Theres a fine line between "make it simple" and "make it stupid". It's a hard line to walk, and I think Torvalds is right that Gnome has moved too far to the stupid region (disclaimer: I'm a Gnome user). Simple interfaces are fine as long as the functionality is simple, or there is no need for customization. Phones are in fact an excellent example - we've come a long way from needing to wind your phone up and whistle to clear the lines, but as we add functionality to phones the interfaces have either become more complex (cell phones) or lagged behind the features (most desktop phones). There is nothing wrong with customization, and I like the power of KDE in that respect. The much-maligned Gnome file dialog is a great example of the problems in Gnome. The old one was really, really, really horribly bad. The new one is simply barely adequate. The interface designers at Gnome really read too much into thier title - they want to change the way you interface with the computer (see spatial browsing for a classic example of the reasoning) instead of assisting you to interface on your own terms.
I'm a geek who likes productivity and I use Gnome. It's nicer looking, and cleaner. Which is not to say that it's lack of customization doesn't piss me off, and I've tried moving to KDE a few times, but KDEs look & feel is just... icky. Lack of consistent artwork, busy interfaces, lots of popuppy balloony things (the animated tooltips on the Kicker drive me insane - I want the tooltips, but I want small simple ones, not enormous ones with special effects). When someone manages to ship Gnome with the power of KDE, or KDE with the consistency and cleanliness of Gnome, please call me. I still use a few KDE applications - Amarok is way better than Rythmbox, and I switch between KDevelop and Anjuta depending on what I'm doing.
Specifying in that way changes the nature of the bid, though. Instead of going out for a vendor that implements open format, where open is defined as something within the bid, they're going to be bidding for a vendor that does OpenDocument.
Of course its a different bid, but that doesn't mean that this is an unreasonable bidding process. It's all a matter of how much you want to outsource - if you're outsourcing the whole thing including the design and basic concepts, you'll provide a trivial list of requirments. If you're creating an internal standard, you wouldn't do that. Bear in mind that *there has been no bid* in this process - what they have been doing is, internally, defining requirements and standards. You seem to be claiming that MA should not have the right to define it's own internal standards, and instead should post an RFP for an external entity to define it for them. I think that is pretty much a non-starter.
IP was a touch different. You needed to be speaking the same protocol because other things were already speaking that protocol. If you wanted to communicate, you needed to implement IP. If you wanted Internet, you needed IP. That means that IPX and similar just wouldn't work.
I'm not talking about Internet - I'm talking about LANs. Sure, everyone uses Ethernet and IP now, but thats not how it always was. And people, especially the ones who took the lead, absolutely got the same kind of flack over it. Novell in particular tried real hard to keep everyone on NetWare.
The Christian God is not just a Creator, he is also a judge and a ruler - he didn't simply create humans, he wants them to act in certain ways and will punish them if they don't. The creation part is fairly incidental, really, except when it's used as justification for Gods right to rule.
He also sold a whole ton of Ericsson data cables for a penny each to the same user who posted a ton of identical postive feedback. I ain't saying he's a feedback farmer, but...
Besides the other replies, most of which are reasonable, you're drawing an apples and oranges comparison. The security code is the secret. The method by which you obtained it is the flaw. Disclosure of the flaw is reasonable. Disclosure of the secret (usually) is not. Disclosure should also be to affected parties - if you know your neighbors code because the keypad is visible from the street, then you should tell him that. There's no special need to publish that widely, because only your neighbor is affected.
On the other hand, if you know the code because theres a flaw in the system, it's reasonable to distribute that widely, so that it reaches all the customers involved - assuming that the company doesn't take reasonable steps itself. I know theres a common thought that you shouldn't take action into your own hands just because the company doesn't respond to your satisfaction, but on the other hand it's demonstrably true that many companies are much more interested in maintaining a pretense of security than real security, and they rarely have customers best interests at heart.
Basically, what they did was say "any vendor could be chosen, as long as they support OpenDocument" instead of "any vendor can be chosen, as long as they support an open format".
Untrue, because the stage of the process where a vendor is selected hasn't even started yet. They had a process they used to decide on which document format would fit thier standards, and they chose OpenDocument. The hoopla now is over that, and is only incidentlly about which vendor will actually be used for deployment - which, of course, is only an issue because Microsoft won't support OpenDoc and there's a massive vested interest and borderline political corruption in keeping Microsoft as the office software vendor for MA. This is a *perfectly normal* and common way of managing a bid process, and makes total sense when you consider that the goal is a standardized *document* policy, rather than standardized desktop software. Incidently, you saw some of the same sort of things happen as IP got big. Someone would want to standardize on an IP network and the vendors would bitch and whine that they shouldn't be defining the protocol, just requirments for the protocol, and why don't you keep our big fat IPX/Appletalk hybrid network you pay us so much to make for you?
Honestly, I think it's a pretty convincing support of the OSS model, if only because it shows just how crappy proprietary software development is. The fact that OpenOffice (an especially poor choice of OSS poster child, but whatever) is even within an order of magnitude of Office (with literally hundreds of developers and tens of millions of dollars behind it) is simply astonishing. And in my experience, Oo.o is very close to Office in functionality - it's a little slower, and has a few less features (not anything I care about, but okay), lacks a little polish (but not much). On the other hand, it kicks the hell out of Office for usability (especially Calc vs Excel - whoever was in charge of the wierd half-assed pseudo MDI in Excel needs to be skinned alive and fed to ants), there is a much larger lack of mis-features - like the aforementioned psuedo-MDI, Clippy, the "Office Clipboard", and personalized menus, and of course the price is right.
Maybe what we need to be asking is not "If Open Source is good, why is it so buggy" but "If proprietary software spends 100 times the resources to produce a 10% better product, who has the better development model again?"
For much the same reasons that finishers in a marathon will be spread farther apart than finishers in the 100 meter dash. Combined with the fact that technical capability has never been the sole ingredient to success, and that Microsofts position when Linux began being seriously developed was far stronger than Apples was when Windows entered the market. In short, the circumstances are different and direct comparisons aren't valid.
And kids, this is why you should stay in school and pay attention in English class. Not because otherwise you'll spend all your time on the internet writing pretentious timelines about video games (I wouldn't take that kind of cheap shot, even if there's some truth to it), but because if you're going to spend all your time on the internet writing pretentious timelines about videogames, you should know how to link a narrative together and how to phrase yourself without sounding like you're a 3rd grader reading a book report.
If you advertise a product at a price, and then refuse to sell that product at that price and insist on selling at another one instead, thats a bait & switch and it's illegal in the US. I don't give 2 shits about the XBox and didn't read the flyers or anything else, but it seems like the bundling wasn't Best Buy policy and that it was done at the store level. That means that the advertising would have shown the XBox individually, and anyone who waited in the line for hours and was told they could only buy a bundle instead of the bare XBox has a potential civil claim against that store. Whether they fell for hype or wasted thier time with something you think is stupid isn't the point.
And if those were your only two options, that would mean something. iTunes made the searchable database (and live playlists and such) popular, but the more featureful clients like winamp have already caught up. Don't confuse "Windows Media Player sucks" with "iTunes is the best player".
If you continue your train of thought, you will come to the conclusion that human intelligence is just as non-existent as AI. When a teller thinks you're suspicious, he or she is applying a series of rules to it's input. Most of them are even documented, formalized rules that they were taught by instructors.
Software firewalls can usually be simply bypassed by anything running on the same machine as they are. In combination with a number of other techniques (not commonly used and frequently impractical on Windows), they can provide real protection. In the general case, they do not. A properly configured and sufficently powerful external firewall actually can block outgoing traffic, including nasty malicious stuff. An internal firewall like ZoneAlarm will only even see trivial and barely malicious stuff, like spyware. On the other hand, its a lot easier to set up and at least it looks like its doing something.
There are a number of things you might install a CBT hook for, even legitimate ones, but with the hook installed it absolutely is "monitoring" all keypresses and mouse moves. This is going to hinge on the definition of monitoring - Windows is calling a hook within the Zango code and notifying it of all the events it registered the hook for (which looks like system wide mouse and key events), however, Zango is quite likely ignoring everything except very specific events. Personally, I'd still call that monitoring.
I don't buy the articles premise. Firstly, offering a rebate instead of an actual sale price or discount of the same amount is *more expensive* to the store - they have to either manage the rebate handling or (more likely) pay a rebate processor to do it for them. So the only reason a store would do it is because the amount of people not filing the rebate makes up for the extra cost. My father in law has worked processing rebates and according to him the actual fulfillment rate is tiny. He does not believe that his company could have made money if the fulfillment rate was high.
Secondly, nobody involved in the rebate process has any interest in ensuring you get your money - they already have yours. You are basically at your mercy. There is only the market pressure of bad customer experience, which is a relatively weak force - and it means that you need to go out of your way to ensure that you get what is owed to you. If you tried the same tricks on your Best Buy Financing payments that they use on your rebate checks, you'd watch as they destroyed your credit rating.
Rebates are absolutely a scam - the fact that you can, with not inconsiderable effort, reduce the effect of the scam does not change that fact.
I can't read the french, but this looks more like manadatory DRM/watermarking. There's a reference to US Senator Hollings and the SSSCA in one of the french articles. Mandatory support for these technolgies would preclude open source distribution, of course.
Multi-User meaning providing access to all resources, including full GUI access, to multiple users at the same time.
This is moving goalposts. And for what its worth, Terminal Services has existed since at least Windows 2000, although you had to purchase a seperate product to enable it. The internal functionality in Windows to support it existed at least that long, however. There are APIs for multiple GUI logons that date back to NT 4, but I'm not sure if they worked on those systems.
The "special IE components and Magical Access rights" you suggest I was talking about was ActiveX, which you agree is a terrible idea. I even mentioned ActiveX as the problem child.
ActiveX controls run as the user. They get no special privledges or access rights. They're used all the time in regular applications (ActiveX is just an extension to COM defining an interface for GUI controls), the horrible mistake was designing IE to download, install and execute the from the network. You have repeatedly said that parts of IE run with system privledges, and that subverting IE will enable to you to run code with those privledges. This is *not* true. Subverting IE *may* allow you to execute a local privledge escalation attack, but that is not (at all) the same thing that you have been saying.
No, it hasn't always met those requirements. It has always met what Microsoft has claimed to be "Multi-User". They didn't invent the term, they just applied a brand new meaning to the term and people, like yourself, buy it as the "only" definition that matters.
Your definition of "multi-user" is almost as wrong as it is stupid - by this definition, in fact, just about every computer ever applies, including every Windows version since Windows for Workgroups and Mac OS since the invention of appletalk. The ability to run under multiple simultaneous user contexts is the important part of being multi-user, it's what has defined Unix, and NT has had the ability forever. The decision by MS to integrate the graphical interface at a low level has limited Windows ability to serve up a GUI to multiple users until recently, but it's been able to provide other (non-GUI) services to multiple users (such as file sharing, or command line logons) for a long time.
It sounds like you haven't really spent anytime studying permission control on UNIX. With groups, it is entirely possible to create controls with nested layers of access. I use that all the time. There just hasn't been a need to implement ACLs on the business servers that I am running right now, there's no benefit to implementing that at this time.
ACLs are inherently far more flexible and powerful that group based permissions, exspecially group based permissions with a superuser. This is well known and has been for decades, and is why the concept of ACLs was invented in the first place. The traditional unix user/group security model is weak, inflexible, and simple, and while it's a hell of a lot better than no security at all, ACLs are much more powerful. I don't think that any out there claims that Windows had ACLs first (because that would be both stupid and wrong).
You know why it is like that? I am taking an educated guess here, but having attempted to run installs after creating a shortcut and then using "RunAs" on the installer shortcut. I believe that "RunAs" only works for the initial application being called, it's not capable of spawning off sub-processes under the elevated privileges the application inherits from the initial "RunAs" activation.
"RunAs" authenticates you as another user and then executes the command you want to run with a privledge token with the other users credentials. Applications which spawn child processes without passing on that privledge token are buggy (but there are plenty of them, including popular installer packages). Windows will kill a the children of a process when the process exists, unless told not to, just like Unix will. The fact that shell applications aren't considered children of the shell is a characteristic of Windows GUI nature vrs Unixes command line nature. In Unix, a shell is essentially another logon, and when that shell exits, it's the same as that session exiting. Windows doesn't define it's shell this way.
I am sorry, but you are wrong here. SYSTEM is more vulnerable due to a little proof of concept known as 'shatter', which is based upon a fundamental flaw in how the Windows GUI passes messages between windows. All you need is an Anti-Virus package running on a computer that has one process under SYSTEM rights and wham, it is possible to whack a Windows workstation.
Shatter can be used from a graphical logon to execute arbitrary code as a the user of any other program sharing that graphical logon. It is absolutely a design weakness in Windows, but is not exploitable in any modern out of the box Windows install. The poorly written AV packages that were commonly exploited by it have been fixed, and services run without access to the desktop by default. You can, by the way, use a similiar technique to subvert a root shell or (often) any other GUI application that is being executed as root - it has nothing to do with the difference between root and SYSTEM, and everything to do with cultural differences. The only reasons shatter was ever popular was bc
I have the same feeling, but in my case it's generally because the same thing *doesn't* work on Windows, which is what I use at my day job. Like, when I open up 2 different files with the same name in Calc.
I think the only reasons desktop linux is considered "nearly there" is because people move the goalpost. Both KDE and GNOME can do a hell of a lot of things Windows just can't, and do a hell of a lot of things that Windows does better. That's not good enough, though - they have to do everything that Windows does, exactly the same way, and also manage to somehow be "better".
Are there problems with a Linux desktop? Of course there are. It can be hard to configure printers. Nautilus is a crappy file manager, and Konqueror is only adequate. You don't get as much eye candy unless you're really willing to push the cutting edge and get into some technical stuff. Unless you bought a commercial distro, your 3d hardware, DVDs, and MP3s won't work out of the box. Most really good Linux software is available on Windows, but not the reverse. But if someone sat down at made a list of everything that didn't work out of the box or that was annoying or buggy about a Windows desktop, it'd be just as long. It's just a matter of what people are used to - anything Linux can't do or does poorly that Windows does is a black mark, anything Windows can't do is ignored - because anyone who regularly uses Windows won't do those things. You see the exact same thing when long-time Unix gurus try to do stuff on Windows. There's an adjustment period and it's uncomfortable and that discomfort drives a lot of people off.
You fund a movie to the tune of $5 million. You get a tax deduction for it, due to tax breaks given to the movie industry. Since investors get paid back before a movie is profitable (funky Hollywood accounting), you can make back your $5 million (but no more) and have a tax deduction but no additional tax burden - free money. Even when it doesn't work out exactly (which would be pretty hard to manage, I'd think), there are lots of cases where taking a loss on an investment can reduce your tax bracket enough that you make it into a net gain.
He first claims that Germany has "bizarre tax laws" which only tax businesses on their profits rather than their costs (isn't that how every country's tax laws work?!)
No. Most countries tax business (and everyone else) on gross, not on either costs or profits.
Now, all this presumes that Germany really does tax how he says, and that the legendary accounting that is used to rip gullible actors and screenwriters off (by paying them out of profits instead of gross) also fools tax officials, none of which I can confirm. But it is at least plausible.
I put a great deal of blame on Microsoft for thier pushing of web services and SOAP as "firewall friendly", an incredibly stupid phrase that every security admin in the industry should have jumped all over them for. I place a good amount of blame on anal retentive and power tripped security admins who make asking for and implementing changes in firewall rules such a horrible pain that technologies that bypass those rules were recieved so well. I place an equal amount of blame on retarded managers who created the policies that let the admins to be so restrictive.
Re:Check out Rob Pike's thoughts on code commentin
on
How to Write Comments
·
· Score: 1
You're taking the OPs comment too literally and reading too much into them. Yes, the name of a function (note that the OP draws a distinction between functions and procedures - C doesn't have such a distinction, so you have to conceptualize a little) should reflect what it returns. That does not mean you use a pseudo-hungarian notation and append the return type to the name, but that the phrasing of the name should indicate the return value. isWindowRaised() returns a boolean. getSystemSettingsAsTree() returns a tree (but is redundant and should be called getSystemSettings if that is the only way to get system settings). Procedures (ie, functions with side effects) should be named by what they do, clearly. There's a convention in C code, especially old C code, to make your function names as concise and non-literal as possible, that is a flaw (not in the language, but in the culture) and should be avoided. setWindowString is a much better name than waddstr.
Anyway, what does this then mean for functions/procedures for which either the side effect or the result can be important?
Such functions are generally poor practice. If you have to have one, name it appropriately. The awkward naming is probably a good sign that you're doing something wrong - a function called updateBalanceAndReturnInterest is something you should probably refactor. Note that perls map originates in functional programming, where side effects are prohibited, and using map to generate side effects is terribly bad practice. Of course, 75% of perls common idioms are terribly bad practice, and that is one of the reasons for it's reputation as a readonly language. If you're mapping values to other values, use map - that what it is for. If you're applying a method to a collection, use foreach.
Re:Check out Rob Pike's thoughts on code commentin
on
How to Write Comments
·
· Score: 1
As far as I know, the difference is that procedures don't return values, and functions do. waddstr returns a value. What's the difference according to you?
In C, it's a conceptual difference. The return value of waddstr isn't important and in fact exists only because C doesn't have any other convenient way of indicating an error condition. waddstr is a procedure because it has side effects.
And the compact waddstr name doesn't matter; if it were named window_add_string, I would make the same point by saying that its name would need changing to window_add_string_returned_error.
The compat name does matter because it's exactly the point. Compact names make for hard to read code. And claiming that it should be window_add_string_returned_error just means that you are totally missing the point and don't understand the issue.
Re:Check out Rob Pike's thoughts on code commentin
on
How to Write Comments
·
· Score: 1
The correct fix here is not to document the bad code, but to remove and correct the bad code. Accepting poor coding and thinking that a band-aid in the form of a comment (and people who write bad code also write bad comments, although the reverse is not true) is acceptible is where you are failing. Sometimes you work with bad programmers, or unskilled ones. If you can't do anything about that and they aren't willing to learn, then theres nothing you can do but suck it up. If you can do something about it, or they are willing to learn, then teach them to write good code first, not to comment half-assed code.
All that said, the amount you comment can be affected by your target audience. I wrote some C++ code that will be supported and maintained by people with little or no C++ experience, so I went to some lengths to comment common C++ idioms and constructs that I wouldn't normally do - as if I were commenting sample code for a C++ book, rather than commenting C++ code for someone with the same level of experience I have.
Slashdot Mirror
Theres a fine line between "make it simple" and "make it stupid". It's a hard line to walk, and I think Torvalds is right that Gnome has moved too far to the stupid region (disclaimer: I'm a Gnome user). Simple interfaces are fine as long as the functionality is simple, or there is no need for customization. Phones are in fact an excellent example - we've come a long way from needing to wind your phone up and whistle to clear the lines, but as we add functionality to phones the interfaces have either become more complex (cell phones) or lagged behind the features (most desktop phones). There is nothing wrong with customization, and I like the power of KDE in that respect. The much-maligned Gnome file dialog is a great example of the problems in Gnome. The old one was really, really, really horribly bad. The new one is simply barely adequate. The interface designers at Gnome really read too much into thier title - they want to change the way you interface with the computer (see spatial browsing for a classic example of the reasoning) instead of assisting you to interface on your own terms.
I'm a geek who likes productivity and I use Gnome. It's nicer looking, and cleaner. Which is not to say that it's lack of customization doesn't piss me off, and I've tried moving to KDE a few times, but KDEs look & feel is just... icky. Lack of consistent artwork, busy interfaces, lots of popuppy balloony things (the animated tooltips on the Kicker drive me insane - I want the tooltips, but I want small simple ones, not enormous ones with special effects). When someone manages to ship Gnome with the power of KDE, or KDE with the consistency and cleanliness of Gnome, please call me. I still use a few KDE applications - Amarok is way better than Rythmbox, and I switch between KDevelop and Anjuta depending on what I'm doing.
Of course its a different bid, but that doesn't mean that this is an unreasonable bidding process. It's all a matter of how much you want to outsource - if you're outsourcing the whole thing including the design and basic concepts, you'll provide a trivial list of requirments. If you're creating an internal standard, you wouldn't do that. Bear in mind that *there has been no bid* in this process - what they have been doing is, internally, defining requirements and standards. You seem to be claiming that MA should not have the right to define it's own internal standards, and instead should post an RFP for an external entity to define it for them. I think that is pretty much a non-starter.
IP was a touch different. You needed to be speaking the same protocol because other things were already speaking that protocol. If you wanted to communicate, you needed to implement IP. If you wanted Internet, you needed IP. That means that IPX and similar just wouldn't work.
I'm not talking about Internet - I'm talking about LANs. Sure, everyone uses Ethernet and IP now, but thats not how it always was. And people, especially the ones who took the lead, absolutely got the same kind of flack over it. Novell in particular tried real hard to keep everyone on NetWare.
The Christian God is not just a Creator, he is also a judge and a ruler - he didn't simply create humans, he wants them to act in certain ways and will punish them if they don't. The creation part is fairly incidental, really, except when it's used as justification for Gods right to rule.
He also sold a whole ton of Ericsson data cables for a penny each to the same user who posted a ton of identical postive feedback. I ain't saying he's a feedback farmer, but...
On the other hand, if you know the code because theres a flaw in the system, it's reasonable to distribute that widely, so that it reaches all the customers involved - assuming that the company doesn't take reasonable steps itself. I know theres a common thought that you shouldn't take action into your own hands just because the company doesn't respond to your satisfaction, but on the other hand it's demonstrably true that many companies are much more interested in maintaining a pretense of security than real security, and they rarely have customers best interests at heart.
Untrue, because the stage of the process where a vendor is selected hasn't even started yet. They had a process they used to decide on which document format would fit thier standards, and they chose OpenDocument. The hoopla now is over that, and is only incidentlly about which vendor will actually be used for deployment - which, of course, is only an issue because Microsoft won't support OpenDoc and there's a massive vested interest and borderline political corruption in keeping Microsoft as the office software vendor for MA. This is a *perfectly normal* and common way of managing a bid process, and makes total sense when you consider that the goal is a standardized *document* policy, rather than standardized desktop software. Incidently, you saw some of the same sort of things happen as IP got big. Someone would want to standardize on an IP network and the vendors would bitch and whine that they shouldn't be defining the protocol, just requirments for the protocol, and why don't you keep our big fat IPX/Appletalk hybrid network you pay us so much to make for you?
Maybe what we need to be asking is not "If Open Source is good, why is it so buggy" but "If proprietary software spends 100 times the resources to produce a 10% better product, who has the better development model again?"
For much the same reasons that finishers in a marathon will be spread farther apart than finishers in the 100 meter dash. Combined with the fact that technical capability has never been the sole ingredient to success, and that Microsofts position when Linux began being seriously developed was far stronger than Apples was when Windows entered the market. In short, the circumstances are different and direct comparisons aren't valid.
And kids, this is why you should stay in school and pay attention in English class. Not because otherwise you'll spend all your time on the internet writing pretentious timelines about video games (I wouldn't take that kind of cheap shot, even if there's some truth to it), but because if you're going to spend all your time on the internet writing pretentious timelines about videogames, you should know how to link a narrative together and how to phrase yourself without sounding like you're a 3rd grader reading a book report.
If you advertise a product at a price, and then refuse to sell that product at that price and insist on selling at another one instead, thats a bait & switch and it's illegal in the US. I don't give 2 shits about the XBox and didn't read the flyers or anything else, but it seems like the bundling wasn't Best Buy policy and that it was done at the store level. That means that the advertising would have shown the XBox individually, and anyone who waited in the line for hours and was told they could only buy a bundle instead of the bare XBox has a potential civil claim against that store. Whether they fell for hype or wasted thier time with something you think is stupid isn't the point.
And if those were your only two options, that would mean something. iTunes made the searchable database (and live playlists and such) popular, but the more featureful clients like winamp have already caught up. Don't confuse "Windows Media Player sucks" with "iTunes is the best player".
If you continue your train of thought, you will come to the conclusion that human intelligence is just as non-existent as AI. When a teller thinks you're suspicious, he or she is applying a series of rules to it's input. Most of them are even documented, formalized rules that they were taught by instructors.
Software firewalls can usually be simply bypassed by anything running on the same machine as they are. In combination with a number of other techniques (not commonly used and frequently impractical on Windows), they can provide real protection. In the general case, they do not. A properly configured and sufficently powerful external firewall actually can block outgoing traffic, including nasty malicious stuff. An internal firewall like ZoneAlarm will only even see trivial and barely malicious stuff, like spyware. On the other hand, its a lot easier to set up and at least it looks like its doing something.
There are a number of things you might install a CBT hook for, even legitimate ones, but with the hook installed it absolutely is "monitoring" all keypresses and mouse moves. This is going to hinge on the definition of monitoring - Windows is calling a hook within the Zango code and notifying it of all the events it registered the hook for (which looks like system wide mouse and key events), however, Zango is quite likely ignoring everything except very specific events. Personally, I'd still call that monitoring.
Secondly, nobody involved in the rebate process has any interest in ensuring you get your money - they already have yours. You are basically at your mercy. There is only the market pressure of bad customer experience, which is a relatively weak force - and it means that you need to go out of your way to ensure that you get what is owed to you. If you tried the same tricks on your Best Buy Financing payments that they use on your rebate checks, you'd watch as they destroyed your credit rating.
Rebates are absolutely a scam - the fact that you can, with not inconsiderable effort, reduce the effect of the scam does not change that fact.
I can't read the french, but this looks more like manadatory DRM/watermarking. There's a reference to US Senator Hollings and the SSSCA in one of the french articles. Mandatory support for these technolgies would preclude open source distribution, of course.
This is moving goalposts. And for what its worth, Terminal Services has existed since at least Windows 2000, although you had to purchase a seperate product to enable it. The internal functionality in Windows to support it existed at least that long, however. There are APIs for multiple GUI logons that date back to NT 4, but I'm not sure if they worked on those systems. The "special IE components and Magical Access rights" you suggest I was talking about was ActiveX, which you agree is a terrible idea. I even mentioned ActiveX as the problem child.
ActiveX controls run as the user. They get no special privledges or access rights. They're used all the time in regular applications (ActiveX is just an extension to COM defining an interface for GUI controls), the horrible mistake was designing IE to download, install and execute the from the network. You have repeatedly said that parts of IE run with system privledges, and that subverting IE will enable to you to run code with those privledges. This is *not* true. Subverting IE *may* allow you to execute a local privledge escalation attack, but that is not (at all) the same thing that you have been saying.
Your definition of "multi-user" is almost as wrong as it is stupid - by this definition, in fact, just about every computer ever applies, including every Windows version since Windows for Workgroups and Mac OS since the invention of appletalk. The ability to run under multiple simultaneous user contexts is the important part of being multi-user, it's what has defined Unix, and NT has had the ability forever. The decision by MS to integrate the graphical interface at a low level has limited Windows ability to serve up a GUI to multiple users until recently, but it's been able to provide other (non-GUI) services to multiple users (such as file sharing, or command line logons) for a long time.
It sounds like you haven't really spent anytime studying permission control on UNIX. With groups, it is entirely possible to create controls with nested layers of access. I use that all the time. There just hasn't been a need to implement ACLs on the business servers that I am running right now, there's no benefit to implementing that at this time.
ACLs are inherently far more flexible and powerful that group based permissions, exspecially group based permissions with a superuser. This is well known and has been for decades, and is why the concept of ACLs was invented in the first place. The traditional unix user/group security model is weak, inflexible, and simple, and while it's a hell of a lot better than no security at all, ACLs are much more powerful. I don't think that any out there claims that Windows had ACLs first (because that would be both stupid and wrong).
You know why it is like that? I am taking an educated guess here, but having attempted to run installs after creating a shortcut and then using "RunAs" on the installer shortcut. I believe that "RunAs" only works for the initial application being called, it's not capable of spawning off sub-processes under the elevated privileges the application inherits from the initial "RunAs" activation.
"RunAs" authenticates you as another user and then executes the command you want to run with a privledge token with the other users credentials. Applications which spawn child processes without passing on that privledge token are buggy (but there are plenty of them, including popular installer packages). Windows will kill a the children of a process when the process exists, unless told not to, just like Unix will. The fact that shell applications aren't considered children of the shell is a characteristic of Windows GUI nature vrs Unixes command line nature. In Unix, a shell is essentially another logon, and when that shell exits, it's the same as that session exiting. Windows doesn't define it's shell this way. I am sorry, but you are wrong here. SYSTEM is more vulnerable due to a little proof of concept known as 'shatter', which is based upon a fundamental flaw in how the Windows GUI passes messages between windows. All you need is an Anti-Virus package running on a computer that has one process under SYSTEM rights and wham, it is possible to whack a Windows workstation.
Shatter can be used from a graphical logon to execute arbitrary code as a the user of any other program sharing that graphical logon. It is absolutely a design weakness in Windows, but is not exploitable in any modern out of the box Windows install. The poorly written AV packages that were commonly exploited by it have been fixed, and services run without access to the desktop by default. You can, by the way, use a similiar technique to subvert a root shell or (often) any other GUI application that is being executed as root - it has nothing to do with the difference between root and SYSTEM, and everything to do with cultural differences. The only reasons shatter was ever popular was bc
I think the only reasons desktop linux is considered "nearly there" is because people move the goalpost. Both KDE and GNOME can do a hell of a lot of things Windows just can't, and do a hell of a lot of things that Windows does better. That's not good enough, though - they have to do everything that Windows does, exactly the same way, and also manage to somehow be "better".
Are there problems with a Linux desktop? Of course there are. It can be hard to configure printers. Nautilus is a crappy file manager, and Konqueror is only adequate. You don't get as much eye candy unless you're really willing to push the cutting edge and get into some technical stuff. Unless you bought a commercial distro, your 3d hardware, DVDs, and MP3s won't work out of the box. Most really good Linux software is available on Windows, but not the reverse. But if someone sat down at made a list of everything that didn't work out of the box or that was annoying or buggy about a Windows desktop, it'd be just as long. It's just a matter of what people are used to - anything Linux can't do or does poorly that Windows does is a black mark, anything Windows can't do is ignored - because anyone who regularly uses Windows won't do those things. You see the exact same thing when long-time Unix gurus try to do stuff on Windows. There's an adjustment period and it's uncomfortable and that discomfort drives a lot of people off.
He first claims that Germany has "bizarre tax laws" which only tax businesses on their profits rather than their costs (isn't that how every country's tax laws work?!)
No. Most countries tax business (and everyone else) on gross, not on either costs or profits.
Now, all this presumes that Germany really does tax how he says, and that the legendary accounting that is used to rip gullible actors and screenwriters off (by paying them out of profits instead of gross) also fools tax officials, none of which I can confirm. But it is at least plausible.
I put a great deal of blame on Microsoft for thier pushing of web services and SOAP as "firewall friendly", an incredibly stupid phrase that every security admin in the industry should have jumped all over them for. I place a good amount of blame on anal retentive and power tripped security admins who make asking for and implementing changes in firewall rules such a horrible pain that technologies that bypass those rules were recieved so well. I place an equal amount of blame on retarded managers who created the policies that let the admins to be so restrictive.
Anyway, what does this then mean for functions/procedures for which either the side effect or the result can be important?
Such functions are generally poor practice. If you have to have one, name it appropriately. The awkward naming is probably a good sign that you're doing something wrong - a function called updateBalanceAndReturnInterest is something you should probably refactor. Note that perls map originates in functional programming, where side effects are prohibited, and using map to generate side effects is terribly bad practice. Of course, 75% of perls common idioms are terribly bad practice, and that is one of the reasons for it's reputation as a readonly language. If you're mapping values to other values, use map - that what it is for. If you're applying a method to a collection, use foreach.
In C, it's a conceptual difference. The return value of waddstr isn't important and in fact exists only because C doesn't have any other convenient way of indicating an error condition. waddstr is a procedure because it has side effects.
And the compact waddstr name doesn't matter; if it were named window_add_string, I would make the same point by saying that its name would need changing to window_add_string_returned_error.
The compat name does matter because it's exactly the point. Compact names make for hard to read code. And claiming that it should be window_add_string_returned_error just means that you are totally missing the point and don't understand the issue.
All that said, the amount you comment can be affected by your target audience. I wrote some C++ code that will be supported and maintained by people with little or no C++ experience, so I went to some lengths to comment common C++ idioms and constructs that I wouldn't normally do - as if I were commenting sample code for a C++ book, rather than commenting C++ code for someone with the same level of experience I have.