I think we all know that in marketing "speaking about" is important.
They probably will show nothing really interesting for the linux community, BUT ms will throw a clear message to the masses: "here we stand".
Among other things, we all are now interested in what are they going to do at the expo... so we are "speaking about": MS marketing departement is really good. They just made a good point.
Or are they going to show some new linux-compatible technology? Or a distribution? This is going to be the most exciting happening at LinuxExpo, i fear.
IMHO, programming and testing should be done at the same time in the development stage.
While programming and "bugging" happen at the same time, programming and debugging/testing should happen at the same time too.
It is very well explained in Bruce Eckel's Thinking in Java. You should just test everything in the code itself, even if it happens to add some overhead. Once called that function, you want that <something> happens.. so check it in the code.
I know this is not the usual way procedural programming happens. It seems much more straightforward to drop the code as it comes and then check if it behaves correctly.
But if you do so you will often discover that that tests made afterwards ara not comprehensive of all possible situations.
And so you discover that testing and debugging are just unfinished tales, and it is even worst if testers are not the programmers who did the work.
Plus, I hate testing, so I force myself to do the work well and let the code (as long as possible) test itself, even if it makes development slower and boring.
Umhh... i'll preview this post 10 times, hoping it's free from bugs:)
...of fighting against thermodinamics laws... and winning.
I don't such things are possible. A building cannot produce more power than it uses. If you produce thermal power from chemical power (that is: you burn charcoal) you are pushing a degradation in energy.
one energy is degraded, there is no way back.
I'm not discussing the skills of the writer of the book, nor I'm saying there isn't a better way to handle the estract-mangle-use-throw cycle.
but we must use energy to do things, and once you used energy... you can reuse it a finited number of times.
For anybody following bugtraq this was an important issue, obviously, ma it was mixed with tons of other security issues
it seems that every software (well, almost: god bless djb) has security bugs, and usually (obviously) concenrning input from outside (being "outside" client input to the server or vice-versa).
tons of white-papers have been released pointig out which errors drive to which vulnerabilities, mailing lists and forums do exist about this.
Forgetting for a while that we are "just humans" and we are prone to ewwows... is there something deeper? Something in how we design the software? Something wrong in how we relate to writing software?
Every time a vuln hits the news I just ask myself if something will change... if we will finally break free from insecure-programming issues, eventually redirecting more brain power to innovation, rather than stabilization of what already exixst?
That is, divide the secret into n parts, so that with any m of these parts you can calculate the secret, but with any number of parts less than m, you don't get any information about the secret
This right, fantastic e probably almost unbreakable.
But this is not scalable. Well, not at all. Passwords change (often, I hope), new people get hired and other fired (someone will eventually die).
I guess there is no easy solution to this... if you share the password in an old-fashion (that is, you tell it your co-worker while drinking beer), security is broken.
If you start dividing, sharing passwords in an exotic way.. nobody knows the password.. but it stays unchanged... security is broken again.
The smartest thing in we-deserve-the-best places (cia? fbi? kgb?) where you "trust no one" is not to use passwords at all. Biometrics, smartcards, and so on are probably better than anything else.
the problem itself is not to be applied to passwords only. In small/medium workplaces often there are key-workers owning too much knowledge and not sharing it.. but this is another story:)
This is an interesting issue.
Any -minimally skilled- IT operator knows he should never tell passes to other people.
But, what if this person dies?
How can we safely store passwords so that those can be retrieved if "shit happens"?
Probably we cannot use encription (you need a pass to decrypt stuff), so what?
Probably for most of us, a piece of paper in a safe place at home is enough, hackers *usually* do not break-in to get passwords.
But I guess there is people around protecting *really* important data, and they do not trust anyone... what can they do to make passwords "undiscoverable" until "death" or sudden amnesy?
Strange, looking a this I would expect MS reaction. Like e-marketing people e-babbling about Open Source not being "e-professional" or being "a threat to e-commerce"
Just like they did when Chile approached to PA/Open Source.
Probably MS this time wasn't fast enough and now IBM is protecting this deal.
PLUS, this time, no one can say "hey there is no gain with open source".. I guess IBM isn't doing this for free.
I feel this a really good thing for EU. I think lot of german geeks are proud being in a nation (dislike USA) not controlled by an (almost)-non-gov organization (like MS)
Obviously i'm exaggerating, but europe is going to be the herald for e-justice;)
Infected win executables run on windows, ELF executables run under linux.. I don't think there are that many programs crossing the wall between the two platforms.
But probably i'm forgetting about wine, vmware and dual-boot machines;P
I really cannot understand where demagogy ends and real interest in security starts...
Cyclicaly goverments announce they're going to use "strict measures" to apply "zero tolerance", burning money, making some people happy and some bad; newspapers fill pages telling us how the goverment will do this and that.
And really often/. reports news about this.
So one may think that somethig is really going on, things are changing... the final weapon against crime is loading... again and again... but I've never seen a news like "crime lowered by x% with law".
Chances are that stopping all this demagogy stuff, and giving saved money to criminals would reduce criminality much more.
Slashdot Mirror
I think we all know that in marketing "speaking about" is important.
They probably will show nothing really interesting for the linux community, BUT ms will throw a clear message to the masses: "here we stand".
Among other things, we all are now interested in what are they going to do at the expo... so we are "speaking about": MS marketing departement is really good. They just made a good point.
Or are they going to show some new linux-compatible technology? Or a distribution? This is going to be the most exciting happening at LinuxExpo, i fear.
IMHO, programming and testing should be done at the same time in the development stage.
While programming and "bugging" happen at the same time, programming and de bugging/testing should happen at the same time too.
It is very well explained in Bruce Eckel's Thinking in Java . You should just test everything in the code itself, even if it happens to add some overhead. Once called that function, you want that <something> happens.. so check it in the code.
I know this is not the usual way procedural programming happens. It seems much more straightforward to drop the code as it comes and then check if it behaves correctly.
But if you do so you will often discover that that tests made afterwards ara not comprehensive of all possible situations.
And so you discover that testing and debugging are just unfinished tales, and it is even worst if testers are not the programmers who did the work.
Plus, I hate testing, so I force myself to do the work well and let the code (as long as possible) test itself, even if it makes development slower and boring.
Umhh... i'll preview this post 10 times, hoping it's free from bugs :)
Obviously my code contains no ewwows ;)
...of fighting against thermodinamics laws... and winning.
I don't such things are possible. A building cannot produce more power than it uses. If you produce thermal power from chemical power (that is: you burn charcoal) you are pushing a degradation in energy.
one energy is degraded, there is no way back.
I'm not discussing the skills of the writer of the book, nor I'm saying there isn't a better way to handle the estract-mangle-use-throw cycle.
but we must use energy to do things, and once you used energy... you can reuse it a finited number of times.
obviously this does not apply to solar power :)
For anybody following bugtraq this was an important issue, obviously, ma it was mixed with tons of other security issues
it seems that every software (well, almost: god bless djb) has security bugs, and usually (obviously) concenrning input from outside (being "outside" client input to the server or vice-versa).
tons of white-papers have been released pointig out which errors drive to which vulnerabilities, mailing lists and forums do exist about this.
Forgetting for a while that we are "just humans" and we are prone to ewwows... is there something deeper? Something in how we design the software? Something wrong in how we relate to writing software?
Every time a vuln hits the news I just ask myself if something will change... if we will finally break free from insecure-programming issues, eventually redirecting more brain power to innovation, rather than stabilization of what already exixst?
This right, fantastic e probably almost unbreakable.
But this is not scalable. Well, not at all. Passwords change (often, I hope), new people get hired and other fired (someone will eventually die).
I guess there is no easy solution to this... if you share the password in an old-fashion (that is, you tell it your co-worker while drinking beer), security is broken.
If you start dividing, sharing passwords in an exotic way.. nobody knows the password.. but it stays unchanged... security is broken again.
The smartest thing in we-deserve-the-best places (cia? fbi? kgb?) where you "trust no one" is not to use passwords at all. Biometrics, smartcards, and so on are probably better than anything else.
the problem itself is not to be applied to passwords only. In small/medium workplaces often there are key-workers owning too much knowledge and not sharing it.. but this is another story :)
This is an interesting issue. Any -minimally skilled- IT operator knows he should never tell passes to other people. But, what if this person dies? How can we safely store passwords so that those can be retrieved if "shit happens"? Probably we cannot use encription (you need a pass to decrypt stuff), so what? Probably for most of us, a piece of paper in a safe place at home is enough, hackers *usually* do not break-in to get passwords. But I guess there is people around protecting *really* important data, and they do not trust anyone... what can they do to make passwords "undiscoverable" until "death" or sudden amnesy?
Strange, looking a this I would expect MS reaction. Like e-marketing people e-babbling about Open Source not being "e-professional" or being "a threat to e-commerce"
;)
Just like they did when Chile approached to PA/Open Source.
Probably MS this time wasn't fast enough and now IBM is protecting this deal.
PLUS, this time, no one can say "hey there is no gain with open source".. I guess IBM isn't doing this for free.
I feel this a really good thing for EU. I think lot of german geeks are proud being in a nation (dislike USA) not controlled by an (almost)-non-gov organization (like MS)
Obviously i'm exaggerating, but europe is going to be the herald for e-justice
.. is supposed to spread around?
;P
Infected win executables run on windows, ELF executables run under linux.. I don't think there are that many programs crossing the wall between the two platforms.
But probably i'm forgetting about wine, vmware and dual-boot machines
I really cannot understand where demagogy ends and real interest in security starts...
/. reports news about this.
Cyclicaly goverments announce they're going to use "strict measures" to apply "zero tolerance", burning money, making some people happy and some bad; newspapers fill pages telling us how the goverment will do this and that.
And really often
So one may think that somethig is really going on, things are changing... the final weapon against crime is loading... again and again... but I've never seen a news like "crime lowered by x% with law".
Chances are that stopping all this demagogy stuff, and giving saved money to criminals would reduce criminality much more.
I think this is pretty easy:
Is people willing to pay a lot for broadband?
No, because they think they will always be happy with those dial-up connections
Sell cheap broadband connections, give away 6-months trials, with free dte included. Make people feel it's easy and cheap to have it.
Now ask those impulsive-buyers:
Are you going to pay a lot to keep your broadband, or you want your cheap'o modem back?
I know the answer and, too bad, marketing people knows even better.
I think prices will rise, reaching the right level. After that, probably prices will start to lower
Just sit down, wait and pay the bills