you are probably spending a few hundred dollars per month more on repairs, updates, etc. that the renter isn't
A renter is paying for every cost incurred by the owner of the house, through their monthly rent.
Essentially any argument that can be made for rent being 'cheaper' is going to fall into the trap that your landlord is not doing things out of the kindness of their heart and taking a loss, they are passing on costs to you.
If you stay still, it becomes worse over time, as rent goes up with market pressures. My insurance and tax may fluctuate, but when I had a mortgage payment, it would only change in ways I wanted it to. Also, I paid it off so there's actually a light at the end of the tunnel with mortgage.
In general there is a huge movement to say 'renting is better for everything!' which benefits people who actually own stuff and not so much the people stuck with no equity and held hostage by property value changes moving rent on a whim.
Renting can make sense for certain things where your use is so infrequent or there is some way economies of scale work to make it make sense, rarely is it the case that one's home is in that realm.
I would argue that making those details more prominent wouldn't really improve the situation. The problem is that users may barely glance for a padlock, but otherwise focus on the content area to see if it 'looks right' despite the fact the content area is totally under the control of the site operator.
User has to look at the location bar (which the operator can't control) and putting *more* information in it is going to probably make people even more likely to not bother.
There may be flaws in the CA system, but this article isn't really related.
The problem is that users aren't even bothering to see *what* the authority validated. A CA can't reasonably out that serveirc.com is going to try to impersonate paypal.com. They can revoke that certificate upon reporting abuse and such. The CA and DNS can do things to prevent sheningans like paypa1.com or more clever unicode things, but at some point the user *has* to validate some part of the UI that *isn't* totally controlled by the site operator.
Per the example in the article, evidently there are people that don't look at the location bar at all if they see the lock. This means users need to understand that the padlock just means the identity is verified, but they have to decide if that identity matches what they were expecting.
Actually, I do, since many "corporate" projects are by-products of doing something else.
I think these specific two are pretty much as presented, projects that are the core of the business of the two groups and they are also the meaningfully core contributors. In terms of generically companies gaming commits for the sake of marketing material, that certainly happens in particularly buzzword compliant projects. I have seen for example IBM, RedHat, and Canonical all put github contributor statistics into marketing slides for certain high profile projects.
For all but the most famous open source projects (and even many of those), the project is 99% 2-6 people working at a particular company.
I have no reason to doubt those company's assessment that they are the real driver behind the project. However if they were fee based then no one would have even looked at them in the first place.
2. Also 'cover your ass' support. RedHat certainly provides support, but of the clients I know personally that pay for RedHat, most of them never need the support, but the expense is justified 'just in case' something should happen.
I don't think it killed the model, but something like redis would never have been a viable commercial endeavor, open source or not.
Back in the 90s, you could make a business out of 'just a datastore' (e.g. Oracle). In the last decade or so, that's just not enough, the field is too well explored, there are plenty of options, and if you hate them all implementing a new one from scratch isn't that difficult if it comes to it.
redis labs might be doing solid enough work, but it just isn't enough. I see a lot of this in the industry 'my software I give away for free is really popular, but why can't I monetize it??' Too often they believe if they just closed source and sold it it would be just as popular but making them rich, but that's just not in the cards for most of these projects. I see plenty of commercial software flop, but generally it is more obscure because the monetization as step 1 just brings death more swiftly and no one even hears of it.
There of course is the whole 'hosting without allowing on-premise' open source loophole to allow private modifications without sharing (closed by things like AGPL), but that's not the direction of the cited companies.
There's a difference between objecting to how the internals work (systemd) and getting adware in the application launcher and the lock screens getting clickbait ads and notifications saying 'buy office 365!').
In this day and age we can thank Linux in terms of hosting web apps and making Android tablets which devalued operating systems to nothing.
However you want to agree/disagree with this, it has no bearing on the desktop OS market, where none of these pressures directly manifested.
The factors that led to Windows 10 being the way it is are: -Microsoft got stuck supporting XP a *long* time after they stopped making money on it, which was an excessively unprofitable endeavor. When they tried to drop XP support in the way they had always said they would, it was a PR disaster. They did the math to compare the revenue of the rare customer that would buy an OS upgrade without a hardware upgrade to the expenses incurred in their obligation to support dead-end users and concluded it was better to 'freely' upgrade the OS software rather than get stuck supporting old editions.
-The culture of 'automated testing' and 'getting direct feedback from enthusiast' became 'scale back expensive in-house QA because it's automated away and otherwise covered by people that *paid* to be testers rather than demanding payment'.
-The wave of 'as a service' being seen as a hip and trendy thing to do, with the software vendors empowered to change whatever and the users always going for it.
No one is going to pay lots of money for an upgrade nor stand in line at CompUSA at midnight for the latest version of Windows anymore.
In absolute terms, that was never many people, it's just the total PC market was also small and mostly comprised of aggressive enthusiasts. As PCs became more and more mainstream, the proportion of the target market comprised of enthusiasts decreased and the money became about people who would never bother to do such a thing.
In the broad sense, physically close teams trump remote teams. For the 'meetings are unnecessary', I'll presume you exempt ad-hoc meetings from your statement (else why be local?)
However, in the context of a gitlab sort of product, a distributed team means you are having to eat your dogfood and have a very built-in sense of what would make the product better for the target market.
By the same token, if you told me there was one team that only ever saw each other face to face and another that was always doing online meetings, and the product was conferencing software, I would wager that the distributed team would do that better as well.
Driverless cars that know how far they are from the curb without looking
A car can't get out of measuring the environment directly. Even with position data, the 'map' would be inevitably out of date a lot of the time. It wouldn't be able to account for debris in the road, or workers temporarily painting new lines on the road, all that stuff.
Sure, other applications are there, but I don't think self-driving cars are in as dire need, since they must gather contextual data directly either way.
Galileo is purportedly accurate to 1 cm (for 'commercial service') but even the unencrypted signal is accurate to 1 meter. GPS to 5 meters.
When driving, the GPS receiver is generally correcting by snapping you to a road. Most people using GPS have probably experienced the software guess wrong about whether you took an off-ramp or not. This accuracy would not exhibit that sort of mistake.
When in my house, my GPS shows me as maybe in my house, maybe in the yard, maybe in my neighbor's house. It really doesn't know.
Do I need that precision? I don't know but I certainly could notice it.
So back around 2000 or so, there was all sorts of bitching and moaning about cable operators giving gobs of channels no one needs. At the time the call was: 'Give us a la carte!'
So now we have a la carte, the cry is 'put it all on one service, but don't charge a lot for it!'.
I personally would love a federated, unified interface to content that spans services, and wouldn't mind paying 'a la carte'.
Of course as it stands the content holders ownership is pretty random. People have to give money to Disney, whether they are really wanting some Star Wars sort of experience, or comic action movies, or animated kids movies. Thematically the link is not particularly correlated with who takes money for what sort of content...
Note that there have been overtures of starting to have a multi-platform.Net 'core'.
In the short term, it's to try to get MS relevance in the 'server' space, by catering to the 'demand' for Microsoft non-gui software on Mac and Linux (I have no idea who that would be personally, but MS at least hopes the market is there).
For now they are half-hearted and are holding back any GUI support, but I wouldn't be surprised if they brought over some of that to squeeze out just a few more percent for the total addressable market for O365.
They'd obviously much rather people be on Windows (it's still a healthy revenue stream, and also it is as others have said an advertising platform for O365 and therefore Windows is an advantaged place to try to get attach), but they stand ready to infest other platforms if they think it'll fit their interests.
I would say that in theory you can be perfectly productive when using (or at least claim to use) any of those things, but almost certainly not if a consultant teaches you how.
Eh, one person *can* (and I would argue that security has to be pervasive, not bolting on a security team). Of course having good generalists is expensive, and businesses chasing DevOps are usually doing so to reduce staff expense, so it is correlated with reduced skills too.
In practice though, I think the bigger issue is the rush to cloud hosting. It has caused teams that suck at security to expose their services to the global internet, when formerly they were limited to private networks on premise (not a good intentional security strategy, but it does at least mitigate the risk).
However, it's *much* easier to do rsync or sftp in so many ways that I could hardly see a reason to bother with ftp and trying to bolt on security through kerberos and/or tls.
Slashdot Mirror
you are probably spending a few hundred dollars per month more on repairs, updates, etc. that the renter isn't
A renter is paying for every cost incurred by the owner of the house, through their monthly rent.
Essentially any argument that can be made for rent being 'cheaper' is going to fall into the trap that your landlord is not doing things out of the kindness of their heart and taking a loss, they are passing on costs to you.
If you stay still, it becomes worse over time, as rent goes up with market pressures. My insurance and tax may fluctuate, but when I had a mortgage payment, it would only change in ways I wanted it to. Also, I paid it off so there's actually a light at the end of the tunnel with mortgage.
In general there is a huge movement to say 'renting is better for everything!' which benefits people who actually own stuff and not so much the people stuck with no equity and held hostage by property value changes moving rent on a whim.
Renting can make sense for certain things where your use is so infrequent or there is some way economies of scale work to make it make sense, rarely is it the case that one's home is in that realm.
Of course in an outsourcing SSO situation, the EV SSL would similarly indicate the provider, *not* the financial institution...
Incidentally, at least in firefox, the 'slashdot.org' is in bold already.
Of course, other than financial companies themselves, not a whole lot of EV SSL sites. For example, not even Amazon bothers to do EVSSL.
I would argue that making those details more prominent wouldn't really improve the situation. The problem is that users may barely glance for a padlock, but otherwise focus on the content area to see if it 'looks right' despite the fact the content area is totally under the control of the site operator.
User has to look at the location bar (which the operator can't control) and putting *more* information in it is going to probably make people even more likely to not bother.
Perhaps a different icon, a padlock says 'secure', need something to suggest protected/confidential link rather than a secure link.
There may be flaws in the CA system, but this article isn't really related.
The problem is that users aren't even bothering to see *what* the authority validated. A CA can't reasonably out that serveirc.com is going to try to impersonate paypal.com. They can revoke that certificate upon reporting abuse and such. The CA and DNS can do things to prevent sheningans like paypa1.com or more clever unicode things, but at some point the user *has* to validate some part of the UI that *isn't* totally controlled by the site operator.
Per the example in the article, evidently there are people that don't look at the location bar at all if they see the lock. This means users need to understand that the padlock just means the identity is verified, but they have to decide if that identity matches what they were expecting.
Actually, I do, since many "corporate" projects are by-products of doing something else.
I think these specific two are pretty much as presented, projects that are the core of the business of the two groups and they are also the meaningfully core contributors. In terms of generically companies gaming commits for the sake of marketing material, that certainly happens in particularly buzzword compliant projects. I have seen for example IBM, RedHat, and Canonical all put github contributor statistics into marketing slides for certain high profile projects.
For all but the most famous open source projects (and even many of those), the project is 99% 2-6 people working at a particular company.
I have no reason to doubt those company's assessment that they are the real driver behind the project. However if they were fee based then no one would have even looked at them in the first place.
2. Also 'cover your ass' support. RedHat certainly provides support, but of the clients I know personally that pay for RedHat, most of them never need the support, but the expense is justified 'just in case' something should happen.
I don't think it killed the model, but something like redis would never have been a viable commercial endeavor, open source or not.
Back in the 90s, you could make a business out of 'just a datastore' (e.g. Oracle). In the last decade or so, that's just not enough, the field is too well explored, there are plenty of options, and if you hate them all implementing a new one from scratch isn't that difficult if it comes to it.
redis labs might be doing solid enough work, but it just isn't enough. I see a lot of this in the industry 'my software I give away for free is really popular, but why can't I monetize it??' Too often they believe if they just closed source and sold it it would be just as popular but making them rich, but that's just not in the cards for most of these projects. I see plenty of commercial software flop, but generally it is more obscure because the monetization as step 1 just brings death more swiftly and no one even hears of it.
There of course is the whole 'hosting without allowing on-premise' open source loophole to allow private modifications without sharing (closed by things like AGPL), but that's not the direction of the cited companies.
There's a difference between objecting to how the internals work (systemd) and getting adware in the application launcher and the lock screens getting clickbait ads and notifications saying 'buy office 365!').
In this day and age we can thank Linux in terms of hosting web apps and making Android tablets which devalued operating systems to nothing.
However you want to agree/disagree with this, it has no bearing on the desktop OS market, where none of these pressures directly manifested.
The factors that led to Windows 10 being the way it is are:
-Microsoft got stuck supporting XP a *long* time after they stopped making money on it, which was an excessively unprofitable endeavor. When they tried to drop XP support in the way they had always said they would, it was a PR disaster. They did the math to compare the revenue of the rare customer that would buy an OS upgrade without a hardware upgrade to the expenses incurred in their obligation to support dead-end users and concluded it was better to 'freely' upgrade the OS software rather than get stuck supporting old editions.
-The culture of 'automated testing' and 'getting direct feedback from enthusiast' became 'scale back expensive in-house QA because it's automated away and otherwise covered by people that *paid* to be testers rather than demanding payment'.
-The wave of 'as a service' being seen as a hip and trendy thing to do, with the software vendors empowered to change whatever and the users always going for it.
No one is going to pay lots of money for an upgrade nor stand in line at CompUSA at midnight for the latest version of Windows anymore.
In absolute terms, that was never many people, it's just the total PC market was also small and mostly comprised of aggressive enthusiasts. As PCs became more and more mainstream, the proportion of the target market comprised of enthusiasts decreased and the money became about people who would never bother to do such a thing.
In the broad sense, physically close teams trump remote teams. For the 'meetings are unnecessary', I'll presume you exempt ad-hoc meetings from your statement (else why be local?)
However, in the context of a gitlab sort of product, a distributed team means you are having to eat your dogfood and have a very built-in sense of what would make the product better for the target market.
By the same token, if you told me there was one team that only ever saw each other face to face and another that was always doing online meetings, and the product was conferencing software, I would wager that the distributed team would do that better as well.
Driverless cars that know how far they are from the curb without looking
A car can't get out of measuring the environment directly. Even with position data, the 'map' would be inevitably out of date a lot of the time. It wouldn't be able to account for debris in the road, or workers temporarily painting new lines on the road, all that stuff.
Sure, other applications are there, but I don't think self-driving cars are in as dire need, since they must gather contextual data directly either way.
Galileo is purportedly accurate to 1 cm (for 'commercial service') but even the unencrypted signal is accurate to 1 meter. GPS to 5 meters.
When driving, the GPS receiver is generally correcting by snapping you to a road. Most people using GPS have probably experienced the software guess wrong about whether you took an off-ramp or not. This accuracy would not exhibit that sort of mistake.
When in my house, my GPS shows me as maybe in my house, maybe in the yard, maybe in my neighbor's house. It really doesn't know.
Do I need that precision? I don't know but I certainly could notice it.
So back around 2000 or so, there was all sorts of bitching and moaning about cable operators giving gobs of channels no one needs. At the time the call was:
'Give us a la carte!'
So now we have a la carte, the cry is 'put it all on one service, but don't charge a lot for it!'.
I personally would love a federated, unified interface to content that spans services, and wouldn't mind paying 'a la carte'.
Of course as it stands the content holders ownership is pretty random. People have to give money to Disney, whether they are really wanting some Star Wars sort of experience, or comic action movies, or animated kids movies. Thematically the link is not particularly correlated with who takes money for what sort of content...
Note that there have been overtures of starting to have a multi-platform .Net 'core'.
In the short term, it's to try to get MS relevance in the 'server' space, by catering to the 'demand' for Microsoft non-gui software on Mac and Linux (I have no idea who that would be personally, but MS at least hopes the market is there).
For now they are half-hearted and are holding back any GUI support, but I wouldn't be surprised if they brought over some of that to squeeze out just a few more percent for the total addressable market for O365.
They'd obviously much rather people be on Windows (it's still a healthy revenue stream, and also it is as others have said an advertising platform for O365 and therefore Windows is an advantaged place to try to get attach), but they stand ready to infest other platforms if they think it'll fit their interests.
While the other distros have systemd in the repository, it doesn't actually run under WSL.
So while this one is unambiguously systemd-free, the other distros are effectively systemd-free while under WSL.
Working around the systemd-isms without being able to run systemd has been a big part of the whole WSL endeavor.
None of those uses suggest I even vaguely need to refresh my device that's a few years old.
I will be quite sad if I do need to replace my tablet and the market is gone.
I would say that in theory you can be perfectly productive when using (or at least claim to use) any of those things, but almost certainly not if a consultant teaches you how.
Eh, one person *can* (and I would argue that security has to be pervasive, not bolting on a security team). Of course having good generalists is expensive, and businesses chasing DevOps are usually doing so to reduce staff expense, so it is correlated with reduced skills too.
In practice though, I think the bigger issue is the rush to cloud hosting. It has caused teams that suck at security to expose their services to the global internet, when formerly they were limited to private networks on premise (not a good intentional security strategy, but it does at least mitigate the risk).
I also recall back in the day a wave of vulnerabilities to escape the anonymous ftp folder and get other things...
All this is true, ftp *can* be done secure.
However, it's *much* easier to do rsync or sftp in so many ways that I could hardly see a reason to bother with ftp and trying to bolt on security through kerberos and/or tls.