When Apple switched from Motorola 680x0 to PowerPC processors in 1994, they built an emulator into the operating system to allow m68k code to run transparently on the new platform. In fact, they didn't even port the entire operating system itself; bits and pieces of it ran under emulation for years as Apple gradually finished porting it all.
In addition, they created an easy way for applications to be compiled natively for BOTH architectures at the same time, and encouraged application developers to release fat binary versions of their apps. This worked so well that the majority of users weren't even aware that the PowerPC was a completely new incompatible architecture, as opposed to simply a new faster version of what they'd always had.
When Apple switched CPU architectures again, they mostly duplicated this success. Some applications and drivers aren't compatible with Rosetta (the PowerPC emulator), and it's not possible to use a plugin compiled for one processor in an application compiled for another, but Apple's own developer tools offered a simple checkbox to recompile an app as a Universal Binary, and most developers have moved away from third-party compilers.
Microsoft does have x86 emulation technology that they bought from Connectix a few years ago, but they have no experience getting applications to work transparently across dissimilar architectures, and moving from a faster Intel CPU to a slower ARM CPU makes emulation pretty unappealing anyway. Look at what a pain in the ass it is just to get everything to work on a 64-bit version of Windows!
Mac developers are accustomed to following Apple's spontaneous whims, because users consistently reward them with big piles of cash, but Windows developers have a lot less incentive to play ball by releasing native applications for a platform that doesn't exist yet, has no users, and seems unlikely to get users because there is no native software. If they can make the emulation work perfectly, then they might get some users, and if they have users, some developers will start porting their apps. You'll never get all of them, of course, but the ones most people use every day will probably have ARM-native versions introduced. Also, pure.Net applications should work perfectly out-of-the-box. Microsoft wouldn't use a universal binary architecture like Mac OS X; since virtually all Windows applications require an installer and you can't easily move an app from one computer to another without reinstalling it from scratch, there's no reason to do that.
In contrast, Apple could announce a new ARM-based Mac netbook tomorrow, and a majority of developers would have native applications ready to go in six months.
Slightly off-topic, but just a reminder: have you patched the BIND security hole yet? If you're running BIND 9 and your server is the master for any domains (including localhost), and you haven't patched this week, one malicious packet can crash your server.
If you have a master nameserver on a private network or behind a firewall, and your public-facing nameservers are all slaves with no master zones at all, you're safe. If your infrastructure is set up like that, except you use rsync over ssh to send updated zone files to your "slaves" but they're actually configured as masters, you're vulnerable. Contrary to what you may have heard, it does not matter whether you use dynamic updates (e.g. from dhcpd) or not.
This firewall rule blocks all dynamic update requests, including the exploit, on recent versions of Linux (but didn't work on any of my DNS servers, because they're all running older distros): iptables -A INPUT -p udp --dport 53 -j DROP -m u32 --u32 '30>>27&0xF=5'
Of course if you're running djbdns or something else, you can continue to be gleefully smug.
I remember when the Blue Raspberry craze hit in the early '90s. Suddenly just about every candy was available in blue raspberry - not normal regular raspberry, just blue. Reminds me of when ciabatta bread and chipotle sauce hit fast food a couple years ago, a month before nobody had heard of them, and suddenly they were everywhere.
Exact conversations and the apple employee's job description would be needed to be evaluated to see if this 'promise' really binds apple to anything.
Phil Schiller is the guy who gave the Macworld Expo keynote while Steve Jobs was on medical leave. Schiller is the #2 public face of the company after Jobs (and has been for years). If he made this promise, then yes, Apple is legally bound to honor it... except that Apple and Google will simply agree that it's in both of their best interests to settle the matter quietly, out of court, with both parties getting something they want (Apple getting no Google Voice on the iPhone, and Google getting something undisclosed).
Since I moved to "Flext" on T-mobile, those international calls come out of my monthly limit anyway so I might as well use them. I can remember when land-lines were expensive for international calls - now they can be cheaper than local calls depending on your network. (They were usually routed via satellite, with second long time-delays, but now they go via huge fiberoptic cables).
Holy crap that's a good idea. I never come close to using all my minutes. I don't make many international calls, but I'd certainly make more if I didn't have to pay extra.
I'm sure President Obama is very personable and likable,
I've heard this said about Bush as well, pretty consistently.
and even his opponents admit he's an intelligent very well-spoken individual,
But never this part. (OK, I've heard a couple people defend Bush's intelligence, but never his communication skills).
It's not Obama's ideas that I have a problem with, it's the way he goes about them. Universal healthcare is great, but giving Congress free reign to figure out the details is a recipe for disaster! Obama says it will save us money while his opponents say it will cost billions; I'm sure the idea Obama has in mind would save money but somehow Congress will find a way to add extra costs and eliminate the efficiency gains. And somehow we'll reelect them anyway.
We need a strong executive right now, not just intelligence and integrity. I believe Obama has the latter two, but he is not showing strength of leadership.
We see this in software too. Linus is a nice guy but won't put up with anybody's crap, so the Linux kernel is successful. Theo is an asshole and definitely won't put up with anybody's crap, so OpenBSD is reliable. Patrick pretty much puts Slackware together all by himself, and many of us still swear by it. Shuttleworth insists on a predictable release schedule and end-user usability, so Ubuntu is wildly popular. Steve Jobs throws things at people when they show him things that don't look perfect, so millions of people are happy to pay extra money for Apple's products.
you can't fire someone because of race, sex, etc. even in an at-will state
While true, that's also irrelevant, because:
It also means you can be fired without a reason.
So if they decide to fire you because of race, sex, etc., they merely fire you without a reason. You may have been fired because you're black, female, whatever, but as long as they're smart enough to not say so, they can indeed fire you because of your race or sex.
However, if you can convince a court that the reason they fired you was a prohibited reason, it doesn't matter whether they specified a reason or not. For this reason, many employers like to document explicit valid reasons before firing someone, in preference to firing them for no documented reason.
Furthermore, if you happen to be black/female/whatever, and you suck at your job, they can neither fire you for sucking at your job nor fire you for no reason, because there's a chance you could later convince a court that the real reason was your race/sex/etc.
Sounds like a good incentive to avoid hiring minorities in the first place! Too risky.
Then, we also have 30 years of usenet and website publishing which preceded the Facebook/Myspace/Twitter model.
Only academics and nerds posted to newsgroups and made personal home pages. Publishing your own opinions on the Internet wasn't done by the general public before blogging and social networking sites came along. My grandmother is learning to use Facebook. I'm sure she's never even heard of Usenet, and has likely never posted to a mailing list.
It's just a web-based sign-on page, which works the same way as a ton of other not-quite-open wifi access points. Your wifi connection is unencrypted, they redirect all HTTP traffic to an internal sign-on page and block everything else, then once you've signed in they open it up and redirect you back to your home page or wherever.
On some of these, you can gain Internet access without signing up, by tunneling IP over DNS, which sometimes doesn't get blocked. I expect these guys have thought of that, though.
Can a botnet run on WINE with 100% compatibility? Doesn't malware often use exactly the same kinds of tricks that WINE doesn't fully implement? This might not create an accurate picture.
Also, are they simulating network latency between nodes? Many bots take this into account.
Qwest DSL customers have free access to AT&T wifi hotspots, including at Starbucks and McDonald's. This is for anyone using Qwest's DSL connections, regardless of their choice of ISP.
Banning Latitude is almost certainly just another mundane example of carrier oligopoly abuse. The federal government needs to legislate to stop cell phone carriers from crippling phones.
Wrong solution!
The federal government needs break up the oligopoly to allow real competition to thrive. In a competitive market, we can have the features we want without the government having to decide what features those should be, which always causes problems. Verizon can strip wifi out of your phone because they know you're not going to switch to another carrier that supports phones with wifi. There are plenty of reasons why it wouldn't be easy for you to switch - and THAT'S the root of the problem.
Just don't use cookies. Or at the very least, allow people to opt *in* rather than out.
What a concept, right?
You're an idiot.
HTTP is a stateless protocol. That's fine if all you're doing is looking at documents, but the Web can do much more than that. There are services that I want the government to be able to provide over the Internet that involve more than just looking at documents. These require tracking state, which is what cookies were designed for. You can fake it if you have to, by putting session variables in query strings, but that makes all of your links ugly and makes it rather awkward to send links to other people, in addition to making the code more complicated/bug-prone/expensive.
User privacy needs to be taken seriously, of course, but that doesn't mean cookies should be banned. It means cookies should be used responsibly. The government is looking for input on what exactly that should mean.
They are, after all, in the business of spamming to make money so they will choose the action that is most profitable.
That makes sense when you have limited resources and have to prioritize. Spammers steal other people's resources, so they do not have to prioritize; they can do it all at once. Also, since there are many spammers, one spammer might take an approach that nobody else is taking - for example, if everyone else is scraping addresses off the Web, somebody will start harvesting from whois records just because nobody else is doing it.
...we could come to the conclusion that they know that the email addresses in WHOIS records are likely to be amongst the more intelligent people on the internet.
Spammers sell lists of addresses. Their buyers don't have to know where the addresses came from. Selling lists of addresses of people who hate spam is still a profitable business.
Spammers are, undoubtedly, trying to make money. They don't send out spam just to piss you off; they send it out because someone is paying them to do it.
That depends on the spammer; they're not a homogenous group. Making money may be goal #1, but if that fails, pissing you off is not off the table.
However I suspect they get better returns on their time by using google to crawl through forum posts and other such things that tend to have email addresses in them.
It's not their time, so they don't have to care what the returns are. Setting a botnet to pull e-mail addresses out of WHOIS doesn't cost anything except the price of renting a botnet from the Russian mafia, but they can probably find a way to get it for free.
I do believe there is a reasonable compromise that can be made between for-profit web domains (who IMHO should be obliged to have legitimate contact information in their records) and non-profit or hobby domains (who generally I would say should be eligible for obfuscation services).
And which of these two categories would you put spammers in?
I went for twist ties, rather than velcro, and it took me years to figure out that these are also sold in the garden section (as opposed to stealing them from the produce department).
Velcro is a good idea. Maybe I'll try that.
I don't like zip ties for home use, unless you're SURE you're not gonna mess with it.
I had a server that used to work fine, that after a reboot would hang when loading the hotplug subsystem to scan for hardware devices. Initial troubleshooting (adding some "echo" statements to the rc scripts) suggested it was hanging while scanning for PCI devices. I thought I was going to have to replace the motherboard.
Turned out to be a software problem, caused by a bug in a security patch released a few months ago. Funky things can definitely happen.
Re:SOMEONE buy a copy for the /. coders!
on
Even Faster Web Sites
·
· Score: 2, Interesting
It's fast enough for me.
The CSS is horribly broken, but I have no complaints about the speed. Posting is certainly faster for me than it used to be before they switched to AJAX. It just looks like crap.
The idea is that when somebody has a question about the behavior, and the documentation hasn't been written yet (or is out of date, or whatever), you can say "look at the source code, and that will tell you what the behavior is." This works for questions you've never even thought of, and hadn't ever considered documenting.
When there is only one official implementation, and the implementation works well enough, then this approach kinda works. It's one step better than saying the specification is the behavior of the implementation, which is how HTML used to work. Even when a specification was published, nobody really appreciated the authority of the spec until HTML 4.01, and some still don't.
I think I may have met her a couple years ago, at a previous OSCON. I was surprised to find myself speaking to someone who knows PHP very well, and doesn't think it sucks.
Slashdot Mirror
"Wow $NameofPersonWhosDeskImSittingAt, you sure look different today! HAHAHAHAHAH"
Oh thank God, I'm not the only one who hates that.
When Apple switched from Motorola 680x0 to PowerPC processors in 1994, they built an emulator into the operating system to allow m68k code to run transparently on the new platform. In fact, they didn't even port the entire operating system itself; bits and pieces of it ran under emulation for years as Apple gradually finished porting it all.
In addition, they created an easy way for applications to be compiled natively for BOTH architectures at the same time, and encouraged application developers to release fat binary versions of their apps. This worked so well that the majority of users weren't even aware that the PowerPC was a completely new incompatible architecture, as opposed to simply a new faster version of what they'd always had.
When Apple switched CPU architectures again, they mostly duplicated this success. Some applications and drivers aren't compatible with Rosetta (the PowerPC emulator), and it's not possible to use a plugin compiled for one processor in an application compiled for another, but Apple's own developer tools offered a simple checkbox to recompile an app as a Universal Binary, and most developers have moved away from third-party compilers.
Microsoft does have x86 emulation technology that they bought from Connectix a few years ago, but they have no experience getting applications to work transparently across dissimilar architectures, and moving from a faster Intel CPU to a slower ARM CPU makes emulation pretty unappealing anyway. Look at what a pain in the ass it is just to get everything to work on a 64-bit version of Windows!
Mac developers are accustomed to following Apple's spontaneous whims, because users consistently reward them with big piles of cash, but Windows developers have a lot less incentive to play ball by releasing native applications for a platform that doesn't exist yet, has no users, and seems unlikely to get users because there is no native software. If they can make the emulation work perfectly, then they might get some users, and if they have users, some developers will start porting their apps. You'll never get all of them, of course, but the ones most people use every day will probably have ARM-native versions introduced. Also, pure .Net applications should work perfectly out-of-the-box. Microsoft wouldn't use a universal binary architecture like Mac OS X; since virtually all Windows applications require an installer and you can't easily move an app from one computer to another without reinstalling it from scratch, there's no reason to do that.
In contrast, Apple could announce a new ARM-based Mac netbook tomorrow, and a majority of developers would have native applications ready to go in six months.
Slightly off-topic, but just a reminder: have you patched the BIND security hole yet? If you're running BIND 9 and your server is the master for any domains (including localhost), and you haven't patched this week, one malicious packet can crash your server.
If you have a master nameserver on a private network or behind a firewall, and your public-facing nameservers are all slaves with no master zones at all, you're safe. If your infrastructure is set up like that, except you use rsync over ssh to send updated zone files to your "slaves" but they're actually configured as masters, you're vulnerable. Contrary to what you may have heard, it does not matter whether you use dynamic updates (e.g. from dhcpd) or not.
This firewall rule blocks all dynamic update requests, including the exploit, on recent versions of Linux (but didn't work on any of my DNS servers, because they're all running older distros):
iptables -A INPUT -p udp --dport 53 -j DROP -m u32 --u32 '30>>27&0xF=5'
Of course if you're running djbdns or something else, you can continue to be gleefully smug.
He's right; researchers at MIT confirmed that aluminum foil actually amplifies, rather than blocks, the government's mind control rays.
I remember when the Blue Raspberry craze hit in the early '90s. Suddenly just about every candy was available in blue raspberry - not normal regular raspberry, just blue. Reminds me of when ciabatta bread and chipotle sauce hit fast food a couple years ago, a month before nobody had heard of them, and suddenly they were everywhere.
Exact conversations and the apple employee's job description would be needed to be evaluated to see if this 'promise' really binds apple to anything.
Phil Schiller is the guy who gave the Macworld Expo keynote while Steve Jobs was on medical leave. Schiller is the #2 public face of the company after Jobs (and has been for years). If he made this promise, then yes, Apple is legally bound to honor it... except that Apple and Google will simply agree that it's in both of their best interests to settle the matter quietly, out of court, with both parties getting something they want (Apple getting no Google Voice on the iPhone, and Google getting something undisclosed).
Since I moved to "Flext" on T-mobile, those international calls come out of my monthly limit anyway so I might as well use them. I can remember when land-lines were expensive for international calls - now they can be cheaper than local calls depending on your network. (They were usually routed via satellite, with second long time-delays, but now they go via huge fiberoptic cables).
Holy crap that's a good idea. I never come close to using all my minutes. I don't make many international calls, but I'd certainly make more if I didn't have to pay extra.
I'm sure President Obama is very personable and likable,
I've heard this said about Bush as well, pretty consistently.
and even his opponents admit he's an intelligent very well-spoken individual,
But never this part. (OK, I've heard a couple people defend Bush's intelligence, but never his communication skills).
It's not Obama's ideas that I have a problem with, it's the way he goes about them. Universal healthcare is great, but giving Congress free reign to figure out the details is a recipe for disaster! Obama says it will save us money while his opponents say it will cost billions; I'm sure the idea Obama has in mind would save money but somehow Congress will find a way to add extra costs and eliminate the efficiency gains. And somehow we'll reelect them anyway.
We need a strong executive right now, not just intelligence and integrity. I believe Obama has the latter two, but he is not showing strength of leadership.
We see this in software too. Linus is a nice guy but won't put up with anybody's crap, so the Linux kernel is successful. Theo is an asshole and definitely won't put up with anybody's crap, so OpenBSD is reliable. Patrick pretty much puts Slackware together all by himself, and many of us still swear by it. Shuttleworth insists on a predictable release schedule and end-user usability, so Ubuntu is wildly popular. Steve Jobs throws things at people when they show him things that don't look perfect, so millions of people are happy to pay extra money for Apple's products.
you can't fire someone because of race, sex, etc. even in an at-will state
While true, that's also irrelevant, because:
It also means you can be fired without a reason.
So if they decide to fire you because of race, sex, etc., they merely fire you without a reason. You may have been fired because you're black, female, whatever, but as long as they're smart enough to not say so, they can indeed fire you because of your race or sex.
However, if you can convince a court that the reason they fired you was a prohibited reason, it doesn't matter whether they specified a reason or not. For this reason, many employers like to document explicit valid reasons before firing someone, in preference to firing them for no documented reason.
Furthermore, if you happen to be black/female/whatever, and you suck at your job, they can neither fire you for sucking at your job nor fire you for no reason, because there's a chance you could later convince a court that the real reason was your race/sex/etc.
Sounds like a good incentive to avoid hiring minorities in the first place! Too risky.
Then, we also have 30 years of usenet and website publishing which preceded the Facebook/Myspace/Twitter model.
Only academics and nerds posted to newsgroups and made personal home pages. Publishing your own opinions on the Internet wasn't done by the general public before blogging and social networking sites came along. My grandmother is learning to use Facebook. I'm sure she's never even heard of Usenet, and has likely never posted to a mailing list.
It's just a web-based sign-on page, which works the same way as a ton of other not-quite-open wifi access points. Your wifi connection is unencrypted, they redirect all HTTP traffic to an internal sign-on page and block everything else, then once you've signed in they open it up and redirect you back to your home page or wherever.
On some of these, you can gain Internet access without signing up, by tunneling IP over DNS, which sometimes doesn't get blocked. I expect these guys have thought of that, though.
Can a botnet run on WINE with 100% compatibility? Doesn't malware often use exactly the same kinds of tricks that WINE doesn't fully implement? This might not create an accurate picture.
Also, are they simulating network latency between nodes? Many bots take this into account.
I don't patronize Starbucks or McDonald's frequently, and don't have a wifi-enabled phone or PDA, so I have no idea.
Surprisingly, McDonald's has recently introduced a burger that doesn't suck ass. Except for the cheese, but the rest of it is actually good.
Qwest DSL customers have free access to AT&T wifi hotspots, including at Starbucks and McDonald's. This is for anyone using Qwest's DSL connections, regardless of their choice of ISP.
Banning Latitude is almost certainly just another mundane example of carrier oligopoly abuse. The federal government needs to legislate to stop cell phone carriers from crippling phones.
Wrong solution!
The federal government needs break up the oligopoly to allow real competition to thrive. In a competitive market, we can have the features we want without the government having to decide what features those should be, which always causes problems. Verizon can strip wifi out of your phone because they know you're not going to switch to another carrier that supports phones with wifi. There are plenty of reasons why it wouldn't be easy for you to switch - and THAT'S the root of the problem.
Cookies are bad for the health of your website, news site, or blog.
Are you retarded? Slashdot would suck ass without cookies.
Just don't use cookies. Or at the very least, allow people to opt *in* rather than out.
What a concept, right?
You're an idiot.
HTTP is a stateless protocol. That's fine if all you're doing is looking at documents, but the Web can do much more than that. There are services that I want the government to be able to provide over the Internet that involve more than just looking at documents. These require tracking state, which is what cookies were designed for. You can fake it if you have to, by putting session variables in query strings, but that makes all of your links ugly and makes it rather awkward to send links to other people, in addition to making the code more complicated/bug-prone/expensive.
User privacy needs to be taken seriously, of course, but that doesn't mean cookies should be banned. It means cookies should be used responsibly. The government is looking for input on what exactly that should mean.
i do to most of the time, just not 100% of the time, this one of the times i don't...
Why?
What specifically did Linus say here that you disagree with?
They are, after all, in the business of spamming to make money so they will choose the action that is most profitable.
That makes sense when you have limited resources and have to prioritize. Spammers steal other people's resources, so they do not have to prioritize; they can do it all at once. Also, since there are many spammers, one spammer might take an approach that nobody else is taking - for example, if everyone else is scraping addresses off the Web, somebody will start harvesting from whois records just because nobody else is doing it.
...we could come to the conclusion that they know that the email addresses in WHOIS records are likely to be amongst the more intelligent people on the internet.
Spammers sell lists of addresses. Their buyers don't have to know where the addresses came from. Selling lists of addresses of people who hate spam is still a profitable business.
Spammers are, undoubtedly, trying to make money. They don't send out spam just to piss you off; they send it out because someone is paying them to do it.
That depends on the spammer; they're not a homogenous group. Making money may be goal #1, but if that fails, pissing you off is not off the table.
However I suspect they get better returns on their time by using google to crawl through forum posts and other such things that tend to have email addresses in them.
It's not their time, so they don't have to care what the returns are. Setting a botnet to pull e-mail addresses out of WHOIS doesn't cost anything except the price of renting a botnet from the Russian mafia, but they can probably find a way to get it for free.
I do believe there is a reasonable compromise that can be made between for-profit web domains (who IMHO should be obliged to have legitimate contact information in their records) and non-profit or hobby domains (who generally I would say should be eligible for obfuscation services).
And which of these two categories would you put spammers in?
I went for twist ties, rather than velcro, and it took me years to figure out that these are also sold in the garden section (as opposed to stealing them from the produce department).
Velcro is a good idea. Maybe I'll try that.
I don't like zip ties for home use, unless you're SURE you're not gonna mess with it.
I had a server that used to work fine, that after a reboot would hang when loading the hotplug subsystem to scan for hardware devices. Initial troubleshooting (adding some "echo" statements to the rc scripts) suggested it was hanging while scanning for PCI devices. I thought I was going to have to replace the motherboard.
Turned out to be a software problem, caused by a bug in a security patch released a few months ago. Funky things can definitely happen.
It's fast enough for me.
The CSS is horribly broken, but I have no complaints about the speed. Posting is certainly faster for me than it used to be before they switched to AJAX. It just looks like crap.
The idea is that when somebody has a question about the behavior, and the documentation hasn't been written yet (or is out of date, or whatever), you can say "look at the source code, and that will tell you what the behavior is." This works for questions you've never even thought of, and hadn't ever considered documenting.
When there is only one official implementation, and the implementation works well enough, then this approach kinda works. It's one step better than saying the specification is the behavior of the implementation, which is how HTML used to work. Even when a specification was published, nobody really appreciated the authority of the spec until HTML 4.01, and some still don't.
I think I may have met her a couple years ago, at a previous OSCON. I was surprised to find myself speaking to someone who knows PHP very well, and doesn't think it sucks.