alltogether quite a nice article. nothing most slashdotters didn't know yet, but still rather good. but for some reason he had to put those nasty exagerations in there, and that's just again an example of partisan and ideological marketing!
the linux kernel is [...] the impossible notion that a bunch of kids on the Internet could create the most successful operating system in history come true.
it wasn't exactly kids and the term "most successful OS" might be swaying a BIT far from the truth!
Once again, it was piracy of public software. Stolen in order to increase Bill Gates' personal fortune. But it was legal theft.
come on, watch your language. don't throw the ridiculous piracy concept back at bill gates and what the hell is "legal theft" supposed to be? this language is no better than the whole "viral license" propaganda!
But Linux is immune to most of the kneecap-busting, air-supply cutting, baby-knifing techniques that Microsoft is so fond of.
i am no fan of microsoft, but i still find this rather harsh. if the article were meant to be journalistic, this would SO not qualify for an objective perspective!
well, all in all i totally agree with the author. but maybe he should cut back on the ideological and radical lingo!
i really don't want to play down the problems linux has with its development model and i sure have heard great things about the microsoft development process!
but i'd rather have a more secure system now, which lacks in development stringency, then a provenly unsafe system which can prove exactly when, why and how their bugs came into the system...
microsoft is just far too lax concerning their outward security policy (like not caring about the blatant RC4 exploit). their "patch day" with all those patches that never quite close the exploits is just a farce!
well, gnu/linux with all its applications has had a bad streak of exploits as well recently and i would strongly recommend a stricter development process, but if i were microsoft i'd definitely tone down on the linux-is-insecure-and-lacks-accountability bashing and instead invest some serious effort in making my own product look a little more convincing and less like the bug-ridden security hole that it is!
sure, i am no stranger to the debugger... but when you have pointer running wild the debugger ain't of much help because the segfault will occur at a different place in the code than the original mis-allocation!
yep, the technical background of programming is important and maybe every programmer should know his C/assembly in order to understand the pipelining, cacheing and the different costs of basic operations.
but as more and more complex software is demanded from designers and programmers, i see the future in languages that abstract from the von-neumann-style of programming towards a style in which you can actually hold the solution to a complex problem in your head instead of micro-optimising your solution, pointer juggling, and so forth.
you should be able to construct sensible abstractions for a problem in a very short time so that you can then concentrate wholly on solving the problem at hand and not whether this operation costs more than that operation. and languages like C don't "allow" fast/prototype-like abstractions and instead force the micro-optimisation approach on you.
Premature Optimisation is the root of all evil and in my eyes C is the root of premature optimisation. of course for low-level problems like operating systems every microsecond counts and one doesn't necessarily have the luxury of wasting valuable cpu time on garbage collection, BUT for mission critical software some kind of proving that the solution conforms to the specification would be nice to have, and functional languages like haskell make those kinds of proofs much easier than side-effect-maniac languages like C.
finding a bug in bad C code is nearly impossible (believe me, i have written my share of horrible C/C++ code) due to the side effects and manual memory management. finding a bug in pure functional languages is far easier because the bug only has a local effect instead of a global fandango-on-core.
for all those yammering about the many brackets in lisp: how exactly is polluting your code with xml-tags better??
LISP/scheme is an incredibly extensible language and after having spent the last days learning the basics of haskell, i really wonder how on earth an inferior language like "C++" could ever become this popular!
for low-level stuff, C is a great language but when it comes to prototyping complex algorithms or simply trying out some whacky ideas, imperative languages like C++ keep your mind so very busy with memory allocation, pointer arithmetic and weird segmentation faults that the chance of finally implementing some intricate algorithm in such a language is really slim (and will definitely produce a HUGE headache).
i am not saying that LISP/scheme/OCAML/haskell (to name just a few [very different] functional and multi-paradigm languages) are so much better for all tasks, but if people were simply introduced to one of these languages early on, this might have a very beneficial effect on their programming style in any other language.
and as for extensibility, LISP is seriously unbeatable with its powerful macros and the duality of code and data!
well, you do your thing with patched-on xml tags in your code and i'm just gonna stick to the languages that were actually thought through!
i have said it before and i will say it again: only because more and more people stand up to state how superior and ultra-safe linux is, won't necessarily make it so!
if it is indeed true what this study claims then i am the first to applaude the kernel guys and the distribution makers.
but there are facts that won't change:
- software monoculture is BAD (no matter what the monoculture consists of) - linux is NOT the safest alternative out there (compare *BSD, VMS,...) - there have been an alarming number of exploits as well for the kernel itself (local root exploits, anybody) as also many exploits for user land applications (mplayer, mpeg123, mozilla,...). therefore it is as questionable a time to glorify linux as it will ever be.
SECURITY IS A PROCESS NOT A STATE!
please, dear media (and also dear slashdot), make an effort to educate people in security matters instead of putting some solution on the "security pedestal". don't make claims about the absolute security of any alternative.
the complete solution is what makes and breaks security, not the components, and without adequate, highly trained and proficient personell it will always be near impossible to achieve truly secure (whatever THAT means) solutions.
well, at least the uprising unices make it easier for the proficient and maybe even raise the security bar for the amateurs, but alas this is not an end to itself!
after playing too much carmageddon (a really tasteless game where you overrun people with your car in a first-person perspective) I came to know its dangerous effects when considering while driving in RL how many points the inline skater at the side of the road would bring...
and after playing loads of "need for speed 2 underground" and flatout (also a racing game) which is especially fun on icy roads, i had to remind myself that i wasn't playing it anymore when really driving on ice covered roads after the game session! these things can get really dangerous when you overestimate your driving skills or the car configuration right after having played a racing game. the effect usually fades within an hour or so, but technically it should be forbidden to drive just after having played a "realistic" car related game!
also, after many, many hours of counter strike i found myself checking out rooms for possible cover and would think ahead for strategies to use when ambushed. this was actually fun even in RL but without doubt shows how very attached one gets to the patterns learned during hours of continuing immersive gameplay!
why don't the guys responsible for all these site simply put the content of their databases as well as the CMS configuration on their own site for anyone to mirror! if the site is then taken down, someone will have all the latest torrent links, forums,... and can happily host the site (maybe under a slightly different name) elsewhere!
shouldn't be that much of a problem, not have the owners of the original site commit any crime AFTER having been taken down and would take care of our need for good p2p links;-))
hmm, there must be something really wrong with my GNU make tools. the Makefile is clearly there, but for some reason, make won't accept it??
me@enoch:/mnt/cdrom$ make -f Makefile gcc -I/usr/include/linux/drm -ldrm -Wall -o/tmp/DRMplayer DRMplayer.c:70:20: warning: anonymous variadic macros were introduced in C99 me@enoch:/mnt/cdrom$/tmp/DRMPlayer drumnbase.dat
well, and it has been playing wonderful music ever since! i'll have to automate the process somehow, but maybe i can even use the same player for different audio cds...
me@enoch:/mnt/cdrom$./configure ./configure: line 89: conf.sh: Permission denied me@enoch:/mnt/cdrom$ make make: *** No targets specified and no makefile found. Stop. me@enoch:/mnt/cdrom$ make install make: *** No targets specified and no makefile found. Stop. me@enoch:/mnt/cdrom$ me@enoch:/mnt/cdrom$ modprobe -r DRM me@enoch:/mnt/cdrom$
*D'OH*, such a good move of them, but they really should have thought a little further! and TRYING IT OUT on a unix system might have helped too!!!
jethr0
BTW: how the hell did root get write access for CDROMs on your machine???
i call bullsh*t to all these partisan studies! "windows better", "linux better",... why won't this stop at least from the "good guys" and let's all have some objective analysis of the REAL cost/benefit situation instead of each side stubbornly stating how superior and infallible they are!
linux has a severe lack of a stringent development process, does little coordinated code reviews and is a big lump of monolithic code! yet, the discovery-bugfix time is quite acceptable and with enough background knowledge the stability and performance is quite good. but why trash (implicitely) the quality of the alternatives? *BSD and solaris for example are definitely superior to GNU/linux in some areas and have an excellent track record at security, stability. why do we have to worship linux as the non-plus-ultra when in fact it simply is a respectable alternative to windows on the server?
oh, sure, windows has its problems, but at its core the once-microkernel approach is not all that bad and bad drivers will crash linux just as well as windows! but apart from shady business practices and horrible reaction times to exploitable holes (patch day, anyone?) microsoft is actually making an effort and has some development practices in place that wouldn't be such a bad idea for the open-source community to adopt like nightly regression tests and driver certification. i am far from saying how wonderful microsoft is as a software producer, but simply bashing them all the time (even if in self defense) won't make the open-source movement look any better!
come on! give a little respect to the *BSD guys who are actually making an effort of code reviews and an emphasis on security! and even give some credit to microsofts (recent) efforts to work towards security (even if in vain when faced with the horrid IE code base)... open source has HUGE issues with code quality and developer trust, so we shouldn't mouth off about our superiority until we can make sure that total chaos won't break out with the next kernel release!
doing your cutting-edge development in the current "stable" kernel is just as bad as many things microsoft is doing!
I guarantee you would see a lot more spam, both from small-timers driven straight, to the loss of business incurred by hardcore spammers who implement countermeasures against us (complex javascript tests, etc) that also drive away legit customers, if this wasn't being done.
yeah, great, and we could reduce crime rate by simply stoning suspects to death right at the site of the crime!!! but that is not a good solution - keeping down criminal activity might be considered by some to be LESS IMPORTANT than civil liberties and human rights. and a similar question arises when the vigilante justice of spammers is discussed!
As for innocent sites being hit, the chances are extremely improbable; your bringing up that idea only shows your unfamiliarity with the process.
jep, not everybody can be such a self-righteous zorro-like avenger of the helpless as yourself; being so familiar with the process and all! also this depends to a huge extent on how one defines "innocent". i read recently that 80% of the spam are sent by trojan-infected workstations... how exactly is DOSing those computers harming the spammers? and how culpable is the workstation's owner of sending spam??
[...] Idiot pornsite webmasters using.wmv to deliver video wastes a lot more bandwidth than a couple net cops with spam vampire.
don't answer my arguments with examples of worse bandwidth usage!! that's like saying in court: "yes, my client did rob the bank, but the previous robbers even killed a guard. shouldn't you be out catching them instead of going after my client?" i didn't know we had an appointed "net police" on the internet... OHHH, you are talking about self-righteous people who don't care about the spammer's provider or who the addresses they are attacking belong to. well, those are just REALLY GREAT GUYS!
in the "real world" two wrongs don't make a right and i don't see why the rules of the internet should differ that much from "real" law! denial of service should be a punishable offense no matter against whom it was directed. citizens ought not take the law in their own hands, but leave the punishment of criminals to the governments, etc. i know there isn't yet any real action against spammers from the governments, but vigilante justice is NO SOLUTION to this problem! send their providers mails notifying them of illegal activity from their address range or something, but don't start bombing random addresses!
- "blocklists" are also questionable because the maintainers of these lists gain a lot of power and often ask for huge amounts of money for address-ranges which were accidentally added to be removed again!
- "teergruben" are a nice idea, but they would have to rely on source address filtering or only kick in after a few hundred messages. and if the spammer simple multithreads his sending "server" he might not be THAT bothered with slower delivery, as he can have thousands of concurrent deliveries, totally bogging down the receiving server! and also, if teergruben should just be the exception it is trivial to add a timeout to the delivery routine to abort after 1 minute or so of trying to deliver!
- "bandwidth suckers" - this is just the kind of anarchistic vigilante justice that SHOULD SIMPLY NOT occur! even if it were not for the "collateral damage" to the network infrastructure and "innocent" pages being accidently hit, this is no better than stoning criminal suspects to death without proper trial...
- "sugarplums" - this idea is actually pretty good but looking at the small return that spammers are getting at the moment this won't really slow them down much. even at 1% reached mail addresses the spammers still have virtually no cost in sending millions of mails out and thus will be hindered but far from stopped by injecting wrong mail addresses! also you have to generate those fake addresses without the spammers getting behind your mechanism of randomizing the addresses and you MUST also take care NEVER to inject a valid mail address by chance!
there has actually been quite a discussion how to make mailing more "reliable" on a grand scale and i still find the idea of forcing mail servers to solve some computationally expensive computation rather nice. although this will cost legitimate service providers a little in hardware this will hit the mass mailers by far worse because they simply rely on cheaply mailing millions of mailings in a short time frame...
well, so much for "innocent" protocols used in a hostile, mercantilistic, hard-to-trace and more-or-less-anonymous environment...
Are they just *using* the product, or have they made proprietary modifications to it? If the former, they are not violating anything. Redistributing an *unmodified* copy of a GPLd program is not restricted.
YES IT IS!!
for commercial redistribution the binary has to be accompanied either by the source code or by a written offer to give you the source code for a nominal fee. (see GPL 3 a,b,c)
although the internet has fascilitated distribution of source code, you'd still have to make sure that the source code you are linking to will compile as exactly the same binary you are distributing. therefore you really should copy the source code you used to a server controlled by you in order to ensure the equivalence of binary and source code!
When the real world starts having examples of languages that solve these problems with only an additional overhead of 10-15% in memory and runtime versus C, your comment will start making some sense.
i know you will just shrug this off, but well-performing solutions to all kinds of problems were written in CAML, lisp, haskell, to some extent java,... claiming that "safe" languages have a performance hit of more than 15% is just wrong! for memory usage i partly agree, but then how could anything on earth use more memory than microsoft windows;-)). it is not just a coincidence that many companies have come to adopt java, as it allows safer software (no memory leaks, no dangerous pointer arithmetic, no reference/pointer duality) and for large programs the overhead of the java runtime environment has proven not to be the problem!
But for the kinds of code being talked about here, that are part of the OS, I want all the efficiency I can have.
how exactly are the internet explorer and the netscape/mozilla supposed to be part of the OS or really performance critical??
There's no reason you can't use a C++ basic_string from the STL for reading user input, and then drop it down to a C null-terminated string for processing.
i didn't say C can't be used to solve problems or that C is incapable of producing secure/safe software. but why go to the lengths of this kind of workaround, when there are viable alternative languages available. (apart from the fact, that the software industry should put a lot more effort in creating such viable alternatives!)
If your fixed-size string holds N chars, you're not SUPPOSED to be reading N characters into it. You're supposed to read N-1 characters into it and null-terminate the last character.
yup sorry for that typo/thinko, but that's just one of the things i am saying! the idiom of allocating and strcpy'ing is widely used (falsely, of course), but it still is! and being able to make 5 or more errors through minor typos for such a trivial thing as string copying is not really acceptable (for most applications).
my point was (formulated badly i admit) that you often get char pointer from elsewhere and have no idea whether the "string" you just got is actually null-terminated or not! ONE glitch and you'll never recover again and overwrite some memory instead! the glitch might occur in somebody elses code or in a library, but there is no way of knowing and THAT is a bad foundation for robust software!
Oh, that's right. You don't think easy solutions like that exist in C.
If you're going to make a point, try doing it like an adult.
i seem to have created a lot more animosity than intended. i really gotta work on not coming about as a total jack-ass, but i really can't understand why you are protecting C/C++ as a general purpose language. of course stringent coding practices make many problems go away, but the level of detail (as far as i see it) is too low to be able to concentrate on bigger issues! i have no problem at all with writing C-code when it is appropriate. but C++ being used by all kinds of non-masters of the language is pretty much a time-bomb!
<SARCASM> premature optimisation is supposed to be bad, but let's all just do without array bounds checking and generic variable initialisation because we are going to safe SOOO much time doing this! oh, and let's also not use function calls because they have a performance penalty and instead write one monolithic piece of code!!! </SARCASM>
we should be concentrating on solving the problems not how to avert shooting ourselves in the foot with the language we are using. why not develop in a "slow" and clean language and then optimise those bottlenecks that remain?? obviously i am not talking about system call implementations, but with our multi-GHz machines shouldn't we focus more on robust software that is developed more painlessly instead of going about programming as if we were toggling the operating system in in octal?
my apologies if i have been a jack-ass. as i said, i am going to work on that!
Because frequently it's the right tool for the job. Such as a lot of things, when you leave apparently religious preferences out of the debate.
full ack! C has its place as a language, but the predominance of C++ in application development stands in no proportion to its suitability for most high-level problems.
For inexperienced C (or likewise, assembly) programmers, you are correct. Perhaps those people should not be producing software in C that needs to be secure.
GREAT, so people will write insecure code in C until some day they are experienced enough to use it safely! if road traffic were managed like this i wouldn't dare leave my home!
Your example is bogus
AS i wrote myself. but you don't always have control over where you get your "strings" from and have no way of knowing whether they are actually null-terminated. and THAT is a bad thing in itself!
Once the null terminator has been lost, the data stored in the array is no longer a C string.
*whuppdidu*. so you NEVER allocated a string one short, i assume. maybe you are even infallible! the point of high-level programming languages is to reduce the binding between your machine and your programs and to offer a sane standard library which will allow you to write acceptable code with a few months! the arcane syntax-tricks and the not-so-suppreme standard library (see "gets", "strcpy",...) together with manual memory management make C a very powerfull and often well-performing tool, which will just as well might cause you serious harm the next moment! i am not at all against C as such! it is a marvelous step away from machine-dependant assembly code and just the right (well, hopefully;-) tool for operating systems and small system utilities. it may also be quite suitable for many huge software projects, but the fact of the matter is, that it takes you such a long time to learn all its hidden traps, that I don't see it as the suitable standard language for your average problem.
You have the choice not to use C strings, so it seems ridiculous for you to continue to use them when you have demonstrated that they are beyond your capability.
how can you be so arrogant?? "beyond my capability"!!! even if you had never had any problems with C char pointers, it would be rude to tell me about my capabilities and abilities with such an attitude. but i don't even think that you never made a mistake using them, so you better show some humility!
yes, alternatives are available, although not in the standard library of C (which is a strong shortcoming) and even if you are using the C++ string class, you won't be able to avoid all the syscalls involving C char pointers! (for example: using ostream::write will require you to use char pointers!)
How do you know that? What is the job? Or are you just generalizing?
okay, that was a bit of a generalization. but from the above it should be clear what i meant to say! please be a little humbler before accusing others of being incapable of using some arcane and dangerous technique.
OpenBSD and OpenVMS are written in C. Qmail and djbdns are written in C.
*oh*, come on now! qmail and djbdns are so limited in scope and LOC and were actually written with the sole purpose of being secure... that's comparing apples and oranges! of course you CAN write secure code in C. but at what COST?? is it really good to use a low-level language that was written with operating systems in mind for highly abstract software that doesn't need the 5/10/15 percent gain of performance?? shouldn't programmers rather concentrate on solving the problem in the most straightforward way conceivable and without having to worry about how to pass arrays, who is responsible for freeing variables and which of the 100 ways to copy a string is suitable??? why be so masochistic to use C/C++ when you could use some real high-level language? (note: i am writing c++ myself at the moment, but that is out of necessity not because i chose to!)
Is it difficult to prevent buffer overflows?
YES!
read only as many characters as the character array can store. (What a novel idea!)
in that case the strncpy is just BOGUS!! if the incoming string were actually null-terminated, the strncpy would not be neccessary and otherwise the strlen won't work! of course the above example is really dumb, but should you really have to think about copying a string (or even worse, need years of experience for this kind of thing)?
If you are writing a string, among other things, set the last possible character of that string to null, just in case.
YOU ARE SUCH A JOKER!!! how exactly are you going to find the last character if the string isn't null-terminated. and even if you calloc all your arrays, there will still be some bogus data in your string which could do quite some harm! it won't be a buffer overflow but surely some very weird behavior!
Among other things, the problem is that it takes individual effort to make sure every static-sized buffer isn't abused.
yes, true. but if strings were simply managed by adding the string length to the data type, much of the confusion would be ended! surely, many string data types do this, but for some reason they just aren't used!!! still, the main problem lies in C just being too low-level for the kind of abstract problems that are commonly solved with C++! it's just not the right language for the job!
at the risk of being totally flamed by all the ruby followers out there:
i have for quite some time now been programming in python and it just works like a CHARM!! i used to be so proud of my perl skills, but at some point i just felt dirty using perl and once i had started with python there DEFINITELY was no turning back! (well, maybe for a few-line regexp script...)
from what i have gathered about ruby, the distinction between ruby and python is really slight! the syntax of ruby is VERY similar to that of python and python's object orientation is really decent. so in case you have already started into python i wouldn't swap for ruby, but as i said, the difference seems rather marginal to me, so it doesn't make that much of a difference.
I'm sure Einstein didn't see it coming when his nuclear research was used to build the nuclear bomb and killed 100,000 people in Japan during WWII.
From http://www.doug-long.com/einstein.htm:
"The physicist Albert Einstein did not directly participate in the invention of the atomic bomb." "The atomic bomb related work that Einstein did was very limited and he completed it in two days during December 1941."
"Einstein's greatest role in the invention of the atomic bomb was signing a letter to President Franklin Roosevelt urging that the bomb be built."
"Einstein biographer Ronald Clark has observed that the atomic bomb would have been invented without Einstein's letters, but that without the early U.S. work that resulted from the letters, the a-bombs might not have been ready in time to use during the war on Japan"
"In November 1954, five months before his death, Einstein summarized his feelings about his role in the creation of the atomic bomb: "I made one great mistake in my life... when I signed the letter to President Roosevelt recommending that atom bombs be made; but there was some justification - the danger that the Germans would make them.""
well, he didn't have the concept of the atom bomb in mind when he published his wellknown formula E=mc^2. but when the germans seemed to be coming closer and closer to a working nuclear bomb, he still urgend roosevelt to push the american effort of developing and building one in order not to let the germans have this advantage!
You can't compare to the OSS project directly. You have to compare to the distro. Windows isn't perfect, linux isn't perfect, BSD isn't perfect, BeOS isn't perfect, OSX isn't perfect, Solaris isn't perfect.. Etc, etc.
"distributions"/systems like *BSD rely much less on binary distribution (i.e. only the core system is really shipped in binary) whereas most of the programs are installed from source (with pkgsrc/ the ports system) and it is thus very easy to just "update" one program which in turn will fetch the latest version from the DEVELOPER (sic!) and therefore for additional packages the overhead due to the "distribution" is very small!
personally, i found the technique used in waking life very refreshing and don't follow your "no-innovation" argument! of course the effects were at times quite disorienting and even disturbing. but as the animation filters were fitted to the actual surroundings, the topic of a discussion and the mood, the imagery took over a part that is usually reserved to the movie score/music.
i found it awesome and groundbreaking in a very sympathetic way, but as always your milage may vary!
*oh, my bad* good ol' phil should really have put some more effort into anticipating the future of 50 years ahead! nobody is averse to updating the technology a little to allow for the major leaps especially computing has taking during the last 50 years. but minority report (the movie) altered key issues of the plot. not that i didn't like the plot of the movie (although treating time paradoxes can be quite a drag sometimes).
disclaimer: i am actually an ardent linux user, but obviously i have my issues with the "free" operating systems. here are some pointers:
1. necessity of a deeper understanding: in linux/bsd no matter what kind of tool you use for configurations, you sooner or later will come to a point where an unrealistic (for "aunt tilly" that is;-) level of understanding is taken for granted. although this leads to an overall better grasp of how your system works (which is often cited as a positive side effect), most people will not want to invest this kind of time or simply aren't interested. (and i don't either. for example when figuring out how those printing services are SUPPOSED to work!)
2. configuration madness: after having configured a complex application, I often ask myself whether it was worth the time invested. prominent examples of such applications would be: exim, postfix, cyrus, mutt, apache,... i'm not saying the complex applications should be configurable in a jiffy, but sometimes you just don't WANT the complexity and would be OK with some (and especially FEW) sane default options!
3. drivers: of course it has become less of a problem during the last two years, but still there are problems especially with accelerated graphics drivers. this is more a problem of vendors not supporting their hardware for "minority" OSs, but it is still a pain in the ass being "forced" to use those binary nvidia drivers!
4. fragmentation: the flexibility and modularity of linux/unix/bsd which is such a huge PRO on the console and when scripting, actually becomes a drawback when looking at the desktop. the lack of a unified GUI style (including drag-and-drop, gtk-to-kde-bindings) especially in the how-to-do-things paradigms is often annoying. don't get me wrong: for me as a power user that is less of a problem, but for average joe having to figure out, exactly how burning a cd in xcdroast is supposed to work or why dragging mp3s into xmms won't work, will be a negative experience!
5. choice: in my opinion we should get rid (i.e. disadvise) of certain programs that are known to be unsafe but are still present in many distros. a prime example of how too much diversity can be detrimental is ftp clients. almost all ftp clients are unsafe and a "newbie" has a good chance of picking the worst in the pack, consequent to his inability/reluctance to look into all advisories and exploits of all available clients!
rest assured that i am a convinced linux user, but still with the above arguments can partly understand why non-power-users will feel uncertain about a switch although basically with a good distro many of the problems can be more or less successfully hidden from them!
well here's the reasons i can come up with in 5 minutes:
1. scripting: i LOVE scripting! without some nice bash/perl/python scripts and the heavy usage of piping, bash variables, etc. an operating system would be more of a hindrance than a help!
1b. automation: automation together with scriptability is just the greatest. schedule some event for tomorrow, start anything in a screen session and connect from somewhere else lateron, convert all your filenames into something else, schedule backups, schedule reboots, *you name it*.
1c. remote access: any OS that doesn't allow remote access which differs in no way from local access is crap (hmm, hopefully remote sound support comes soon for X). windows incapability to allow transparent and easy remote access is one of the main reasons of not using it for anything but desktop. having a windows server and being responsible for administrating it remotely (as you most likely will, if sitting in some basement ain't your thang) is the most horrible nightmare imagineable!
2. transparency: i just trashed one of my file-systems (i WAS actually my fault). but linux/unix allowed me to repair what was left and most of all give me the CHANCE to spend as much time as i wanted! with proprietary systems you often have to rely on shoddy support (if you have any).
3. community: this has actually little to do with a specific system, but the open-ness of linux/bsd produces a better community. in free/open software there is so much know-how available on the internet with most of your questions already answered, and if not capable individuals in forums, IRC, newsgroups!
4. fixeability: windows give little choice when it comes to fixing bugs. the little you can do in the registry is most likely to trash your whole system (which you then will have no chance of reviving!). you CAN very well destroy a linux system, but much of the configuration files can be saved.
5. security: windows just sucks when it comes to securing against trojans, virii, worms! with A LOT of effort you can clamp everything down to a state where a w2k/wxp system can be called secure, but with stringent (it could be better) user separation of unix, compromising one service does not necessarily mean compromise of the whole system, as it does in most cases under windows.
6. extendability: in non-windows OSs (i.e. linux/bsd) you always have the chance to go further. if the system isn't secure enough, configure SELinux. if you would like some additional feature in the kernel, patch it. if you want perfectly configured mutt/exim/fetchmail/apache/cyrus spend hours over hours and get it the way you want!
7. choice: having the choice of several programs for one job is often a nuissance and will likely take you a while to figure out which one is best suited. but this inconveniance still beats having less choice (as you DO under windows!).
8. price;-)
9. modularity: nobody is forcing you to update to such and such, update your operating system to install an office suite or anything like that. with the compile-from-source approach, almost any program should run under almost any posix-compatible OS (if written with compatibility in mind) and therefore put no pressure on the users as to what OS to use!
9. freedom: the certainty that you will NEVER have to do with anything less than you have today. the good feeling that a free-software community is building software for the future which will not be obliterated in a 5-year-cycle. sure, the bazaar model has its drawbacks, but the freedom from monopolistic enterprises which try to force you into dependencies (i.e. the MS Office format) should clearly be more important than the little comfort you gain over free alternatives (with notable exceptions of course).
i surely have forgotton many reasons (as well as not mention some drawbacks of not using windows), but the above should cover it for now;-)
Slashdot Mirror
alltogether quite a nice article. nothing most slashdotters didn't know yet, but still rather good.
but for some reason he had to put those nasty exagerations in there, and that's just again an example of partisan and ideological marketing!
the linux kernel is [...] the impossible notion that a bunch of kids on the Internet could create the most successful operating system in history come true.
it wasn't exactly kids and the term "most successful OS" might be swaying a BIT far from the truth!
Once again, it was piracy of public software. Stolen in order to increase Bill Gates' personal fortune. But it was legal theft.
come on, watch your language. don't throw the ridiculous piracy concept back at bill gates and what the hell is "legal theft" supposed to be? this language is no better than the whole "viral license" propaganda!
But Linux is immune to most of the kneecap-busting, air-supply cutting, baby-knifing techniques that Microsoft is so fond of.
i am no fan of microsoft, but i still find this rather harsh. if the article were meant to be journalistic, this would SO not qualify for an objective perspective!
well, all in all i totally agree with the author. but maybe he should cut back on the ideological and radical lingo!
jethr0
i really don't want to play down the problems linux has with its development model and i sure have heard great things about the microsoft development process!
but i'd rather have a more secure system now, which lacks in development stringency, then a provenly unsafe system which can prove exactly when, why and how their bugs came into the system...
microsoft is just far too lax concerning their outward security policy (like not caring about the blatant RC4 exploit). their "patch day" with all those patches that never quite close the exploits is just a farce!
well, gnu/linux with all its applications has had a bad streak of exploits as well recently and i would strongly recommend a stricter development process, but if i were microsoft i'd definitely tone down on the linux-is-insecure-and-lacks-accountability bashing and instead invest some serious effort in making my own product look a little more convincing and less like the bug-ridden security hole that it is!
jethr0
sure, i am no stranger to the debugger...
but when you have pointer running wild the debugger ain't of much help because the segfault will occur at a different place in the code than the original mis-allocation!
jethr0
yep, the technical background of programming is important and maybe every programmer should know his C/assembly in order to understand the pipelining, cacheing and the different costs of basic operations.
;-))
but as more and more complex software is demanded from designers and programmers, i see the future in languages that abstract from the von-neumann-style of programming towards a style in which you can actually hold the solution to a complex problem in your head instead of micro-optimising your solution, pointer juggling, and so forth.
you should be able to construct sensible abstractions for a problem in a very short time so that you can then concentrate wholly on solving the problem at hand and not whether this operation costs more than that operation. and languages like C don't "allow" fast/prototype-like abstractions and instead force the micro-optimisation approach on you.
Premature Optimisation is the root of all evil and in my eyes C is the root of premature optimisation.
of course for low-level problems like operating systems every microsecond counts and one doesn't necessarily have the luxury of wasting valuable cpu time on garbage collection, BUT for mission critical software some kind of proving that the solution conforms to the specification would be nice to have, and functional languages like haskell make those kinds of proofs much easier than side-effect-maniac languages like C.
finding a bug in bad C code is nearly impossible (believe me, i have written my share of horrible C/C++ code) due to the side effects and manual memory management. finding a bug in pure functional languages is far easier because the bug only has a local effect instead of a global fandango-on-core.
so much for my rant; feel free to flame back
jethr0
for all those yammering about the many brackets in lisp: how exactly is polluting your code with xml-tags better??
LISP/scheme is an incredibly extensible language and after having spent the last days learning the basics of haskell, i really wonder how on earth an inferior language like "C++" could ever become this popular!
for low-level stuff, C is a great language but when it comes to prototyping complex algorithms or simply trying out some whacky ideas, imperative languages like C++ keep your mind so very busy with memory allocation, pointer arithmetic and weird segmentation faults that the chance of finally implementing some intricate algorithm in such a language is really slim (and will definitely produce a HUGE headache).
i am not saying that LISP/scheme/OCAML/haskell (to name just a few [very different] functional and multi-paradigm languages) are so much better for all tasks, but if people were simply introduced to one of these languages early on, this might have a very beneficial effect on their programming style in any other language.
and as for extensibility, LISP is seriously unbeatable with its powerful macros and the duality of code and data!
well, you do your thing with patched-on xml tags in your code and i'm just gonna stick to the languages that were actually thought through!
jethr0
i have said it before and i will say it again: only because more and more people stand up to state how superior and ultra-safe linux is, won't necessarily make it so!
...) ...). therefore it is as questionable a time to glorify linux as it will ever be.
if it is indeed true what this study claims then i am the first to applaude the kernel guys and the distribution makers.
but there are facts that won't change:
- software monoculture is BAD (no matter what the monoculture consists of)
- linux is NOT the safest alternative out there (compare *BSD, VMS,
- there have been an alarming number of exploits as well for the kernel itself (local root exploits, anybody) as also many exploits for user land applications (mplayer, mpeg123, mozilla,
SECURITY IS A PROCESS NOT A STATE!
please, dear media (and also dear slashdot), make an effort to educate people in security matters instead of putting some solution on the "security pedestal". don't make claims about the absolute security of any alternative.
the complete solution is what makes and breaks security, not the components, and without adequate, highly trained and proficient personell it will always be near impossible to achieve truly secure (whatever THAT means) solutions.
well, at least the uprising unices make it easier for the proficient and maybe even raise the security bar for the amateurs, but alas this is not an end to itself!
jethr0
after playing too much carmageddon (a really tasteless game where you overrun people with your car in a first-person perspective) I came to know its dangerous effects when considering while driving in RL how many points the inline skater at the side of the road would bring...
and after playing loads of "need for speed 2 underground" and flatout (also a racing game) which is especially fun on icy roads, i had to remind myself that i wasn't playing it anymore when really driving on ice covered roads after the game session! these things can get really dangerous when you overestimate your driving skills or the car configuration right after having played a racing game.
the effect usually fades within an hour or so, but technically it should be forbidden to drive just after having played a "realistic" car related game!
also, after many, many hours of counter strike i found myself checking out rooms for possible cover and would think ahead for strategies to use when ambushed. this was actually fun even in RL but without doubt shows how very attached one gets to the patterns learned during hours of continuing immersive gameplay!
jethr0
here's an idea:
... and can happily host the site (maybe under a slightly different name) elsewhere!
;-))
why don't the guys responsible for all these site simply put the content of their databases as well as the CMS configuration on their own site for anyone to mirror!
if the site is then taken down, someone will have all the latest torrent links, forums,
shouldn't be that much of a problem, not have the owners of the original site commit any crime AFTER having been taken down and would take care of our need for good p2p links
jethr0
the Makefile is clearly there, but for some reason, make won't accept it??well, and it has been playing wonderful music ever since!
i'll have to automate the process somehow, but maybe i can even use the same player for different audio cds...
off, to fix my make tools,
jethr0
and TRYING IT OUT on a unix system might have helped too!!!
jethr0
BTW: how the hell did root get write access for CDROMs on your machine???
i call bullsh*t to all these partisan studies! "windows better", "linux better", ... why won't this stop at least from the "good guys" and let's all have some objective analysis of the REAL cost/benefit situation instead of each side stubbornly stating how superior and infallible they are!
linux has a severe lack of a stringent development process, does little coordinated code reviews and is a big lump of monolithic code!
yet, the discovery-bugfix time is quite acceptable and with enough background knowledge the stability and performance is quite good. but why trash (implicitely) the quality of the alternatives? *BSD and solaris for example are definitely superior to GNU/linux in some areas and have an excellent track record at security, stability. why do we have to worship linux as the non-plus-ultra when in fact it simply is a respectable alternative to windows on the server?
oh, sure, windows has its problems, but at its core the once-microkernel approach is not all that bad and bad drivers will crash linux just as well as windows!
but apart from shady business practices and horrible reaction times to exploitable holes (patch day, anyone?) microsoft is actually making an effort and has some development practices in place that wouldn't be such a bad idea for the open-source community to adopt like nightly regression tests and driver certification.
i am far from saying how wonderful microsoft is as a software producer, but simply bashing them all the time (even if in self defense) won't make the open-source movement look any better!
come on! give a little respect to the *BSD guys who are actually making an effort of code reviews and an emphasis on security! and even give some credit to microsofts (recent) efforts to work towards security (even if in vain when faced with the horrid IE code base)...
open source has HUGE issues with code quality and developer trust, so we shouldn't mouth off about our superiority until we can make sure that total chaos won't break out with the next kernel release!
doing your cutting-edge development in the current "stable" kernel is just as bad as many things microsoft is doing!
jethr0
I guarantee you would see a lot more spam, both from small-timers driven straight, to the loss of business incurred by hardcore spammers who implement countermeasures against us (complex javascript tests, etc) that also drive away legit customers, if this wasn't being done.
.wmv to deliver video wastes a lot more bandwidth than a couple net cops with spam vampire.
yeah, great, and we could reduce crime rate by simply stoning suspects to death right at the site of the crime!!! but that is not a good solution - keeping down criminal activity might be considered by some to be LESS IMPORTANT than civil liberties and human rights. and a similar question arises when the vigilante justice of spammers is discussed!
As for innocent sites being hit, the chances are extremely improbable; your bringing up that idea only shows your unfamiliarity with the process.
jep, not everybody can be such a self-righteous zorro-like avenger of the helpless as yourself; being so familiar with the process and all!
also this depends to a huge extent on how one defines "innocent". i read recently that 80% of the spam are sent by trojan-infected workstations... how exactly is DOSing those computers harming the spammers? and how culpable is the workstation's owner of sending spam??
[...] Idiot pornsite webmasters using
don't answer my arguments with examples of worse bandwidth usage!! that's like saying in court: "yes, my client did rob the bank, but the previous robbers even killed a guard. shouldn't you be out catching them instead of going after my client?"
i didn't know we had an appointed "net police" on the internet... OHHH, you are talking about self-righteous people who don't care about the spammer's provider or who the addresses they are attacking belong to. well, those are just REALLY GREAT GUYS!
in the "real world" two wrongs don't make a right and i don't see why the rules of the internet should differ that much from "real" law! denial of service should be a punishable offense no matter against whom it was directed. citizens ought not take the law in their own hands, but leave the punishment of criminals to the governments, etc.
i know there isn't yet any real action against spammers from the governments, but vigilante justice is NO SOLUTION to this problem! send their providers mails notifying them of illegal activity from their address range or something, but don't start bombing random addresses!
jethr0
- "blocklists" are also questionable because the maintainers of these lists gain a lot of power and often ask for huge amounts of money for address-ranges which were accidentally added to be removed again!
- "teergruben" are a nice idea, but they would have to rely on source address filtering or only kick in after a few hundred messages. and if the spammer simple multithreads his sending "server" he might not be THAT bothered with slower delivery, as he can have thousands of concurrent deliveries, totally bogging down the receiving server!
and also, if teergruben should just be the exception it is trivial to add a timeout to the delivery routine to abort after 1 minute or so of trying to deliver!
- "bandwidth suckers" - this is just the kind of anarchistic vigilante justice that SHOULD SIMPLY NOT occur! even if it were not for the "collateral damage" to the network infrastructure and "innocent" pages being accidently hit, this is no better than stoning criminal suspects to death without proper trial...
- "sugarplums" - this idea is actually pretty good but looking at the small return that spammers are getting at the moment this won't really slow them down much. even at 1% reached mail addresses the spammers still have virtually no cost in sending millions of mails out and thus will be hindered but far from stopped by injecting wrong mail addresses! also you have to generate those fake addresses without the spammers getting behind your mechanism of randomizing the addresses and you MUST also take care NEVER to inject a valid mail address by chance!
there has actually been quite a discussion how to make mailing more "reliable" on a grand scale and i still find the idea of forcing mail servers to solve some computationally expensive computation rather nice. although this will cost legitimate service providers a little in hardware this will hit the mass mailers by far worse because they simply rely on cheaply mailing millions of mailings in a short time frame...
well, so much for "innocent" protocols used in a hostile, mercantilistic, hard-to-trace and more-or-less-anonymous environment...
jethr0
Are they just *using* the product, or have they made proprietary modifications to it? If the former, they are not violating anything. Redistributing an *unmodified* copy of a GPLd program is not restricted.
YES IT IS!!
for commercial redistribution the binary has to be accompanied either by the source code or by a written offer to give you the source code for a nominal fee. (see GPL 3 a,b,c)
although the internet has fascilitated distribution of source code, you'd still have to make sure that the source code you are linking to will compile as exactly the same binary you are distributing. therefore you really should copy the source code you used to a server controlled by you in order to ensure the equivalence of binary and source code!
jethr0
When the real world starts having examples of languages that solve these problems with only an additional overhead of 10-15% in memory and runtime versus C, your comment will start making some sense.
... ;-)). it is not just a coincidence that many companies have come to adopt java, as it allows safer software (no memory leaks, no dangerous pointer arithmetic, no reference/pointer duality) and for large programs the overhead of the java runtime environment has proven not to be the problem!
i know you will just shrug this off, but well-performing solutions to all kinds of problems were written in CAML, lisp, haskell, to some extent java,
claiming that "safe" languages have a performance hit of more than 15% is just wrong! for memory usage i partly agree, but then how could anything on earth use more memory than microsoft windows
But for the kinds of code being talked about here, that are part of the OS, I want all the efficiency I can have.
how exactly are the internet explorer and the netscape/mozilla supposed to be part of the OS or really performance critical??
There's no reason you can't use a C++ basic_string from the STL for reading user input, and then drop it down to a C null-terminated string for processing.
i didn't say C can't be used to solve problems or that C is incapable of producing secure/safe software. but why go to the lengths of this kind of workaround, when there are viable alternative languages available. (apart from the fact, that the software industry should put a lot more effort in creating such viable alternatives!)
If your fixed-size string holds N chars, you're not SUPPOSED to be reading N characters into it. You're supposed to read N-1 characters into it and null-terminate the last character.
yup sorry for that typo/thinko, but that's just one of the things i am saying! the idiom of allocating and strcpy'ing is widely used (falsely, of course), but it still is! and being able to make 5 or more errors through minor typos for such a trivial thing as string copying is not really acceptable (for most applications).
my point was (formulated badly i admit) that you often get char pointer from elsewhere and have no idea whether the "string" you just got is actually null-terminated or not! ONE glitch and you'll never recover again and overwrite some memory instead!
the glitch might occur in somebody elses code or in a library, but there is no way of knowing and THAT is a bad foundation for robust software!
Oh, that's right. You don't think easy solutions like that exist in C.
If you're going to make a point, try doing it like an adult.
i seem to have created a lot more animosity than intended. i really gotta work on not coming about as a total jack-ass, but i really can't understand why you are protecting C/C++ as a general purpose language.
of course stringent coding practices make many problems go away, but the level of detail (as far as i see it) is too low to be able to concentrate on bigger issues! i have no problem at all with writing C-code when it is appropriate. but C++ being used by all kinds of non-masters of the language is pretty much a time-bomb!
<SARCASM>
premature optimisation is supposed to be bad, but let's all just do without array bounds checking and generic variable initialisation because we are going to safe SOOO much time doing this!
oh, and let's also not use function calls because they have a performance penalty and instead write one monolithic piece of code!!!
</SARCASM>
we should be concentrating on solving the problems not how to avert shooting ourselves in the foot with the language we are using. why not develop in a "slow" and clean language and then optimise those bottlenecks that remain?? obviously i am not talking about system call implementations, but with our multi-GHz machines shouldn't we focus more on robust software that is developed more painlessly instead of going about programming as if we were toggling the operating system in in octal?
my apologies if i have been a jack-ass. as i said, i am going to work on that!
jethr0
Because frequently it's the right tool for the job. Such as a lot of things, when you leave apparently religious preferences out of the debate.
...) together with manual memory management make C a very powerfull and often well-performing tool, which will just as well might cause you serious harm the next moment! ;-) tool for operating systems and small system utilities. it may also be quite suitable for many huge software projects, but the fact of the matter is, that it takes you such a long time to learn all its hidden traps, that I don't see it as the suitable standard language for your average problem.
full ack! C has its place as a language, but the predominance of C++ in application development stands in no proportion to its suitability for most high-level problems.
For inexperienced C (or likewise, assembly) programmers, you are correct. Perhaps those people should not be producing software in C that needs to be secure.
GREAT, so people will write insecure code in C until some day they are experienced enough to use it safely! if road traffic were managed like this i wouldn't dare leave my home!
Your example is bogus
AS i wrote myself. but you don't always have control over where you get your "strings" from and have no way of knowing whether they are actually null-terminated. and THAT is a bad thing in itself!
Once the null terminator has been lost, the data stored in the array is no longer a C string.
*whuppdidu*. so you NEVER allocated a string one short, i assume. maybe you are even infallible!
the point of high-level programming languages is to reduce the binding between your machine and your programs and to offer a sane standard library which will allow you to write acceptable code with a few months!
the arcane syntax-tricks and the not-so-suppreme standard library (see "gets", "strcpy",
i am not at all against C as such! it is a marvelous step away from machine-dependant assembly code and just the right (well, hopefully
You have the choice not to use C strings, so it seems ridiculous for you to continue to use them when you have demonstrated that they are beyond your capability.
how can you be so arrogant?? "beyond my capability"!!!
even if you had never had any problems with C char pointers, it would be rude to tell me about my capabilities and abilities with such an attitude. but i don't even think that you never made a mistake using them, so you better show some humility!
yes, alternatives are available, although not in the standard library of C (which is a strong shortcoming) and even if you are using the C++ string class, you won't be able to avoid all the syscalls involving C char pointers! (for example: using ostream::write will require you to use char pointers!)
How do you know that? What is the job? Or are you just generalizing?
okay, that was a bit of a generalization. but from the above it should be clear what i meant to say!
please be a little humbler before accusing others of being incapable of using some arcane and dangerous technique.
jethr0
OpenBSD and OpenVMS are written in C. Qmail and djbdns are written in C.
/* something else using the copy destructibly */
*oh*, come on now! qmail and djbdns are so limited in scope and LOC and were actually written with the sole purpose of being secure... that's comparing apples and oranges!
of course you CAN write secure code in C. but at what COST?? is it really good to use a low-level language that was written with operating systems in mind for highly abstract software that doesn't need the 5/10/15 percent gain of performance??
shouldn't programmers rather concentrate on solving the problem in the most straightforward way conceivable and without having to worry about how to pass arrays, who is responsible for freeing variables and which of the 100 ways to copy a string is suitable??? why be so masochistic to use C/C++ when you could use some real high-level language?
(note: i am writing c++ myself at the moment, but that is out of necessity not because i chose to!)
Is it difficult to prevent buffer overflows?
YES!
read only as many characters as the character array can store. (What a novel idea!)
someFunc(char *str)
{
char *copyOfString = (char*) malloc(sizeof(char) * (strlen(str) + 1));
strncpy(copyOfString, str, strlen(str));
}
in that case the strncpy is just BOGUS!! if the incoming string were actually null-terminated, the strncpy would not be neccessary and otherwise the strlen won't work! of course the above example is really dumb, but should you really have to think about copying a string (or even worse, need years of experience for this kind of thing)?
If you are writing a string, among other things, set the last possible character of that string to null, just in case.
YOU ARE SUCH A JOKER!!! how exactly are you going to find the last character if the string isn't null-terminated. and even if you calloc all your arrays, there will still be some bogus data in your string which could do quite some harm! it won't be a buffer overflow but surely some very weird behavior!
Among other things, the problem is that it takes individual effort to make sure every static-sized buffer isn't abused.
yes, true. but if strings were simply managed by adding the string length to the data type, much of the confusion would be ended! surely, many string data types do this, but for some reason they just aren't used!!! still, the main problem lies in C just being too low-level for the kind of abstract problems that are commonly solved with C++! it's just not the right language for the job!
jethr0
at the risk of being totally flamed by all the ruby followers out there:
i have for quite some time now been programming in python and it just works like a CHARM!!
i used to be so proud of my perl skills, but at some point i just felt dirty using perl and once i had started with python there DEFINITELY was no turning back! (well, maybe for a few-line regexp script...)
from what i have gathered about ruby, the distinction between ruby and python is really slight! the syntax of ruby is VERY similar to that of python and python's object orientation is really decent.
so in case you have already started into python i wouldn't swap for ruby, but as i said, the difference seems rather marginal to me, so it doesn't make that much of a difference.
I'm sure Einstein didn't see it coming when his nuclear research was used to build the nuclear bomb and killed 100,000 people in Japan during WWII.
From http://www.doug-long.com/einstein.htm:
"The physicist Albert Einstein did not directly participate in the invention of the atomic bomb."
"The atomic bomb related work that Einstein did was very limited and he completed it in two days during December 1941."
"Einstein's greatest role in the invention of the atomic bomb was signing a letter to President Franklin Roosevelt urging that the bomb be built."
"Einstein biographer Ronald Clark has observed that the atomic bomb would have been invented without Einstein's letters, but that without the early U.S. work that resulted from the letters, the a-bombs might not have been ready in time to use during the war on Japan"
"In November 1954, five months before his death, Einstein summarized his feelings about his role in the creation of the atomic bomb: "I made one great mistake in my life... when I signed the letter to President Roosevelt recommending that atom bombs be made; but there was some justification - the danger that the Germans would make them.""
well, he didn't have the concept of the atom bomb in mind when he published his wellknown formula E=mc^2. but when the germans seemed to be coming closer and closer to a working nuclear bomb, he still urgend roosevelt to push the american effort of developing and building one in order not to let the germans have this advantage!
jethr0
You can't compare to the OSS project directly. You have to compare to the distro.
Windows isn't perfect, linux isn't perfect, BSD isn't perfect, BeOS isn't perfect, OSX isn't perfect, Solaris isn't perfect.. Etc, etc.
"distributions"/systems like *BSD rely much less on binary distribution (i.e. only the core system is really shipped in binary) whereas most of the programs are installed from source (with pkgsrc/ the ports system) and it is thus very easy to just "update" one program which in turn will fetch the latest version from the DEVELOPER (sic!) and therefore for additional packages the overhead due to the "distribution" is very small!
personally, i found the technique used in waking life very refreshing and don't follow your "no-innovation" argument!
of course the effects were at times quite disorienting and even disturbing. but as the animation filters were fitted to the actual surroundings, the topic of a discussion and the mood, the imagery took over a part that is usually reserved to the movie score/music.
i found it awesome and groundbreaking in a very sympathetic way, but as always your milage may vary!
*oh, my bad*
good ol' phil should really have put some more effort into anticipating the future of 50 years ahead!
nobody is averse to updating the technology a little to allow for the major leaps especially computing has taking during the last 50 years.
but minority report (the movie) altered key issues of the plot. not that i didn't like the plot of the movie (although treating time paradoxes can be quite a drag sometimes).
jethr0
What keeps you off of Linux?
;-) level of understanding is taken for granted. although this leads to an overall better grasp of how your system works (which is often cited as a positive side effect), most people will not want to invest this kind of time or simply aren't interested.
... i'm not saying the complex applications should be configurable in a jiffy, but sometimes you just don't WANT the complexity and would be OK with some (and especially FEW) sane default options!
disclaimer: i am actually an ardent linux user, but obviously i have my issues with the "free" operating systems. here are some pointers:
1. necessity of a deeper understanding: in linux/bsd no matter what kind of tool you use for configurations, you sooner or later will come to a point where an unrealistic (for "aunt tilly" that is
(and i don't either. for example when figuring out how those printing services are SUPPOSED to work!)
2. configuration madness: after having configured a complex application, I often ask myself whether it was worth the time invested. prominent examples of such applications would be: exim, postfix, cyrus, mutt, apache,
3. drivers: of course it has become less of a problem during the last two years, but still there are problems especially with accelerated graphics drivers. this is more a problem of vendors not supporting their hardware for "minority" OSs, but it is still a pain in the ass being "forced" to use those binary nvidia drivers!
4. fragmentation: the flexibility and modularity of linux/unix/bsd which is such a huge PRO on the console and when scripting, actually becomes a drawback when looking at the desktop. the lack of a unified GUI style (including drag-and-drop, gtk-to-kde-bindings) especially in the how-to-do-things paradigms is often annoying. don't get me wrong: for me as a power user that is less of a problem, but for average joe having to figure out, exactly how burning a cd in xcdroast is supposed to work or why dragging mp3s into xmms won't work, will be a negative experience!
5. choice: in my opinion we should get rid (i.e. disadvise) of certain programs that are known to be unsafe but are still present in many distros. a prime example of how too much diversity can be detrimental is ftp clients. almost all ftp clients are unsafe and a "newbie" has a good chance of picking the worst in the pack, consequent to his inability/reluctance to look into all advisories and exploits of all available clients!
rest assured that i am a convinced linux user, but still with the above arguments can partly understand why non-power-users will feel uncertain about a switch although basically with a good distro many of the problems can be more or less successfully hidden from them!
well here's the reasons i can come up with in 5 minutes:
;-)
;-)
1. scripting: i LOVE scripting! without some nice bash/perl/python scripts and the heavy usage of piping, bash variables, etc. an operating system would be more of a hindrance than a help!
1b. automation: automation together with scriptability is just the greatest. schedule some event for tomorrow, start anything in a screen session and connect from somewhere else lateron, convert all your filenames into something else, schedule backups, schedule reboots, *you name it*.
1c. remote access: any OS that doesn't allow remote access which differs in no way from local access is crap (hmm, hopefully remote sound support comes soon for X). windows incapability to allow transparent and easy remote access is one of the main reasons of not using it for anything but desktop. having a windows server and being responsible for administrating it remotely (as you most likely will, if sitting in some basement ain't your thang) is the most horrible nightmare imagineable!
2. transparency: i just trashed one of my file-systems (i WAS actually my fault). but linux/unix allowed me to repair what was left and most of all give me the CHANCE to spend as much time as i wanted! with proprietary systems you often have to rely on shoddy support (if you have any).
3. community: this has actually little to do with a specific system, but the open-ness of linux/bsd produces a better community. in free/open software there is so much know-how available on the internet with most of your questions already answered, and if not capable individuals in forums, IRC, newsgroups!
4. fixeability: windows give little choice when it comes to fixing bugs. the little you can do in the registry is most likely to trash your whole system (which you then will have no chance of reviving!). you CAN very well destroy a linux system, but much of the configuration files can be saved.
5. security: windows just sucks when it comes to securing against trojans, virii, worms! with A LOT of effort you can clamp everything down to a state where a w2k/wxp system can be called secure, but with stringent (it could be better) user separation of unix, compromising one service does not necessarily mean compromise of the whole system, as it does in most cases under windows.
6. extendability: in non-windows OSs (i.e. linux/bsd) you always have the chance to go further. if the system isn't secure enough, configure SELinux. if you would like some additional feature in the kernel, patch it. if you want perfectly configured mutt/exim/fetchmail/apache/cyrus spend hours over hours and get it the way you want!
7. choice: having the choice of several programs for one job is often a nuissance and will likely take you a while to figure out which one is best suited. but this inconveniance still beats having less choice (as you DO under windows!).
8. price
9. modularity: nobody is forcing you to update to such and such, update your operating system to install an office suite or anything like that. with the compile-from-source approach, almost any program should run under almost any posix-compatible OS (if written with compatibility in mind) and therefore put no pressure on the users as to what OS to use!
9. freedom: the certainty that you will NEVER have to do with anything less than you have today. the good feeling that a free-software community is building software for the future which will not be obliterated in a 5-year-cycle. sure, the bazaar model has its drawbacks, but the freedom from monopolistic enterprises which try to force you into dependencies (i.e. the MS Office format) should clearly be more important than the little comfort you gain over free alternatives (with notable exceptions of course).
i surely have forgotton many reasons (as well as not mention some drawbacks of not using windows), but the above should cover it for now
At least Zuse went to work with the allies instead of the Soviets after the war.
what a shame, the soviets being such an integral part of the allied forces!