Slashdot Mirror


User: IamTheRealMike

IamTheRealMike's activity in the archive.

Stories
0
Comments
5,855
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 5,855

  1. Re:Did I miss a memo or something? on Programming .NET Components · · Score: 2, Insightful
    Like the reviews author says, I find COM concepts very easy to grasp and quite interesting. Compared to CORBA, it is indeed very easy to use.

    Eeek! Maybe actually trying to understand Wines implementation of DCOM has fried my mind, but COM/DCOM cannot possibly ever be called conceptually easy. Oh sure, the IUnknown/ClassFactory stuff, while a pain in the ass, is easy enough to understand.

    Now start trying to implement late binding on your object so it's usable from JavaScript. You do that by implementing IDispatch right? Wrong. IDispatch is such a horribly complex interface that MSDN recommends you don't try and implement it, because you'll get it wrong - and they're right, you will. Instead, you should use the provided typelib invokers. Now you have to describe your object using a typelib. There are two different typelib file formats, and they can be standalone or embedded in DLLs.

    Of course, IDispatch binds on an interface, but you have to be careful - due to obscure implementation details, you can't have more than one of them. Therefore, you have to choose a primary interface to be your dispinterface.

    Careful! You initialized OLE Automation (a part of DCOM) but forgot to process the message loop, didn't you? Now everything is locking up, right? You just have to know that inter-thread RPC in DCOM takes place via window messages, so bash that loop boy. Just be aware that the DCOM runtime runs its own message loop for re-entrancy reasons, so you could find your WndProc running while another part of the code is supposedly blocking on a remote interface call.

    Confused yet?

  2. Re:Wine? on FWB Admits RealPC for Mac OS X was Vaporware · · Score: 1
    All of those apps have equivalents on Windows. Now, you can certainly argue that they are so great, it justifies the purchase and training cost of a Mac, but they aren't "killer" apps unless you already have data tied up in them. Killer apps are typically custom business software, games (which are of course always unique), but rarely publicly sold applications.

    Anyway, even if there were such apps, one or two simply aren't enough, you need hundreds to make writing an emulator worthwhile.

    Besides, I'd note that at least one of them are apps bought by Apple, in order to force users of them to buy a Mac. Great business ethics there...

  3. Re:Wine? on FWB Admits RealPC for Mac OS X was Vaporware · · Score: 1
    Actually, contrary to what many have just said, running Wine on MacOS is indeed possible. In fact, the work to make WineLib function has already been done.

    That means if you have the source code, you can recompile and get native execution speeds.

    Combined with QEMU, that means that at least in theory you could run x86 Win32 binaries on MacOS. I can't comment on what the speed would be like. Probably not good enough for hard core gamers, but perhaps good enough for applications.

    Personally, I think it's a terrible idea. Wine is a testament to the problems proprietary APIs and lockin can cause - to port it to a platform with equally proprietary APIs and lockin is just begging for history to repeat itself. I for one don't fancy having to have a Mace anytime soon.

    The realist in me says that'll never happen of course, there are no killer apps for MacOS (no, the iApps don't count, I'm talking about functionally unique software), and there probably won't be for a very long time, if ever. But, that doesn't change the fact that it's a Really Really Bad Idea to encourage people to write to non-portable APIs (which basically means APIs with no free software implementation).

  4. Re:gcc dynamic linking? on What to Expect From Qt 4 · · Score: 4, Interesting
    That's what all the talk about reducing number of symbols and relocs is about - KDE got hit really really hard by the way it requiries lots of fixup at startup time in the linker. In some cases it was THE biggest drain on startup time. By reducing the number of symbols in the code, you reduce the work needed to dynamically link it all, so improving the speed.

    Though, I can't help thinking that prelink is a better solution to that problem. But whatever, they are surely aware of that technology by now.

  5. Re:Why turn KDE into Gnome? on What to Expect From Qt 4 · · Score: 4, Informative
    I guess you'll be pleased to hear that GNOME 2 remains fully backwards compatible throughout the 2.x cycle - in the history of the project, it's broken compatability in a major way only once, compared to KDEs 2 times (though 2->3 was extremely trivial for 99% of apps).

    Mono is entirely irrelevant - it's not related to the GNOME project other than having Miguel/Ximian involved, and you are certainly not forced to use it to write GNOME apps.

    Basically, I think you're misinformed - if you write an app for GTK2/GNOME2, it will continue to work for quite a long time, until the next major revision (which is going to be needed simply in order to properly sync KDE and GNOME around standards eventually anyway). So, I don't know what you're complaining about really.....

  6. Re:Psychology plays a role on Is Linux as Secure as We'd Like to Think? · · Score: 1
    Actually, ADVAPI et al relay through to NTDLL, which in turn interrupts down into the kernel. If you read the DDK, you can see kernel level registry APIs, as some drivers expose information through it etc.

    Likewise GDI32, USER32 etc are the userland API equivalents, but they actually manipulate kernel-level objects. Obviously an API call to GDI32.DLL is far easier than performing a kernel system call.

  7. Re:Here's my rant on human stupidity... on Is Linux as Secure as We'd Like to Think? · · Score: 1
    You're assuming there's X running, that the X version is compatible with your program, that X runs locally and not remotely. What widget set will the password prompt use? Xlib?

    Well, I'm assuming a desktop scenario here, ie the sort of typical Windows install that is currently blasting me with SoBig.F - in this case having some version of GTK installed is almost a given, ditto for having X running.

    See, the very premise you're starting from is far from a given. You can't compile a piece of code and expect it to simply run on any Linux machine. It may run on many but nowhere near the 100% you can reach with Windows.

    Why not? In fact you can do exactly that. If you assume, as I am, that the majority of Linux desktops in the future will vaguely resemble Red Hat, SuSE or Mandrake today, then it's certainly possible to write a piece of code that will execute on pretty much any desktop. Linux is more binary compatible than people tend to think.

    The concept of "running an attachment" is close to non-existent in Linux environments

    It's pretty easy to run programs. "Hi, I have this wicked screensaver, just save it to your home directory and type 'sh cool_screensaver'". I can see people falling for that as easily as they fall for viruses tricks today.

    Which adress book would that be? The sheer MUA diversity makes it a very complicated task to find and read the address book one user is using.

    Exactly, my point was that it doesn't matter, SoBig just slurps any email addresses it finds using a builtin regex engine.

    All I see are some bad examples. Some of them were OK because they touched real issues: (1) once you get code executed on a system you can do bad stuff (but don't think getting that code executed is such a trivial task); (2) a good security model is useless in the hands of ignorant users.

    If users are ignorant then getting code executed is pretty easy.

  8. Re:Psychology plays a role on Is Linux as Secure as We'd Like to Think? · · Score: 1
    Well, the Windows kernel also includes things like message dispatch/routing, registry access and various, GDI/user graphics/window handling and so on. So, I wouldn't say it's "micro" as such.

    It's true about Windows 9x, but I'd note that sharing DSOs/DLLs is fairly common, as far as I know all major operating systems do that...

  9. Re:It's not hard to copy DVDs on DeCSS Loses Free Speech Shield · · Score: 1
    I'm glad someone else caught this. It's a bit disturbing when even the Slashdot posting describes DeCSS as "DVD-copying code". DeCSS would not be necessary to make exact copies, and while it could be useful for other types of copies (like downsampling), its main use is not for copying, but playback.

    No, that's not correct. I'd be willing to bet a lot that it's main usage is for piracy. Considering how easy it is to get an authorized DVD player for Windows, how 95% of the worlds computers run Windows, and how rampant piracy is, the primary usage of DeCSS will be to decrypt discs so they can be recompressed with lower quality/better codecs and then placed on Kazaa.

    Anybody who believes that this doesn't occur clearly doesn't know any teenagers, and is being naive. The primary use of DeCSS is to break DVD encryption for piracy purposes.

    Now, it can also be used to let Linux users watch DVDs, and for that I am profoundly grateful. I certainly don't agree that DeCSS distribution should be restricted, but at the end of the day people who believe this is an enormous conspiracy to control the supply chain need to take an economics 101 - while supply chain control is probably a part of it, a bigger reason is to stop DVDs turning into the next MP3s.

    It's also not true that you can copy a DVD without decrypting it first. DVDs contain data in special regions of the disc that are placed there at manufacture time. DVD burners generally cannot alter what is put there. CSS was specifically designed with both casual and mass commercial piracy in mind.

  10. Re:From considerable experience lately, on Is Linux as Secure as We'd Like to Think? · · Score: 1
    If they didn't update red hat, what makes you think they will for FreeBSD?

    It sounds like a process/staffing problem rather than anything to do with what software is used, to be honest. Yeah, the latest red hats are expensive if you don't want to upgrade every year, but if you're happy with upgrading once a year it's still free.

  11. Re:Here's my rant on human stupidity... on Is Linux as Secure as We'd Like to Think? · · Score: 1, Interesting
    For instance, they don't think having to type in a password to run Setup.exe is even remotely reasonable

    Er, because it's not? Having to type in a password to do pretty much anything on Linux is a total pain in the ass and gives no extra security on a single user desktop system.

    Think about it. There are about a hundred different ways to get a Linux computer to do malicious things without root access. Here are some examples. Let's assume all the user has to do is run a program, as SoBig.F has shown that people are still willing to do this in large numbers. What can we do?

    We can:

    • Pop up a fake "please enter your root password" dialog and snarf the root password, if we so desire. Probably if the person was willing to run an attachment they won't think twice about this, after all they are asked for their root password at seemingly random intervals whenever they wish to change their configuration, or run some installer, or even run some other programs which for various obscure reasons need root access (did you know that "beep" needs to be setuid root?).

    • Run a copy in the background emailing the virus to lots of other people. You can try and snarf the address book directly, or just do what SoBig.F does and perform a regex on the entire system. Hey, we even provide tools to make it easy ;)

    • Install some XBL and user-stylesheet CSS into the Mozilla/Gecko configuration directory. That lets you dynamically rewrite websites as they are downloaded and displayed. You could have all kinds of fun with this one. What about slurping form submissions?

    • Wipe the users data. Most viruses aren't that malicious, but user vs root doesn't help you here. The users data is of course the most valuable thing on the system, but absurdly it's also the most vulnerable and unprotected.

    • Install basically any software you like. What you say? The home directory is mounted noexec? Very clever. Try typing this at the prompt:

      $ sudo chmod -x /usr/sbin/lsof (for example)
      $ /usr/sbin/lsof
      bash: /usr/sbin/lsof: Permission denied
      $ /lib/ld-linux.so.2 /usr/sbin/lsof
      ........

      You see how feeble UNIX security really is now?

    Basically, the idea that Linux is inherantly more secure than Windows is so massively flawed I don't even know where to begin. If Linux is going to be stronger than Windows, it must be through the power of a caring community to look out for users best interests, while letting them get on with their work and play.

    I think I'll keep ranting about this until somebody does it, but what we need is a community anti-malware project. Think of it as a cross between Debian and Sophos - with a strong founding moral code, a community that features wargaming and debates upon how to make the system more secure, as well as one that builds an infrastructure which can seek out and eliminate malicious software on users systems after infection has occurred.

    After all, simply having walls is not good enough. You have to be able to deal with breaches in those walls too. The only thing we've got like this now are the distro backporting teams, which is good for servers, not so useful for home users.

  12. Re:Psychology plays a role on Is Linux as Secure as We'd Like to Think? · · Score: 1
    I am probably better informed about the state of MS security system design than any other person who does not work for them and is not a contractor.

    Good grief, I hope that isn't true. No offence, but so far you've asserted that Windows NT is a microkernel which hasn't been true since NT4, and that Windows 9x doesn't use protected memory, which is equally incorrect.

    The rest of your posts seem to be mostly a matter of "I say I've done this, this and this so you'd better believe I'm credible or else!" and vague handwaving about the relative coherancy of "UNIX" which hasn't existed as a system in any real world usage for years. Rather, everybody uses UNIX derivatives such as Linux, Solaris, AIX and so on, all of which are significantly different to the original UNIX releases.

  13. Re:How objective is www.linuxsucks.com? on How Objective Is Microsoft's Search? · · Score: 2, Interesting
    Hardly the deep, cash infused ties this tin-foil hat wearing zealot implies

    Oh come on now, be fair to poor Miss Coney. A search for "infospace microsoft" reveals that not only have Microsoft done a case study on them, but the two companies also partnered in digital TV trials, and a former Microsoft "technology veteran" has joined them as their CTO.

    That's just looking at the first page Google gave me. I haven't even bothered doing any more research. It's pretty clear they, uh, think along the same lines.

    Now can you jump to "Microsoft is sponsoring linuxsucks.com" from that? No. But I expect the guys at infospace are pretty similar to the guys at Microsoft, you don't have to work for Redmond to hate Linux.....

    I think their excuse of "it's just parody, if you can't take it go away lame geek" was rather poor. I've found some really funny paradies of Linux really before now, and that wasn't one of them. It was just some cheap fanboy ranting that attempts to make itself not suck by constantly telling people it's funny - where is the wit in saying:

    That is why poor open source developers are rushing to create a dot net look-a-like for Linux (see news). Microsoft's .NET platform, which strongly promotes the use of XML, blows Unix and all its applications away as a web server. Yes, we know .NET is a combination of many technologies that already exist like Zope, Enhydra, PHP and JSP! But it's much better, and only if you are a programmer can you appreciate this. It will blow everything else away and then lead the pack because of widespread industry support and the big bad beast Microsoft standing behind it. more on ASP.NET...

    Dunno about you, but I'm not laughing yet....

  14. Classic search on How Objective Is Microsoft's Search? · · Score: 5, Interesting
    On the other hand, try searching for "Microsoft" on MSN Search:

    Latest News: microsoft

    • Microsoft warns of critical IE flaws (MSNBC - Aug. 21)
    • Microsoft Windows: Insecure by Design (Washington Post - Aug. 24)
    • Microsoft finds security flaws (Boston Globe - Aug. 22)

    It cuts both ways :)

  15. Red Hat more expensive than Windows? on How Objective Is Microsoft's Search? · · Score: 2, Informative
    I like their tech.msn.com review:

    Red Hat 9.0 is a boon for those who already use it, but it's too expensive to warrant a switch from Windows. Try SuSE (or the free Red Hat) for a better mix of price and features.

    Oh yeah. That's quality reporting there :)

  16. Re:Sound Mixing.... on Dave Phillips' Linux Sound Updated · · Score: 2, Informative

    In fact it does support this, look into the dmix plugin which mixes direct into the DMA buffers, with no sound servers necessary. It's still quite new though. I guess it's up to the distro to set it up correctly.

  17. Re:This would be great! on BBC to Put Entire Radio & TV Archive Online · · Score: 1
    It would be expensive yes, but remember that the BBC already uses so much bandwidth it peers directly with Telehouse and has its entire site mirrored in New York.

    Basically, these guys do the net in the way that most people don't. They have the bandwidth ;)

  18. Re:effective virus on The Origin Of Sobig (And Its Next Phase) · · Score: 1
    That's what I don't get. How many people ever put their message in an attachment and say "please see the attachment for details".

    How many people really send mails with subject lines like "wicked screensaver".

    In other words, how can smart people be fooled by such crude social engineering?

  19. Re:bad examples on Gaim Speaks Out on MSN Ban · · Score: 1
    In fact, the MSN protocol (well, the old version) is not P2P at all. It's been a while since I studied it, but basically the network is designed for extreme scalability in ways most aren't.

    Example: When you hit connect in MSN, the client contacts several different servers, one to send login details, a staging server, then it gets sent to a (randomly allocated?) "switchboard server". The MSN protocol is not message based, which is why you can't send offline messages, it's modelled like a telephone exchange. If you want to contact somebody, you have to join with them via one of these *many* switchboard servers. There are other dedicated servers for presence, notifying you of mail, authentication and so on.

    Basically, MSN Messenger has a lot of servers. That costs money to run. If they do try and shut out clients that don't show adverts, I won't condemn them for that, but I will be pissed off about it because it's not my choice to use their service - if I want to talk to my friends online (who expect me to use it btw) I have to go via Microsoft. Not fun.

  20. Re:weird on Gaim Speaks Out on MSN Ban · · Score: 4, Interesting
    It is regional, as you might expect. In England, everybody uses MSN. I mean nearly everybody. All of my (non-geek) friends use it, so does my family. It comes with Windows, it's pretty, and it lets them set their display name 3 times a day so I cannot keep track of who they are unless I use Gaim or Jabber.

    It's fairly easy to explain this phenomenon. IM networks are just that - networks, and as such they suffer from severe network effects. I hate MSN. It's a pile of dung. Its network is basic, sometimes unreliable, the official client blows chunks, and worst of all it seems to take about 5 minutes to realise you are no longer connected if your dialup drops so friends keep talking to you, then 10 minutes later get a "That message could not be delivered" warning.

    Nonetheless, I use it (via Gaim) anyway, because it's either that or don't talk to my friends via IM. My friends are (mostly) local, as are their friends and so on, so it spreads out.

    Instant messaging has been such a total mess, for such a long time, that I think this should serve as as a valuable lesson to those who would create new networks on the internet. Back in the days when it was just engineers, things like the web, email, USENET, IRC and so on were born. They became essentially public networks, controlled by nobody. Then the corporates got involved. IM was invented at the wrong time, and it's been a battleground ever since.

    If we are not very careful, exactly the same thing will happen again in future. I'm thinking of digital identity here, but luckily so far both corporate attempts at this space have failed - BUT there are no indy hackers working on it! (i wish i still had time for it).

    I write this here because statistically if somebody is going to invent a new network, they might well be reading Slashdot. Let's learn our lesson now, or see ourselves shut out of future networks - from our friends, services, business partners - simply because we use the "wrong" product.

  21. Re:Yea, it's called Aqua from Mac OSX on New Longhorn Screenshots Leaked · · Score: 0, Flamebait
    It's a heck of a lot easier to navigate around MacOS, and I don't say this out of experience; I say this because Apple specifies a Human Interface Guideline

    Hehe, I can tell you don't say it out of experience ;) I've used Macs at a friends house, most versions of MacOS including betas and such that aren't out yet (he's a mac nut). I don't find it terribly intuitive at times. Example - how do you stop the dock from zooming in and out? "Right click" on it? No. Control panel? Don't think so. It's just thrown into the Apple menu, woo, intuitive. How about the annoying and confusing Dock, which is a jack of all trades but master of none? Try clicking on a broken X11 app link some time. Does it tell you it's broken? No - it just fades in a nice question mark. Of course if you don't know what that means, or cannot guess, you're screwed. It "Just Doesn't Work".

    There are lots of little things like that, that in my opinion make an OS that is pretty straightforward and predictable, and make you think that they don't care about sacrificing usability for looks and whizzy fade ins.

    everything is placed in a tree-like heirarchy that is easier (compared to Windows' interface) to find things in

    Well, most usability guides I've read say that trees aren't intuitive, but whatever, there aren't many in MacOS by default anyway. OTOH Windows places far more in the tree/heirarchy namespace than the Mac does - for instance, you cannot browse the control panel applets in the finder. You have to use the control panel program.

    Their changing the interface only makes it worse and bloated.....

    You're entitled to your opinion of course, but almost every revision of MacOS X has changed the interface to some extent, including introducing a brand new, arbitrarily applied theme, redesigning the finder, new task switching mechanisms and so on. There is no classic mode, you just have to hope you like the new changes or somebody produces a hack to set things back the way they were (a booming industry it seems).

  22. Re:More raids please on Ernie Ball - Model For Open-Source Transition? · · Score: 5, Funny

    More to the point, look where he's posting to.

  23. Re:Lack of finish on Worst Linux Annoyances? · · Score: 1

    If you bought a support contract from Red Hat, and they don't give you good service, bitch at them.

  24. Re:Sure, as long as the license is right on Free Software as a Public Good · · Score: 1
    Developers who use the GPL have already decided that their software should not be a public good in the sense that libraries are (in that anyone could go to a library, read books on a subject, and then resell what they learned for money).

    Oh yes, time to bring out the flawed analogies.

    If you insist on flimsy metaphors like that, then what you really want is something like this:

    "Using the GPL is like stopping an owner of a book store from walking into the library and mass photocopying all the books to place in their own inventory".

    By creating a proprietary "derivative work" of the library, they would essentially always have the upper hand in competing with the public good, because they didn't have to pay for the largest part of their collection whereas the library did.

    I personally would be pretty annoyed if private business were to abuse a public good in that way, and I think most other people would be too.

  25. Re:FSF needs a dose of reality on FSF's Opinion of the Apple Public Source License · · Score: 1
    I wish FSF would spend more time to promote current leaders of open source and encourage others to follow in their footsteps.

    The last thing we need is for more companies to act like Apple or TransGaming, who think that turning code into proprietary products and "giving back" by doing enormous (and inconvenient) patch dumps is good enough.

    There are many companies out there that really are fully paid up members of the community, and who work to ensure it remains healthy. By contrast, if we all ended up using a partly open source OS, we'd have got essentially nowhere - it'd be Windows all over again.