I just read Ferguson's position paper you linked. This guy knows more about the U.S. constitution and what makes DMCA unconstitutional than anyone in my extended family (all U.S. citizens).
So now you have a bunch of viruses, and counter-viruses roaming the net. This is not so bad until you have self-mutating viruses and antigens, several generations down the line. Eventually chaos theory will dictate that the nature of the relationship has become so complex as to be unknowable. This is a pandoras box we don't want to open.
Bullshit. It's absolutely a box we want to open. Go read a book on artificial life. Just because you don't understand something doesn't mean it's dangerous to you.
People fear what they don't know, which is why alife gets such bad treatment in low-brow popular entertainment.
Why is it on a daily basis we have another example of a law that is silly, then someone explaining that of course the law is silly, but we have to work with it, even though it's silly?
This must be obvious, since everyone and their mother knows the answer but me, but why is pr0n bad? What is wrong with seeing people having sex with each other? What is wrong with seeing naked people?
And why, as a matter of comparison, is seeing someone disemboweled, shot, beheaded, or impaled on the big screen less objectionable?
The man has already been arrested. He's already been put into jail. DMCA has already been passed into law.
Protests need to continue, if for nothing else, to educate the public.
Why are we cancelling protests? Is Dimitry now out of jail, and has Adobe published a public apology on MSNBC, CNET, and traditional media outlets? No, I didn't think so.
No luck. It appears to be a bug in photo.net, not a bug in Mozilla. It's tough to decide who's most likely to blame when it's down to a quality open-source browser and a quality open-source service.
If it was Microsoft's site, I'd simply say "damn ASP" and move on.
As for the https bug, it appears to've been vanquished. Wamu.com online banking works. CSFBDirect's site is broken, so I can't test there.
But by all means, use Mozilla! Password manager, better rendering, no need to force document fonts (view/zoom is a godsend on 1600x1200) etc etc etc make it well worthwhile for the 90% of the time you don't have to use Netscape anymore.
I'm almost exclusively using Mozilla for web browsing now. Great!
The bug that really bothers me? Go to photo.net, click some image, and choose "large" image size to view. 99% of the time, it causes all my Mozilla windows to close. Bye-bye!
Then I guess I could complain about how 50% of the sites I go to, when entering SSL mode, never work. I gotta use Netscape.
I'm downloading 0.9.1 now. I'll tell you if things start working.
--
Re:Consider the limitations
on
PS2 As PC
·
· Score: 1
Yes, and this 'applications leak bitmapped memory which gets charged to X' behaviour is exactly what you observer with GTK (GNOME, in general).
I have a 296MB workstation which, after some days or weeks of using X, will slowly charge more and more memory to X. Eventually eating up 100MB or more of memory.
To clear it, I have to restart X.
It's a bit better than windows. I only have to 'reboot' (ie: restart X) every week or two, instead of daily.
The problem with Linux for Sparc is there is no need.
Solaris is quite suitable.
Most people when they talk about wanting Linux for X really mean they want GNU for X anyway. You want that nifty colour ls, every command overloaded with useful features ('tar -zcvf' anyone?). Where I work, we put about 50 useful GNU utilities like BASH on our Solaris boxes, and to tell the truth, I don't miss Linux one bit.
Download GNU for Solaris and be content. Linux 2.4 doesn't even have proper disk accounting anyway and Linus et al don't appear to care.
Try typing "iostat" "vmstat" and "sar" on your Linux box to figure out why Oracle is going so slow. Yeh, I thought so. Install Solaris on your SPARC until Linux catches up.
Choice is not good, it is the main reason application developers are not targeting linux very
often. They don't know what wm/desktop environment to target. Target gnome -> unhappy
kde users, target kde -> unhappy gnome users, target motif -> crappy looking application.
Well, yeah, except you're wrong.
Code an app as GNOME, and KDE manages to use it just fine (I can drag 'n' drop between GNOME file manager and KDE editors, for example).
KDE even somehow managed to colour my GNOME apps to match the colourscheme I chose.
The reason Linux is not being targetted is, well, I don't know. I'd guess most developers are very shallow and haven't actually tried any of this. Interoperability between KDE and GNOME really works.
Now as far as Motif, duh. Of course you don't want to code your app with that 20's vintage widget-set.
I'm amazed at the number of ignorant posts here about how Greenspun and the ArsDigita that was his were just another greedy duo out there to make a profit. Greenspun and his company were far more.
As someone who worked through the boot camp they offered, and actually spent a few weeks researching him and his company, I can say without question that Greenspun is a good man and ArsDigita under his control was a benevolent institution. He went that extra mile to make sure everyone could benefit from his work.
He is one of the true internet and software pioneers, one that didn't just lay a groundwork and then put a fence around it and tell everyone to fsck off. He didn't play low tricks with patents and copyright and trade secrets.
He laid the groundwork, then told everyone they were allowed to build on it, too. Then he gave them plans. Then he gave them forums to discuss it.
He put his awesome photo gallery online in higher quality than anywhere else on the internet. Then he said you couldn't buy his prints, only give to charity and he'd send you the print free.
You who are badmouthing this man...? I can't believe you're so low.
Zoom into an image in photoshop, select a square capture to clipboard, paste into new image. If
I can do that with a few gestures rather than 8 different menu commands, I will have sped up
my image processing dramatically without having to write a complex script or plugin to do it
for me.
What are you talking about? I can execute 8 menu commands in the time it takes you to find your mouse, let alone grab it and waggle it around in a complex dance.
A good GUI (that is, one that can be navigated solely with the keyboard) accomplishes this:
Allow the user to work with the tool even without familiarity
Once familiarity is gained, to work with the tool with lightning-fast speed.
A mouse-only GUI gives you the former, but not the latter. A keyboard-only GUI (or CLI) gives you the latter, but not the former. A proper GUI gives you both keyboard and mouse navigation, and accomplishes both goals.
You may be faster with your gesture-recognizing GUI than your icon-clicking brethren, but you'll always, ALWAYS be ten steps behind me with my keyboard. Especially if keyboard chording becomes commonplace.
The misconception of the mouse being better than the keyboard is compounded by the fact that for some tasks, it really is.
For example, anything that requires spacial manipulation, like drawing, graphical manipulation, or gameplaying can generally be implemented more efficiently with a pointer device such as a mouse.
On the other hand, any series of discreet tasks, like scrolling an increment, selecting a function, closing a window, picking a desktop, etc are more efficient with the keyboard.
While you're clutching at the mouse, finding the cursor on your screen, then navigating to the close button, I've already hit Ctrl-W and done eighteen other tasks. (Alt-F4 for Windows, Alt-W for Netscape/Linux, whatever your example of choice is)
I only shake my head at this innovation because, as great as it is for the mouse-only users of the world, it means that those of us proficient on the keyboard will only be left further on the fringes. Microsoft is the only company so far that seems to consistently design GUIs right (try unplugging a mouse from a Microsoft system and notice that you almost literally can do everything you need to do, after the reboot).
Where are the 31337 hackers that have stopped an
evil mastermind hacker from bring down greenpeace and killing all the whales for his
huge whale oil bomb to be set off at the polls?
You give your own example at the end of your message. Alan Cox. Richard Stallman. Eric Raymond. Linus Torvalds. These are off the top of my head. Twenty minutes of research, and I'll give you a thousand more names.
If users fail to read the advisory, I don't to see how this is Microsoft's fault. The original
security whole was undoubtedly stupid; let us concentrate on that rather than this non-issue.
Misinformation is hardly a non-issue. If I attempt to install a patch, and the patch tells me it's not needed, then it's one of two things:
(a) Right. Why should I go looking for reasons why the patch message is wrong? Sounds to me like if the patch says it's unnecessary that it's unnecessary, but maybe that's because I'm a moron.
(b) Wrong. If it's wrong, why should I then trust Microsoft (or any other company's) documentation? When I see a glaring error in one part of a product, I immediately assume I can't trust anything from any other part of that documentation which means I'm wasting my time reading any single other piece of information from that entity.
Any message ever displayed to the user had better be right, and 20 minutes of ensuring its correctness before coding it will save every individual hours upon reading it.
Unix's security model isn't broken, honest. You're really supposed to need to use different
computers for functions that could be implemented on one box if a compromise of one service
didn't open the box as wide a the grand canyon. What a load of crap. That's a kludge, plain
and simple; a small site shouldn't need to run three boxes to get security when the computing
power of one of them is enough to handle all three tasks.
I've never seen a company that was small enough to run all their applications on one box that had the skill to manage a truly secure operating system.
Every place I've worked in my professional career required many boxes of horsepower. My current employer has literally hundreds of computers.
If you insist that you cannot break out a complex system into multiple boxes, but it must reside on a single box with shared resources, then yeh, Unix has a broken security paradigm. So what? I've never seen it.
Until we get boxes ~10,000x more powerful than what we've got today, I don't see Unix' security paradigm causing me any big problems in creating a secure system.
Well, that just shows that there's more to security than you realize. OpenBSD may be more
secure than other typical Unix-type systems because of its code auditing, it still has all of the
architectural problems that Unix suffers from in general- basically that a single broken SUID
program compromises the whole system.
Perhaps this just shows there's more to security than you realise.
A root compromise on my web server doesn't do anything for getting sysAdmin access on my database server. It also doesn't give you anything more than normal httpd access on my middleware servers.
In a properly configured system there is more than just a single computer. There are many computers communicating with each other with monitoring, auditing, and separation of tasks.
Although making a root compromise on my web server might allow you to find the password to utilise certain services on my middleware server, a properly-designed system will be resistant to this, and certainly will be noticed by experience systems administrators.
Unix has no flawed design. It does exactly what it's supposed to do: provide a multi-user medium-security environment that is 99% internally consistent, robust, and useful.
NT is on the completely insecure but extremely easy to work with spectrum, and the secure systems the NSA wants are on the other end of the spectrum. For e-commerce, Unix provides the good middle ground, recognising that a site is made up of many operating systems, software components, computers, and network protocols.
As a database administrator having used Microsoft SQL Server, Sybase (ASE), and Oracle extensively, I think I have something to add to this discussion:
Don't use MySQL or Microsoft SQL Server. Use Sybase ASE 11.0.3.3. It's 100% license-free for use on Linux, both in development and production databases. It's solid, it's fast, and it's good.
Use SybPerl from Michael Peppler, use SQSH from Scott Gray for your DBA tasks.
Use whatever client you want, Access or otherwise. Sybase is a fairly significant industry standard RDBMS, and most everything connects to it.
To see an entire product built on open source components, try http://www.activespace.com. The backend is Sybase, the frontend Mason.
Slashdot Mirror
Oh, lordy, this is pathetic.
I just read Ferguson's position paper you linked. This guy knows more about the U.S. constitution and what makes DMCA unconstitutional than anyone in my extended family (all U.S. citizens).
U.S. education is highly broken.
Bullshit. It's absolutely a box we want to open. Go read a book on artificial life. Just because you don't understand something doesn't mean it's dangerous to you.
People fear what they don't know, which is why alife gets such bad treatment in low-brow popular entertainment.
The problem is simply this:
The law system changes slowly for the majority without money.
The law system changes quickly for the minority that have a lot of money.
The system is quite skewed in the favour of the minority that has money. This will not change unless the system is fundamentally altered.
Cmdrtaco says he'll pass judgement until after he sees it.
I assure you, taco, that's not all you'll pass after you see it.
Let the lameness commence.
Why is it on a daily basis we have another example of a law that is silly, then someone explaining that of course the law is silly, but we have to work with it, even though it's silly?
Can't we just have sane laws?
I'm such a naive idealist.
--
This must be obvious, since everyone and their mother knows the answer but me, but why is pr0n bad? What is wrong with seeing people having sex with each other? What is wrong with seeing naked people?
And why, as a matter of comparison, is seeing someone disemboweled, shot, beheaded, or impaled on the big screen less objectionable?
--
The man has already been arrested. He's already been put into jail. DMCA has already been passed into law.
Protests need to continue, if for nothing else, to educate the public.
Why are we cancelling protests? Is Dimitry now out of jail, and has Adobe published a public apology on MSNBC, CNET, and traditional media outlets? No, I didn't think so.
--
If it was Microsoft's site, I'd simply say "damn ASP" and move on.
As for the https bug, it appears to've been vanquished. Wamu.com online banking works. CSFBDirect's site is broken, so I can't test there.
But by all means, use Mozilla! Password manager, better rendering, no need to force document fonts (view/zoom is a godsend on 1600x1200) etc etc etc make it well worthwhile for the 90% of the time you don't have to use Netscape anymore.
--
I'm almost exclusively using Mozilla for web browsing now. Great!
The bug that really bothers me? Go to photo.net, click some image, and choose "large" image size to view. 99% of the time, it causes all my Mozilla windows to close. Bye-bye!
Then I guess I could complain about how 50% of the sites I go to, when entering SSL mode, never work. I gotta use Netscape.
I'm downloading 0.9.1 now. I'll tell you if things start working.
--
Yes, and this 'applications leak bitmapped memory which gets charged to X' behaviour is exactly what you observer with GTK (GNOME, in general).
I have a 296MB workstation which, after some days or weeks of using X, will slowly charge more and more memory to X. Eventually eating up 100MB or more of memory.
To clear it, I have to restart X.
It's a bit better than windows. I only have to 'reboot' (ie: restart X) every week or two, instead of daily.
--
Who was the idiot that modded this down to -1??? I love the comment about unnatural things. That's pretty right-on with the uptight crowd.
--
Cryptogram March 2001 has an article about it, for example.
--
Solaris is quite suitable.
Most people when they talk about wanting Linux for X really mean they want GNU for X anyway. You want that nifty colour ls, every command overloaded with useful features ('tar -zcvf' anyone?). Where I work, we put about 50 useful GNU utilities like BASH on our Solaris boxes, and to tell the truth, I don't miss Linux one bit.
Download GNU for Solaris and be content. Linux 2.4 doesn't even have proper disk accounting anyway and Linus et al don't appear to care.
Try typing "iostat" "vmstat" and "sar" on your Linux box to figure out why Oracle is going so slow. Yeh, I thought so. Install Solaris on your SPARC until Linux catches up.
--
Code an app as GNOME, and KDE manages to use it just fine (I can drag 'n' drop between GNOME file manager and KDE editors, for example).
KDE even somehow managed to colour my GNOME apps to match the colourscheme I chose.
The reason Linux is not being targetted is, well, I don't know. I'd guess most developers are very shallow and haven't actually tried any of this. Interoperability between KDE and GNOME really works.
Now as far as Motif, duh. Of course you don't want to code your app with that 20's vintage widget-set.
--
As someone who worked through the boot camp they offered, and actually spent a few weeks researching him and his company, I can say without question that Greenspun is a good man and ArsDigita under his control was a benevolent institution. He went that extra mile to make sure everyone could benefit from his work.
He is one of the true internet and software pioneers, one that didn't just lay a groundwork and then put a fence around it and tell everyone to fsck off. He didn't play low tricks with patents and copyright and trade secrets.
He laid the groundwork, then told everyone they were allowed to build on it, too. Then he gave them plans. Then he gave them forums to discuss it.
He put his awesome photo gallery online in higher quality than anywhere else on the internet. Then he said you couldn't buy his prints, only give to charity and he'd send you the print free.
You who are badmouthing this man...? I can't believe you're so low.
--
The War on Drugs of the United States is identical to the War on Terrorist's in Terry Gilliam's movie: Brazil.
--
A good GUI (that is, one that can be navigated solely with the keyboard) accomplishes this:
- Allow the user to work with the tool even without familiarity
- Once familiarity is gained, to work with the tool with lightning-fast speed.
A mouse-only GUI gives you the former, but not the latter. A keyboard-only GUI (or CLI) gives you the latter, but not the former. A proper GUI gives you both keyboard and mouse navigation, and accomplishes both goals.You may be faster with your gesture-recognizing GUI than your icon-clicking brethren, but you'll always, ALWAYS be ten steps behind me with my keyboard. Especially if keyboard chording becomes commonplace.
The misconception of the mouse being better than the keyboard is compounded by the fact that for some tasks, it really is.
For example, anything that requires spacial manipulation, like drawing, graphical manipulation, or gameplaying can generally be implemented more efficiently with a pointer device such as a mouse.
On the other hand, any series of discreet tasks, like scrolling an increment, selecting a function, closing a window, picking a desktop, etc are more efficient with the keyboard.
While you're clutching at the mouse, finding the cursor on your screen, then navigating to the close button, I've already hit Ctrl-W and done eighteen other tasks. (Alt-F4 for Windows, Alt-W for Netscape/Linux, whatever your example of choice is)
I only shake my head at this innovation because, as great as it is for the mouse-only users of the world, it means that those of us proficient on the keyboard will only be left further on the fringes. Microsoft is the only company so far that seems to consistently design GUIs right (try unplugging a mouse from a Microsoft system and notice that you almost literally can do everything you need to do, after the reboot).
--
--
(a) Right. Why should I go looking for reasons why the patch message is wrong? Sounds to me like if the patch says it's unnecessary that it's unnecessary, but maybe that's because I'm a moron.
(b) Wrong. If it's wrong, why should I then trust Microsoft (or any other company's) documentation? When I see a glaring error in one part of a product, I immediately assume I can't trust anything from any other part of that documentation which means I'm wasting my time reading any single other piece of information from that entity.
Any message ever displayed to the user had better be right, and 20 minutes of ensuring its correctness before coding it will save every individual hours upon reading it.
--
The Bible is pretty clear about saying all other religions are abominations. It's one of my biggest beefs with it.
--
You're absolutely right that only old versions are free for deployment and commercial use.
And that old version has triggers, stored procedures, guaranteed consistency, online database backups, support for terabyte-sized databases, and more.
What the fuck do you want? If you need more than that (ie: row level locking) shell out the cash for 11.9.2.
--
Every place I've worked in my professional career required many boxes of horsepower. My current employer has literally hundreds of computers.
If you insist that you cannot break out a complex system into multiple boxes, but it must reside on a single box with shared resources, then yeh, Unix has a broken security paradigm. So what? I've never seen it.
Until we get boxes ~10,000x more powerful than what we've got today, I don't see Unix' security paradigm causing me any big problems in creating a secure system.
--
A root compromise on my web server doesn't do anything for getting sysAdmin access on my database server. It also doesn't give you anything more than normal httpd access on my middleware servers.
In a properly configured system there is more than just a single computer. There are many computers communicating with each other with monitoring, auditing, and separation of tasks.
Although making a root compromise on my web server might allow you to find the password to utilise certain services on my middleware server, a properly-designed system will be resistant to this, and certainly will be noticed by experience systems administrators.
Unix has no flawed design. It does exactly what it's supposed to do: provide a multi-user medium-security environment that is 99% internally consistent, robust, and useful.
NT is on the completely insecure but extremely easy to work with spectrum, and the secure systems the NSA wants are on the other end of the spectrum. For e-commerce, Unix provides the good middle ground, recognising that a site is made up of many operating systems, software components, computers, and network protocols.
--
Don't worry. Microsoft has an army of lawyers to deal with victims of pirated copies.
Probably they just castrate you and give you a new activation code.
--
As a database administrator having used Microsoft SQL Server, Sybase (ASE), and Oracle extensively, I think I have something to add to this discussion:
Don't use MySQL or Microsoft SQL Server. Use Sybase ASE 11.0.3.3. It's 100% license-free for use on Linux, both in development and production databases. It's solid, it's fast, and it's good.
Use SybPerl from Michael Peppler, use SQSH from Scott Gray for your DBA tasks.
Use whatever client you want, Access or otherwise. Sybase is a fairly significant industry standard RDBMS, and most everything connects to it.
To see an entire product built on open source components, try http://www.activespace.com. The backend is Sybase, the frontend Mason.
--