On the one hand, it's good for clueless IT managers to know they can run OSS on Windows, on the other hand it's been that way forever and anyone who didn't know you could run Apache on Windows shouldn't be managing the web server.
What the article completely ignores is why geeks prefer Linux. It's not hard to understand. When you're setting up infrastructure, you want to plan for the long term. If you go with Microsoft there's really no telling what's in the pipeline--their whole marketing strategy is based on overpromising which renders their roadmaps useless. Linux and open source app development is more predictable. Even though Microsoft can push stuff out faster, everyone knows the ultimate goal is profits. That means they'll inevitably change things and add dubious features just to force upgrades. On the other hand open-source applications exist primarily to solve specific problems.
There are a ton of short-term reasons to go with Microsoft:
It does what you need now.
Your staff knows it.
You've already invested in it.
Support comes with it.
Your boss has the full-color brochure
It's 'people-ready'
On the other hand, long-term all these reasons evaporate. Open source projects can fall into dis-repair too, but at least you know a project isn't going to be scrapped because it's not driving upgrades anymore.
Whether or not they claim to be competing with SourceForge is really beside the point. SourceForge puts all its effort into providing service for its Enterprise customers. Or at least that's my interpretation of why their free services have been plagued with extensive downtime and poor administration. When I did the first release of a personal project last year I didn't even bother to put it on SourceForge. If they can't provide reasonable uptime and notification of changes (such as the infamous CVS root change) then it's worse than nothing.
If Google provides decent uptime--which seems likely given their infrastructure--then they'll already have SourceForge beat on the most important metric. If the service actually innovates and provides some unique value, well that's just a bonus.
Back in the era of the NES and SNES Nintendo Power used to advertise official game company 1-900 numbers where you could get rad tips for some crazy per-minute charge.
Back in the day the competition level wasn't as stiff. I never felt the need for any of that extra help because video games were just something me and my buddies played. When Quake hit I felt like I was pretty good at it for a few years. But the level of competition started ramping up due to the regional and then global competition pool.
The base skill level is so much higher these days, if you're not a kid with unlimited time (or naturally talented) it's really hard to have fun on XBox live or Nintendo Wifi. I don't think paying a coach is unreasonable at all if you want to minimize your time investment and still have fun.
...but I really can't take any book seriously titled "Building Scalable Web Sites" that explains itself using PHP and mySQL. I know PHP/mySQL have their place but I just don't think of them as industrial strength.
Look, you're either going to use PHP or you're not. If you are going to use it then this book probably will come in handy. Hey, it's not like the author is talking out of his ass on this one. Flickr is bigger than probably anything you or I will ever work on. My biggest problem with PHP is the absolute shit code that is found in the open source community, thereby teaching new generations of programmers how NOT to do it. Beyond that, I consider the language a little watered down, but if you can use PHP 5 then its really a fairly capable language, especially if your benchmark is Java.
Wish they said more about the tools themselves. Lack of standard tools is one of the biggest problems facing the language. Sure they exist, but the dichotomy between shared host PHP configurations and a 'professional' PHP installation compiled with appropriate modules (getting stack traces is like pulling teeth for crying out loud) is enough to make any serious developer look to the alternatives. ASP.NET, JSP, Ruby on Rails, even ColdFusion have better tools by default. Even using PHP 5 would be a huge improvement, but I'm very hesitant to write PHP 5 code for anything that may have to be reused on another server.
Once PHP loses its ubiquity crown, it doesn't have much advantage left.
Move along nothing to see here. People don't want flash based 2.0 web searchs, they want to use a search engine as a spring board. You hop on and 2 clicks later you hop off to your location. When you start adding an interface beyond basic input and 12 million adverts around it (hello yahoo), you lose the entire point of using a search engine to find what you want quickly.
You remind me of Bill Gates in the early 90s saying the Internet is stupid, people want desktop apps! We already know how people use search today, it's not insightful to trumpet that. The point of these new apps is to create a niche market and grow it; they're not trying to replace Google. Sure most of them will probably fail, but that's because they're exploring new ideas. It's a hell of a lot more interesting than sitting around saying "search is perfected" and then wading through 10 pages of spam blogs.
Why do programmers think that it's a good idea to write their own escape routines when every database has a facility for denoting what is variable data and what is not?
Yeah, but not every API does. Enter ext/mysql (PHP).
Or a company desperately in need of help is likely to dump huge sums of money on acquiring the most expensive CEO they can, in the hope of a turnaround.
This would be my first guess. Companies dumping money on CEOs may work in businesses where CEOs are rock stars, but in the tech industry it makes sense that a CEO would not be of much help if they don't have a solid technological base. It's not like other industries where good CEO-sense can take you a long way. If a tech CEO doesn't have people underneath that can tell him what the problem is, he isn't likely going to be able to figure it out intuitively.
I've come to terms with Slashdot becoming an MS-fanboi site but I still expect submitters to RTFA before making accusations of FUD. Would Symantec make these accusations if the legal situation didn't support it?
The legal situation? Whu-huh?
It's funny that you call/. an MS-fanboi site while others complain about reflexive anti-Microsoftism. Then there's the ever-popular 'slashbot' theory that only popular opinions get modded up. It just goes to show that every whiner views the world through their own eyes and only sees the things that confirm their theory of universal and conspiratorial ignorance. If you can't see that Symantec might have an incentive to say Vista security will suck then you are truly a sucker and you deserve what you get in life.
There are two _very_ distinct and unrelated parts of the article:
I noticed the exact same thing.
The open source part. Which doesn't contain any kind of anti-OSS slant. It just says that people now have a lot of F/OSS tools to manage their files and whatnot.
I'm not even sure what the point of this is other than FUD for the uninformed. So virus writers are forming communities and working together... it has nothing to do with OSS. As virus writers they would be more likely to pirate commercial software if things like CVS weren't open source. Likewise, the collaborative work they are doing is just software development. Closed-source software is also developed by teams working together. The pernicious part of this kind of FUD is that there's nothing untrue about it, it's just meant to associate OSS with virus writers.
The part about full disclosure. Where they basically whine that they'd like to have what we all call "security by obscurity." Basically McAffee would like a world where researchers keep a lot more stuff secret, because supposedly being public about that helps evil hackers. Which is as stupid as it gets, yes, but it also has nothing to do with OSS at this point.
Here they are also speaking truth to a point. Virus writers do gain a lot by full disclosure. They can target known exploits and are guaranteed that a certain number of machines won't be patched. On the other hand, keeping exploits secret also helps virus writers. It's a win-win for virus writers. The best way to stop viruses would be to diversify our systems. Beyond that the best we can hope for is a gradual improvement in security from vendors like Microsoft. Unfortunately with the focus of software development on new features, new attack vectors will be appearing regularly. McAffee isn't doing anyone any favors by shouting self-serving one-sided truisms that are at best tangential to the issue of software security.
Why don't we see this more often in all games? Because I think most games today are disposable. [snip] Games like WoW or other MMOs might bring about a shift in the way game designers spend their efforts.
Bingo. Game developers aren't interested in technology that will extend the life of games (unless people are paying a subscription). This technology is very cool and we'll certainly be seeing more of it in select areas (notably open-source games), but it doesn't really make business sense on a wide scale.
You would think that nerds, who are supposedly intelligent, would choose music with real musical value, stuff like Rush or Dream Theater, or other non-manufactured musical types, even jazz or classical.
On the other hand, it's no surprise that a nerd who values intelligence above all else would fail to realize musical taste has nothing to do with intelligence.
Linux does have a ton of research-level development on it. You can do amazing things that you can't do anywhere else. Unfortunately the history of UNIX weighs in very heavily in almost all OS development. The fact is that the problems with UNIX are obscured by how horrendous Windows is. Think how much we could really move forward if we were to take some fresh ideas like Plan9. Unfortunately the software economy is too mature for a cutting-edge research OS to be able to get a critical mass of developers. No one wants to write software for a new OS when there's already so much open source out there for Linux/UNIX. If you could get paid to do pure research it would be pretty fun though.
You're going to have a hard time selling me a solution that makes it easier to mix my business logic and presentation
Attacking JSP is a strawman, but so is this. Presentation requires logic. Ruby makes an excellent templating language. If we try to replace it with a secondary crippled syntax just to avoid people putting business logic in their templates, then we run the risk of forcing people who know what they're doing to mix presentation logic in with their business logic. Designing languages to prevent people from doing stupid things is a good thing for shitty programmers, but it's a terrible thing for good programmers.
I'm sorry, but to me this is just yet another confusing syntax for the same old tricks.
You really oughtta learn LISP. Instead of spending half an hour looking at some code and concluding that it's more confusing than the language you've been working with for the last 5 years, work with it long enough to 'get it' and then make a proper comparison.
Wheee! 2 different kinds of strings... yet another invitation for novices to create spaghetti code that I will have to clean up later, thanks!
Explain to me how string syntax has anything to do with spaghetti code. Honestly.
It's not really pointless, and it's very easy to deal with.
How is it not pointless? Jumping through a hoop may be easy, but it's annoying. Why should we need to explicitly deal with a configuration option that at best makes life slightly more convenient for a very specific subset of apps (ie. where everything from the user goes straight to a database and is never displayed on the same page load) while encouraging ignorance about things like sql injection attacks because, hey, "magic quotes takes care of it". Anyway, you are totally missing the point: I'm just citing this as an example of the lunacy that is the PHP language design process. I mean yeah, PHP can do almost anything, and yeah, it is possible to write good clean PHP, but the language is horribly uninspired. The only people who really love it just don't know any other languages.
By the way, have you tried passing an array into your little gem?
There are shortcomings with it, like basically every other language, but I don't think the fact that all these application with vulnerabilities should be a direct reflection on the language itself.
Well yes and no. I mean, PHP does have some braindead configuraion options that result in insecure code. Writing code that's secure with register_globals on is more work than just turning it off. Likewise handling both cases of magic_quotes_gpc is just a pointless hoop to have to jump through.
I don't really blame the language for being easy to use, and thus easy for talentless hacks to use... but definitely the open source code would be better if the language was better. Every time I write anything in PHP I get irritated by barebones the syntax really is. I mean, if I want verbose everything-is-an-api language I'll use Java and get real objects. If I want to be able to express things concisely I'll use Ruby. The only place PHP is really optimized is for adding little snippets of dynamic code into web pages. It's a huge niche, but one thats inevitably gonna be filled with bad open source code.
He's so far on the right edge of capitalism that the whole world is more commie than he is, so, from that perspective, he's right!
It's so true. Like how communist it is that us normal folks hang out with each other for free. You can't really call yourself a capitalist until you pay your friends. If Bill Gates gave me $10,000 I would sure as hell fly out to Redmond right now and have a beer with him. Anything less would be communist.
Another one they missed is Strongspace. Although they are a bit more expensive, they offer SFTP and shell access in addition to their web interface. I don't doubt that some of these others have cool features in their clients, but I'm guessing a sizable minority are happier using standard unix tools like rsync. How scriptable are those other services?
Slashdot Mirror
Um, what the hell happened to my UL? Did they change the parser on us?
What the article completely ignores is why geeks prefer Linux. It's not hard to understand. When you're setting up infrastructure, you want to plan for the long term. If you go with Microsoft there's really no telling what's in the pipeline--their whole marketing strategy is based on overpromising which renders their roadmaps useless. Linux and open source app development is more predictable. Even though Microsoft can push stuff out faster, everyone knows the ultimate goal is profits. That means they'll inevitably change things and add dubious features just to force upgrades. On the other hand open-source applications exist primarily to solve specific problems.
There are a ton of short-term reasons to go with Microsoft:
On the other hand, long-term all these reasons evaporate. Open source projects can fall into dis-repair too, but at least you know a project isn't going to be scrapped because it's not driving upgrades anymore.
Whether or not they claim to be competing with SourceForge is really beside the point. SourceForge puts all its effort into providing service for its Enterprise customers. Or at least that's my interpretation of why their free services have been plagued with extensive downtime and poor administration. When I did the first release of a personal project last year I didn't even bother to put it on SourceForge. If they can't provide reasonable uptime and notification of changes (such as the infamous CVS root change) then it's worse than nothing.
If Google provides decent uptime--which seems likely given their infrastructure--then they'll already have SourceForge beat on the most important metric. If the service actually innovates and provides some unique value, well that's just a bonus.
Back in the day the competition level wasn't as stiff. I never felt the need for any of that extra help because video games were just something me and my buddies played. When Quake hit I felt like I was pretty good at it for a few years. But the level of competition started ramping up due to the regional and then global competition pool.
The base skill level is so much higher these days, if you're not a kid with unlimited time (or naturally talented) it's really hard to have fun on XBox live or Nintendo Wifi. I don't think paying a coach is unreasonable at all if you want to minimize your time investment and still have fun.
Look, you're either going to use PHP or you're not. If you are going to use it then this book probably will come in handy. Hey, it's not like the author is talking out of his ass on this one. Flickr is bigger than probably anything you or I will ever work on. My biggest problem with PHP is the absolute shit code that is found in the open source community, thereby teaching new generations of programmers how NOT to do it. Beyond that, I consider the language a little watered down, but if you can use PHP 5 then its really a fairly capable language, especially if your benchmark is Java.
Wish they said more about the tools themselves. Lack of standard tools is one of the biggest problems facing the language. Sure they exist, but the dichotomy between shared host PHP configurations and a 'professional' PHP installation compiled with appropriate modules (getting stack traces is like pulling teeth for crying out loud) is enough to make any serious developer look to the alternatives. ASP.NET, JSP, Ruby on Rails, even ColdFusion have better tools by default. Even using PHP 5 would be a huge improvement, but I'm very hesitant to write PHP 5 code for anything that may have to be reused on another server.
Once PHP loses its ubiquity crown, it doesn't have much advantage left.
You remind me of Bill Gates in the early 90s saying the Internet is stupid, people want desktop apps! We already know how people use search today, it's not insightful to trumpet that. The point of these new apps is to create a niche market and grow it; they're not trying to replace Google. Sure most of them will probably fail, but that's because they're exploring new ideas. It's a hell of a lot more interesting than sitting around saying "search is perfected" and then wading through 10 pages of spam blogs.
Why do programmers think that it's a good idea to write their own escape routines when every database has a facility for denoting what is variable data and what is not?
Yeah, but not every API does. Enter ext/mysql (PHP).
Or a company desperately in need of help is likely to dump huge sums of money on acquiring the most expensive CEO they can, in the hope of a turnaround.
This would be my first guess. Companies dumping money on CEOs may work in businesses where CEOs are rock stars, but in the tech industry it makes sense that a CEO would not be of much help if they don't have a solid technological base. It's not like other industries where good CEO-sense can take you a long way. If a tech CEO doesn't have people underneath that can tell him what the problem is, he isn't likely going to be able to figure it out intuitively.
If Symantec's statement was patently unfounded and false, could they say it? That legal situation.
Just because something is technically true or at least ambiguous enough to not be false does not mean that its purpose is not FUD.
I've come to terms with Slashdot becoming an MS-fanboi site but I still expect submitters to RTFA before making accusations of FUD. Would Symantec make these accusations if the legal situation didn't support it?
/. an MS-fanboi site while others complain about reflexive anti-Microsoftism. Then there's the ever-popular 'slashbot' theory that only popular opinions get modded up. It just goes to show that every whiner views the world through their own eyes and only sees the things that confirm their theory of universal and conspiratorial ignorance. If you can't see that Symantec might have an incentive to say Vista security will suck then you are truly a sucker and you deserve what you get in life.
The legal situation? Whu-huh?
It's funny that you call
There are two _very_ distinct and unrelated parts of the article:
I noticed the exact same thing.
The open source part. Which doesn't contain any kind of anti-OSS slant. It just says that people now have a lot of F/OSS tools to manage their files and whatnot.
I'm not even sure what the point of this is other than FUD for the uninformed. So virus writers are forming communities and working together... it has nothing to do with OSS. As virus writers they would be more likely to pirate commercial software if things like CVS weren't open source. Likewise, the collaborative work they are doing is just software development. Closed-source software is also developed by teams working together. The pernicious part of this kind of FUD is that there's nothing untrue about it, it's just meant to associate OSS with virus writers.
The part about full disclosure. Where they basically whine that they'd like to have what we all call "security by obscurity." Basically McAffee would like a world where researchers keep a lot more stuff secret, because supposedly being public about that helps evil hackers. Which is as stupid as it gets, yes, but it also has nothing to do with OSS at this point.
Here they are also speaking truth to a point. Virus writers do gain a lot by full disclosure. They can target known exploits and are guaranteed that a certain number of machines won't be patched. On the other hand, keeping exploits secret also helps virus writers. It's a win-win for virus writers. The best way to stop viruses would be to diversify our systems. Beyond that the best we can hope for is a gradual improvement in security from vendors like Microsoft. Unfortunately with the focus of software development on new features, new attack vectors will be appearing regularly. McAffee isn't doing anyone any favors by shouting self-serving one-sided truisms that are at best tangential to the issue of software security.
Why don't we see this more often in all games? Because I think most games today are disposable. [snip] Games like WoW or other MMOs might bring about a shift in the way game designers spend their efforts.
Bingo. Game developers aren't interested in technology that will extend the life of games (unless people are paying a subscription). This technology is very cool and we'll certainly be seeing more of it in select areas (notably open-source games), but it doesn't really make business sense on a wide scale.
You would think that nerds, who are supposedly intelligent, would choose music with real musical value, stuff like Rush or Dream Theater, or other non-manufactured musical types, even jazz or classical.
On the other hand, it's no surprise that a nerd who values intelligence above all else would fail to realize musical taste has nothing to do with intelligence.
Linux does have a ton of research-level development on it. You can do amazing things that you can't do anywhere else. Unfortunately the history of UNIX weighs in very heavily in almost all OS development. The fact is that the problems with UNIX are obscured by how horrendous Windows is. Think how much we could really move forward if we were to take some fresh ideas like Plan9. Unfortunately the software economy is too mature for a cutting-edge research OS to be able to get a critical mass of developers. No one wants to write software for a new OS when there's already so much open source out there for Linux/UNIX. If you could get paid to do pure research it would be pretty fun though.
Can we legalize hunting of SUV drivers?
:)
Hell yeah! Make 'em actually take those things offroad for once
You're going to have a hard time selling me a solution that makes it easier to mix my business logic and presentation
Attacking JSP is a strawman, but so is this. Presentation requires logic. Ruby makes an excellent templating language. If we try to replace it with a secondary crippled syntax just to avoid people putting business logic in their templates, then we run the risk of forcing people who know what they're doing to mix presentation logic in with their business logic. Designing languages to prevent people from doing stupid things is a good thing for shitty programmers, but it's a terrible thing for good programmers.
I'm sorry, but to me this is just yet another confusing syntax for the same old tricks.
You really oughtta learn LISP. Instead of spending half an hour looking at some code and concluding that it's more confusing than the language you've been working with for the last 5 years, work with it long enough to 'get it' and then make a proper comparison.
Wheee! 2 different kinds of strings... yet another invitation for novices to create spaghetti code that I will have to clean up later, thanks!
Explain to me how string syntax has anything to do with spaghetti code. Honestly.
There is nothing gained by making inflamatory statements, just state the benefits of Seaside and Ruby and leave other languages out of it.
Wrong. Ruby on Rails came to prominence because of DHH's brilliant marketing--poking Java guys with a stick.
It's not really pointless, and it's very easy to deal with.
How is it not pointless? Jumping through a hoop may be easy, but it's annoying. Why should we need to explicitly deal with a configuration option that at best makes life slightly more convenient for a very specific subset of apps (ie. where everything from the user goes straight to a database and is never displayed on the same page load) while encouraging ignorance about things like sql injection attacks because, hey, "magic quotes takes care of it". Anyway, you are totally missing the point: I'm just citing this as an example of the lunacy that is the PHP language design process. I mean yeah, PHP can do almost anything, and yeah, it is possible to write good clean PHP, but the language is horribly uninspired. The only people who really love it just don't know any other languages.
By the way, have you tried passing an array into your little gem?
There are shortcomings with it, like basically every other language, but I don't think the fact that all these application with vulnerabilities should be a direct reflection on the language itself.
Well yes and no. I mean, PHP does have some braindead configuraion options that result in insecure code. Writing code that's secure with register_globals on is more work than just turning it off. Likewise handling both cases of magic_quotes_gpc is just a pointless hoop to have to jump through.
I don't really blame the language for being easy to use, and thus easy for talentless hacks to use... but definitely the open source code would be better if the language was better. Every time I write anything in PHP I get irritated by barebones the syntax really is. I mean, if I want verbose everything-is-an-api language I'll use Java and get real objects. If I want to be able to express things concisely I'll use Ruby. The only place PHP is really optimized is for adding little snippets of dynamic code into web pages. It's a huge niche, but one thats inevitably gonna be filled with bad open source code.
What are you, 12?
He's so far on the right edge of capitalism that the whole world is more commie than he is, so, from that perspective, he's right!
It's so true. Like how communist it is that us normal folks hang out with each other for free. You can't really call yourself a capitalist until you pay your friends. If Bill Gates gave me $10,000 I would sure as hell fly out to Redmond right now and have a beer with him. Anything less would be communist.
People who are afraid of "messing with" natural phenomona make me anxious.
Wait a minute, why does this make you anxious? Does it also make you anxious when you hear, "just because we can doesn't mean we should"?
Another one they missed is Strongspace. Although they are a bit more expensive, they offer SFTP and shell access in addition to their web interface. I don't doubt that some of these others have cool features in their clients, but I'm guessing a sizable minority are happier using standard unix tools like rsync. How scriptable are those other services?