This is just evidence that you are probably no safer giving out your credit card info over the internet than you are safe from getting mugged in a large city.
This is a very good point. Just as I wouldn't stop going into the city and carrying cash just because I might get mugged doesn't mean that I might stop using credit cards online because I might have my credit information stolen.
As I'm reading this article, they are saying that once into a web server, it is easy to search for a key because it is more random then any other data on the disk. Wish I could get paid for these kinds of revelations.
The solution: don't let anyone into your web server in the first place. I would consider the web server compromised and the keys invalid if someone got in and was able to snoop where the keys were located. Even if you do allow shell access to the web server (a bad idea in my opinion), put the keys in a root read-only directory! I believe the setup instructions for mod_ssl says to set your SSL key as 400, therefore only root can read it.
This article is irresponsible. They make it sound as if your credit card is already at stake, not just after someone has broken into a web server and stole keys. It is not news that encrypted data is at stake after someone has stole the private key.
In some of the space hotel ventures that I've seen, they talk about the draw being the view, and *ahem* the recreational possibilities of zero-gravity.
To answer your question Roblimo, hell yeah I'd want to try it out!
So what if RedHat has Alan work on things that benefit them? As far as I recall, the only time that I personally have ever worked on open source was to suit my own needs. I needed X feature in Y, so I put X feature in Y. Simple. After a while, with hundreds of users/developers adding their features, you get a strong product. In addition, if you don't like the direction it is going, you branch. As bad is this sounds, branching should always be an option. Branching is the check that will keep people honest.
The core of what RedHat works on is GPL and, by the nature of the license, must remain that way, no matter how many features they add.
Now if they want Alan to work on something closed source, it is up to Alan and his bosses if that happens. I don't think RedHat should be forced to open source everything they write. It is perfectly reasonable, to me, if they want to use Linux as the base for some proprietary kiosk app or workstation platform. I don't think it would be in their best interest because they would miss out on the hundreds of developers adding features, but it is still their decision and shouldn't be harassed for it.
Their stock split 2 for 1 yesterday. Usually a stock goes up significantly after a split because it is perceived as a "deal" at the lower price. The day after a split is sometimes the bad one, when investors correct the ephoria of the previous day. I'm betting any repercusions will be felt today, but I'm doubting it will move far.
Let's face it SUN abandoning the standard is good news for investors. It means more short term profits for SUN. Investors like profits.
And how many investors care that SUN was a bad guy and exercised their legal rights to "steal" someone else's work. This "theft" benefits their product line and increases their profits. Again, investors like profits.
Wow. This just floored me. I had been wanting something like this for a while; even screwing with NetMeeting (unhappily). I never dreamed I would find something as robust as this appears for Linux. Now, lets see if I can get it to work this weekend. If so, my boss may not have $350 in phone calls just to me next month. Thanks!
Developers forget just how important it is to be able to maintain code. It is a third the battle (1/3 design, 1/3 dev/coding, 1/3 maintenance). Requirements change, environments change, etc. There are tons of reasons why you have to go back into the code and fix/change it. Not to mention bug fixing. If your code is spaghetti, fixing one bug might introduce 10 others.
In my experience, I have found it in my best interest to write clean code, comment heavily, etc. so that I can _leave_ a project! After I have developed something, I don't want to stick around to maintain it. I want to hand that over to somebody else and get on with developing something new.
The trick to maintenance is structure. Sure you can impose structure on an unstructured language (i.e. code guidelines on top of Perl), but your life will be much easier if you just pick a structured language in the first place. The compiler is a much better guidelines watchdog than a piece of paper that your developers are supposed to read.
First, Mozilla is doing well and surprising everyone. The new layout engine is fast and stable, despite the hideous number of standards that need to be supported nowadays just to view a web page.
My nitpick is that on initial load, it is... well... damned ugly. If you are at the stage where you are looking for a large number of testers, pretty up that interface so that people can stomach using it on a daily basis. Also, people's initial impression of Mozilla will change with a prettier interface. Mozilla is a product in the latter stages of development, more things work than don't work. But to anyone not familiar with the details of the project, loading Mozilla for the first time makes it seem that you have just figured out how to make buttons. Its understandable, but not excusable, for a journalist to "check it out", run it for an hour or so, not be impressed, and write a bad review. They are used to dealing with a commercial software industry where the interface comes first (to wow the journalists, spread the FUD, etc.) and the backend comes later.
Bottom line, make it prettier and you will draw more testers and better press.
My car just hit 85k miles (~135k km). If I was still in the closed auto industry of the 60s and 70s, I would be buying a new one. Instead, thanks to foreign competition, my car is just getting warmed up. (Yes, its even an American car.)
The point is, until the auto industry in the US became a truly free and open market, they produced junk, on purpuse some would say.
The problem with the TV industry (at least in the US) is that it isn't free and open. Its not free because the FCC is regulating the broadcast formats, etc. And its not open: I get one foreign channel (even on my dish), BBC-America, and I think it is a stretch calling that foreign.
As for Microsoft, while they may dominate in Windows land, they are by no means in control of the software industry. They couldn't stop the Internet, although they tried. They haven't been able to stop Java. The move to thinner and thinner PCs is still progressing, despite Microsoft's tugging otherwise. None of this had a damned bit to do with government regulation or inquiry.
I can go on forever! Bottom line, the times the consumer has gotten the shaft is when the producer's market has been protected by the government, either by isolationism or by regulation.
This problem would map into a modern compiler architecture. The compiler architecture has mutltiple front-ends, languages, and multiple back-ends, machine architectures, bound in the middle by an intermediate, but heavily simplified language. The idea is that a front-end parses and type checks the input and then outputs intermediate language. This can then be fed into any back-end built for a particular architecture.
For example, if you have front ends for C and fortran and backends for PPC and i386, then you can compile fortran programs for PPC or i386 and also C programs for PPC or i386. Any combination. Add another backend, say MIPS and with no extra work, C and fortran compiling are possible.
When dealing with natural languages, you would need a front-end and a back-end for each language.
There are a number of catches, here are a few:
Finding the intermediate language. It should be possible, but a pain in the ass. After all, it has happened for computer languages and they vary widely.
Computer languages are confined to a certain syntax. To make this work, the input would have to be checked for valid syntax and type checked. In other words, poor grammar, incorrect use of words, etc. would simply not be allowed to get past first base. After tons of research, some AI might be introduced here to make the rules more flexible.
There will be a learning curve to using the system. Users will have to figure out what is valid. I think this goes for every system. Slang is going to send almost any solution guessing.
Bottom line, of course a universal translator is possible, but until we discover BabbleFish or the brainwave reading equivalent (would reading brainwaves be enough, would all species "think" alike?), there will be plenty of input restrictions. Afterall, somethings just don't translate. Because of these restrictions, it will be infuriating and impractical to use.
Keep watching CompUSA. I'm betting that their price will go up and stay up long after the computer shows go back down. It has always seemed to me that the stores lag a couple weeks (months?) behind when it comes to price changes. The RAM they are selling you was probably bought weeks ago and has finally made its way through their distribution channel to the store.
Interesting point though. An enterprising individual could take advantage of this and make some clean cash.
Good points, but I don't think a government should be fundamentally based on the belief that the people governed aren't smart/literate enough to make good decisions. This gets into the controversy of what defines a person that is able to govern themselves. Everyone has their own definition, as well they should.
I think the representative govn't in the US today has two major problems: 1) representatives aren't really representing people, just money; and 2) citizens aren't motivated to do anything about it. I think the reason for 2) is because all representatives are believed to be corrupt and the only thing citizens can do is vote for one. Hence, caring is futile, people don't vote, and don't take govn't serious.
I say the only real solution is to remove the representatives (as we know them) and give people more to vote on. But, you are right that people don't have enough time to research and vote on all of the issues (local, state, federal).
Instead, allow citizens to choose who represents them more frequently by giving a rep control of your vote. You can take it back any time you like, vote yourself, or move it to another rep. In other words, I and others could give our voting power to rep1. He accumulates 100 votes and for every issue, his vote counts for a 100 people. Later, I decide that I don't like the way rep1 is voting, I move my vote to rep2, but I don't have to wait until the next election. In effect, rep1 answers immediately to something I don't approve of.
The goal here would be to have more reps and to take the money out of it. A person could be a rep, just by publishing their voting record in a public forum and waiting for people that agree. They don't have to campaign.
This isn't perfect, but I think it would be a good replacemnt for the House of Reps. The Senate and Executive and Judical branches would require further thought.
My Starcraft CD has a 600+ meg install.exe that is mostly BS. I think they interspersed real data with junk to use up the rest of the CD.
Why? Well I remember a lot of Warcraft CD images floating around my college and when Starcraft first came out (1.5 years...) CD-Rs were not as common.
Wait for an annoucement.
on
K8 Details
·
· Score: 1
This is an announcement of an announcement of a product I doubt is barely in design. The only point of it is to say that big new is coming at the Microprocessor Expo. Even then its going to be vaporware to the nth degree. I doubt that the feature set is even fully hammered out yet.
I think it is closer to the Detriot Auto expo where GM, Ford, etc get together and show off concept cars that will likely not be produced within the next 10 years.
Poor AMD, never quite there...
on
K8 Details
·
· Score: 2
It seems to me that a year ago I was reading how the K6-3 and eventually the K7 would be bring AMD out of the low-end desktop market into the high-end desktop market. They could be *gasp* faster than Intel on the desktop. The K6-3 did that and has been selling well.
Now the line is that the K8 could bring them into the server and multi-processor market. Never quite good enough for the journalists, eh? No one seems to be noting that this company has gone from making 486 clones after the 486 was being fazed out by Intel to creating a chip that was cheaper and faster than Intel's best offering (excluding the Xeon's which are only overpriced Pentium III's with tons of L2 cache).
On top of that, they are selling! AMD beat Intel in retail sales for a quarter! Big guys like Compaq, Gateway, and Intel are selling them in their systems! If you would have told me 2 years ago that AMD would beat Intel in sales and that you could buy one in a Compaq, I would have tried to sell you some nice swamp land in Florida.
As far as AMD bleeding red, look at any company playing catch up or expanding as quickly as AMD and you will always see a trail of red.
You are probably right, staying in or washing your hands won't help much, but I don't think keeping people out of radiation is why the gov't is asking them to stay in.
Nuclear incidents are scary to everyone. People freak out. Its kind of like flying vs. driving. Flying is much safer, but it doesn't seem safer (you hear everytime their is a plane crash) so people freak out in planes and not cars.
So, if I had to keep the public in control, I would give them something to do and let them think they are safe. Telling them to stay in and give them a prescription for helping themselves (washing their hands) help calm them down.
Sure, it isn't entirely forth-coming, but the last hting you need is a riot during a nuclear incident. That would only bring on curfews, patrols, etc. and more people in the danger zone.
To the best of our knowledge, no known exploits exist at this time.
Whoops. I think there's a known exploit now.:-)
Seriously though, a vendor can't be expected to release anything that is bug free, but they are expected to respond quickly to problems and provide what is needed to keep their products running securely. They also can't be expected to install patches for their customers. It wasn't RedHat who dropped the ball here.
I'm speaking from experience. I patched up the mountd exploit (a while back) on all of the servers I was responsible for, but woke one morning to find my workstation hosed up. I had forgotten to patch my own box. Some nice person had "rm -rf/" on my machine.
Nothing left to do except beat my head against a wall and reinstall. I didn't blame RedHat. It was completely my fault.
Does GM/Ford/etc. come to your house and fix your car for you when there is a recall?
It turns out that he was talking about ISDN vs. cable, not DSL, but I think the point still holds.
From The Dilbert Future, by Scott Adams:
Cable companies have what appears to be a huge technical advantage--a big coaxial cable into your house that can carry far more information than a phone line with ISDN service. Most pundits argue that this advantage will be enough for the cable companies to trounce ISDN in the market of the future. This argument misses one important fact:
Cable companies are staffed with people who couldn't get jobs at telephone companies. (p. 45)
I still think Scott Adams had it right in one of his Dilbert books:
Telephone companies and DSL will beat out Cable companies and cable modems for one simple reason: All of the people that were too incompenent for even the local telco work at the cable company.
(I will post the exact quote and book when I get home).
I think he is looking for something that combines the disk space into one filesystem. NFS might bring it into one tree, but it would be a bunch of directories. YOu would have to watch how much you used in each directory. One directory will fill and another will have tons of space.
Oh, three years from now... Of course, in the computer world this is an entire generation.
I agree though. In 3 years there will be plenty of companies ready to take on support contracts, even those with 100s of personel involved. Actually, I think there are plenty of companies ready for mid-size contracts, 10 or less dedicated people, today. The problem is that htey haven't been around long enough and proven themselves enough for Big Companies to deal with them.
Now if SUN, or more likely, IBM, starts contracting Linux support...
Big Company: Can RedHat supply 100 people to this one location, without having to wait a year them to be trained? Do they have a long term reputation for reliability? RedHat just IPO'd a couple months ago! How can they be relied upon. They are a babe in the woods compared to SUN.
A lot of companies are scared of OSS for a legitimate reason: They need a vendor to answer for any problems.
First, I don't believe in this, so don't hurt me. I'm just trying to get you into their head so you can understand a non-OSS policy that doesn't need a religious foundation.
For OSS: You can change the code yourself (or audit it) when there are problems without waiting on the vendor.
Big company: Then we have to train people to know the code. And we feel obligated to audit the code to gaurantee some hacker (sic) didn't put a back door into it. Training is expensive.
For OSS: Outsource your OSS support to a third party company. In other words, get a Linux support company to support your linux boxes.
Big company: If they didn't write the software, how can they know it well enough to fix it? Linux support companies are too small to handle our large accounts.
The company I'm currently working at kind of treat their vendors like black boxes. They send money and out pops a product. They aren't equipped (logistically and mentally) to dig into the code. I'm not saying that you have to dig into code to run Linux, but if something happens, a big company is not going to be content sending email to the package maintaner.
The building I work in has more SUN guys (100 or so) crawling around supporting our SUN boxes than RedHat has employees, I think. So, I think the large company mixing with a small company thing is a legitimate argument.
That said, having a strict non-OSS policy is stupid. That just falls into the "don't limit your options" category. My company has a come aways in the last couple years. Perl (gasp!) is being used and I know of a Linux box and someone hacking with MySQL. I see these as cracks in the non-OSS policy and instead of leaving the company, I'm staying to widen these cracks.
Slashdot Mirror
This is just evidence that you are probably no safer giving out your credit card info over the internet than you are safe from getting mugged in a large city.
This is a very good point. Just as I wouldn't stop going into the city and carrying cash just because I might get mugged doesn't mean that I might stop using credit cards online because I might have my credit information stolen.
Oh, wait. This wasn't your point at all. Sorry
As I'm reading this article, they are saying that once into a web server, it is easy to search for a key because it is more random then any other data on the disk. Wish I could get paid for these kinds of revelations.
The solution: don't let anyone into your web server in the first place. I would consider the web server compromised and the keys invalid if someone got in and was able to snoop where the keys were located. Even if you do allow shell access to the web server (a bad idea in my opinion), put the keys in a root read-only directory! I believe the setup instructions for mod_ssl says to set your SSL key as 400, therefore only root can read it.
This article is irresponsible. They make it sound as if your credit card is already at stake, not just after someone has broken into a web server and stole keys. It is not news that encrypted data is at stake after someone has stole the private key.
In some of the space hotel ventures that I've seen, they talk about the draw being the view, and *ahem* the recreational possibilities of zero-gravity.
To answer your question Roblimo, hell yeah I'd want to try it out!
So what if RedHat has Alan work on things that benefit them? As far as I recall, the only time that I personally have ever worked on open source was to suit my own needs. I needed X feature in Y, so I put X feature in Y. Simple. After a while, with hundreds of users/developers adding their features, you get a strong product. In addition, if you don't like the direction it is going, you branch. As bad is this sounds, branching should always be an option. Branching is the check that will keep people honest.
The core of what RedHat works on is GPL and, by the nature of the license, must remain that way, no matter how many features they add.
Now if they want Alan to work on something closed source, it is up to Alan and his bosses if that happens. I don't think RedHat should be forced to open source everything they write. It is perfectly reasonable, to me, if they want to use Linux as the base for some proprietary kiosk app or workstation platform. I don't think it would be in their best interest because they would miss out on the hundreds of developers adding features, but it is still their decision and shouldn't be harassed for it.
Their stock split 2 for 1 yesterday. Usually a stock goes up significantly after a split because it is perceived as a "deal" at the lower price. The day after a split is sometimes the bad one, when investors correct the ephoria of the previous day. I'm betting any repercusions will be felt today, but I'm doubting it will move far.
Let's face it SUN abandoning the standard is good news for investors. It means more short term profits for SUN. Investors like profits.
And how many investors care that SUN was a bad guy and exercised their legal rights to "steal" someone else's work. This "theft" benefits their product line and increases their profits. Again, investors like profits.
Wow. This just floored me. I had been wanting something like this for a while; even screwing with NetMeeting (unhappily). I never dreamed I would find something as robust as this appears for Linux. Now, lets see if I can get it to work this weekend. If so, my boss may not have $350 in phone calls just to me next month. Thanks!
Did you ask Rob if we wanted to be serving a potentially very large document before saying this?
What you suggest is like announcing to the city that your friend is having a party at his place, free beer and everyone is invited.
please don't be rude. Find a site with bandwidth, post it, and give us a link.
Here, here.
Developers forget just how important it is to be able to maintain code. It is a third the battle (1/3 design, 1/3 dev/coding, 1/3 maintenance). Requirements change, environments change, etc. There are tons of reasons why you have to go back into the code and fix/change it. Not to mention bug fixing. If your code is spaghetti, fixing one bug might introduce 10 others.
In my experience, I have found it in my best interest to write clean code, comment heavily, etc. so that I can _leave_ a project! After I have developed something, I don't want to stick around to maintain it. I want to hand that over to somebody else and get on with developing something new.
The trick to maintenance is structure. Sure you can impose structure on an unstructured language (i.e. code guidelines on top of Perl), but your life will be much easier if you just pick a structured language in the first place. The compiler is a much better guidelines watchdog than a piece of paper that your developers are supposed to read.
To Mozilla Developers:
First, Mozilla is doing well and surprising everyone. The new layout engine is fast and stable, despite the hideous number of standards that need to be supported nowadays just to view a web page.
My nitpick is that on initial load, it is ... well... damned ugly. If you are at the stage where you are looking for a large number of testers, pretty up that interface so that people can stomach using it on a daily basis. Also, people's initial impression of Mozilla will change with a prettier interface. Mozilla is a product in the latter stages of development, more things work than don't work. But to anyone not familiar with the details of the project, loading Mozilla for the first time makes it seem that you have just figured out how to make buttons. Its understandable, but not excusable, for a journalist to "check it out", run it for an hour or so, not be impressed, and write a bad review. They are used to dealing with a commercial software industry where the interface comes first (to wow the journalists, spread the FUD, etc.) and the backend comes later.
Bottom line, make it prettier and you will draw more testers and better press.
My car just hit 85k miles (~135k km). If I was still in the closed auto industry of the 60s and 70s, I would be buying a new one. Instead, thanks to foreign competition, my car is just getting warmed up. (Yes, its even an American car.)
The point is, until the auto industry in the US became a truly free and open market, they produced junk, on purpuse some would say.
The problem with the TV industry (at least in the US) is that it isn't free and open. Its not free because the FCC is regulating the broadcast formats, etc. And its not open: I get one foreign channel (even on my dish), BBC-America, and I think it is a stretch calling that foreign.
As for Microsoft, while they may dominate in Windows land, they are by no means in control of the software industry. They couldn't stop the Internet, although they tried. They haven't been able to stop Java. The move to thinner and thinner PCs is still progressing, despite Microsoft's tugging otherwise. None of this had a damned bit to do with government regulation or inquiry.
I can go on forever! Bottom line, the times the consumer has gotten the shaft is when the producer's market has been protected by the government, either by isolationism or by regulation.
This problem would map into a modern compiler architecture. The compiler architecture has mutltiple front-ends, languages, and multiple back-ends, machine architectures, bound in the middle by an intermediate, but heavily simplified language. The idea is that a front-end parses and type checks the input and then outputs intermediate language. This can then be fed into any back-end built for a particular architecture.
For example, if you have front ends for C and fortran and backends for PPC and i386, then you can compile fortran programs for PPC or i386 and also C programs for PPC or i386. Any combination. Add another backend, say MIPS and with no extra work, C and fortran compiling are possible.
When dealing with natural languages, you would need a front-end and a back-end for each language.
There are a number of catches, here are a few:
Bottom line, of course a universal translator is possible, but until we discover BabbleFish or the brainwave reading equivalent (would reading brainwaves be enough, would all species "think" alike?), there will be plenty of input restrictions. Afterall, somethings just don't translate. Because of these restrictions, it will be infuriating and impractical to use.
Keep watching CompUSA. I'm betting that their price will go up and stay up long after the computer shows go back down. It has always seemed to me that the stores lag a couple weeks (months?) behind when it comes to price changes. The RAM they are selling you was probably bought weeks ago and has finally made its way through their distribution channel to the store.
Interesting point though. An enterprising individual could take advantage of this and make some clean cash.
Good points, but I don't think a government should be fundamentally based on the belief that the people governed aren't smart/literate enough to make good decisions. This gets into the controversy of what defines a person that is able to govern themselves. Everyone has their own definition, as well they should.
I think the representative govn't in the US today has two major problems: 1) representatives aren't really representing people, just money; and 2) citizens aren't motivated to do anything about it. I think the reason for 2) is because all representatives are believed to be corrupt and the only thing citizens can do is vote for one. Hence, caring is futile, people don't vote, and don't take govn't serious.
I say the only real solution is to remove the representatives (as we know them) and give people more to vote on. But, you are right that people don't have enough time to research and vote on all of the issues (local, state, federal).
Instead, allow citizens to choose who represents them more frequently by giving a rep control of your vote. You can take it back any time you like, vote yourself, or move it to another rep. In other words, I and others could give our voting power to rep1. He accumulates 100 votes and for every issue, his vote counts for a 100 people. Later, I decide that I don't like the way rep1 is voting, I move my vote to rep2, but I don't have to wait until the next election. In effect, rep1 answers immediately to something I don't approve of.
The goal here would be to have more reps and to take the money out of it. A person could be a rep, just by publishing their voting record in a public forum and waiting for people that agree. They don't have to campaign.
This isn't perfect, but I think it would be a good replacemnt for the House of Reps. The Senate and Executive and Judical branches would require further thought.
My Starcraft CD has a 600+ meg install.exe that is mostly BS. I think they interspersed real data with junk to use up the rest of the CD.
Why? Well I remember a lot of Warcraft CD images floating around my college and when Starcraft first came out (1.5 years...) CD-Rs were not as common.
This is an announcement of an announcement of a product I doubt is barely in design. The only point of it is to say that big new is coming at the Microprocessor Expo. Even then its going to be vaporware to the nth degree. I doubt that the feature set is even fully hammered out yet.
I think it is closer to the Detriot Auto expo where GM, Ford, etc get together and show off concept cars that will likely not be produced within the next 10 years.
It seems to me that a year ago I was reading how the K6-3 and eventually the K7 would be bring AMD out of the low-end desktop market into the high-end desktop market. They could be *gasp* faster than Intel on the desktop. The K6-3 did that and has been selling well.
Now the line is that the K8 could bring them into the server and multi-processor market. Never quite good enough for the journalists, eh? No one seems to be noting that this company has gone from making 486 clones after the 486 was being fazed out by Intel to creating a chip that was cheaper and faster than Intel's best offering (excluding the Xeon's which are only overpriced Pentium III's with tons of L2 cache).
On top of that, they are selling! AMD beat Intel in retail sales for a quarter! Big guys like Compaq, Gateway, and Intel are selling them in their systems! If you would have told me 2 years ago that AMD would beat Intel in sales and that you could buy one in a Compaq, I would have tried to sell you some nice swamp land in Florida.
As far as AMD bleeding red, look at any company playing catch up or expanding as quickly as AMD and you will always see a trail of red.
You are probably right, staying in or washing your hands won't help much, but I don't think keeping people out of radiation is why the gov't is asking them to stay in.
Nuclear incidents are scary to everyone. People freak out. Its kind of like flying vs. driving. Flying is much safer, but it doesn't seem safer (you hear everytime their is a plane crash) so people freak out in planes and not cars.
So, if I had to keep the public in control, I would give them something to do and let them think they are safe. Telling them to stay in and give them a prescription for helping themselves (washing their hands) help calm them down.
Sure, it isn't entirely forth-coming, but the last hting you need is a riot during a nuclear incident. That would only bring on curfews, patrols, etc. and more people in the danger zone.
To the best of our knowledge, no known exploits exist at this time.
Whoops. I think there's a known exploit now. :-)
Seriously though, a vendor can't be expected to release anything that is bug free, but they are expected to respond quickly to problems and provide what is needed to keep their products running securely. They also can't be expected to install patches for their customers. It wasn't RedHat who dropped the ball here.
I'm speaking from experience. I patched up the mountd exploit (a while back) on all of the servers I was responsible for, but woke one morning to find my workstation hosed up. I had forgotten to patch my own box. Some nice person had "rm -rf /" on my machine.
Nothing left to do except beat my head against a wall and reinstall. I didn't blame RedHat. It was completely my fault.
Does GM/Ford/etc. come to your house and fix your car for you when there is a recall?
It turns out that he was talking about ISDN vs. cable, not DSL, but I think the point still holds.
From The Dilbert Future, by Scott Adams:
Cable companies have what appears to be a huge technical advantage--a big coaxial cable into your house that can carry far more information than a phone line with ISDN service. Most pundits argue that this advantage will be enough for the cable companies to trounce ISDN in the market of the future. This argument misses one important fact:
Cable companies are staffed with people who couldn't get jobs at telephone companies. (p. 45)
Thank you, Scott, for summing it up quite simply.
I still think Scott Adams had it right in one of his Dilbert books:
Telephone companies and DSL will beat out Cable companies and cable modems for one simple reason: All of the people that were too incompenent for even the local telco work at the cable company.
(I will post the exact quote and book when I get home).
I think he is looking for something that combines the disk space into one filesystem. NFS might bring it into one tree, but it would be a bunch of directories. YOu would have to watch how much you used in each directory. One directory will fill and another will have tons of space.
Oh, three years from now... Of course, in the computer world this is an entire generation.
I agree though. In 3 years there will be plenty of companies ready to take on support contracts, even those with 100s of personel involved. Actually, I think there are plenty of companies ready for mid-size contracts, 10 or less dedicated people, today. The problem is that htey haven't been around long enough and proven themselves enough for Big Companies to deal with them.
Now if SUN, or more likely, IBM, starts contracting Linux support...
Big Company: Can RedHat supply 100 people to this one location, without having to wait a year them to be trained? Do they have a long term reputation for reliability? RedHat just IPO'd a couple months ago! How can they be relied upon. They are a babe in the woods compared to SUN.
A lot of companies are scared of OSS for a legitimate reason: They need a vendor to answer for any problems.
First, I don't believe in this, so don't hurt me. I'm just trying to get you into their head so you can understand a non-OSS policy that doesn't need a religious foundation.
For OSS: You can change the code yourself (or audit it) when there are problems without waiting on the vendor.
Big company: Then we have to train people to know the code. And we feel obligated to audit the code to gaurantee some hacker (sic) didn't put a back door into it. Training is expensive.
For OSS: Outsource your OSS support to a third party company. In other words, get a Linux support company to support your linux boxes.
Big company: If they didn't write the software, how can they know it well enough to fix it? Linux support companies are too small to handle our large accounts.
The company I'm currently working at kind of treat their vendors like black boxes. They send money and out pops a product. They aren't equipped (logistically and mentally) to dig into the code. I'm not saying that you have to dig into code to run Linux, but if something happens, a big company is not going to be content sending email to the package maintaner.
The building I work in has more SUN guys (100 or so) crawling around supporting our SUN boxes than RedHat has employees, I think. So, I think the large company mixing with a small company thing is a legitimate argument.
That said, having a strict non-OSS policy is stupid. That just falls into the "don't limit your options" category. My company has a come aways in the last couple years. Perl (gasp!) is being used and I know of a Linux box and someone hacking with MySQL. I see these as cracks in the non-OSS policy and instead of leaving the company, I'm staying to widen these cracks.
hhmmm.... Amazon... sell... FatBrain.com's ticker symbol is... buy buy buy