,...
Private librarian where the library is the entire web and the library is also the public library. There is definately value there, and if I were a Fortune nnn company, I think I'd be stupid not to buy into a piece of it. Symbiosis can be viewed as mutual parasitism. There are good reasons for corporate shirts to pay good money for what hackers download for free.
They do have the way out! I closed a few IE windows, got back to the one for wehavethewayout.com, and Internet Explorer (5.0 on NT4) crashed on me. Now what that has to do with going from the lighted and a-maze-ing unix side to the dark and bottomless pit Microsoft Windows side, I have no idea.
Hehe, I read it, partways at least. They are almost catching up with yesterday. No wonder IBM mainframes are selling well. IBM knows something, and it's about tomorrow not just today.
From what I can tell, Microsoft offerings have sacrificed security, flexibility, and functionality for initial setup simplicity and wowser gizmos. Unix may be a maze (amazing?;), but seems to be about as simple as anything can be that stands a reasonable chance of actually succeeding.
Anyway, the campaign was about Big Iron data servers, not web servers. I assume that web servers are much easier and simpler than Big Iron data servers.
Appearances are important and downtime just looks bad period for potential customers. You don't pull the plug on the old system until the new system is ready. If you don't know when the new system will be ready, that itself speaks volumes.
Speaking of IBM marketing, I keep remembering the Cheddar.com commercial, although in the case of wehavethewayout.com, Swiss and Limburger seem more appropriate than Roquefort.
Slashdot Mirror
Is there a difference?
(*ducks and runs for cover*)
Point well made, but compared to the awareness of Americans, Canadians are acutely aware.
In practice, few companies switch servers anyhow unless something drastic happens to the vendor.
Over a thirty year time span?
There is a lot of code that has not been changed in the last 30 years, and a lot more code that will not be changed in the next 30 years. The code is long, tedious, dull, boring, etc, none of which is helped by a better language.
Tweak-free isn't so much a problem as implicit and insidious assumptions about implementation details. Both work, but they don't work the same way.
Can you imagine a bunch of COBOL programmers thinking Lisp?
Can you deterministically determine rounding errors in Perl or Python?
Double TWO = 3;
Do you see a problem here?
Making up your own whatever is ok but calling it what it is not is not ok.
Portability of code to many platforms is a major consideration at the server level, particularly if you can only have one server at a time. If it runs right on one standards-conforming server, it should also run right on another standards-conforming server, with no nasty surprises. The realistic choices are COBOL, PL/I, ADA, and Java provided Sun can keep everybody from screwing up the language. That's of course assuming that the stuff on the server is actually important.
Right.
/. is about what's happening NOW. Like watching a live performance versus a tape-delay performance. It's watching the ongoing battle between the site authors and the meepts and later. If the site is slashdotted, somebody usually manages to post any relevant cached information. For a moment of glory, I think I'd gladly suffer being slashdotted.
Major culprit for the ice ages is probably the Himalayan(sp?) Mountains. Disturbs air flow and pulls CO2 from the atmosphere. ....
If you consider the earth as a heat engine which basically takes in heat at the equater and radiates it out to space from the poles, where the boundaries of this engine are made of air and water, and no good idea as to what it takes to switch from one equilibrium state to another,
A plausible consequence of "global warming" is another ice age, not the most likely, but not unreasonable.
Somebody that actually knows the stuff could fill in better than this, but the minor contributers are probably just that, minor.
...ten years ago, I actually joked with my friends about sending emails to people with batch/script/program attachments that deleted files with a message that sez "run this c00l program d00dez!" but it didn't occur to me that anyone would actually fall for it and that's what the human-engineering-virus "revolution" (Melissa, ILOVEYOU, et. al.) was all about.
That's the problem with systems/applications that think they are smarter than the user and hide things from the user. Not showing file extensions, even the DOS batch file @ECHO OFF is a bad idea.
There is also no country (in the "western" world anyway) which I am aware of which is as insular and generally unaware of the outside world as the US.
An oversimplification, but is, IMHO, an accurate accessment, but hardly unique to Americans, and hardly uniform within America.
Americans can for the most part safely ignore the rest of the world in their daily routine. Canadians tend to be acutely aware of what's going on stateside, because the Canadian economy tends to flow North-South rather than East-West and small changes within the US can have large impacts on Canadians. New Yorkers safely ignore the rest of the country, except maybe Los Angeles. I suspect that good Parisians safely ignore the Provinces and the same type of situation should apply to Berliners.
The awareness is not "being able to point to my hometown", but like the awareness you would have of New York City when you are somewhere in rural New Jersey. It's the persistent pressure of your neighbors' existence.
And ruin their moment of glory?
There's that certain something with upside-down Excel spreadsheets.
I think there's some practical experience running spy rings that demonstrates that all your data in one place is a very bad idea. Among other things, I have no need or interest in maintaining data in places I will never go back to. Sure it's easier for the opposition to get something, sometime, but it's much harder for them to get much or current or to be able to connect stuff.
Putting my personal information anywhere that seems a bit too interested in having it seems somehow rather risky.
I dunno about checklists, but "limit your exposure" has to be the sine qua non of security. The other part is to know where you are exposed.
Anything new, neat, wowser on a server (Microsoft, that is) is almost certainly a bad idea. Unless Task Manager accounts for all PIDs and used memory, anything installed but not running is a security risk in that these tend to have DLLs loaded and things running invisibly. Best to never have them even come close to a server. One of the simpler stunts is for the server to NOT have a gateway address. Stops a lot of junk without even patching stuff.
Oh I'm sure that Microsoft has reviewed their entire code base (about like I review /. every day). Knowing what to look for and what to do about it is an entirely different matter, and doesn't happen in anything resembling a big hurry.
"I'd be astonished if the open-source community has in total done as many man-years of computer security code reviews as we have done in the last two months."
There's no way the open-source community has done that little.
That's like the local bank being a less secure version of Fort Knox.
Actually the user/group/world read/write/execute permissions are very effective considering their simplicity.
The .NET "ideology" is no more/less inherintly secure then the J2EE "ideology".
That's like saying that Microsoft technology is no more/less inherently secure than Sun technology, or that the local garbage dump is nor more/less inherently secure than Fort Knox.
The devil is in the details, and Sun is much more likely to keep J2EE secure in opposition to the convenience and wishes of programmers.
Marketing might be insecure. I cannot imagine marketing being secure.
Counting bugs or security fixes can be extremely misleading. Each system is at some point in finding, fixing, and creating new bugs.
"Researchers at GreyMagic Software have uncovered three novel vulnerabilities provided by Microsoft Office Web Components (OWC), which can override security settings in Internet Explorer."
Sounds like there's plenty more where that came from.
"Updated tcpdump, libpcap, and arpwatch packages are available for Red
Hat Linux 6.2 and 7.x. These updates close vulnerabilities
present in versions of tcpdump up to 3.5.1 and various other bugs."
Sounds like the low-hanging fruit is pretty much gone. Next round will be even harder. This is at the pro-active stage (where OpenBSD has been for a few years).
Tomorrows RedHat will be significantly more secure than yesterdays. Unless Microsoft significantly changes their vision of what user experience should be, tomorrows Microsoft Windows will be essentially as open to wormage as yesterdays, with a smarter crop of worms. Backup early. Backup often.
Even if you did manage to secure against external threats, what's your protection from Rose in benefits? (stolen shamelessly from ca ad)
Cardinality for "how many elements are in the set".
Two sets have the same cardinality iff there exists a one-one function from one set onto the other set. Thus there are exactly as many primes as there are rationals. In all cases, the power set (set of all subsets) has strictly more elements than the original set. The power set of the null set has exactly one element, the null set. The null set has no elements.
You can also have infinite ordinals. Addition defined but not necessarily subtraction. 1,2,3,...,INFINITY,INFINITY+1,...,2INFINITY,...
Private librarian where the library is the entire web and the library is also the public library. There is definately value there, and if I were a Fortune nnn company, I think I'd be stupid not to buy into a piece of it.
Symbiosis can be viewed as mutual parasitism. There are good reasons for corporate shirts to pay good money for what hackers download for free.
LOL. You just made my day.
They do have the way out!
I closed a few IE windows, got back to the one for wehavethewayout.com, and Internet Explorer (5.0 on NT4) crashed on me.
Now what that has to do with going from the lighted and a-maze-ing unix side to the dark and bottomless pit Microsoft Windows side, I have no idea.
Hehe, I read it, partways at least. They are almost catching up with yesterday.
;), but seems to be about as simple as anything can be that stands a reasonable chance of actually succeeding.
No wonder IBM mainframes are selling well. IBM knows something, and it's about tomorrow not just today.
From what I can tell, Microsoft offerings have sacrificed security, flexibility, and functionality for initial setup simplicity and wowser gizmos. Unix may be a maze (amazing?
Anyway, the campaign was about Big Iron data servers, not web servers.
I assume that web servers are much easier and simpler than Big Iron data servers.
Appearances are important and downtime just looks bad period for potential customers.
You don't pull the plug on the old system until the new system is ready. If you don't know when the new system will be ready, that itself speaks volumes.
Speaking of IBM marketing, I keep remembering the Cheddar.com commercial, although in the case of wehavethewayout.com, Swiss and Limburger seem more appropriate than Roquefort.