Come now, you have a perfectly good opportunity to use an entry from the jargon file that ESR maintains. It's called a clue-by-4. He'd understand that much better this one off term of "reality 2x4"...:-)
I'd be all about running debian if they had a stable that was a 2.4 kernel. I like Debian's policies (for the most part), but I'm not going to run a -testing, or -unstable on production machines. I don't care how stable they are, I'm not doing it. It's merely a matter of princepal.
Gentoo, I've never worked with, but has too much of a reputation as a bleeding edge distro. I'm sure it has some kind of stable, but not the sort of stable I'm looking for is my guess. Besides which, I want a binary install (it makes it a lot easier to build tripwire-like databases, and be sure you are running the correct distro).
Slack, I didn't mind back in the days when I still ran it, however, it was too much work. The start scripts aren't as flexible. The ability to start and stop services all was done by hand. The package manager is essentially "tar". Not my cup of tea. Things might have changed. However, about RedHat 4.2, I left slack and never looked back.
I'm not terrible fond of SuSE for the same reasons I don't like Red Hat Enterprise Linux (they are a per money, per seat license for the good editions). Plus they just changed corporate hands (being bought by Novell, I'm kinda in a wait and see approach on how the company shakes out).
I've got 15 RedHat installs on servers that are already deployed. I'm really interested in continuing to do the same things, on the same boxes just like I always have. It's somewhat inertia. I also like the way Red Hat does things now. It took me a long time to learn all the in's and out's of their configuration, and how they do things, but now that I have, I'm reluctant to give up all my expertise.
White Box is a piece of cake. It's feels like redhat, it walks like redhat, it talks like redhat. I'm pretty happy with it, it's free, and something I can contribute to.
My other concerns, are that I have to have a distributions supported by IBM, and by Oracle. That pretty much puts me in the SuSE or RedHat camp for those machines. I'd pretty much like to go with the same distro everywhere... Which because of the 15 servers I have deployed, means RedHat like. I also pick it, because I can use WhiteBox and RHEL in parallel, and essentially get the best of both worlds. I get the support I have to have, on the machines I have to have it. I get the free copy that works just like the for money copy on the machines I'm willing to support myself.
I'd do Fedora, but their support and security polices are assine (I've been thru this argument in other threads recently, I'm not anxious to explain it all again, Fedora Legacy might fix all my concerns, but I want to wait 18 months and see how things pan out. I'm not going to migrate to it, and in 6-12 months find out just how screwed I am).
In the end, I'm really, really conservative, but I'm not so conservative that I want to go run a 2.2 kernel. Besides, if Debian does what they did before, I'd be pretty unhappy with them. (They essentially, announced the new stable, and then said, yeppers well support the old stable for roughly 30-60 days if I remember the story right).
That page specifically grants you the right to copy and use "Red Hat's Trademarks" on all internal copies. However, that specifically is talking about "Red Hat Linux". "Red Hat Linux", isn't "Red Hat Enterprise Linux". Red Hat Enterprise Linux, is a different product, and as such, I don't believe you have any rights.
Now, it might be that this an oversight, but it clearly states at the top, that this if for "Red Hat Linux Only". The EULA you referred to in Appendix A, clearly notes that this is the License for "Red Hat(TM) Enterprise Linux(TM)". Thus I believe, you'd still have to strip off the Anaconda RPM's and the redhat-logos before you could reuse it internally, or redistribute it.
Bummer, I was nearly convinced. If I have to do that much work, I'd much rather just run WhiteBox, and know that I'm pretty much in the clear.
You mis-undertand my usage of the term "plain HTML". I mean HTML with images, and other complex tags. You don't need to develop the entire rotating gif. You don't need to get the exact marketing approved wording, instead you can put: "Blah, Blah". You don't need to get the dymanically generated tables to fit perfect in all cases no matter how much the text won't fit there. You just have to get the render to look reasonable for the known static text. You don't really need that much java script, or anythign else. A static layout, that's it. It's something I can get a teenager to crank out by the dozen. It just needs to get the look and feel right. Really, all you need to do is get the basic color scheme, and the primary layout done (the major frames and tables with their associated color schemes, and major artwork). Think two even vertical columns or three colomns, with a fat one in the middle, and two skinny outter ones. Think headers and footers. Think where the logos go. Think all major layout. You can use images and tables. However, you don't have to pull content out from a database. You can use as much or as little CSS as you like.
I am not a digitial artist of any kind. However, as my sister explained to me. Some things, like where you have images and text overlaid. You can do that as an image, or as text. Depending on how the background lays out, you can have portions of it split. You can have the text and off the background. When designing in photoshop, it's a mindset issue, that you forget, that photoshop isn't the web.
Depending on how you layout the text, and the graphics, dictates weather the text is an image, or an art file. Depending on if the text being scalable is important to you, you want to have it be in HTML, not in the image. However, if someone actually does change the font size, that can make some layouts that look beautiful in Photoshop look horrendeously stupid when viewed on a screen.
In my sister's case, she works directly for the people who she designs sites for. However, the person she works for is has an Art degree, and realizes that she could make the layout "better", and more asethicially pleasing. However, she forgets that it won't look like that if you:
Change the screen resolutions
Change the color depth
Change the font size (given that they have to follow the state law on disabled people being able to use it, this is really important to her that nothing ever be done graphically that is actually text).
Change the browser (the version, the actual browser, or the OS underneath the same version of the same broswer can also make subtle changes).
Designs that are purely done in straight up Photoshop, gets you so far away from that type of mindset, and that kind of design, that she feels it's bad. People have a tendency, to think that what they can design in Photoshop, is exactly the way people will see it on the screen. That's most definitely not the case with a website, unless you deploy as stright images.
She does deal with people who have too many people on a T1. She does deal with people with schools. She does deal with people from rural areas. She does deal with people who have IE 3.0. She does deal with people who use Netscape 2.0. Simple stuff, like using photoshop fiddle with various compression parameters and colors to get an image from 150K to 25K without making causing any easy to see visual flaws. Trying to use backgrounds that will compress well. She has rules of thumb, about how long it can take to do certain things, and how large various pages can be to stay withing those contraints. She's aware about things having a 200K image. That's a 2 seconds coming over our cable modem most of the time (lets not discuss what that is on a 56K modem). If it takes longer then 3 seconds people get impatient. If it takes longer then 15-20, they go away. Stuff that looks great on the local lan, or when it's completely in the broswer cache are fast, and fool designers. I helped her setup
Thank you Charles, you just made my day... Here I started out thinking you're being foolish, now I feel foolish for not following all the details...:-)
I think she'd second that. If you are doing a presentation to others, Photoshop would be a fine way to doing it. However, if others are presenting to you, that might be a problem.
So it depends on who precisely is doing the storyboarding. She always get mockup from others, or she'll develop mockups. Then people will ask for modifications by directly changing the Photoshop. She works with lots of people who are great graphic artists/designers, but don't know a lick of HTML. So it's an on going problem for her to teach them the limitations of HTML as a medium.
You appear to be correct, you still will have to strip out a couple of RPM's, and rebuild the ISO's before you can distribute them. However, you do appear to have the right to do nearly anything you want with the RPM's you get (which I didn't know until just now).
While the support and software are separately licensed, you can't get a copy of RedHat's software without support (and you can't duplicate what RedHat gives out to anyone without modification).
I wonder how much trouble you'd get into just making new RPM's that are named the same, and just switching the blue and red bytes in the images.
I'm not sure that copying it and running it, will get you out of the other aspects of the terms "Installed Systems", but I'll buy into it for now. I'd actually have to get a real lawyer to be sure.
For my personal situation, I'd like to have a handful with support, and a ton without it. I'd prefer not to have to prove I did it correctly. Hence, I'm a White Box Linux fan...:-)
In 7 years of running Linux, I've never needed any support from anybody I couldn't get off mailing lists, deja news, and a good search engine. I don't have a problem paying for a copy, I'm just not interested in paying for that many copies for support I don't want or need. I need the support for Oracle (because Oracle could get support from RedHat on my behalf).
I think if you went to the trouble to strip off the RedHat RPM's, it'd all work out okay. Depending on how precisely "Installed Systems" is enforced in the Services contract. My next problem will be getting security updates on a regular basis.
Uhhh, to all the people suggesting using Photoshop as a design tool. My sister is a graphic artist, and is a pretty good Web designer. One of her biggest gripes about people using Photoshop, or other graphic design tools, allows them a ton more flexibility, and options then you can possible extract from an HTML based site assuming you actually use HTML, instead of really big images as your site.
That you can develop beautiful, and wonderful concepts in graphics tools, that can't be realized as actual honest to goodness useable sites via a semi-slow network connection. She always claims that being obsessed with how small your site is, and doing as much as possible directly in HTML/CSS is the way to go from start to finish. She regularly gets photoshop files showing her what to design, and she has to reject, or significantly modify a lot of things, because they aren't possible given other technical constraints.
It reminds me of my brother's old adage, that all architects should have to actually frame the houses they draw. Because drawing in on paper is a lot easier then realizing the finished product given the limitations of the real world.
If you are aware of the limitations, and strictly stay inside of them, I suppose it would work. However, you're talking about HTML. It is a markup language. It's not that hard to prototype a site directly in it if it's static content.
You really should go read the EULA one more time. No, you can't install RedHat Enterprise on multiple machines and just run it. Not if you have a single support contract with RedHat. If you have original media from RedHat, you have 1 years worth of support that you can't opt out of.
If you have a single support contract with RedHat, then all of the systems are considered "Installed Systems" (as defined section I.A). RedHat has the right to come into your locations, and audit all of your "Installed Systems" (I.4). They can then invoice you for all of the extra systems you have installed. If are over your allotment of installed systems by more then 5%, they are allowed to invoice for an additional 20% penalty (later in I.4).
I'm not a lawyer, and that is my interpretation of it. However, if you took the binaries off the install CD and put them on a different CD (excluding a handful, primarily being redhat-logos and 3rd party stuff), you could install that, invoking the GPL license. However, a number of binaries on the CD, they could claim copyright on (XFree86 and Apache binaries for instance, and anything else which has a source license of BSD-like). I'm not sure what the license on the actual binaries are.
I'm not sure if the license inside of the RPM is the license for the binaries, or the original source. I'm assuming that it is only for the source.
The actual ISO image isn't GPL'ed. They own the copyright on that, so you can't just go give away a copy. They also own the copyright on all of the binaries. They might be compelled to allow you to transfer the some of the binaries, but they don't have to let you do it in the specific structured way they did. In fact they can't, as they have 3rd party software that they can't allow you to transfer.
Finally, whoever owns the support agreement, just agree to these terms, and can't get out of the terms for the first year after purchase (I.1.2). Everyone who has a support agreement, must not install the software on any additional machines. They got around the GPL requirements, by not making it a requirement on the binaries, but by making it a requirement for support (and not letting transferring the binaries to you, until you agree to this). According to the license you agreed to, unless RedHat makes a material breach of the license, or you agreed up front to a different set of terms, you are bound to the support contract for the term of 1 year.
So I wouldn't go around telling people they can violate a legal contract they have agreed to. It isn't a very smart thing to do. Unless you have a different agreement, or you have a sound legal analysis that contradicts this, I'm pretty sure you are committing copyright infringement if you have multiple copies installed.
For that matter, I'm not sure it is legal to use the software without support. There is nothing in the license which grants you rights to use it. (There is nothing saying you can't either, but it's not explicity stated that after the support is terminated you still have a license to use any of their copyrighted materials). However, I'm very doubtful that RedHat will be coming after anyone. That doesn't change the techincal points of the legality or not.
If anyone has any analysis that differs from this, I'm all ears. I'd love to be able to buy the first copy, and install it lots, and lots. However, I've carefully read the agreement, and I don't believe I can legally do that. Plus if I don't have the support agreement, I have to build all of my own updates. Really not something I'm looking forward to doing.
You don't have to verify that it came from the SMTP serve one would expect. You have to have something the sender can do, that no one else can, that is easy for anyone in the world to verify.
Essentially, that is a short description of how a "Chain of Trust", or better named a "Web of Trust" works in GPG. You have people who verify that person A knows the private key A_1 the corresponds to public key A_2.
Even if they don't bother encrypting everything, but just digitally sign it. It's also just an anti-spam filter, so I'm even less worried about having the key be encrypted. Now, I can go sign any key, with my key rating how "trustworthy" I deem people. You get a 5 if you are really trustworhty, and a 0 if I deem you absolutely untrustworthy.
From there, you can build layers of trust, trusting the ratings of people you trust, on and on, until you establish a relationship thru the web between you and the sender.
Now the problem, is that there is no marginal benefit, an it'd be very hard to get the users individually to do this. So, I'd suggest that the SMTP servers do this themselves. You create a web of trust that is only for SMTP servers. You register you key on the web. You send people some e-mail. Eventually, they'll e-mail the admin of the E-mail servers you communicate with regularly telling them asking them to review their logs and sign your key. Ask your friend, peers, clients, vendors, and/or upstream providers to sign the keys deeming you trustworthy.
They do this, and your on the web of trust. You find a mail that doesn't do this, view it as suspcious. You find one that is signed with an SMTP key that is known to have sent spam by someone you trust, you drop it on the floor.
Then you can start to trust SMTP servers. It has all of the advantages of SPF, and has some type of cryptographic security, plus doesn't allow spammers to just setup SPF records bogusly and get away with it. They'll have ton continuiously try and get new keys that are deemed trustworthy.
Assuming you have any friends, who have friends outside your clique, it should be relatively easy to get a foothold in the web of trust. Everybody who befriends a Spammer will be deemed "untrustworthy" in short order. So you won't trust people they trust. Eventually the system should balance out. No work need change by individual users. Mail Admin's could communicate with each other and make the system work. About the only real problem, is that it puts extra load on any mail server. Depending on the volume of mail you have, just setup 2 or 3 inboud/outbound sendmail servers that you queue to. Their sole job is to verify and/or add the digital signature/encryption to mail.
Webs of trust are a well understood animal in GPG land. While I'm not terrible conversant with them, they are essentially a distributed rating system by which rankings and trust worthyness can be ascertained about people you've never met. Think of it as a better system, with more flexibility then Karma + Karma Modifiers + Friend/Foe on Slashdot.org
I'm not convinced it's a well conceived idea either. However, I think I got the "cumbersomeness of other spam filters".
I believe the concept there, is that if this successfully identifies spam, known, and uncertain with virtually no computation (that's an assumption on my part). It appears you find the "From:", "To:" and "CC:" lines, parse them a little bit, update a small database, do a small comutation.
Bayesian filtering, and SpamAssassin aren't precisely lite on a e-mail server. Running bogofilter on a large mail spool is rough on the box. If you could whittle down the amount of e-mail that has to go thru that process, it's a net win on spam filtering computation. I think when they say "Cumbersome", they really mean, "amount of work that is done to figure out if it's spam or not, by a computer", not the amount of work done by the human to set it up.
Finally, Baysian filtering is a tool of the gods. I've told everyone I know about its wonders, and how much I really think they should use it.
It'd be novel to see how this worked, when implemented at say the ISP level. Possible an intra-ISP level, where they ended up exchanging information.
Then when I get a random e-mail from a friend, of a friend that isn't on my white list, it's a lot more likely to show up in my filtered mail. It's an easy way of having a white list built for you. Besides, I hate maintaining a white list. Anytime someone changes e-mail addresses, I have to go play with the white list. It's not terrible convienent. I'd be much happier if they could be intelligently built by an automated system (with a weighting, and me maintaining possibly another white list).
However, in the end, they are building a bass ackwards version of a "chain of trust". I mean, all you'd have to do is build a chain of trust of "From:" addresses you trust. However, if it is available to the public, it's probably a spammers dream. Which means it'll need some type of method of verifing that the From: headers are legitimate. As soon as that is done, spam filtering will be pretty easy, but it will create a whole slew of problems for generating e-mails from automated systems.
Whatever code you are distributing it with. That would make a difference. So if you take Apache, and combine it with GCC (don't ask me how, just play along). You've violated GCC's GPL license, or you've removed restrictions from the Apache License.
Now Apache might not care, but if that is actually the case, they should just dual license it like Perl does. Then you can go play with GPL stuff if you want, or you can not play with the GPL stuff. The Apache people feel strongly enough about it, that they don't want to be seen as endorsing the GPL (that's my guess). Along with all that, Apache could get themselves into legal trouble if they allow some people to blantantly disregard the license. (I'm not sure of the precendents in this area of law, I know that with Trademarks, you'd lose it).
If Apache wants to explicitly state: "It's all good, if you use this in a GPL'ed project", they should just dual license it. Then it's all good. If not, then legally, you have no legs to stand on in a court of law. If somehow the Apache foundation loses the copyright to it, you'll have no legs to stand on. Do what is legal, not what is "pseudo-legal", you never know when someone could change their mind. A legal document is a legal document, a vague statement of: "We don't care", isn't a legally binding statement until it's upheld in a court of law.
I'd like to agree with you in some sense, just like no single person can represent any group. However, in this case, ESR was in fact proporting himself to represent Open Source.
Look at how he signed the letter:
President, Open Source Initiative
Wasn't the Open Source Initiative started by nearly ever major figure in the Open Source world? I mean, with the exception of RMS (who isn't an OS guy, he's a Free Software guy), who'd they miss? In theory, he has the backing of lots of people. It might be time for some of them to oust him from the position of president, or distance themselves from the Open Source Initiative.
Granted this is sort of like me declaring myself:
Grand Poohbah, Computer Industry Consortium. By the Computer Industry Consortium wasn't founded by lots of well known brand names in the computer industry. It was something I made up for this post.
Eric is pretty far out there with some of his views. I think when he wrote CatB he was about the right distance away from reality. However, is insane descriptions of Microsoft crumbling in 6 months (which he renewed at regular intervals). He's never seemed to accept that it is even conceivable that he could be wrong, or could do anything that wouldn't instantly be accepted. Read up on his attempts to get a new build system installed on the 2.4 kernel.
He's crazy by all accounts. Even the peole who I think have fringe views on Open Source, think he's just nuts.
Hmm, your not understanding. I'll try one last time:
If you don't like the pizza you get from Vendor A. You buy it from Vendor B. If you don't like what any of them are doing, you stop buying pizza and instead buy apple pie if that's what you want.
If you need to exchange documents with anyone else in the world, almost without exception, you'll have to do it in Microsoft's format. Unlike the arena of pizza makers, there is no competition. Absolutely no one but MS can sell you that software. That's a tax. Plain and simple.
It is exactly like the old phone monopoly that involved having to buy a phone from MaBell, at the arbitrary price MaBell picked. When MaBell got broken up, it was because the government explicitly told them: "You are bad for the people for whom give us the power to give you a corporate charter, namely the American people". MaBall got the ax, because it was BAD for the world at large. That happened, because in the face of no competition MaBell behaved badly. There were no repercusions for behaving badly, so they did.
We both agree that I'm not going to have a reason why MS has a business reason for opening Office format. That's not my point. My point, and it's been a point you refused to even debate, is that it's bad for the US and global economy at large.
Explain to me the wonders of Microsoft's closed format, and how that creates huge efficiencies in the market place. (As a technicality, it does create some, but I'll leave it as an exercise for the reader to explain). If you want to continue shifting the argument, into "What advantage does Microsoft gain by freeing the format?", then you aren't attacking the argument you disagreed with originally.
The argument is: "Micrsoft in sole control of the Office formats is bad for the US and World economy at large". Address that directly, and I'll really enjoy watching you flounder about. There isn't much of an upside to it.
As to taking my car to a mechanic, nope not a tax. However, I can take my car to any of 100 shops in the city I live in. I can pick and choose which parts I want fixed, and I can try and use the manuals that you can get pretty easily to find out how to fix it. There are lots of options.
If I ponied up $20Billion dollars worth of money to have Microsoft release a free to the public converter that takes MS Office documents and converts them to an open format. It would demonstrate clear demand, and has serious economic value. However, Microsoft at their leisure could refuse to do that. This is the critical difference between Microsoft and a car mechanic. There is competition for the mechanic. If the mechanic refuses to fix the car for less then the price of a new vechicle, I can always go find another mechnic.
Competition keeps everyone honest. With Microsoft's propriatary formats, I have precisely one entity, and there is no leverage, and no choice. You get what Microsoft is willing to do, nothing more, and nothing less. It's the dictionary definition of a monopoly. Go read up on capitalism and how it works. Microsoft (or anyone in their position), can ruin the economy. Microsoft can completely subvert the "invisible hand" that makes capitalism work. They are bad for capitalism, and thus are bad for the US economy. Full Stop.
As to:
That's absurd. They are selling a product
Go read the licensing agreements that Microsoft has with major OEM's. They aren't selling a product, they literally walk into Dell explain to them, that they won't sell Dell a license unless Microsoft gets $35 a machine. Doesn't matter what OS is shipped on it. They license software to major computer makers. Virtually no one I've ever met has ever purchased a copy of DOS, Windows or Office. They got a license they had few options about, and ended up paying more for the computer then they should have, because they had to pay MS for a license they never wanted.
Hmmm, the stuff about a family tree program, is an upside for Windows, especially for a home user. There is lots of stuff that Windows has software for that Linux doesn't. Windows has lots of advantages there.
I have yet to see W2K crash, but I've never run it either. I run plenty of 98 crash and burn, and no clues as to what went wrong. I know plenty of people who run W2K and XP and speak of it's glories. About the only serious downside I've ever heard people talk about the W2K and XP is that there are some things it's really tempermental about. Specifically some Dell and Compaq servers that there is a specific order drivers must be installed. If you don't, there will be nothing glaringly wrong, but the machine will lock up periodically. I've run into a couple of cases of laptops that Anti-virus software can't be installed if SP1 is installed on W2K. You have to uninstall all of the patches that require SP1, and SP1, then install the A/V software, then install SP1, then go on your merry way. Hope like hell you never have to install the A/V software again.
The reason microsoft products are bad for the economy, is they are a tax. They are essentially a tax on all computers in most cases. When I hear that Office made Microsoft $3.5Billion dollars a quarter, what I hear, is that $3.5B that could have been passed on to the consumer as savings, or could have been saved by the company as a profit for small businesses. It acts a lot like a fee you'd have to pay the mafia to get access to the harbors in NY. It's just a shakedown for money. It's just word processing software. There are a zillon other things that would work just perfect for it, but everybody pays the money to microsoft because it's safer then getting shaken down if you are not in compliance during a license audit.
Word processing software should be a commodity. It's just not hard, there are probably a dozen packages that would satisfy 95% of the uses of Word. If Microsoft exported to anything that was well documented, and editable, business's around the world would save billions of dollars every year. You're paying a monopoly rent, that's all there is to it.
I know we could have saved $650 * 100 copies on Office. $~65K. That's a significant chunk of change. We'd love to have saved that over the 3 year period when we got the license. I know I'd have taken home the $1800.00 a month that would have saved us. The irony, is that we only have 45 employees.
Just like the documented fact that companies have to pay Microsoft for the same OS twice. Once for the OEM copy, and once for the site license. It's a screw job. Plain and simple.
And your point is? I dont see why people complain about MS using non-open formats. Why should they? The only benefit is for people who dont want to use MSOffice. There seems to be little economic incentive to help those people.
I don't see why people complain about the thugs who mug people. Why should the thugs stop, it's only in the interest of the people who don't like to get mugged.
I'm not arguing that Microsoft should stop if nobody forces them too. Yes, that would be bad for Microsoft. My point is that it is bad for everyone else. Sorta like a mugging. Good for thugs, bad for everyday people.
Microsoft has people over a barrel and they know it. Microsoft can play hardball all they want. That's fine. However, don't play innocent about how badly that hurts the businesses that have to purchase from Microsoft.
I suppose you think we should go back to having MaBell run the phone company. Where the only phones you can hook up are the overpriced phones that only MaBell can sell. I'll bet you really wish that Standand Oil still was a monopoly and could screw the economy by artificially raising the prices of Oil. What precisely is your opinion on OPEC? You think they are just a wonderful group too?
I supposed you'd think it was wonderful if Ford sold propriatary parts that nobody els
1. Your mostly right. A well planned migration can be done, and is a thing of beauty when it happens.
2. In most of the migrations I've done, there is a point of no return. That is to say, rolling back is more work, and more of a problem then finishing the problem. Instantly migrating back can be a huge issue (I've dealt with this on schema's in a database).
3. IMHO, if you interview enough rank and file employee at any company of nearly any size, they will complain about the computers reguardless of the OS, the machine, the software involved. I don't care if it's Linux, OS X, Mac Classic, Amiga, MS Windows 3.1/NT3.X/4.0/2K/XP/CE/ME, OS2, Solaris, AIX, HPUX, IRIX, or raw LPAR's on a mainframe. So talking about "force feeding Linux" and having complaints afterwards isn't a useful datapoint.
In my experience, most peoples objections to Linux are that it's not Windows. That in a lot of ways isn't a complaint I worry about. Most of the people who work at my company, need a web browser to run the application they use all day every day. If it's Mozilla, IE or Opera it really doesn't make any difference at all. All they really get mad about is not being able to go to IE required sites to play games. I double dog dare those people to complain to their boss to make me fix it.
Most people I work with have problems with Windows. If you interviewed them, they'd complain about all sorts of stuff. It known to hang, and/or crash. In my experience, it gives you very little to backtrack to figure out what is causing the problems. (It might be that I don't have the right tools). When I have problems under Linux I generally get a pretty good error message, along with a stack trace and symbols to use to track things down.
Microsoft has wonderful integration between multiple applications. It has incredible abilities to export objects from one app, and past them into another. In my experience, that's also a wonderful way to crash Word/Excel. It's a wonderful way to leak memory. It's a great way to slow those applications to a crawl.
Linux has plenty of rough edges, but in a stand alone environment (where it doesn't have to mix with Win32 formatted documents), and you have limited functionality required (read a limited job description) it can stand up to Windows any day of the week. Can you download a GUI to do family tree stuff, probably not. Can you download a tool deal with the newest goofy scanner that some no name brand has put out, probably not. Can you download some of the goofy little programs that people develop only for Win32? Normally no, you can't.
However, in my experience, if I want a printed document I can do that. If I want a spreadsheet, I can do that. If I want a decent browser, I have one. If I want to read email. There is a plethora of apps to choose from. If I want to customize my desktop I can. If I want music, I can do that. If I want instant messaging, I can do that. If I want VoIP, I can do that. If I want development tools, I have those. If I want a photo manipulation program, there are a couple. If I want to watch movies, I can. If I need various compression/archival/backup programs, I can. If I want to write CD/DVD's I can.
Can you make it run as the primary desktop for employees at a work environment. Sure can, been doing it for 4 years personally. There are some people I can't to do that, but that is primarily because MS propriatary formats are a defacto standard. You just can't deal with people without that. It's annoying, and it's fundamentally bad for the economy (it's limiting competition, and an artificial constraint on increasing effeciency, all of which are bad for the economy). If people exchanged documents in a more open format, it'd be a heck of a lot easier to migrate to a non-windows environment.
In cases where it is relatively easy they do. However, in cases where it's hard, they don't. Think about this:
In 2.2 kernels, it was legal to call function "foo" from interrupt context. However, in 2.4 kernels, foo calls sleep which means it's illegal to call from interrupt context (I'm making this up, it's my understanding that certain things can't be done from interrupt context). You have a module that calls the function "foo" from the interrupt context.
Now you are in trouble. How do you code around that in a compatiblity layer. Do you have a version of "foo" that doesn't sleep? If you did, why not just use it instead of the one that does? I suppose you could re-write a special version of "foo", but how do you mangle the symbols of the module so that they call your capatibility foo?
Essentially, you promise to do all the work the kernel hackers are saying it's a bad idea, because, it either leads to a ton of duplicated functionality (foo implemented multiple times), or it leads to tons of interfaces that are set in stone (can't change the signatures or semantics because it would break drivers). The developers really couldn't care less that their changes create problems for you. They've got their own giant tarball of code to maintain. It's probably causing them more problems then it does you.
Yeah, and as I recall, that damages you hearing if you have prolonged exposure. There's a reason that no one actually offices in the server rooms in most IT shops.
Some of it, is that most people don't like the cold, and the air flow. Some of it, that you're normally in a restricted area, and your co-workers don't like that. Some of it, is all the noise.
I thought I'd read once that there are actually labor laws about it. (If you spend that much time in an area with noise, you need to have ear plugs). It might be somewhat like RSI (some what mythical, and urban legend like, but you still get all the legal notices about it). In all my time working with computers, and two parents who worked with computers and computer people all their lives, I've never met anyone who had CTS. You'll deaden your hearing for that range of sound (I suppose that could be construded as a good thing). I've got an enclosure with 4 computers in it, and 3 other desktop machines. I've invested in quiet fans, CPU cooling, and powersupplies. Best money I ever spent.
Uhhh, sounds like moving the database, and the system to India is a good idea then. You could save a lot of money if you did that. I'm pretty sure a really big fast pipe to India is cheaper then most large places IT staff to support servers and databases.
Look at how popular CoLo's are. They surely don't need to be in the local area. They could all easily move to India...
However, I think things are turblent, and that so many people have gone so long without realizing how good things have been on a relative scale. I've never lived thru rough times that I can remember. Born in 1977. The last really hard times we're in the early 70's during the oil crisis. Things on the relative scale are peachy keen relative to back then. Look at how brutual inflation, and unemployment we're back then. Then start telling me about how rough the 1% interest and 5.6% unemployment is.
Yeah, last time around woman we're lots easier to understand. Some clever dickhead claimed to have figured out the Universe, and the Universe responded with the women. God help us all....:-)
Nope. I don't have a static IP offsite. You want to fix something you walk someone in the building thru to setup an tunnel to you, initiated from the inside. Alternatively, you get to the building. It's not like building an SSH tunnel is hard. It's a simple script, you just walk someone thru it. All they have to do is log in read the password off the password list (kept in sealed envelopes so we know if someone has accessed one). They have to have get access to the server room. Which is restricted to managers (for emergency cases like this, and the two IT guys). They have to be walked thru the KVM to get to the correct machine. They have to log in, and run one script. If no one is in the building, I don't care if things are broken (for the most part). We have offsite DNS, and I believe offsite mail queuing.
We have one SSL site, and one public HTTP site. We have 2 exteranl DNS servers, and 2 SMTP relays, and one FTP server. That's it. A total of 3 machines. Oh, plus a couple of routers, none of which have any external access. Even when inside the building, you have to physically be at a console to access the core router. You shouldn't be fooling with routing if you aren't in the building.
Security is a tradeoff between security, and convience. We pick security every time we can. We work pretty hard to run a static only website. It has very, very little functionality. The SMTP servers aren't the real mails servers, they just queue mail and forward it via an SSL tunnel to the internal network. When I figure out how to have the internal machine request access to the DMZ SMTP relays, I'll be happier (we try and always pull from the private network, rather then push from the DMZ). Our DMZ allows virtually nothing to the private network.
Everything that leaves the network passes thru a firewall. It either goes via a proxy, or it doesn't leave the network without prior authorization. The FTP server, turns files into e-mails. The FTP server, can only talk to the mail server. The person who should receive the file gets it in an e-mail. Every e-mail has all attachments that could conceivable be executable (screens savers,.pif,.exe,.com,.bat, and a myraid of others), are stripped out of all incoming e-mails. You can't download executable files via HTTP. I can't remember if we figured out how to lock out ActiveX controls or not (I think we did on most of them). You can't do a lot of things on our network. It's a shame, but we run a business, not an amusement park. A handful of people who need better access off the network can get it via a password protected HTTP squid proxy. We log every outside HTTP access. Several different layers of firewalls protect the various networks from letting packets in our out that shouldn't be.
Last virus we had that was active on our network. 3 years ago. We run a webmail client instead of outlook for 90% of the staff. The rest of the clients are Outlook of some form or another. I miss most of the virus and worm alerts, because none of them has ever affected us. I hear about them via slashdot, but that's all that it ever affects.
We have centralized syslogging. We have the real machine that logs, which is hooked to the switch via a machine that bridges. Every UDP packet that is destined for the syslog server, is logged by the bridge transparently. That bridging machine has no IP connectivity. So even if some clever fellow blows our network all to pieces, we should still get our syslogs out of the machine that doesn't have a network port to attack. If someone finds a way to compromise a bridge via the packets passing thru it, I'm so screwed it's not funny, but there is nothing I can do to mitigate that.
We aren't as diligent as we should be. We should more proactively check the logs. We should more proactively setup IDS. We should run more things like tripwire, and rootkit sweeps. However, there are only two guys here. We do all the
Well-designed CISC instruction sets (like PDP11, VAX, and 68k)
Okay, you had me up to that sentence. It's my understanding from people I know who actually used VAX assembly, that it was a bear. Especially if you had to decode the assembly by hand. It had variable length opcodes, which if I remember right, a single instruction could extend to be upwards of 60 bytes. Oh, and that's not to mention, the 11 different addressing modes, which could be mixed and matched on all three operands (dest, left data, right data). Because all instructions could store directly back to memory, it was a bestie to create.
Call me crazy, but somehow that much mixing and matching just doesn't sound like fund.
I remember the instructor in architecture explaining what fun it must have been to deal with that architecture, because you could copy huge amounts of memory in a single instruction. That the page faulting, and the re-starting was very complex because a single instruction could cause multiple page faults, and could have several page ins and page outs...
Yes, and no. That's fine. As long as you know and trust the IP's that allowed. What I'm saying, is that this port knocking allows anyone from anywhere who knows the trick to "knock" and open the port. You have a specific filter, and you run it in the open. That sounds like security (a compromise between complete security, and your practical need for access). The knock sequence sounds a lot like running telnet to me. There is nothing particularly secure about knocking. It's all done in the clear. Sure there is a secret to it, but there's a secret involved in telnet too.
My guess is that having a knocking sequence isn't any more secure then not having one in the long run.
Now, if there we're a one-time pad, and/or the sequence of knocks changed to be cryptographically secure, and shutdown for ten minutes everytime there was something attempted to connect but failed. That's starting to sound a lot more secure to me. Yes, someone could do a denial of service by just constantly port scanning you, but it's definitely more secure then allowing someone to do it via trial and error.
Above and beyond all that, I'd probably force a page to be sent out when the SSH dameon started up. Thus alerting everyone that someone is getting remote access from a untrusted source.
Slashdot Mirror
Kirby
Gentoo, I've never worked with, but has too much of a reputation as a bleeding edge distro. I'm sure it has some kind of stable, but not the sort of stable I'm looking for is my guess. Besides which, I want a binary install (it makes it a lot easier to build tripwire-like databases, and be sure you are running the correct distro).
Slack, I didn't mind back in the days when I still ran it, however, it was too much work. The start scripts aren't as flexible. The ability to start and stop services all was done by hand. The package manager is essentially "tar". Not my cup of tea. Things might have changed. However, about RedHat 4.2, I left slack and never looked back.
I'm not terrible fond of SuSE for the same reasons I don't like Red Hat Enterprise Linux (they are a per money, per seat license for the good editions). Plus they just changed corporate hands (being bought by Novell, I'm kinda in a wait and see approach on how the company shakes out).
I've got 15 RedHat installs on servers that are already deployed. I'm really interested in continuing to do the same things, on the same boxes just like I always have. It's somewhat inertia. I also like the way Red Hat does things now. It took me a long time to learn all the in's and out's of their configuration, and how they do things, but now that I have, I'm reluctant to give up all my expertise.
White Box is a piece of cake. It's feels like redhat, it walks like redhat, it talks like redhat. I'm pretty happy with it, it's free, and something I can contribute to.
My other concerns, are that I have to have a distributions supported by IBM, and by Oracle. That pretty much puts me in the SuSE or RedHat camp for those machines. I'd pretty much like to go with the same distro everywhere... Which because of the 15 servers I have deployed, means RedHat like. I also pick it, because I can use WhiteBox and RHEL in parallel, and essentially get the best of both worlds. I get the support I have to have, on the machines I have to have it. I get the free copy that works just like the for money copy on the machines I'm willing to support myself.
I'd do Fedora, but their support and security polices are assine (I've been thru this argument in other threads recently, I'm not anxious to explain it all again, Fedora Legacy might fix all my concerns, but I want to wait 18 months and see how things pan out. I'm not going to migrate to it, and in 6-12 months find out just how screwed I am).
In the end, I'm really, really conservative, but I'm not so conservative that I want to go run a 2.2 kernel. Besides, if Debian does what they did before, I'd be pretty unhappy with them. (They essentially, announced the new stable, and then said, yeppers well support the old stable for roughly 30-60 days if I remember the story right).
Kirby
http://www.redhat.com/about/corporate/trademark/gu idelines/page9.html
That page specifically grants you the right to copy and use "Red Hat's Trademarks" on all internal copies. However, that specifically is talking about "Red Hat Linux". "Red Hat Linux", isn't "Red Hat Enterprise Linux". Red Hat Enterprise Linux, is a different product, and as such, I don't believe you have any rights.
Now, it might be that this an oversight, but it clearly states at the top, that this if for "Red Hat Linux Only". The EULA you referred to in Appendix A, clearly notes that this is the License for "Red Hat(TM) Enterprise Linux(TM)". Thus I believe, you'd still have to strip off the Anaconda RPM's and the redhat-logos before you could reuse it internally, or redistribute it.
Bummer, I was nearly convinced. If I have to do that much work, I'd much rather just run WhiteBox, and know that I'm pretty much in the clear.
Kirby
I am not a digitial artist of any kind. However, as my sister explained to me. Some things, like where you have images and text overlaid. You can do that as an image, or as text. Depending on how the background lays out, you can have portions of it split. You can have the text and off the background. When designing in photoshop, it's a mindset issue, that you forget, that photoshop isn't the web.
Depending on how you layout the text, and the graphics, dictates weather the text is an image, or an art file. Depending on if the text being scalable is important to you, you want to have it be in HTML, not in the image. However, if someone actually does change the font size, that can make some layouts that look beautiful in Photoshop look horrendeously stupid when viewed on a screen.
In my sister's case, she works directly for the people who she designs sites for. However, the person she works for is has an Art degree, and realizes that she could make the layout "better", and more asethicially pleasing. However, she forgets that it won't look like that if you:
Change the screen resolutions
Change the color depth
Change the font size (given that they have to follow the state law on disabled people being able to use it, this is really important to her that nothing ever be done graphically that is actually text).
Change the browser (the version, the actual browser, or the OS underneath the same version of the same broswer can also make subtle changes).
Designs that are purely done in straight up Photoshop, gets you so far away from that type of mindset, and that kind of design, that she feels it's bad. People have a tendency, to think that what they can design in Photoshop, is exactly the way people will see it on the screen. That's most definitely not the case with a website, unless you deploy as stright images.
She does deal with people who have too many people on a T1. She does deal with people with schools. She does deal with people from rural areas. She does deal with people who have IE 3.0. She does deal with people who use Netscape 2.0. Simple stuff, like using photoshop fiddle with various compression parameters and colors to get an image from 150K to 25K without making causing any easy to see visual flaws. Trying to use backgrounds that will compress well. She has rules of thumb, about how long it can take to do certain things, and how large various pages can be to stay withing those contraints. She's aware about things having a 200K image. That's a 2 seconds coming over our cable modem most of the time (lets not discuss what that is on a 56K modem). If it takes longer then 3 seconds people get impatient. If it takes longer then 15-20, they go away. Stuff that looks great on the local lan, or when it's completely in the broswer cache are fast, and fool designers. I helped her setup
Kirby
So it depends on who precisely is doing the storyboarding. She always get mockup from others, or she'll develop mockups. Then people will ask for modifications by directly changing the Photoshop. She works with lots of people who are great graphic artists/designers, but don't know a lick of HTML. So it's an on going problem for her to teach them the limitations of HTML as a medium.
Kirby
While the support and software are separately licensed, you can't get a copy of RedHat's software without support (and you can't duplicate what RedHat gives out to anyone without modification).
I wonder how much trouble you'd get into just making new RPM's that are named the same, and just switching the blue and red bytes in the images.
I'm not sure that copying it and running it, will get you out of the other aspects of the terms "Installed Systems", but I'll buy into it for now. I'd actually have to get a real lawyer to be sure.
For my personal situation, I'd like to have a handful with support, and a ton without it. I'd prefer not to have to prove I did it correctly. Hence, I'm a White Box Linux fan... :-)
In 7 years of running Linux, I've never needed any support from anybody I couldn't get off mailing lists, deja news, and a good search engine. I don't have a problem paying for a copy, I'm just not interested in paying for that many copies for support I don't want or need. I need the support for Oracle (because Oracle could get support from RedHat on my behalf).
I think if you went to the trouble to strip off the RedHat RPM's, it'd all work out okay. Depending on how precisely "Installed Systems" is enforced in the Services contract. My next problem will be getting security updates on a regular basis.
Kirby
That you can develop beautiful, and wonderful concepts in graphics tools, that can't be realized as actual honest to goodness useable sites via a semi-slow network connection. She always claims that being obsessed with how small your site is, and doing as much as possible directly in HTML/CSS is the way to go from start to finish. She regularly gets photoshop files showing her what to design, and she has to reject, or significantly modify a lot of things, because they aren't possible given other technical constraints.
It reminds me of my brother's old adage, that all architects should have to actually frame the houses they draw. Because drawing in on paper is a lot easier then realizing the finished product given the limitations of the real world.
If you are aware of the limitations, and strictly stay inside of them, I suppose it would work. However, you're talking about HTML. It is a markup language. It's not that hard to prototype a site directly in it if it's static content.
Kirby
You really should go read the EULA one more time. No, you can't install RedHat Enterprise on multiple machines and just run it. Not if you have a single support contract with RedHat. If you have original media from RedHat, you have 1 years worth of support that you can't opt out of.
If you have a single support contract with RedHat, then all of the systems are considered "Installed Systems" (as defined section I.A). RedHat has the right to come into your locations, and audit all of your "Installed Systems" (I.4). They can then invoice you for all of the extra systems you have installed. If are over your allotment of installed systems by more then 5%, they are allowed to invoice for an additional 20% penalty (later in I.4).
I'm not a lawyer, and that is my interpretation of it. However, if you took the binaries off the install CD and put them on a different CD (excluding a handful, primarily being redhat-logos and 3rd party stuff), you could install that, invoking the GPL license. However, a number of binaries on the CD, they could claim copyright on (XFree86 and Apache binaries for instance, and anything else which has a source license of BSD-like). I'm not sure what the license on the actual binaries are.
I'm not sure if the license inside of the RPM is the license for the binaries, or the original source. I'm assuming that it is only for the source.
The actual ISO image isn't GPL'ed. They own the copyright on that, so you can't just go give away a copy. They also own the copyright on all of the binaries. They might be compelled to allow you to transfer the some of the binaries, but they don't have to let you do it in the specific structured way they did. In fact they can't, as they have 3rd party software that they can't allow you to transfer.
Finally, whoever owns the support agreement, just agree to these terms, and can't get out of the terms for the first year after purchase (I.1.2). Everyone who has a support agreement, must not install the software on any additional machines. They got around the GPL requirements, by not making it a requirement on the binaries, but by making it a requirement for support (and not letting transferring the binaries to you, until you agree to this). According to the license you agreed to, unless RedHat makes a material breach of the license, or you agreed up front to a different set of terms, you are bound to the support contract for the term of 1 year.
So I wouldn't go around telling people they can violate a legal contract they have agreed to. It isn't a very smart thing to do. Unless you have a different agreement, or you have a sound legal analysis that contradicts this, I'm pretty sure you are committing copyright infringement if you have multiple copies installed.
For that matter, I'm not sure it is legal to use the software without support. There is nothing in the license which grants you rights to use it. (There is nothing saying you can't either, but it's not explicity stated that after the support is terminated you still have a license to use any of their copyrighted materials). However, I'm very doubtful that RedHat will be coming after anyone. That doesn't change the techincal points of the legality or not.
If anyone has any analysis that differs from this, I'm all ears. I'd love to be able to buy the first copy, and install it lots, and lots. However, I've carefully read the agreement, and I don't believe I can legally do that. Plus if I don't have the support agreement, I have to build all of my own updates. Really not something I'm looking forward to doing.
Kirby
Essentially, that is a short description of how a "Chain of Trust", or better named a "Web of Trust" works in GPG. You have people who verify that person A knows the private key A_1 the corresponds to public key A_2.
Even if they don't bother encrypting everything, but just digitally sign it. It's also just an anti-spam filter, so I'm even less worried about having the key be encrypted. Now, I can go sign any key, with my key rating how "trustworthy" I deem people. You get a 5 if you are really trustworhty, and a 0 if I deem you absolutely untrustworthy.
From there, you can build layers of trust, trusting the ratings of people you trust, on and on, until you establish a relationship thru the web between you and the sender.
Now the problem, is that there is no marginal benefit, an it'd be very hard to get the users individually to do this. So, I'd suggest that the SMTP servers do this themselves. You create a web of trust that is only for SMTP servers. You register you key on the web. You send people some e-mail. Eventually, they'll e-mail the admin of the E-mail servers you communicate with regularly telling them asking them to review their logs and sign your key. Ask your friend, peers, clients, vendors, and/or upstream providers to sign the keys deeming you trustworthy.
They do this, and your on the web of trust. You find a mail that doesn't do this, view it as suspcious. You find one that is signed with an SMTP key that is known to have sent spam by someone you trust, you drop it on the floor.
Then you can start to trust SMTP servers. It has all of the advantages of SPF, and has some type of cryptographic security, plus doesn't allow spammers to just setup SPF records bogusly and get away with it. They'll have ton continuiously try and get new keys that are deemed trustworthy.
Assuming you have any friends, who have friends outside your clique, it should be relatively easy to get a foothold in the web of trust. Everybody who befriends a Spammer will be deemed "untrustworthy" in short order. So you won't trust people they trust. Eventually the system should balance out. No work need change by individual users. Mail Admin's could communicate with each other and make the system work. About the only real problem, is that it puts extra load on any mail server. Depending on the volume of mail you have, just setup 2 or 3 inboud/outbound sendmail servers that you queue to. Their sole job is to verify and/or add the digital signature/encryption to mail.
Webs of trust are a well understood animal in GPG land. While I'm not terrible conversant with them, they are essentially a distributed rating system by which rankings and trust worthyness can be ascertained about people you've never met. Think of it as a better system, with more flexibility then Karma + Karma Modifiers + Friend/Foe on Slashdot.org
Kirby
I believe the concept there, is that if this successfully identifies spam, known, and uncertain with virtually no computation (that's an assumption on my part). It appears you find the "From:", "To:" and "CC:" lines, parse them a little bit, update a small database, do a small comutation.
Bayesian filtering, and SpamAssassin aren't precisely lite on a e-mail server. Running bogofilter on a large mail spool is rough on the box. If you could whittle down the amount of e-mail that has to go thru that process, it's a net win on spam filtering computation. I think when they say "Cumbersome", they really mean, "amount of work that is done to figure out if it's spam or not, by a computer", not the amount of work done by the human to set it up.
Finally, Baysian filtering is a tool of the gods. I've told everyone I know about its wonders, and how much I really think they should use it.
Kirby
Then when I get a random e-mail from a friend, of a friend that isn't on my white list, it's a lot more likely to show up in my filtered mail. It's an easy way of having a white list built for you. Besides, I hate maintaining a white list. Anytime someone changes e-mail addresses, I have to go play with the white list. It's not terrible convienent. I'd be much happier if they could be intelligently built by an automated system (with a weighting, and me maintaining possibly another white list).
However, in the end, they are building a bass ackwards version of a "chain of trust". I mean, all you'd have to do is build a chain of trust of "From:" addresses you trust. However, if it is available to the public, it's probably a spammers dream. Which means it'll need some type of method of verifing that the From: headers are legitimate. As soon as that is done, spam filtering will be pretty easy, but it will create a whole slew of problems for generating e-mails from automated systems.
Kirby
Now Apache might not care, but if that is actually the case, they should just dual license it like Perl does. Then you can go play with GPL stuff if you want, or you can not play with the GPL stuff. The Apache people feel strongly enough about it, that they don't want to be seen as endorsing the GPL (that's my guess). Along with all that, Apache could get themselves into legal trouble if they allow some people to blantantly disregard the license. (I'm not sure of the precendents in this area of law, I know that with Trademarks, you'd lose it).
If Apache wants to explicitly state: "It's all good, if you use this in a GPL'ed project", they should just dual license it. Then it's all good. If not, then legally, you have no legs to stand on in a court of law. If somehow the Apache foundation loses the copyright to it, you'll have no legs to stand on. Do what is legal, not what is "pseudo-legal", you never know when someone could change their mind. A legal document is a legal document, a vague statement of: "We don't care", isn't a legally binding statement until it's upheld in a court of law.
Kirby
Look at how he signed the letter:
President, Open Source Initiative
Wasn't the Open Source Initiative started by nearly ever major figure in the Open Source world? I mean, with the exception of RMS (who isn't an OS guy, he's a Free Software guy), who'd they miss? In theory, he has the backing of lots of people. It might be time for some of them to oust him from the position of president, or distance themselves from the Open Source Initiative.
Granted this is sort of like me declaring myself: Grand Poohbah, Computer Industry Consortium. By the Computer Industry Consortium wasn't founded by lots of well known brand names in the computer industry. It was something I made up for this post.
Eric is pretty far out there with some of his views. I think when he wrote CatB he was about the right distance away from reality. However, is insane descriptions of Microsoft crumbling in 6 months (which he renewed at regular intervals). He's never seemed to accept that it is even conceivable that he could be wrong, or could do anything that wouldn't instantly be accepted. Read up on his attempts to get a new build system installed on the 2.4 kernel.
He's crazy by all accounts. Even the peole who I think have fringe views on Open Source, think he's just nuts.
Kirby
If you don't like the pizza you get from Vendor A. You buy it from Vendor B. If you don't like what any of them are doing, you stop buying pizza and instead buy apple pie if that's what you want.
If you need to exchange documents with anyone else in the world, almost without exception, you'll have to do it in Microsoft's format. Unlike the arena of pizza makers, there is no competition. Absolutely no one but MS can sell you that software. That's a tax. Plain and simple.
It is exactly like the old phone monopoly that involved having to buy a phone from MaBell, at the arbitrary price MaBell picked. When MaBell got broken up, it was because the government explicitly told them: "You are bad for the people for whom give us the power to give you a corporate charter, namely the American people". MaBall got the ax, because it was BAD for the world at large. That happened, because in the face of no competition MaBell behaved badly. There were no repercusions for behaving badly, so they did.
We both agree that I'm not going to have a reason why MS has a business reason for opening Office format. That's not my point. My point, and it's been a point you refused to even debate, is that it's bad for the US and global economy at large.
Explain to me the wonders of Microsoft's closed format, and how that creates huge efficiencies in the market place. (As a technicality, it does create some, but I'll leave it as an exercise for the reader to explain). If you want to continue shifting the argument, into "What advantage does Microsoft gain by freeing the format?", then you aren't attacking the argument you disagreed with originally.
The argument is: "Micrsoft in sole control of the Office formats is bad for the US and World economy at large". Address that directly, and I'll really enjoy watching you flounder about. There isn't much of an upside to it.
As to taking my car to a mechanic, nope not a tax. However, I can take my car to any of 100 shops in the city I live in. I can pick and choose which parts I want fixed, and I can try and use the manuals that you can get pretty easily to find out how to fix it. There are lots of options.
If I ponied up $20Billion dollars worth of money to have Microsoft release a free to the public converter that takes MS Office documents and converts them to an open format. It would demonstrate clear demand, and has serious economic value. However, Microsoft at their leisure could refuse to do that. This is the critical difference between Microsoft and a car mechanic. There is competition for the mechanic. If the mechanic refuses to fix the car for less then the price of a new vechicle, I can always go find another mechnic.
Competition keeps everyone honest. With Microsoft's propriatary formats, I have precisely one entity, and there is no leverage, and no choice. You get what Microsoft is willing to do, nothing more, and nothing less. It's the dictionary definition of a monopoly. Go read up on capitalism and how it works. Microsoft (or anyone in their position), can ruin the economy. Microsoft can completely subvert the "invisible hand" that makes capitalism work. They are bad for capitalism, and thus are bad for the US economy. Full Stop.
As to:
Go read the licensing agreements that Microsoft has with major OEM's. They aren't selling a product, they literally walk into Dell explain to them, that they won't sell Dell a license unless Microsoft gets $35 a machine. Doesn't matter what OS is shipped on it. They license software to major computer makers. Virtually no one I've ever met has ever purchased a copy of DOS, Windows or Office. They got a license they had few options about, and ended up paying more for the computer then they should have, because they had to pay MS for a license they never wanted.
If Microsoft changed thier licens
I have yet to see W2K crash, but I've never run it either. I run plenty of 98 crash and burn, and no clues as to what went wrong. I know plenty of people who run W2K and XP and speak of it's glories. About the only serious downside I've ever heard people talk about the W2K and XP is that there are some things it's really tempermental about. Specifically some Dell and Compaq servers that there is a specific order drivers must be installed. If you don't, there will be nothing glaringly wrong, but the machine will lock up periodically. I've run into a couple of cases of laptops that Anti-virus software can't be installed if SP1 is installed on W2K. You have to uninstall all of the patches that require SP1, and SP1, then install the A/V software, then install SP1, then go on your merry way. Hope like hell you never have to install the A/V software again.
The reason microsoft products are bad for the economy, is they are a tax. They are essentially a tax on all computers in most cases. When I hear that Office made Microsoft $3.5Billion dollars a quarter, what I hear, is that $3.5B that could have been passed on to the consumer as savings, or could have been saved by the company as a profit for small businesses. It acts a lot like a fee you'd have to pay the mafia to get access to the harbors in NY. It's just a shakedown for money. It's just word processing software. There are a zillon other things that would work just perfect for it, but everybody pays the money to microsoft because it's safer then getting shaken down if you are not in compliance during a license audit.
Word processing software should be a commodity. It's just not hard, there are probably a dozen packages that would satisfy 95% of the uses of Word. If Microsoft exported to anything that was well documented, and editable, business's around the world would save billions of dollars every year. You're paying a monopoly rent, that's all there is to it.
I know we could have saved $650 * 100 copies on Office. $~65K. That's a significant chunk of change. We'd love to have saved that over the 3 year period when we got the license. I know I'd have taken home the $1800.00 a month that would have saved us. The irony, is that we only have 45 employees.
Just like the documented fact that companies have to pay Microsoft for the same OS twice. Once for the OEM copy, and once for the site license. It's a screw job. Plain and simple.
I don't see why people complain about the thugs who mug people. Why should the thugs stop, it's only in the interest of the people who don't like to get mugged.
I'm not arguing that Microsoft should stop if nobody forces them too. Yes, that would be bad for Microsoft. My point is that it is bad for everyone else. Sorta like a mugging. Good for thugs, bad for everyday people.
Microsoft has people over a barrel and they know it. Microsoft can play hardball all they want. That's fine. However, don't play innocent about how badly that hurts the businesses that have to purchase from Microsoft.
I suppose you think we should go back to having MaBell run the phone company. Where the only phones you can hook up are the overpriced phones that only MaBell can sell. I'll bet you really wish that Standand Oil still was a monopoly and could screw the economy by artificially raising the prices of Oil. What precisely is your opinion on OPEC? You think they are just a wonderful group too?
I supposed you'd think it was wonderful if Ford sold propriatary parts that nobody els
1. Your mostly right. A well planned migration can be done, and is a thing of beauty when it happens.
2. In most of the migrations I've done, there is a point of no return. That is to say, rolling back is more work, and more of a problem then finishing the problem. Instantly migrating back can be a huge issue (I've dealt with this on schema's in a database).
3. IMHO, if you interview enough rank and file employee at any company of nearly any size, they will complain about the computers reguardless of the OS, the machine, the software involved. I don't care if it's Linux, OS X, Mac Classic, Amiga, MS Windows 3.1/NT3.X/4.0/2K/XP/CE/ME, OS2, Solaris, AIX, HPUX, IRIX, or raw LPAR's on a mainframe. So talking about "force feeding Linux" and having complaints afterwards isn't a useful datapoint.
In my experience, most peoples objections to Linux are that it's not Windows. That in a lot of ways isn't a complaint I worry about. Most of the people who work at my company, need a web browser to run the application they use all day every day. If it's Mozilla, IE or Opera it really doesn't make any difference at all. All they really get mad about is not being able to go to IE required sites to play games. I double dog dare those people to complain to their boss to make me fix it.
Most people I work with have problems with Windows. If you interviewed them, they'd complain about all sorts of stuff. It known to hang, and/or crash. In my experience, it gives you very little to backtrack to figure out what is causing the problems. (It might be that I don't have the right tools). When I have problems under Linux I generally get a pretty good error message, along with a stack trace and symbols to use to track things down.
Microsoft has wonderful integration between multiple applications. It has incredible abilities to export objects from one app, and past them into another. In my experience, that's also a wonderful way to crash Word/Excel. It's a wonderful way to leak memory. It's a great way to slow those applications to a crawl.
Linux has plenty of rough edges, but in a stand alone environment (where it doesn't have to mix with Win32 formatted documents), and you have limited functionality required (read a limited job description) it can stand up to Windows any day of the week. Can you download a GUI to do family tree stuff, probably not. Can you download a tool deal with the newest goofy scanner that some no name brand has put out, probably not. Can you download some of the goofy little programs that people develop only for Win32? Normally no, you can't.
However, in my experience, if I want a printed document I can do that. If I want a spreadsheet, I can do that. If I want a decent browser, I have one. If I want to read email. There is a plethora of apps to choose from. If I want to customize my desktop I can. If I want music, I can do that. If I want instant messaging, I can do that. If I want VoIP, I can do that. If I want development tools, I have those. If I want a photo manipulation program, there are a couple. If I want to watch movies, I can. If I need various compression/archival/backup programs, I can. If I want to write CD/DVD's I can.
Can you make it run as the primary desktop for employees at a work environment. Sure can, been doing it for 4 years personally. There are some people I can't to do that, but that is primarily because MS propriatary formats are a defacto standard. You just can't deal with people without that. It's annoying, and it's fundamentally bad for the economy (it's limiting competition, and an artificial constraint on increasing effeciency, all of which are bad for the economy). If people exchanged documents in a more open format, it'd be a heck of a lot easier to migrate to a non-windows environment.
Kirby
In 2.2 kernels, it was legal to call function "foo" from interrupt context. However, in 2.4 kernels, foo calls sleep which means it's illegal to call from interrupt context (I'm making this up, it's my understanding that certain things can't be done from interrupt context). You have a module that calls the function "foo" from the interrupt context.
Now you are in trouble. How do you code around that in a compatiblity layer. Do you have a version of "foo" that doesn't sleep? If you did, why not just use it instead of the one that does? I suppose you could re-write a special version of "foo", but how do you mangle the symbols of the module so that they call your capatibility foo?
Essentially, you promise to do all the work the kernel hackers are saying it's a bad idea, because, it either leads to a ton of duplicated functionality (foo implemented multiple times), or it leads to tons of interfaces that are set in stone (can't change the signatures or semantics because it would break drivers). The developers really couldn't care less that their changes create problems for you. They've got their own giant tarball of code to maintain. It's probably causing them more problems then it does you.
Kirby
Some of it, is that most people don't like the cold, and the air flow. Some of it, that you're normally in a restricted area, and your co-workers don't like that. Some of it, is all the noise.
I thought I'd read once that there are actually labor laws about it. (If you spend that much time in an area with noise, you need to have ear plugs). It might be somewhat like RSI (some what mythical, and urban legend like, but you still get all the legal notices about it). In all my time working with computers, and two parents who worked with computers and computer people all their lives, I've never met anyone who had CTS. You'll deaden your hearing for that range of sound (I suppose that could be construded as a good thing). I've got an enclosure with 4 computers in it, and 3 other desktop machines. I've invested in quiet fans, CPU cooling, and powersupplies. Best money I ever spent.
Kirby
Look at how popular CoLo's are. They surely don't need to be in the local area. They could all easily move to India...
However, I think things are turblent, and that so many people have gone so long without realizing how good things have been on a relative scale. I've never lived thru rough times that I can remember. Born in 1977. The last really hard times we're in the early 70's during the oil crisis. Things on the relative scale are peachy keen relative to back then. Look at how brutual inflation, and unemployment we're back then. Then start telling me about how rough the 1% interest and 5.6% unemployment is.
Kirby
Kirby
We have one SSL site, and one public HTTP site. We have 2 exteranl DNS servers, and 2 SMTP relays, and one FTP server. That's it. A total of 3 machines. Oh, plus a couple of routers, none of which have any external access. Even when inside the building, you have to physically be at a console to access the core router. You shouldn't be fooling with routing if you aren't in the building.
Security is a tradeoff between security, and convience. We pick security every time we can. We work pretty hard to run a static only website. It has very, very little functionality. The SMTP servers aren't the real mails servers, they just queue mail and forward it via an SSL tunnel to the internal network. When I figure out how to have the internal machine request access to the DMZ SMTP relays, I'll be happier (we try and always pull from the private network, rather then push from the DMZ). Our DMZ allows virtually nothing to the private network.
Everything that leaves the network passes thru a firewall. It either goes via a proxy, or it doesn't leave the network without prior authorization. The FTP server, turns files into e-mails. The FTP server, can only talk to the mail server. The person who should receive the file gets it in an e-mail. Every e-mail has all attachments that could conceivable be executable (screens savers, .pif, .exe, .com, .bat, and a myraid of others), are stripped out of all incoming e-mails. You can't download executable files via HTTP. I can't remember if we figured out how to lock out ActiveX controls or not (I think we did on most of them). You can't do a lot of things on our network. It's a shame, but we run a business, not an amusement park. A handful of people who need better access off the network can get it via a password protected HTTP squid proxy. We log every outside HTTP access. Several different layers of firewalls protect the various networks from letting packets in our out that shouldn't be.
Last virus we had that was active on our network. 3 years ago. We run a webmail client instead of outlook for 90% of the staff. The rest of the clients are Outlook of some form or another. I miss most of the virus and worm alerts, because none of them has ever affected us. I hear about them via slashdot, but that's all that it ever affects.
We have centralized syslogging. We have the real machine that logs, which is hooked to the switch via a machine that bridges. Every UDP packet that is destined for the syslog server, is logged by the bridge transparently. That bridging machine has no IP connectivity. So even if some clever fellow blows our network all to pieces, we should still get our syslogs out of the machine that doesn't have a network port to attack. If someone finds a way to compromise a bridge via the packets passing thru it, I'm so screwed it's not funny, but there is nothing I can do to mitigate that.
We aren't as diligent as we should be. We should more proactively check the logs. We should more proactively setup IDS. We should run more things like tripwire, and rootkit sweeps. However, there are only two guys here. We do all the
http://quote.wikipedia.org/wiki/Edsger_Dijkstra
I see that it is listed under the attributed sections. However, I'm sure the Cobol quote was earlier, and the superior version of it.
Okay, you had me up to that sentence. It's my understanding from people I know who actually used VAX assembly, that it was a bear. Especially if you had to decode the assembly by hand. It had variable length opcodes, which if I remember right, a single instruction could extend to be upwards of 60 bytes. Oh, and that's not to mention, the 11 different addressing modes, which could be mixed and matched on all three operands (dest, left data, right data). Because all instructions could store directly back to memory, it was a bestie to create.
Call me crazy, but somehow that much mixing and matching just doesn't sound like fund.
I remember the instructor in architecture explaining what fun it must have been to deal with that architecture, because you could copy huge amounts of memory in a single instruction. That the page faulting, and the re-starting was very complex because a single instruction could cause multiple page faults, and could have several page ins and page outs...
What fun, what fun.
Kirby
My guess is that having a knocking sequence isn't any more secure then not having one in the long run.
Now, if there we're a one-time pad, and/or the sequence of knocks changed to be cryptographically secure, and shutdown for ten minutes everytime there was something attempted to connect but failed. That's starting to sound a lot more secure to me. Yes, someone could do a denial of service by just constantly port scanning you, but it's definitely more secure then allowing someone to do it via trial and error.
Above and beyond all that, I'd probably force a page to be sent out when the SSH dameon started up. Thus alerting everyone that someone is getting remote access from a untrusted source.
Kirby