For my usage, Calc has been better then Excel, Writer about the same as Word, and Impress blows chunks compared to PowerPoint. I don't use Base or Access enough to compare, but Base is the newest member of the OO.org family, and probably has room to grow.
For me, it's not a big deal that the presentation software stinks. I've switched to LaTeX Beamer and Impressive, which I've been very happy with, but my GUI loving boss won't touch with a 10 foot pole.
Worked well here.
Hopefully some of the work done here pushes us closer to a Netflix option for Linux also, but this stream was DRM free, and needed a seperate silverlight 1 runtime for Linux.. Seems like we still have a way to go.
FIRST robotics competition is a great way to educate and middle school and high school kids excited about programming, engineering, and robotics.
I'd recommend joining a group at a local school for a year or so before starting your own group, but there's plenty of opportunity out there.
I know at least in my area, 5 of the major channels are planning on drastically upgrading their digital signal broadcast strength when the transition happens.
I already use only the digital broadcast, and could use the extra power when the leaves all come back, so would hate to see the transition get delayed.
Either today is April 1st.. (Checks calendar).
Nope.
I guess Rails is no longer a ghetto. (Sorry Zed)
The rails and merb teams collaborating on making a good project... It just brings tears to my eyes to see these boys grow up and play nice.
I'm not sure. I have an Antec 300 case, which puts the CPU up in the top corner and has a 120mm behind it and a 140mm fan above it. I have a good sized CPU cooler which i run without a fan, and the CPU stays cool and silent.
The BTX layout is better then some ATX cases, but it's just not categorically better then all ATX designs. There's not enough reason to switch, so the market hasn't.
A commissioning editor takes something you wrote, and tells you if it hits their target market, and how to change your writing to fit their market better. A copy editor takes something which you understood when you wrote it, and turns it into something others can understand when they read it. Both are essential in creating high quality work.
Hopefully there are many steps between 1 and 2, where you have an editor and technical reviewers go over your text with a fine toothed comb.
Yes, you can publish yourself, but can you edit and proof for yourself? I would suggest that you need help in those areas. You can get those services and still publish yourself, but you have to pay all the fees upfront.
On the other hand, I work remotely, buy my own computers and software, provide my own Internet access, buy my own health insurance, have no HR department... I do consulting work with a small consultancy, and my overhead is very low (except for the health insurance.) All the above cost me about 20% of my total pay.
IE8 gives a number of mechanisms for either you or Microsoft to request the legacy IE7 renderer for your website. is all it takes to not have to add IE 8 specific version of your website.
Problem: IE >= 7 is for XP and Vista only. There are still a bunch of users out there using IE 5.5 (or worse yet 4 or 3) because they do not want/know how to update.
Where "bunch" is less then 0.1% for all versions lower then 6 combined. IE versions less then 6 are dead, dead, dead, and no one should feel like they need to care about them.
In my experience, the IE 6 problem is caused more by corporate users who have some IE 6 only internal app that keeps them from upgrading their browser. My day job is security testing websites, so I have to keep a copy of IE 6 around also.
There are a few people using win2k or earlier out there, but they are by far the minority(estimated 2-3% market share according to wikipedia). IE 6 has and estimated 20-30% market share.
Maybe they are on dial-up and updating is too slow (although I would update on dial-up). Then there are the IE 6 users on Windows 2000. That is the highest they can go, and for a lot of these computers, it makes no sense to upgrade to XP.
When I develop a page, I develop a whole different sheet (that tries its best to look like the original for COMPLIANT browsers) for IE 6. For IE 7, a few changes but not many. For IE 8, hopefully less. The point of a compliant browser is I do not have to do any of the above because it should work in any compliant browser. I do not consider IE of any version to be a compliant browser. Not until its engine gets 71 or more on the Acid3 test, preferably 100.
One nice thing about IE 8 is you can just put in a meta tag that tells it to act like IE 7 and only maintain that version. Until IE 9 comes out and IE 7 is dead, then you could do the same with IE 8 rendering mode. IE sucks, but at least they are good at maintaining backwards compatibility to reduce extra work...
Actually, ~50 % of websites tested in the past year by WhiteHat Security. It's the best metric we currently have for security flaws, as WhiteHat has many customers across quite a few industries, and they are all automatically retested over time.
It has little to do with the browser targeted, and everything to do with the web frameworks used, the knowledge of the programmers, and the testing or lack thereof most websites get before deployment.
If you check xssed.com you'll see that near 100% of websites have had XSS vulnerabilities in the past.
A Cross Site Scripting (XSS) filter is hardly a gimmick. XSS affects ~50% of websites, and can be used to great effect against client browsers to great effect, with many fraud implications for the servers.
Microsoft's protections aren't perfect, but they're pretty good at patching the major vectors.
I agree that full IE standards compliance would be a Godsend (and how about some ability to accept XHTML?), but anything that kills off IE 6 is a step forward in my opinion.
As someone who does both web security and some web design, I couldn't be happier.
Yes, IE 8 still sucks, but it sucks less then IE 7, which sucks less then IE 6.
IE 8 has some decent rendering improvements, a built in XSS filter, and lots of other changes. In standards compliance it still sucks versus all the compition, but as long as it helps kill off IE 6, I'm happy.
Specifically, IE 6 needs to die.
IE 7 is tolerable but annoying, but IE 6 is really holding the web back.
Push up the web has a nifty little mostly unobtrusive widget you can put on your web page to gently encourage your users to upgrade. The web designer in me likes the idea, but the security person in me doesn't want to train people to click on "upgrade your browser popups. Still, it's an interesting idea.
Nope. There are decent Verilog synthesis and simulator projects( Icarus Verilog, Verilator), but no full dev suites that can replace the commercial tools.
The market is too small and the complexity too high to have spawned an open source competitor yet.
There are good open source tools for other things in the electronics space like PCB layout, but we're a long way from full FPGA pro tool replacement.
The language doesn't matter nearly as much as the goal. Designe a program where they make somthing they will think is cool.
It could be with Ruby (recommend http://hackety.org/)
It could be javascript, doing interesting browser things (greasemonkey allows doing "cool stuff" easily https://addons.mozilla.org/en-US/firefox/addon/748)
It could be python (Recommend pygame, or as a scripting language in another game.. see http://wiki.python.org/moin/PythonGames for ideas)
It could be Lua ( Used as a scripting language for a game)
It could be Alice. (http://www.alice.org/)
It could be Lego Mindstorm programming with NQC, Lua, RobotC, etc.
Consider centering the program around the First Lego League compition(http://www.usfirst.org/what/fll/default.aspx?id=390)
Your students will even learn assembly or C if they are convinced it will lead to doing REALLY COOL STUFF. At least I did around that age. Asking about the right language is missing the point.
Come up with really cool projects, and the language learning will happen. Trying to force kids to learn a language for the languages sake just ain't going to go well...
DNSSEC can be as easy as DNSCurve if you leave the signing key online. Everything can be automated easily. DNSSEC can also be much more secure and more of a pain by moving the signing key offline. DNSSEC gives you choice, DNSCurve has made what it thinks are the best tradeoffs, and is non-flexible and non-extensible.
DJB compares the most complex DNSSEC deployment with the most simple DNSCurve scenario, and leaves a very skewed perspective in people's minds.
Here's my take on DNSSEC vs DNSCurve
DNSSEC -> +You can choose how simple or secure you want your deployment to be +Extensibility built in. +Allows multiple signatures(important politically in who owns the signing key) -Doesn't work through some current home routers that weren't written to the standards.
DNSCurve -> +simple deployment -Signing key must be online -Only one key allowed -Non-extensible +Works through broken routers.
DNSSEC will use whatever key size the server operators want them to use. In current tests, the Key Signing Key, AKA master key, is 2048 bit, and the Zone Signing Keys are 1024 bit. The ZSKs can be rolled over easily at any time, so they're kept shorter for performance reasons. Both keys can be of any size. Keys don't even have to be RSA at all, the standard supports 3 signing methods at the moment, and 253 more can be added to the standard.
So don't use RSA-1024. Keylength isn't part of the DNSSEC standard, and IANA isn't using RSA-2048 in their root signing tests: https://ns.iana.org/dnssec/root.zone.signed KSKs are RSA2048, ZSKs are RSA1024. ZSKs can be rolled over easily and often with little to no fuss, while rolling over the KSK is a huge pain. For this reason, KSKs are made to be much more secure, and ZSKs are smaller and less secure, but rolled over often.
KSKs are the true root that are used to sign the ZSKs, which are used to sign the data. DNSSEC also can use multiple encryption algorithms already specified, and can add many more at any time. DNSSEC is a "designed by committee" standard, and it shows. Some places that means it is over engineered, and some places that means it is quite future proof.
The possible holdups to DNSSEC are not security related. IE, the keysize argument is bogus, DNSSEC can use ECC just like DNSCURVE can, and will in the future when the patents expire.
The problems with DNSSEC are complexity related: DNSSEC requires automated tooling, because it's too cumbersome for humans to mess with manually. DNSCurve also has this problem, but specifies where the automation lives, and makes all the security-convince trade-offs for you (in the form of requiring the signing key to be always online). DNSSEC can have similar automation with similar tradeoffs in security.
There is one strength of DNSCurve over DNSSEC: It works with all broken DNS forwarders in personal home routers, while DNSSEC currently only works through the 25% of home routers that follow the DNS standards. In every other way I've seen so far, DNSSEC is superior.
So use RSA-2048, or any other size you fancy. There's nothing in the DNSSEC standard that requires 1024 bit keys. Or use some other crypto algorithm entirely, DNSSEC has multiple already defined, and a mechanism to add more.
MySQL is a decent row store. PostgreSQL is a robust relational database.
Please use and evaluate accordingly.
I'm actually as excited about Drizzle as I am hard on MySQL. MySQL has tried to grow into something it just wasn't designed for. Drizzle is a project to return MySQL to its strengths of being a simple, fast row store with SQL interface. I have no problem with that, I just object to MySQL masquerading as an "enterprise class" RDBMS.
Slashdot Mirror
For my usage, Calc has been better then Excel, Writer about the same as Word, and Impress blows chunks compared to PowerPoint. I don't use Base or Access enough to compare, but Base is the newest member of the OO.org family, and probably has room to grow.
For me, it's not a big deal that the presentation software stinks. I've switched to LaTeX Beamer and Impressive, which I've been very happy with, but my GUI loving boss won't touch with a 10 foot pole.
Worked well here.
Hopefully some of the work done here pushes us closer to a Netflix option for Linux also, but this stream was DRM free, and needed a seperate silverlight 1 runtime for Linux.. Seems like we still have a way to go.
FIRST robotics competition is a great way to educate and middle school and high school kids excited about programming, engineering, and robotics.
I'd recommend joining a group at a local school for a year or so before starting your own group, but there's plenty of opportunity out there.
You laugh, but there is a Hackers for Charity, and it's an awesome organization.
Coral cache link: http://addins.wkowtv.com.nyud.net:8080/blogs/behindthenews/
I know at least in my area, 5 of the major channels are planning on drastically upgrading their digital signal broadcast strength when the transition happens.
I already use only the digital broadcast, and could use the extra power when the leaves all come back, so would hate to see the transition get delayed.
Either today is April 1st.. (Checks calendar). Nope. I guess Rails is no longer a ghetto. (Sorry Zed) The rails and merb teams collaborating on making a good project... It just brings tears to my eyes to see these boys grow up and play nice.
I'm not sure. I have an Antec 300 case, which puts the CPU up in the top corner and has a 120mm behind it and a 140mm fan above it. I have a good sized CPU cooler which i run without a fan, and the CPU stays cool and silent.
The BTX layout is better then some ATX cases, but it's just not categorically better then all ATX designs. There's not enough reason to switch, so the market hasn't.
A commissioning editor takes something you wrote, and tells you if it hits their target market, and how to change your writing to fit their market better.
A copy editor takes something which you understood when you wrote it, and turns it into something others can understand when they read it.
Both are essential in creating high quality work.
Hopefully there are many steps between 1 and 2, where you have an editor and technical reviewers go over your text with a fine toothed comb. Yes, you can publish yourself, but can you edit and proof for yourself? I would suggest that you need help in those areas. You can get those services and still publish yourself, but you have to pay all the fees upfront.
On the other hand, I work remotely, buy my own computers and software, provide my own Internet access, buy my own health insurance, have no HR department... I do consulting work with a small consultancy, and my overhead is very low (except for the health insurance.) All the above cost me about 20% of my total pay.
He did when he was alive.
Anal Retentive, or just anal, is one example of his influence.
IE8 gives a number of mechanisms for either you or Microsoft to request the legacy IE7 renderer for your website. is all it takes to not have to add IE 8 specific version of your website.
Problem: IE >= 7 is for XP and Vista only. There are still a bunch of users out there using IE 5.5 (or worse yet 4 or 3) because they do not want/know how to update.
Where "bunch" is less then 0.1% for all versions lower then 6 combined. IE versions less then 6 are dead, dead, dead, and no one should feel like they need to care about them.
In my experience, the IE 6 problem is caused more by corporate users who have some IE 6 only internal app that keeps them from upgrading their browser. My day job is security testing websites, so I have to keep a copy of IE 6 around also. There are a few people using win2k or earlier out there, but they are by far the minority(estimated 2-3% market share according to wikipedia). IE 6 has and estimated 20-30% market share.
Maybe they are on dial-up and updating is too slow (although I would update on dial-up). Then there are the IE 6 users on Windows 2000. That is the highest they can go, and for a lot of these computers, it makes no sense to upgrade to XP.
When I develop a page, I develop a whole different sheet (that tries its best to look like the original for COMPLIANT browsers) for IE 6. For IE 7, a few changes but not many. For IE 8, hopefully less. The point of a compliant browser is I do not have to do any of the above because it should work in any compliant browser. I do not consider IE of any version to be a compliant browser. Not until its engine gets 71 or more on the Acid3 test, preferably 100.
One nice thing about IE 8 is you can just put in a meta tag that tells it to act like IE 7 and only maintain that version. Until IE 9 comes out and IE 7 is dead, then you could do the same with IE 8 rendering mode. IE sucks, but at least they are good at maintaining backwards compatibility to reduce extra work...
Actually, ~50 % of websites tested in the past year by WhiteHat Security. It's the best metric we currently have for security flaws, as WhiteHat has many customers across quite a few industries, and they are all automatically retested over time. It has little to do with the browser targeted, and everything to do with the web frameworks used, the knowledge of the programmers, and the testing or lack thereof most websites get before deployment.
If you check xssed.com you'll see that near 100% of websites have had XSS vulnerabilities in the past.
A Cross Site Scripting (XSS) filter is hardly a gimmick. XSS affects ~50% of websites, and can be used to great effect against client browsers to great effect, with many fraud implications for the servers.
Microsoft's protections aren't perfect, but they're pretty good at patching the major vectors.
I agree that full IE standards compliance would be a Godsend (and how about some ability to accept XHTML?), but anything that kills off IE 6 is a step forward in my opinion.
As someone who does both web security and some web design, I couldn't be happier.
Yes, IE 8 still sucks, but it sucks less then IE 7, which sucks less then IE 6.
IE 8 has some decent rendering improvements, a built in XSS filter, and lots of other changes.
In standards compliance it still sucks versus all the compition, but as long as it helps kill off IE 6, I'm happy.
Specifically, IE 6 needs to die. IE 7 is tolerable but annoying, but IE 6 is really holding the web back.
Push up the web has a nifty little mostly unobtrusive widget you can put on your web page to gently encourage your users to upgrade. The web designer in me likes the idea, but the security person in me doesn't want to train people to click on "upgrade your browser popups. Still, it's an interesting idea.
Nope. There are decent Verilog synthesis and simulator projects( Icarus Verilog, Verilator), but no full dev suites that can replace the commercial tools.
The market is too small and the complexity too high to have spawned an open source competitor yet.
There are good open source tools for other things in the electronics space like PCB layout, but we're a long way from full FPGA pro tool replacement.
The language doesn't matter nearly as much as the goal.
Designe a program where they make somthing they will think is cool.
It could be with Ruby (recommend http://hackety.org/)
It could be javascript, doing interesting browser things (greasemonkey allows doing "cool stuff" easily https://addons.mozilla.org/en-US/firefox/addon/748)
It could be python (Recommend pygame, or as a scripting language in another game.. see http://wiki.python.org/moin/PythonGames for ideas)
It could be Lua ( Used as a scripting language for a game)
It could be Alice. (http://www.alice.org/)
It could be Lego Mindstorm programming with NQC, Lua, RobotC, etc.
Consider centering the program around the First Lego League compition(http://www.usfirst.org/what/fll/default.aspx?id=390)
Your students will even learn assembly or C if they are convinced it will lead to doing REALLY COOL STUFF. At least I did around that age. Asking about the right language is missing the point.
Come up with really cool projects, and the language learning will happen. Trying to force kids to learn a language for the languages sake just ain't going to go well...
DNSSEC can be as easy as DNSCurve if you leave the signing key online. Everything can be automated easily.
DNSSEC can also be much more secure and more of a pain by moving the signing key offline.
DNSSEC gives you choice, DNSCurve has made what it thinks are the best tradeoffs, and is non-flexible and non-extensible.
DJB compares the most complex DNSSEC deployment with the most simple DNSCurve scenario, and leaves a very skewed perspective in people's minds.
Here's my take on DNSSEC vs DNSCurve
DNSSEC ->
+You can choose how simple or secure you want your deployment to be
+Extensibility built in.
+Allows multiple signatures(important politically in who owns the signing key)
-Doesn't work through some current home routers that weren't written to the standards.
DNSCurve ->
+simple deployment
-Signing key must be online
-Only one key allowed
-Non-extensible
+Works through broken routers.
DNSSEC will use whatever key size the server operators want them to use.
In current tests, the Key Signing Key, AKA master key, is 2048 bit, and the Zone Signing Keys are 1024 bit.
The ZSKs can be rolled over easily at any time, so they're kept shorter for performance reasons.
Both keys can be of any size. Keys don't even have to be RSA at all, the standard supports 3 signing methods at the moment, and 253 more can be added to the standard.
So don't use RSA-1024. Keylength isn't part of the DNSSEC standard, and IANA isn't using RSA-2048 in their root signing tests:
https://ns.iana.org/dnssec/root.zone.signed
KSKs are RSA2048, ZSKs are RSA1024.
ZSKs can be rolled over easily and often with little to no fuss, while rolling over the KSK is a huge pain. For this reason, KSKs are made to be much more secure, and ZSKs are smaller and less secure, but rolled over often.
KSKs are the true root that are used to sign the ZSKs, which are used to sign the data.
DNSSEC also can use multiple encryption algorithms already specified, and can add many more at any time. DNSSEC is a "designed by committee" standard, and it shows. Some places that means it is over engineered, and some places that means it is quite future proof.
The possible holdups to DNSSEC are not security related. IE, the keysize argument is bogus, DNSSEC can use ECC just like DNSCURVE can, and will in the future when the patents expire.
The problems with DNSSEC are complexity related: DNSSEC requires automated tooling, because it's too cumbersome for humans to mess with manually.
DNSCurve also has this problem, but specifies where the automation lives, and makes all the security-convince trade-offs for you (in the form of requiring the signing key to be always online). DNSSEC can have similar automation with similar tradeoffs in security.
There is one strength of DNSCurve over DNSSEC: It works with all broken DNS forwarders in personal home routers, while DNSSEC currently only works through the 25% of home routers that follow the DNS standards. In every other way I've seen so far, DNSSEC is superior.
So use RSA-2048, or any other size you fancy. There's nothing in the DNSSEC standard that requires 1024 bit keys.
Or use some other crypto algorithm entirely, DNSSEC has multiple already defined, and a mechanism to add more.
MySQL is a decent row store.
PostgreSQL is a robust relational database.
Please use and evaluate accordingly.
I'm actually as excited about Drizzle as I am hard on MySQL. MySQL has tried to grow into something it just wasn't designed for. Drizzle is a project to return MySQL to its strengths of being a simple, fast row store with SQL interface. I have no problem with that, I just object to MySQL masquerading as an "enterprise class" RDBMS.