Slashdot Mirror


User: jonadab

jonadab's activity in the archive.

Stories
0
Comments
5,933
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 5,933

  1. Re:Conditions for infection... on Linux Lupper.Worm In the WIld · · Score: 1

    Wow, that's such a basic problem, it would be caught *immediately* if someone had taken even the most basic precautions, such as running in taint-checking mode, which is *HIGHLY* recommended for anything that handles data from an untrusted source, such as the internet.

  2. Re:well, no on Linux Lupper.Worm In the WIld · · Score: 1

    > but that doesn't means it can't be removed

    Indeed, IE can be removed (though it takes some doing; just attempting to delete its files in Windows Explorer, for instance, won't do the job; it's about as tricky as removing Outlook Express, though not, IMO, nearly as important to system security, so I often don't bother; whereas, I keep a batch file on my Perlmonks private scratchpad for removing OE, and running it is on my Windows Installation Checklist; it is available upon request, just /msg me on Perlmonks; I suspect it could be modified for IE with relative ease).

  3. Re:It's a subjective list, of course on History's Worst Software Bugs · · Score: 1

    > Now, yeah, that's bad in the amount of money it costs Intel. But
    > being a non-destructive, non-lethal bug that almost everyone's
    > forgotten about by now, I think it pales in comparison to the Y2K bug

    The Pentium floating-point divide bug is more deserving on the list than the Y2K bug in one very important way: it was a real, actual, extant instance, a specific mistake in a specific piece of code that caused a specific problem.

    The Y2K bug was an abstract (and much exaggerated) generality, not a specific instance of a coding mistake, not a problem with a specific piece of software, and did not cause a specific problem, unless you count "widespread panic" as a specific problem, and in that case the bug was in the stupid media hype, not any computer software.

    > which cost the entire worldwide software industry far more money

    Misplaced general paranoia caused those costs, not a programming mistake.

    Vanishingly close to 100% of the *actual* (non-imagined) software problems that resulted from Y2K were minor user interface glitches, resulting in things like the year being printed as "19100" or the user being unable to correctly enter dates (if the software only accepted two digits) until an update was installed. Very little was "crippled" or "shut down", and *none* of it was the kind of important infrastructure (power plants and phone-line routing equipment) that the mindless paranoid were so concerned about.

    > other computer software that cost real lost productivity for ... consumers

    I am not aware of a single instance of anyone being unable to work or be productive because of a Y2K-related issue.

    Granted, the Pentium FPDIV error also was not as big a deal as most of the other things on the list. But Y2K isn't even a specific bug, so listing it wouldn't even make sense if it *were* as major a problem as the other listed items, which it wasn't.

    I would have put the Outlook "feature" of automatically launching binary attachments at the top of the list, but that's arguable, because it was done deliberately, due to grossly misaligned priorities, not out of ignorance or oversight.

  4. Re:Illogical. on Open Source Not That Open? · · Score: 1

    > It was traditional that "Big" companies would avoid single source products

    It was also traditional that "Big" companies would repeatedly promote the people who were competent at their jobs, until they eventually reached positions wherein they were no longer competent -- but at least you could figure your boss, though he might not be so good at his job, understood *your* job pretty well. If Scott Adams is to be believed, this practice changed sometime during the last quarter-century to one of promoting mostly *incompetent* people, in order to get them out of the way of production, because it's easier and less risky to promote them than to fire them.

    Traditions change. It takes time, but in many cases what was traditional fifty years ago is no longer traditional today.

    Please note that I am not saying all these changes are necessarily good, only that they have occurred.

  5. Re:Not only SQL Server 2005 on MSSQL 2005 Finally Released · · Score: 1

    > MS is going to release within next year or so: new xbox, office, windows, just name it.

    Bear in mind, not everything they currently hope to release within the next year will actually make it out within the next year. For example, the Windows release that they currently are going to release "within the next year" was, three years ago, going to be released "within the next year". The predicted date hasn't gotten much closer, if any closer. We have, at this point, no reliable indication of when it will *actually* be released; 2007 is just as likely as 2005, and 2008 is entirely possible at this point.

  6. Re:"The free version" on MSSQL 2005 Finally Released · · Score: 1

    > Where's the SourceForge repository?

    Sorry, this is free-as-in-the-way-normal-English-speaking-people- usually-use-the-word. I like open-source software. I'm typing this comment in a mozilla.org browser running on, as it happens, FreeBSD. But Stallmanesque wordplay doesn't gain anything useful for anyone. Everyone who read the article summary understood immediately what the word "free" meant in this context.

  7. Re:So... on MSSQL 2005 Finally Released · · Score: 1

    > This is really MSSQL 2003?

    It's the next version after MS SQL Server 2000. To my way of thinking, that would make it MS SQL Server 2001, but Microsoft stopped using the same version number conventions as the rest of the world back in 1995. It's their product, I guess they can call it whatever they want. I'm a little surprised it's not SQL Server Experience or SQL Server Unlimited Horizon or SQL Server Buena Vista or some equally pretentious marketroid-oriented version name. You'd think they could get their marketing fix by adding a "nickname" after the version number like Apple does with OS X (10.3 Panther, 10.4 Tiger, and so forth), but apparently that's not confusing enough for Microsoft's customers.

  8. Re:Sigh. Stored procs in C# on MSSQL 2005 Finally Released · · Score: 1

    > Keeping the business logic out of the database may be good for you if the only thing your database ever talks
    > to is a web app, but lots of us have databases that talk to a LOT of different applications.

    This is why you create a shared library or module.

    The other poster is right, though: putting application logic into the database will become a source of many headaches, not the least of them being that the developers have to fork off a copy of the entire test database every time they want to create or test a new feature in the application, or if they don't it messes up the application for all the other developers until they finish the new feature. To solve that you end up giving each developer his own server with his own copy of the test database, and then you end up with bugs that one developer can reproduce and the others cannot, or vice versa, and then you have to figure out how to merge all the developers' work periodically. (Oh, sure, they're *supposed* to keep in sync constantly, putting every change they make into the central database once they check that it works as intended. Nice theory; too bad source control systems don't support stored procedures in the database.)

    Stored procedures are okay for stuff that closely relates to the database substructure anyway, e.g., construct me a temp table that has these columns from this table and those columns from that one, or something along those sorts of lines. However, when you start getting 500+ line stored procedures that do things you have buttons for at the application level, you are cruisin' down a highway that leads to suffering.

  9. Re:Well, not to defend an evil empire or anything, on Mandriva Linux 2006 Review · · Score: 1

    > but what is so unfriendly about the Windows XP install, in particular?

    The hardware detection leaves a lot to be desired. A lot of *very* common and popular hardware is either not detected correctly, or the needed drivers are not included, so you have to obtain them separately, e.g., from the manufacturer's website. This is no big deal for something like a printer, but it can be a real pain for certain types of hardware, the lack of a driver for which can impede your installation experience. For instance, it is *very* common to have to complete the entire installation in 256-color mode, as if it were 1993, because the video card driver is not included and must be obtained subsequently. Even worse is when the network card driver is not included, which also happens quite a lot; you have to use another computer to obtain it then, and transfer it to the computer where you're doing the install using removable media. One of these two things happens, in my experience, more than half the time when installing Windows XP (or even more often with Win9x; I have little experience installing Windows 2000 so cannot make informed comment there). I have installed various versions of Mandrake (not, however, recent Mandriva versions) on various hardware, including both new and quite old hardware, in some cases the same hardware where I've previously had the aforementioned problem with Windows (not XP though, as the hardware in question was far too old for that). I have *yet* to see Mandrake, or any of the numerous other Linux distros I have tried, fail to automatically detect and correctly configure the driver for any kind of ethernet card, either add-on, original, or onboard. The track record with video is not as good as with ethernet, but still rather better than Windows, in that when the card is successfully detected (which is usually), there is no need to hunt down a driver, and even when the card is *not* correctly detected, there is usually *still* no need to hunt down a driver, you just have to pick the manufacturer and model off the list. I *have*, however, seen scenarios where a video card didn't quite work correctly even then; it's not very common, especially lately, but it does happen occasionally. Still, overall, the hardware detection on Mandrake is the best I have seen on any operating system. Knoppix is also rather good, and the BeOS gets honorable mention for its exemplary handling of even most hardware that's rather newer than the OS.

    Windows is improving in this area, too, though, and with XP being much better than 98 in my experience, I suspect that Vista, if^H^Hwhen it ever finally comes out, will probably do pretty well in this regard. (It's not, however, merely a matter of recent Mandrake versions being better at this than vintage-2001 versions of Windows; Mandrake 7.0 was already quite decent at this when *it* was released.)

    Then there's the small matter of installing software, to get the system into a usable state. I don't know about you, but I personally don't really feel like using WordPad for all my word processing and desktop publishing needs, Paint for photo editing, nothing whatsoever for vector graphics editing, Notepad (gah!) for text editing, and so on and so forth. When you install Mandrake, you have almost everything you need (with a couple of minor exceptions, such as Firefox extensions and the core fonts). With Windows you have to hunt down and install the power tools (especially TweakUI, the exclusion of which from the core distribution is inexcusable), an office suite, a real text editor, a photo editor, a vector graphics editor, whichever core fonts are missing (they're Microsoft's own core fonts, but there are *always* some of them missing, frequently the most useful ones, such as Georgia, Verdana, and Andale Mono), a decent command shell (Microsoft has one of their own now that from what I have seen is quite good, but it's not yet included in the OS and at this point will probably not be included in Vista either), and anything else you might happen to want (

  10. Re:Nature's way. on Mandriva Linux 2006 Review · · Score: 1

    > I have found a blue error screen is a natural warning of low-quality software

    That's exactly why Microsoft is improving Vista by adding a red error screen.

  11. Re:A new release of DFBSD. on FreeBSD 6.0 Released · · Score: 1

    > DragonFly BSD is a heavily modified continuation of FreeBSD
    > 4.x. It is done by Matt Dillon and many others who are/were
    > prime FreeBSD developers in the past, but disagreed with the
    > current FreeBSD development path.

    Disagreed in what way? What are the primary differences, in terms of focus, between these two distributions? (I'm curious, because I've been thinking of trying out one or more of the BSDs (coming from primarily a Linux background).) OpenBSD, for instance, focuses (from what I've read) primarily on a secure default configuration; whereas, FreeBSD focuses somewhat more on the desktop and usability. Where does Dragonfly fit in? What is its focus?

  12. Re:how does this affect OS X? on FreeBSD 6.0 Released · · Score: 1

    > Mac OS X is based on FreeBSD, is it not?

    Yes and no. Some portions of OS X are based on some portions of FreeBSD.

    > How do new releases of FreeBSD affect OS X?

    Very little. Apple has their own release timetable. Ongoing FreeBSD development has some impact on Apple, but official FreeBSD releases are pretty much neither nor there for them.

  13. I would leave it alone (except maybe standardize) on How Would You Improve SQL? · · Score: 1

    Programmers shouldn't be writing logic directly in SQL anyhow; that's what we have *programming* languages for. SQL is a data language, like XML or YAML, a language that computer programs should be using to transmit data amongst themselves. However, the programmer shouldn't be hardcoding the SQL directly into the program logic. That should be handled by a library, possibly a multi-layer stack of libraries (e.g., a subclass of Class::DBI running over DBI with a DBD connector for the database in question).

    Then you write your program logic in a programming language (preferably a multiparadigmatic VHLL), which will always have much more expressiveness than trying to do the equivalent thing in a data language like SQL.

  14. Re:News from the future on Solaris Now an Option for IBM Blades · · Score: 1

    > Does this mean I get OpenSolaris CDs in my Big Kid's Meal?

    Actually, I just happen to have inside information here about several upcoming Happy Meal promotions. There are going to be two with free CDs in the near future, but unfortunately neither is OpenSolaris; one is the Rootkit Happy Meal, and the other is the 2LiveCrew Happy Meal. Also coming up are the Pamela Anderson Happy Meal (with plush poseable), the Chernobyl Happy Meal (with free glowing rock), and the Double Quarter Pounder with Cheese Happy Meal, which will also come with a large shake and super-size fries. Many corporate spies gave their careers to bring us this information.

  15. Re:Not much further to go on Firefox Achieves 10% Global Market Share · · Score: 1

    > Why should we bother re-writing all our code when they can just fire up IE?"

    Why should I bother firing up IE when they can just go to Gaza? Google will take 0.2 seconds to show me another website that meets my needs. What do I need their crocked-up browser-specific site for?

    Incidentally, the same logic applies to sites with a Flash-based frontdoor. I just go find another site; it's faster than bothering to re-enable Flash (only to disable it again in 4 seconds when it annoys me).

  16. Re:Firefox is on the up!! on Firefox Achieves 10% Global Market Share · · Score: 1

    > I just can't wait until we see sites declaring "Page will not render correctly under Microsoft IE".

    I've seen a site (melonpool.com) that suggests that if certain things don't render properly, it's time to upgrade to a better browser. IE is not mentioned at all, but one supposes, since it's not one of the three suggested upgrade options, that presumably IE users are supposed to upgrade if they have issues with the site's layout.

    I haven't looked at that site in IE to see how it renders, though. The only sites I look at in IE are my *own* sites (to ensure they render okay), our vendor's customer extranet, and Windows Update.

  17. Re:Indexing or Caching? on Reining in Google · · Score: 1

    > It seems to me that if a content provider of a web page
    > doesn't want their pages cached either by my machine,
    > my proxy or even Google that they should employ a
    > robots.txt file AND password protect the site

    Password protection is not necessary or appropriate for this purpose. robots.txt is, and there are other measures (e.g., sending the Pragma: no-cache header will prevent well-behaved caches from storing a secondary copy).

    Password protection should be reserved for preventing unauthenticated persons (i.e., members of the general public) from viewing the content.

    However, the Google cache does differ from a web-browser cache in that it is a third-party cache. Where the web browser's cache is presumably a copy for personal use, the Google cache is expressly for the purpose of redistribution. As much as I *like* the Google cache, it's on rather shakier legal ground than the web browser's cacheing mechanism. The ISP's cache falls somewhere in-between and more arguable.

    Why you would want to prevent caches from storing copies of your web pages is another matter entirely. It seems to me that in the absense of indications to the contrary (e.g., robots.txt or Pragma: no-cache), there is an implicit expectation that when something is published on the web, you intend for services like Google to index it, in much the same way that posting something to usenet constitutes an implicit agreement for nntp servers to store and forward it, or sending email constitutes an agreement for the receiving mail server to store it on behalf of the recipient or issuing a press release constitutes an agreement that the press may republish it. This isn't to say that you give up your copyright, but only that it is generally assumed you are going to permit *certain* things to be done. You'd be understandably quite upset if Google presented users with modified versions of your commercial site with some of the prices changed, for instance, or with extraneous comments from the peanut gallery inserted, or if Internet Explorer spontaneously inserted extra advertisements into your website with click-kickbacks to Microsoft's business partners. (Opera's model of putting the adverts in the toolbar is something IE could presumably also get away with, if Microsoft so chose (although from a market-share perspective this would perhaps not be a really swift choice for them to make), but inserting them into the page would raise serious copyright issues.) Those are things that it is *not* reasonable, given the design of the web, to assume the author intends to permit. But indexing, linking, and so forth, and even a certain amount of cacheing (especially on the user's own system) may generally be assumed de-facto, in the absense of any evidence to the contrary, to be permitted uses of any content that is published on the web.

  18. Re:News from the future on Solaris Now an Option for IBM Blades · · Score: 1

    > IBM buys Sun.

    No, you've got it wrong. It's not IBM. A much larger and more international company will buy out Sun. The only question is whether it will be McDonald's or Coca-Cola...

  19. Re:Birth Certificate on Identity Theft-What Can Really be Done w/o a SSN? · · Score: 1

    > How?

    The same way you would get a new social security card if you lost yours. There's an application process. It takes a few weeks, but the process can be completed entirely by mail. I'm not sure whether this gets them the number you've already been using, or a new one, but anyway it gets them a valid social security number with your identity attached. With that and the birth certificate they can then go get a driver's license or state ID in your name with their photo on it.

    Of course, doing this when you are not in fact the person in question is quite illegal, and there's a nontrivial probability of _eventually_ getting caught. But yes, it can be done, and it's not even very hard. People have to do this all the time when they lose their SSN card, so there's a routine procedure for it. You can do it with e.g. a marriage record that you get from the county courthouse, or any of a number of other documents that you don't really absolutely have to be the person in question to get.

  20. Re:How about getting RID of an SSN on Identity Theft-What Can Really be Done w/o a SSN? · · Score: 1

    > does anyone really believe anymore that it will provide security in
    > your elder years? I'm serious, is there anybody??? At all???

    I would estimate that at least 30% of the population (and possibly as much as twice that amount) still believes that. People are incredibly naive.

    My view of Social Security is that it's just another tax. I pay it without a second thought -- give to Caesar what is Caesar's -- but I don't expect to receive anything useful in return. As far as retirement income, I figure it's my responsibility to make whatever arrangements I can.

  21. Re:Depends on the institution on Identity Theft-What Can Really be Done w/o a SSN? · · Score: 1

    > At the school I'm getting my Master's from, you can call the
    > financial aid office and get information on your account by using
    > your name. I've always thought it was convenient, but I can certainly
    > see how it's very dangerous.

    It's only very dangerous if the information you can obtain that way is very dangerous. If all you can get is "You currently owe $17856.97 on your account, Mr. Smith.", I wouldn't worry about it too much, unless you're trying to keep the price of your education a big secret.

  22. Re:But does it run on Firefox 1.5 RC1 Released · · Score: 1

    Potentially, but you'll need to compile it yourself, and there are several prerequesites, and you might need to make some adjustments. First, get a C++ preprocessor that outputs ANSI C code, plus the C => Emacs lisp translator. You'll also need the X11 libraries for Emacs, plus several other libraries that the Mozilla.org codebase uses. Run all of the libraries through the preprocessor and the translator, then byte-compile them and put them in a directory that's in your Emacs load-path. Then you're ready to start working on Gecko. As far as I'm aware, nobody has yet got Gecko working on Emacs, but it ought to be possible in theory, given the above, with perhaps some adjustments for platform issues (things Emacs handles differently than the Mozilla-supported platforms, e.g., you'll have to adjust all the clipboard-related code to utilize the kill ring). If you can get to the point where Gecko will byte-compile, getting Firefox running should be a snap after that.

    HTH.HAND.

  23. Re:OpenDoc on Massachusetts' CIO Defends Move to OpenDocument · · Score: 1

    > Here's the thing though -- It's conceivable that Microsoft,
    > as a means of encouraging people to upgrade would cut off
    > support for older document formats and never release the
    > souce code for the programs that generated the original
    > file format.

    I don't think they did that to encourage people to upgrade. If that had been the reasoning, they would have dropped support for all but the most recent format, rather than the ones from 5+ versions ago. It's far more likely that the reason they dropped support for the really old formats is because the code that handled them was old and crufty and unmaintainable in the current environment, as tends to happen with code that only still exists for legacy reasons. It probably used the old pre-Win32 APIs and everything; of *course* they dropped it once they thought they could get away with that and most folks wouldn't notice.

    Of course, whatever their reasoning, the effect on your fifteen-year-old documents is the same:

    Boss: Hey, we need to roll in these new ammendments to this business ethics redemnification policy. I'm pretty sure Eisengander worked on it in 1989. Go through his old documents and find it.
    You: [hours later] This might be it, but it appears to be in Word 3 format.
    Boss: Okay, so open it in Word.
    You: We don't have a copy of Word 3 anymore. The oldest thing we've got is Word 97, and it won't open anything older than Word 6 format. Even if we had Word 3, it's unlikely we could get it to run on Windows. Neither Word 3 nor DOS 6 is available for purchase anymore.
    Boss: So convert it or something. Make it work. Otherwise you're retyping 350 pages.
    You: Get my successor to do it. Here's my notice.

  24. Re:Apple should just buy out SCO on SCO Tells Courts What IBM Did Wrong · · Score: 1

    > Somebody's got to own Unix

    I was under the impression that the Open Group owned Unix in every sense that matters these days. They're the ones who get to decide whether any given system is even allowed to be called "Unix", for instance. I don't see any need for anyone to buy out SCO; Apple doesn't have any reason to do so, certainly.

  25. Re:Let's give a hand to Bill on Bill Gates Donates $258 Million to Fight Malaria · · Score: 2, Insightful

    > When Gates gave large sums to research in India, it was at the same
    > time MS was spending 2x as much in advertising to try to drive India
    > away from FOSS and toward Windows.

    Okay, but Malaria is mostly a problem in places whose annual budget for software is, to a first approximation, zero. Places like the Cameroon, for instance, where in the *cities* people are lucky to have electrical power 30% of the time, and the internet is non-existent because nobody has a phone line to dedicate to it. (You want to make a phone call? In the largest cities you can rent a phone line in a booth in ten-minute increments...) When these people buy computers, they're buying ten-year-old used computers, and they don't trouble themselves over software licenses, and nobody, not even Microsoft, begrudges them the second-hand software that comes on those computers, because whatever money they have is better spent on more vital things such as seeds to plant so they can make it through another season.

    There's a reason Malaria research is underfunded. I think just about the richest country with a serious Malaria problem is Brasil, and their Malaria problem is primarily in the North along the river, and their economy is centered around Rio and Sau Paulo, far to the south (six hours or more by plane). *Most* of the countries with a big Malaria problem have economies (if you can call them that) charactarized by subsistence farming. Nigeria. The CAR. Laos. Countries that import food and whose exports mostly are inexpensive raw materials, or tourism if they can convince anybody it's safe to travel there. Countries that can't afford to feed their own people, much less fund expensive research. Countries whose governments, if they spent significant time on issues like copyright law, would be guilty of gross negligence because of the more pressing needs they'd be ignoring to do so. Countries that have a military coup every few years as a matter of course and the rest of the world barely even notices (the CAR being especially bad in this regard).

    I'm not a big Bill Gates fan, but I'm fairly certain that when he's funding Malaria research, the motivation is not directly financial. More likely he's calming down his conscience.