If you can't trust your company's IT department, then you have to treat the company network as if it were part of the internet -- outside, hostile, dangerous. That means you have to have your own internal firewall(s) that prevent traffic from coming into your department from the rest of the company network, except for traffic that you specifically allow. The IT department can control whatever servers it likes, but you don't put anything that matters on those servers; you keep it on your OWN servers. Ideally, the IT dept. shouldn't even know these servers exist, but absolutely they must not have access to them. This includes physical access, even if that means you have to rig a cabinet to set off fire alarms or whatever if it's breached improperly. (Being engineers, I imagine you can come up with something. Be creative. Train whistle and air compressor, whatever, make sure you will KNOW if someone is getting into there, and make sure power to the alarm system can't cut without setting off an alarm (think UPS inside the cabinet).)
It gets worse. You said you have no control over the physical topology of the network. That means anyone random can just plug in on your side of your internal firewall. That means all your systems that have data you need to protect MUST be locked down. I'm thinking you want to limit it to as few systems as possible (servers) and turn the clients into thin clients, at least for the purposes of accessing the data you intend to protect. No system should be able to connect to the servers that house the data without authenticating each time, and you need to use an encrypted wire protocol. (X11 forwarding over ssh could be made to work, but being stuck with Windows clients is hurting you here. Yeah, cygwin has X and it works, but unless it's improved since the version I've got it doesn't integrate well and will get in the way of getting work done. You might want to look into VNC or something along those lines.)
> we need to be able to recover access in the event a bus hits > an engineer,
All this means is you have to trust more than one engineer with the same or equivalent access keys (whether these keys are virtual or physical or both).
> engineers need to be able to securely take files home,
Can the engineers have decent bandwidth (better than dialup) and latency (better than satellite) at home, so as to connect in the same authenticating way as they do at work? If so, this issue just goes away. Remember, the corporate network is as far as you are concerned part of the untrusted internet, so whatever encryption and authentication are good enough to authenticate an engineer at work are good enough to authenticate him at home.
Re:SVG is not the future
on
GIMP goes SVG
·
· Score: 1
IE will never be Notepad. First, because it's many times as capable (*Anything* is many times as capable as notepad) but more importantly because end users don't care about text editing, don't do enough of it to count, and end users are the people who don't install better apps. IE, as long as it is bundled, will always have a decent market share. It may not keep the overwhelming share it has, but it will have at least 30% or so, as long as it is bundled with the dominant OS, regardless of all other considerations. And that's if the major ISPs put something else in their connection kits.
Therefore, websites (excepting ones specifically geared toward powerusers or developers or geeks) will always have to be sure that they degrade gracefully into IE. It can never be just _dropped_, like Netscape 4 has been.
> It's the same with any tool. The more powerful it is, the longer > it takes to learn to use it.
To learn to use it _fully_, yes. Some tools though have sensible newbie-oriented defaults. (Emacs, it should be noted, is definitely not one of them; I had to learn lisp before I could get comfortable with Emacs; now, of course, I can't live without it.) To a lesser extent, neither is Gimp. OpenOffice is better (assuming the user isn't too used to MSO). I gave my mom and sister OO.o to use and they have little trouble with it. Gimp, OTOH... is way, way beyond my mom, and my sister still struggles with it.
Okay, so my sister does use Emacs, but only in one one major mode, which I wrote, which does a hyper-specific thing; if you asked her to use it for anything else, she'd be lost. I think she knows two standard Emacs keystroke combinations, excluding the ones that are specific to my major mode. She uses the mouse and menu for open and save, and copy-and-paste doesn't come into play much for the specific thing she uses it for.
Do my mom and sister use all the features of OpenOffice? No way. They don't even set tab stops. But the interface for setting tab stops is nicely unobtrusive and doesn't get in their way when they type stuff in, and that's the key. I haven't seen a powerful image editor yet that manages this. Gimp and photoshop certainly don't, and MS Paint isn't what I'd call powerful. But let's face it, word processing in general is much more seasoned than photo editing, and the interface has had more time to be developed.
Well, I *know* the best interface for me for many tasks is the commandline, but I don't know whether it's because I learned it first, or because it's just plain better.
Of course, I don't use the commandline for editing images. Unless you count raytracing, but that's different.
Around here, gin and git are both pronounced with a hard g (same as j, rendered by phonemologists as dzh or somesuch, an alveolar voiced stop followed by an aspirated voiced sibilant), but gimp (and so presumably also Gimp) is pronounced with a soft g as in frog and graphics.
Regardless of local dialects, I would posit that Gimp should be pronounced the same way as gimp.
> there is an option to have that menu up at the top of the > image window
That should probably be the default. Personally I'd turn it off, but I'm a poweruser and regularly change the settings all around in any program I install. End users generally are fearful of changing any settings, and so the defaults should be geared toward them. The preferences/options dialogs should be geared toward powerusers.
I'm not sure Gimp is ready for end users yet. (Then again, I'm not sure Photoshop is either, though I haven't seen the current version.) Too many of the default settings are poweruserish. You have to understand layers, for crying out loud, to make effective use of copy-and-paste. Now, layers are great and all, and I will never go back to an image editor that doesn't have them, but they confuse the everliving daylights out of newbies. For newbies, the default when pasting should be to let the user reposition the floating selection initially, but then when the user goes on to do something else, the selection should be either autoanchored (if there is only one other layer, which will be the normal case for end users) or made into a new layer (otherwise). Of course, it should be easy to turn this feature permanently off in the prefs, and people upgrading from earlier versions of Gimp should probably get the old behavior, and distributions not geared toward end users are free to change the defaults as appropriate for their userbase.
SVG support is good. I'll probably use it sometimes, for web graphics that I want to be able to scale a bit. (This is really useful if you want to set the width to 100%, which with a bitmap isn't a terribly attractive option.) So I'll be glad to have this feature.
> I personally don't go see a movie in the theatre unless it is a > 'Spectacular' movie. One where the experience of seeing it on a > Big screen cannot be duplicated by any other means and actually > plays and integral part of the film.
Dude, that's what dollar theatres are for. They get the movies a while later, about the time they're coming out on video (which is why they can charge a buck), but hey, if you haven't seen the movie already, it may as well be new, eh?
I don't know how long it's been since I paid full theatre price to see anything; a while, that's for sure.
> I feel some movies are SOOOO bad as to have STOLEN my time.
You realise, of course, that nobody REQUIRES you to watch them? So, they can only take your time if you GIVE it to them? So don't. (I don't, generally. I make exceptions for a few movies I actually WANT to see, though. Two or three a year. For example, I went to see ST:Nemesis in the dollar theatre.)
> It is placed on your computer without your explicit authorization
With most default browser settings, yes. The rest of the statement is utter hooey.
> it does transmit the information back
No, it _is_ the information that your _browser_ transmits back, and calling it a "software file", in addition to being technically incorrect because it's not stored as a distinct file, conjures up images of an active application, which together with the language "transmits back" makes it pretty clear that the author thinks of the cookie as an application that can do things -- and a natural reading of his description will lead someone who doesn't know any better to believe the same.
It's no wonder people don't understand computers. If they read the news or watch TV, they will in no time flat be so confused they'll think the resume application they created in the Word operating system is stored in their Windows document on their computer's modem.
> If you do believe that cookies are a bad thing(tm), then you > should turn them off - and you might be better off burning your PC > and move far, far awy from anyone who can even look at you as well.
Practically speaking, too many things break if you turn cookies off, and asking the user about each one turns the web into a dialog box festival. But you can limit the max cookie lifetime without degrading your internet experience at all. Most browsers support that option these days.
> The counter is placed on computer hard drives by a cookie, a > software file that a Web site places without the recipient's > permission or notification and that transmits information back > to the site.
Umm, yeah. I can't believe they printed that; it has to be the worst definition of 'cookie' that I've ever read.
> "If the number contains more than three digits,'' the counter > notes, "you truly are a Google frequent searcher.''
Three digits? If I didn't have my max cookie lifetime set to session, I'd probably have five digits.
> Maybe the article author should Google for browser > security/privacy settings to find out how cookies are handled.
I don't think that would help. The author of that definition is obviously so confused about terminology that a clear explanation could still leave him thinking of the cookie as an application. He probably also thinks Internet Explorer is his ISP and Compaq is his Operating System.
It doesn't transform the data into music. All it does is slap a WAV header on the beginning so that an audio player will try to play it. Not that it will finish playing anything more than two seconds long, because you won't let it finish, unless you're deaf. This is the software equivalent of inadvertently putting a data CD into a CD player that doesn't know any better than to play it. If the volume isn't turned way down first, it physically hurts. NOBODY is going to mistake this for music in any sense of the word "music". Noise maybe. Most people will probably figure the speakers are broken, until you play something else to convince them otherwise.
End users won't care, but this release carries a feature that will be VERY important for anyone who writes software that generates OpenOffice.org documents: if your XML is invalid in some way, OO.o will now tell you exactly where the problem was, instead of just bombing. I discovered this when testing the betas, and I was elated. (I write Perl scripts, including some CGI scripts, that generate SXW for printing. This makes debugging MUCH easier.)
So, umm, when's the database component coming? I heard rumours that they were starting on one...
> Actually, the kernel will kill the offending user process. It's > been part of the VM code since at least 2.0.x.
Indeed, this is true: if you run out of swap space, Linux starts killing off whatever processes are allocating memory. This is a pretty rough way to find out you're running low on swap, but it beats the everliving heck out of the previous way, wherein the system would become so slow that you could hit the close button on a window, go to the store, come home, cook a meal, eat, do the dishes, and the window would still be in the process of closing.
I work around this problem by having about twenty times as much swap space as I *think* I need, and keeping a swap meter on my Gnome panel so that I'll hopefully notice if I start running low. But I shouldn't *have* to do this; I have lots of free drive space. There's no real reason more swap files couldn't be allocated if need be, and even less reason why a warning dialog couldn't let me know I'm running low. (No, these wouldn't be part of the kernel; they could run in userspace. But there's no excuse why the major distros don't have them yet, eight years after Microsoft implemented both features. And yeah, I know MS sucks in other ways, but that's not the point.)
There's a lot of OSS that I like and use, but there's still PLENTY of room for improvement.
All my MS systems are tucked away behind an IP-Masquerade gateway, so they're not addressible from the internet. And I don't allow Outlook on my network. So that leaves IE vulnerabilities for me to worry about, and those are only exploitable if the user *goes* to a malicious or infected website, so they're unlikely to bring down the whole network at once.
[thinks for a moment] [drops smile] Guess I better run along and install the SSL upgrade on the gateway, before some clown figures out a way to exploit the vulnerability.
> Seriously, between SSH and OpenSSL, I'm getting real tired of > patching every week or two.
It's SSH and SSL this week. A little while ago it was sendmail, and before that it was something else -- and don't get all smug about MS; I'm still getting two hundred copies a day of viruses and worms that exploit their systems.
The problem, as I see it, is that nearly all the software we use is written in bug-prone languages, e.g., C and C++, which have NO protections against even the most trivial, forty-year-old known common issues, like stack corruption and buffer overruns. Languages that obviate these problems have been available for a long time; they use a little more CPU time, but CPUs are fast these days, and it's high time we start writing the software in VHLLs. When someone writes an OS entirely in Perl and Python and other VHLLs, I'll be one of the first in line to test it out. I'd be happy to have my CPU run at 20% instead of 5%, if it meant no more segfaults, buffer overrun exploits, stack corruption exploits, and so forth.
Nevertheless, it's clear in the article that we're only talking about kernel boot time here (which is usually about five seconds). The _other_ three hundred seconds your system spends booting (starting all the services and stuff, then X, then your desktop environment, then any apps) are unaffected.
You want HIGH markup, go to the mall. Worst I've ever seen was at a shop called "Bath and Body", which sells mostly (I swear I am not making this up) bottles of colored soap. I compared some of their prices to a reasonable retail store and determined that B&B was charging 1000% more than the other store's price, which presumably was already marked up at least a little. For example, B&B would sell you a box of four vanilla votive candles for $10; they would be $.25 each at Deane's, $.20 if you buy them when they're on special.
> The Microsoft Excel way!? This was used way back in Lotus 1-2-3 > R1, and I wouldn't be surprised if it was used even in VisiCalc.
Dunno about VisiCalc, but it was used in AppleWorks. (Err, guess I'd better clarify that: I'm talking about the original AppleWorks, the one that ran off a single-sided, single-density floppy, back when a Macintosh variety of Apple was something you'd get at an orchard. Though I suspect the new software by the same name also does the same thing.)
> If he really [actually] thinks that the downfall of Microsoft is > an inevitability
If you seriously think there's any question about this, you haven't studied any history. *Every* human institution fails eventually, whether it be a government, a company, a nonprofit organisation, or whatever. It's just a matter of time.
Now, talking timeframe, that's a much harder thing. Will Microsoft outlast Sun? Apple? Active maintenance of the Linux kernel? Will it outlast C/C++? Will Microsoft outlast Perl? We don't know (for sure) the answer to these questions. But will Microsoft eventually fail? Of course. It's just a matter of *when*.
Some will say, "Oh, no, if it accomplished X, Y, or Z while it was still current, it didn't fail", but that's just a different way of defining failure; in that case, replace the word "fail" above with some other suitable word that indicates a ceasing or downfall.
Will Microsoft go bankrupt next year? Not hardly. (Not in one year even if the major hardware vendors ALL at ONCE tell them to shove their OEM licenses, though certainly if even one major PC hardware vendor did that it would be major news.)
Me, I don't really want to see Microsoft die quickly. I want to see Outlook die quickly, but a sudden death of Microsoft as a company would be a bad thing. Gradual decline toward being one of several major players would be much better. And much more likely to happen.
If you can't trust your company's IT department, then you have to
treat the company network as if it were part of the internet --
outside, hostile, dangerous. That means you have to have your own
internal firewall(s) that prevent traffic from coming into your
department from the rest of the company network, except for traffic
that you specifically allow. The IT department can control whatever
servers it likes, but you don't put anything that matters on those
servers; you keep it on your OWN servers. Ideally, the IT dept.
shouldn't even know these servers exist, but absolutely they must
not have access to them. This includes physical access, even if
that means you have to rig a cabinet to set off fire alarms or
whatever if it's breached improperly. (Being engineers, I imagine
you can come up with something. Be creative. Train whistle and
air compressor, whatever, make sure you will KNOW if someone is
getting into there, and make sure power to the alarm system can't
cut without setting off an alarm (think UPS inside the cabinet).)
It gets worse. You said you have no control over the physical
topology of the network. That means anyone random can just plug
in on your side of your internal firewall. That means all your
systems that have data you need to protect MUST be locked down.
I'm thinking you want to limit it to as few systems as possible
(servers) and turn the clients into thin clients, at least for
the purposes of accessing the data you intend to protect. No
system should be able to connect to the servers that house the
data without authenticating each time, and you need to use an
encrypted wire protocol. (X11 forwarding over ssh could be made
to work, but being stuck with Windows clients is hurting you here.
Yeah, cygwin has X and it works, but unless it's improved since
the version I've got it doesn't integrate well and will get in
the way of getting work done. You might want to look into VNC
or something along those lines.)
> we need to be able to recover access in the event a bus hits
> an engineer,
All this means is you have to trust more than one engineer with
the same or equivalent access keys (whether these keys are virtual
or physical or both).
> engineers need to be able to securely take files home,
Can the engineers have decent bandwidth (better than dialup) and
latency (better than satellite) at home, so as to connect in the
same authenticating way as they do at work? If so, this issue
just goes away. Remember, the corporate network is as far as you
are concerned part of the untrusted internet, so whatever
encryption and authentication are good enough to authenticate an
engineer at work are good enough to authenticate him at home.
IE will never be Notepad. First, because it's many times as capable
(*Anything* is many times as capable as notepad) but more importantly
because end users don't care about text editing, don't do enough of
it to count, and end users are the people who don't install better
apps. IE, as long as it is bundled, will always have a decent market
share. It may not keep the overwhelming share it has, but it will
have at least 30% or so, as long as it is bundled with the dominant
OS, regardless of all other considerations. And that's if the major
ISPs put something else in their connection kits.
Therefore, websites (excepting ones specifically geared toward
powerusers or developers or geeks) will always have to be sure that
they degrade gracefully into IE. It can never be just _dropped_,
like Netscape 4 has been.
> It's the same with any tool. The more powerful it is, the longer
> it takes to learn to use it.
To learn to use it _fully_, yes. Some tools though have sensible
newbie-oriented defaults. (Emacs, it should be noted, is definitely
not one of them; I had to learn lisp before I could get comfortable
with Emacs; now, of course, I can't live without it.) To a lesser
extent, neither is Gimp. OpenOffice is better (assuming the user
isn't too used to MSO). I gave my mom and sister OO.o to use and
they have little trouble with it. Gimp, OTOH... is way, way beyond
my mom, and my sister still struggles with it.
Okay, so my sister does use Emacs, but only in one one major mode,
which I wrote, which does a hyper-specific thing; if you asked her
to use it for anything else, she'd be lost. I think she knows
two standard Emacs keystroke combinations, excluding the ones that
are specific to my major mode. She uses the mouse and menu for
open and save, and copy-and-paste doesn't come into play much for
the specific thing she uses it for.
Do my mom and sister use all the features of OpenOffice? No way.
They don't even set tab stops. But the interface for setting tab
stops is nicely unobtrusive and doesn't get in their way when they
type stuff in, and that's the key. I haven't seen a powerful
image editor yet that manages this. Gimp and photoshop certainly
don't, and MS Paint isn't what I'd call powerful. But let's face
it, word processing in general is much more seasoned than photo
editing, and the interface has had more time to be developed.
Well, I *know* the best interface for me for many tasks is the
commandline, but I don't know whether it's because I learned it
first, or because it's just plain better.
Of course, I don't use the commandline for editing images. Unless
you count raytracing, but that's different.
> a soft g as in frog and graphics
i.e., as a voiced velar stop. I meant to say that in the other post,
and forgot.
Around here, gin and git are both pronounced with a hard g (same as j,
rendered by phonemologists as dzh or somesuch, an alveolar voiced stop
followed by an aspirated voiced sibilant), but gimp (and so presumably
also Gimp) is pronounced with a soft g as in frog and graphics.
Regardless of local dialects, I would posit that Gimp should be
pronounced the same way as gimp.
> there is an option to have that menu up at the top of the
> image window
That should probably be the default. Personally I'd turn it off, but
I'm a poweruser and regularly change the settings all around in any
program I install. End users generally are fearful of changing any
settings, and so the defaults should be geared toward them. The
preferences/options dialogs should be geared toward powerusers.
I'm not sure Gimp is ready for end users yet. (Then again, I'm not
sure Photoshop is either, though I haven't seen the current version.)
Too many of the default settings are poweruserish. You have to
understand layers, for crying out loud, to make effective use of
copy-and-paste. Now, layers are great and all, and I will never go
back to an image editor that doesn't have them, but they confuse the
everliving daylights out of newbies. For newbies, the default when
pasting should be to let the user reposition the floating selection
initially, but then when the user goes on to do something else, the
selection should be either autoanchored (if there is only one other
layer, which will be the normal case for end users) or made into a
new layer (otherwise). Of course, it should be easy to turn this
feature permanently off in the prefs, and people upgrading from
earlier versions of Gimp should probably get the old behavior, and
distributions not geared toward end users are free to change the
defaults as appropriate for their userbase.
SVG support is good. I'll probably use it sometimes, for web
graphics that I want to be able to scale a bit. (This is really
useful if you want to set the width to 100%, which with a bitmap
isn't a terribly attractive option.) So I'll be glad to have
this feature.
It has already been conceded that Gimp is cheaper; that point was
not in dispute.
`o Gimp hdh ergei ws `h Photoshop kai `h Illustrator.
Well, that's what the other poster said, anyway. I don't have a Greek
keyboard, so h is eta and w is omega, and ` is a rough breathing mark.
HTH.HAND.
> It's about $30 because:$9 for me, $9 for my g/f, and the rest
> for popcorn/etc.
Two words: Dollar Theatre.
> I personally don't go see a movie in the theatre unless it is a
> 'Spectacular' movie. One where the experience of seeing it on a
> Big screen cannot be duplicated by any other means and actually
> plays and integral part of the film.
Dude, that's what dollar theatres are for. They get the movies a
while later, about the time they're coming out on video (which is
why they can charge a buck), but hey, if you haven't seen the movie
already, it may as well be new, eh?
I don't know how long it's been since I paid full theatre price to
see anything; a while, that's for sure.
> I feel some movies are SOOOO bad as to have STOLEN my time.
You realise, of course, that nobody REQUIRES you to watch them?
So, they can only take your time if you GIVE it to them? So don't.
(I don't, generally. I make exceptions for a few movies I actually
WANT to see, though. Two or three a year. For example, I went to
see ST:Nemesis in the dollar theatre.)
> It is placed on your computer without your explicit authorization
With most default browser settings, yes. The rest of the statement
is utter hooey.
> it does transmit the information back
No, it _is_ the information that your _browser_ transmits back, and
calling it a "software file", in addition to being technically
incorrect because it's not stored as a distinct file, conjures up
images of an active application, which together with the language
"transmits back" makes it pretty clear that the author thinks of
the cookie as an application that can do things -- and a natural
reading of his description will lead someone who doesn't know any
better to believe the same.
It's no wonder people don't understand computers. If they read
the news or watch TV, they will in no time flat be so confused
they'll think the resume application they created in the Word
operating system is stored in their Windows document on their
computer's modem.
> If you do believe that cookies are a bad thing(tm), then you
> should turn them off - and you might be better off burning your PC
> and move far, far awy from anyone who can even look at you as well.
Practically speaking, too many things break if you turn cookies off,
and asking the user about each one turns the web into a dialog box
festival. But you can limit the max cookie lifetime without
degrading your internet experience at all. Most browsers support
that option these days.
> The counter is placed on computer hard drives by a cookie, a
> software file that a Web site places without the recipient's
> permission or notification and that transmits information back
> to the site.
Umm, yeah. I can't believe they printed that; it has to be the
worst definition of 'cookie' that I've ever read.
> "If the number contains more than three digits,'' the counter
> notes, "you truly are a Google frequent searcher.''
Three digits? If I didn't have my max cookie lifetime set to session,
I'd probably have five digits.
> Maybe the article author should Google for browser
> security/privacy settings to find out how cookies are handled.
I don't think that would help. The author of that definition is
obviously so confused about terminology that a clear explanation
could still leave him thinking of the cookie as an application.
He probably also thinks Internet Explorer is his ISP and Compaq
is his Operating System.
It doesn't transform the data into music. All it does is slap a WAV
header on the beginning so that an audio player will try to play it.
Not that it will finish playing anything more than two seconds long,
because you won't let it finish, unless you're deaf. This is the
software equivalent of inadvertently putting a data CD into a CD
player that doesn't know any better than to play it. If the volume
isn't turned way down first, it physically hurts. NOBODY is going to
mistake this for music in any sense of the word "music". Noise maybe.
Most people will probably figure the speakers are broken, until you
play something else to convince them otherwise.
End users won't care, but this release carries a feature that will
be VERY important for anyone who writes software that generates
OpenOffice.org documents: if your XML is invalid in some way,
OO.o will now tell you exactly where the problem was, instead of
just bombing. I discovered this when testing the betas, and I
was elated. (I write Perl scripts, including some CGI scripts,
that generate SXW for printing. This makes debugging MUCH easier.)
So, umm, when's the database component coming? I heard rumours that
they were starting on one...
> Actually, the kernel will kill the offending user process. It's
> been part of the VM code since at least 2.0.x.
Indeed, this is true: if you run out of swap space, Linux starts
killing off whatever processes are allocating memory. This is a pretty
rough way to find out you're running low on swap, but it beats the
everliving heck out of the previous way, wherein the system would
become so slow that you could hit the close button on a window, go to
the store, come home, cook a meal, eat, do the dishes, and the window
would still be in the process of closing.
I work around this problem by having about twenty times as much swap
space as I *think* I need, and keeping a swap meter on my Gnome panel
so that I'll hopefully notice if I start running low. But I shouldn't
*have* to do this; I have lots of free drive space. There's no real
reason more swap files couldn't be allocated if need be, and even
less reason why a warning dialog couldn't let me know I'm running
low. (No, these wouldn't be part of the kernel; they could run in
userspace. But there's no excuse why the major distros don't have
them yet, eight years after Microsoft implemented both features.
And yeah, I know MS sucks in other ways, but that's not the point.)
There's a lot of OSS that I like and use, but there's still PLENTY
of room for improvement.
[smiles smugly]
All my MS systems are tucked away behind an IP-Masquerade gateway, so
they're not addressible from the internet. And I don't allow Outlook
on my network. So that leaves IE vulnerabilities for me to worry
about, and those are only exploitable if the user *goes* to a
malicious or infected website, so they're unlikely to bring down
the whole network at once.
[thinks for a moment]
[drops smile]
Guess I better run along and install the SSL upgrade on the gateway,
before some clown figures out a way to exploit the vulnerability.
> Seriously, between SSH and OpenSSL, I'm getting real tired of
> patching every week or two.
It's SSH and SSL this week. A little while ago it was sendmail, and
before that it was something else -- and don't get all smug about MS;
I'm still getting two hundred copies a day of viruses and worms that
exploit their systems.
The problem, as I see it, is that nearly all the software we use is
written in bug-prone languages, e.g., C and C++, which have NO
protections against even the most trivial, forty-year-old known
common issues, like stack corruption and buffer overruns. Languages
that obviate these problems have been available for a long time;
they use a little more CPU time, but CPUs are fast these days, and
it's high time we start writing the software in VHLLs. When someone
writes an OS entirely in Perl and Python and other VHLLs, I'll be
one of the first in line to test it out. I'd be happy to have my
CPU run at 20% instead of 5%, if it meant no more segfaults, buffer
overrun exploits, stack corruption exploits, and so forth.
> the way you knock the 800 pound gorilla out of the tree (MS)
But, we aren't out to destroy Microsoft. That will just be a
completely unintentional side-effect.
Nevertheless, it's clear in the article that we're only talking about
kernel boot time here (which is usually about five seconds). The
_other_ three hundred seconds your system spends booting (starting
all the services and stuff, then X, then your desktop environment,
then any apps) are unaffected.
You want HIGH markup, go to the mall. Worst I've ever seen was at
a shop called "Bath and Body", which sells mostly (I swear I am not
making this up) bottles of colored soap. I compared some of their
prices to a reasonable retail store and determined that B&B was
charging 1000% more than the other store's price, which presumably
was already marked up at least a little. For example, B&B would sell
you a box of four vanilla votive candles for $10; they would be $.25
each at Deane's, $.20 if you buy them when they're on special.
Somebody as making a serious killing.
[Regarding using AA after Z in spreadsheets]
> The Microsoft Excel way!? This was used way back in Lotus 1-2-3
> R1, and I wouldn't be surprised if it was used even in VisiCalc.
Dunno about VisiCalc, but it was used in AppleWorks. (Err, guess
I'd better clarify that: I'm talking about the original AppleWorks,
the one that ran off a single-sided, single-density floppy, back
when a Macintosh variety of Apple was something you'd get at an
orchard. Though I suspect the new software by the same name also
does the same thing.)
> If he really [actually] thinks that the downfall of Microsoft is
> an inevitability
If you seriously think there's any question about this, you haven't
studied any history. *Every* human institution fails eventually,
whether it be a government, a company, a nonprofit organisation,
or whatever. It's just a matter of time.
Now, talking timeframe, that's a much harder thing. Will Microsoft
outlast Sun? Apple? Active maintenance of the Linux kernel? Will
it outlast C/C++? Will Microsoft outlast Perl? We don't know (for
sure) the answer to these questions. But will Microsoft eventually
fail? Of course. It's just a matter of *when*.
Some will say, "Oh, no, if it accomplished X, Y, or Z while it was
still current, it didn't fail", but that's just a different way of
defining failure; in that case, replace the word "fail" above with
some other suitable word that indicates a ceasing or downfall.
Will Microsoft go bankrupt next year? Not hardly. (Not in one
year even if the major hardware vendors ALL at ONCE tell them to
shove their OEM licenses, though certainly if even one major PC
hardware vendor did that it would be major news.)
Me, I don't really want to see Microsoft die quickly. I want to see
Outlook die quickly, but a sudden death of Microsoft as a company
would be a bad thing. Gradual decline toward being one of several
major players would be much better. And much more likely to happen.