<rant type="NOT directed in any way at parent poster">
This whole story is just dumb. A site run by MS got cracked. Yay. At least they admitted it - putting them well above companies with much more of a responsibility to do so.
I know how hard it is to keep a network secure, especially where multiple companies are involved (and before anybody starts, I'm a *nix and Linux user so don't tell me any crap about "just use Linux to make your network secure"). This isn't news. Yes it's annoying for their users and embarrasing for them, but it's hardly headline material.
I thought people got bored of this dumb BS five years ago?
I can't possibly be the only one who immediately thought "game of life"... can I?
Too bad it'd never work - not unless you could find some REALLY weird bacteria, anyway.
Good quality 21" monitors aren't going away
on
Are CRTs History?
·
· Score: 1
Some will keep on making 21" and 22" pro CRTs for photography and other imaging work for a while. LCDs just aren't there yet for that sort of work IMO.
I do agree that it's frustrating to have to buy a gigantic and expensive CRT when you don't really need one, just because decent quality smaller ones ones are out of production and you can't use an LCD for your application.
I've never really understood what all the fuss is about re IPv6 adoption. You don't need end-to-end connectivity or tunnel brokers any more. If you want to use IPv6, just enable it and use it - 6to4 will take care of any required tunneling with no user involvement.
I've been using v6 for more than two years between home, work, and a couple of other sites. No explicit tunnels, no nasty messing about. It all "just works" and I'm generally not concious of whether my traffic is going over v6 or v4. When my provider starts handing me v6 addresses over my PPPoE link (which I hope they will EVENTUALLY do) I won't even have to change anything.
Now, not much of my traffic to the "rest of the world" goes over v6 yet... but I don't much care.
Er... my point was that lots of custom hacking would be required to do with LDAP on *NIX the things that come BUILT IN in AD. I thought it was pretty darn obvious, actually.
My whole point is that you don't get anything even remotely like Group Policy under any *nix LDAP authentication scheme I'm aware of unless you do a lot of custom hacking.
AD is pretty awesome, and I'd really LIKE most of the power it offers on other platforms. As far as I'm concerned that's the biggest thing the Windows platform has going for it. That, and it's documented;-)
As for AD problems... what you say is probably true. On the other hand, even quite large organizations often seem to fail to deploy it correctly. A national manufacturing outfit in Australia was bought down for a while because one of their branch offices lost its connection to the WAN, their AD secondary master promoted its self to primary, then the WAN was restored and everything went *splat*. Avoidable? Probably. Need an AD black-magic wizard? Definitely. What's needed is documented somewhere? Without a doubt... but good luck finding it and understanding it then applying it correctly. The AD admins I've spoken to have all expressed the view that AD is great, but just too damn hard to configure robustly and that it tends to be fragile if not configured exactly right.
I would ask you to, next time, take the time to ACTUALLY READ MY MESSAGE before flaming me out too much, OK? You've been just as bad as the people you're complaining about.
You can do distributed authentication, mail routing, etc with LDAP, yes. Building most of the features of AD would involve lots of custom hacking though - for example, to do software auto-installs on log-in.
There's a lot more writing of custom schema and swearing with LDAP than there is with AD, and a LOT less good documentation, but once it works it stays working, unlike AD;-)
They've built your house with a fancy, and entirely unnecessary, house automation and remote control system. The locks are wired into this, and you discover that replacing the locks with secure ones disables the lights and interior doors.
Ever tried running Windows under "Restricted User"? I did. Even with mostly reputable, well behaved apps it's a PITA. Introduce a user who needs the odd browser plug-in and small custom software vendor tool, and you're screwed. Almostnt nothings sets correct registry permissions, and few things even bother setting up file permissions properly. It's a nightmare.
When will people learn that what they see as the "Linux community" is often the blithering idiots who feel the most need to make noise and feel important - but who do sweet f**k all for said "community" except cause disruption and embarrasment?
There are no "community member" badges. Anyone can claim to be part of the "Linux community" and in a way, probably is. That doesn't mean they're representative of much. I'm REALLY, REALLY TIRED of being lumped in the same bucket as these twits.
Maybe one day people will realise that claiming to be part of the "Linux community" doesn't mean s**t and look at what these people/do/ and at the respect, or lack thereof, that they have from their peers before taking their words to heart. I rather doubt it, though... most reporters and companies tend to think of anything else as a semi-corporate entity where the actions of one "member" reflect the other members. Thus, the teeming hordes of morons give us all a bad name.
So... all you people who email reporters with foaming rants (a POLITE and RATIONAL message is fine), froth self-importantly in comments fields, and send crazy letters to companies' customers because they *gasp* take money from Microsoft, and the just-don't-get-it wannabe free software zealots who don't actually understand the difference between free and gratis and between free and open source, please SHUT UP AND GO AWAY. Go find something useful to do. </rant>
For the curious, I do fall into the "something useful to do" camp, in that I contribute bug fixes to a few projects and quite a lot of work to Scribus. It's just not that hard, and really fun - maybe more folks should try it instead of just making trouble.
As for the "taking money from MS" bit - well, obviously it's my personal view, but I can't help wonder why those with a near-religious hate of MS don't *like* magazines printing their ads. MS paying to support Linux publications sounds alright in my book - and if you're concerned about influence from advertisers, you really have to think about that for all of them, not just MS (who're rather less likely to put the push on, actually - it'd be *REALLY* embarrasing if it got out). I also just don't understand why people care.
Anyway... time for me to get back to doing useful things instead of ranting and foaming;-)
Part of it might be that badly written apps, and badly written web pages, assume that 1px has a given physical size. This assumption is broken with very high resolution screens, causing things to be too small and unusable.
Common culprits are the `px' CSS measure used for font size. Another big one is apps that do all their layout in px with an assumed font and size, so that their layout breaks horribly if you up the font size - which you have to do to make it readable on your screen.
Personally, I'm working quite happily on a 120dpi display, but then I'm using a suitable OS and set of apps to handle it.
The ability to run as a limited user is, in my experience, nigh useless. Users will regularly encounter things that require admin priveleges to install, even things like browser plug-ins, and then won't run except as the user they were installed as. This requires temporarily modifying a user's account - always fun - to get them to install and work.
Even better, some apps won't run except as admin because they try to fiddle bits of the registry and/or filesystem they assume they'll have access to, because "everyone runs as administrator". Games are the #1 culprit here, but a large proportion of general use software has that problem too. It's not Microsoft's fault that app developers are idiots, but it still makes the limited privelege accounts nigh useless. Unfortunately, they can't conjure a long history of least-privelege-by-default so they're stuck with breaking compatibility with old apps (90% of users would equate "need to change user account to run program" with "broken OS") or retaining the current braindead defaults.
I do agree with you on the fine-grained priveleges in NT, though I wish they were consistently inherited instead of propagated through the filesystem tree. The issue with ACLs is that unless very carefully administrated they tend to become a hideous and unmanageable rats nest where nobody can clearly state what happens in a given case. This is as true on UNIXes with ACLs as it is on NT. I've always been way happier with the groups-within-groups model, which lets you get 90% of the benefits of ACLs with 10% of the complexity. It never seems to have become all that popular, though:S
Are you saying that you have to upgrade hardware with new upgrades of Linux?
Absolutely not. Thankfully. You WILL need to upgrade hardware occasionally, mostly just putting in more memory, but otherwise it'll be fine. The opposite is the case - to run newer software you generally need to upgrade to a newer version of your Linux distro, but not the hardware.
Do be aware that while the Linux zealots will tell you you can run Linux on a 486 with 4MB of RAM, they're not really telling the whole truth. To run a "conventional" Linux desktop you'll want a decent PC (~1GHz, though 500MHz would be ok, but most importantly at least 265MB of RAM). That micro cut-down stuff is for much less full featured uses, or for people like me who have no problem using the command line for almost everything with just a minimal graphical interface.
I find that in general, WinXP needs quite a bit less memory than a modern Linux distro with full GUI - but a lot of applications need less memory under Linux than Windows, and you don't have a virus scanner and spyware program gobbling RAM. It works out roughly the same.
... unfortunately, if they just offer bundled binary drivers for everything as they are likely to do, it leaves users up s**t creek come upgrade time.
This being Linux, upgrades for desktop systems are essentially mandatory (some things don't age well, like IM clients, and upgrades often don't work on older versions, plus there's the issue of security updates) so this may well be a problem.
I'd be way happier to see them working to make/general/ Linux support for their laptops better rather than tying the user to one, quickly ancient, particular custom Linux build.
I'll head in on a weekend for really critical problems - for example, an OpenSSH vunerability that I know will affect work's firewall. No way do I want to clean up the mess if I leave that unfixed - it sucks much less to go in on a weekend and fix it.
Most security holes are trivially fixed by remote admin anyway. "apt-get update; apt-get upgrade" and you're done in my case, usually. Windows admins have to use RDP/VNC/ICA and Windows Update, but can still get the job done pretty easily.
Of course, if the patch breaks something you need to go in, but in most cases it's really fuss-free.
That was my concern too. It hasn't been a problem so far, and any concerns could probably be sorted out reasonably easily ("he's just using our email server").
Encryption is getting so common that it'd be pretty hard to investigate any/all uses or even get particularly alarmed about it. I'd still be nervous about it if I was a Chinese citizen though.
... it's ridiculously easy with a "friend on the outside". SSH tunnel or some other sort of VPN to a proxy somewhere outside the firewall and you're done.
I've used this technique regularly when I need to work with people in China and find their mail and web services too unreliable to be useful. I simply provision them with tunneled services via work. No fuss.
if he misakenly typed that into a System V machine he'd instead kill all his processes or, if uid 0, the entire box. While in that particular case it'd be amusing, let's remember to use `pkill' instead shall we?
True - I never claimed there weren't some totally retarded things about NT. You should check out the GDI's interaction with multiple users on terminal server systems if you want totally and horribly broken;-)
My point is that with non-broken software, it's still pretty stable. WAY more stable than lots of people like to make out - even the old versions. The fact that a printer driver can make the system unstable is more than a little sad, but if your printer drivers don't suck still lets you have a stable server. Preferably by not having printer drivers on it.
Hell, it was already very stale in '99... and wrong, too. Unless you're doing something utterly retarded like trying to use an MS desktop OS for a server, or trying to run a server on NT 3.x or Win9x, then it's probably your apps or drivers not the OS that's broken.
My NT4 box here gets WAY better uptimes than any of my Linux servers. I'm not rebooting the NT4 every few months for a kernel security fix (of course, that's because there *are* no security fixes for it anymore... *gulp*). Security fixes aside, they're all of pretty much equal stability.
It does eventually go kind of wacko and need rebooting, but it takes many months. It used to be much less stable, but I rebuilt it from bare metal without any garbage apps and it's been pretty solid ever since.
I've had both Linux servers go kind of wacko a couple of times too - it's not something reserved for NT4. I'm not too thrilled with 2.6 in this regard - I've had way more problems with it than 2.4.
I think the real problem with Windows servers is that they don't seem to handle badly behaved apps well - and I'm not just talking NT4 here. I'd actually be interested in Windows servers if the standard rule wasn't "one app or key service per server". Being told "well, that'll happen then" when you try to do multiple things on one server (*gasp*!) is just dumb, and I hear it way too much from Windows server admins.
As for the memory leak argument - you see the same thing from Linux users on the mailing lists. It gets tired in a hurry - "run `free' and read the +=buffers/cache line. If your OS isn't using most of your RAM it's broken, what you want to know is how much RAM is just used for cache and thus free for apps."
It's like those "memory freeing" utilitles you get on Windows - for people who just don't understand memory management in a modern OS like Linux or NT.
Unfortunately, PDF also has serious problems, legal, practical and technical.
I'm not convinced, actually. I think it does what its designed for extremely well, has sensible licensing, and is generally a good choice. I wouldn't mind seeing the format in the hands of a standards body, but Adobe does a decent job.
The real answer is to develop an alternative open format. SVG is actually a good starting point and probably doesn't require too much effort.
I'm not at all convinced about SVG. Its design is the opposite to what's needed - it focuses on "semantic" elements over presentation, and there are generally major rendering differences between viewers. For web use, that's fine, but it makes it an apalling replacement for PDF, one of the primary benefits of which is extremely accurate reproduction. The SVG text model is also pretty shocking (IIRC you can't even embed fonts - how f**ing useless is that), though that can be worked around by converting all text to vectors.
I guess it might be possible to build something suitable on top of SVG, but I'm not convinced. Really, I think good 'ol PostScript and PDF are just fine - we could do with a better viewer (especially a better viewer for browsers, because that is pretty ghastly right now) and more content creation tools actually including PDF articles etc.
Maybe I'm biased because of my industry. In print and publishing, PDF is the best thing since, well, PostScript. It's just fantastic, and honestly difficult to imagine something better for the job. The same may not be true for other uses.
PDF does kind of suck for web use, but I think any replacement is likely to suffer the same sorts of issues (except presumably with a better browser UI). The biggest problem is that a document designed for print will look bad on screen and need to be zoomed/scrolled to be comfortably readable. This will remain true until we have ~300dpi screens where text doesn't look like crap and fine vector drawings can be viewed at sensible sizes. Since most people with ~120dpi screens run them at 72-96dpi to work around Windows braindeath with font sizes, I don't see that coming in a hurry.
It's not that the PDF license lacks teeth, its that the implementations done by open source projects are explicitly permitted, IIRC in a way that can't be arbitrarily revoked by Adobe. I could be wrong on that, though, I haven't sat down and read all the details (I should, since I help develop OSS that exports PDF...).
I share your suspicions on Microsoft's licensing, but I think that should they do that, they will have given their format concrete shoes and pushed it out the door into the harbour. Unless it has something else really compelling about it, it'll be going straight down and under. PDF's umbiquity across platforms, OS versions, and types of device is a critical part of its appeal.
Forever to load: Easily fixed, just kill off the plug-ins. Sub-optimal, yes, but hardly earth shattering. It takes ~1s to load on my system.
No doc structure: Well, well constructed documents do have articles, bookmarks, etc. There just aren't that many of them, largely because it's hard. The encoding of presentation only is intentional and largely what makes the format useful, since it gives it the ability to be very consistent across viewers and platforms. If this is a problem, then the document creator shouldn't be using PDF for that document.
Mouse selection: Er... use the coloumn select tool. You might have to click and hold the selection tool or something if you haven't expanded the toolbar, but it's there.
Copy + paste: Agreed on that one.
Fonts: Ditto, it'd be really useful to require a stock set of fonts. I think it does actually define a reasonable range (expressed in terms of the Adobe multiple master fonts) but I've never been inclined to trust it.
The browser plugin has no menu option for save to disk because it has no menu. There is a button to do it. To fix this they'd need the ability to integrate into the browser's menus.
Personally, re the browser plugin, I find the fact that it's slow, unstable, has a generally awful UI, and in particular requires the user to hit the plug-in's print button not the browser's File->print menu entry to be infuriating. I disable the awful thing and use Acrobat Reader directly.
Re GUIs, it's funny... I've always liked the GUIs of most Adobe applications. These days MS does them well, too, but the worst failing Adobe seems to have with theirs is a bit of clutter.
Anyway - I'm not at all convinced that the viewer will make the format. Among other things, do you see MS producing high-quality free viewers for MacOS, Linux, embedded devices, Palm, etc? Me neither, and that's one of the big selling points of PDF (along with fantastically accurate printing and display, and being moron-proof to create simple documents with).
Really, the problem you describe is all about Acrobat Reader and little to do with PDF. There is really nothing preventing the creation of a lightweight PDF viewer. They exist, in fact, and are beginning not to suck. Hopefully one will be ported to win32 soon.
In fact, Acrobat Reader remains very lightweight even today... once you disable about eight million plug-ins that few people need. This is as simple as moving them out of the plug-ins directory (even on win32).
I also find disabling the Acrobat Reader browser plug-in useful, since reading PDFs is much nicer when Acrobat is not running in a browser window. Again, just move the plug-in out of the browser's plug-ins folder (at least on most platforms/browsers).
Acrobat Reader is still crucially important for accurate PDF viewing - document proofing, prepress, etc. I do agree that for most things, with all its default functionality, it's kinda overkill.
Another thing to understand is that "Metro" will go _nowhere_ if it lacks the proofing and prepress tools that exist for PDF. Things like EnFocus PitStop, and of course Adobe Acrobat Professional, are crucial tools for preflight and prepress. Without close equivalents to them, a format will go nowhere in press & print.
More significantly, this is a page description language, not an editable document format. Very different. Opening.doc wouldn't do what they wanted (.doc is almost the opposite of this - a screaming nightmare that changes based on installed fonts, the user's *PRINTER* settings, and all sorts of other garbage).
There is no free alternative. The closest is PDF, and it's still firmly under Adobe's control, though it's freely implementable.
That said, I do share your general pessimism on this matter.
PDF follows much the same model, but the license for the format its self is automatic so long as you follow the rules set out in it - much like the GPL, actually, though the "rules" are rather different.
At least, that's my understanding.
Whatever... quite a few open source products implement PDF, and there haven't been any problems with it.
More to the point, I suspect MS would need to release royalty-free, patent-free, BSD-licensed, cross-platform code libraries to work with their format if they want to make any real headway against PDF.
Slashdot Mirror
Yep, or reimaged it. So what?
<rant type="NOT directed in any way at parent poster">
This whole story is just dumb. A site run by MS got cracked. Yay. At least they admitted it - putting them well above companies with much more of a responsibility to do so.
I know how hard it is to keep a network secure, especially where multiple companies are involved (and before anybody starts, I'm a *nix and Linux user so don't tell me any crap about "just use Linux to make your network secure"). This isn't news. Yes it's annoying for their users and embarrasing for them, but it's hardly headline material.
I thought people got bored of this dumb BS five years ago?
</rant>
I can't possibly be the only one who immediately thought "game of life" ... can I?
Too bad it'd never work - not unless you could find some REALLY weird bacteria, anyway.
Some will keep on making 21" and 22" pro CRTs for photography and other imaging work for a while. LCDs just aren't there yet for that sort of work IMO.
I do agree that it's frustrating to have to buy a gigantic and expensive CRT when you don't really need one, just because decent quality smaller ones ones are out of production and you can't use an LCD for your application.
I've never really understood what all the fuss is about re IPv6 adoption. You don't need end-to-end connectivity or tunnel brokers any more. If you want to use IPv6, just enable it and use it - 6to4 will take care of any required tunneling with no user involvement.
I've been using v6 for more than two years between home, work, and a couple of other sites. No explicit tunnels, no nasty messing about. It all "just works" and I'm generally not concious of whether my traffic is going over v6 or v4. When my provider starts handing me v6 addresses over my PPPoE link (which I hope they will EVENTUALLY do) I won't even have to change anything.
Now, not much of my traffic to the "rest of the world" goes over v6 yet... but I don't much care.
Er ... my point was that lots of custom hacking would be required to do with LDAP on *NIX the things that come BUILT IN in AD. I thought it was pretty darn obvious, actually.
;-)
... what you say is probably true. On the other hand, even quite large organizations often seem to fail to deploy it correctly. A national manufacturing outfit in Australia was bought down for a while because one of their branch offices lost its connection to the WAN, their AD secondary master promoted its self to primary, then the WAN was restored and everything went *splat*. Avoidable? Probably. Need an AD black-magic wizard? Definitely. What's needed is documented somewhere? Without a doubt ... but good luck finding it and understanding it then applying it correctly. The AD admins I've spoken to have all expressed the view that AD is great, but just too damn hard to configure robustly and that it tends to be fragile if not configured exactly right.
My whole point is that you don't get anything even remotely like Group Policy under any *nix LDAP authentication scheme I'm aware of unless you do a lot of custom hacking.
AD is pretty awesome, and I'd really LIKE most of the power it offers on other platforms. As far as I'm concerned that's the biggest thing the Windows platform has going for it. That, and it's documented
As for AD problems
I would ask you to, next time, take the time to ACTUALLY READ MY MESSAGE before flaming me out too much, OK? You've been just as bad as the people you're complaining about.
You can do distributed authentication, mail routing, etc with LDAP, yes. Building most of the features of AD would involve lots of custom hacking though - for example, to do software auto-installs on log-in.
;-)
There's a lot more writing of custom schema and swearing with LDAP than there is with AD, and a LOT less good documentation, but once it works it stays working, unlike AD
They've built your house with a fancy, and entirely unnecessary, house automation and remote control system. The locks are wired into this, and you discover that replacing the locks with secure ones disables the lights and interior doors.
Ever tried running Windows under "Restricted User"? I did. Even with mostly reputable, well behaved apps it's a PITA. Introduce a user who needs the odd browser plug-in and small custom software vendor tool, and you're screwed. Almostnt nothings sets correct registry permissions, and few things even bother setting up file permissions properly. It's a nightmare.
When will people learn that what they see as the "Linux community" is often the blithering idiots who feel the most need to make noise and feel important - but who do sweet f**k all for said "community" except cause disruption and embarrasment?
There are no "community member" badges. Anyone can claim to be part of the "Linux community" and in a way, probably is. That doesn't mean they're representative of much. I'm REALLY, REALLY TIRED of being lumped in the same bucket as these twits.
Maybe one day people will realise that claiming to be part of the "Linux community" doesn't mean s**t and look at what these people
So
</rant>
For the curious, I do fall into the "something useful to do" camp, in that I contribute bug fixes to a few projects and quite a lot of work to Scribus. It's just not that hard, and really fun - maybe more folks should try it instead of just making trouble.
As for the "taking money from MS" bit - well, obviously it's my personal view, but I can't help wonder why those with a near-religious hate of MS don't *like* magazines printing their ads. MS paying to support Linux publications sounds alright in my book - and if you're concerned about influence from advertisers, you really have to think about that for all of them, not just MS (who're rather less likely to put the push on, actually - it'd be *REALLY* embarrasing if it got out). I also just don't understand why people care.
Anyway
Part of it might be that badly written apps, and badly written web pages, assume that 1px has a given physical size. This assumption is broken with very high resolution screens, causing things to be too small and unusable.
Common culprits are the `px' CSS measure used for font size. Another big one is apps that do all their layout in px with an assumed font and size, so that their layout breaks horribly if you up the font size - which you have to do to make it readable on your screen.
Personally, I'm working quite happily on a 120dpi display, but then I'm using a suitable OS and set of apps to handle it.
The ability to run as a limited user is, in my experience, nigh useless. Users will regularly encounter things that require admin priveleges to install, even things like browser plug-ins, and then won't run except as the user they were installed as. This requires temporarily modifying a user's account - always fun - to get them to install and work.
:S
Even better, some apps won't run except as admin because they try to fiddle bits of the registry and/or filesystem they assume they'll have access to, because "everyone runs as administrator". Games are the #1 culprit here, but a large proportion of general use software has that problem too. It's not Microsoft's fault that app developers are idiots, but it still makes the limited privelege accounts nigh useless. Unfortunately, they can't conjure a long history of least-privelege-by-default so they're stuck with breaking compatibility with old apps (90% of users would equate "need to change user account to run program" with "broken OS") or retaining the current braindead defaults.
I do agree with you on the fine-grained priveleges in NT, though I wish they were consistently inherited instead of propagated through the filesystem tree. The issue with ACLs is that unless very carefully administrated they tend to become a hideous and unmanageable rats nest where nobody can clearly state what happens in a given case. This is as true on UNIXes with ACLs as it is on NT. I've always been way happier with the groups-within-groups model, which lets you get 90% of the benefits of ACLs with 10% of the complexity. It never seems to have become all that popular, though
Are you saying that you have to upgrade hardware with new upgrades of Linux?
Absolutely not. Thankfully. You WILL need to upgrade hardware occasionally, mostly just putting in more memory, but otherwise it'll be fine. The opposite is the case - to run newer software you generally need to upgrade to a newer version of your Linux distro, but not the hardware.
Do be aware that while the Linux zealots will tell you you can run Linux on a 486 with 4MB of RAM, they're not really telling the whole truth. To run a "conventional" Linux desktop you'll want a decent PC (~1GHz, though 500MHz would be ok, but most importantly at least 265MB of RAM). That micro cut-down stuff is for much less full featured uses, or for people like me who have no problem using the command line for almost everything with just a minimal graphical interface.
I find that in general, WinXP needs quite a bit less memory than a modern Linux distro with full GUI - but a lot of applications need less memory under Linux than Windows, and you don't have a virus scanner and spyware program gobbling RAM. It works out roughly the same.
... unfortunately, if they just offer bundled binary drivers for everything as they are likely to do, it leaves users up s**t creek come upgrade time.
/general/ Linux support for their laptops better rather than tying the user to one, quickly ancient, particular custom Linux build.
This being Linux, upgrades for desktop systems are essentially mandatory (some things don't age well, like IM clients, and upgrades often don't work on older versions, plus there's the issue of security updates) so this may well be a problem.
I'd be way happier to see them working to make
I'll head in on a weekend for really critical problems - for example, an OpenSSH vunerability that I know will affect work's firewall. No way do I want to clean up the mess if I leave that unfixed - it sucks much less to go in on a weekend and fix it.
Most security holes are trivially fixed by remote admin anyway. "apt-get update; apt-get upgrade" and you're done in my case, usually. Windows admins have to use RDP/VNC/ICA and Windows Update, but can still get the job done pretty easily.
Of course, if the patch breaks something you need to go in, but in most cases it's really fuss-free.
That was my concern too. It hasn't been a problem so far, and any concerns could probably be sorted out reasonably easily ("he's just using our email server").
Encryption is getting so common that it'd be pretty hard to investigate any/all uses or even get particularly alarmed about it. I'd still be nervous about it if I was a Chinese citizen though.
... it's ridiculously easy with a "friend on the outside". SSH tunnel or some other sort of VPN to a proxy somewhere outside the firewall and you're done.
I've used this technique regularly when I need to work with people in China and find their mail and web services too unreliable to be useful. I simply provision them with tunneled services via work. No fuss.
if he misakenly typed that into a System V machine he'd instead kill all his processes or, if uid 0, the entire box. While in that particular case it'd be amusing, let's remember to use `pkill' instead shall we?
True - I never claimed there weren't some totally retarded things about NT. You should check out the GDI's interaction with multiple users on terminal server systems if you want totally and horribly broken ;-)
My point is that with non-broken software, it's still pretty stable. WAY more stable than lots of people like to make out - even the old versions. The fact that a printer driver can make the system unstable is more than a little sad, but if your printer drivers don't suck still lets you have a stable server. Preferably by not having printer drivers on it.
Hell, it was already very stale in '99 ... and wrong, too. Unless you're doing something utterly retarded like trying to use an MS desktop OS for a server, or trying to run a server on NT 3.x or Win9x, then it's probably your apps or drivers not the OS that's broken.
... *gulp*). Security fixes aside, they're all of pretty much equal stability.
My NT4 box here gets WAY better uptimes than any of my Linux servers. I'm not rebooting the NT4 every few months for a kernel security fix (of course, that's because there *are* no security fixes for it anymore
It does eventually go kind of wacko and need rebooting, but it takes many months. It used to be much less stable, but I rebuilt it from bare metal without any garbage apps and it's been pretty solid ever since.
I've had both Linux servers go kind of wacko a couple of times too - it's not something reserved for NT4. I'm not too thrilled with 2.6 in this regard - I've had way more problems with it than 2.4.
I think the real problem with Windows servers is that they don't seem to handle badly behaved apps well - and I'm not just talking NT4 here. I'd actually be interested in Windows servers if the standard rule wasn't "one app or key service per server". Being told "well, that'll happen then" when you try to do multiple things on one server (*gasp*!) is just dumb, and I hear it way too much from Windows server admins.
As for the memory leak argument - you see the same thing from Linux users on the mailing lists. It gets tired in a hurry - "run `free' and read the +=buffers/cache line. If your OS isn't using most of your RAM it's broken, what you want to know is how much RAM is just used for cache and thus free for apps."
It's like those "memory freeing" utilitles you get on Windows - for people who just don't understand memory management in a modern OS like Linux or NT.
there isn't a +6(Interesting).
The big end of the database world has always seemed strange to me. Your post provides some interesting views on that area.
It's not that the PDF license lacks teeth, its that the implementations done by open source projects are explicitly permitted, IIRC in a way that can't be arbitrarily revoked by Adobe. I could be wrong on that, though, I haven't sat down and read all the details (I should, since I help develop OSS that exports PDF...).
I share your suspicions on Microsoft's licensing, but I think that should they do that, they will have given their format concrete shoes and pushed it out the door into the harbour. Unless it has something else really compelling about it, it'll be going straight down and under. PDF's umbiquity across platforms, OS versions, and types of device is a critical part of its appeal.
Forever to load: Easily fixed, just kill off the plug-ins. Sub-optimal, yes, but hardly earth shattering. It takes ~1s to load on my system.
... I've always liked the GUIs of most Adobe applications. These days MS does them well, too, but the worst failing Adobe seems to have with theirs is a bit of clutter.
No doc structure: Well, well constructed documents do have articles, bookmarks, etc. There just aren't that many of them, largely because it's hard. The encoding of presentation only is intentional and largely what makes the format useful, since it gives it the ability to be very consistent across viewers and platforms. If this is a problem, then the document creator shouldn't be using PDF for that document.
Mouse selection: Er... use the coloumn select tool. You might have to click and hold the selection tool or something if you haven't expanded the toolbar, but it's there.
Copy + paste: Agreed on that one.
Fonts: Ditto, it'd be really useful to require a stock set of fonts. I think it does actually define a reasonable range (expressed in terms of the Adobe multiple master fonts) but I've never been inclined to trust it.
The browser plugin has no menu option for save to disk because it has no menu. There is a button to do it. To fix this they'd need the ability to integrate into the browser's menus.
Personally, re the browser plugin, I find the fact that it's slow, unstable, has a generally awful UI, and in particular requires the user to hit the plug-in's print button not the browser's File->print menu entry to be infuriating. I disable the awful thing and use Acrobat Reader directly.
Re GUIs, it's funny
Anyway - I'm not at all convinced that the viewer will make the format. Among other things, do you see MS producing high-quality free viewers for MacOS, Linux, embedded devices, Palm, etc? Me neither, and that's one of the big selling points of PDF (along with fantastically accurate printing and display, and being moron-proof to create simple documents with).
Really, the problem you describe is all about Acrobat Reader and little to do with PDF. There is really nothing preventing the creation of a lightweight PDF viewer. They exist, in fact, and are beginning not to suck. Hopefully one will be ported to win32 soon.
... once you disable about eight million plug-ins that few people need. This is as simple as moving them out of the plug-ins directory (even on win32).
In fact, Acrobat Reader remains very lightweight even today
I also find disabling the Acrobat Reader browser plug-in useful, since reading PDFs is much nicer when Acrobat is not running in a browser window. Again, just move the plug-in out of the browser's plug-ins folder (at least on most platforms/browsers).
Acrobat Reader is still crucially important for accurate PDF viewing - document proofing, prepress, etc. I do agree that for most things, with all its default functionality, it's kinda overkill.
Another thing to understand is that "Metro" will go _nowhere_ if it lacks the proofing and prepress tools that exist for PDF. Things like EnFocus PitStop, and of course Adobe Acrobat Professional, are crucial tools for preflight and prepress. Without close equivalents to them, a format will go nowhere in press & print.
First: Open source != open formats.
.doc wouldn't do what they wanted (.doc is almost the opposite of this - a screaming nightmare that changes based on installed fonts, the user's *PRINTER* settings, and all sorts of other garbage).
More significantly, this is a page description language, not an editable document format. Very different. Opening
There is no free alternative. The closest is PDF, and it's still firmly under Adobe's control, though it's freely implementable.
That said, I do share your general pessimism on this matter.
PDF follows much the same model, but the license for the format its self is automatic so long as you follow the rules set out in it - much like the GPL, actually, though the "rules" are rather different.
At least, that's my understanding.
Whatever... quite a few open source products implement PDF, and there haven't been any problems with it.
More to the point, I suspect MS would need to release royalty-free, patent-free, BSD-licensed, cross-platform code libraries to work with their format if they want to make any real headway against PDF.