At most conferences I go to, you can always rely on one or two others to have a DVI to SVGA cable handy if you forget it, but usually you're SOL if you need the latest version of Keynote. I feel superior at these conferences.
Not at OSCON. At my two talks, I had about 90% Macs in the audience. The amount in the hallways was a bit higher. I bet in the unlikely case that my Mac died, I could have asked for a replacement laptop with the latest Keynote and got more than one offer in either talk. Obviously, I was not as l33t as normal, and this is unacceptable. Maybe a nice black MacBook Pro would be a good choice for fashion victims like me. Apple, you listening? 15" Aluminum Powerbooks are too plebian!
Short story, though - In the highly desirable "O'Reilly geek" segment, Apple has won. Yay!
All I did was try to enter the US on my existing E3 visa. Because I apparently can't enter on that visa unless I'm working for the employer during that trip, you can't enter on the E3. You need to be on the visa waiver program, not the E3. WTF? It's a visa! It's far, far harder to get than the VWP.
So I was made to fill out the visa waiver form, and by the time I got back, I found myself on the watchlist. Do the USA really want me to come live in the US and work towards their GDP? Or not?
I'll find out in the next three weeks what it exactly means to be on the watchlist. I'm flying all over the country, so if it does take more time, I will be REALLY pissed. If it means I get stopped in Australia, then I'm going to be REALLY REALLY pissed, as it's completely bogus. I had committed no crime:( Not in the USA, not in Australia.
Andrew
ps. My day job is security. This is security theatre. The folks who run the TSA should be ashamed of themselves. They are no friends of the security industry.
I write the OWASP Guide, which is used by basically everybody as the standard for web application security, and is the official standard of Visa, many governments, and so on.
She talks to CSO's who mostly are bean counters. They see money down the drain from patching. I agree with them - patching is inefficient and wasteful. But it's necessary as Oracle builds crap, buggy and insecure software. They are easily five+ years behind Microsoft in churning out safer software. Buffer overflows, high privilege accounts, public access to highly privileged library functions - all this stuff is easily 10-15 years old and should not be in Oracle 10g, but it is.
Oracle has time and time again outright refused to get on board with a secure coding program, often fixing just the little bug which gained root privileges, exposed all your data, or destroyed the database outright. Instead, they should be searching for all those types of bugs and fixing them in one hit. Davidson has more than enough time to address the root cause
She is holding software up to the standards of bridges. Bridges have tolerances and over-design built into them. Most software does not. Often to make artificial deadlines made by beancounters, software is shipped with bugs. Often the bugs are not found for some time and requires researchers to go find them. If it's not researchers, its the commercial 0day crowd. This is where Davidson shows she is an amateur and must be replaced. It's best for HER customers to be secure, and that means shipping secure software. Shipping insecure software does not prevent the 0day houses from creating exploits. Oracle's reputation as a solid data partner is worthless if we lose all our data to an attacker because Oracle suppressed the news from us, rather than fixes the problem.
It is simply unachievable to build bug free software for a reasonable cost. What is required is care, developer training in secure software techniques, and defense in depth. That is our tolerance and over-design. Oracle is sadly lacking. She has had five years to get their developers onto a program of building this into their platforms, and she's failed miserably. I will be interested to hear what standards they use, and if it's mine (OWASP Guide), or if they do their own based upon ours, or use Microsoft's.
I've called for her to step down more than once. When she attacked the good name of David Litchfield and NGS Software, I was outraged - this was like shooting the messenger that their "unbreakable" software was pure crap, which we already knew - but now know through his unstinting efforts that it is truly appalling and not fit for purpose.
If this latest "push" for too little too late does not work out, she should be sacked by the Oracle board for the good of all Oracle shareholders and customers. She's had more than enough time to make a positive change, and should make way for someone who really understands security.
I do code reviews for a living. It requires finding the "abscence" of something, and looking for the data flows.
I want coders to stick to coding standards, and work on what's important: the code as a representation of the architecture. I don't want them thinking about the last 25 lines of code. I'm sure many are proficient at using vi and emacs (I am proficient at vi, for example), but it's about 25 years behind the times when it comes to efficiency, particularly when dealing with very large projects.
Builders are trained from apprecentices to masters, during which time they are taught to be familiar with all forms of tools, not just the power (ie "IDE") tools du jour. It's important for a builder to be familiar with a hand saw, you want them to be proficient and safe with a power saw.
We need to set up a (de-)centralized place for spammers to check the "do not intrude" list without blowing their cover or exposing e-mail addresses, and a totally anonymous decentralized categorization effort without causing any harm to innocent bystanders (such as Tucows or Typepad).
In Australia, we have Gold Class Theatres, run by Village Cinemas. They've really thought about what it is to go see a film as an adult, and it really works. Most of the time, the Gold Class sessions are full, so it is working.
You book your seat online before arriving, so you know where you're going to sit, and no queues. You can pick up your ticket from an ATM style thing out the front if you want to get it quickly, or you can go in and pick it up whilst you're ordering your goodies for the film.
You can order hot food, pizzas, cakes (including creme brulee and lemon tarts... even choc top ice creams - but adult flavors like rum n raison and dark chocolate), champagne, wine, beer, decent cafe quality coffee, coke (if you must) to be delivered to you seat during the film, which is placed on a little table between every two seats... which has an inbuilt ice bucket. As there's so few seats, the waiters do not have to lean over someone else or squeeze past hundreds of others to give you your stuff.
They have 30 or so reclining armchairs in a small theater with a smallish screen, but top notch acoustics and audio gear, usually not too loud (although Return to the King was painfully loud).
There's heaps of space between you and the next person in any direction. Even if you're laying down flat and Sideshow Bob is in front of you, you can still see the screen.
As the tickets cost $25, and the food aint cheap, it keeps the plebs and kids away for the most part. Sure I spend like $60 or $70 going out to see a film, but it's been an enjoyable experience, no brats, great food and beverages and I've felt like I got my money's worth.
So quit whining about crap theaters, and ask for your own Gold Class theaters!
Now if only they make more films like Amerlie and The Life Aquatic with Steve Zissou and less shit like Date Movie, I'd be inclined to go to Gold Class more often.
All of the major science done in space has been and will continue to be robotic.
I'm sure we gained something from manned missions, like the moon missions which gave us a truly global perspective and a few hundred kilograms of basalt and dust. But nothing on the scale of Mars Pathfinder (amazing geology studies), Mars Express (found water on Mars, high resolution 3D topography), the Spirit and Opportunity rovers still going strong on a shoe string budget, Cassini's new discoveries around Saturn, Hubble's burst of cosmology studies unparalleled in human history, and the SOHO space craft watching our sun. Not to mention Voyagers' incredible 30 year journey through our solar system which is still giving us science on the termination shock at the boundary of our solar system, again on the tiniest of budgets. We have the opportunity to go on a trip to Pluto and the Kuiper Belt starting in January and the Europeans are likely to launch the Venus Express soon which will do for Venus what the Mars Express has done and give us valuable insight into the worst case of runaway greenhouse effect in the solar system.
What have manned space missions done? Not a great deal. This is the most boneheaded decision from an administration renowned for some truly stunning clunkers.
Or we could cancel the wasteful LEO human spaceflight and redirect funding from redesigning a finger of a single glove to keeping all these robotic missions alive, and fund and create missions which are too hazardous for astronauts to safely go to.
We learn nothing by circling the planet a few thousand times. We learn basic cosmic science from robotic missions at a fraction of the cost. NASA's priorities are all wrong.
There are some things OSS is good at, and there are some things that Microsoft is good at. Exchange is one of them.
Ask your business what its objectives for the new system are. Keep these in mind when you select products and design a solution.
Now back to solution mode. You can have a minimal three site AD and Exchange system set up in less than a day from bare metal servers. As long as you have adequate bandwidth (about 64 kbit/s will do for minimal acceptable performance for 100 users), it just works. Just add users.
Win2003 AD is fairly robust if you make mistakes with topology design, but honestly, with such a simple setup, just go political structure in OUs in a single domain, single forest AD, with three sites. Exchange will work it out.
Once you have it working, AD and Exchange are very deep products, and it will pay to learn about the zillions of features. But by default, you can set and forget.
No matter which platform or choice, keep up to date with patches and secure lockdowns.
Essentially apologetic about the lack of testing. Test driven development is not a philosophy, it's a way of doing. In a perfect company environment, you'll never be blamed for breaking someone's code - but in most places the idea is "he made me look bad". Peer reviews never work out properly. This is why FOSS is turning out more secure and clean code.
Absolute rubbish. Not testing != good, clean code. I spoke on this topic at linux.conf.au a few years ago. I noted then, and I'll note it now, that OSS authors are better than average coders, but awful testers. Do this exercise:
1. Grab any C or C++ foundry tarball from Sourceforge. 2. Type
make check
What happens? I reckon in more than 99% of occasions, absolutely nothing. Not testing is not good enough.
For a good example of this in action, phpBB is free and open source software, licensed under the GPL. It has security bugs coming out of its ears. What it needs is a good quality code review.
I do these for a living, and they are definitely worthwhile. The software I help maintain (XMB) used to be like phpBB - buggy, insecure, and slow. Now it's just somewhat buggy and a bit slow.
Windows XP's kernel is a modified microkernel design. Most people are unaware of this, but it means that the vast majority of the code your applications call are also running in user space. For example, on Windows 64 machines, there's a Windows 64 environment, a Windows 32 (WoW64) environment, and so on. In the olden days, there were DOS VDMs, POSIX, and OS/2 sub-systems.
Not every Windows or Linux driver is kernel-space, but most are.
However, with adequate testing, crashes due to buggy drivers are rare. If you choose to run crap drivers, of course you'll see problems. Including on
We *have* to fly long distances to get anywhere. Anything to make the flight a little shorter or have a bit more room will be good.
I would have preferred the Boeing SST as it would have cut two to six hours off every major destination Australians travel to - LAX (2 hours) through London (six hours off a 24 hour flight).
Most legs out of Australia are over 12 hours long (Singapore is the shortest at 8 hours, SFO to MBL the longest at around 16 hours on a single leg).
But this will do... as long as we're allowed out of our seats. I find it hard to stay strapped in all the time on long haul, so they better have a method to make it comfortable for the longest flights, like good bed seats or similar.
But the 2d drivers would also cause problems with Windows. So any video problem in Windows could bring down the whole OS.
All video output in Linux has at its core, kernel space drivers.
For example, the text console is a kernel level driver. It could crash your machine. Unlikely, but true.
The frame buffer console. ditto
X11 ditto.
Normal user space programs do not get a chance to arbitrage the PCI bus, interrogate the device tree without the kernel's help, program the GPU, nor control FIFO queues. X11 does, whether in 2D or 3D. X11 can (and does - particularly in development mode) hard lock your machine so bad, you have to pull the plug from the wall. I know, as I've done it several times during the period when I was an X11 developer.
It's all in the code, which often looks like this:
Yes, it really is peeking and poking bytes in the RAMDAC's physical memory. Do it wrong, and you can kill monitors, video cards, and in some cases machines. Most likely outcome is a hard lock.
Sorry to rain on your parade, but do you think when Linux programs use the syscall interface (int $80), that it's not in ring 0 on x86 architecture?
Or magically, on MacOS X on the PowerPC, drivers running stuff are running in userland? The Mach-FreeBSD port (darwin) runs drivers in the kernel space, and they are free to overwrite any physical or logical memory address, just as on every other operating system... with the possible exception of Hurd or the original Mach.
From the I/O Kit Device Driver stuff:
If your software is a driver for a disk, a network controller, or a keyboard, it should reside in the kernel.
I'd say that a video card has to be in that category as well, despite the I/O Kit being able to do many things in user land. Quartz simply demands the 3D card to be accessible in kernel land as the transition time is too high for a userland process.
NT has a similar mechanim to the I/O Kit's high level framework, but instead of being OO, it's inherited from VMS and is called deferred procedure calls, where time critical things like interrupt service routines handle the low level stuff like dequeuing buffers before handing the major work to a Win32 service. Serial and USB drivers work like this, for example.
At least in MS-land, the driver certification test suite can torture test the driver to all sorts of corner cases. It takes a fair amount of effort to get a driver properly certified for XP or 2003, but once done, I've never (in 13 years!) seen a certified driver blue screen a box.
I've looked after hundreds of servers and thousands of desktops since 1995 when I first deployed NT (rather than just for my personal use). I forced the issue of certified drivers for desktops in one build of our SOE, and it dropped help desk calls a bit as the machines simply didn't crash any more.
So basically, both Apple and Microsoft made a design decision to speed the performance of their operating systems. Linux is still in the dark ages - all device drivers... except for portions of USB... are kernel space on every architecture and Linux has no driver test suite.
I know this stuff because if you look through the XFree86 credits for the Matrix Millennium drivers, you'll see my name.
They did - it's called NT. It's the kernel under XP, and bears no resemblence to the shim known as Windows 9x/Me.
I remember a few years ago when I was running NT 3.51 on my dual processor HP workstation just how nice this nice shiny new OS is. I can format a floppy and I can still do other things. Before NT, it took an Amiga to do that. In the Linux of the day, well I could use mformat or dd and zero out the sectors in preparation for a tar, but there was no UI for either and both were relatively arcane.
The level of transparency in XP running old apps makes Apple's half-baked approach look amateurish.
I bet when Avalon comes out, you're going to complain that it's not available on Windows Me or 2000, or why Microsoft is forcing developers to abandon their code and start over again. MS can't win on slashdot.
No, Arwen's original relationship with Aragorn was important and symbolic of the risks and meaning of the whole story but the version of it put on by Jackson was shit from start to end. It made no sense, was boring and intrusive and involved mangling Elrond's character to the point where one had to wonder if Jackson had ever actually read any of Elrond's parts in the books.
The version in the movie is fairly close to the Aragon and Arwen appendix, and even closer in many ways to the Beren and Luthien chapter in the Silmarillion, both of which influenced Jackson's/Boyen's script.
If Tolkien had been a better writer, I'm sure that his primary love story would have been included in the primary text, rather than sitting in an Appendix which hardly anyone reads, or in a book so inpenetrable that even I have yet to read all of it.
Go read these two chapters - they're not long and they're worth it. But then again, that's not the Slashdot way, is it?;)
You know what? It really doesn't matter which you choose.
What does matter is the Sarbannes-Oxley and HPIAA acts, and think like as if your data was in there.
Patient privacy is all important, and that's 100% about process and 0% about technology.
Spend the time to create the system properly.
Think about the entire lifecycle - architecture - design - testing - coding - SQA - Security / UAT / SIT - Deployment
These things are important. Do not fall into the waterfall lifecycle methodology - it's simply too hard to deliver secure code using it with excessive caution on the risk front. Use an agile process instead.
When you come to the coding aspect, the tools are far more mature on the.NET side of things, and once Visual Studio 2005 is out, it's a complete no-brainer. Eclipse is the best development tool for J2EE apps and has excellent support for testing, in-code doco, and refactoring..NET is far, far faster to develop simple applications, but they're roughly equal for more complex applications.
In terms of security, both are reasonably secure unless you decide not to be. I heartily recommend the "Writing Secure Code" book by Howard and Le Blanc, and of course look at OWASP's output.
I train developers to write secure code all the time. My main advice is to Think Evil(tm). What could you do to subvert the code you're writing.
Go to the place you're writing for - most of the time, it'll be terminals in semi-public spaces. Look at how the staff just leave the computer unlocked, and yet how well they look after the paper records. I don't know why this is, but you as a designer MUST cope with this human behavior. There is no class in.NET or J2EE for this.
For cost reasons, if you're a Windows shop, you should go down the.NET path. If you're a mixed "one of everything" shop (like nearly every hospital I've ever worked in), spend the time doing a comparitive study. If you're going to sell to other health care institutions, stick to.NET.
The primary reason for security failure, availability failures, and other cockups is human fallability. If your code is the difference between a manual process which is (say) 40% slower than the automated version, that's 40% of patients who cannot be dealt with during an outage. People could die. You MUST be servicable and supportable. Your in-house skills dictate this choice, not platform or one-eyed "X is crap" choices. You could be the one or two that die.
As for reliability of the platform, in my experience, both are equal in the hands of well trained staff. J2EE is more memory hungry... but RAM is cheap..NET is faster for numerical computation, and database access (particularly to ADO.NET native providers like SQL server), but most health care apps are data driven, not computationally driven.
As you point out, Java is cross-platform, but in my experience with several large scale applications is that developers get lazy and tie you to middleware instead. Some of that middleware is not platform independant, and you're stuck on a crazy combination of platforms occasionally. Also, unless the developers use Windows to develop and test, and Unix to develop and test, it's 99% certain that the code will not just run on the other platform. This is true between deploying (say) AIX on Websphere and Linux using Tomcat just as two examples.
Unless portability is more important than all other business drivers, do not include it in your list.
The rest will fall into place. You could satisfy my top 3 health business drivers in Coldfusion or PHP. It's not about the technology. Decide on your patient's needs, not yours.
No, the analogy is as good as any analogy can get - I choose Dremel tools as they do an excellent job for me. I choose BMW as they are an excellent drive and pleasant to be in, not because they are expensive. If Kia sold a car for as much as a BMW, then it still wouldn't be as good as they don't have a clue about road handling, suspension tune, steering feel, and so on. And plus you can only use one tool or car at a time. Therefore, the analogy is apt. Plus Word is expensive compared to the "competition" - but it costs less than half a day of my billing time, so my ROI on Word is excellent.
What's so hard with highlighting the text you want to be list / bulleted, and clicking the sort of list you'd like to create? It's worked like since I started using Word on the Mac in 1987. Or using the new Styles pane and clicking the style you're after? It's fast and intuitive, just as it was in Frame 3.0 back in the early 1990's.
The only thing Word 2003 is missing from Frame is trivial long document support (1400 page book? No problems in Frame) and well, frame support that doesn't suck.
This is like saying "Let's kill off Dremel tools because they are too good. Here have a cheap imitation instead". Or "Let's kill off BMW. Have a Kia instead."
Build me a better (compatible) mousetrap and maybe I'll consider it. I doubt it. Frame was a good choice but Adobe did a Computer Associates to it and neglected it agressively. So Frame is dead, long live Frame.
Until there are actual competitors who are:
a) as good as Word b) productive as Word c) has the advanced revisioning and editing features as Word d) can collaborate with my colleagues as well as Word (say for example, Team Editing features) e) all my clients have it f) * just works *
the people who make such suggestions can make sweet love to a chainsaw... sideways.
Carriers are notorious at bad security, particularly on PVC's and other "private" links. You enter this cloud and they claim it's secure.
Going over the Internet is no different than using a modern frame PVC or ATM link, particularly if you're using C&W infrastructure as their GIN architecture *is* the Internet with VPNs over it.
Properly risk assessed, and with appropriate key management, going over the Internet has only one major failing - quality of service. If you can work around that by using multiple providers, there is nothing really wrong with using the Internet as a transaction medium.
I have over 700 CDs, and on average buy about 60 or so a year. I do not copy my CDs and I have no copied CDs as I respect intellectual property and feel that artists should be appropriately rewarded for their hard work.
However, after ill-advisedly buying a copy prohibited disk (Norah Jones), I had to get my car serviced to get the disk out. This cost me a morning of my time, and $70, plus I have a disk I can't use and couldn't return as Borders felt that I had copied it, even though I showed them the VW dealership receipt.
Norah has released a second album. I will not be buying it. I will not buy any copy prohibited disks. Ever. Not even if you pay for my lost time and my bills to get my stuff repaired when playing music I legally bought and used in usual fashion.
I look after pnm2ppa, which is a print processor to convert pnm image bitmaps from Ghostscript to PPA, which are HP's worst ever printers. Ever. They are so dumb, they make Bush look like a Mensa candidate.
When I first came to the code, it was written by someone who thought they knew better than the compiler, and structured the code accordingly.
We had hand-unrolled loops, unusual and rampant use of the "register" keyword, the occasional volatile, and strange padding in structures to try to align the data to what he thought the processor would use. There were arithmetic "if"'s, nasty pointer usage, throwing away type information (ie casting to void *), and strange methods of going through the data.
When I hand simplified all the code, it went about 15% faster. In inner loop case, over 100% faster by re-rolling a single inner loop because the person who unrolled it didn't understand how branch prediction worked and even less about large data structure walking and L1/L2 cache interaction. gcc 3.3 improved the performance of the code by about another 15%.
But you know what made the biggest change? A simple replacement of floating point gamma correction with a lookup table ordered in the simplest possible way. That shaved literally 30+ seconds off every page render on my PIII/800.
And you know what? The new GLUT is shorter and more readble, and is easier to tune for color correct output. It costs about 4 MB of RAM.
Assembly has no place in the modern day programmer's skillset. Humans do not know how to schedule instructions properly. They do not know how branch prediction will work unless the data they use is static. They should not waste their time on understanding the difference in L1 cache strategies (which are wildy different in the x86 families and AMD Opterons). They cannot work out how to best keep the data pipeline full on a wide range of processors. But you can help compilers work this out for you by:
* Design the system in the correct way first time - what do you actually need to do? Don't do anything else * Learn and keep up with the best generic algorithms for a wide range of activities (such as sorting, arrays, dictionaries, etc) and keep a library of well tested and bug free examples
* Write simple, clear, maintable code * Never, ever, ever throw away type information * Never, ever, ever throw away data aliasing * Never, ever, use the "register" keyword * Never use "volatile" unless you know why you need it * Document tests, data and code properly. This pays off big time every time you come to add new features or fix old ones
Lastly, program like a software engineer not a cowboy. Code must be correct then fast. Not fast and wrong.
SARA is akin to MSBA and similar tools (some free, some not).
Microsoft publishes extensive security checklists for various roles, and automates this process for the most likely deployment scenarios via the IIS Lockdown tool and local / group policy templates. You can manage a large fleet of computers using Group Policy in AD, so your lockdowns quickly apply to all computers, not just one.
Nessus scans at the network level and works acceptably to find most Windows network-based vulnerabilities. I use Nessus myself when doing vulnerability assessments as a shortcut / initial pass. Nessus is not good at finding configuration or local user weaknesses..NET supports sandboxing similar a chroot jail if an application asks for it. Windows supports junction points, which can be used (but I've never seen used) to contain a particular application to a particular volume (which could be a virtual device, or similar).
However, in Windows, the use of ACLs, low privilege service accounts, and utilizing fine grained privileges replaces big ass isolation required by Unix-like operating systems simply because most Unix-like OSs don't have this level of security architecture or fine grained access control.
I don't use SAINT, so I have no comment on that.
Just because an OS is different or you personally don't have knowledge of lockdowns, doesn't make another OS insecure. It requires bad coding practices and poor configuration to do that. Thanks to Windows' popularity, there's more than enough of this to go around.
Slashdot Mirror
At most conferences I go to, you can always rely on one or two others to have a DVI to SVGA cable handy if you forget it, but usually you're SOL if you need the latest version of Keynote. I feel superior at these conferences.
Not at OSCON. At my two talks, I had about 90% Macs in the audience. The amount in the hallways was a bit higher. I bet in the unlikely case that my Mac died, I could have asked for a replacement laptop with the latest Keynote and got more than one offer in either talk. Obviously, I was not as l33t as normal, and this is unacceptable. Maybe a nice black MacBook Pro would be a good choice for fashion victims like me. Apple, you listening? 15" Aluminum Powerbooks are too plebian!
Short story, though - In the highly desirable "O'Reilly geek" segment, Apple has won. Yay!
Andrew
All I did was try to enter the US on my existing E3 visa. Because I apparently can't enter on that visa unless I'm working for the employer during that trip, you can't enter on the E3. You need to be on the visa waiver program, not the E3. WTF? It's a visa! It's far, far harder to get than the VWP.
:( Not in the USA, not in Australia.
So I was made to fill out the visa waiver form, and by the time I got back, I found myself on the watchlist. Do the USA really want me to come live in the US and work towards their GDP? Or not?
I'll find out in the next three weeks what it exactly means to be on the watchlist. I'm flying all over the country, so if it does take more time, I will be REALLY pissed. If it means I get stopped in Australia, then I'm going to be REALLY REALLY pissed, as it's completely bogus. I had committed no crime
Andrew
ps. My day job is security. This is security theatre. The folks who run the TSA should be ashamed of themselves. They are no friends of the security industry.
I write the OWASP Guide, which is used by basically everybody as the standard for web application security, and is the official standard of Visa, many governments, and so on.
She talks to CSO's who mostly are bean counters. They see money down the drain from patching. I agree with them - patching is inefficient and wasteful. But it's necessary as Oracle builds crap, buggy and insecure software. They are easily five+ years behind Microsoft in churning out safer software. Buffer overflows, high privilege accounts, public access to highly privileged library functions - all this stuff is easily 10-15 years old and should not be in Oracle 10g, but it is.
Oracle has time and time again outright refused to get on board with a secure coding program, often fixing just the little bug which gained root privileges, exposed all your data, or destroyed the database outright. Instead, they should be searching for all those types of bugs and fixing them in one hit. Davidson has more than enough time to address the root cause
She is holding software up to the standards of bridges. Bridges have tolerances and over-design built into them. Most software does not. Often to make artificial deadlines made by beancounters, software is shipped with bugs. Often the bugs are not found for some time and requires researchers to go find them. If it's not researchers, its the commercial 0day crowd. This is where Davidson shows she is an amateur and must be replaced. It's best for HER customers to be secure, and that means shipping secure software. Shipping insecure software does not prevent the 0day houses from creating exploits. Oracle's reputation as a solid data partner is worthless if we lose all our data to an attacker because Oracle suppressed the news from us, rather than fixes the problem.
It is simply unachievable to build bug free software for a reasonable cost. What is required is care, developer training in secure software techniques, and defense in depth. That is our tolerance and over-design. Oracle is sadly lacking. She has had five years to get their developers onto a program of building this into their platforms, and she's failed miserably. I will be interested to hear what standards they use, and if it's mine (OWASP Guide), or if they do their own based upon ours, or use Microsoft's.
I've called for her to step down more than once. When she attacked the good name of David Litchfield and NGS Software, I was outraged - this was like shooting the messenger that their "unbreakable" software was pure crap, which we already knew - but now know through his unstinting efforts that it is truly appalling and not fit for purpose.
If this latest "push" for too little too late does not work out, she should be sacked by the Oracle board for the good of all Oracle shareholders and customers. She's had more than enough time to make a positive change, and should make way for someone who really understands security.
I do code reviews for a living. It requires finding the "abscence" of something, and looking for the data flows.
I want coders to stick to coding standards, and work on what's important: the code as a representation of the architecture. I don't want them thinking about the last 25 lines of code. I'm sure many are proficient at using vi and emacs (I am proficient at vi, for example), but it's about 25 years behind the times when it comes to efficiency, particularly when dealing with very large projects.
Builders are trained from apprecentices to masters, during which time they are taught to be familiar with all forms of tools, not just the power (ie "IDE") tools du jour. It's important for a builder to be familiar with a hand saw, you want them to be proficient and safe with a power saw.
http://www.greebo.net/?p=339
Ajax is wonderful, but it's not necessarily secure out of the box. I wrote about this back in February:
Ajax security presentation for OWASP
http://www.greebo.net/?page_id=329
Just because Ajax is being used should you abandon years of security knowledge.
In Australia, we have Gold Class Theatres, run by Village Cinemas. They've really thought about what it is to go see a film as an adult, and it really works. Most of the time, the Gold Class sessions are full, so it is working.
You book your seat online before arriving, so you know where you're going to sit, and no queues. You can pick up your ticket from an ATM style thing out the front if you want to get it quickly, or you can go in and pick it up whilst you're ordering your goodies for the film.
You can order hot food, pizzas, cakes (including creme brulee and lemon tarts... even choc top ice creams - but adult flavors like rum n raison and dark chocolate), champagne, wine, beer, decent cafe quality coffee, coke (if you must) to be delivered to you seat during the film, which is placed on a little table between every two seats... which has an inbuilt ice bucket. As there's so few seats, the waiters do not have to lean over someone else or squeeze past hundreds of others to give you your stuff.
They have 30 or so reclining armchairs in a small theater with a smallish screen, but top notch acoustics and audio gear, usually not too loud (although Return to the King was painfully loud).
There's heaps of space between you and the next person in any direction. Even if you're laying down flat and Sideshow Bob is in front of you, you can still see the screen.
As the tickets cost $25, and the food aint cheap, it keeps the plebs and kids away for the most part. Sure I spend like $60 or $70 going out to see a film, but it's been an enjoyable experience, no brats, great food and beverages and I've felt like I got my money's worth.
So quit whining about crap theaters, and ask for your own Gold Class theaters!
Now if only they make more films like Amerlie and The Life Aquatic with Steve Zissou and less shit like Date Movie, I'd be inclined to go to Gold Class more often.
I'm sure we gained something from manned missions, like the moon missions which gave us a truly global perspective and a few hundred kilograms of basalt and dust. But nothing on the scale of Mars Pathfinder (amazing geology studies), Mars Express (found water on Mars, high resolution 3D topography), the Spirit and Opportunity rovers still going strong on a shoe string budget, Cassini's new discoveries around Saturn, Hubble's burst of cosmology studies unparalleled in human history, and the SOHO space craft watching our sun. Not to mention Voyagers' incredible 30 year journey through our solar system which is still giving us science on the termination shock at the boundary of our solar system, again on the tiniest of budgets. We have the opportunity to go on a trip to Pluto and the Kuiper Belt starting in January and the Europeans are likely to launch the Venus Express soon which will do for Venus what the Mars Express has done and give us valuable insight into the worst case of runaway greenhouse effect in the solar system.
What have manned space missions done? Not a great deal. This is the most boneheaded decision from an administration renowned for some truly stunning clunkers.
Or we could cancel the wasteful LEO human spaceflight and redirect funding from redesigning a finger of a single glove to keeping all these robotic missions alive, and fund and create missions which are too hazardous for astronauts to safely go to.
We learn nothing by circling the planet a few thousand times. We learn basic cosmic science from robotic missions at a fraction of the cost. NASA's priorities are all wrong.
There are some things OSS is good at, and there are some things that Microsoft is good at. Exchange is one of them.
Ask your business what its objectives for the new system are. Keep these in mind when you select products and design a solution.
Now back to solution mode. You can have a minimal three site AD and Exchange system set up in less than a day from bare metal servers. As long as you have adequate bandwidth (about 64 kbit/s will do for minimal acceptable performance for 100 users), it just works. Just add users.
Win2003 AD is fairly robust if you make mistakes with topology design, but honestly, with such a simple setup, just go political structure in OUs in a single domain, single forest AD, with three sites. Exchange will work it out.
Once you have it working, AD and Exchange are very deep products, and it will pay to learn about the zillions of features. But by default, you can set and forget.
No matter which platform or choice, keep up to date with patches and secure lockdowns.
Andrew
Absolute rubbish. Not testing != good, clean code. I spoke on this topic at linux.conf.au a few years ago. I noted then, and I'll note it now, that OSS authors are better than average coders, but awful testers. Do this exercise:
1. Grab any C or C++ foundry tarball from Sourceforge.
2. TypeWhat happens? I reckon in more than 99% of occasions, absolutely nothing. Not testing is not good enough.
For a good example of this in action, phpBB is free and open source software, licensed under the GPL. It has security bugs coming out of its ears. What it needs is a good quality code review.
I do these for a living, and they are definitely worthwhile. The software I help maintain (XMB) used to be like phpBB - buggy, insecure, and slow. Now it's just somewhat buggy and a bit slow.
Code Reviews and testing make all the difference.
Windows XP's kernel is a modified microkernel design. Most people are unaware of this, but it means that the vast majority of the code your applications call are also running in user space. For example, on Windows 64 machines, there's a Windows 64 environment, a Windows 32 (WoW64) environment, and so on. In the olden days, there were DOS VDMs, POSIX, and OS/2 sub-systems.
Not every Windows or Linux driver is kernel-space, but most are.
However, with adequate testing, crashes due to buggy drivers are rare. If you choose to run crap drivers, of course you'll see problems. Including on
We *have* to fly long distances to get anywhere. Anything to make the flight a little shorter or have a bit more room will be good.
I would have preferred the Boeing SST as it would have cut two to six hours off every major destination Australians travel to - LAX (2 hours) through London (six hours off a 24 hour flight).
Most legs out of Australia are over 12 hours long (Singapore is the shortest at 8 hours, SFO to MBL the longest at around 16 hours on a single leg).
But this will do... as long as we're allowed out of our seats. I find it hard to stay strapped in all the time on long haul, so they better have a method to make it comfortable for the longest flights, like good bed seats or similar.
All video output in Linux has at its core, kernel space drivers.
For example, the text console is a kernel level driver. It could crash your machine. Unlikely, but true.
The frame buffer console. ditto
X11 ditto.
Normal user space programs do not get a chance to arbitrage the PCI bus, interrogate the device tree without the kernel's help, program the GPU, nor control FIFO queues. X11 does, whether in 2D or 3D. X11 can (and does - particularly in development mode) hard lock your machine so bad, you have to pull the plug from the wall. I know, as I've done it several times during the period when I was an X11 developer.
It's all in the code, which often looks like this:Yes, it really is peeking and poking bytes in the RAMDAC's physical memory. Do it wrong, and you can kill monitors, video cards, and in some cases machines. Most likely outcome is a hard lock.
Go look - the source is free. It's all there.
Andrew
Sorry to rain on your parade, but do you think when Linux programs use the syscall interface (int $80), that it's not in ring 0 on x86 architecture?
Or magically, on MacOS X on the PowerPC, drivers running stuff are running in userland? The Mach-FreeBSD port (darwin) runs drivers in the kernel space, and they are free to overwrite any physical or logical memory address, just as on every other operating system ... with the possible exception of Hurd or the original Mach.
From the I/O Kit Device Driver stuff:
If your software is a driver for a disk, a network controller, or a keyboard, it should reside in the kernel.
I'd say that a video card has to be in that category as well, despite the I/O Kit being able to do many things in user land. Quartz simply demands the 3D card to be accessible in kernel land as the transition time is too high for a userland process.
NT has a similar mechanim to the I/O Kit's high level framework, but instead of being OO, it's inherited from VMS and is called deferred procedure calls, where time critical things like interrupt service routines handle the low level stuff like dequeuing buffers before handing the major work to a Win32 service. Serial and USB drivers work like this, for example.
At least in MS-land, the driver certification test suite can torture test the driver to all sorts of corner cases. It takes a fair amount of effort to get a driver properly certified for XP or 2003, but once done, I've never (in 13 years!) seen a certified driver blue screen a box.
I've looked after hundreds of servers and thousands of desktops since 1995 when I first deployed NT (rather than just for my personal use). I forced the issue of certified drivers for desktops in one build of our SOE, and it dropped help desk calls a bit as the machines simply didn't crash any more.
So basically, both Apple and Microsoft made a design decision to speed the performance of their operating systems. Linux is still in the dark ages - all device drivers ... except for portions of USB ... are kernel space on every architecture and Linux has no driver test suite.
I know this stuff because if you look through the XFree86 credits for the Matrix Millennium drivers, you'll see my name.
Please research before posting.
They did - it's called NT. It's the kernel under XP, and bears no resemblence to the shim known as Windows 9x/Me.
I remember a few years ago when I was running NT 3.51 on my dual processor HP workstation just how nice this nice shiny new OS is. I can format a floppy and I can still do other things. Before NT, it took an Amiga to do that. In the Linux of the day, well I could use mformat or dd and zero out the sectors in preparation for a tar, but there was no UI for either and both were relatively arcane.
The level of transparency in XP running old apps makes Apple's half-baked approach look amateurish.
I bet when Avalon comes out, you're going to complain that it's not available on Windows Me or 2000, or why Microsoft is forcing developers to abandon their code and start over again. MS can't win on slashdot.
The version in the movie is fairly close to the Aragon and Arwen appendix, and even closer in many ways to the Beren and Luthien chapter in the Silmarillion, both of which influenced Jackson's/Boyen's script.
If Tolkien had been a better writer, I'm sure that his primary love story would have been included in the primary text, rather than sitting in an Appendix which hardly anyone reads, or in a book so inpenetrable that even I have yet to read all of it.
Go read these two chapters - they're not long and they're worth it. But then again, that's not the Slashdot way, is it? ;)
You know what? It really doesn't matter which you choose.
.NET side of things, and once Visual Studio 2005 is out, it's a complete no-brainer. Eclipse is the best development tool for J2EE apps and has excellent support for testing, in-code doco, and refactoring. .NET is far, far faster to develop simple applications, but they're roughly equal for more complex applications.
.NET or J2EE for this.
.NET path. If you're a mixed "one of everything" shop (like nearly every hospital I've ever worked in), spend the time doing a comparitive study. If you're going to sell to other health care institutions, stick to .NET.
... but RAM is cheap. .NET is faster for numerical computation, and database access (particularly to ADO.NET native providers like SQL server), but most health care apps are data driven, not computationally driven.
What does matter is the Sarbannes-Oxley and HPIAA acts, and think like as if your data was in there.
Patient privacy is all important, and that's 100% about process and 0% about technology.
Spend the time to create the system properly.
Think about the entire lifecycle
- architecture
- design
- testing
- coding
- SQA
- Security / UAT / SIT
- Deployment
These things are important. Do not fall into the waterfall lifecycle methodology - it's simply too hard to deliver secure code using it with excessive caution on the risk front. Use an agile process instead.
When you come to the coding aspect, the tools are far more mature on the
In terms of security, both are reasonably secure unless you decide not to be. I heartily recommend the "Writing Secure Code" book by Howard and Le Blanc, and of course look at OWASP's output.
I train developers to write secure code all the time. My main advice is to Think Evil(tm). What could you do to subvert the code you're writing.
Go to the place you're writing for - most of the time, it'll be terminals in semi-public spaces. Look at how the staff just leave the computer unlocked, and yet how well they look after the paper records. I don't know why this is, but you as a designer MUST cope with this human behavior. There is no class in
For cost reasons, if you're a Windows shop, you should go down the
The primary reason for security failure, availability failures, and other cockups is human fallability. If your code is the difference between a manual process which is (say) 40% slower than the automated version, that's 40% of patients who cannot be dealt with during an outage. People could die. You MUST be servicable and supportable. Your in-house skills dictate this choice, not platform or one-eyed "X is crap" choices. You could be the one or two that die.
As for reliability of the platform, in my experience, both are equal in the hands of well trained staff. J2EE is more memory hungry
As you point out, Java is cross-platform, but in my experience with several large scale applications is that developers get lazy and tie you to middleware instead. Some of that middleware is not platform independant, and you're stuck on a crazy combination of platforms occasionally. Also, unless the developers use Windows to develop and test, and Unix to develop and test, it's 99% certain that the code will not just run on the other platform. This is true between deploying (say) AIX on Websphere and Linux using Tomcat just as two examples.
Unless portability is more important than all other business drivers, do not include it in your list.
Remember:
* patient privacy #1
* correct operation #2
* availability #3
The rest will fall into place. You could satisfy my top 3 health business drivers in Coldfusion or PHP. It's not about the technology. Decide on your patient's needs, not yours.
Andrew
No, the analogy is as good as any analogy can get - I choose Dremel tools as they do an excellent job for me. I choose BMW as they are an excellent drive and pleasant to be in, not because they are expensive. If Kia sold a car for as much as a BMW, then it still wouldn't be as good as they don't have a clue about road handling, suspension tune, steering feel, and so on. And plus you can only use one tool or car at a time. Therefore, the analogy is apt. Plus Word is expensive compared to the "competition" - but it costs less than half a day of my billing time, so my ROI on Word is excellent.
What's so hard with highlighting the text you want to be list / bulleted, and clicking the sort of list you'd like to create? It's worked like since I started using Word on the Mac in 1987. Or using the new Styles pane and clicking the style you're after? It's fast and intuitive, just as it was in Frame 3.0 back in the early 1990's.
The only thing Word 2003 is missing from Frame is trivial long document support (1400 page book? No problems in Frame) and well, frame support that doesn't suck.
Andrew
This is like saying "Let's kill off Dremel tools because they are too good. Here have a cheap imitation instead". Or "Let's kill off BMW. Have a Kia instead."
Build me a better (compatible) mousetrap and maybe I'll consider it. I doubt it. Frame was a good choice but Adobe did a Computer Associates to it and neglected it agressively. So Frame is dead, long live Frame.
Until there are actual competitors who are:
a) as good as Word
b) productive as Word
c) has the advanced revisioning and editing features as Word
d) can collaborate with my colleagues as well as Word (say for example, Team Editing features)
e) all my clients have it
f) * just works *
the people who make such suggestions can make sweet love to a chainsaw... sideways.
Carriers are notorious at bad security, particularly on PVC's and other "private" links. You enter this cloud and they claim it's secure.
Going over the Internet is no different than using a modern frame PVC or ATM link, particularly if you're using C&W infrastructure as their GIN architecture *is* the Internet with VPNs over it.
Properly risk assessed, and with appropriate key management, going over the Internet has only one major failing - quality of service. If you can work around that by using multiple providers, there is nothing really wrong with using the Internet as a transaction medium.
Telephony providers are secure?
BAWWAHAHHAHAHAHAHA!
You have no clue.
Andrew
I have over 700 CDs, and on average buy about 60 or so a year. I do not copy my CDs and I have no copied CDs as I respect intellectual property and feel that artists should be appropriately rewarded for their hard work.
However, after ill-advisedly buying a copy prohibited disk (Norah Jones), I had to get my car serviced to get the disk out. This cost me a morning of my time, and $70, plus I have a disk I can't use and couldn't return as Borders felt that I had copied it, even though I showed them the VW dealership receipt.
Norah has released a second album. I will not be buying it. I will not buy any copy prohibited disks. Ever. Not even if you pay for my lost time and my bills to get my stuff repaired when playing music I legally bought and used in usual fashion.
Wise up or go bust.
I'll give you real hard numbers.
I look after pnm2ppa, which is a print processor to convert pnm image bitmaps from Ghostscript to PPA, which are HP's worst ever printers. Ever. They are so dumb, they make Bush look like a Mensa candidate.
When I first came to the code, it was written by someone who thought they knew better than the compiler, and structured the code accordingly.
We had hand-unrolled loops, unusual and rampant use of the "register" keyword, the occasional volatile, and strange padding in structures to try to align the data to what he thought the processor would use. There were arithmetic "if"'s, nasty pointer usage, throwing away type information (ie casting to void *), and strange methods of going through the data.
When I hand simplified all the code, it went about 15% faster. In inner loop case, over 100% faster by re-rolling a single inner loop because the person who unrolled it didn't understand how branch prediction worked and even less about large data structure walking and L1/L2 cache interaction. gcc 3.3 improved the performance of the code by about another 15%.
But you know what made the biggest change? A simple replacement of floating point gamma correction with a lookup table ordered in the simplest possible way. That shaved literally 30+ seconds off every page render on my PIII/800.
And you know what? The new GLUT is shorter and more readble, and is easier to tune for color correct output. It costs about 4 MB of RAM.
Assembly has no place in the modern day programmer's skillset. Humans do not know how to schedule instructions properly. They do not know how branch prediction will work unless the data they use is static. They should not waste their time on understanding the difference in L1 cache strategies (which are wildy different in the x86 families and AMD Opterons). They cannot work out how to best keep the data pipeline full on a wide range of processors. But you can help compilers work this out for you by:
* Design the system in the correct way first time - what do you actually need to do? Don't do anything else
* Learn and keep up with the best generic algorithms for a wide range of activities (such as sorting, arrays, dictionaries, etc) and keep a library of well tested and bug free examples
* Write simple, clear, maintable code
* Never, ever, ever throw away type information
* Never, ever, ever throw away data aliasing
* Never, ever, use the "register" keyword
* Never use "volatile" unless you know why you need it
* Document tests, data and code properly. This pays off big time every time you come to add new features or fix old ones
Lastly, program like a software engineer not a cowboy. Code must be correct then fast. Not fast and wrong.
SARA is akin to MSBA and similar tools (some free, some not).
.NET supports sandboxing similar a chroot jail if an application asks for it. Windows supports junction points, which can be used (but I've never seen used) to contain a particular application to a particular volume (which could be a virtual device, or similar).
Microsoft publishes extensive security checklists for various roles, and automates this process for the most likely deployment scenarios via the IIS Lockdown tool and local / group policy templates. You can manage a large fleet of computers using Group Policy in AD, so your lockdowns quickly apply to all computers, not just one.
Nessus scans at the network level and works acceptably to find most Windows network-based vulnerabilities. I use Nessus myself when doing vulnerability assessments as a shortcut / initial pass. Nessus is not good at finding configuration or local user weaknesses.
However, in Windows, the use of ACLs, low privilege service accounts, and utilizing fine grained privileges replaces big ass isolation required by Unix-like operating systems simply because most Unix-like OSs don't have this level of security architecture or fine grained access control.
I don't use SAINT, so I have no comment on that.
Just because an OS is different or you personally don't have knowledge of lockdowns, doesn't make another OS insecure. It requires bad coding practices and poor configuration to do that. Thanks to Windows' popularity, there's more than enough of this to go around.
Andrew