It's not as much trolling as a statement of facts, but anyway... See this post where I replied to exactly the same.
Take a decent Linux distro, remove any useful tools and strip it down to the binaries (and the binaries only). This is essensially a harddrive image, not a distro.
I fail to see what impressive or useful qualities this removal of tools reaps.
2 things. 1: Lack of proper package management (want to uninstall that package?). Want those dependencies resolved? Want those packages automaticly updated to get the latest security patches? Tough shit. This is a "hands-on OS" and damned if you'll get any assistance getting work done efficiently.
2: Lack of configuration tools. Want to get things done? Want that thing setup now? Go to your favorite text editor and edit those config files by hand, even though it's utterly brainless work that any decent distro should have automated.
Multiply these factors by your amount of servers and tell me you want to manage that piece of shit. Seriously. Some people work in the real world and needs to get things done, not tweak with custom builds and config files. And in this respect Slackware is 100% certified useless.
When I see people praise Slackware it's usually because they got things working, at last, after tons of work. They seem to think this is something special that other OSes doesn't do. Or something. Debian on the other hands... Users praise Debian for getting things done, no hastle, just like that, and that was 2 seconds ago.
I might be biased, but I have used Slackware, and my bias is mostly made up of that experience and my encounter with other Slackware users.
If you like Gnome in Ubuntu, you will like Gnome on any other distro too. Except on Slackware you have to wait a little for binaries that wasn't compiled for a 15 year old architecture, unless ofcourse you feel like compiling it yourself.
If you like how things just work in Ubuntu, you will loath the sight of Slackware, regardless of version for it's total lack of decent packagemagement or configuration tools.
For the record, I use Debian, FreeBSD, Windows Server 2003 and Windows XP. All OSes I am very happy about for their respective qualities. IMO Slackware has none.
Slackware 11 is now out and all the 28 remaining Slackware users in this world rejoiced.
Seriously. Why would anyone use this one a production system or even for playing at home. The only thing Slackware is good for is learning a little about how Linux works, then you move on to a distro that allows you to get things done.
I know all the (28) Slackware fanboys will mod me to oblivion for this, but seriously. It's a piece of shit compared to anything else released the last 6 years, and yes, that includes Redhat.
Me saying that Windows, the worlds most used, sold and deployed user-focused OS, can be used relatively securely, and that people should choose the tool/OS that does the job that needs doing best, I get modded troll, while a Linux fanboy claiming that Linux solves all problems in the world, regardless of what the actual job at hand is (without any actual backing ofcourse) doesn't.
Great job, mods! Now you can mod this offtopic, trolling flamebait. I'm sure that the burning karma will fit right into your crackpipe.
Nevermind the incorrect capitalization, but does that even mean anything? Yes, this is offtopic, yes this is nitpicking, but seriously: Does that really mean any more than "Smurfing for government computer wews"? Personally I think "grofling for news" sounds cooler, not to mention it's one step ahead of being branded "hip" in that negative way.
Anyway, I stopped reading right there. So the comments here may be gibberish and all non-sense, but can't we at least expect the summaries to be in semi-proper english?
Switch to Linux and watch all my applications which I need to do my job fail. Yes, that sounds like a plan. For the record I'm a.NET developer who needs Visual Studio and SQL Server to do my work.
You may find it hard to believe but Windows is a pretty damn secure OS, given that the one using it knows what he's doing. I'm not using MSIE, I'm not using Windows Media Player. And I have yet to have my machine BSOD, get infected with spyware/virus nor have to reinstall it periodically because it's unresponsive. My system is working excellently and does what I want it to do, and does it better than any Linux setup I can come up with.
Making people believe they are "secure" only by switching to another OS is stupid at best. If people don't know how their systems work, you can be sure as hell they wont be able to secure it. There is no system that is more secure than it's admin is competent.
Fine, you use Linux, it works for you. Congratulations on that! But branding it as a universal solution is just stupid.
In short: If you are willing to jump trough dozens of hoops you shouldn't have to jump trough, to use your legitemately bought music, you won't have any issues with your 128kbps rip.
Yeah, that sounds much better than just getting a CD and ripping it yourself. Or just getting it in FLAC from the P2Ps while you wait for your favorite online-store to deliver it.
Seriously, the music business is trying to use digital media in a way to prevent all the advantages that can be gained by going digital. Like interoptibility which is the biggest issue for me. Now why on earth would I want anything at all to do with people trying to restrict my use, when they have NO legal right* to do so?
ITMS is not an option. Can you spell DRM? If I can't copy the music to the devices of my choice and play it on players of my choice it is worthless.
Yes, I know there are hacks and workarounds for this, but the second somebody intentionally makes a product crappy and tries to limit my abilities to use it, that's really the end of that. I'm looking for a working product, ready for use, thank you very much.
and personally I would never rely on Windows in a server environment. But opinions aside...
I wouldn't consider any server more secure then the admin actually running the machine. A competent windows admin will more than likely have a more secure setup than a incompetent Linux admin. But, as you said, OS-related stuff aside.
I admit, the code you exploited could have just as easily been PHP on a *nix platform, so I cannot blame the operating system. I can only blame the programmer that left this gaping hole open for anyone to exploit. (snip)
In short, no matter what platform you use, or what scripting language you code with, the responsibility still lies on you (the programmer/coder) to make sure the code is not exploitable.
I fully agree with all these points. Which is also the reason I posted the link, and urged any developer working with DBs to check it out regardless of their favorite scripting language.
You would be surprised, if not scared by the number of developers who have never heard about SQL Injection or know how it works. I just thought it'd be useful with an actual example to get the message out.
It's not a strictly typed language.
This might be more of a preference than a language feature, but it does allow me to easier spot fuck-ups compile-time, instead of run-time.
It encourages a mix of code & content
While this can be benefitial at times, it is my opinion that most uses of this results in messy code. In the very same was as in classic ASP w/VBscript.
I'm sure I could come up with a thousand reasons, but these are my main 2 grudges with PHP.
Granted, I've worked with PHP and therefore I don't like it. But that was 4 years ago or so. Maybe things have changed.
But I do think parent poster has multiple points, and simply mod'ing him Flamebait since PHP is your favorite scripting language won't change that.
Saying that beginners PHP-code is ugly is more a statement of facts than an opinion.
But things like SQL Injection is one of many reasons I just love ASP.NET.
I wrote a very short piece on this on my site, and how use of paramertized queries/stored procedures in 99% of the cases eliminate this problem entirely.
It also includes a comprehensive SQL Injection demonstration, which I'd recommend that everyone working with DBs should read. Using PHP/Perl/ASP.NET or whatever their favorite web-programming lanaguge happen to be.
Yes. And it still doesn't mean using it makes you look any more clever. In fact it does the opposite.
No. But my main point was that in a thread discussing MSSQL and getting the most out of it, giving long rants about how all other DBs are better, still seems a bit off-topic.
Not all systems are performance critical systems on 100% load. Some systems have in fact very low load, and using OR mapping to cut development time to a tenth, will please your boss.
I can't say I agree. See point 3.
I asked for examples of just how you would do that, since I'm evidently just some noob who wouldn't know how. In effect, I am asking for proof of these statements.
With physical access to a workstation, you will still not gain access to SQL Server even though you are on the same LAN. See, you do not have the needed Kerberos tickets, since you are not authenticated. This is my stance and I'll remain just here, unless ofcourse, you provide some proof that I'm wrong.
With physical access to any server, the server is by definition compromised. So just where are you going with this argument?
Yes. I hate how I can use ADO.NET to directly bind a database table/view/query to user-interface elements without having to write that same generic "glueing-it all together" code everytime.
Yes. There is overhead. However, not everything in this world is 100% performance critical, and this can allow for this overhead, if it makes development faster, and the code more maintainable. Sometimes hardware is cheaper than developer-time.
Slow, cumbersome and insecure? I doubt you have used SQL Server, at least since SQL Server 2000. Granted, version 6.5 was a true POS, but the current versions work well, are secure and a breeze to use.
Simply because it ain't the tools you know well, doesn't make it crap. In fact, I think MySQL is the worst excuse for a database ever. But this is a MSSQL thread, so I won't go into that. I can save that for later.
Calling Microsoft "M$" doesn't make you look clever nor smart.
Raving about how Oracle is great in a thread related to Microsoft SQL Server is just silly. In a thread about Microsoft SQL Server, the topic, is in fact SQL Server.
OR mapping can be useful. That doesn't mean its always the best approach, but trying to say its never useful is just being zealous.
Yes. Microsoft products are designed for the Microsoft platform. Does this surprise you at all?
And what do you mean with "effectively and efficiantly from any kind of box, nope, not even a windows box". A few examples would be nice.
No. SQL Server's security model does not rely on some random credentials from some random workstattion. It relies on authenticated, encrypted Kerberos tickets, authenticated by a central server. Is this any less secure than usernames and passwords sent across the wire? Please show me how you intend to break into Microsoft SQL Server with a random Windows installer CD. I'm truly intruiged by this, so please provide a few examples.
You say roaming profiles is a bad idea? I guess you have never worked with a large network, or administered networks where users may work on different workstations from time to time. Like for instance, at a university where students hardly use the same workstation twice. If you had the slightest idea how stupid this single remark made you look, you might have had a chance to excuse your way out of your ignorance.
Yes. There will be abstraction layers for the database in C#. Not only for SQL Server, but for any database supported by ADO.NET. Even your wonderful Oracle! Are you saying abstraction layers is a bad thing?
You seem rather ignorant and zealous, and while I value the opinion of others, I do prefer informed opinions rather than random, uninformed drivel by someone who evidently knows one product only, and bashes everything else for not being that one product.
How about a nice simple DBObject that my other objects can inherit from
In SQL Server 2005 you can use.NET classes as datatypes in the DB, and then just pump your objects directly into the DB. Not that I would ever recommend it though. But it can be done.
Or you could, as others have suggested, use strongly typed datasets. If you are writing lots of manual queries in C# when using ADO.NET, you are probably doing something wrong.
Nice of you promoting something requiring MySQL in a Microsoft SQL Server 2005 related article.
Do you see me going around MySQL & PHP related threads promoting ASP.NET & MSSQL? No? There is a reason for it, you know. Its because it would be unwanted and unuseful zealotry.
Slashdot Mirror
It's not as much trolling as a statement of facts, but anyway... See this post where I replied to exactly the same.
Take a decent Linux distro, remove any useful tools and strip it down to the binaries (and the binaries only). This is essensially a harddrive image, not a distro.
I fail to see what impressive or useful qualities this removal of tools reaps.
2 things. 1: Lack of proper package management (want to uninstall that package?). Want those dependencies resolved? Want those packages automaticly updated to get the latest security patches? Tough shit. This is a "hands-on OS" and damned if you'll get any assistance getting work done efficiently.
2: Lack of configuration tools. Want to get things done? Want that thing setup now? Go to your favorite text editor and edit those config files by hand, even though it's utterly brainless work that any decent distro should have automated.
Multiply these factors by your amount of servers and tell me you want to manage that piece of shit. Seriously. Some people work in the real world and needs to get things done, not tweak with custom builds and config files. And in this respect Slackware is 100% certified useless.
When I see people praise Slackware it's usually because they got things working, at last, after tons of work. They seem to think this is something special that other OSes doesn't do. Or something. Debian on the other hands... Users praise Debian for getting things done, no hastle, just like that, and that was 2 seconds ago.
I might be biased, but I have used Slackware, and my bias is mostly made up of that experience and my encounter with other Slackware users.
If you like Gnome in Ubuntu, you will like Gnome on any other distro too. Except on Slackware you have to wait a little for binaries that wasn't compiled for a 15 year old architecture, unless ofcourse you feel like compiling it yourself.
If you like how things just work in Ubuntu, you will loath the sight of Slackware, regardless of version for it's total lack of decent packagemagement or configuration tools.
For the record, I use Debian, FreeBSD, Windows Server 2003 and Windows XP. All OSes I am very happy about for their respective qualities. IMO Slackware has none.
Slackware 11 is now out and all the 28 remaining Slackware users in this world rejoiced.
Seriously. Why would anyone use this one a production system or even for playing at home. The only thing Slackware is good for is learning a little about how Linux works, then you move on to a distro that allows you to get things done.
I know all the (28) Slackware fanboys will mod me to oblivion for this, but seriously. It's a piece of shit compared to anything else released the last 6 years, and yes, that includes Redhat.
Me saying that Windows, the worlds most used, sold and deployed user-focused OS, can be used relatively securely, and that people should choose the tool/OS that does the job that needs doing best, I get modded troll, while a Linux fanboy claiming that Linux solves all problems in the world, regardless of what the actual job at hand is (without any actual backing ofcourse) doesn't.
Great job, mods! Now you can mod this offtopic, trolling flamebait. I'm sure that the burning karma will fit right into your crackpipe.
Nevermind the incorrect capitalization, but does that even mean anything? Yes, this is offtopic, yes this is nitpicking, but seriously: Does that really mean any more than "Smurfing for government computer wews"? Personally I think "grofling for news" sounds cooler, not to mention it's one step ahead of being branded "hip" in that negative way.
Anyway, I stopped reading right there. So the comments here may be gibberish and all non-sense, but can't we at least expect the summaries to be in semi-proper english?
By transcoding the stuff. You can't transcode DRMed stuff. I was referring to why I don't but into DRMed music.
Also the thread was about people not wanting DRMed music. I brought the derailed thread back on topic. How rude!
Switch to Linux and watch all my applications which I need to do my job fail. Yes, that sounds like a plan. For the record I'm a .NET developer who needs Visual Studio and SQL Server to do my work.
You may find it hard to believe but Windows is a pretty damn secure OS, given that the one using it knows what he's doing. I'm not using MSIE, I'm not using Windows Media Player. And I have yet to have my machine BSOD, get infected with spyware/virus nor have to reinstall it periodically because it's unresponsive. My system is working excellently and does what I want it to do, and does it better than any Linux setup I can come up with.
Making people believe they are "secure" only by switching to another OS is stupid at best. If people don't know how their systems work, you can be sure as hell they wont be able to secure it. There is no system that is more secure than it's admin is competent.
Fine, you use Linux, it works for you. Congratulations on that! But branding it as a universal solution is just stupid.
Tell me how that works if I want to play stuff on my cellphone. Right. It doesn't.
Next!
In short: If you are willing to jump trough dozens of hoops you shouldn't have to jump trough, to use your legitemately bought music, you won't have any issues with your 128kbps rip.
Yeah, that sounds much better than just getting a CD and ripping it yourself. Or just getting it in FLAC from the P2Ps while you wait for your favorite online-store to deliver it.
Seriously, the music business is trying to use digital media in a way to prevent all the advantages that can be gained by going digital. Like interoptibility which is the biggest issue for me. Now why on earth would I want anything at all to do with people trying to restrict my use, when they have NO legal right* to do so?
* at least not in Norway
by dnoyeb (547705) on Friday September 15, @09:19PM
If they are going to sanitize it, why stop with just props?
And in that moment, George Lucas Jr. was born.
ITMS is not an option. Can you spell DRM? If I can't copy the music to the devices of my choice and play it on players of my choice it is worthless.
Yes, I know there are hacks and workarounds for this, but the second somebody intentionally makes a product crappy and tries to limit my abilities to use it, that's really the end of that. I'm looking for a working product, ready for use, thank you very much.
"and make final adjustments to our CSS support"
Does that mean that they make it fundamentally broken and still don't handle the box model correctly?
I expect no less than 5-6 more in reply to this post.
Will one post do? :P
I've never heard of anyone with this particular problem. Ever. And my laptop is up and running in less than 2 seconds. Fully functional.
Guess you need to learn how to keep your XP install clean. Like not installing Kaaza and stuff.
Real men? You mean real men like these?
and personally I would never rely on Windows in a server environment. But opinions aside...
I wouldn't consider any server more secure then the admin actually running the machine. A competent windows admin will more than likely have a more secure setup than a incompetent Linux admin. But, as you said, OS-related stuff aside.
I admit, the code you exploited could have just as easily been PHP on a *nix platform, so I cannot blame the operating system. I can only blame the programmer that left this gaping hole open for anyone to exploit. (snip)
In short, no matter what platform you use, or what scripting language you code with, the responsibility still lies on you (the programmer/coder) to make sure the code is not exploitable.
I fully agree with all these points. Which is also the reason I posted the link, and urged any developer working with DBs to check it out regardless of their favorite scripting language.
You would be surprised, if not scared by the number of developers who have never heard about SQL Injection or know how it works. I just thought it'd be useful with an actual example to get the message out.
My reasons for not liking PHP:
This might be more of a preference than a language feature, but it does allow me to easier spot fuck-ups compile-time, instead of run-time.
While this can be benefitial at times, it is my opinion that most uses of this results in messy code. In the very same was as in classic ASP w/VBscript.
I'm sure I could come up with a thousand reasons, but these are my main 2 grudges with PHP.
Granted, I've worked with PHP and therefore I don't like it. But that was 4 years ago or so. Maybe things have changed. But I do think parent poster has multiple points, and simply mod'ing him Flamebait since PHP is your favorite scripting language won't change that.
Saying that beginners PHP-code is ugly is more a statement of facts than an opinion.
But things like SQL Injection is one of many reasons I just love ASP.NET.
I wrote a very short piece on this on my site, and how use of paramertized queries/stored procedures in 99% of the cases eliminate this problem entirely.
It also includes a comprehensive SQL Injection demonstration, which I'd recommend that everyone working with DBs should read. Using PHP/Perl/ASP.NET or whatever their favorite web-programming lanaguge happen to be.With physical access to any server, the server is by definition compromised. So just where are you going with this argument?
Yes. There is overhead. However, not everything in this world is 100% performance critical, and this can allow for this overhead, if it makes development faster, and the code more maintainable. Sometimes hardware is cheaper than developer-time.
Slow, cumbersome and insecure? I doubt you have used SQL Server, at least since SQL Server 2000. Granted, version 6.5 was a true POS, but the current versions work well, are secure and a breeze to use.
Simply because it ain't the tools you know well, doesn't make it crap. In fact, I think MySQL is the worst excuse for a database ever. But this is a MSSQL thread, so I won't go into that. I can save that for later.
A few short comments.
And what do you mean with "effectively and efficiantly from any kind of box, nope, not even a windows box". A few examples would be nice.
Please show me how you intend to break into Microsoft SQL Server with a random Windows installer CD. I'm truly intruiged by this, so please provide a few examples.
You seem rather ignorant and zealous, and while I value the opinion of others, I do prefer informed opinions rather than random, uninformed drivel by someone who evidently knows one product only, and bashes everything else for not being that one product.
To be honest, I don't think using any of SQL Servers XML-features will make anyone's life any simpler, at least not in 99% of the cases.
T-SQL is a language designed for set-based operations, not fine detail-level data-shredding. Yes, it can be done. No, it doesn't look pretty.
How about a nice simple DBObject that my other objects can inherit from
In SQL Server 2005 you can use .NET classes as datatypes in the DB, and then just pump your objects directly into the DB. Not that I would ever recommend it though. But it can be done.
Or you could, as others have suggested, use strongly typed datasets. If you are writing lots of manual queries in C# when using ADO.NET, you are probably doing something wrong.
Nice of you promoting something requiring MySQL in a Microsoft SQL Server 2005 related article.
Do you see me going around MySQL & PHP related threads promoting ASP.NET & MSSQL? No? There is a reason for it, you know. Its because it would be unwanted and unuseful zealotry.
So... Why isn't parent mod'ed off-topic yet?