From the article: It's easier to vandalize a Web site than to program a
remote control.
Translation: The author of the article has done neither. If you are an editor,
this is one of those phrases that tip you off that the author is willing to
say anything to make the article more interesting to the average reader, even
if it is entirely invented. Further translation: It's time to fire Steven
Levy, the author.
This article, I'm guessing, was paid for by Waggener Edstrom (wagged.com, as in "the
tail wagged the dog"), Microsoft's PR company.
Notice that they are already preparing you for the reality of Microsoft's
efforts: "I firmly believe we will be shipping with bugs," says Paul
England.
The article says, One hurdle is getting people to trust
Microsoft. Here are more than 200 pages in which the U.S. government said
that Microsoft could not be trusted: U.S. Justice Department
complaints against Microsoft.
Will we begin trusting people who have abundantly proven that they cannot be
trusted, and have been convicted of breaking the law? Will the government let
Jeffrey Dahmer
or Charles Manson
free? Will an adversarial, self-destructive company suddenly become
charitable?
The sociology: Commercial software authors often write under difficult
conditions. They are often forced to release something with which they are not
happy. Open Source authors have no other motivation than to do a good job.
Everyone who is interested will see their code, forever. The sociology makes a
huge difference.
With Microsoft Windows XP, for example, some of the deliberate design is
adversarial to the user's interests. There are more than 12 ways that the OS
expects to connect to Microsoft computers.
A tri-lateral government works, and it is a good idea. However, when secret agencies are allowed to exist, we have a quadrilateral system of government. And, when those secret agencies are allowed to break the law, we have a corrupt government. For documentation of this from some of the world's most respected news agencies, see What Should be the Response to Violence?
There are some people who like to act out their inner conflict by making trouble for others. The secret agencies attract the troublemakers, and there are no checks and balances.
I just came upon an example of re-configuration. A drive in a removable hard drive drawer was replaced with one of identical make, model, and size. Windows XP Professional re-configured the paging file from drive F: to drive C:. It did so with no message to the user. The system is faster if the paging file is on another drive besides C:. This is the sort of thing that sells Linux.
I agree with you. However, this seems an unlikely answer for the person who posted the comment about the issue. Windows re-configuration occurs when there is some kind of problem or merely a change hardware for example. Windows will pick a new configuration without telling the user. Then, when the hardware is added to the system again, windows may not pick the correct installation, causing numerous hard-to-troubleshoot problems.
True. Also note that the defrag program in Windows 2000 and Windows XP does not defrag all files. Some will be left with literally hundreds of fragments. To get true defragmentation, it is necessary to buy a third-party defragmenter, like Diskeeper:
However, program files should not be fragmented in a month. I doubt that the fragmentation of data files would cause significant slowing in only a month.
The mathematics is absolutely stupid! The author assumes that bugs are a
random event. But they aren't. Bugs are heavily influenced by sociological
factors that affect the outcome by more than a factor of ten. A lot of the
bugs you seen in Microsoft Internet Explorer, for example, come from the sloppy practices of
programmers who are not particularly interested in what they are doing and who
are pushed to a tight schedule, so when they see that something needs to be
re-written, they can't re-write it, because they don't have time.
Remember when Microsoft released Windows 2000? Someone inside Microsoft said
that there were still 63,000 bugs (or known shortcomings) in their database.
There was no time to finish the job, and Windows 2000 and Windows XP are still
quirky. I just reported a bug in Windows XP, again, which I first saw in
Windows 98. All of those operating systems re-configure themselves without
telling the user. The company just doesn't care enough to do a good job.
Bugs in software are caused by social factors that we cannot measure. Some
programmers write far tighter code than others. Compare the security bugs in
OpenBSD and in Windows. OpenBSD is far more secure because the people who
control it say they want it that way. Microsoft just announced a greater
interest in security, but will the company actually devote resources to fixing
the code? That's a sociological issue for a company that has always put money
first.
It is impossible to test reliability into software, or anything! Reliability
is due to design decisions, or the lack of them.
The author says,
"Reliability growth models seek to make this more precise. Suppose that the
probability that the i-th bug remains undetected after t random tests is
e-Eit. The models cited above show that, after a long period of testing and
bug removal, the net effect of the remaining bugs will under certain
assumptions converge to a polynomial rather than exponential distribution. In
particular, the probability E of a security failure at time t, at which time n
bugs have been removed, is [Equation that Slashdot cannot display: E = 1X
i=n+1 e-Eit ~~ K=t] over a wide range of values of t. I give in the appendix a
brief proof of why this is the case, following the analysis by Brady, Anderson
and Ball [7]. For present purposes, note that this explains the slow
reliability growth observed in practice."
He is just pulling your leg, and probably his own. Note the word "random" in
the second sentence. In mathematics that is a technical term, a precisely
defined term, and it doesn't apply here.
The author is just grabbing attention, and it worked. Now he has
something to put on his resume, an article in CNET (by someone who doesn't
understand the mathematics, but assumes that it must be okay, because it looks
so impressive).
Show me the equation that has a term that explains the difference between OpenBSD (Five years without a remote hole in the
default install!) and Windows XP
(zero seconds).
Give the source code of Internet Exploder to the OpenBSD coders, and we will
see how random bugs are. They could do what they already did with BSD, examine the code
for poor practices, and re-design the parts that need it. Then all the
"randomness" would stop happening, as if (in the view of some) by magic.
"However, there are more pressing security problems for the open source
community. [Read human community.] The interaction between security and openness is entangled
with attempts to use security mechanisms for commercial advantage --
to entrench monopolies, to control copyright, and above all to control
interoperability. As an example, I will discuss TCPA, a recent initiative
by Intel and others to build DRM [Digital Rights Management] technology into the PC platform. Although advertised as providing increased information security for users,
it appears to have more to do with providing commercial advantage for
vendors, and may pose an existential threat to open systems."
The article says nothing sensible about bugs in software. The article mostly discusses issues surrounding efforts to increase the reach of monopolies.
"... why do my Win2k installs slow down to a crawl after a few
weeks..."
Windows operating systems re-configure themselves without telling the user.
Bill believes he knows better than you.
I find bugs and insufficiencies in open source software. But generally open
source software impresses me as an attempt to do a good job.
In contrast, Microsoft software seems just sloppy. For example, Microsoft's
Internet Explorer has 18 unpatched
security bugs (when this was written). These active security risks are
different from the recent 15 that have already been fixed. This is sloppiness,
not mistakes, and I don't find anything like it in the open source world.
In case the.PDF article is slashdotted: It is nonsense, written by someone
trying to seem well-educated. If you do read it, don't let the math intimidate
you, the math is utter nonsense.
By the way, when Windows becomes slow because it re-configured itself, try
this:
Install the latest Windows service packs and patches.
Re-install the latest chipset drivers.
Re-install Microsoft DirectX 8.1 or higher.
Re-install the motherboard manufacturer's ATA storage driver.
You probably won't need to re-install other device drivers, but this is
the time to do it.
Read my post. No one at Microsoft can help with a bug in Windows XP! The OS doesn't work. That's on a different level of importance than tabs in Mozilla. Tell the Mozilla people and they will fix the problem. I use K in Linux, but in Windows 20 or 30 tabs and 4 instances of Mozilla works fine.
"This is one of the better comments on this thread."
To me, these comments seem utterly out of touch with reality. I find bugs and
insufficiencies in open source software. But generally open source software
impresses me as an attempt to do a good job.
In contrast, Microsoft software seems just sloppy. For example, Microsoft's
Internet Explorer has 18 unpatched
security bugs (when this was written). These active security risks are
different from the recent 15 that have already been fixed. This is sloppiness,
not mistakes, and I don't find anything like it in the open source world.
When I have a problem with open source software, I find that I can get help.
When I call Microsoft, I find that, usually, no one with whom I am allowed to
talk knows any answers. Right now, for example, no one seems to know how to
repair a new, Intel Motherboard, Windows XP installation that won't create a
virtual memory paging file. It's buggy, and nothing can be done other than
re-install the OS and all the applications.
If you find a big problem in open source software, chances are that you will
communicate directly with the main authors. With Microsoft, I have not been
able to get answers. This article says that the Psychic Friends Network is
equally as good as Microsoft technical support: Microsoft Technical Support
vs. The Psychic Friends Network The conclusion of the article seems
reasonable considering my experience with Microsoft. Neither organization has
useful answers, but The Psychic friends Network is more friendly and less
expensive.
The physics is such that the theoretical frequency response must be very high. The only problem could be capacitance on the input. I wonder about the gain, also.
If you remember, it was exactly this behavior that began the sinking of Novell. This kind of extortion is an early indication that the company feels vulnerable. I don't know why they feel vulnerable, but they know, and they are showing it.
What is the best GUI arrangement?
on
Is RPM Doomed?
·
· Score: 1
It seems to me that the most important thing is to make sure that the GUI is the best possible for configuration. An expandable tree in a linked document seems excellent. There needs to be a way to address every part of the tree from the command line; there should be bookmarks.
It would be necessary to write modules for every supported file format, as you say, but this could be made easier by supplying standard libraries of interface programs. Each module author could modify a module that already existed.
Configuration files would remain distinctive.
on
Is RPM Doomed?
·
· Score: 1
The idea is that configuration files would remain distinctive, but each package author could provide an interface from the standard configuration program to the configuration file. (It is necessary to continue to allow hand-editing.) So, there would need to be a way to execute the interface to interpret the ASCII configuration file and write to it. XML merely describes data, I think, it doesn't have any way to cause a program to be executed.
I suggest a browseable, book-like interface.
on
Is RPM Doomed?
·
· Score: 2
Having 50 (only that many) different styles of configuration files definitely makes things tough. However, the information is not hidden from the user, as it is in Windows.
It would be great if someone standardized Linux configuration files. I suggest a browseable, book-like or PDF-like interface like that in Ganymede. Each package would be expected to write their own interface to the configurator. That way, authors could have any configuration file format they wanted, but there would also be a standard GUI interface.
single point of failure
on
Is RPM Doomed?
·
· Score: 2, Informative
The registry in Windows creates a single point of failure. The point of the registry seems to be copy protection. The registry contains incomprehensible data. It is an area meant to be outside the user's control.
Could you provide a link to "Doc Mercury's guide to DVD ripping"? Thanks.
From the article: It's easier to vandalize a Web site than to program a remote control.
Translation: The author of the article has done neither. If you are an editor, this is one of those phrases that tip you off that the author is willing to say anything to make the article more interesting to the average reader, even if it is entirely invented. Further translation: It's time to fire Steven Levy, the author.
This article, I'm guessing, was paid for by Waggener Edstrom (wagged.com, as in "the tail wagged the dog"), Microsoft's PR company.
Notice that they are already preparing you for the reality of Microsoft's efforts: "I firmly believe we will be shipping with bugs," says Paul England.
The article says, One hurdle is getting people to trust Microsoft. Here are more than 200 pages in which the U.S. government said that Microsoft could not be trusted: U.S. Justice Department complaints against Microsoft.
Will we begin trusting people who have abundantly proven that they cannot be trusted, and have been convicted of breaking the law? Will the government let Jeffrey Dahmer or Charles Manson free? Will an adversarial, self-destructive company suddenly become charitable?
The sociology: Commercial software authors often write under difficult conditions. They are often forced to release something with which they are not happy. Open Source authors have no other motivation than to do a good job. Everyone who is interested will see their code, forever. The sociology makes a huge difference.
With Microsoft Windows XP, for example, some of the deliberate design is adversarial to the user's interests. There are more than 12 ways that the OS expects to connect to Microsoft computers.
A tri-lateral government works, and it is a good idea. However, when secret agencies are allowed to exist, we have a quadrilateral system of government. And, when those secret agencies are allowed to break the law, we have a corrupt government. For documentation of this from some of the world's most respected news agencies, see What Should be the Response to Violence?
There are some people who like to act out their inner conflict by making trouble for others. The secret agencies attract the troublemakers, and there are no checks and balances.
6 months is unimaginable. 5 minutes is forever.
I'm not ignoring any point. I'm saying that the sociology is so important that all other factors concerning software reliability are small.
I just came upon an example of re-configuration. A drive in a removable hard drive drawer was replaced with one of identical make, model, and size. Windows XP Professional re-configured the paging file from drive F: to drive C:. It did so with no message to the user. The system is faster if the paging file is on another drive besides C:. This is the sort of thing that sells Linux.
I agree with you. However, this seems an unlikely answer for the person who posted the comment about the issue. Windows re-configuration occurs when there is some kind of problem or merely a change hardware for example. Windows will pick a new configuration without telling the user. Then, when the hardware is added to the system again, windows may not pick the correct installation, causing numerous hard-to-troubleshoot problems.
It seems off topic, but there is a term of copyright for organizations. I don't know what it is.
True. Also note that the defrag program in Windows 2000 and Windows XP does not defrag all files. Some will be left with literally hundreds of fragments. To get true defragmentation, it is necessary to buy a third-party defragmenter, like Diskeeper:
http://www.execsoft.com/diskeeper/dkvsbuiltin/dkv
However, program files should not be fragmented in a month. I doubt that the fragmentation of data files would cause significant slowing in only a month.
"Do tell us not just that he's wrong, but why."
The mathematics is absolutely stupid! The author assumes that bugs are a random event. But they aren't. Bugs are heavily influenced by sociological factors that affect the outcome by more than a factor of ten. A lot of the bugs you seen in Microsoft Internet Explorer, for example, come from the sloppy practices of programmers who are not particularly interested in what they are doing and who are pushed to a tight schedule, so when they see that something needs to be re-written, they can't re-write it, because they don't have time.
Remember when Microsoft released Windows 2000? Someone inside Microsoft said that there were still 63,000 bugs (or known shortcomings) in their database. There was no time to finish the job, and Windows 2000 and Windows XP are still quirky. I just reported a bug in Windows XP, again, which I first saw in Windows 98. All of those operating systems re-configure themselves without telling the user. The company just doesn't care enough to do a good job.
Bugs in software are caused by social factors that we cannot measure. Some programmers write far tighter code than others. Compare the security bugs in OpenBSD and in Windows. OpenBSD is far more secure because the people who control it say they want it that way. Microsoft just announced a greater interest in security, but will the company actually devote resources to fixing the code? That's a sociological issue for a company that has always put money first.
It is impossible to test reliability into software, or anything! Reliability is due to design decisions, or the lack of them.
The author says,
"Reliability growth models seek to make this more precise. Suppose that the probability that the i-th bug remains undetected after t random tests is e-Eit. The models cited above show that, after a long period of testing and bug removal, the net effect of the remaining bugs will under certain assumptions converge to a polynomial rather than exponential distribution. In particular, the probability E of a security failure at time t, at which time n bugs have been removed, is [Equation that Slashdot cannot display: E = 1X i=n+1 e-Eit ~~ K=t] over a wide range of values of t. I give in the appendix a brief proof of why this is the case, following the analysis by Brady, Anderson and Ball [7]. For present purposes, note that this explains the slow reliability growth observed in practice."
He is just pulling your leg, and probably his own. Note the word "random" in the second sentence. In mathematics that is a technical term, a precisely defined term, and it doesn't apply here.
The author is just grabbing attention, and it worked. Now he has something to put on his resume, an article in CNET (by someone who doesn't understand the mathematics, but assumes that it must be okay, because it looks so impressive).
Show me the equation that has a term that explains the difference between OpenBSD (Five years without a remote hole in the default install!) and Windows XP (zero seconds).
Give the source code of Internet Exploder to the OpenBSD coders, and we will see how random bugs are. They could do what they already did with BSD, examine the code for poor practices, and re-design the parts that need it. Then all the "randomness" would stop happening, as if (in the view of some) by magic.
Copied from the abstract of the article:
"However, there are more pressing security problems for the open source community. [Read human community.] The interaction between security and openness is entangled with attempts to use security mechanisms for commercial advantage -- to entrench monopolies, to control copyright, and above all to control interoperability. As an example, I will discuss TCPA, a recent initiative by Intel and others to build DRM [Digital Rights Management] technology into the PC platform. Although advertised as providing increased information security for users, it appears to have more to do with providing commercial advantage for vendors, and may pose an existential threat to open systems."
The article says nothing sensible about bugs in software. The article mostly discusses issues surrounding efforts to increase the reach of monopolies.
"... why do my Win2k installs slow down to a crawl after a few weeks..."
Windows operating systems re-configure themselves without telling the user. Bill believes he knows better than you.
I find bugs and insufficiencies in open source software. But generally open source software impresses me as an attempt to do a good job.
In contrast, Microsoft software seems just sloppy. For example, Microsoft's Internet Explorer has 18 unpatched security bugs (when this was written). These active security risks are different from the recent 15 that have already been fixed. This is sloppiness, not mistakes, and I don't find anything like it in the open source world.
In case the
By the way, when Windows becomes slow because it re-configured itself, try this:
"You never completely erase a tape. You think you do, but you really don't."
This is wrong. You can't erase a tape completly very easily with a tape recorder, but you can with a bulk tape eraser.
Read my post. No one at Microsoft can help with a bug in Windows XP! The OS doesn't work. That's on a different level of importance than tabs in Mozilla. Tell the Mozilla people and they will fix the problem. I use K in Linux, but in Windows 20 or 30 tabs and 4 instances of Mozilla works fine.
"This is one of the better comments on this thread."
To me, these comments seem utterly out of touch with reality. I find bugs and insufficiencies in open source software. But generally open source software impresses me as an attempt to do a good job.
In contrast, Microsoft software seems just sloppy. For example, Microsoft's Internet Explorer has 18 unpatched security bugs (when this was written). These active security risks are different from the recent 15 that have already been fixed. This is sloppiness, not mistakes, and I don't find anything like it in the open source world.
When I have a problem with open source software, I find that I can get help. When I call Microsoft, I find that, usually, no one with whom I am allowed to talk knows any answers. Right now, for example, no one seems to know how to repair a new, Intel Motherboard, Windows XP installation that won't create a virtual memory paging file. It's buggy, and nothing can be done other than re-install the OS and all the applications.
If you find a big problem in open source software, chances are that you will communicate directly with the main authors. With Microsoft, I have not been able to get answers. This article says that the Psychic Friends Network is equally as good as Microsoft technical support: Microsoft Technical Support vs. The Psychic Friends Network The conclusion of the article seems reasonable considering my experience with Microsoft. Neither organization has useful answers, but The Psychic friends Network is more friendly and less expensive.
Great! I will try it. I didn't know it existed.
Very interesting.
The physics is such that the theoretical frequency response must be very high. The only problem could be capacitance on the input. I wonder about the gain, also.
If you remember, it was exactly this behavior that began the sinking of Novell. This kind of extortion is an early indication that the company feels vulnerable. I don't know why they feel vulnerable, but they know, and they are showing it.
It seems to me that the most important thing is to make sure that the GUI is the best possible for configuration. An expandable tree in a linked document seems excellent. There needs to be a way to address every part of the tree from the command line; there should be bookmarks.
It would be necessary to write modules for every supported file format, as you say, but this could be made easier by supplying standard libraries of interface programs. Each module author could modify a module that already existed.
The idea is that configuration files would remain distinctive, but each package author could provide an interface from the standard configuration program to the configuration file. (It is necessary to continue to allow hand-editing.) So, there would need to be a way to execute the interface to interpret the ASCII configuration file and write to it. XML merely describes data, I think, it doesn't have any way to cause a program to be executed.
Having 50 (only that many) different styles of configuration files definitely makes things tough. However, the information is not hidden from the user, as it is in Windows.
It would be great if someone standardized Linux configuration files. I suggest a browseable, book-like or PDF-like interface like that in Ganymede. Each package would be expected to write their own interface to the configurator. That way, authors could have any configuration file format they wanted, but there would also be a standard GUI interface.
The registry in Windows creates a single point of failure. The point of the registry seems to be copy protection. The registry contains incomprehensible data. It is an area meant to be outside the user's control.
I'm impressed with Envivio's business, more capable MPEG-4 software. (No, I don't work for them.)