Ok, you're right. Just because I happen to know how the system operates and I'm trying to set the record straight I should be discounted and the paranoid speculations should have more consideration. You've done a lot for the credit of Slashdot. Really, you have no idea.
If I was really trying to represent OnStar do you think I would be calling you a dweeb? Please, I'm rather certain that they will be very quick to remind you that my comments are not endorsed by my employer. If you check my history, I do not always carry the Shill banner. Rather I'm one of the first to criticize them if I think they are doing something silly.
But in this case I'm just trying to identify areas where people have a lot of ignorance about what is actually going on with the system. So exactly what kind of a person are you going to give credence to? One of the people who have worked in the engineering side of the company? Marketing types? Or someone who starts with the assumption that the OnStar unit can read your brain waves.
Or would you rather I just publish everything you need to know to hack into millions of vehicles just to prove myself worthy of your consideration?
just have them disable the unit. You don't have to tear up your car to do it. Once disabled, no calls can be placed to it.
Re:It doesn't "remotely shut down vehicles"
on
Stalling Cars Via OnStar
·
· Score: 2, Interesting
Once disabled over the air, there is no fucking way to enable it over the air. None. Not going to happen. You can hold a gun to GM's head and you still can't get the unit enabled over the air once it's been disabled by OnStar.
No Fucking Way.
Why?
You can't connect to the vehicle in any fashion no matter how strong your Kung Fu is.
The ONLY way to get the vehicle and unit back in action is to call OnStar from within the vehicle, using the OnStar unit, to force a call back to Onstar. No way to get a call into the vehicle. Ever.
Um... Because you can't reach it on the network anymore? You can place a 911-type of call from the unit, but nothing can get into the unit. In order to access the unit you would have to first convince the unit to register on the cellular network, which it won't because it is disabled. And then you have to convince the cellular network to route a call to this unit, which it won't because there is no phone number in the unit and no way to get one into the vehicle.
So, after you hack the cellular network in a variety of rather interesting ways, you might be able to access the unit. But you won't be able to hack into the unit because you don't know the protocols, keys, encryption methods, or anything else about the call process.
It would be easier for the police to just ram the car into a wall.
From what I've read in the engineering documentation on the OnStar unit design... You can have OnStar disable the unit and it's a virtual brick to be reactivated only by you taking direct action inside the vehicle. Of course, feel free to fuck with the electricals all you want. But if you really don't want it, or any of it's Big Brother features, just call OnStar and have them cancel your account and disable your Onstar unit.
Well, I don't think that's how anyone wants to use it. Considering the level of control they have, they would fuck out your engine only after the police where in position. Read this as -- road cleared and you and the police are in a position to ensure your slow down is a managed process. If they didn't consider this as s concern for your safety and those around you, they would probably just detonate the 2 pounds wired into every GM drivers seat.
What a dick. Please try to keep in mind that even evil governments have to fear the more evil lawyers.
Re:It doesn't "remotely shut down vehicles"
on
Stalling Cars Via OnStar
·
· Score: 2, Informative
You can also call OnStar and ask that you have your unit disabled. Just as effective but it does more to retain your vehicles resale value. Once disabled, it won't work until you call back into OnStar and ask for them to reactivate the unit.
As for removing the GPS antenna, that was dumb. The only thing the GPS it tied into is the OnStar unit and once that's disabled, there's nothing else to do.
It just leaves a more passive means of removing the functionality of OnStar without wrapping foil around your head.
Re:It doesn't "remotely shut down vehicles"
on
Stalling Cars Via OnStar
·
· Score: 4, Informative
OK, just to clear up a few things because I can. Why, because I work there.
It does not apply the brakes, it whacks the engines software modules (in a non-destructive, non-damaging way) to basically screw up the fuel/air/combustion mix rendering your 200 HP engine weak.
You really can't get the local police to call in to OnStar to screw with these cars. They have been trying to do that for a decade and there is not ONE incident where they have successfully gotten OnStar to interfer with a vehicle without the permission and knowledge of the owner. So STFU about that one you paranoid aluminum jock strap wearing dweebs.
Hacking OnStar is going to be about as easy has hacking SSH using a public private key authentication system. Good luck. There are so many hurdles go get through for a single car you would be far better off hacking it with a large rock.
Normally I am pretty damn critical about big brother. But in this case I have to argue that they have a lot of the paranoid issues covered. The new changes in privacy are such that it's pretty difficult to figure out anything about a given vehicle. You have to really know the system, design, protocols, and transmission methods to get anything out of it. There are maybe 4 people who might be able to do that.
There seems to be a lot of Oh My God!! It's Big Brother!! going on around on this one. But seeing as I'm one of the system engineers who has worked on this stuff for most of OnStars life... Get over yourself and go worry about something more problematic like DMCA...
I understand your point but I flatly disagree with it on one point. I do not believe it is the home user who sets the impetus for OS migration. Rather this is determined by the office environment.
Basis for this -- Apple appealed to the Academics and IBM appealed to the Corporations. That's a starting point.
When you consider that a majority of people who use computers spend more time on them at work than at home (yes, this is an assumption) they tend to have a familiarity with the computer at work more. They also have, to varying degrees, support in the office in getting help with the various software. This could be formalized support or just the guy in the next cube. It also helps if you can take work home over the weekend and have the same software you need there as here.
The other point to consider is the recent news that you can buy MS Office and OS in China for $1. The reason for this is pretty simple. If Wednesday morning China decides to mandate that everyone use OpenOffice for all their business, government, and personal computing needs (or at least ODF) then you have a problem with all the companies doing business in China. When they send/receive documents to their Chinese Counterparts they have to either convert the documentation from.doc to ODF and hope it works correctly -- potentially munging months of work, or they can simply install OpenOffice on their Windows machines and learn to use OpenOffice.
If they chose the latter, then shortly after that the use of.doc format will effectively become deprecated because no one really wants to try and support two of the same applications. (how many people are fluent with VI and EMACS?). By this point, Microsoft will have lost the Office platform freeing up the world to reconsider their OS platform as well. This doesn't dictate anyone will migrate from Windows OS, but it certainly removes the lockin. But the Office makes a lot more money than the OS.
The only reason companies migrate from version to version is based on two reasons. I can no longer get (official) support for the current version (or purchase new hardware with same). I am pulled into a newer version because my business partnerships are no longer using the same software versions. Otherwise we would all be usine WordPerfect 6.1
You're missing the real significance to this. They are back porting features from Vista!!! That's removing the incentive for migration from XP to VISTA on features alone. Considering the historic business model they have used, this is reason for further thought.
Dell and others have pushed Microsoft into a position where they (OEM) are allowed to continue selling XP software beyond the originally intended dates set by Microsoft. This is the first time anyone ever successfully told Microsoft what to do, including the US Government (interestingly enough).
Now that there is a continuance of XP in the market, the best thing that Microsoft can provide that customer base with secure products. If they fail to then it gives credence to the competition laying claims on security. If I remember, one of the points Microsoft was selling XP on was the security it provided above the Windows 2000/98/95 platforms. So there is something of a commitment they have made to keep it secure.
If there's a diminished reason to migrate to Vista, as already demonstrated, then what?
We live on a ball of dirt in space (with really nice fjords) and it's been working up random sequences of genetic code and testing the viability of each one over a period of what? 5 Billion years or something like that if you consider the pea-soup era of evolution.
And now we have a chemist who is going to start the whole fucking process over again in his lab. Considering he's got to replicate 5 billion years of research he's got great job security. But what I'm not sure about is what is going to be the benefit of someone going through all the genetic combinations that have already been gone through by natural selection (or intelligent design if you prefer).
I think it's cool he can do this, but can someone point out the value of starting over?
I don't know that you can blame the Americans universally. If that where the case, then we would all be speaking in the same Middle English that was aroung long before the Columbus set sail. Not sure about you, but I can't say I was to be speaking like Shakespeare and The Canterbury Tales.
That said, much of the perversion of language today has a lot of blame to lay at the feet of America. But even that is a mixture of linguistic changes brought on by marketing demographics. I don't see anyone in television, radio, or advertising trying to emulate the Southern Drawl or the Texan slang. Those linguistic demographics don't represent a sufficient group of people with the arbitrarily disposable income (and fiscal ignorance) necessary.
There is another problem with the integration of other countries trying to translate to English, like the sign example above. But it's also trying to come up with a name that is unique enough to be distinguishable yet relevant. And so you come up with Systems Integrators, which is kind of stupid or not. Perhaps they are Integrators of Systems, but that's not how you initially read it.
Perhaps they could go for the down home feel of Tech Eds Integrators or something catchy like that...
I don't know, I didn't get that far. The article and the concept is bullshit.
The 'From' field is the keystone of their identification process. Well, I got news for you if you bothered to read the RFC. 'From' does not have to represent the real sender. I can forge it up all I want into anything I want and you can't tell. I didn't get past section 3 where this is before I determined the rest isn't worth reading.
Once again we have another company trying to come up the next Big Thing and they don't know what the hell they are talking about. SPF is cute -- but relies too much on people setting it up and correctly. I suppose you could pay a service to act as a third party validator, but that's turning into a boondoggle too.
I don't think bouncing email at valid senders is going to win any friends.
Perhaps there is a way to do it successfully and with great accuracy. I would love to say I'm working on it. But quite frankly, if I do figure it out I probably won't mention to anyone since I really don't want the legal hassle of trying to defend my idea against someone else's billions. I can block spam. I can block spam to the tune of 99+%. The rest is trivial. I was even surprised to hear them say 94% was the average. Perhaps people would be better off if they stopped using SpamAssassin.
Sorry, my opinion is that statistical filtering is more than sufficient if it's managed well. I think few people are willing to do the work required of them to make them spam free. Kind of like locking the door to keep out the crooks.
If the constraints are added as additional SQL to the migrations as either table constraints or database triggers, I don't think the model has to do anything. Rails built in error handling should fire an exception on a failed update or insert, which should generally happen and be handled in the controller, right? And if you are handcoding in MVC style without Rails, in any language, that's still going to be the case, right? Rails may not add much to this, but it doesn't seem to me that it really fights you in it, either.
But it shouldn't handle the error as a failure.. It should know what to do and do the right thing. Here's an example, but assume we aren't doing a security login username thing:
I want to add a username to my table (eg: list of all the email addresses that send me email) so I naturally do an INSERT using sequences
If the INSERT fails on a duplicate key violation then I want to turn around and do a SELECT and pull the necessary ID information for that username.
Return ID for that username.
The simply return an error at step 1 citing, "You can't do this" is not the right thing to do. Perhaps in another story line, but not this one.
But when I went to college to be an engineer it was preceded by decades of emphasis on science. The Apollo missions where number one on the TV. And it was considered cool to be an engineer. You could actually get dates!
Fast forward to my teenage kids. Being someone which technical knowledge about anything gets you labeled a Nerd and Ghey. This negative peer pressure, combined with the complete lack of any emphasis on people actually learning technology does little to encourage students to even pursue a BS degree in Engineering or any of the Sciences (except for psychology which might be considered a soft science).
There's no emphasis for it. Look at computers and computer technology. People don't have any clue what anything actually does and they have an absolute aversion towards learning about it. Why? Because Marketing has told them it's all so difficult and dangerous that you should buy their product to take care of all your computer needs. Marketing leads to fear and fear leads to hate and hate leads to the dark side.
You haven't the marketing and advertisement dollars to do that. And that's not what works with Linux. What makes Linux valuable isn't the desktop -- its the fact that it just works. This is the one thing that Linux provides, especially as a server, that Microsoft simply cannot compete with.
Apple will either dominate the market or self destruct (again). No action required as yet.
But Rails sells itself on not requiring anyone to know a lot about SQL. That's what bothers me about it.
IMHO there isn't enough focus on getting the database built to enforce the business rules in the Model. Rather it's sold as "The MODEL does everything you need!!" and lulls you into a sense that the application should enforce all the rules and the database should carry a minimum of them. I think this is extremely short sighted.
Databases were created many years ago and have an advantage over anything else in that they are designed to do one thing only, do it extremely well, and have been optimized over decades to do it better than anything else. Why duplicate this in some slow language like Ruby? And yes, Ruby is slow when you compare it to C and even Perl. Pretty, easy, but slow.
I don't think Rails is entirely to blame as a technical solution. I think the marketing is to blame and the hype makes it downright dangerous.
You are obviously very familiar not only with Rails, but databases. Many Rails users are not and there's not much attention paid to the database as a business model enforcement in the Rails "way" of doing things. Specifically, the Ruby on Rails book is way too lean on this subject.
My first and only Rails convention was a real learning experience. I was outnumbered by easily 20:1 in an argument that counter your statements. The generally accepted concept in that room was that Rails manages everything for you. If you have to create all these database centric constraints, indices, rules... then you aren't doing it Right. I was essentially shouted down on the notion that proper handling of unique values should be to manage the errors returned when you violate a constraint rather than doing a test and action without the database constraint. I'm not kidding about this either. I was one of three people who were in the database camp and we were all relatively new to Rails
The other probable answer to how this could happen is that Rails developers are ex-php developers who still don't know anything about what a database is beyond some kind of file system for storing data.
I think this is a variation of Block Pricing which is supposed to be illegal in the US most of the time. But for someone in the Business and not Geek community, it's a nice thing to be able to do. The idea is to adjust the prices offered based on the individual's demand for the product. Overly simplified examples would be to charge more for food in expensive suburbs than others, raising prices for people who come to your store in newer more expensive cars, increasing the cost of cable TV during the football season.
This isn't really block pricing since, as mentioned, it's more a management technique of supply/demand curve. I think this was a good idea. But I wonder if this was a price cut that was driven by other factors than just the Economics 101 Supply/Demand curve.
Ruby is nice, Rails has some severe limitations on what it can do without major hacks.
Examples:
Business Model versus Business Rules
There is a distinction between the Rules and the Model. Rules are those things that must be enforced against the data. Examples of this would be (in database terms) referential integrity, unique values for certain fields or combination of fields.
Without this distinction you can easily run into rampant data duplication and your ability to determine what is actually going on becomes a major challenge. Rails fails on this enforcement of the rule because when you identify something as being unique according to Rails, it's managed by a Model declaration to check for uniqueness before making an UPDATE/INSERT SQL execution. Problem with this is you are assuming that you have only one active rails session at a time. If you don't, then it's trivial for two web sessions to insert the same username in the table, thereby fucking your database and your business. Without the database actually enforcing the data through database constraints, you cannot guarantee the results.
Things get even more difficult/tricky when you have to ensure that combinations of fields remain unique or referential constraints are preserved.
I'm know there is some way to do all of this in Rails, but it's counter productive and essentially a hack. For example -- I would have to create additional unique SQL constraints in the database migration files, in some cases, I have to write out the SQL directly -- bypassing that which is Rails. Then the Model would not only have to run the extraneous SQL statement to check for uniqueness, but also be modified to accomodate the error handling that is going to happen when you violate the database integrity. Again, this makes for a lot of non-Rails and non-elegant code.
Don't get me wrong, Rails is nice but it is not really going to be a useful product for some major site that is going to just get crushed in transactions. Do you really think you can open the next MySpace and have it keep all the data properly synchronized? I know it's possible to get around the application rules of the Model, so I know it's also likely to muck up your data.
Slashdot Mirror
Ok, you're right. Just because I happen to know how the system operates and I'm trying to set the record straight I should be discounted and the paranoid speculations should have more consideration. You've done a lot for the credit of Slashdot. Really, you have no idea.
If I was really trying to represent OnStar do you think I would be calling you a dweeb? Please, I'm rather certain that they will be very quick to remind you that my comments are not endorsed by my employer. If you check my history, I do not always carry the Shill banner. Rather I'm one of the first to criticize them if I think they are doing something silly.
But in this case I'm just trying to identify areas where people have a lot of ignorance about what is actually going on with the system. So exactly what kind of a person are you going to give credence to? One of the people who have worked in the engineering side of the company? Marketing types? Or someone who starts with the assumption that the OnStar unit can read your brain waves.
Or would you rather I just publish everything you need to know to hack into millions of vehicles just to prove myself worthy of your consideration?
Go ahead. I don't care. It's not like your post is going to do anyone any good. Other than for the one car.
What part of no calls can be placed to the vehicle don't you understand? Or are they putting mini-FBI guys in the glove box to tap into the mic?
just have them disable the unit. You don't have to tear up your car to do it. Once disabled, no calls can be placed to it.
Once disabled over the air, there is no fucking way to enable it over the air. None. Not going to happen. You can hold a gun to GM's head and you still can't get the unit enabled over the air once it's been disabled by OnStar.
No Fucking Way.
Why?
You can't connect to the vehicle in any fashion no matter how strong your Kung Fu is.
The ONLY way to get the vehicle and unit back in action is to call OnStar from within the vehicle, using the OnStar unit, to force a call back to Onstar. No way to get a call into the vehicle. Ever.
Um... Because you can't reach it on the network anymore? You can place a 911-type of call from the unit, but nothing can get into the unit. In order to access the unit you would have to first convince the unit to register on the cellular network, which it won't because it is disabled. And then you have to convince the cellular network to route a call to this unit, which it won't because there is no phone number in the unit and no way to get one into the vehicle.
So, after you hack the cellular network in a variety of rather interesting ways, you might be able to access the unit. But you won't be able to hack into the unit because you don't know the protocols, keys, encryption methods, or anything else about the call process.
It would be easier for the police to just ram the car into a wall.
See, it's rather customer oriented...
I understand the point of disconnecting the OnStar unit.
I think you misunderstood the purpose and implication of having your OnStar unit disabled by GM.
I'm not familiar with anyone bugging a conversation or even how likely that is to even work with the Onstar units I work with. Can you prove it?
From what I've read in the engineering documentation on the OnStar unit design... You can have OnStar disable the unit and it's a virtual brick to be reactivated only by you taking direct action inside the vehicle. Of course, feel free to fuck with the electricals all you want. But if you really don't want it, or any of it's Big Brother features, just call OnStar and have them cancel your account and disable your Onstar unit.
Well, I don't think that's how anyone wants to use it. Considering the level of control they have, they would fuck out your engine only after the police where in position. Read this as -- road cleared and you and the police are in a position to ensure your slow down is a managed process. If they didn't consider this as s concern for your safety and those around you, they would probably just detonate the 2 pounds wired into every GM drivers seat.
What a dick. Please try to keep in mind that even evil governments have to fear the more evil lawyers.
You can also call OnStar and ask that you have your unit disabled. Just as effective but it does more to retain your vehicles resale value. Once disabled, it won't work until you call back into OnStar and ask for them to reactivate the unit.
As for removing the GPS antenna, that was dumb. The only thing the GPS it tied into is the OnStar unit and once that's disabled, there's nothing else to do.
It just leaves a more passive means of removing the functionality of OnStar without wrapping foil around your head.
OK, just to clear up a few things because I can. Why, because I work there.
There seems to be a lot of Oh My God!! It's Big Brother!! going on around on this one. But seeing as I'm one of the system engineers who has worked on this stuff for most of OnStars life... Get over yourself and go worry about something more problematic like DMCA...
I understand your point but I flatly disagree with it on one point. I do not believe it is the home user who sets the impetus for OS migration. Rather this is determined by the office environment.
Basis for this -- Apple appealed to the Academics and IBM appealed to the Corporations. That's a starting point.
When you consider that a majority of people who use computers spend more time on them at work than at home (yes, this is an assumption) they tend to have a familiarity with the computer at work more. They also have, to varying degrees, support in the office in getting help with the various software. This could be formalized support or just the guy in the next cube. It also helps if you can take work home over the weekend and have the same software you need there as here.
The other point to consider is the recent news that you can buy MS Office and OS in China for $1. The reason for this is pretty simple. If Wednesday morning China decides to mandate that everyone use OpenOffice for all their business, government, and personal computing needs (or at least ODF) then you have a problem with all the companies doing business in China. When they send/receive documents to their Chinese Counterparts they have to either convert the documentation from .doc to ODF and hope it works correctly -- potentially munging months of work, or they can simply install OpenOffice on their Windows machines and learn to use OpenOffice.
If they chose the latter, then shortly after that the use of .doc format will effectively become deprecated because no one really wants to try and support two of the same applications. (how many people are fluent with VI and EMACS?). By this point, Microsoft will have lost the Office platform freeing up the world to reconsider their OS platform as well. This doesn't dictate anyone will migrate from Windows OS, but it certainly removes the lockin. But the Office makes a lot more money than the OS.
The only reason companies migrate from version to version is based on two reasons. I can no longer get (official) support for the current version (or purchase new hardware with same). I am pulled into a newer version because my business partnerships are no longer using the same software versions. Otherwise we would all be usine WordPerfect 6.1
You're missing the real significance to this. They are back porting features from Vista!!! That's removing the incentive for migration from XP to VISTA on features alone. Considering the historic business model they have used, this is reason for further thought.
Dell and others have pushed Microsoft into a position where they (OEM) are allowed to continue selling XP software beyond the originally intended dates set by Microsoft. This is the first time anyone ever successfully told Microsoft what to do, including the US Government (interestingly enough).
Now that there is a continuance of XP in the market, the best thing that Microsoft can provide that customer base with secure products. If they fail to then it gives credence to the competition laying claims on security. If I remember, one of the points Microsoft was selling XP on was the security it provided above the Windows 2000/98/95 platforms. So there is something of a commitment they have made to keep it secure.
If there's a diminished reason to migrate to Vista, as already demonstrated, then what?
Let me see if I get this right...
We live on a ball of dirt in space (with really nice fjords) and it's been working up random sequences of genetic code and testing the viability of each one over a period of what? 5 Billion years or something like that if you consider the pea-soup era of evolution.
And now we have a chemist who is going to start the whole fucking process over again in his lab. Considering he's got to replicate 5 billion years of research he's got great job security. But what I'm not sure about is what is going to be the benefit of someone going through all the genetic combinations that have already been gone through by natural selection (or intelligent design if you prefer).
I think it's cool he can do this, but can someone point out the value of starting over?
I don't know that you can blame the Americans universally. If that where the case, then we would all be speaking in the same Middle English that was aroung long before the Columbus set sail. Not sure about you, but I can't say I was to be speaking like Shakespeare and The Canterbury Tales.
That said, much of the perversion of language today has a lot of blame to lay at the feet of America. But even that is a mixture of linguistic changes brought on by marketing demographics. I don't see anyone in television, radio, or advertising trying to emulate the Southern Drawl or the Texan slang. Those linguistic demographics don't represent a sufficient group of people with the arbitrarily disposable income (and fiscal ignorance) necessary.
There is another problem with the integration of other countries trying to translate to English, like the sign example above. But it's also trying to come up with a name that is unique enough to be distinguishable yet relevant. And so you come up with Systems Integrators, which is kind of stupid or not. Perhaps they are Integrators of Systems, but that's not how you initially read it.
Perhaps they could go for the down home feel of Tech Eds Integrators or something catchy like that...
I don't know, I didn't get that far. The article and the concept is bullshit.
The 'From' field is the keystone of their identification process. Well, I got news for you if you bothered to read the RFC. 'From' does not have to represent the real sender. I can forge it up all I want into anything I want and you can't tell. I didn't get past section 3 where this is before I determined the rest isn't worth reading.
Once again we have another company trying to come up the next Big Thing and they don't know what the hell they are talking about. SPF is cute -- but relies too much on people setting it up and correctly. I suppose you could pay a service to act as a third party validator, but that's turning into a boondoggle too.
I don't think bouncing email at valid senders is going to win any friends.
Perhaps there is a way to do it successfully and with great accuracy. I would love to say I'm working on it. But quite frankly, if I do figure it out I probably won't mention to anyone since I really don't want the legal hassle of trying to defend my idea against someone else's billions. I can block spam. I can block spam to the tune of 99+%. The rest is trivial. I was even surprised to hear them say 94% was the average. Perhaps people would be better off if they stopped using SpamAssassin.
Sorry, my opinion is that statistical filtering is more than sufficient if it's managed well. I think few people are willing to do the work required of them to make them spam free. Kind of like locking the door to keep out the crooks.
But it shouldn't handle the error as a failure.. It should know what to do and do the right thing. Here's an example, but assume we aren't doing a security login username thing:
The simply return an error at step 1 citing, "You can't do this" is not the right thing to do. Perhaps in another story line, but not this one.
But when I went to college to be an engineer it was preceded by decades of emphasis on science. The Apollo missions where number one on the TV. And it was considered cool to be an engineer. You could actually get dates!
Fast forward to my teenage kids. Being someone which technical knowledge about anything gets you labeled a Nerd and Ghey. This negative peer pressure, combined with the complete lack of any emphasis on people actually learning technology does little to encourage students to even pursue a BS degree in Engineering or any of the Sciences (except for psychology which might be considered a soft science).
There's no emphasis for it. Look at computers and computer technology. People don't have any clue what anything actually does and they have an absolute aversion towards learning about it. Why? Because Marketing has told them it's all so difficult and dangerous that you should buy their product to take care of all your computer needs. Marketing leads to fear and fear leads to hate and hate leads to the dark side.
Maybe Kansas is just a good home town kind of state and not rampant with crime but white picket fences and apple pie?
Don't compete directly with Apple and Micrsoft.
You haven't the marketing and advertisement dollars to do that. And that's not what works with Linux. What makes Linux valuable isn't the desktop -- its the fact that it just works. This is the one thing that Linux provides, especially as a server, that Microsoft simply cannot compete with.
Apple will either dominate the market or self destruct (again). No action required as yet.
I know this only too well.
But Rails sells itself on not requiring anyone to know a lot about SQL. That's what bothers me about it.
IMHO there isn't enough focus on getting the database built to enforce the business rules in the Model. Rather it's sold as "The MODEL does everything you need!!" and lulls you into a sense that the application should enforce all the rules and the database should carry a minimum of them. I think this is extremely short sighted.
Databases were created many years ago and have an advantage over anything else in that they are designed to do one thing only, do it extremely well, and have been optimized over decades to do it better than anything else. Why duplicate this in some slow language like Ruby? And yes, Ruby is slow when you compare it to C and even Perl. Pretty, easy, but slow.
I don't think Rails is entirely to blame as a technical solution. I think the marketing is to blame and the hype makes it downright dangerous.
You are obviously very familiar not only with Rails, but databases. Many Rails users are not and there's not much attention paid to the database as a business model enforcement in the Rails "way" of doing things. Specifically, the Ruby on Rails book is way too lean on this subject.
My first and only Rails convention was a real learning experience. I was outnumbered by easily 20:1 in an argument that counter your statements. The generally accepted concept in that room was that Rails manages everything for you. If you have to create all these database centric constraints, indices, rules... then you aren't doing it Right. I was essentially shouted down on the notion that proper handling of unique values should be to manage the errors returned when you violate a constraint rather than doing a test and action without the database constraint. I'm not kidding about this either. I was one of three people who were in the database camp and we were all relatively new to Rails
The other probable answer to how this could happen is that Rails developers are ex-php developers who still don't know anything about what a database is beyond some kind of file system for storing data.
I think this is a variation of Block Pricing which is supposed to be illegal in the US most of the time. But for someone in the Business and not Geek community, it's a nice thing to be able to do. The idea is to adjust the prices offered based on the individual's demand for the product. Overly simplified examples would be to charge more for food in expensive suburbs than others, raising prices for people who come to your store in newer more expensive cars, increasing the cost of cable TV during the football season.
This isn't really block pricing since, as mentioned, it's more a management technique of supply/demand curve. I think this was a good idea. But I wonder if this was a price cut that was driven by other factors than just the Economics 101 Supply/Demand curve.
Ruby is nice, Rails has some severe limitations on what it can do without major hacks.
Examples:
Business Model versus Business RulesThere is a distinction between the Rules and the Model. Rules are those things that must be enforced against the data. Examples of this would be (in database terms) referential integrity, unique values for certain fields or combination of fields.
Without this distinction you can easily run into rampant data duplication and your ability to determine what is actually going on becomes a major challenge. Rails fails on this enforcement of the rule because when you identify something as being unique according to Rails, it's managed by a Model declaration to check for uniqueness before making an UPDATE/INSERT SQL execution. Problem with this is you are assuming that you have only one active rails session at a time. If you don't, then it's trivial for two web sessions to insert the same username in the table, thereby fucking your database and your business. Without the database actually enforcing the data through database constraints, you cannot guarantee the results.
Things get even more difficult/tricky when you have to ensure that combinations of fields remain unique or referential constraints are preserved.
I'm know there is some way to do all of this in Rails, but it's counter productive and essentially a hack. For example -- I would have to create additional unique SQL constraints in the database migration files, in some cases, I have to write out the SQL directly -- bypassing that which is Rails. Then the Model would not only have to run the extraneous SQL statement to check for uniqueness, but also be modified to accomodate the error handling that is going to happen when you violate the database integrity. Again, this makes for a lot of non-Rails and non-elegant code.
Don't get me wrong, Rails is nice but it is not really going to be a useful product for some major site that is going to just get crushed in transactions. Do you really think you can open the next MySpace and have it keep all the data properly synchronized? I know it's possible to get around the application rules of the Model, so I know it's also likely to muck up your data.