In UNIX, this is easy to answer. The OS is the kernel and its API. Everything else is an application. Even/bin/sh is an application; hell, anything that the user sees is an application. The things the user sees that might be considered the operating system are really side-effects of the operating system, such as process scheduling and file system caching.
The term "operating environment" is more accurate for what we call Windows or Solaris, for example. These are the operating system plus bundled applications that make the system useful.
There is an important distinction to make between Windows and Solaris, however. Sun is slow to integrate third-party applications, such as Perl, into Solaris and does so only after enough users demand it. Microsoft, on the other hand, is quick to add things driven by their desire to dominate a particular market. This distinction makes is clearer how to deal with Microsoft.
The lines dividing what to package and what not to package should be divided by market. Can Microsoft include the operating system? Of course. Can Microsoft include a web browser (a distinct market), also, after being convicted an illegal monopoly? Yes, but it must be completely modular and completely optional. How about a trial contract with MSN (a distinct market)? Yes, but only if it is clearly separated from other applications and clearly documented (currently, they try to make it part of the Windows "experience"). How about an office productivity application (a distinct market)? Yes, but it should also be completely modular, optional, and have an open documented file format.
When you consider that Microsoft is trying to dominate several markets simultaneously, dividing what is and isn't "part of the OS" becomes pretty simple.
If they find that pop-up/under is not working, they will come up with new ways to be intrusive, Like showing a full-page ad before directing to the actual page we clicked. Ads taking 90% of the page, so that we have to click 10 "next" pages just to read a small article.
I think the free market will save us, here. By becoming so obnoxious as to reduce content down to 10% of a page, advertisers will be driving customers away as if avoiding the Plague!
The WWW will stabilize into some reasonable medium for both content and advertising. I'm not sure how long it will take, but, already, JavaScript-driven things are declining, which is good. The next phase will probably involve a rise and fall of Flash and other plugin-enabled formats.
CGI/mod_perl would be slow and cause a lot of traffic. A simple set of JS could tell a user when a combo is invalid without having to send stuff to your server.
On a cleanly designed website, doing things server-side does not create a lot of traffic nor is it slow. By sending pure HTML to the client, server-side programs can truly work across browsers. Avoiding JavaScript is just a simpler and more robust approach to making a website.
I have found countless places where I can greatly enhance the user experience by using DynamicHTML, which requires JavaScript or some other scripting language.
It's interesting that nearly all such "enhancing" features are, in reality, counterproductive when considering the whole user base. Most sites are very obviously tested only internally and quickly before posting them to the Web. The result: awful pull-down menus when I use larger fonts, broken menus, CPU meltdown, crashing browser, and websites that break on unexpected input.
Nearly every application for JavaScript can be replaced by well-thought-out straight-HTML and/or JSP/Perl/PHP/etc. A logical page hierarchy can actually be faster and easier to navigate than a single JavaScript-enabled page. And the pure simplicity is easier on the users and the developers alike.
Also, consider the cost of a JavaScript programmer. Now, just how expensive are two more CPUs on the server? Client-side performance just isn't a good argument. Modem connections are plenty fast for the text of a web page, and the client browser cache can ensure consistently-used images are loaded only once.
I have yet to see a convincing argument in favor of JavaScript and DHTML over plain old HTML on the client. They are just unneccessary additions to the already unpalatable language-soup of the WWW.
Re:As a responsible manager I'd
on
More MS EULA Fun
·
· Score: 2
I hardly beleive the cost of the initial equipment outweighs the long term support costs...
The initial equipment cost is trivial compared to the cost of the people using and maintaining it over its lifetime (unless, perhaps, the equipment is hundreds of thousands of dollars). This is why it can be easy to argue for things, such as SCSI, which are expensive up front but cover your ass later on.
This is why Microsoft should be losing out at the low end, but their marketing is so good that they've actaully been pretty successful. Remember, a good salesman can sell anything to nearly anyone. The few people he can't sell to are just smart enough to avoid Microsoft on merit alone.
Re:Slashdot being astroturfed? (offtopic)
on
More MS EULA Fun
·
· Score: 2
Am I the only one getting the feeling that./ is being actively astroturfed?
No, not at all. Not only is Microsoft or people acting on the behalf of Microsoft posting propoganda to Slashdot, they somehow get moderation privileges, as well.
While Microsoft can post whatever they want, it is up to the many readers and moderators of Slashdot to argue the truth. This is sufficient to debunk nearly anything Microsoft can claim.
If they occasionally speak the truth, then that is fine. If Microsoft can actually find ways to compete on merit, they should be given a chance (though it is an uphill battle for them, and the hill is a mountain).
Re:The stats are most interesting
on
Hacker Survey
·
· Score: 2
Has anyone ever found a rea-solid argument to keep sourceocde locked up and a super secret? other than lining your own pockets?
Classified projects comes to mind. Why give out source code to something that already has a need-to-know userbase and extreme physical security?
Anyway, lining one's pockets is actually a noble cause. If I want to earn my living by developing software, it is good to choose wisely which components to keep closed and which components to open up. I think file formats are great canidates for being open, but core algorithms that are unique probably can stay closed. The trick is to balance user trust with software lock-in, so that it really is a win-win situation between myself and my customers. It really is possible to develop proprietary software and be successful without becoming an asshole like Microsoft.
The GPL does not restrict any rights you, as a recipient of a copywritten work, already have. It does place requirements on you if you choose to exercise the rights of redistribution, modification, or creating derived works -- but those are rights that you do not have except as granted by the license, so the default assumption is that you cannot copy, redistribute, etc.
Okay, I understand this a bit better. On a slightly unrelated note, it would be funny if all EULAs were required to be prefaced by the actual text of copyright law. That way, EULAs might carry a bit more weight in the software world...
In short, how do you have a legally binding contract in the absence of a bidirectional communication that "... the party of the first part, being legally able to enter into a contract and freely entering into the contract, and the party of the second part, being legally able..."
This is why Microsoft is requiring a little-publicized feature called a hypodermic needle on all Palladium-compliant PCs. All users must proved blood samples for DNA analysis within the Palladium Chip before any action can be authorized. A centralized international database keeps track of human-software associations. If the database indicates suspicious activity, strawberry-flavored antifreeze is injected back through the needle providing instant justice for mankind.
(legal disclaimer: in case you, the reader, are a lawyer or a sue-happy fool, the above paragraph was intended as a joke and should not be regarded as a statement of fact)
Free Software vendors should be indicating the terms of the GPL (assuming some software is GPLed in their distribution) on the outside of the packaging, but even if they don't, again, the license is not restricting any of the rights you would normally have in a software sale so there is no need for prior assent.
What if you are evaluating a software package based on the ability to redistribute it or reuse parts of it? Prior assent is essential no matter the license, because even the GPL restricts some rights as a compromise for allowing others.
then, take the box fan and blow the steam out of the bathroom, this will catch all the particles of dust that hang in the air and blow them with the steam outside of the bathroom,...
But, what about the incoming air? This is significant, unless you plan on maintaining a vacuum while you work. Perhaps blocking all of the doorway leaving openings for the fan and a HEPA filter might be less risky.
Also, some latex gloves are manufactured with a powder in them, which could ruin all other preparations for cleanliness.
This drive mod recipe sounds more like those plans to prevent pregnacy by doing jumping-jacks after sex; it just leaves out too many variables.
I wonder if there really never was any such thing as a super computer.
Conspiracy theory: These Cray folk were really high-end furniture dealers posing as computer salesmen. The machine rooms housing Crays had rows of workstations under the tiles to do the work, while the sysadmins were enjoying their waterfalls, cool-looking couches, and lots of blinking LEDs. The tall black cabinets housed expensive beer, snack mix, and big TVs. Other cabinents had small humming devices and hiding places for party-goers, so passing managers thought the money spent was totally worth it.
Who wants to bet that chronicle.com is going to be added very very soon..?
This is by far the most frightening aspect of website and SPAM filters. Institutional filters, like N2H2, serve only the political or righteous interests of those who employ them. How can naive rules about what is and isn't pornography, for example, actually accomplish anything good? This is no different than choosing which books to burn, which people to take off the air, or what topics newspapers can publish. Internet filters are censorship; there is no excuse that can change this fact. For this reason, we should question the motives of any organization that uses them.
Which United States do you live in? Last month at the G8 summit, the topic of discussion for the second day was to be aid for Africa, and investment in Africa. All Pres. Bush wanted to discuss was getting support from the G8 to bomb Iraq into a new stone age.
Just a friendly reminder that U.S. citizens should be very thankful for the Constitution of the United States of America, which imposes a maximum term of two four-year periods for any president. High turnover is one aspect of the strength of the U.S.A.
I don't know what licensing (if any) was like up until the mid 70's. But a warrant of merchantibility probably didn't matter. Why? Because reputations were on the line. This shit was supposed to work. Welcome to 2002, where we, as consumers, expect crashes, lock-ups, lost documents, incomplete features, etc.
If the adolesence you speak of lasts too long, people will ask for these things even less than they do today.
I think for the most part, the software industry up to this point has evolved fairly unsuprisingly: starting out with really expensive custom computers and software and leading to current commoditization where quality has suffered due to pricing competition and relentless market growth. This seems fairly natural, where a system starts out at one extreme, swings over time to another extreme, and eventually stabilizes somewhere in the middle.
Right now, I think we have reached the second extreme, especially since it has come to the point where software that is free can routinely exceed the quality of software that is not (in a way, this is pretty sad).
If this is all true, this adolescence has peaked, and we've begun a trend towards stability. Maturation of the software industry may take a number of years, but I think more and more people are grasping that good quality is possible again, which is encouraging. My hope is that this quality is achieved through a free-market consensus rather than legislation or industry-imposed DRM/Palladium, since legislation and DRM will probably be extremely short-sighted and damaging overall. However, some consumer-oriented legislastion, such as requiring warranties, may actually be good.
The thing is, it's the professionals who have been doing it "the unsafe way" for years who will keep on doing the same thing. It's the upstart hobbyists who have a reliable set of utilities that are much more immune to buffer overflows.
It's interesting that I didn't consider Linux or OpenBSD, for example, as hobbyist systems, even though they really are, in a way. Many people at GNU and other free software organizations have been doing professional-quality work, just not often under the professional guise.
In another way, GNU, OpenBSD, XFree86, and KDE, for example, technically aren't made by hobbyists, because they went through the effort to create non-profit organizations, boards of directors, or otherwise distinquished themselves. There is something about them that has elevated them above a "hobbyist" status. Many of them should be considered professionals, even though most of them don't write software for-profit.
we need to get Richard Clarke to do a slashdot interview.
This is a good idea. A natural extension to this would be to invite other goverment figures, such as Justice Department officials or members of Congress. People who have an interest in federal or international technology policies might appreciate the open, yet moderated, forum of Slashdot. This could be an example of the U.S. goverment at its best.
This could be an easier way for people to "write their Congressmen", since there really is a lower courage threshold when posting to Slashdot (yes, writing Congressmen isn't trivial for many people, even though it should be).
If nothing else, computer software must be fit for a specific purpose.
When this becomes commonplace (I hope that it does), software makers will be much more modest about their claims, and software will be developed only with the discipline it deserves.
With genuine warranties on software, companies like Microsoft will have to make their marketing department shut up (finally!) and will have to start selling really good, tried and true, software. However, I believe this sort of software industry is quite a few years away.
Right now, the software industry is going through some sort of adolescence, where righteous bastards like Senator Hollings (SSSCA), Microsoft (.NET, Palladium), and others are trying to write the law of the future in their own image, and the equally-unreasonable "free love" software culture opposing in the wrong way. I really hope reason wins in the end, and we fall back on traditional good ol' hard work and quality products. Some regulation may be appropriate, but it can't go as far as the DMCA already has.
What we need is a law that makes it a crime to do such poor software engineering.
Perhaps analogous to building codes for new construction, or FCC requirements for electronics? Another approach would be certification, such as "Professional Engineer" for software engineers.
I know that many people will lash out at these sort of ideas, but as long as there are strict distinctions between "professional" and "non-professional", everyone should be able to get their way. Hobbyists can still do everything they want, while Software PE's can develop commercial software in the same way as building contractors develop office complexes--disciplined and with checks and balances. The end result is that software projects will cost what they really need to cost, and shoddy commercial software will be much rarer.
It has been this way for a long time in other disciplines, such as Mechanical Engineering or Electrical Engineering; the software industry just hasn't matured to this point, yet.
I would be more careful with words like "crime", however, because hobbyists really need to be protected. "Professional liability" may be more appropriate.
When you login to the FTP site, it says SunOS 4.1. This is SunOS, not Solaris. IIRC any version of Solaris is identified as SunOS 5.x. So the question is, how secure is this antique OS?
SunOS 4.X was rebranded "Solaris 1.X" some time ago, to make it seem more in-line with the SunOS 5.X development. I suppose any UNIX, regardless of age, can be fairly well secured. It just takes a lot of knowledge and intuition about network services, file permissions, etc.
Well, I guess that's what they get for hosting ftp.openbsd.org on a box running SunOS, not OpenBSD!
Not quite. Solaris really can be secured almost as well as OpenBSD. It just takes more effort, and the administrators of the FTP server probably didn't bother.
What we need is a trusted 3rd party that has all the checksums.
I disagree, because a third party, such as VeriSign, would probably introduce more bureaucracy than most open source projects are willing to tolerate.
A much simpler solution would be to set up checksum servers separate from the ftp servers. These servers could use highly-restrictive firewalls that allow only the checksum-getting protocol through. I don't know what this protocol could be, but it wouldn't be impossible to set up a checksum daemon of some sort that did absolutely nothing other the delivering good checksums.
If these servers are administrated properly, it would only be possible for one--not both--of them to get cracked by the same exploits, thus greatly reducing the risk of trojaned software.
What's an OS?
/bin/sh is an application; hell, anything that the user sees is an application. The things the user sees that might be considered the operating system are really side-effects of the operating system, such as process scheduling and file system caching.
In UNIX, this is easy to answer. The OS is the kernel and its API. Everything else is an application. Even
The term "operating environment" is more accurate for what we call Windows or Solaris, for example. These are the operating system plus bundled applications that make the system useful.
There is an important distinction to make between Windows and Solaris, however. Sun is slow to integrate third-party applications, such as Perl, into Solaris and does so only after enough users demand it. Microsoft, on the other hand, is quick to add things driven by their desire to dominate a particular market. This distinction makes is clearer how to deal with Microsoft.
The lines dividing what to package and what not to package should be divided by market. Can Microsoft include the operating system? Of course. Can Microsoft include a web browser (a distinct market), also, after being convicted an illegal monopoly? Yes, but it must be completely modular and completely optional. How about a trial contract with MSN (a distinct market)? Yes, but only if it is clearly separated from other applications and clearly documented (currently, they try to make it part of the Windows "experience"). How about an office productivity application (a distinct market)? Yes, but it should also be completely modular, optional, and have an open documented file format.
When you consider that Microsoft is trying to dominate several markets simultaneously, dividing what is and isn't "part of the OS" becomes pretty simple.
If they find that pop-up/under is not working, they will come up with new ways to be intrusive, Like showing a full-page ad before directing to the actual page we clicked. Ads taking 90% of the page, so that we have to click 10 "next" pages just to read a small article.
I think the free market will save us, here. By becoming so obnoxious as to reduce content down to 10% of a page, advertisers will be driving customers away as if avoiding the Plague!
The WWW will stabilize into some reasonable medium for both content and advertising. I'm not sure how long it will take, but, already, JavaScript-driven things are declining, which is good. The next phase will probably involve a rise and fall of Flash and other plugin-enabled formats.
CGI/mod_perl would be slow and cause a lot of traffic. A simple set of JS could tell a user when a combo is invalid without having to send stuff to your server.
On a cleanly designed website, doing things server-side does not create a lot of traffic nor is it slow. By sending pure HTML to the client, server-side programs can truly work across browsers. Avoiding JavaScript is just a simpler and more robust approach to making a website.
I have found countless places where I can greatly enhance the user experience by using DynamicHTML, which requires JavaScript or some other scripting language.
It's interesting that nearly all such "enhancing" features are, in reality, counterproductive when considering the whole user base. Most sites are very obviously tested only internally and quickly before posting them to the Web. The result: awful pull-down menus when I use larger fonts, broken menus, CPU meltdown, crashing browser, and websites that break on unexpected input.
Nearly every application for JavaScript can be replaced by well-thought-out straight-HTML and/or JSP/Perl/PHP/etc. A logical page hierarchy can actually be faster and easier to navigate than a single JavaScript-enabled page. And the pure simplicity is easier on the users and the developers alike.
Also, consider the cost of a JavaScript programmer. Now, just how expensive are two more CPUs on the server? Client-side performance just isn't a good argument. Modem connections are plenty fast for the text of a web page, and the client browser cache can ensure consistently-used images are loaded only once.
I have yet to see a convincing argument in favor of JavaScript and DHTML over plain old HTML on the client. They are just unneccessary additions to the already unpalatable language-soup of the WWW.
I hardly beleive the cost of the initial equipment outweighs the long term support costs...
The initial equipment cost is trivial compared to the cost of the people using and maintaining it over its lifetime (unless, perhaps, the equipment is hundreds of thousands of dollars). This is why it can be easy to argue for things, such as SCSI, which are expensive up front but cover your ass later on.
This is why Microsoft should be losing out at the low end, but their marketing is so good that they've actaully been pretty successful. Remember, a good salesman can sell anything to nearly anyone. The few people he can't sell to are just smart enough to avoid Microsoft on merit alone.
Am I the only one getting the feeling that ./ is being actively astroturfed?
No, not at all. Not only is Microsoft or people acting on the behalf of Microsoft posting propoganda to Slashdot, they somehow get moderation privileges, as well.
While Microsoft can post whatever they want, it is up to the many readers and moderators of Slashdot to argue the truth. This is sufficient to debunk nearly anything Microsoft can claim.
If they occasionally speak the truth, then that is fine. If Microsoft can actually find ways to compete on merit, they should be given a chance (though it is an uphill battle for them, and the hill is a mountain).
Has anyone ever found a rea-solid argument to keep sourceocde locked up and a super secret? other than lining your own pockets?
Classified projects comes to mind. Why give out source code to something that already has a need-to-know userbase and extreme physical security?
Anyway, lining one's pockets is actually a noble cause. If I want to earn my living by developing software, it is good to choose wisely which components to keep closed and which components to open up. I think file formats are great canidates for being open, but core algorithms that are unique probably can stay closed. The trick is to balance user trust with software lock-in, so that it really is a win-win situation between myself and my customers. It really is possible to develop proprietary software and be successful without becoming an asshole like Microsoft.
The GPL does not restrict any rights you, as a recipient of a copywritten work, already have. It does place requirements on you if you choose to exercise the rights of redistribution, modification, or creating derived works -- but those are rights that you do not have except as granted by the license, so the default assumption is that you cannot copy, redistribute, etc.
Okay, I understand this a bit better. On a slightly unrelated note, it would be funny if all EULAs were required to be prefaced by the actual text of copyright law. That way, EULAs might carry a bit more weight in the software world...
In short, how do you have a legally binding contract in the absence of a bidirectional communication that "... the party of the first part, being legally able to enter into a contract and freely entering into the contract, and the party of the second part, being legally able..."
This is why Microsoft is requiring a little-publicized feature called a hypodermic needle on all Palladium-compliant PCs. All users must proved blood samples for DNA analysis within the Palladium Chip before any action can be authorized. A centralized international database keeps track of human-software associations. If the database indicates suspicious activity, strawberry-flavored antifreeze is injected back through the needle providing instant justice for mankind.
(legal disclaimer: in case you, the reader, are a lawyer or a sue-happy fool, the above paragraph was intended as a joke and should not be regarded as a statement of fact)
Free Software vendors should be indicating the terms of the GPL (assuming some software is GPLed in their distribution) on the outside of the packaging, but even if they don't, again, the license is not restricting any of the rights you would normally have in a software sale so there is no need for prior assent.
What if you are evaluating a software package based on the ability to redistribute it or reuse parts of it? Prior assent is essential no matter the license, because even the GPL restricts some rights as a compromise for allowing others.
then, take the box fan and blow the steam out of the bathroom, this will catch all the particles of dust that hang in the air and blow them with the steam outside of the bathroom,...
But, what about the incoming air? This is significant, unless you plan on maintaining a vacuum while you work. Perhaps blocking all of the doorway leaving openings for the fan and a HEPA filter might be less risky.
Also, some latex gloves are manufactured with a powder in them, which could ruin all other preparations for cleanliness.
This drive mod recipe sounds more like those plans to prevent pregnacy by doing jumping-jacks after sex; it just leaves out too many variables.
I wonder if there really never was any such thing as a super computer.
Conspiracy theory: These Cray folk were really high-end furniture dealers posing as computer salesmen. The machine rooms housing Crays had rows of workstations under the tiles to do the work, while the sysadmins were enjoying their waterfalls, cool-looking couches, and lots of blinking LEDs. The tall black cabinets housed expensive beer, snack mix, and big TVs. Other cabinents had small humming devices and hiding places for party-goers, so passing managers thought the money spent was totally worth it.
Sounds like "win-win" as far as I can tell.
Who wants to bet that chronicle.com is going to be added very very soon ..?
This is by far the most frightening aspect of website and SPAM filters. Institutional filters, like N2H2, serve only the political or righteous interests of those who employ them. How can naive rules about what is and isn't pornography, for example, actually accomplish anything good? This is no different than choosing which books to burn, which people to take off the air, or what topics newspapers can publish. Internet filters are censorship; there is no excuse that can change this fact. For this reason, we should question the motives of any organization that uses them.
Which United States do you live in? Last month at the G8 summit, the topic of discussion for the second day was to be aid for Africa, and investment in Africa. All Pres. Bush wanted to discuss was getting support from the G8 to bomb Iraq into a new stone age.
Just a friendly reminder that U.S. citizens should be very thankful for the Constitution of the United States of America, which imposes a maximum term of two four-year periods for any president. High turnover is one aspect of the strength of the U.S.A.
I don't know what licensing (if any) was like up until the mid 70's. But a warrant of merchantibility probably didn't matter. Why? Because reputations were on the line. This shit was supposed to work. Welcome to 2002, where we, as consumers, expect crashes, lock-ups, lost documents, incomplete features, etc.
If the adolesence you speak of lasts too long, people will ask for these things even less than they do today.
I think for the most part, the software industry up to this point has evolved fairly unsuprisingly: starting out with really expensive custom computers and software and leading to current commoditization where quality has suffered due to pricing competition and relentless market growth. This seems fairly natural, where a system starts out at one extreme, swings over time to another extreme, and eventually stabilizes somewhere in the middle.
Right now, I think we have reached the second extreme, especially since it has come to the point where software that is free can routinely exceed the quality of software that is not (in a way, this is pretty sad).
If this is all true, this adolescence has peaked, and we've begun a trend towards stability. Maturation of the software industry may take a number of years, but I think more and more people are grasping that good quality is possible again, which is encouraging. My hope is that this quality is achieved through a free-market consensus rather than legislation or industry-imposed DRM/Palladium, since legislation and DRM will probably be extremely short-sighted and damaging overall. However, some consumer-oriented legislastion, such as requiring warranties, may actually be good.
This could be an easier way for people to "write their Congressmen"...
Especially if they are more tolerant of typographical errors on such a forum: "goverment" --> "government"
Also, posts to Slashdot are harder to ignore (no trashcans, only trashmouths)
The thing is, it's the professionals who have been doing it "the unsafe way" for years who will keep on doing the same thing. It's the upstart hobbyists who have a reliable set of utilities that are much more immune to buffer overflows.
It's interesting that I didn't consider Linux or OpenBSD, for example, as hobbyist systems, even though they really are, in a way. Many people at GNU and other free software organizations have been doing professional-quality work, just not often under the professional guise.
In another way, GNU, OpenBSD, XFree86, and KDE, for example, technically aren't made by hobbyists, because they went through the effort to create non-profit organizations, boards of directors, or otherwise distinquished themselves. There is something about them that has elevated them above a "hobbyist" status. Many of them should be considered professionals, even though most of them don't write software for-profit.
Tiered pricing is only reasonable, since infrastructure costs scale with bandwidth.
What I would really love is to see a lower bandwidth option for less than $20 or $30 per month. Somewhat faster than a modem but not 1Mb/sec, either.
The only reason I stick to a modem, now, is the huge jump in price to get ISDN or DSL.
we need to get Richard Clarke to do a slashdot interview.
This is a good idea. A natural extension to this would be to invite other goverment figures, such as Justice Department officials or members of Congress. People who have an interest in federal or international technology policies might appreciate the open, yet moderated, forum of Slashdot. This could be an example of the U.S. goverment at its best.
This could be an easier way for people to "write their Congressmen", since there really is a lower courage threshold when posting to Slashdot (yes, writing Congressmen isn't trivial for many people, even though it should be).
If nothing else, computer software must be fit for a specific purpose.
When this becomes commonplace (I hope that it does), software makers will be much more modest about their claims, and software will be developed only with the discipline it deserves.
With genuine warranties on software, companies like Microsoft will have to make their marketing department shut up (finally!) and will have to start selling really good, tried and true, software. However, I believe this sort of software industry is quite a few years away.
Right now, the software industry is going through some sort of adolescence, where righteous bastards like Senator Hollings (SSSCA), Microsoft (.NET, Palladium), and others are trying to write the law of the future in their own image, and the equally-unreasonable "free love" software culture opposing in the wrong way. I really hope reason wins in the end, and we fall back on traditional good ol' hard work and quality products. Some regulation may be appropriate, but it can't go as far as the DMCA already has.
What we need is a law that makes it a crime to do such poor software engineering.
Perhaps analogous to building codes for new construction, or FCC requirements for electronics?
Another approach would be certification, such as "Professional Engineer" for software engineers.
I know that many people will lash out at these sort of ideas, but as long as there are strict distinctions between "professional" and "non-professional", everyone should be able to get their way. Hobbyists can still do everything they want, while Software PE's can develop commercial software in the same way as building contractors develop office complexes--disciplined and with checks and balances. The end result is that software projects will cost what they really need to cost, and shoddy commercial software will be much rarer.
It has been this way for a long time in other disciplines, such as Mechanical Engineering or Electrical Engineering; the software industry just hasn't matured to this point, yet.
I would be more careful with words like "crime", however, because hobbyists really need to be protected. "Professional liability" may be more appropriate.
When you login to the FTP site, it says SunOS 4.1. This is SunOS, not Solaris. IIRC any version of Solaris is identified as SunOS 5.x. So the question is, how secure is this antique OS?
SunOS 4.X was rebranded "Solaris 1.X" some time ago, to make it seem more in-line with the SunOS 5.X development. I suppose any UNIX, regardless of age, can be fairly well secured. It just takes a lot of knowledge and intuition about network services, file permissions, etc.
"click"..."whirrrrrrrrr"..."Yeowch!!! Damn, that hurt!"
Ugh, I don't get it, how would that have helped make software better?
Well, I guess that's what they get for hosting ftp.openbsd.org on a box running SunOS, not OpenBSD!
Not quite. Solaris really can be secured almost as well as OpenBSD. It just takes more effort, and the administrators of the FTP server probably didn't bother.
What we need is a trusted 3rd party that has all the checksums.
I disagree, because a third party, such as VeriSign, would probably introduce more bureaucracy than most open source projects are willing to tolerate.
A much simpler solution would be to set up checksum servers separate from the ftp servers. These servers could use highly-restrictive firewalls that allow only the checksum-getting protocol through. I don't know what this protocol could be, but it wouldn't be impossible to set up a checksum daemon of some sort that did absolutely nothing other the delivering good checksums.
If these servers are administrated properly, it would only be possible for one--not both--of them to get cracked by the same exploits, thus greatly reducing the risk of trojaned software.