I didn't mention anything about the number increasing. I said that theres only one way they can decrease. Your point about introducing new security holes is correct, but its not in disagreement with what I said.
CSS will have less bugs discovered for it Doesn't that really mean that the bugs will just be discovered more slowly?
It is harder to find bugs by trial and error than by reviewing the source.
Can you explain how you arrived at that conclusion.
MS patches most bugs in their products before their is an exploit
How can you know that unless you have access to internal Microsoft information? Almost without exception the updates that I have seen from Microsoft are a reaction to problems found by others. The patches I assume you are talking about are the ones MS fix and we never hear of. How do you know they exist?
I accept your point though that the "2 ways" I talked about of discovering bugs for OSS applies to all people, not just white-hats.
Well, I can see where that view comes from and as the size of the source base increases it would appear to be more likely to be true. However, its not true in practice because bugs are quantized.
The flawed theory: Suppose you have a newly written app with bugs in it. The rate of fixing of bugs is proportional to the rate of their discovery, and the rate of discovery is proportional to the number of bugs left[1] This means that after half the bugs are fixed the rate of discovering new bugs will halve, so the rate of fixing them will halve. In other words, its an exponential decrease that will never reach zero.
That appears to be the theory, and it stands up well when there are hundreds of bugs, but when you get to only a few left (not that you would know when you were there!) then you get a quantization effect, meaning that it is in fact possible to have a bug free application. It's a moot point really though because you can never know when you have got there.
[1] I have omitted to mention that this is not quite true because some bugs are harder to trigger than others and the easy ones will get fixed first, leaving harder to trigger ones which will not get discovered and fixed as quickly. This is not too important though and means that the whole process would slow down more over time, but otherwise remain unchanged. That is or course unless there are bugs which are so hard to find that they take infinite time to trigger. I assume not. and anyway, would you really feel the need to fix them if they did?:-)
The "large numbers of invididuals who know the code well" applies to close source and open source. Open source in addition has those who do not know it that well, but can fix a few bugs. I'm not suggesting that "just anyone" can fix a bug. In order for my conclusion to be correct, there would only have to be one person who has fixed one bug once that they wouldn't have been able to fix without the source. (and even _I_ fall info that category)
As you say. You can find bugs in open and closed source in the same way, but some people have two ways of finding bugs.
open source software isn't as bug free as we would all like to think.
All this shows is that open source software has had more bugs discovered and fixed than we would have liked there to have been in the first place. It has no relation at all to the number of remaining undiscovered bugs, and therefore no relation to the security of the software in question.
It's simple:
Assumptions: 1) When written, open source and closed source software have on average the same number of security bugs.
Observasions: 1) The number of security bigs in a piece of software only decreases when they are fixed. 2) A security bug is typically fixed after, and as a result of it being discovered. (they can be fixed by accident, but i will neglect this as it's irrelivent anyway) 3) Closed source software and open source software can both have bugs discovered by trial and error style cracking. 4) Open source software can have bugs discovered due the sheer numbers of people with access to the source.
Conclusion: 1) I conclude that open source sofware will tend to have any bugs discovered more quickly because there are more ways to discover them, and all ways available to closed source are also available to open source.
Can anyone fault my reasoning? It seems to me that both start equal on average, but open source will tend to have the bugs removed more quickly.
It doesn't matter if it's 90% of 51%, it's still a group of people bullying others around. The term I often use is "significant moral disagreement" and I can't ever see why it's justified for a goverment to take sides where there is significant moral disagreement on an issue.
I bet over 70% of people would say smoking around children is bad. Should we then legally ban smoking in all places where children might be? No, because a significant number of people have no big moral objection to it. Some might not like it, but that's another issue.
(by the way - thanks for the first sustained intelligent discussion ive had on/. for a while(even if it is OT++))
It's acceptable that some animal cruelty is outlawed, but only when there is no real significant moral disagreement among the population. Foxhunting just doesn't fit.
It's not just because of an idealistic liberal standpoint that I hold these opinions, history teaches that people will not stand for being bullied around. How many fewer people smoke cannabil because it's illegal. Because of all the anti-hunt legislation threats, how many younger people whose families participate in hunts will now have a definite "us and them" mentatily that is more likely to cause them to want to hunt more not less.
In summary: Society should use the law to uphold the values we all agree on. It should not be used so stamp out minority moral values - and in fact cannot in the long term - attempting to do so will only lead to desperation, often civil unrest, and in extreme cases terrorism.
.. and just to respond to your final comment. Animals need no protection from me. I and my girlfriend are members of several animal conservation societies inclusing the whale and dolphin conservation society and the EIA (environmental investigation agency) These groups often work _with_ people they think are harming animals to find a way forward. Much more constructive and respectful than just using the blunt tool called legislation to bully people around, and evidently much more effective also.
Who are you replying to? If it's me, then you guessed wrong. I hate fox hunting. It's cruel and barbaric, and in my view has no place in modern society. I would never let my children participate in a hunt, and I would do my best to pursuade anyone I met not to do so either (so long as such persuasion was not unduly intrusive)
However, there are no absolute morals, or absolute ethics. I do not believe in so-called majority rule and I don't believe as many do, that large numbers of people believing the same thing somehow makes it correct. As such, and out of respsect for my fellow human beings, I believe in treating each other persons moral values as being of equal worth to my own. For this reason, I feel strongly against the abolition of foxhunting. It is no more than a large number of people trying to bully another group into having the same moral values. Where there is significant moral disagreement on an issue, the law should not take sides.
Well known things that fall or fell into this category are foxhunting, drug taking homosexuality, and boxing.
The law should protect peoples freedoms against intrusion from other people. This is why rape, assault etc are, and should remain illegal.
a true libertarian will advocate liberty, but also reaslise that that means allowing others _not_ to do the same, so long as it doesn't interfere with the liberty of themselves.
personal freedom's to kill other things for fun be dammed
I can't argue with your opinion there, but it certainly means you are NOT a libertarian, since you seem to find it acceptable to allow the law to force your opinion on others. To repeat, I'm not saying that's good or bad - just that it's not libertarian.
Well said. Libertarians do not impore their moral view on others.
Install from floppy.
on
Gentoo Linux 1.2
·
· Score: 4, Interesting
One of the attractive features to me is that everything is built from source and optimised for the machine it is running on. The reason this is attractive is because I have a number of older machines which I want to "squeeze" as much as I can from.
However, being older machines some do not have cdrom drives, only floppy drives and network connections. Given that most of the gentoo install is done on the network anyway, it's a shame the install discs provided are only cdroms.
If anyone has a "HOWTO install gentoo from floppy" I would be happy to know about it.
Do you honestly believe that P2P networks cause people to buy more music?
I'm honestly undecided. I do know however that it's made me buy more, and that's true for several others I know. I also know others that only ever download music and never buy it, but many of them never bought it before anyway.
But I'm less inclined to believe what I think happens based on reasoning and intuition and more inclined to believe the statistical facts. It's just that in this case, although the facts may be clear, what they mean is far from it. They can be interpreted to suit almost any view.
Our comparison with the exact science of physics is not useful though, I think. In physical sciences, experiments tend to be repeatable when done properly. For example, Einstein found the same relativistic effects wherever and whenever he looked, but we look around in this situation and we have all different people saying and doing all different things. Some may be lying,we just don't know.
In other words we just do not have reliable data with which to work. All I am certain of is that when I hear someone say "file sharing reduces sales" or someone say "file sharing increases sales" then that belief is more faith based than reason based unless they have been closely monitoring millions of individuals.
To sum up by point in a few words: If anyone says that are anywhere sure one this issue, one way or the other, then they are either lying, biased, or have arrived at their opinion by some illogical means.
Fact: some people buy more music because of file sharing. Fact: some people buy less music because of file sharing. Unknown: does the population as a whole buy more or less because of file sharing? I expect a cynic would say less and an optimist would say more. Both views are worthless without sufficient _data_
Speaking as someone with a degree in Physics (not that that makes me any more right of course) I would say not. I assume you are talking about relativity, in which case he had a phenomenal amount of data which he used before producing any theory. It is true however that his theories were not heavily tested until later.
10% is much higher than the increase rate of the population. If it did stay at 10% can you work out what would eventually happen? Not so long in the future that would mean everyone buying every cd that comes out. shortly after, it would mean some people buying two copies, and so on.
In any case, there is a classic logical fallacy in what you said.
"If a happened it would cause B. B happened, therefore A caused it"
"If an increase in piracy happened it would cause sales to increase less. Sales increased less, therefore an increase in piracy caused it"
What the hell has making sense go to do with it? It "makes sense" that the earth is flat, but that doesn't make it true.
It doesn't make logical sense
What the hell is "logical sense"? You keep mentioning logic, but so far have made very little use of it.
it seems completely irrational
Again, what it _seems_ is unimportant. How about facts and proper argument? We can theorise all we like about what people _would_ do, but it doesn't prove anything.
Consider this quote: "It is a capital mistake to theorise before one has data. Insensibly one begins to twist facts to suit theories instead of theories to suit facts."- Sherlock Holmes
I'm sick and tired of people arguing that this doesn't hurt sales
Well thats interesting, but are you going to tell us why? Just because _you_ have bought fewer CDs because of your access to downloaded music doesn't mean others have. Personally speaking I can say honestly that I have bought more music as a result of first sampling it from downloads. Many of my friends do the same.
What I have said here proves nothing. It's just one single anecdotal example, just as your example is.
I'm not saying you're wrong about downloads hurting sales, just that you haven't provided any convincing argument or evidence to back up what you say. "I buy less therefore everyone must buy less" is not enough and doesn't convince me.
No need to mess around with all that. With the new legislation you can just ask one of your mates that works at one of hundreds of pseude-randomly chosen places to hand over the phone location records that he suddenly has access to.
private companies have infinately more legistlation
And who was it who passed that legislation?
Also, this isn't just about good vs bad intentions. It's about competence. A body whose only business is operation in one specific operational area (ie provate companies) tend to be better in that area than a body who involves themselves in all and everything going on around them (ie, govermnents)
So we are always told. Very interesting theory, but practice disagrees. That's the problem with this patent mess. It just seems so counter intuitive to think that in reality many patents have the absoulte opposite effect from the one that it seemed so obvious would happen.
- what are the potential uses for such a thing? Fun mostly! But really, it's useful for anyone who wants to hide information from governme^wuntrustworthy people.
- Is there any legitimate use for that? See above.
- Does moving the file to another location suffices to prevent any use of such a thing?
AFAIK, no. Not with ext2 at least if you're moving the file from one place on a filesystem to another on the same filesystem. The data doesn't actually get moved. All that changes is the link to the inode. (can somebody correct me / elaborate)
Slashdot Mirror
I didn't mention anything about the number increasing. I said that theres only one way they can decrease. Your point about introducing new security holes is correct, but its not in disagreement with what I said.
CSS will have less bugs discovered for it
Doesn't that really mean that the bugs will just be discovered more slowly?
It is harder to find bugs by trial and error than by reviewing the source.
Can you explain how you arrived at that conclusion.
MS patches most bugs in their products before their is an exploit
How can you know that unless you have access to internal Microsoft information? Almost without exception the updates that I have seen from Microsoft are a reaction to problems found by others. The patches I assume you are talking about are the ones MS fix and we never hear of. How do you know they exist?
I accept your point though that the "2 ways" I talked about of discovering bugs for OSS applies to all people, not just white-hats.
Well, I can see where that view comes from and as the size of the source base increases it would appear to be more likely to be true. However, its not true in practice because bugs are quantized.
:-)
The flawed theory:
Suppose you have a newly written app with bugs in it. The rate of fixing of bugs is proportional to the rate of their discovery, and the rate of discovery is proportional to the number of bugs left[1] This means that after half the bugs are fixed the rate of discovering new bugs will halve, so the rate of fixing them will halve. In other words, its an exponential decrease that will never reach zero.
That appears to be the theory, and it stands up well when there are hundreds of bugs, but when you get to only a few left (not that you would know when you were there!) then you get a quantization effect, meaning that it is in fact possible to have a bug free application. It's a moot point really though because you can never know when you have got there.
[1] I have omitted to mention that this is not quite true because some bugs are harder to trigger than others and the easy ones will get fixed first, leaving harder to trigger ones which will not get discovered and fixed as quickly. This is not too important though and means that the whole process would slow down more over time, but otherwise remain unchanged. That is or course unless there are bugs which are so hard to find that they take infinite time to trigger. I assume not. and anyway, would you really feel the need to fix them if they did?
The "large numbers of invididuals who know the code well" applies to close source and open source. Open source in addition has those who do not know it that well, but can fix a few bugs. I'm not suggesting that "just anyone" can fix a bug. In order for my conclusion to be correct, there would only have to be one person who has fixed one bug once that they wouldn't have been able to fix without the source. (and even _I_ fall info that category)
As you say. You can find bugs in open and closed source in the same way, but some people have two ways of finding bugs.
open source software isn't as bug free as we would all like to think.
All this shows is that open source software has had more bugs discovered and fixed than we would have liked there to have been in the first place. It has no relation at all to the number of remaining undiscovered bugs, and therefore no relation to the security of the software in question.
It's simple:
Assumptions:
1) When written, open source and closed source software have on average the same number of security bugs.
Observasions:
1) The number of security bigs in a piece of software only decreases when they are fixed.
2) A security bug is typically fixed after, and as a result of it being discovered. (they can be fixed by accident, but i will neglect this as it's irrelivent anyway)
3) Closed source software and open source software can both have bugs discovered by trial and error style cracking.
4) Open source software can have bugs discovered due the sheer numbers of people with access to the source.
Conclusion:
1) I conclude that open source sofware will tend to have any bugs discovered more quickly because there are more ways to discover them, and all ways available to closed source are also available to open source.
Can anyone fault my reasoning? It seems to me that both start equal on average, but open source will tend to have the bugs removed more quickly.
It doesn't matter if it's 90% of 51%, it's still a group of people bullying others around.
/. for a while(even if it is OT++))
The term I often use is "significant moral disagreement" and I can't ever see why it's justified for a goverment to take sides where there is significant moral disagreement on an issue.
I bet over 70% of people would say smoking around children is bad. Should we then legally ban smoking in all places where children might be? No, because a significant number of people have no big moral objection to it. Some might not like it, but that's another issue.
(by the way - thanks for the first sustained intelligent discussion ive had on
It's acceptable that some animal cruelty is outlawed, but only when there is no real significant moral disagreement among the population. Foxhunting just doesn't fit.
It's not just because of an idealistic liberal standpoint that I hold these opinions, history teaches that people will not stand for being bullied around. How many fewer people smoke cannabil because it's illegal. Because of all the anti-hunt legislation threats, how many younger people whose families participate in hunts will now have a definite "us and them" mentatily that is more likely to cause them to want to hunt more not less.
In summary: Society should use the law to uphold the values we all agree on. It should not be used so stamp out minority moral values - and in fact cannot in the long term - attempting to do so will only lead to desperation, often civil unrest, and in extreme cases terrorism.
.. and just to respond to your final comment. Animals need no protection from me. I and my girlfriend are members of several animal conservation societies inclusing the whale and dolphin conservation society and the EIA (environmental investigation agency)
These groups often work _with_ people they think are harming animals to find a way forward. Much more constructive and respectful than just using the blunt tool called legislation to bully people around, and evidently much more effective also.
Who are you replying to? If it's me, then you guessed wrong. I hate fox hunting. It's cruel and barbaric, and in my view has no place in modern society. I would never let my children participate in a hunt, and I would do my best to pursuade anyone I met not to do so either (so long as such persuasion was not unduly intrusive)
However, there are no absolute morals, or absolute ethics. I do not believe in so-called majority rule and I don't believe as many do, that large numbers of people believing the same thing somehow makes it correct. As such, and out of respsect for my fellow human beings, I believe in treating each other persons moral values as being of equal worth to my own. For this reason, I feel strongly against the abolition of foxhunting. It is no more than a large number of people trying to bully another group into having the same moral values. Where there is significant moral disagreement on an issue, the law should not take sides.
Well known things that fall or fell into this category are foxhunting, drug taking
homosexuality, and boxing.
The law should protect peoples freedoms against intrusion from other people. This is why rape, assault etc are, and should remain illegal.
a true libertarian will advocate liberty, but also reaslise that that means allowing others _not_ to do the same, so long as it doesn't interfere with the liberty of themselves.
personal freedom's to kill other things for fun be dammed
I can't argue with your opinion there, but it certainly means you are NOT a libertarian, since you seem to find it acceptable to allow the law to force your opinion on others. To repeat, I'm not saying that's good or bad - just that it's not libertarian.
Well said. Libertarians do not impore their moral view on others.
One of the attractive features to me is that everything is built from source and optimised for the machine it is running on. The reason this is attractive is because I have a number of older machines which I want to "squeeze" as much as I can from.
However, being older machines some do not have cdrom drives, only floppy drives and network connections. Given that most of the gentoo install is done on the network anyway, it's a shame the install discs provided are only cdroms.
If anyone has a "HOWTO install gentoo from floppy" I would be happy to know about it.
Do you honestly believe that P2P networks cause people to buy more music?
,we just don't know.
I'm honestly undecided. I do know however that it's made me buy more, and that's true for several others I know. I also know others that only ever download music and never buy it, but many of them never bought it before anyway.
But I'm less inclined to believe what I think happens based on reasoning and intuition and more inclined to believe the statistical facts. It's just that in this case, although the facts may be clear, what they mean is far from it. They can be interpreted to suit almost any view.
Our comparison with the exact science of physics is not useful though, I think. In physical sciences, experiments tend to be repeatable when done properly. For example, Einstein found the same relativistic effects wherever and whenever he looked, but we look around in this situation and we have all different people saying and doing all different things. Some may be lying
In other words we just do not have reliable data with which to work. All I am certain of is that when I hear someone say "file sharing reduces sales" or someone say "file sharing increases sales" then that belief is more faith based than reason based unless they have been closely monitoring millions of individuals.
To sum up by point in a few words:
If anyone says that are anywhere sure one this issue, one way or the other, then they are either lying, biased, or have arrived at their opinion by some illogical means.
Fact: some people buy more music because of file sharing.
Fact: some people buy less music because of file sharing.
Unknown: does the population as a whole buy more or less because of file sharing? I expect a cynic would say less and an optimist would say more. Both views are worthless without sufficient _data_
Worked for Einstein.
Speaking as someone with a degree in Physics (not that that makes me any more right of course) I would say not. I assume you are talking about relativity, in which case he had a phenomenal amount of data which he used before producing any theory. It is true however that his theories were not heavily tested until later.
something for you to think about.
10% is much higher than the increase rate of the population.
If it did stay at 10% can you work out what would eventually happen? Not so long in the future that would mean everyone buying every cd that comes out. shortly after, it would mean some people buying two copies, and so on.
In any case, there is a classic logical fallacy in what you said.
"If a happened it would cause B. B happened, therefore A caused it"
"If an increase in piracy happened it would cause sales to increase less. Sales increased less, therefore an increase in piracy caused it"
A classic logical mistake.
makes sense to me
What the hell has making sense go to do with it?
It "makes sense" that the earth is flat, but that doesn't make it true.
It doesn't make logical sense
What the hell is "logical sense"? You keep mentioning logic, but so far have made very little use of it.
it seems completely irrational
Again, what it _seems_ is unimportant. How about facts and proper argument? We can theorise all we like about what people _would_ do, but it doesn't prove anything.
Consider this quote:
"It is a capital mistake to theorise before one has data. Insensibly one begins to twist facts to suit theories instead of theories to suit facts."- Sherlock Holmes
..and in this case, NONE of us have much data.
I'm sick and tired of people arguing that this doesn't hurt sales
Well thats interesting, but are you going to tell us why? Just because _you_ have bought fewer CDs because of your access to downloaded music doesn't mean others have. Personally speaking I can say honestly that I have bought more music as a result of first sampling it from downloads. Many of my friends do the same.
What I have said here proves nothing. It's just one single anecdotal example, just as your example is.
I'm not saying you're wrong about downloads hurting sales, just that you haven't provided any convincing argument or evidence to back up what you say. "I buy less therefore everyone must buy less" is not enough and doesn't convince me.
No need to mess around with all that. With the new legislation you can just ask one of your mates that works at one of hundreds of pseude-randomly chosen places to hand over the phone location records that he suddenly has access to.
private companies have infinately more legistlation
And who was it who passed that legislation?
Also, this isn't just about good vs bad intentions. It's about competence. A body whose only business is operation in one specific operational area (ie provate companies) tend to be better in that area than a body who involves themselves in all and everything going on around them (ie, govermnents)
Patents promote a developing market.
So we are always told. Very interesting theory, but practice disagrees. That's the problem with this patent mess. It just seems so counter intuitive to think that in reality many patents have the absoulte opposite effect from the one that it seemed so obvious would happen.
the problems faced with software.
What problems? I see no problem with having no patents on software.
Nobody seems to ask the question, "What problem does having software patents solve?"
AFAIK lightwave ran on Amiga before it ever ran on anything else. Support was dropped quite a while ago however.
won't the outfile top out at 2 gigs on ext2?
No.
- what are the potential uses for such a thing?
Fun mostly! But really, it's useful for anyone who wants to hide information from governme^wuntrustworthy people.
- Is there any legitimate use for that?
See above.
- Does moving the file to another location suffices to prevent any use of such a thing?
AFAIK, no. Not with ext2 at least if you're moving the file from one place on a filesystem to another on the same filesystem. The data doesn't actually get moved. All that changes is the link to the inode. (can somebody correct me / elaborate)