> There are 20 separate vulnerabilities in Windows and Outlook Express
No. No, no, no. There is *one* vulnerability in Outlook and Outlook Express, one that has been public knowledge for about a decade now and Microsoft has thus far made no attempt to fix. The vulnerability is, Outlook and Outlook Express deliberately treat untrusted data in ways that untrusted data should NEVER be treated under ANY circumstances. Their whole approach to security is, instead of the correct this-data-is-untrusted approach, a dain brammaged fix-specific-problems approach, wherein the data that ought to be untrusted is stopped from doing certain specific things that have been known to cause problems in the past but still allowed to do basically anything else.
There may be 20 separate specific ways this can be exploited, and more will be discovered next week, but it's fundamentally *one* issue.
Executive summary: Outlook and Outlook Express don't *have* security holes; they *are* security holes, big fat wide-open ones.
You probably don't even need one. But if you do need one, it's nice to be able to pick your favourite one, install it right off your distro CD, and have it configured and running in two minutes flat. Since not everyone has the same idea about which one they want (see, some people prefer wu-ftp, but those in the know use proftpd), the distro includes all the major ones, so you can pick whichever one you want.
The other poster's point was that when a vulnerability is reported in a distro, in many cases it's in some optional package like that that most users aren't even using. Not in every case, of course. There were those openssh issues a while back, for example... those were pretty major, because there are alternatives to openssh but nobody seems to use them and most distros don't even include them. And a lot of distros turn on sshd by default. So a vulnerability in that impacts nearly everyone. But a lot of the "Linux vulnerabilities" you hear about are not like this at all, more like "Hey, all users of Bob's Fancy MP3 Jukebox, it has been discovered that the plugin for playing Windows Media format files directly off the internet is vulnerable to a cross-site cookie vulnerability that can allow a malicious site you play music from to track you; users are advised to update to version 0.1.18 of the plugin and version 0.2.8 or higher of BFMJ."
Even a lot of the security advisories that theoretically have to do with stuff everyone uses don't actually impact most people. For example, there was an Apache issue a while back that only hit you if you were using some fairly specific configuration; I don't recall the details, only that none of the five systems I look after that have Apache on them needed an update, since none of them were using whatever it was that was vulnerable.
> Oh, one more thing. I miss the days when you could listen to your computer's > hard drive and know what it was doing. If it started up and a odd time you'd > know something wasn't right. These days on windows the hard drive seems to > randomly grind a way for a second every once and a while...it's... > disconcerting. My mac doesn't seem to do that, can't remember if Linux does.
Not generally (assuming you have a decent amount of RAM), but cron jobs can cause a similar effect, especially the ones that rotate logfiles and stuff. Of course, since you can control exactly what time of day these happen, they are technically not random, but still they can catch you by surprise.
> the river does not roam through major metropolitan areas.
No, of course not. (Are there major metropolitan areas in Pennsylvania? Hmmm... I can think of two; not sure whether the river in question visits either of them.) But small-town and country people get around quite a bit, and a major river is a big deal, something people pay attention to and notice. At any given time you may not see any people, but if you park your truck next to the river and sit around for a few hours watching, you'll see people.
What you want is very similar to something like XML. You could define a set of shortcuts for yourself, and write a very simple script (e.g., in Perl) that just fixes up your shortcuts into the real thing. For example, if you don't feel like typing <p> at the beginning of every paragraph and </p> at the end, you could make the rule that blank lines delimit paragraphs; then your preprocessing script will have to insert all the paragraph tags. (This is not as hard as it sounds; for each blank line, you replace it with </p><p>, then you go traverse backward and forward from that point over the largest possible wellformed block that does not include any blank lines, and that's where you put the other start tag and end tag. The hardest part about this is writing a parser that can go either direction (forward or backward) and understands what "wellformed" means.)
Any other shortcuts you want to define are fine too, as long as you can write the preprocessor to turn them into the desired equivalent standard markup. Run your stuff through your handrolled preprocessor script, and you've got standard markup.
Of course, you want to pick the standard markup that's closest to your needs, both in terms of requiring the minimum amount of work out of your preprocessor and in terms of being able to be converted into the maximum range of other formats using standard off-the-shelf tools. DocBook has been suggested, and it's hard to disagree, but XHTML will probably do in a pinch, especially with judicious use of classes to mark things like sidebars and examples. You could have a rule, for example, that a level 2 header introduces a new chapter, and that sort of thing, so that it would be relatively easy to use XML::Parser or the equivalent (or even XSLT if you're into that) to transform your final document into whatever format you happen to want it in, including DocBook or whatever.
My mail has accumulated to 1.8GB just in the two years since I switched to Gnus (circa April 2002); everything from before that is still stored in Pegasus Mail on my Windows partition, except for the stuff from when I was in college, which is stored as plain text (but with full headers) on my old FAT16 data partition.
Okay, so most of that is mailing lists and spam, but still... one mere gigabyte is nowhere near enough for a whole lifetime. If they were promising to double the storage limit every eighteen months, then it might be closer to enough (especially if you delete all the spam, instead of keeping it around for statistical analysis like I do).
I don't think that's possible. I think all the counties where the Susquehanna flows are subdivided into townships.
> and owns the river himself?
That would be a pretty neat trick. Not only does owning a river mean you have to own all the land on both sides of all the tributaries all the way up to the headwaters, but this is the Susquehanna we're talking about.
Draining wetlands is different; that's a special law, passed just for wetlands. The river is a navigable body of water, and so in order to own it you have to own all the land it touches; that's the rule. With a pond or lake, this means you have to own all the way around it. With a stream or river, you'd have to own not just on both sides but all the way up to the source of the headwaters; otherwise, it's not yours; it's just passing through your property and the public can use it (e.g., for canoeing) as long as they stay on (or on the bank of) the river, and you can't interfere (e.g., by damming) unless you have cut through all the relevant red tape.
If it were a dinky nothing stream, you *might* get away with it on the grounds of nobody noticing until the structure was years old, but the Susquehanna is too major for that; anything you do will be noticed before you finish doing it.
< A so-called 'shatter attack' doesn't work unless you
< have a buggy program with enhanced privileges running.
The program doesn't have to be buggy per se; it only has to be
running with enhanced privileges and have a "window" on the
desktop. (Any representation on the desktop will do, even
a system tray icon, if I understand correctly.) The vulnerability
is in the Win32 API and widget set. The antivirus software in
question was not buggy in itself (at least, not in a way that
is relevant to the shatter attack), unless you count running
with enhanced privileges as a bug.
This guy
claims to have exploit code for at least 4 different processes on a default installation of Windows 2000. Unless he's full of bologna, I'd rate
that as pretty serious.
Shatter is a privilege escalation attack. You have to already have
some kind of user-level access to the system in order to use it. But
it does allow any user on the system to get privileges. (This is
particularly bad for a Terminal Services / thinclient situation,
since any user on any of the thin clients can take over the whole
server.)
> Let's litter its surface with tons of our crap for a nominal fee!
Umm. If they're charging a *minimum* of six million greenbacks for 20kg, a ton would cost... over eighteen billion smackers *per ton*. You call that a nominal fee?
Care to explain why we'd want to get there? I mean, besides just to say we've been there and stick up a little flag, because we've done that bit. Apart from that, the moon is a totally unattractive place to go. Not only doesn't it have an atmosphere to speak of, it doesn't even have enough mass to hold one. If we were going to go somewhere outside of Earth, Mars is the closest meaningful place to go. Mars could potentially be terraformed (though I'm not sure we have the technology to do it yet and I'm certain we can't foot the bill yet). The moon? It's basically just a big rock, useful mainly for reflecting the sunlight and influencing tides.
I surely don't see the *point* of putting 10 kilograms of junk on the Moon (and if it's not junk now, it will be after impact), but I don't see that it does any harm either. If anything the greatest harm it does is remove that much mass from Earth, but in that regard it's nothing compared to all the (admittedly more worthwhile) exploratory craft we've sent various places.
> Since I can only personally name about 8 search engines
Search engines of any kind, or general web search engines that actually matter? I can name dozens of the former, but there are only about four of the latter, and that's being generous and counting AltaVista despite the fact that nobody actually uses it anymore.
Now, if you include search engines that search something other than the web in general, there are a few more that matter, in the special-purpose category. search.cpan.org, for example, matters, catalog.loc.gov, and many others, but they don't count if you're only considering "normal" (i.e., general-purpose web) search engines. If you do count these, then there are more than eight that I use on a daily basis.
> notice that God wasn't asking for blind faith here; that's not the way > the God of the Bible works.
Indeed, nothing in the Bible ever refers to faith as blind.
Okay, working from memory here, so some details may be a little off...
No computer guru, code architect, designer, or support staff can explain to the CEO the mystery he has asked about, but there is a God in heaven who reveals mysteries. He has shown CEO Ballmer what will happen in days to come. Your error codes and BSODs that passed through your monitor as you sat at your desk are these...
You saw a great statue, with a head of gold. The chest and arms were of silver, the belly and thighs of bronze, and the legs of iron. The feet and toes were partly of iron and partly of baked clay. As you were watching, a rock was cut out of a mountain, but not by human hands, and fell on the statue. It smashed the bronze, the iron, the clay, the silver, and the gold to pieces.
You, O CEO, are that head of Gold. Your software empire extends to the ends of the earth; the great God has given you dominion over all the computers of the world. Those bugs you want to fix, you fix, and those you do not want to fix, you do not have to fix. The computers you want to upgrade, you upgrade, and those you want to shut down, you shut down.
After you, another software empire will rise, a silver empire, inferior to yours, and after that, a third empire, of bronze. After that, a fourth empire will rise, one of iron, which will smash and break all competitors, just as iron smashes all things. It will be a divided empire, just as the two legs of the statue are of iron, and in the end it will be a mixed empire, just as the feet and toes are mixed, partly of iron and partly of clay.
Finally, a great empire will come, one of stone. It will crush all the other empires. This is the vision of the rock, cut out of a mountain, but not by human hands, a rock that broke the iron, the bronze, the clay, the silver, and the gold to pieces. The great God has shown the CEO what will take place in the future. The dream is true and the interpretation is trustworthy.
> My guess is that he thought his "advisors" were full of bull, and were > trying to manipulate him.
You guess right; he says as much in the passage.
> His advisors, understandably, said, "You're on crack -- no king in history > has asked something like that",
They were a little more respectful than "you're on crack". Not wanting to be cut into pieces and have your houses turned into piles of rubble has a tendency to produce a respectful attitude (well, outwardly).
> to which he replied, "I'll show you who's on crack..."
> It reminds me of a biblical story where the king killed all his advisors > who couldn't tell him what his dream meant.
No, he didn't do it. He was going to, but then this young Jewish man (called Belshazzar by the king) came along and told him the dream, so he let the advisors and enchanters and sorcerers and diviners off the hook.
> Longhorn probably won't be the "killer app" that gets people to upgrade > like Windows 95 was.
Windows 95 wasn't either. Most folks didn't get it until they bought a computer that came with it. A lot of people were still using Windows 3.1 (yes, really) as late as 1998 or 1999. (Admittedly, Windows 95 wasn't readily available until early 1996, so that's only 2-3 years. Still, Win3.1 really sucked, and almost nobody cared.) DOS continued to be used even *longer*, because of legacy DOS-based apps that wouldn't run properly in Windows. These have been *very gradually* dying off, and at this point *most* of them are dead, but DR-DOS is still selling a few copies, though admittedly most of those copies might be running on VMWare or VirtualPC. But as late as 1998, DOS was still almost as widespread as MacOS. Win95 was at that level in 2002 or so, and Windows 98 still will be in 2005. If Longhorn comes out in January 2006 (which seems early to me), WinXP will still be common as late as 2010 or 2011.
This sort of thing is not unique to Microsoft. I administer four Linux systems (two at home, two at work); one of them is still running a 2.2 series kernel (hey, it works). At work, we have five Macs. One of them is 8.1, two are 9.0, one is 9.1, and the newest one is 10.1.5 I think. (We don't _just_ have Macs; it's a heterogenous network; we even have one VMS system. We've not upgraded the VMS system since we bought it in Fall of 2000, but I think 7.2 is still the current version.)
Heck, there are (a few) people out there still using Perl version 4.
Generally, anything listed in STD 1
is considered fairly important. The lowest RFC numbers I see there are 768
(UDP), 791 (IP), 792 (ICMP), and 793 (TCP), all of which are quite thoroughly
important, fundamental to the internet. 821 and 822 are vital for email.
Some of the RFCs not listed in STD 1 do have some importance, however, and
it's possible that there's an important low-numbered one I'm missing.
> From a history of the Internet perspective I have to wonder when it was > that port 80 traffic overtook port 25.
Sometime in the mid-to-late nineties I think. But only because web pages consume more bytes than email messages for the same amount of time spent reading them. Images are the main factor here. Most email is still sent as text/plain, and most email that's sent as richtext or html doesn't include any actual non-text content, apart from a little markup.
What's more interesting is to note when web fora became more popular than usenet. I think this traces to a combination of three factors: increasing amounts of usenet spam, improving quality of web browsers (just _try_ to spend an hour on slashdot using Netscape 4 or IE 4; it's painful), and the decreasing average quality of mail and usenet clients (due mainly to the introduction of a lot of low-quality ones; the better ones have actually continued to improve, but finding them among the dross is harder). It's astonishing how many people settle for e.g. Outlook -- or even webmail.
> 1969... Isn't that before the beginning of time()?
I think Tenex handles (handled?) time differently from Unix.
It is interesting to note the historical reasons why Tenex/Twenex died and Unix pretty much completely took over; mostly it boils down to portability; Unix was written in C which, despite its many flaws, was not particular to a specific hardware, but Twenex was married to the 36-bit assembly language and stuck on a doomed hardware architecture, never to be ported. Otherwise things might have gone rather differently.
On Win9x, every process has the equivalent of root privileges. Always.
On NT, any user can _get_ root (err, LocalSystem) privileges due to a thing called a shatter attack (which is basically a local root exploit that can't be fixed without breaking the Win32 API), but processes do not all have such privileges automatically, and cygwin would be no different from any other application in this regard.
> Buying NeXT was the best decision anybody at Apple ever made.
Actually, they were thinking about buying Be, which would have been just about as good. (Be was better in a lot of ways, actually, but NeXT was where Jobs was...)
Heh. When I used to work fast food (McDs specifically), I used to joke with coworkers that I'd discovered a way they could get five days off a week and still get paid for forty hours. All they had to do is work open-close two days in a row with no breaks, 5am-1am. For some reason, none of them were nearly as enthusiastic about five days off as they had been before I told them how the system would work. Some inane nonsense about needing five days of sleep just to recover and get ready for next week:-O
> There are 20 separate vulnerabilities in Windows and Outlook Express
No. No, no, no. There is *one* vulnerability in Outlook and Outlook Express,
one that has been public knowledge for about a decade now and Microsoft has
thus far made no attempt to fix. The vulnerability is, Outlook and Outlook
Express deliberately treat untrusted data in ways that untrusted data should
NEVER be treated under ANY circumstances. Their whole approach to security
is, instead of the correct this-data-is-untrusted approach, a dain brammaged
fix-specific-problems approach, wherein the data that ought to be untrusted
is stopped from doing certain specific things that have been known to cause
problems in the past but still allowed to do basically anything else.
There may be 20 separate specific ways this can be exploited, and more will
be discovered next week, but it's fundamentally *one* issue.
Executive summary: Outlook and Outlook Express don't *have* security holes;
they *are* security holes, big fat wide-open ones.
> 1) why would you need 10 different ftp servers?
You probably don't even need one. But if you do need one, it's nice to be
able to pick your favourite one, install it right off your distro CD, and
have it configured and running in two minutes flat. Since not everyone has
the same idea about which one they want (see, some people prefer wu-ftp, but
those in the know use proftpd), the distro includes all the major ones, so
you can pick whichever one you want.
The other poster's point was that when a vulnerability is reported in a
distro, in many cases it's in some optional package like that that most users
aren't even using. Not in every case, of course. There were those openssh
issues a while back, for example... those were pretty major, because there
are alternatives to openssh but nobody seems to use them and most distros
don't even include them. And a lot of distros turn on sshd by default. So
a vulnerability in that impacts nearly everyone. But a lot of the "Linux
vulnerabilities" you hear about are not like this at all, more like "Hey,
all users of Bob's Fancy MP3 Jukebox, it has been discovered that the plugin
for playing Windows Media format files directly off the internet is vulnerable
to a cross-site cookie vulnerability that can allow a malicious site you
play music from to track you; users are advised to update to version 0.1.18
of the plugin and version 0.2.8 or higher of BFMJ."
Even a lot of the security advisories that theoretically have to do with
stuff everyone uses don't actually impact most people. For example, there
was an Apache issue a while back that only hit you if you were using some
fairly specific configuration; I don't recall the details, only that none
of the five systems I look after that have Apache on them needed an update,
since none of them were using whatever it was that was vulnerable.
> Oh, one more thing. I miss the days when you could listen to your computer's
> hard drive and know what it was doing. If it started up and a odd time you'd
> know something wasn't right. These days on windows the hard drive seems to
> randomly grind a way for a second every once and a while...it's...
> disconcerting. My mac doesn't seem to do that, can't remember if Linux does.
Not generally (assuming you have a decent amount of RAM), but cron jobs can
cause a similar effect, especially the ones that rotate logfiles and stuff.
Of course, since you can control exactly what time of day these happen, they
are technically not random, but still they can catch you by surprise.
> the river does not roam through major metropolitan areas.
No, of course not. (Are there major metropolitan areas in Pennsylvania?
Hmmm... I can think of two; not sure whether the river in question visits
either of them.) But small-town and country people get around quite a bit,
and a major river is a big deal, something people pay attention to and notice.
At any given time you may not see any people, but if you park your truck next
to the river and sit around for a few hours watching, you'll see people.
What you want is very similar to something like XML. You could define a
set of shortcuts for yourself, and write a very simple script (e.g., in
Perl) that just fixes up your shortcuts into the real thing. For example,
if you don't feel like typing <p> at the beginning of every paragraph and
</p> at the end, you could make the rule that blank lines delimit
paragraphs; then your preprocessing script will have to insert all the
paragraph tags. (This is not as hard as it sounds; for each blank line,
you replace it with </p><p>, then you go traverse backward and forward from
that point over the largest possible wellformed block that does not include
any blank lines, and that's where you put the other start tag and end tag.
The hardest part about this is writing a parser that can go either direction
(forward or backward) and understands what "wellformed" means.)
Any other shortcuts you want to define are fine too, as long as you can write
the preprocessor to turn them into the desired equivalent standard markup.
Run your stuff through your handrolled preprocessor script, and you've got
standard markup.
Of course, you want to pick the standard markup that's closest to your
needs, both in terms of requiring the minimum amount of work out of your
preprocessor and in terms of being able to be converted into the maximum
range of other formats using standard off-the-shelf tools. DocBook has
been suggested, and it's hard to disagree, but XHTML will probably do in
a pinch, especially with judicious use of classes to mark things like
sidebars and examples. You could have a rule, for example, that a level
2 header introduces a new chapter, and that sort of thing, so that it
would be relatively easy to use XML::Parser or the equivalent (or even
XSLT if you're into that) to transform your final document into whatever
format you happen to want it in, including DocBook or whatever.
My mail has accumulated to 1.8GB just in the two years since I switched to
Gnus (circa April 2002); everything from before that is still stored in
Pegasus Mail on my Windows partition, except for the stuff from when I was
in college, which is stored as plain text (but with full headers) on my old
FAT16 data partition.
Okay, so most of that is mailing lists and spam, but still... one mere
gigabyte is nowhere near enough for a whole lifetime. If they were promising
to double the storage limit every eighteen months, then it might be closer to
enough (especially if you delete all the spam, instead of keeping it around
for statistical analysis like I do).
> just put the freakin' generator on the river, shut your mouth about it and
> wait for someone to tell you to stop.
On the Susquehanna? I'm pretty sure you'd be noticed in notime flat.
> What if he doesn't live in a township
I don't think that's possible. I think all the counties where the Susquehanna
flows are subdivided into townships.
> and owns the river himself?
That would be a pretty neat trick. Not only does owning a river mean you
have to own all the land on both sides of all the tributaries all the way
up to the headwaters, but this is the Susquehanna we're talking about.
Draining wetlands is different; that's a special law, passed just for wetlands.
The river is a navigable body of water, and so in order to own it you have to
own all the land it touches; that's the rule. With a pond or lake, this
means you have to own all the way around it. With a stream or river, you'd
have to own not just on both sides but all the way up to the source of the
headwaters; otherwise, it's not yours; it's just passing through your property
and the public can use it (e.g., for canoeing) as long as they stay on (or on
the bank of) the river, and you can't interfere (e.g., by damming) unless you
have cut through all the relevant red tape.
If it were a dinky nothing stream, you *might* get away with it on the grounds
of nobody noticing until the structure was years old, but the Susquehanna is
too major for that; anything you do will be noticed before you finish doing it.
The program doesn't have to be buggy per se; it only has to be running with enhanced privileges and have a "window" on the desktop. (Any representation on the desktop will do, even a system tray icon, if I understand correctly.) The vulnerability is in the Win32 API and widget set. The antivirus software in question was not buggy in itself (at least, not in a way that is relevant to the shatter attack), unless you count running with enhanced privileges as a bug.
This guy claims to have exploit code for at least 4 different processes on a default installation of Windows 2000. Unless he's full of bologna, I'd rate that as pretty serious.
Shatter is a privilege escalation attack. You have to already have some kind of user-level access to the system in order to use it. But it does allow any user on the system to get privileges. (This is particularly bad for a Terminal Services / thinclient situation, since any user on any of the thin clients can take over the whole server.)
> You consider a six-pack and making a crater in the moon quality entertainment.
What, a six-pack and slashdot is better?
> Post, you will. Modded down, you are...
Assimilated, you will be. Futile, resistence is, Hmmm...?
> Let's litter its surface with tons of our crap for a nominal fee!
Umm. If they're charging a *minimum* of six million greenbacks for 20kg, a
ton would cost... over eighteen billion smackers *per ton*. You call that
a nominal fee?
> lets trash the moon before we even get there.
Care to explain why we'd want to get there? I mean, besides just to say we've
been there and stick up a little flag, because we've done that bit. Apart from
that, the moon is a totally unattractive place to go. Not only doesn't it have
an atmosphere to speak of, it doesn't even have enough mass to hold one. If
we were going to go somewhere outside of Earth, Mars is the closest meaningful
place to go. Mars could potentially be terraformed (though I'm not sure we
have the technology to do it yet and I'm certain we can't foot the bill yet).
The moon? It's basically just a big rock, useful mainly for reflecting the
sunlight and influencing tides.
I surely don't see the *point* of putting 10 kilograms of junk on the Moon
(and if it's not junk now, it will be after impact), but I don't see that
it does any harm either. If anything the greatest harm it does is remove
that much mass from Earth, but in that regard it's nothing compared to all
the (admittedly more worthwhile) exploratory craft we've sent various places.
> Since I can only personally name about 8 search engines
Search engines of any kind, or general web search engines that actually matter?
I can name dozens of the former, but there are only about four of the latter,
and that's being generous and counting AltaVista despite the fact that nobody
actually uses it anymore.
Now, if you include search engines that search something other than the web
in general, there are a few more that matter, in the special-purpose category.
search.cpan.org, for example, matters, catalog.loc.gov, and many others, but
they don't count if you're only considering "normal" (i.e., general-purpose
web) search engines. If you do count these, then there are more than eight
that I use on a daily basis.
Heh. Interesting parody.
> notice that God wasn't asking for blind faith here; that's not the way
> the God of the Bible works.
Indeed, nothing in the Bible ever refers to faith as blind.
Okay, working from memory here, so some details may be a little off...
No computer guru, code architect, designer, or support staff can explain to
the CEO the mystery he has asked about, but there is a God in heaven who reveals
mysteries. He has shown CEO Ballmer what will happen in days to come. Your error
codes and BSODs that passed through your monitor as you sat at your desk are
these...
You saw a great statue, with a head of gold. The chest and arms were of
silver, the belly and thighs of bronze, and the legs of iron. The feet and
toes were partly of iron and partly of baked clay. As you were watching, a
rock was cut out of a mountain, but not by human hands, and fell on the
statue. It smashed the bronze, the iron, the clay, the silver, and the gold
to pieces.
You, O CEO, are that head of Gold. Your software empire extends to the ends
of the earth; the great God has given you dominion over all the computers of
the world. Those bugs you want to fix, you fix, and those you do not want to
fix, you do not have to fix. The computers you want to upgrade, you upgrade,
and those you want to shut down, you shut down.
After you, another software empire will rise, a silver empire, inferior to
yours, and after that, a third empire, of bronze. After that, a fourth
empire will rise, one of iron, which will smash and break all competitors,
just as iron smashes all things. It will be a divided empire, just as the
two legs of the statue are of iron, and in the end it will be a mixed
empire, just as the feet and toes are mixed, partly of iron and partly of
clay.
Finally, a great empire will come, one of stone. It will crush all
the other empires. This is the vision of the rock, cut out of a mountain,
but not by human hands, a rock that broke the iron, the bronze, the clay,
the silver, and the gold to pieces. The great God has shown the CEO what
will take place in the future. The dream is true and the interpretation
is trustworthy.
> My guess is that he thought his "advisors" were full of bull, and were
> trying to manipulate him.
You guess right; he says as much in the passage.
> His advisors, understandably, said, "You're on crack -- no king in history
> has asked something like that",
They were a little more respectful than "you're on crack". Not wanting to
be cut into pieces and have your houses turned into piles of rubble has a
tendency to produce a respectful attitude (well, outwardly).
> to which he replied, "I'll show you who's on crack..."
Actually, I think he said, "Now you're stalling."
> It reminds me of a biblical story where the king killed all his advisors
> who couldn't tell him what his dream meant.
No, he didn't do it. He was going to, but then this young Jewish man (called
Belshazzar by the king) came along and told him the dream, so he let the
advisors and enchanters and sorcerers and diviners off the hook.
> Longhorn probably won't be the "killer app" that gets people to upgrade
> like Windows 95 was.
Windows 95 wasn't either. Most folks didn't get it until they bought a
computer that came with it. A lot of people were still using Windows 3.1
(yes, really) as late as 1998 or 1999. (Admittedly, Windows 95 wasn't
readily available until early 1996, so that's only 2-3 years. Still, Win3.1
really sucked, and almost nobody cared.) DOS continued to be used even
*longer*, because of legacy DOS-based apps that wouldn't run properly in
Windows. These have been *very gradually* dying off, and at this point
*most* of them are dead, but DR-DOS is still selling a few copies, though
admittedly most of those copies might be running on VMWare or VirtualPC.
But as late as 1998, DOS was still almost as widespread as MacOS. Win95
was at that level in 2002 or so, and Windows 98 still will be in 2005.
If Longhorn comes out in January 2006 (which seems early to me), WinXP
will still be common as late as 2010 or 2011.
This sort of thing is not unique to Microsoft. I administer four Linux
systems (two at home, two at work); one of them is still running a 2.2
series kernel (hey, it works). At work, we have five Macs. One of them
is 8.1, two are 9.0, one is 9.1, and the newest one is 10.1.5 I think.
(We don't _just_ have Macs; it's a heterogenous network; we even have
one VMS system. We've not upgraded the VMS system since we bought it in
Fall of 2000, but I think 7.2 is still the current version.)
Heck, there are (a few) people out there still using Perl version 4.
Generally, anything listed in STD 1 is considered fairly important. The lowest RFC numbers I see there are 768 (UDP), 791 (IP), 792 (ICMP), and 793 (TCP), all of which are quite thoroughly important, fundamental to the internet. 821 and 822 are vital for email. Some of the RFCs not listed in STD 1 do have some importance, however, and it's possible that there's an important low-numbered one I'm missing.
> From a history of the Internet perspective I have to wonder when it was
> that port 80 traffic overtook port 25.
Sometime in the mid-to-late nineties I think. But only because web pages
consume more bytes than email messages for the same amount of time spent
reading them. Images are the main factor here. Most email is still sent
as text/plain, and most email that's sent as richtext or html doesn't
include any actual non-text content, apart from a little markup.
What's more interesting is to note when web fora became more popular than
usenet. I think this traces to a combination of three factors: increasing
amounts of usenet spam, improving quality of web browsers (just _try_ to
spend an hour on slashdot using Netscape 4 or IE 4; it's painful), and the
decreasing average quality of mail and usenet clients (due mainly to the
introduction of a lot of low-quality ones; the better ones have actually
continued to improve, but finding them among the dross is harder). It's
astonishing how many people settle for e.g. Outlook -- or even webmail.
usenet is still a really cool resource, though.
> 1969... Isn't that before the beginning of time()?
I think Tenex handles (handled?) time differently from Unix.
It is interesting to note the historical reasons why Tenex/Twenex died and
Unix pretty much completely took over; mostly it boils down to portability;
Unix was written in C which, despite its many flaws, was not particular to
a specific hardware, but Twenex was married to the 36-bit assembly language
and stuck on a doomed hardware architecture, never to be ported. Otherwise
things might have gone rather differently.
> (don't know about 9x)
On Win9x, every process has the equivalent of root privileges. Always.
On NT, any user can _get_ root (err, LocalSystem) privileges due to a thing
called a shatter attack (which is basically a local root exploit that can't
be fixed without breaking the Win32 API), but processes do not all have such
privileges automatically, and cygwin would be no different from any other
application in this regard.
> Buying NeXT was the best decision anybody at Apple ever made.
Actually, they were thinking about buying Be, which would have been just
about as good. (Be was better in a lot of ways, actually, but NeXT was
where Jobs was...)
Quick, patent it, then convince a couple of major cities to make their roads
this shape. You'll do a booming business in wheels, then!
Heh. When I used to work fast food (McDs specifically), I used to joke with :-O
coworkers that I'd discovered a way they could get five days off a week and
still get paid for forty hours. All they had to do is work open-close two
days in a row with no breaks, 5am-1am. For some reason, none of them were
nearly as enthusiastic about five days off as they had been before I told
them how the system would work. Some inane nonsense about needing five days
of sleep just to recover and get ready for next week