Yup, that MozQuest article is just plain FUD. Perhaps this guy is trying to get hired by Microsoft PR department, because this article is such beautiful FUD that I don't think MS could do a better job. The way he lies with statistics is beautiful.
I can't help but think that MozillaQuest MUST be a site run by Microsoft. For one thing, the site is butt ugly, to lead people to think 'geez these opensource guys are unprofessional'. Secondly, the naming of the site seems to be such as to try fool people into thinking its associated with Mozilla. Thirdly, its packed with FUD.
I mean, lets be logical about this - why would someone intent on dissing Mozilla create a site that on the surface looks like a Mozilla fan site?
This sort of crap happens every day - I wouldn't be surprised if its just another part of MS's "fake grassroots" spin campaign. Movie companies do this sort of thing every day (create fake "fan" sites to gather "grassroots" support). There are web-design companies that specialise in creating fake "personal" sites, complete with deliberate ugliness and unprofessionalism. I would be VERY surprised if MS did not have such fake sites.
You may fix the worst bugs, but as time goes on more and more bugs are found, and eventually bugs pretty much crop up as you fix them
I guess that depends on your software's structural design. Our older systems where I work used to have such horrible design, that it was nearly impossible to fix or add *anything* without something else breaking. Often, something seemingly totally unrelated to the change would break! It gets to the point where you're afraid to change anything for fear of the repurcussions. We had no version control either.
We've rewritten everything, and we've put a huge amount of effort (and experience) into a decent design, and not only is our software MUCH more robust, but our known "buglists" for version 1 have in the recent past dropped to 0. Yes, zero, we have no known bugs anymore. These are reusable libraries consisting of over 100000 lines of code. We completed "version 1" recently, and the rate at which we currenly find new bugs is maybe three or four a week, so keeping the figure at "0" is now quite easy. It takes a lot of hard work to get there, and a "feature freeze" is a requirement (very difficult when programmers always just want to add "this cool new feature" or "that useful new feature"). Some todo's move over to the "version 2" todo list, and the remaining stuff (bugs and minor design issues) just need to be tackled, one by one.
Could you provide a reference to the IBM study? It sounds fishy to me. It seems to me that bug-list graphs have a lot to do with how well-design the software is, and how disciplined developers are.
Actually, most shoplifters have nervous behaviors that are precursors to the actual shoplifting
Its true. In fact, some of them are damn easy to spot, spotted a few myself. (Hmm.. I wonder if it helps that I used to shoplift when I was a child?)
Anyway, I was wondering about that. A friend of mine has an anxiety disorder, and he has a number of "nervous habits" that I can't help but feel might be mistaken by such a system for shoplifter nervousness. Myself, I sometimes get nervous/paranoid in stores when the guards look at me just because I used to shoplift - even more than ten years later.
I guess its like the problem with airport security - basically, "security guard heuristics" are "stop people who look suspicous". So the long-haired young guy dressed in jeans and sneakers sweating like a pig gets searched, but the calm guy dressed smartly carrying a briefcase doesn't ("must be a businessman").
"But sir or ma'am," the salesman will say, "for about 2/3 of the price, you can have this computer, which is arguably better and faster than the Intel Pentium 4."
"Oh no, we don't want ANYTHING other than Intel," says the mommy or daddy "We KNOW how important reliability is, and we KNOW that the 2 g-H-z (pronounced by letters) is MUCH faster than the A-M-D AthAlon you got there".
I think you're giving Joe Public WAY too much credit. I think the reality is more like:
Joe Public: "I want to buy a computer". Salesman: "Very well, sir, what would you like?" Joe Public: "Uhm, a computer, you know". Salesman: "What sort of computer?" Joe Public (stares blankly for a while..): "Uhm.. a Windows computer?" (watches expression on salesmans face to see if that was the right answer). Salesman: "OK, but what type of system would you like? Intel? AMD?" Joe Public: "Uhm... uh.." Salesman: "Alright, sir, what you want is the Intel system. 2.0 GIGaHERTZ, this baby is the fastest one we have (points to system that has many other crappy components to cut the price)". Joe Public (who recognises that the name "Intel" sounds familiar from some TV ad): "Uhm.. OK.."
Actually, one of the next steps is most likely going to be in the field of gesture/behaviour recognition. Granted, its probably in the region of five to twenty years from actual commercial products, but long-term, I plan to be living on this planet much longer than that. The general idea is that image-processing software will examine the CCTV image, and in real-time attempt to characterize and describe what you are doing. So the software might be able to determine itself with reasonable probability whether or not you are attempting to shoplift. It might characterize "suspicious behaviour", and not unthinkably, "pedophile behaviour". Basically, anything that a human watcher is capable of doing, software is theoretically capable of doing as much at a minimum, and potentially more.
This type of software already exists (I worked with some researchers doing this several years ago), and while it is still somewhat primitive, it won't be for too much longer. In general there seems to be a dearth of long-term thinking here on/. (and in the general populace actually)
The software will almost certainly be able to record facial signatures, one relatively benign use of which would be to identify repeat customers (a real-life cookie), but I'm sure anyone with a bit of imagination could come up with less benign uses. Compare, for example, to the web-tracking techniques in use today - since the majority of banner ads on the web are served by a tiny handul of companies, the use of cookies can be used to "track" web surfer movements, building a database. It would only take a few affiliations between such companies and companies on the web who know your actual identity for them to connect their surfing-habit database to specific individuals. Fast-forward to 2030 - now almost any shop you enter has a CCTV system, and a tiny handful of companies provide this service to all shops. By networking the systems (computer technology will have improved a lot by then), these companies could now track individuals as they moved through various shopping malls. A database of your mall-surfing habits, even your purchasing habits. A few clever affiliations (e.g. with some stores who have "member cards"), and suddenly these companies can associate the facial-signature/mall-surfing database with a specific persons identity. Some more imagination required to extrapolate what might follow from that..
And there will be more in the future as Linux becomes more mainstream
Apache already runs more than half (another survey here) the web servers on the Internet, yet the major worms are still the IIS ones. Roughly 25 to 35 percent of web servers are running Linux, about the same as IIS. So by your reasoning, Linux and/or Apache should already currently be seeing as many Code Red style worms. Yet the IIS worms manage to infect thousands of times more machines.
Even if Linux was used on 80% of desktop systems, we still wouldn't see as many Linux worms/viruses as we do on Windows. Why? Simple, there are just so many more layers of protection built into the OS that make it harder for viruses to spread. We'd see a lot more than we do now, sure, but it will never get anywhere near the levels it has reached on Windows, where literally hundreds of new viruses are created every single day, and viruses with very widespread infections are roughly a weekly occurence now.
I haven't found mine to be slow and unresponsive at all. I don't have too bad a system though, PIII550, 128MB RAM and TNT2. Certainly not cutting edge, but not too ancient either. Perhaps your slowness was some setup issue? Don't get me wrong though, a setup issue is still "Linux's fault", if you could call something that.
Did you try Gnome or KDE? I've found KDE is somewhat ahead in terms of "usability". Actually, its (Mandrake 8) the first Linux distro I've tried where I actually felt like one of the GUI file managers was worth using, up until this one I've always just naturally gone back to the command line (and midnight commander). The KDE file manager is very nice. Nautilus is very "cool" and has potential, but its not on the same usability level. In both of these file managers, there are many ideas that Microsoft can (and I think should) copy. Windows Explorer, as a file manager, is a stinking pile of crap, its by far the worst file manager I've ever used, and in six years they've done almost nothing to improve it. In general, something I've noticed, the majority of gripes I have with any given release of Linux are usually fixed by the next version. E.g. in the past it was annoying to have to root/unmount my Win98 partition and remount it as current user to use it as my normal user logon. This version, no longer necessary.
My major gripe with Mandrake was a somewhat flaky setup. The first time I installed it, I installed nearly every package (why can't they just an "install everything" button?), and after about two hours of installing, the installation was stuffed, there was some low-level networking problem or something which resulted in many things, including X, as well as most parts of setup, just not working. I failed to fix it, so I eventually reinstalled from scratch. Second time round the installation was successful, except that the installation application hung at the very end of installation.
Given the current level of anti-China sentiment/propaganda in the USA, I'd be highly surprised if this worm originated in China, and I would be even more surprised if it turns out that it did not originate in the USA. If it had been written by Chinese, I struggly to imagine that the message would have been "hacked by Chinese". And conversely, if it wasn't hacked by Chinese, I can't imagine another country more likely to try to make China look bad with such a message than the USA. The message sounds a lot to me like something somebody trying to make someone else look bad might write.
Of course, theres no way to know, thats just my own feeling on the matter.
My general feeling also is that CodeRedII is a copycat, but I guess we don't really know.
And, yes, I've run linux on the desktop for months at a time in the past, so I'm not a newbie and I do have a good sense of how usable the system is going to be for me in the long run based upon playing with it for a few hours
I'm sorry, but thats just crap. "A few hours" isn't long enough. You've used it "in the past"? How long ago was that? If it was a year ago or more, then "a few hours" isn't enough, because the system has changed a lot in the past year. You need "a few hours" just to orient yourself. I know - I've been using Linux for seven years, and I needed more than "a few hours" just to figure out where things were etc what shortcut keys were etc when I installed Mandrake 8 the other day. It takes "a few hours" just to start to learn all the shortcut keys for the various apps and WM, and to start to configure the file managers to open the applications that I like for various file types. It sounds more to me like you spent a few hours on it, got frustrated because not all the shortcut keys were the same as in Windows, and gave up. Use it for a week - anything less is simply NOT ENOUGH to make any FAIR judgments on. "A few hours" is not a fair chance by any means.
Something I've learned lately - "not being a newbie" on Linux doesn't mean all that much, specifically if the limit of your patience is only a few hours - Linux systems are changing rapidly, and it takes a bit of time (a few days) to adjust to a new version. This can perhaps ironically be regarded as a shortcoming, because things are not where people expect them to be when they install a new version - with new versions of Windows, normally not that much has changed, so its easy to reorient yourself. If your own personal patience limit for learning things is only "a few hours", don't blame it on Linux, just stick to systems you already know, i.e. Windows.
The geeks will always design for geeks, which is all well and good, but don't go saying that Microsoft products are playing catch up to Linux in ease of use. That's just ridiculous:)
Quite honestly, I've used Mandrake now for
more than just "a few hours", and I've seen a number of clever, user-friendly features that have had me thinking to myself "Microsoft would do good to copy this". Its not so far-fetched at all. Compare how much Linux has changed over the last six years, then compare how much Windows has changed over the last six years - its abundantly clear which one is evolving much more rapidly than the other.
It really is getting to that point. Having installed recent versions of Linux, I can say its true. Every time I install a new version of Linux, I'm astounded by how far its come and how different it is to the version I installed six months before it - I feel like I have to learn a whole lot all over again. Every time I install a new version of Windows, OTOH, I'm astounded by how little has changed in the couple of years that have passed since the last release. From what I've heard about XP, it sounds like MS may be starting to respond to that by actually improving things... that would be pretty neat, the OS industry has stood stagnant for far too long.
I started using Linux in 1995, and installed it on my own PC first in 1996. At that stage, I had to recompile the kernel just to get my Sound Blaster to work! There were some OK windows managers, but "desktop environments" (e.g. Gnome and KDE) did not exist. There was no linuxconf, i.e. no centralised configuration system - everything had to be configured by editing its own text files somewhere in/etc. There were no graphical installs. I remember a year or two after that having to download kernel patches and recompile to get FAT32 support, and I remember having to recompile the kernel to get IP forwarding to work for IP masquerading. Internet dial-up involved editing numerous script/chat files and figuring out pppd parameters. There were no decent game API's like SDL, no decent widget toolkits like Qt/gtk. I find it mindblowing just how rapidly the average Linux distro has evolved in six years. Compare that to Microsoft and you suddenly realise just how stagnant the commercial OS industry has been - in 1995, there was Windows 95. Now there is WindowsME, which has hardly changed. A nicer browser has been integrated into the OS, and has finally become more or less stable. Some more hardware devices are supported, and a few minor eye-candy changes have been added. A few bugs have been fixed, but many obvious bugs that where there in the first release of Win95 are still there. That about sums it up. Microsoft would have us believe that that is six years of development? Of course, there is also Windows 2000, which, while not bad, doesn't represent all that much development either from NT4.
My general feeling for the past year or so was that Linux would catch up to being equivalent (and superior) to Windows sometime toward the second half of 2002. It still seems to be on track to do so. I haven't seen XP, but as I said, it sounds from what I've heard that MS might be realising that they may need to start improving their software again. Thats a good thing. There is no question of course that Linux has been behind in most things (with the exception of networking, I've always preferred the Unix networking model), but its definitely about to catch up.
Highway systems are not meant to turn a profit, they serve public as well as military interest
Thats why it is a good analogy - the communications infrastructure and TCP/IP protocol were never intended for "turning a profit" either, they are merely generic transport mechanisms, like the roads. The best someone can hope for is to make money laying the pipes, like the companies that make money laying the roads. The whole point is precisely that the Internet isn't "meant" to turn a profit - the people who designed the original ARPANET didn't go out to build an infrastructure for making money. Good communications infrastructure in an area should also encourage growth. If I buy a chair and I bring it home in my car, the chair manufacturer doesn't charge me for the transport of the chair on the road - I can (within limits) carry whatever I want on the road, and its nobody's business - the road is just what lies inbetween the two endpoints which are actually the important part of the sale, that is, my home, and the chair manufacturer. Same should apply to the Internet, if I order Duke Nukem 1 from 3DRealms and download it from their site, the fact that the Internet was used for transport of the software is arbitrary and irrelevant, what mattered was what happens at the endpoints, i.e. the transaction between seller and buyer.
There is also a cultural issue involved. When your NT system is down for whatever reason, and you tell your managers, its perfectly OK, thats "normal downtime" that one sort of expects. When your Linux system is down for whatever reason, the managers become very nervous, and its "dammit we knew we shouldn't have let the techies go with Linux". NT downtime is OK, in capital letters, but any Linux downtime whatsoever is purely because Linux was some sort of "terrible choice".
You can be infected by this virus from doing something as simple and benign as opening a word processor document or spreadsheet - without even so much as a warning that the Word document is executing a program. Do some research before posting, you say "from reading the articles" but it looks like you only glanced through the articles yourself. It extracts.exe files to your harddisk, but can infect and be spread by.xls,.doc,.zip and.exe.
This seems to be a fairly high and mighty comment so soon after we were informed via slashdot that linux and the ilk are just as able to support 'virus' (aka trojan in this case) as the other (win*) os's are
"JUST AS ABLE"? Able, yes. Just as able? No way. Current count for virusses on Windows: Over 50000. Current count for virusses on Linux: Can count on my fingers. Current rate of new virus releases for Windows: Hundreds every week: Current rate of new virus releases for Linux: Huh? Does Microsoft fix the lax security in Windows that make viruses so damn easy to write? No. Do Linux developers fix the *security holes* that allow viruses/worms to get through? Yes.
Linux viruses/worms make use of *bugs* and *security holes* in software. Windows viruses/worms don't need to - the software is, by default, insecure (in Windows9X you are always root), and so viruse writers don't need to bother about finding some *bug* to abuse. Has Microsoft attempted to increase the security in Win9X? No.
The fallacy in your argument is using terms that have only a yes/no state (can you write a virus for the platform? yes/no) and attempting to use that answer to push the bogus argument that both platforms are EQUALLY susceptible to viruses, which is something completely else. Something you often see lawyers do to try twist the truth when asking people on the stand questions.
You are incorrect, the virus WILL infect.zip,.exe,.xls and.doc files that are on the users hard disk and forward THOSE documents to others in the address book. This virus has already emailed me a zip file of the source code to someones commercial project!
You are correct. However, you imply that thats the ONLY way a user can get this virus. However, if you happen to have your C drive shared (as many people have for some strange reason), and someone else on the LAN becomes infected, you too will become infected, unknowingly, without even doing anything, as the virus will copy itself to your C:\Recycled directory and add an entry to c:\autoexec.bat to run itself. Thus, you don't have to do ANYTHING to become infected. The SirCam is thus a virus, a worm, and a trojan. (It will also run in the background, it copies itself over rundll32.exe in Windows, making it harder to spot, and rundll is very commonly run on Windows).
Of course, its fine and well to say "only stupid people share their C: drives", but I have three other computers in my office which I've shared the C drives and mapped because I do network programming and it is very convenient that way. NOTE: The shares ARE password protected with a VERY cryptic password, yet this SirCam had no problem with that. Now use your imagination: picture the next version of this virus having Cain-style functionality integrated into it - not only would it be able to find open shares, but fetch passwords out your cache for other password-protected shares, and it might even do brute force cracks, sniff the network for password hashes, grab them off NT servers and crack the lame passwords of EVERYONE on your network, or set itself up to grab password hashes from password-protected shares that you have on your machine. It a matter of if, not when, that someone creates a virus that does this.
This problem MAY be ported to Linux.. however, all of the security mechanisms that Linux uses make it a helluva lot harder for such a virus to spread on Linux. If you have a basic knowledge of how Unix/Linux work, you will understand that. One often hears that argument though from people who know nothing about Linux security and protection mechanisms, you'll often hear them say "so what someone will sooner or later do the same thing on Linux".. when you try explain the layers of protection that have been built in, they just look at you funny, or say "so some clever virus writer will figure out a way around them". Maybe it'll happen, yes. But it may happen once a month or once a year on Linux, because of the protections. With Windows, new viruses like this are released EVERY DAY, and a new one that becomes as widespread as Sircam seems to be an almost weekly occurrence lately. With Windows, its a daily part of the package - people have come to accept viruses on Windows in the same way we all just expect to get a cold every Winter. With Linux, it'll be regarded as something strange, unusual. Thats the difference.
Users want the ability to double-click on executable attachments in order to open them, and email software needs to honor that request to stay competitive
Opening documents via double-click from email is ONE THING. Getting your network infected from opening a WORD PROCESSOR DOCUMENT is ANOTHING THING. Opening and viewing an innocent, benign-looking MSWord document SHOULD NOT allow a user to become infected, and the problem with the "culture" you refer to is the culture that says that that is "normal" and "acceptable". It even happened to me with this Sircam virus - I had an up to date anti-virus guard program running, am clued up technically, and I thought "I'll be safe". I opened a Word document. Thats all I did. There were NO WARNINGS, NO MESSAGES, no indication whatsoever that a program had now installed itself on my PC and was spreading through the network. At the very least, MS Word should warn you before executing any content, but it doesn't. There is no excuse for that, and the fact that Microsoft continues to defend their actions is pathetic. That is the real problem here. I don't even use Outlook, I use Pegasus. I saved the Word document, opened it. Not even a warning that something had been EXECUTED. We're talking about a Word processor document, not an.EXE. If even clued up people make mistakes, I feel sorry for Joe User. What good is having a Word processor if you need to feel afraid to even open a document?
It's my responsibility to take some reasonable precautions
Thats the crux of the issue.. reasonable precautions. Rot13 is NOT by any means a "reasonable" precaution. Rot13 is like "locking" your front gates with a piece of string instead of something slightly more secure like a hefty padlock. Its not a "reasonable" attempt to encrypt the information.
Trying to obscure data by using crap like Rot13 or XOR is like leaving your house gates wide open and putting a sign up saying "please pretty please don't rob me". It is the same thing precisely because no effort has been made in both cases, no effort made to secure the house in the latter case, and no effort made to secure the data in the former case. AFAIK under the DMCA you actually have to make an effort to encrypt something, to show you're serious about it. If rot13 can be considered an effort, then so should just leaving the files plaintext and naming the file "DONT_READ_ME.txt".
Engineers find practical solutions to real-world problems
Thats just it.. checking something simple like that the sockets are compatible is not really a "problem" in that it doesn't present a mental challenge, its more like just some item on a long list that someone must check.. its not a "problem", someone just has to check it, not unlike traditional monkey-work. Engineers (that I know anyway, and I know a lot of engineers) thrive on "sheesh, tricky, how are we going to solve this" type problems. Well, thats my experience with engineers at any rate. I'm not attacking engineers here, and I see your point, personally I think scientists would also do the same.. I think that the supposed differences between "engineers" and "scientists" are greatly exaggerated, in my experience the two types of disciplines amount to very similar things in the real world.
Many people also do not head the warning printed onto the cans, which explicitly states, that you should _not_ ever mix red bull with alcohol, due to the fact, that youw ould be mixing a strong stimulating neuro drug with it as well
I don't know about other countries but where I live RedBull is often marketed in places where you can be sure people will be drinking alcohol, e.g. large neon advertisements inside bars. How stupid is that? Sounds like 'asking for trouble'..
I think engineers tend to sometimes overlook the really simple things.. mentally trained for extremely complex problems, one often forgets to think about the really basic things that are not (in any engineering sense) "problems". Still, it does seem pretty daft.
don't talk confuse the activites of Taliban with the teachings of ISLAM
I'm sure that American Christians wouldn't all like to be labelled Abortion-clinic bombers and doctor murderers either just because of a minority militant organization. People should really learn to form their own opinions on things (and do some of that boring "research" stuff). I'm a little sick of hearing people on/. who have heard of ONE individual case of some atrocity and generalising it to an entire population. When some incident happens in the US (e.g. Rodney King beating) do you just assume that every US policeman would behave like that? No.. so don't over-generalise incidents in other countries you hear about.
Slashdot Mirror
Yup, that MozQuest article is just plain FUD. Perhaps this guy is trying to get hired by Microsoft PR department, because this article is such beautiful FUD that I don't think MS could do a better job. The way he lies with statistics is beautiful.
I can't help but think that MozillaQuest MUST be a site run by Microsoft. For one thing, the site is butt ugly, to lead people to think 'geez these opensource guys are unprofessional'. Secondly, the naming of the site seems to be such as to try fool people into thinking its associated with Mozilla. Thirdly, its packed with FUD.
I mean, lets be logical about this - why would someone intent on dissing Mozilla create a site that on the surface looks like a Mozilla fan site?
This sort of crap happens every day - I wouldn't be surprised if its just another part of MS's "fake grassroots" spin campaign. Movie companies do this sort of thing every day (create fake "fan" sites to gather "grassroots" support). There are web-design companies that specialise in creating fake "personal" sites, complete with deliberate ugliness and unprofessionalism. I would be VERY surprised if MS did not have such fake sites.
You may fix the worst bugs, but as time goes on more and more bugs are found, and eventually bugs pretty much crop up as you fix them
I guess that depends on your software's structural design. Our older systems where I work used to have such horrible design, that it was nearly impossible to fix or add *anything* without something else breaking. Often, something seemingly totally unrelated to the change would break! It gets to the point where you're afraid to change anything for fear of the repurcussions. We had no version control either.
We've rewritten everything, and we've put a huge amount of effort (and experience) into a decent design, and not only is our software MUCH more robust, but our known "buglists" for version 1 have in the recent past dropped to 0. Yes, zero, we have no known bugs anymore. These are reusable libraries consisting of over 100000 lines of code. We completed "version 1" recently, and the rate at which we currenly find new bugs is maybe three or four a week, so keeping the figure at "0" is now quite easy. It takes a lot of hard work to get there, and a "feature freeze" is a requirement (very difficult when programmers always just want to add "this cool new feature" or "that useful new feature"). Some todo's move over to the "version 2" todo list, and the remaining stuff (bugs and minor design issues) just need to be tackled, one by one.
Could you provide a reference to the IBM study? It sounds fishy to me. It seems to me that bug-list graphs have a lot to do with how well-design the software is, and how disciplined developers are.
Actually, most shoplifters have nervous behaviors that are precursors to the actual shoplifting
Its true. In fact, some of them are damn easy to spot, spotted a few myself. (Hmm .. I wonder if it helps that I used to shoplift when I was a child?)
Anyway, I was wondering about that. A friend of mine has an anxiety disorder, and he has a number of "nervous habits" that I can't help but feel might be mistaken by such a system for shoplifter nervousness. Myself, I sometimes get nervous/paranoid in stores when the guards look at me just because I used to shoplift - even more than ten years later.
I guess its like the problem with airport security - basically, "security guard heuristics" are "stop people who look suspicous". So the long-haired young guy dressed in jeans and sneakers sweating like a pig gets searched, but the calm guy dressed smartly carrying a briefcase doesn't ("must be a businessman").
"But sir or ma'am," the salesman will say, "for about 2/3 of the price, you can have this computer, which is arguably better and faster than the Intel Pentium 4." "Oh no, we don't want ANYTHING other than Intel," says the mommy or daddy "We KNOW how important reliability is, and we KNOW that the 2 g-H-z (pronounced by letters) is MUCH faster than the A-M-D AthAlon you got there".
I think you're giving Joe Public WAY too much credit. I think the reality is more like:
Joe Public: "I want to buy a computer". Salesman: "Very well, sir, what would you like?" Joe Public: "Uhm, a computer, you know". Salesman: "What sort of computer?" Joe Public (stares blankly for a while ..): "Uhm .. a Windows computer?" (watches expression on salesmans face to see if that was the right answer). Salesman: "OK, but what type of system would you like? Intel? AMD?" Joe Public: "Uhm ... uh .." Salesman: "Alright, sir, what you want is the Intel system. 2.0 GIGaHERTZ, this baby is the fastest one we have (points to system that has many other crappy components to cut the price)". Joe Public (who recognises that the name "Intel" sounds familiar from some TV ad): "Uhm .. OK .."
Next it might be any shoplifters
Actually, one of the next steps is most likely going to be in the field of gesture/behaviour recognition. Granted, its probably in the region of five to twenty years from actual commercial products, but long-term, I plan to be living on this planet much longer than that. The general idea is that image-processing software will examine the CCTV image, and in real-time attempt to characterize and describe what you are doing. So the software might be able to determine itself with reasonable probability whether or not you are attempting to shoplift. It might characterize "suspicious behaviour", and not unthinkably, "pedophile behaviour". Basically, anything that a human watcher is capable of doing, software is theoretically capable of doing as much at a minimum, and potentially more.
This type of software already exists (I worked with some researchers doing this several years ago), and while it is still somewhat primitive, it won't be for too much longer. In general there seems to be a dearth of long-term thinking here on /. (and in the general populace actually)
The software will almost certainly be able to record facial signatures, one relatively benign use of which would be to identify repeat customers (a real-life cookie), but I'm sure anyone with a bit of imagination could come up with less benign uses. Compare, for example, to the web-tracking techniques in use today - since the majority of banner ads on the web are served by a tiny handul of companies, the use of cookies can be used to "track" web surfer movements, building a database. It would only take a few affiliations between such companies and companies on the web who know your actual identity for them to connect their surfing-habit database to specific individuals. Fast-forward to 2030 - now almost any shop you enter has a CCTV system, and a tiny handful of companies provide this service to all shops. By networking the systems (computer technology will have improved a lot by then), these companies could now track individuals as they moved through various shopping malls. A database of your mall-surfing habits, even your purchasing habits. A few clever affiliations (e.g. with some stores who have "member cards"), and suddenly these companies can associate the facial-signature/mall-surfing database with a specific persons identity. Some more imagination required to extrapolate what might follow from that ..
publishers and authors, who have bills to pay, can't get the money they should be
Huh?? Publishers and authors are doing just fine, what are you referring to? The amount of "book piracy" is insignificant.
Here are some more stats, although two years old now, Linux was at 31.3% and had the highest growth rate of all systems on that survey.
And there will be more in the future as Linux becomes more mainstream
Apache already runs more than half (another survey here) the web servers on the Internet, yet the major worms are still the IIS ones. Roughly 25 to 35 percent of web servers are running Linux, about the same as IIS. So by your reasoning, Linux and/or Apache should already currently be seeing as many Code Red style worms. Yet the IIS worms manage to infect thousands of times more machines.
Even if Linux was used on 80% of desktop systems, we still wouldn't see as many Linux worms/viruses as we do on Windows. Why? Simple, there are just so many more layers of protection built into the OS that make it harder for viruses to spread. We'd see a lot more than we do now, sure, but it will never get anywhere near the levels it has reached on Windows, where literally hundreds of new viruses are created every single day, and viruses with very widespread infections are roughly a weekly occurence now.
I haven't found mine to be slow and unresponsive at all. I don't have too bad a system though, PIII550, 128MB RAM and TNT2. Certainly not cutting edge, but not too ancient either. Perhaps your slowness was some setup issue? Don't get me wrong though, a setup issue is still "Linux's fault", if you could call something that.
Did you try Gnome or KDE? I've found KDE is somewhat ahead in terms of "usability". Actually, its (Mandrake 8) the first Linux distro I've tried where I actually felt like one of the GUI file managers was worth using, up until this one I've always just naturally gone back to the command line (and midnight commander). The KDE file manager is very nice. Nautilus is very "cool" and has potential, but its not on the same usability level. In both of these file managers, there are many ideas that Microsoft can (and I think should) copy. Windows Explorer, as a file manager, is a stinking pile of crap, its by far the worst file manager I've ever used, and in six years they've done almost nothing to improve it. In general, something I've noticed, the majority of gripes I have with any given release of Linux are usually fixed by the next version. E.g. in the past it was annoying to have to root/unmount my Win98 partition and remount it as current user to use it as my normal user logon. This version, no longer necessary.
My major gripe with Mandrake was a somewhat flaky setup. The first time I installed it, I installed nearly every package (why can't they just an "install everything" button?), and after about two hours of installing, the installation was stuffed, there was some low-level networking problem or something which resulted in many things, including X, as well as most parts of setup, just not working. I failed to fix it, so I eventually reinstalled from scratch. Second time round the installation was successful, except that the installation application hung at the very end of installation.
Given the current level of anti-China sentiment/propaganda in the USA, I'd be highly surprised if this worm originated in China, and I would be even more surprised if it turns out that it did not originate in the USA. If it had been written by Chinese, I struggly to imagine that the message would have been "hacked by Chinese". And conversely, if it wasn't hacked by Chinese, I can't imagine another country more likely to try to make China look bad with such a message than the USA. The message sounds a lot to me like something somebody trying to make someone else look bad might write.
Of course, theres no way to know, thats just my own feeling on the matter.
My general feeling also is that CodeRedII is a copycat, but I guess we don't really know.
And, yes, I've run linux on the desktop for months at a time in the past, so I'm not a newbie and I do have a good sense of how usable the system is going to be for me in the long run based upon playing with it for a few hours
I'm sorry, but thats just crap. "A few hours" isn't long enough. You've used it "in the past"? How long ago was that? If it was a year ago or more, then "a few hours" isn't enough, because the system has changed a lot in the past year. You need "a few hours" just to orient yourself. I know - I've been using Linux for seven years, and I needed more than "a few hours" just to figure out where things were etc what shortcut keys were etc when I installed Mandrake 8 the other day. It takes "a few hours" just to start to learn all the shortcut keys for the various apps and WM, and to start to configure the file managers to open the applications that I like for various file types. It sounds more to me like you spent a few hours on it, got frustrated because not all the shortcut keys were the same as in Windows, and gave up. Use it for a week - anything less is simply NOT ENOUGH to make any FAIR judgments on. "A few hours" is not a fair chance by any means.
Something I've learned lately - "not being a newbie" on Linux doesn't mean all that much, specifically if the limit of your patience is only a few hours - Linux systems are changing rapidly, and it takes a bit of time (a few days) to adjust to a new version. This can perhaps ironically be regarded as a shortcoming, because things are not where people expect them to be when they install a new version - with new versions of Windows, normally not that much has changed, so its easy to reorient yourself. If your own personal patience limit for learning things is only "a few hours", don't blame it on Linux, just stick to systems you already know, i.e. Windows.
The geeks will always design for geeks, which is all well and good, but don't go saying that Microsoft products are playing catch up to Linux in ease of use. That's just ridiculous :)
Quite honestly, I've used Mandrake now for more than just "a few hours", and I've seen a number of clever, user-friendly features that have had me thinking to myself "Microsoft would do good to copy this". Its not so far-fetched at all. Compare how much Linux has changed over the last six years, then compare how much Windows has changed over the last six years - its abundantly clear which one is evolving much more rapidly than the other.
It really is getting to that point. Having installed recent versions of Linux, I can say its true. Every time I install a new version of Linux, I'm astounded by how far its come and how different it is to the version I installed six months before it - I feel like I have to learn a whole lot all over again. Every time I install a new version of Windows, OTOH, I'm astounded by how little has changed in the couple of years that have passed since the last release. From what I've heard about XP, it sounds like MS may be starting to respond to that by actually improving things... that would be pretty neat, the OS industry has stood stagnant for far too long.
I started using Linux in 1995, and installed it on my own PC first in 1996. At that stage, I had to recompile the kernel just to get my Sound Blaster to work! There were some OK windows managers, but "desktop environments" (e.g. Gnome and KDE) did not exist. There was no linuxconf, i.e. no centralised configuration system - everything had to be configured by editing its own text files somewhere in /etc. There were no graphical installs. I remember a year or two after that having to download kernel patches and recompile to get FAT32 support, and I remember having to recompile the kernel to get IP forwarding to work for IP masquerading. Internet dial-up involved editing numerous script/chat files and figuring out pppd parameters. There were no decent game API's like SDL, no decent widget toolkits like Qt/gtk. I find it mindblowing just how rapidly the average Linux distro has evolved in six years. Compare that to Microsoft and you suddenly realise just how stagnant the commercial OS industry has been - in 1995, there was Windows 95. Now there is WindowsME, which has hardly changed. A nicer browser has been integrated into the OS, and has finally become more or less stable. Some more hardware devices are supported, and a few minor eye-candy changes have been added. A few bugs have been fixed, but many obvious bugs that where there in the first release of Win95 are still there. That about sums it up. Microsoft would have us believe that that is six years of development? Of course, there is also Windows 2000, which, while not bad, doesn't represent all that much development either from NT4.
My general feeling for the past year or so was that Linux would catch up to being equivalent (and superior) to Windows sometime toward the second half of 2002. It still seems to be on track to do so. I haven't seen XP, but as I said, it sounds from what I've heard that MS might be realising that they may need to start improving their software again. Thats a good thing. There is no question of course that Linux has been behind in most things (with the exception of networking, I've always preferred the Unix networking model), but its definitely about to catch up.
Highway systems are not meant to turn a profit, they serve public as well as military interest
Thats why it is a good analogy - the communications infrastructure and TCP/IP protocol were never intended for "turning a profit" either, they are merely generic transport mechanisms, like the roads. The best someone can hope for is to make money laying the pipes, like the companies that make money laying the roads. The whole point is precisely that the Internet isn't "meant" to turn a profit - the people who designed the original ARPANET didn't go out to build an infrastructure for making money. Good communications infrastructure in an area should also encourage growth. If I buy a chair and I bring it home in my car, the chair manufacturer doesn't charge me for the transport of the chair on the road - I can (within limits) carry whatever I want on the road, and its nobody's business - the road is just what lies inbetween the two endpoints which are actually the important part of the sale, that is, my home, and the chair manufacturer. Same should apply to the Internet, if I order Duke Nukem 1 from 3DRealms and download it from their site, the fact that the Internet was used for transport of the software is arbitrary and irrelevant, what mattered was what happens at the endpoints, i.e. the transaction between seller and buyer.
There is also a cultural issue involved. When your NT system is down for whatever reason, and you tell your managers, its perfectly OK, thats "normal downtime" that one sort of expects. When your Linux system is down for whatever reason, the managers become very nervous, and its "dammit we knew we shouldn't have let the techies go with Linux". NT downtime is OK, in capital letters, but any Linux downtime whatsoever is purely because Linux was some sort of "terrible choice".
It sucks, but thats how people think.
You can be infected by this virus from doing something as simple and benign as opening a word processor document or spreadsheet - without even so much as a warning that the Word document is executing a program. Do some research before posting, you say "from reading the articles" but it looks like you only glanced through the articles yourself. It extracts .exe files to your harddisk, but can infect and be spread by .xls, .doc, .zip and .exe.
This seems to be a fairly high and mighty comment so soon after we were informed via slashdot that linux and the ilk are just as able to support 'virus' (aka trojan in this case) as the other (win*) os's are
"JUST AS ABLE"? Able, yes. Just as able? No way. Current count for virusses on Windows: Over 50000. Current count for virusses on Linux: Can count on my fingers. Current rate of new virus releases for Windows: Hundreds every week: Current rate of new virus releases for Linux: Huh? Does Microsoft fix the lax security in Windows that make viruses so damn easy to write? No. Do Linux developers fix the *security holes* that allow viruses/worms to get through? Yes.
Linux viruses/worms make use of *bugs* and *security holes* in software. Windows viruses/worms don't need to - the software is, by default, insecure (in Windows9X you are always root), and so viruse writers don't need to bother about finding some *bug* to abuse. Has Microsoft attempted to increase the security in Win9X? No.
The fallacy in your argument is using terms that have only a yes/no state (can you write a virus for the platform? yes/no) and attempting to use that answer to push the bogus argument that both platforms are EQUALLY susceptible to viruses, which is something completely else. Something you often see lawyers do to try twist the truth when asking people on the stand questions.
You are incorrect, the virus WILL infect .zip, .exe, .xls and .doc files that are on the users hard disk and forward THOSE documents to others in the address book. This virus has already emailed me a zip file of the source code to someones commercial project!
You are correct. However, you imply that thats the ONLY way a user can get this virus. However, if you happen to have your C drive shared (as many people have for some strange reason), and someone else on the LAN becomes infected, you too will become infected, unknowingly, without even doing anything, as the virus will copy itself to your C:\Recycled directory and add an entry to c:\autoexec.bat to run itself. Thus, you don't have to do ANYTHING to become infected. The SirCam is thus a virus, a worm, and a trojan. (It will also run in the background, it copies itself over rundll32.exe in Windows, making it harder to spot, and rundll is very commonly run on Windows).
.. however, all of the security mechanisms that Linux uses make it a helluva lot harder for such a virus to spread on Linux. If you have a basic knowledge of how Unix/Linux work, you will understand that. One often hears that argument though from people who know nothing about Linux security and protection mechanisms, you'll often hear them say "so what someone will sooner or later do the same thing on Linux" .. when you try explain the layers of protection that have been built in, they just look at you funny, or say "so some clever virus writer will figure out a way around them". Maybe it'll happen, yes. But it may happen once a month or once a year on Linux, because of the protections. With Windows, new viruses like this are released EVERY DAY, and a new one that becomes as widespread as Sircam seems to be an almost weekly occurrence lately. With Windows, its a daily part of the package - people have come to accept viruses on Windows in the same way we all just expect to get a cold every Winter. With Linux, it'll be regarded as something strange, unusual. Thats the difference.
Of course, its fine and well to say "only stupid people share their C: drives", but I have three other computers in my office which I've shared the C drives and mapped because I do network programming and it is very convenient that way. NOTE: The shares ARE password protected with a VERY cryptic password, yet this SirCam had no problem with that. Now use your imagination: picture the next version of this virus having Cain-style functionality integrated into it - not only would it be able to find open shares, but fetch passwords out your cache for other password-protected shares, and it might even do brute force cracks, sniff the network for password hashes, grab them off NT servers and crack the lame passwords of EVERYONE on your network, or set itself up to grab password hashes from password-protected shares that you have on your machine. It a matter of if, not when, that someone creates a virus that does this.
This problem MAY be ported to Linux
Users want the ability to double-click on executable attachments in order to open them, and email software needs to honor that request to stay competitive
Opening documents via double-click from email is ONE THING. Getting your network infected from opening a WORD PROCESSOR DOCUMENT is ANOTHING THING. Opening and viewing an innocent, benign-looking MSWord document SHOULD NOT allow a user to become infected, and the problem with the "culture" you refer to is the culture that says that that is "normal" and "acceptable". It even happened to me with this Sircam virus - I had an up to date anti-virus guard program running, am clued up technically, and I thought "I'll be safe". I opened a Word document. Thats all I did. There were NO WARNINGS, NO MESSAGES, no indication whatsoever that a program had now installed itself on my PC and was spreading through the network. At the very least, MS Word should warn you before executing any content, but it doesn't. There is no excuse for that, and the fact that Microsoft continues to defend their actions is pathetic. That is the real problem here. I don't even use Outlook, I use Pegasus. I saved the Word document, opened it. Not even a warning that something had been EXECUTED. We're talking about a Word processor document, not an .EXE. If even clued up people make mistakes, I feel sorry for Joe User. What good is having a Word processor if you need to feel afraid to even open a document?
Along similar vein, who can we write to at Adobe to indicate, uh, displeasure at the terrible way they're handling this?
It's my responsibility to take some reasonable precautions
Thats the crux of the issue .. reasonable precautions. Rot13 is NOT by any means a "reasonable" precaution. Rot13 is like "locking" your front gates with a piece of string instead of something slightly more secure like a hefty padlock. Its not a "reasonable" attempt to encrypt the information.
Trying to obscure data by using crap like Rot13 or XOR is like leaving your house gates wide open and putting a sign up saying "please pretty please don't rob me". It is the same thing precisely because no effort has been made in both cases, no effort made to secure the house in the latter case, and no effort made to secure the data in the former case. AFAIK under the DMCA you actually have to make an effort to encrypt something, to show you're serious about it. If rot13 can be considered an effort, then so should just leaving the files plaintext and naming the file "DONT_READ_ME.txt".
Engineers find practical solutions to real-world problems
Thats just it .. checking something simple like that the sockets are compatible is not really a "problem" in that it doesn't present a mental challenge, its more like just some item on a long list that someone must check .. its not a "problem", someone just has to check it, not unlike traditional monkey-work. Engineers (that I know anyway, and I know a lot of engineers) thrive on "sheesh, tricky, how are we going to solve this" type problems. Well, thats my experience with engineers at any rate. I'm not attacking engineers here, and I see your point, personally I think scientists would also do the same .. I think that the supposed differences between "engineers" and "scientists" are greatly exaggerated, in my experience the two types of disciplines amount to very similar things in the real world.
Many people also do not head the warning printed onto the cans, which explicitly states, that you should _not_ ever mix red bull with alcohol, due to the fact, that youw ould be mixing a strong stimulating neuro drug with it as well
I don't know about other countries but where I live RedBull is often marketed in places where you can be sure people will be drinking alcohol, e.g. large neon advertisements inside bars. How stupid is that? Sounds like 'asking for trouble' ..
I think engineers tend to sometimes overlook the really simple things .. mentally trained for extremely complex problems, one often forgets to think about the really basic things that are not (in any engineering sense) "problems". Still, it does seem pretty daft.
don't talk confuse the activites of Taliban with the teachings of ISLAM
I'm sure that American Christians wouldn't all like to be labelled Abortion-clinic bombers and doctor murderers either just because of a minority militant organization. People should really learn to form their own opinions on things (and do some of that boring "research" stuff). I'm a little sick of hearing people on /. who have heard of ONE individual case of some atrocity and generalising it to an entire population. When some incident happens in the US (e.g. Rodney King beating) do you just assume that every US policeman would behave like that? No .. so don't over-generalise incidents in other countries you hear about.