Slashdot Mirror


User: drsmithy

drsmithy's activity in the archive.

Stories
0
Comments
12,153
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 12,153

  1. Re:Real mature on Microsoft Zunes Committing Mass Suicide · · Score: 1

    If you're primarily a Linux user and then try to get anything running on a Windows server, the $ will seem quite appropriate.

    OTOH, once you've got a bit of real world experience and have seen some $10,000/seat, $50,000/processor, etc applications, you realise just how cheap it actually is.

  2. Re:Real mature on Microsoft Zunes Committing Mass Suicide · · Score: 1

    How is using M$ directly or indirectly related to any of those descriptions?

    Because it's childish and immature, just like 'Linsux', 'crApple', or dozens of other similar names that display the intellectual insight of 10-year-old.

    It's uneducated because it implies that Microsoft is somehow more 'determined' in their profit-seeking than any other corporation.

  3. Re:It was just BAIT on Sex Offenders Must Hand Over Online Passwords · · Score: 1
    I do agree paedophilia is a genetic trait (that is, like homosexuality). However, you run the risk of conflating two different things into the one blanket term:

    * sexual activity between, (physically) sexually mature individuals, where one or more of them are "underage", and
    * sexual activity where one of the participants is not sexually mature.

    The former is reasonable to explain (and excuse) "paedophilia". The latter is not.

  4. Re:I also agree on Interclue and What Going Proprietary Can Do · · Score: 1

    Which holds for a quite good amount of it, actually. Take a look at how Linux distributions do packaging: Very often the distribution is applying their own patches. Large projects like the kernel, Firefox, or apache very rarely are delivered as pristine upstream source. Which means that yes, there are people reading that source code. They may not be reading 100% of it, but just that somebody completely unrelated and completely outside the developer's control could be watching makes sneaking in something nasty a lot harder.

    I thought we were talking about formal code audits, not unco-ordinated casual source perusal ?

    Trust is not absolutely required. It may be often needed, but not required. The option not to trust and verify yourself is always there.

    The option is not realistic. You can try to argue otherwise if you want, but you know as well as I do that it's completely unfeasible for any non-trivial program.

    So is what you say about the blogger in that case.

    No, it's not. I was pointing out why your argument was flawed. You were trying to refute an argument I didn't make (that a particularly Code Audit organisation may be more trustworthy than another). You are the only one arguing about the integrity of different code-auditing entities by continually implying any for-hire code-auditors cannot be trusted.

    This doesn't happen in practice. Suppose I want to conduct an audit of the IE source code. The audit company would need access to the source, and why would MS give them the access? They'd have no reason to allow it.

    Because the audit company was prepared to pay them for a source code licenses.

    Where are the audit reports on the Windows source code? And does anybody care if such things exist?

    How is this relevant to my argument ?

    Nobody will ever find out that in the first place.

    Of course they will, if the whole point is to publish multiple independent code audits to see how they compare.

    If I lack the knowledge myself, the only accurate way to verify a claim is to find somebody who can go over the report, verify it independently of the thing being reported on and the one who did the report.

    Yes. My point exactly. Which is why code accessibility, and how much trust you put in the people auditing code, are two separate issues. For those (the overwhelming majority) who lack the resources to audit the code themselves, the ability OSS engenders to do so is moot, and they have to trust someone else to do it.

    Or, as I said originally, there is no reason why closed-source applications cannot be audited. They just can't be audited by *anybody*. From a real-world perspective, the end result is the same regardless of whether it is closed source or open source - you have to trust someone else to do the code auditing on your behalf, because it's not a realistic option for you.

    Now, whether you trust people doing it for fun vs people doing it because that's their job, is another (third) separate issue all together. However, the implication that people doing work (or, at least, coding) for money cannot be trusted seems to be quite common amongst the OSS crowd - all I can say when I read that sort of thing is I hope those with such little respect for their peers' ethics don't work for me.

  5. Re:Yeah but Windows has a lot of value on Interclue and What Going Proprietary Can Do · · Score: 1

    Don't be so harsh. In some circles the operating system would be just the kernel and accompanying low level interfaces into the hardware. You wouldn't have GUI widgets or libraries for ftp, http, etc, as part of the operating system, and indeed, there are many operating systems that do not.

    The proportion of people who use the academic definition (which itself is somewhat flexible) of "Operating System" outside of educational institutions vanishingly small. The proportion who do so consistently and honestly, even smaller.

    What is far more common (and the other half of what I was referring to) is the habit many people have (especially on /.) to cherry-pick the stuff *they* think should be in an OS. Eg: considering a network stack "part of the OS", but not a graphical display system.

  6. Re:I also agree on Interclue and What Going Proprietary Can Do · · Score: 1

    I said "not required". If you let some company do it for you and have no way to verify, you must trust them even if you have the skill to verify, you simply have no other option.

    The assumption thus far (put forth by you) has been that some third party would be auditing the code, because its open source nature allowed them to.

    Practically speaking, individuals (and small to medium-sized businesses) do not have the resources to audit non-trivial amounts of source code. That means they need to trust someone else to do it.

    Trust is required, in any real-world scenario that involves auditing source-code for an application of the type being discussed, regardless of whether said source code is open, closed, or something else.

    How do you know Trusted Audits, Inc hasn't left out (through either malice or incompetence) problems during their 'audit'?

    This is a straw man.

    And unlike with the blogger, there are powerful economic forces at work here. TAI isn't going to want to anger their client, [...]

    How does your conspiracy theory go if their client is the entity paying for the audit, rather than the entity that produced the source code ?

    [...] and internally will have pressures to audit as quickly and cheaply for themselves as possible, to reap the maximum profit.

    Uh huh. How about the "powerful economic forces" that will devastate said profit if their code audit is shown to be worthless ?

    Their results will then be delivered to the client, who will further decide whether to publish or not.

    Of course, if they _don't_ publish, then the product isn't going to look as good as the one whose code audit *was* published.

    A company wanting to present a positive view can easily request for 10 audits from different companies, and publish the only one that was positive. Or even set up a fake company for the audit.

    Which is going to look bad next to the one who requested 10 audits and published the results of all of them, no ?

    Anybody can publish a long report explaining how various metrics and incantations prove that the software is secure. I consider such things to have zero actual value. Talk is cheap. Show me the proof in the code.

    So then you agree the fact that open source code can be audited by anyone, is basically worthless to everyone who can't conduct the audit personally ?

  7. Re:Yeah but Windows has a lot of value on Interclue and What Going Proprietary Can Do · · Score: 1

    That's one novel way of looking at it, as Windows being basically a pre-distributed, kick-ass runtime. Basically a set of DLL's that abstract various things for programmers and provide them a C API (Win32), oh yeah plus a few utilities for users.

    Indeed. Otherwise known (academic pedantry notwithstanding) as an Operating System.

  8. Re:I also agree on Interclue and What Going Proprietary Can Do · · Score: 1

    Trust is not required when the evidence is in the open.

    Of course it is. Unless you have the resources to verify the audit yourself, you need to trust the person who has done it on your behalf to have done it properly.

    An audit of OSS can easily include references to specific lines in the source code. If the audit says that there's a potential buffer overflow I can go look myself and verify that indeed there's a problem. And if the audit says that AES encryption is used, then I can go and verify that indeed it is AES and not XOR or some homebrew thing.

    That's great. Now, how do you know J Random Blogger hasn't left out (through either malice or incompetence) problems during their 'audit' ?

  9. Re:Their problems are easily solved on InfoWorld's Crystal Ball Predicts the Future of Microsoft · · Score: 1

    Difficult for who? Why don't you just admit that you only know Windows and don't know jack about Linux.

    Well, I know quite a bit about Linux and GP is spot-on. There is nothing even close to the AD + Group Policy combo on Linux and it is a major lacking of that platform.

    Sure, you can waste time and money rolling your own, or twisting your brain into knots trying to figure out something like cfengine, but the simple fact is there's no out of the box, simple to use tool[set] for configuration management of a collection of Linux machines.

    In this day and age the lack of such basic management functionality in a server OS is ridiculous.

    (This is not to say GPOs are flawless, by any stretch. Integrated revision control, for example, is a significant missing feature.)

  10. Re:more importantly: on InfoWorld's Crystal Ball Predicts the Future of Microsoft · · Score: 1

    Nearly every other division of MSFT is losing money with the exception of windows and office. If you marginalize either one of those products MSFt goes bankrupt in less than 10years.

    Because, of course, in the blink of an eye that is a decade in the computer world, nothing about Microsoft would change if that happened.

  11. Re:more importantly: on InfoWorld's Crystal Ball Predicts the Future of Microsoft · · Score: 1

    OTOH, at least all of those distros would still use common and open protocols (real LDAP, NFS, etc) to interconnect, instead of a locked-down/munged/proprietary set, which means that you either buy from one vendor alone, or you get screwed.

    Once your infrastructure reaches a non-trivial size, you pretty much have to be "buying from a single vendor" anyway, regardless of whether they're Microsoft or Red Hat.

    In the real world, interoperability involves a hell of a lot more than just how the data gets shuffled over the wire.

  12. Re:I also agree on Interclue and What Going Proprietary Can Do · · Score: 1

    Trust is a separate issue, and highly dependent upon the audience.

  13. Re:I also agree on Interclue and What Going Proprietary Can Do · · Score: 1

    The question should really be, would you *really* trust a program that nobody could audit?

    This is a false dichotomy. There is nothing preventing a closed-source program from being audited.

  14. Re:List of changes between it and Vista plz. on First Look At Windows 7 Beta 1 · · Score: 1

    Have they added in WinFS yet?

    What do you think WinFS is going to do for you ?

  15. Re:why is this surprising? on First Look At Windows 7 Beta 1 · · Score: 1

    Do you think Microsoft is going to do the right thing and rearchitect major parts of Vista for Windows 7?

    What do you think needs "rearchitecting" and why ?

  16. Re:document management system on How Do You Monitor Documents? · · Score: 1

    In my company the incoming documents are converted into a wiki and access is given to people who need it. Once work is done on it it requires two different people (managers/experts) to review it and mark it as complete. Then it is converted back into a Word/Excel/PDF/Whatever document and sent to the client.

    May I ask what software you are using for your 'wiki' ? We are looking for something with similar functionality (I can do without the document conversions) for our internal documentation, and the wiki software I've looked at so far hasn't been particularly good on the authorisation side. I had hoped to avoid going full-blown CMS/DMS, as we're only really after the "content approval" aspect.

  17. Re:Dupe, on Is the Gaming PC Dead? · · Score: 1

    The problem is the OS. Windows isn't built for more than one core CPU.

    Rubbish. Windows NT was designed from the ground up for multiprocessor machines and has been running on them since 1993.

  18. Re:Multiple interpretations on The RIAA's Rocky Road Ahead · · Score: 1

    So, because you don't have it, nobody else should.

    No, because particular classes of people should not be blessed by the legal system with privileges others are not.

    Everybody has to be at your level.

    Most certainly everyone should be granted the same privileges by the law, except in truly exceptional circumstances. Equality is one of the foundations of a free and fair society.

    But what makes your level right? Tell me, what do you produce? Do you produce anything people will care about acquiring ten years after the fact? What about twenty? Why should somebody who produces something that will generate ongoing sales for decades be forced to be at the level of somebody who doesn't?

    So you agree that if the product of some work I did in my twenties is still being used (I know of at least one example of this being true), the company using it should still be paying me a salary ?

    Should I be sending the person who made my kitchen table an annual tithe ? After all, I'm still using it twenty years after he made it, surely (by your standards) he should still be getting paid for that work ?

    Try this one on for size - perhaps the very few artists who don't have to keep day jobs and put away money just like everybody else (which, by the way, is what just about everybody in the creative arts community has to do anyway) get that position because they produce something that people do care about long after their death. And if somebody can do that, well, they should be allowed to rise as far as they are able.

    Of course they should. I've never suggested otherwise.

    Part of a free society is that people are free to do better than you are doing. If you don't like that, there are communist governments in Cuba and China that I'm sure would welcome you as a citizen, although China has been moving towards the free market for some time now.

    Apparently you think I've got something against people who are more successful than me, when my actual problem is with people who have an unfair advantage because they're getting special treatment from the legal system.

    But quit whining and complaining about those who actually do produce something they can profit off of for the long term, because you don't. The only thing stopping you in this society from rising higher is yourself.

    This is why it's difficult to have any sort of serious discussion on the topic. People like you, who are caught up in a storm of greed, selfishness, hubris and entitlement, think your contributions to the world are so unique and valuable that you deserve special protection from the legal system.

    You have not offered a single argument justifying the privileges that come with being on the copyright gravy train, that could not be equally applied to everyone from carpenters to hairdressers.

  19. Re:see here on Microsoft Extends XP To May 2009 For OEMs · · Score: 1

    Even in a standard user world, he stressed that malware can still read all the user's data; can still hide with user-mode rootkits; and can still control which applications (anti-virus scanners) the user can access.

    Yes. Just like it could on OS X and Linux (if anything, given how tools there tend to be designed, it would probably be easier on Linux).

    Please explain to me how, *exactly*, malware can execute and then control the system in user mode in OSX or Linux.

    Please explain why you think that's what the article is saying, when it is not. You can follow up by explaining why you think anything said in it does not apply equally to OS X, Linux, or any other multiuser OS.

    Until you accept the incontrovertible fact, as they are, out there for all to see, that UAC IS NOT sudo.

    Despite 3 requests, you still haven't offered any explanation how UAC is not essentially the same as sudo, in both concept and implementation. I can only assume, then, that you're just parroting standard anti-Vista propaganda and don't really have any idea how either system works.

  20. Re:Multiple interpretations on The RIAA's Rocky Road Ahead · · Score: 1

    You mean like poverty and working your ass off for what eventually works out to less than minimum wage? In Canada, the average income of artists is less than $25,000 per year. In the United States, the average income for a creative artist is $34,800 per year (http://en.artron.net/news/news.php?newid=52152&column_id=61). If a writer is lucky, around his or her third or fourth book the money s/he receives will break through to equating to the minimum wage. Somebody like Stephen King is the vast exception - most creative artists struggle to keep a roof over their heads and food on their table. So, want to tell me why those generous privileges don't include a professional-level income?

    Because maybe the vast majority of creative work doesn't deserve a professional level income ?

    There are shitloads of poor people the world over. Why should the ones who happen to sing and dance be offered any more advantages than those who happen to carry and serve ? In the United States in 2005, the median income was about $32,000. Seems "artists" aren't doing it harder than anyone else.

    That's a straw man argument. Creative artists DON'T have that right. They have the right to try to make money from their work for their lifetimes plus 50 or 70 years, depending on the country.

    Which part of your entire life don't you consider to be "in perpetuity" ? (I will admit the context of my original comment wasn't clear.)

    "Try" is the operative word. Almost none succeed.

    Wow. Just like every other poor sucker who has to go to work every day and "try" to make the most money he can from his skills.

    For that matter, the average lifespan of a book tends to be less than 10 years.

    Tragic stuff, indeed, to be only paid for 10 years for one bit of productivity. I wish I was still earning a salary for the work I did 10 years ago.

    Copyright is not a form of creative welfare. If you want to make money as a creative artist in your old age, you frequently get to keep working while everybody else has retired, or die in poverty.

    Everyone else has to prepare for retirement. That means saving up enough to live on once you retire (and support your family afterwards) while you can still work. The plumber can't keep fixing pipes once he's crippled by arthritis. The doctor can't keep performing surgery once Parkinson's makes his hands shake. The lawyer can't keep practicing once dementia has destroyed his mind. The tennis player can't keep playing once his eyesight is gone.

    Why should artists be treated differently [by society] to them ?

    Oh yes, by the way, there is something that does allow people to make money for the rest of their lives for work they've already done - it's called a pension. Most creative artists don't get those.

    No, a pension is something you get from the Government, financed by the taxes you (and everyone else) paid and/or something you get from a fund that you paid money into throughout your life. Since the former is something your hypothetical poverty-stricken artist will almost certainly be eligible for, he will receive that (just like every other poverty-stricken person). The latter, of course, requires you to have earned enough throughout your life to have been able to contribute to it, and in this, again, the artist is in exactly the same boat as everyone else.

    Perhaps you can justify inheritance law to me, then. After all, why should your children and grandchildren receive benefits after you've died for the work you've done? They didn't do that work. Or are you about to say that it's not the same thing because it's a book manuscript instead of a house?

    A book manuscript and a house are similar things. The ongoing royalties from a published book and a house, however, are very different things.

    (There is room in my philosophy to allow for works that were comple

  21. Re:I *want* Windows 7 to suck on Microsoft Extends XP To May 2009 For OEMs · · Score: 1

    I know, it's not the Linux devs' fault, [...]

    It *is* the Linux devs' fault. If they could specify and stick to a standard kernel ABI for major versions like every other OS does, then nVidia, et al, could write their drivers to that.

  22. Re:Meet the new version, same as the old version. on Microsoft Extends XP To May 2009 For OEMs · · Score: 1

    Seriously, they broke hardware backward compatibility with Vista, so why not ship Windows 7 with Vista, XP, 98, and even DOS inside virtual machines?

    Because the hardware requirements would be too high.

    Vista, despite what you might read on various heavily biased web sites, is quite usable for basic tasks (word processing, email, websites without too much flash) even on 7 year old 1Ghz P3s with a a gig of RAM. But machine like that couldn't run XP inside a VM on top of Vista.

  23. Re:Meet the new version, same as the old version. on Microsoft Extends XP To May 2009 For OEMs · · Score: 1

    Looking forward, they could do much better by accepting change - a new architecture would bringer better and more reliable business applications.

    What new architecture ? How would it be better ?

  24. Re:Windows 7 on Microsoft Extends XP To May 2009 For OEMs · · Score: 1

    Hopefully they will tweak it to run more like Ubuntu where I can log in as a power user with out admin rights, but perform admin tasks by providing admin credentials when attempting the task.

    That's exactly how it works already (only you get a "Continue" button by default instead of a "password" box - if you really want to type a password instead of clicking a button, you can make it do that).

  25. Re:Windows 7 on Microsoft Extends XP To May 2009 For OEMs · · Score: 1

    That's impossible. Windows 7 is not adding any of the features previously promised for Vista, and subsequently axed.

    What are these features, that were "axed" from Vista, that every gets into such a tizzy about ?