Well, there are lots of interesting, open, well-defined, important problems in natural language processing. Why not work on them directly?
Re:MS World Domination: 2002 Edition
on
Breaking Windows
·
· Score: 2
A Chinese wall won't work. Not only does Microsoft just not want the competition from third parties, it is simply cheaper and faster to develop software assuming that you know everything about every other part of the system. And, besides, nobody has time to review anyway what assumptions one part of the code makes about another part of the code.
The only solution I can think of would be to break them up and to force public source availability of many of their products.
Re:Bad things really do happen.
on
Breaking Windows
·
· Score: 2, Insightful
This isn't a microsoft abuse. I can go down the street to bob's lawn care and get materials to create a car bomb. Does that mean that Scott's Turf Builder is responsible for my actions? Microsoft creates a product (outlook) that checks email. It checks email, and fairly well, and in a way that is easy to understand and simple to use.
I think Microsoft is directly responsible for these problems: they are using development tools that causes their software to be susceptible to buffer overruns and they put features into their products that make them easy to attack. It's like shipping cars without safety belts and blaming drivers when they get killed in accidents, or building homes without front doors and wondering why the burglars wander in.
If linux was the world's premier operating system, and my mother used KMail or Pine, i'm sure the k|dd|3z would be writing exploits for that.
Who said that Linux was necessarily better? Linux shares many of the problems that Windows has, in part because the more modern components of Linux have been copied from Windows. By setting the bar so low and pushing outdated technologies into the educational system, Microsoft sets the tone for the whole industry and damages the quality of both commercial and free software.
Still, I suspect that crackers would find it a lot harder to create a "Code Red" worm for KMail or Pine.
Now, if you're gonna criticize microsoft, put your money where your mouth is, and write your own operating system, and get it on the desktop of 97% of the computer users in the united states, and have it impervious to viruses. Or be logical, and talk to people about linux.
The value of Windows isn't in the code. The value of Windows is in the community built around it: the software vendors, services, hardware vendors, and users. Microsoft only got that because they got the original IBM PC deal. Even much better and much easier to use technology wasn't enough to displace them from that lead. To Microsoft's credit, they didn't fumble. But Microsoft has an enormous head start, and displacing them even with a much superior product and massive investment is still an uphill battle. Though, it will happen...
I think a much better alternative to Passport is smart cards. You can think of a smart card as your own, personal, secure little "Passport server", a server that is entirely under your control, including physical control.
Passport seems to me like an attempt to centralize a service because it is highly profitable for the service provider to do so, not because it makes sense. (AOL IM is another example.)
Performance hits: Well, yes. Adding layers of protocol will cause slowdowns. There is another [active] router in the way, too. Expect ping times to go up. (Sorry, gamers, if you really want good ping time you will be forced to a T1 type solution.)
What a positively stupid suggestion. What do you think DSL lines are used for by a large fraction of the people who have them? What do you suggest consumer Internet access ought to be optimized for? Only to push marketing information and ads onto consumers?
If PPPoE leads to unacceptable delays during game play (and I'm not saying that it does), the company requiring it isn't satisfying customer demand. If they can get away with it, it's because they have a local monopoly.
The justifications for PPPoE you give seem largely ATM related. Well, too bad. SBC made a stupid investment in ATM. They should throw out that equipment and replace it with something better designed and more modern. Equipment that runs more modern protocols over the same wires is available.
A dynamic IP address may be less convenient for server applications, but most consumer DSL contracts prohibit those already anyway, and most ADSL lines make them impractical. The security arguments don't hold water: there is no reason why outgoing connections from a static IP address are any more secure than outgoing connections from a dynamic IP address. In fact, I'd say the opposite is true: a dynamic IP address gives you a greater degree of privacy and means that attackers have a harder time finding your system again. Furthermore, PPPoE would still allow you to use a static IP address if your ISP gives you one.
Just look at the pda market. Palm and Handspring are on their last legs;
PDAs are very successful. The problem that Palm and Handspring are facing is that they are trying to sell $50 consumer gadgets for $500, by trying to build on the widespread acceptance of their OS among handheld developers. Too bad for them that they are facing a competitor that's better at that game...
It's a color printout of a Netscape window grabbed from a Windows computer stuck under a transparent piece of plastic. That's how these "prototypes" (mock-ups) are created. You can make one of those yourself with a bit of balsa wood, a good color printer, some paint, and some plastic. If you are a good salesperson, you can even get VC funding for it. What's holding back the actual creation of these devices is cost and availability of parts. Are you willing to have such a device if it costs $5000 and has a battery life of 1/2h? I didn't think so. That's why Compaq is producing the iPaq and Sony is producing the Clie.
There are enough real, interesting problems out there to choose from; why pick some company's idea of a contest? Work on Go, write a nice chess player, do something interesting with data mining, etc.
It's a perfect example of double standards: when Windows crashes this is always the fault of Microsoft, not of bad drivers or programs which access Windows internals, while in fact they often are (especially video drivers).
Software vendors don't "access Windows internals" because programmers want to--it takes a lot of time to do so. They do it because Microsoft's APIs are insufficient and poorly thought out. Microsoft has profited handsomely from this because third parties have managed to figure out how to make that pitiful platform do things Microsoft never had the sense to design APIs for. Without third party vendors doing this, Windows would be nowhere. Now that Microsoft has finally copied enough from other vendors, their system doesn't quite need such enthusiastic third party software vendors anymore.
It's also a question of architecture: except for a very limited set of hardware drivers, there is no reason why the installation of anything should either be prohibited or cause instability. (Linux doesn't get this right either, but it is considerably better than Windows.)
The biggest problem with this is, though, that, whether it is sensible or not, Microsoft is driven by the profit motive, and for them to be able to exclude vendors from the market and force them to submit to certification procedures is a great way of controlling their market and increasing their profits. That is, even if there is some weak justification of this action in terms of profits, it is still highly suspect, and should be.
This isn't about being intrinsically "anti-Microsoft". The company has been found to be a monopolist, and it is rightfully subject to this kind of scrutiny and suspicion. Microsoft needs to tread extra careful in ways other companies don't have to, and instead the company is still giving consumers, software vendors, and regulators the finger.
(Incidentally, your characterization of blocking "only current versions of the drivers" is incorrect. I suggest you take the time and actually read the document at Microsoft's site describing their policies.)
I don't see much value in BeOS. It doesn't matter how nicely designed it is, the code itself just doesn't matter. What makes or breaks operating systems is a user community and a developer community, and BeOS has simply failed to attract enough of either. How to attract a large user and developer community is the billion dollar question, but a fairly clean C++-based OS apparently isn't sufficient.
Packages in Debian "stable" are generally months older than the latest released version of the software. That means they don't include many bug fixes, configuration file changes, etc. If you are living in an environment where you collaborate with other people, you need to be roughly at the same version numbers. And non-Debian systems are much further ahead than Debian "stable".
O'CAML, for example, is still at version 2.x in Debian stable, while the current version is 3.01. When everybody else in the world is using 3.01, it doesn't matter how "stable" the version is that comes with Debian "stable", it is still useless. And there is nothing "unstable" about O'CAML 3.01.
Mozilla in "stable" is at M-18, far behind the current version of Mozilla; in fact M-18 is far less stable than any of the more recent Mozilla releases. And the configuration files have changed between M-18 and recent Mozilla releases, meaning that people cannot share them.
You get the idea, I hope. There are many more examples.
Keep in mind that most of the software that goes into Debian unstable has received extensive testing by its authors and that Debian isn't responsible for non-packaging related problems. There is little reason for Debian "stable" to be far behind Debian "unstable". I don't pretend to know what Debian should do, but I do know that it is pointless for Debian maintainers to recommend to users to just use "testing" or "stable".
I think that view is pretty naive. Debian "stable" is so far behind that it causes interoperability problems with other Linux systems. And Debian testing can, for practical purposes, have many more defects than "unstable". For example, the "task-" packages that many people had come to rely on have simply disappeared from "testing" and the "tasksel" package is not a working replacement. Furthermore, "testing" lacks many important packages that never make it out of "unstable", also rendering "testing" useless for many applications.
You can continue to chide people for running "unstable", but in the real world, if people want to run Debian, they have little choice.
If conventional property rights to do not apply to cells, then what rights do apply? [...] Such an amendment might say "No person shall be deprived of cellular matter, limbs, organs or bodily fluids without due process of law.
You should have a limited right to refuse to have the sample taken. You should have a limited right to demand that the sample be destroyed after the necessary diagnostic procedures have been carried out. (Limitations in both cases are conflicts with public health needs.)
But the government has a compelling interest to see that there is no market in selling bits and pieces of your body. Hence, you should not be able to demand money for cells derived from your body. Either you give them away freely, or you don't, but you can't charge for them.
This restriction is not to limit your rights, it is to protect you and everybody else from the economic pressures that they would otherwise be subject to. Because if you can sell parts of your body, companies will figure out how to compel you to financially and contractually, and you would have no choice at all anymore.
I'm sorry, but I don't understand why CD readers on desktop machines supposedly can't read this. Don't they get the complete data stream, including control and data information?
If they really don't get this information, they can still correct the errors, since the good and bad audio are distinguishable. If Sony puts in a square wave--all the better: that kind of noise is more easily detectable and removable than just about anything else.
As a last resort, people can still copy from analog audio; given the reduction in quality that formats like MP3 cause anyway, nothing is really lost (but you have to do this in real time, of course).
The thread is about whether legal issues should be discussed by non-lawyers at all. I argued that there is at least one group for whome it makes sense to discuss US legal matters. If there are others, great. Please stop your knee from jerking.
Slashdot can't provide much help on legal questions, as we've proved over and over and over again...
You misunderstand why people discuss these matters. The US has a representative government and laws are by the people and for the people. Non-lawyers must discuss these matters and try to come to terms with them, because ultimately we all decide on what laws we want to be governed by. Arguably, trade secret law has gone way too far in protecting information held by companies.
The question raised by the message illustrates an important point and is worthy of discussion. If you don't like the level of discussion on Slashdot, I suggest you contribute to its elevation, rather than flaming randomly.
Get a life, the guy the executed in Texas was a murdering sack of shit.
How can you be so sure if proper legal procedures weren't followed? Think of it this way: you get arrested in some country overseas and charged with a drug offense. You don't know the legal system (and may not even speak the language), so you can't defend yourself. The US embassy doesn't get notified and you just disappear. And when you get executed, the citizens of that country say "oh, he was clearly guilty and just got what he deserved".
International law is tit-for-tat. If the US doesn't want its citizens tried in other countries without legal representation, the US must respect the rights of other countries, no matter how clearcut the individual case may seem.
2) It doesn't matter whether he is a US citizen or not, he has a right to due process.
That is not generally the case. This issue usually comes up in immigration cases. The US does treat non-citizens rather differently from citizens in some areas of its legal system.
A company has to take reasonable care to keep their trade secret information secret. Otherwise, they don't enjoy any protection. For example, their network has to be secured, and physical access to the work location has to be well controlled. Arguably, they aren't taking reasonable care if their mailer has known security holes and sends out the documents all over the place.
Of course, if you sign a contract, you personally may be bound not to talk about things even if they are widely known. Furthermore, if you leak the information, you may be liable. But that doesn't apply to people who didn't sign those contracts.
In a free-market economy, there is no such thing as a shortage, just a rise in prices.
There is also international competition. If the US cost for producing software becomes too high, the software will get produced elsewhere.
If they could shift the work to India, they would. It's much cheaper than hiring H1-B workers.
They can and they do. To many companies, bringing their skilled knowledge workers to the US is more of a perk to attract people than a question of cost, the kind of perk that companies give when there is a labor shortage. Most of the companies I have worked for would have been just as happy to hire me at a European or Asian location.
Those few people we really need to bring in should be given green cards or have similar workers rights. It's a matter of respect for them and for our own workers.
I fully agree that the H1B regulations have serious problems and should get fixed. Limiting the numbers, however, would not be in the best interest of the US (although it would be a lot fairer to Europe, China, and India, who paid for the education of these workers).
If I misconfigure Apache or install an old version of IIS, is that a "security problem" for the rest of the Internet? Just like Lycos's bug, that lets people put arbitrary scripts into my content.
The simple fact is that content you get from the Internet, be it Slashdot, Lycos, Microsoft, or anything else, may have been altered or may be malicious in itself. If you care about it, you have to deal with it by picking your web client to protect you; trying to insist that every web site is secure and trustworthy is a losing battle.
BTW, from the description of the bug, JavaScript is the least you have to worry about. ActiveX controls would seem like a much bigger problem. And web sites that server user-supplied JavaScript through SSL are also a much bigger worry (since the user-supplied JavaScript is implicitly signed with the site certificate); at least Lycos doesn't serve its content through SSL.
without MS you wouldn't have seen the rise of computer technology and broadband availability... they made it easy to get on and use a computer so that people would buy them, and that fueled the market so faster tech would be developed and rolled out.
And I suppose without Microsoft, we'd all still be using mechanical typewriters? Get real. If Microsoft hadn't been there, other companies would have filled the demand. In fact, the way things actually happened is that other companies did do all the innovation and create the new markets, only to be copied and then outmaneuvered by Microsoft on the business and PR front. Microsoft has yet to come up with a product that they haven't copied from someone else.
The overall effect of Microsoft on the industry has been to hold us back technologically by at least a decade compared to what would have happened in an efficient and competitive market.
For that, we shouldn't be grateful, we should be furious. And it's particularly depressing that now that they have eliminated all alternatives, they are successfully rewriting history, as your post shows.
Slashdot Mirror
Cargo pants seem pretty convenient for this. The Gap also has pleated pants with hidden pockets. Beyond that, get small gadgets.
Well, there are lots of interesting, open, well-defined, important problems in natural language processing. Why not work on them directly?
The only solution I can think of would be to break them up and to force public source availability of many of their products.
I think Microsoft is directly responsible for these problems: they are using development tools that causes their software to be susceptible to buffer overruns and they put features into their products that make them easy to attack. It's like shipping cars without safety belts and blaming drivers when they get killed in accidents, or building homes without front doors and wondering why the burglars wander in.
If linux was the world's premier operating system, and my mother used KMail or Pine, i'm sure the k|dd|3z would be writing exploits for that.
Who said that Linux was necessarily better? Linux shares many of the problems that Windows has, in part because the more modern components of Linux have been copied from Windows. By setting the bar so low and pushing outdated technologies into the educational system, Microsoft sets the tone for the whole industry and damages the quality of both commercial and free software.
Still, I suspect that crackers would find it a lot harder to create a "Code Red" worm for KMail or Pine.
Now, if you're gonna criticize microsoft, put your money where your mouth is, and write your own operating system, and get it on the desktop of 97% of the computer users in the united states, and have it impervious to viruses. Or be logical, and talk to people about linux.
The value of Windows isn't in the code. The value of Windows is in the community built around it: the software vendors, services, hardware vendors, and users. Microsoft only got that because they got the original IBM PC deal. Even much better and much easier to use technology wasn't enough to displace them from that lead. To Microsoft's credit, they didn't fumble. But Microsoft has an enormous head start, and displacing them even with a much superior product and massive investment is still an uphill battle. Though, it will happen...
Passport seems to me like an attempt to centralize a service because it is highly profitable for the service provider to do so, not because it makes sense. (AOL IM is another example.)
What a positively stupid suggestion. What do you think DSL lines are used for by a large fraction of the people who have them? What do you suggest consumer Internet access ought to be optimized for? Only to push marketing information and ads onto consumers?
If PPPoE leads to unacceptable delays during game play (and I'm not saying that it does), the company requiring it isn't satisfying customer demand. If they can get away with it, it's because they have a local monopoly.
The justifications for PPPoE you give seem largely ATM related. Well, too bad. SBC made a stupid investment in ATM. They should throw out that equipment and replace it with something better designed and more modern. Equipment that runs more modern protocols over the same wires is available.
A dynamic IP address may be less convenient for server applications, but most consumer DSL contracts prohibit those already anyway, and most ADSL lines make them impractical. The security arguments don't hold water: there is no reason why outgoing connections from a static IP address are any more secure than outgoing connections from a dynamic IP address. In fact, I'd say the opposite is true: a dynamic IP address gives you a greater degree of privacy and means that attackers have a harder time finding your system again. Furthermore, PPPoE would still allow you to use a static IP address if your ISP gives you one.
PDAs are very successful. The problem that Palm and Handspring are facing is that they are trying to sell $50 consumer gadgets for $500, by trying to build on the widespread acceptance of their OS among handheld developers. Too bad for them that they are facing a competitor that's better at that game...
It's a color printout of a Netscape window grabbed from a Windows computer stuck under a transparent piece of plastic. That's how these "prototypes" (mock-ups) are created. You can make one of those yourself with a bit of balsa wood, a good color printer, some paint, and some plastic. If you are a good salesperson, you can even get VC funding for it. What's holding back the actual creation of these devices is cost and availability of parts. Are you willing to have such a device if it costs $5000 and has a battery life of 1/2h? I didn't think so. That's why Compaq is producing the iPaq and Sony is producing the Clie.
There are enough real, interesting problems out there to choose from; why pick some company's idea of a contest? Work on Go, write a nice chess player, do something interesting with data mining, etc.
Software vendors don't "access Windows internals" because programmers want to--it takes a lot of time to do so. They do it because Microsoft's APIs are insufficient and poorly thought out. Microsoft has profited handsomely from this because third parties have managed to figure out how to make that pitiful platform do things Microsoft never had the sense to design APIs for. Without third party vendors doing this, Windows would be nowhere. Now that Microsoft has finally copied enough from other vendors, their system doesn't quite need such enthusiastic third party software vendors anymore.
It's also a question of architecture: except for a very limited set of hardware drivers, there is no reason why the installation of anything should either be prohibited or cause instability. (Linux doesn't get this right either, but it is considerably better than Windows.)
The biggest problem with this is, though, that, whether it is sensible or not, Microsoft is driven by the profit motive, and for them to be able to exclude vendors from the market and force them to submit to certification procedures is a great way of controlling their market and increasing their profits. That is, even if there is some weak justification of this action in terms of profits, it is still highly suspect, and should be.
This isn't about being intrinsically "anti-Microsoft". The company has been found to be a monopolist, and it is rightfully subject to this kind of scrutiny and suspicion. Microsoft needs to tread extra careful in ways other companies don't have to, and instead the company is still giving consumers, software vendors, and regulators the finger.
(Incidentally, your characterization of blocking "only current versions of the drivers" is incorrect. I suggest you take the time and actually read the document at Microsoft's site describing their policies.)
I don't see much value in BeOS. It doesn't matter how nicely designed it is, the code itself just doesn't matter. What makes or breaks operating systems is a user community and a developer community, and BeOS has simply failed to attract enough of either. How to attract a large user and developer community is the billion dollar question, but a fairly clean C++-based OS apparently isn't sufficient.
O'CAML, for example, is still at version 2.x in Debian stable, while the current version is 3.01. When everybody else in the world is using 3.01, it doesn't matter how "stable" the version is that comes with Debian "stable", it is still useless. And there is nothing "unstable" about O'CAML 3.01.
Mozilla in "stable" is at M-18, far behind the current version of Mozilla; in fact M-18 is far less stable than any of the more recent Mozilla releases. And the configuration files have changed between M-18 and recent Mozilla releases, meaning that people cannot share them.
You get the idea, I hope. There are many more examples.
Keep in mind that most of the software that goes into Debian unstable has received extensive testing by its authors and that Debian isn't responsible for non-packaging related problems. There is little reason for Debian "stable" to be far behind Debian "unstable". I don't pretend to know what Debian should do, but I do know that it is pointless for Debian maintainers to recommend to users to just use "testing" or "stable".
You can continue to chide people for running "unstable", but in the real world, if people want to run Debian, they have little choice.
You should have a limited right to refuse to have the sample taken. You should have a limited right to demand that the sample be destroyed after the necessary diagnostic procedures have been carried out. (Limitations in both cases are conflicts with public health needs.)
But the government has a compelling interest to see that there is no market in selling bits and pieces of your body. Hence, you should not be able to demand money for cells derived from your body. Either you give them away freely, or you don't, but you can't charge for them.
This restriction is not to limit your rights, it is to protect you and everybody else from the economic pressures that they would otherwise be subject to. Because if you can sell parts of your body, companies will figure out how to compel you to financially and contractually, and you would have no choice at all anymore.
If they really don't get this information, they can still correct the errors, since the good and bad audio are distinguishable. If Sony puts in a square wave--all the better: that kind of noise is more easily detectable and removable than just about anything else.
As a last resort, people can still copy from analog audio; given the reduction in quality that formats like MP3 cause anyway, nothing is really lost (but you have to do this in real time, of course).
The thread is about whether legal issues should be discussed by non-lawyers at all. I argued that there is at least one group for whome it makes sense to discuss US legal matters. If there are others, great. Please stop your knee from jerking.
You misunderstand why people discuss these matters. The US has a representative government and laws are by the people and for the people. Non-lawyers must discuss these matters and try to come to terms with them, because ultimately we all decide on what laws we want to be governed by. Arguably, trade secret law has gone way too far in protecting information held by companies.
The question raised by the message illustrates an important point and is worthy of discussion. If you don't like the level of discussion on Slashdot, I suggest you contribute to its elevation, rather than flaming randomly.
That is only one aspect of due process. It remains to be seen how this will be applied in other areas.
How can you be so sure if proper legal procedures weren't followed? Think of it this way: you get arrested in some country overseas and charged with a drug offense. You don't know the legal system (and may not even speak the language), so you can't defend yourself. The US embassy doesn't get notified and you just disappear. And when you get executed, the citizens of that country say "oh, he was clearly guilty and just got what he deserved".
International law is tit-for-tat. If the US doesn't want its citizens tried in other countries without legal representation, the US must respect the rights of other countries, no matter how clearcut the individual case may seem.
That is not generally the case. This issue usually comes up in immigration cases. The US does treat non-citizens rather differently from citizens in some areas of its legal system.
Of course, if you sign a contract, you personally may be bound not to talk about things even if they are widely known. Furthermore, if you leak the information, you may be liable. But that doesn't apply to people who didn't sign those contracts.
There is also international competition. If the US cost for producing software becomes too high, the software will get produced elsewhere.
If they could shift the work to India, they would. It's much cheaper than hiring H1-B workers.
They can and they do. To many companies, bringing their skilled knowledge workers to the US is more of a perk to attract people than a question of cost, the kind of perk that companies give when there is a labor shortage. Most of the companies I have worked for would have been just as happy to hire me at a European or Asian location.
Those few people we really need to bring in should be given green cards or have similar workers rights. It's a matter of respect for them and for our own workers.
I fully agree that the H1B regulations have serious problems and should get fixed. Limiting the numbers, however, would not be in the best interest of the US (although it would be a lot fairer to Europe, China, and India, who paid for the education of these workers).
The simple fact is that content you get from the Internet, be it Slashdot, Lycos, Microsoft, or anything else, may have been altered or may be malicious in itself. If you care about it, you have to deal with it by picking your web client to protect you; trying to insist that every web site is secure and trustworthy is a losing battle.
BTW, from the description of the bug, JavaScript is the least you have to worry about. ActiveX controls would seem like a much bigger problem. And web sites that server user-supplied JavaScript through SSL are also a much bigger worry (since the user-supplied JavaScript is implicitly signed with the site certificate); at least Lycos doesn't serve its content through SSL.
And I suppose without Microsoft, we'd all still be using mechanical typewriters? Get real. If Microsoft hadn't been there, other companies would have filled the demand. In fact, the way things actually happened is that other companies did do all the innovation and create the new markets, only to be copied and then outmaneuvered by Microsoft on the business and PR front. Microsoft has yet to come up with a product that they haven't copied from someone else.
The overall effect of Microsoft on the industry has been to hold us back technologically by at least a decade compared to what would have happened in an efficient and competitive market. For that, we shouldn't be grateful, we should be furious. And it's particularly depressing that now that they have eliminated all alternatives, they are successfully rewriting history, as your post shows.