A lot of questions left unanswered by the article.
So, what got them bankrupt? How many people do they employ? How big is their debt?
Why is IBM dumping tons of money on Linux right now? (Trying to buy a competitor to MS is the obvious answer, but that might not be right.)
Perhaps we will never know the answer to every question about the universe, but at least we will have a better understanding of the universe.
Physics today may seem like its so far out there as to have any real-world applications, but the developments of mathematical techniques being developed are pushing the boundaries and exposing new solutions to old problems.
OK, let me make sure everyone knows that 14 years old making $800k and 15 year olds giving copious legal advice is the exception. For all of this anectdotal evidence (both from Katz and Lewis) there is little empirical evidence related to the social phenomena in question.
Lewis (and Katz) look at the extraordinary qualities of these cases and talk about the net's effect to avoid having to look at the ethics involved in these situations. Marcus Arnold misrepresented himself, plainly and simply. Lebed used spam to play the stock market. Is there something going on here? Yes, society has not caught up to the net to say "hey, this is wrong and here is why."
Whatever is going on here (and there is something), it does not seem that anectdotal evidence from biased sources is going to explain it.
In my opinion, what is payed for a distro is only a small portion of the total cost of ownership. If you pay $39,999 for a CPU license of commerce server, and $50 for a box of redhat from compusa, its easy to look first and say, ok, one is costing me less. Lets suppose, though, that you have to hire a full time admin. For the MS server, you get an MCSE and pay him $50,000 per year. To find a good Unix / Linux admin you might have to pay $75,000 per year. Figure out what you spend in 2 years, and thats a little more revealing. (There are fewer qualified admins who know there way around a shell prompt than there are people with MCSE's, thats why the one's salary is higher.)
Unfortunately, this is where most people stop reading, and decide that for their money, they will get MS, pay more now but have less TCO down the road. Anyone who works with the stuff enough knows that you get what you pay for. If you want to get the less skilled MCSE's, its your business.
I still do not get what the point of the original question is. I get Windows from my University, burn my distros. Otherwise, I would pay $2000 for the windows MSDN license or nothing for a linux distro. Hmm, let me think...
This is not really a joke, though some will see it as MS bashing:
Code Red would have started with about 200,000 existing infected machines, except that:
How many of those upatched 2000 / NT boxes do you think have been up for the whole time since the worm went into remission? Remember rebooting will remove the worm from memory (though you would probably eventually be reinfected.)
If any 2000 box is not being kept up to date on its patches and is running IIS, what do you think its uptime is going to be like? I say not good.
It will not stop the worm from growing, but it will play a role in controlling the code red.
If this incarnation of the worm were really malicious, it would try more than 100 addresses. (though incident.org said that the rng in the latest version is stronger). A relatively benign worm like this is better for the weak sysadmins in the long run, because otherwise they would not have known of this relatively simple security hole.
This is a great technology, anyone know about the iButton. Have not used one, but they look neat.
The whole problem with what you are proposing, I think, is that it still relies on a centralized server to hold the encrypted data. If you just hold the data on an iButton type thing, and send it in when a site requests and you allow, that seems like the same idea, but cutting out the middleman.
The catch here that saves some face for the scheme proposed is that you have to only have trusted sites get access to members.xml.
To be a trusted site, maybe you have to agree to keep that data secure and private, and if you can track back where that marketeer got your info, take em to small claims court. It would be sort of like if a telemarketer calls you, and you say take me off of your list. Well what you need is a way to find out who gave them that info (let me see the hash id on the members.xml you got -- ok, now I decode that and figure out who gave them my members.xml, and its off to the bank.)
That sounds like a cookie to me.
It would work fine if you are the only one who logs in, or you are the only who browses while logged in. You could just have a cookie standardized and sites could grab it whenever they wanted. Encrypt it and decide if you want to give them the key when you go to their site.
So the article says that you should have trusts between sites, and a common format to interchange membership info with each other. That in and of itself is not bad, but there has to be some sort of scheme in place, maybe with a pgp style signature to make sure that just because someone can break into one site, they can not alter then information in my file.
The idea pitched by the article is that you should assume the information you put on the web is insecure, so do not put anything on one of these sites that you do not want spread around.
It seems to me that if there was some auditing of the transfers of these files, and that trusted sites could be trusted, it would be feasible to have secure information on there.
The real trick would be unique credit card numbers for each site, so if I get an illegit charge, I can trace it back to see where it was insecure, because there is a record of who accessed my membership information, and which one of these accesses was bad.
There. Food for thought.
This comment has been submitted already, 276506 hours , 5 minutes ago. No need to try again.
So if you see this comment twice, it complained about no subject the first time, then that line the second time.
OK, pretend that I am a brilliant [insert profession], and you were my manager. You helped me show my brilliance, gave me a secure work environment, and gave credit where credit was due. I got your promotion, and now I am in upper management. Do you think I would forget you?
Are you that much more interested in getting a promotion that someone else is more deserving of? Hey, if I am better suited for the upper management job than you, but you sacrificed yourself to get me up there, for the good of the company, you would be the manager I put on a petestal for the others to see!
I believe that your gripe is not with the managers themselves but with upper management. If the sole job of the manager was to _get things done_. You are implying that yours get rated on their ability to do well despite their staff, rather than because of them.
Generalizations like that one just do not hold up all the time. Some organizations really do a good job recognizing their managers. These are the good ones to work for, because they attract better management.
Yeah, especially since Microsoft's initial release will have bugs, it would be helpful to the Open Source Movement if there was a OSS.NET alternative available, bug free, three months before Microsoft releases theirs.
Hey, while we are it, lets release an open source Windows XP before they do. Steal their thunder, you know?
Here is the trick with a project like Mono. You have to get that initial excitement so that you can attract volunteer developers. If you have too much time between press release and an actual release, you lose your momentum. Do it too quickly and you release a real shoddy product.
Now if you make it easy to contribute, their will be some low quality contributions. If there are not enough contributors, than the project will not work. That said, I went to the page, read the FAQ, "hey this looks cool". Went to the contribution link and its not real clear how to jump in.
Maybe I am betraying my lack of experience on distributed open source projects, but its not exactly really easy to see how you get onboard.
The thing I find amusing about this is that languages like Lisp provide this exact functionality without the truly cryptic syntax (although you could argue that parentheses are replaced by angle brackets).
Thats what is so fun about ML. Here's to mathematics!
As if disk space is at a premium.
If it is an issue to you, then do not install it or use it. If you need to use it for something, it is possible that it might work better than perl. Its a longshot, sure. It is not what slashdot uses, I will give you that. O'Reilly may not have written a book about it. OK.
First of all, take it in context. If someone says CSS, you ought to know which one they are talking about. Photoshop uses ASP files, and I do not get them confused.
As for having more scripting engines, I say great. The more choices you have, the more platforms that are available, you are bound to get closer to the right tool for the job. You may say "Hey, I can do everything I want to do without this." Maybe you just do not have enough to do.
Yep, I spent a lot of time setting up mail relays and I learned a lot. The other thing I learned about back then was what a waste of time it was to do things like troll or flame.
I see the trollers and flamers and jihad's that get started on bboards today, and I am glad that people are going through the same stuff I did when I was 14 or 15, because I learned a lot about people and discussions there.
The thing I took from all of that was if you have something that will enlighten other people, say it. If someone says something you believe is inaccurate, help to get that cleared up (you may be wrong). If people want to bash others or start flamewars or bandy insults about, let them. People used to start flame wars, and it directly affected my download times. That's S/N in effect, let me tell you. I used to get involve, but thank god I have better things to do with my time now.
Anyone who remembers FidoNet or BBS can realize just how far ahead of its time usenet was. Fidonet was a direct descendant of usenet, and it was quite a resource in its heyday.
The model of usenet, where people can post new articles or reply to older ones is seen right here on slashdot discussions, and all the other web based discussion boards. Bulletin boards are one of the great things about the Internet. The format for discussion, seen today in mailing lists and forums like this, started with usenet.
Fido was my first exposure to this type of information, way before I had an IP address.
If the core of this model was not usenet, what was it? If it was, I must give credit to the people who developed usenet for their forward thinking on information exchange and hierarchy.
It is not a perfect system, but in its flaws (namely the signal to noise ratio) is hope for better methods of communication.
OK, you need a little perspective. Go get yourself a Voodoo 3 3500 TV, or an All-in-Wonder. These things do pretty much what the patent describes, so I give TiVo no credit for having "a unique and novel application".
They are just trying to nail down their position in a market a little late.
Just because a lot fo slashdot readers like them, does not mean they are incapable of abusing the system.
Then do not release the program under the GPL. I got the impression from the faq that:
a) you could definitely release the program under different licenses.
b) non-free software is bad.
Well, if you really want to sell it, release it under GPL after you collect your fee. Make sure you allow that you may release it under GPL in the original license. In a way, you are then charging for the first crack at it. It does not seem like a problem to release it under a non-gpl license (that maintains your right to GPL it later.)
It has been a while since I read that, but let me plug it again, because it was a great book.
Blind Man's Bluff. If you liked u-571, das boot, red october, this is the real story.
Slashdot Mirror
A lot of questions left unanswered by the article.
So, what got them bankrupt? How many people do they employ? How big is their debt?
Why is IBM dumping tons of money on Linux right now? (Trying to buy a competitor to MS is the obvious answer, but that might not be right.)
Perhaps we will never know the answer to every question about the universe, but at least we will have a better understanding of the universe.
Physics today may seem like its so far out there as to have any real-world applications, but the developments of mathematical techniques being developed are pushing the boundaries and exposing new solutions to old problems.
OK, let me make sure everyone knows that 14 years old making $800k and 15 year olds giving copious legal advice is the exception. For all of this anectdotal evidence (both from Katz and Lewis) there is little empirical evidence related to the social phenomena in question.
Lewis (and Katz) look at the extraordinary qualities of these cases and talk about the net's effect to avoid having to look at the ethics involved in these situations. Marcus Arnold misrepresented himself, plainly and simply. Lebed used spam to play the stock market. Is there something going on here? Yes, society has not caught up to the net to say "hey, this is wrong and here is why."
Whatever is going on here (and there is something), it does not seem that anectdotal evidence from biased sources is going to explain it.
In my opinion, what is payed for a distro is only a small portion of the total cost of ownership. If you pay $39,999 for a CPU license of commerce server, and $50 for a box of redhat from compusa, its easy to look first and say, ok, one is costing me less. Lets suppose, though, that you have to hire a full time admin. For the MS server, you get an MCSE and pay him $50,000 per year. To find a good Unix / Linux admin you might have to pay $75,000 per year. Figure out what you spend in 2 years, and thats a little more revealing. (There are fewer qualified admins who know there way around a shell prompt than there are people with MCSE's, thats why the one's salary is higher.)
Unfortunately, this is where most people stop reading, and decide that for their money, they will get MS, pay more now but have less TCO down the road. Anyone who works with the stuff enough knows that you get what you pay for. If you want to get the less skilled MCSE's, its your business.
I still do not get what the point of the original question is. I get Windows from my University, burn my distros. Otherwise, I would pay $2000 for the windows MSDN license or nothing for a linux distro. Hmm, let me think...
Code Red would have started with about 200,000 existing infected machines, except that:
It will not stop the worm from growing, but it will play a role in controlling the code red.
If this incarnation of the worm were really malicious, it would try more than 100 addresses. (though incident.org said that the rng in the latest version is stronger). A relatively benign worm like this is better for the weak sysadmins in the long run, because otherwise they would not have known of this relatively simple security hole.
And thats why I said it sounds like a cookie. I will read the spec now and reply if I have a suitable reply. Sahala, did you go to CMU?
This is a great technology, anyone know about the iButton. Have not used one, but they look neat.
The whole problem with what you are proposing, I think, is that it still relies on a centralized server to hold the encrypted data. If you just hold the data on an iButton type thing, and send it in when a site requests and you allow, that seems like the same idea, but cutting out the middleman.
The catch here that saves some face for the scheme proposed is that you have to only have trusted sites get access to members.xml.
To be a trusted site, maybe you have to agree to keep that data secure and private, and if you can track back where that marketeer got your info, take em to small claims court. It would be sort of like if a telemarketer calls you, and you say take me off of your list. Well what you need is a way to find out who gave them that info (let me see the hash id on the members.xml you got -- ok, now I decode that and figure out who gave them my members.xml, and its off to the bank.)
That sounds like a cookie to me.
It would work fine if you are the only one who logs in, or you are the only who browses while logged in. You could just have a cookie standardized and sites could grab it whenever they wanted. Encrypt it and decide if you want to give them the key when you go to their site.
So the article says that you should have trusts between sites, and a common format to interchange membership info with each other. That in and of itself is not bad, but there has to be some sort of scheme in place, maybe with a pgp style signature to make sure that just because someone can break into one site, they can not alter then information in my file.
The idea pitched by the article is that you should assume the information you put on the web is insecure, so do not put anything on one of these sites that you do not want spread around.
It seems to me that if there was some auditing of the transfers of these files, and that trusted sites could be trusted, it would be feasible to have secure information on there.
The real trick would be unique credit card numbers for each site, so if I get an illegit charge, I can trace it back to see where it was insecure, because there is a record of who accessed my membership information, and which one of these accesses was bad.
There. Food for thought.
This comment has been submitted already, 276506 hours , 5 minutes ago. No need to try again.
So if you see this comment twice, it complained about no subject the first time, then that line the second time.
And are you sure you are not a 15 year old "legal wizard"?
OK, pretend that I am a brilliant [insert profession], and you were my manager. You helped me show my brilliance, gave me a secure work environment, and gave credit where credit was due. I got your promotion, and now I am in upper management. Do you think I would forget you?
Are you that much more interested in getting a promotion that someone else is more deserving of? Hey, if I am better suited for the upper management job than you, but you sacrificed yourself to get me up there, for the good of the company, you would be the manager I put on a petestal for the others to see!
I believe that your gripe is not with the managers themselves but with upper management. If the sole job of the manager was to _get things done_. You are implying that yours get rated on their ability to do well despite their staff, rather than because of them.
Generalizations like that one just do not hold up all the time. Some organizations really do a good job recognizing their managers. These are the good ones to work for, because they attract better management.
Yeah, especially since Microsoft's initial release will have bugs, it would be helpful to the Open Source Movement if there was a OSS .NET alternative available, bug free, three months before Microsoft releases theirs.
Hey, while we are it, lets release an open source Windows XP before they do. Steal their thunder, you know?
Here is the trick with a project like Mono. You have to get that initial excitement so that you can attract volunteer developers. If you have too much time between press release and an actual release, you lose your momentum. Do it too quickly and you release a real shoddy product.
Now if you make it easy to contribute, their will be some low quality contributions. If there are not enough contributors, than the project will not work. That said, I went to the page, read the FAQ, "hey this looks cool". Went to the contribution link and its not real clear how to jump in.
Maybe I am betraying my lack of experience on distributed open source projects, but its not exactly really easy to see how you get onboard.
Thats what is so fun about ML. Here's to mathematics!
As if disk space is at a premium.
If it is an issue to you, then do not install it or use it. If you need to use it for something, it is possible that it might work better than perl. Its a longshot, sure. It is not what slashdot uses, I will give you that. O'Reilly may not have written a book about it. OK.
First of all, take it in context. If someone says CSS, you ought to know which one they are talking about. Photoshop uses ASP files, and I do not get them confused.
As for having more scripting engines, I say great. The more choices you have, the more platforms that are available, you are bound to get closer to the right tool for the job. You may say "Hey, I can do everything I want to do without this." Maybe you just do not have enough to do.
Yep, I spent a lot of time setting up mail relays and I learned a lot. The other thing I learned about back then was what a waste of time it was to do things like troll or flame.
I see the trollers and flamers and jihad's that get started on bboards today, and I am glad that people are going through the same stuff I did when I was 14 or 15, because I learned a lot about people and discussions there.
The thing I took from all of that was if you have something that will enlighten other people, say it. If someone says something you believe is inaccurate, help to get that cleared up (you may be wrong). If people want to bash others or start flamewars or bandy insults about, let them. People used to start flame wars, and it directly affected my download times. That's S/N in effect, let me tell you. I used to get involve, but thank god I have better things to do with my time now.
Mike
Well, yes it is. Essentially, http can do everything that ftp can do, and is a little more robust. So yes, it is.
Anyone who remembers FidoNet or BBS can realize just how far ahead of its time usenet was. Fidonet was a direct descendant of usenet, and it was quite a resource in its heyday.
The model of usenet, where people can post new articles or reply to older ones is seen right here on slashdot discussions, and all the other web based discussion boards. Bulletin boards are one of the great things about the Internet. The format for discussion, seen today in mailing lists and forums like this, started with usenet.
Fido was my first exposure to this type of information, way before I had an IP address.
If the core of this model was not usenet, what was it? If it was, I must give credit to the people who developed usenet for their forward thinking on information exchange and hierarchy.
It is not a perfect system, but in its flaws (namely the signal to noise ratio) is hope for better methods of communication.
If you are that paranoid, you better have a good, secure compiler.
OK, you need a little perspective. Go get yourself a Voodoo 3 3500 TV, or an All-in-Wonder. These things do pretty much what the patent describes, so I give TiVo no credit for having "a unique and novel application".
They are just trying to nail down their position in a market a little late.
Just because a lot fo slashdot readers like them, does not mean they are incapable of abusing the system.
Then do not release the program under the GPL. I got the impression from the faq that:
a) you could definitely release the program under different licenses.
b) non-free software is bad.
Well, if you really want to sell it, release it under GPL after you collect your fee. Make sure you allow that you may release it under GPL in the original license. In a way, you are then charging for the first crack at it. It does not seem like a problem to release it under a non-gpl license (that maintains your right to GPL it later.)
It has been a while since I read that, but let me plug it again, because it was a great book.
Blind Man's Bluff. If you liked u-571, das boot, red october, this is the real story.
Oopps. I meant Sea of Okhotsk.
This comment clears that up.