Your information is dated, Anonymous Coward. I've been running Microsoft Office 2000 and Quicken under Crossover Office for about six weeks now, and they work *perfectly*. There are no strange crashes, no weird hiccups, and the installer works perfectly right out of the box using Cxoffice's install facility.
Already done in many places. However, in general those schemes are very generic and easily avoided if you receive the document from more than one source. I've played this game before, and except in releases that are too general to be useful (like releasing identically to different groups, to at least narrow it down to a particular group), or in exceptionally small distribution groups (fewer than six, IMHO), exposure of contacts can be avoided by having more than one contact to forward you the documents. As gigantic as the Redmond campus and MS around the world is, people will feel pretty safe in their anonymity.
Security like this is a bit like nailing posters of a barbed-wire fence to 2x4's around one's property. Yeah, you might think it makes things more secure, but it actually just baffles people and makes the owner look stupid...
His main claim to popularity comes from writing "The Cathedral and the Bazaar". The problem is that the seminal understandings that sprang from that lightweight volume are now considered common knowledge. ESR was the first to codify into easily-understood form the innate truths about free software development that people had long since suspected.
He's come out with some more good ones (in particular, I like "Homesteading the Noosphere), but he hasn't written any work with more impact than than "Cathedral". He was also the first to publish the original "Halloween Document", which showed that Microsoft was, at last, taking the GNU/Linux threat seriously.
These days, almost everybody in the free-software/OSS development world understands the difference between the Bazaar and Cathedral development methods. They often consciously choose one or the other, or to develop according to Cathedral methodology, and transition to Bazaar after initial successful release. People understand the success of the development of GNU/Linux now, and despite what some will try to say, most really didn't until 1996 and the CaTB publication.
Lately, he's mostly a critic. Fetchmail is very slow on the development side these days, and his efforts to create a new build system for the Linux kernel were not accepted (killer effort, though, and well thought out, just too politically charged and too sweeping of a change for most people's tastes). However, he's still an exceptionally influential self-appointed Linux advocate. His opinions are read by millions of readers in and out of the free software community.
For the bio on the stuff he's done that has had a massive impact on the free/oss software scene, check out his bio: http://tuxedo.org/~esr/resume.html
Regardless, he has many publications in print and does a lot of speaking conventions. Like Bruce Perens, who is also influential in the community, he chose the role of public advocate for GNU/Linux for himself, and has been very successful in that role.
Don't forget the fact that you could solder a new pin and convert your SX into a DX just like that... Oh, the joy of the fun days. The old company I worked for many years ago (Las Vegas Computers) ended up with a great client and lots of referrals.
You know, now that I think about it, the clients weren't so great, but they were really fun. They were a pair of twin sisters who were selling online pornography back before it was a big deal. It was a modem dailup deal, and they had these video cameras in tiny rooms with strippers. I did several service calls there, and I think the proprietors thought it was funny that I was so squeamish about being around all those near-naked women.
But the reason they hired that company was because the company was the only one willing to solder a bunch of 486 SX chips into DX chips for them...
Despite many efforts to create "worldwide hardware load balancing", every idea that doesn't use DNS round-robin in some form to distribute load across caches that do not share high-speed private networks between them has been a fairly unspectacular failure. Hardware load balancers like the Cisco LocalDirector, BigIP F5 (which also does reverse proxy-caching), and Arrowpoint (same) are very cool, and give you very nice redundancy, but don't scale to a globally distributed architecture at all. In those situations (sorry I wasn't more explicit), a DNS round-robin is the main choice if you're not going to attempt to do some sort of ARIN lookup to redirect people to the correct cache, or have a manual redirect to a more responsive country. Of course, behind each of those DNS round-robin entries, you should have an HLB so that that IP will not go unavailable.
And I definitely wouldn't use/. as an example - of all the sites that I visit daily, this site definitely has the worst uptime by a long shot.
Good uptime is generally a side-effect of competent systems administration, not a direct effect of the architecture underlying it. Poor architecture can be worked around by good systems administration, and likewise good architecture made better the same way. However, the original question was about performance, not uptime. A reverse proxy web-cache in front of your web server is a sound decision for high-performance web serving. The uptime or lack thereof can be caused by other systems administration problems, or perhaps something as simple as having a single point of failure along the path.
That said, I should probably have pointed to CNN, Yahoo, or another heavy-load web site that uses reverse proxy web-caches to improve their site's responsiveness, rather than Slashdot.
What I haven't seen yet is how the cops are justifying entering the suspect's property to get to the trash to search it.
Most garbage, and the garbage in question in the article, is left "curbside". Curbside generally includes the sidewalk and everything between it and the street. Although the property is "owned" by an individual who is responsible for its upkeep, it is considered a public right-of-way in all other respects. It's yours, but by purchasing the land you have granted an "easement" to the public utilities and local government to use it. Normal uses include sidewalk maintenance, laying electrical, cable, or telephone lines, and maintaining sewers (although sewers are usually under the street, with a demarcation point within your easement to your individual home). If garbage is not collected from within that easement, usually the garbage collection company requires that you sign a document granting them an easement to enter your property to obtain your refuse.
In this case the police simply arranged for the regular garbage collectors to pick up the trash as usual, but deliver it to them specially rather than take it to the dump. No question about police entering private property without a warrant -- the garbage had already been picked up and held aside by the workers who are supposed to do it.
As far as civil rights goes, yeah, it's probably an invasion of privacy for someone to go through your trash. I'd lump it right in there with a credit card company knowing every purchase you make using a card, though.
If you're seriously expecting a ton of traffic to a web site, DNS round-robin to multiple web caches is an excellent idea. Akamai has a pretty good thing going, where people pay to put their content out on the proxy network that has convenient nodes all over the planet. Even just for a farm of web servers, though, putting a Squid cache in front of them and "pegging" certain URLs in memory makes an amazing speed difference.
Back when I worked for Excite@Home, we got to play with this on our E-Commerce sites. Usually it took ten web servers to handle peak load. We tried out transparent reverse proxy-caching, and were able to reduce that to *two* web servers. We could have easily gotten by with one if we didn't need fault-tolerance. It may seem unnecessarily complex, but IMHO any site that expects to handle massive web traffic should seriously investigate a front-end proxy-cache server. Virtually all of the very high-traffic sites do this (including Slashdot, though done in a slightly different way).
So, complex? Yeah, a little bit. But the performance benefits of using specialized products designed to do one job well (squid proxy cache, plus an apache-based cgi engine behind it) cannot be ignored by anybody expecting her site to get hammered.
Was true until a little while ago. http://www.xiph.org/ogg/vorbis/index.html. The new "Tremor" codec is integer-only. I think it may require a bit more CPU speed than mp3, though.
You've voiced an opinion on Slashdot which will be both unpopular and likely to quickly be moderated down. What we have here is two people arguing about an opinion:
Spammers are not thieves. Under your logic, the weekly coupons your supermarket sends out snail mail would make your supermarket thieves.
Contrary to what many anti-spam activists would have people believe, you are correct. Spammers are not thieves. They are, however, engaged in an unethical form of guerrilla marketing which has the net effect of shifting costs of advertisement to the consumer, rather than to the advertiser. Much like the RIAA labels people that infringe copyright as "pirates" and "thieves", to little effect, calling spammers "thieves" is probably over the top and unlikely to bring positive change.
Just be thankful that with computers you can filter the through all the static. You can't filter out billboards, newspaper ads, loudspeakers, etc. etc. etc.
The key difference you've missed is where the costs are borne. My company pays $650 a month for our T-1. By 9 AM this morning, we had received over 11,000 attempted emails. We have 300 employees. Of those 11,000, roughly 200 were legitimate mail. The rest were spam, double bounces, or roughly 4,000 attempts in nine hours to send mail to addresses which do not exist in our domain. We used to accept these and send bounces directly from our Groupwise server; I put Groupwise behind a firewall and Postfix mail relay shortly after I was hired here, and noticed that in two weeks we had over two gigabytes of double-bounces sitting in our queue. Yes, I use RBL, Anomy, and SpamAssassin. Nevertheless, the amount of time that I have had to spend to limit the problem to manageable levels that don't drive us out of disk space and bandwidth has cost my company dearly from payroll. I can drive past billboards and ignore them. I can choose not to listen to the radio or watch television. I don't miss much by not watching TV or listening to the radio, and thankfully any important global news I get relayed through my co-workers. In today's world, however, it would be extraordinarily difficult to decide to not use the telephone, or, if you conduct a great deal of business using electronic mail, to suddenly decide to stop using the medium entirely.
I'm not saying you are wrong, but it seems to me that both the "spammers are thieves" and "spammers are not thieves" arguments are not quite hitting the mark. Whether unintentionally or intentionally, a single unsolicited commercial email can end up collectively costing the world a great deal of money. It seems that the best analogy I could use is that spammers are like cigarette smokers. A smoker's behavior hurts only themselves, but the secondary aspects of their behavior (second-hand smoke) impact the health of others, and so that portion is regulated. It's difficult to find a public building in the U.S. these days that allows smoking due to the known, unhealthy side effects. But it took the human race hundreds of years of dealing with "annoyance levels" of the problem before coming face-to-face with the predictable health consequences of the smokers' actions.
No offense meant to smokers! I know it's a hassle to have to go outside when it's sleeting and windy in order to find a place to smoke. Spammers, also, are exercising their right to free enterprise and free speech, but, ultimately, I think spammers will find themselves in a similar regulatory position, that they must practice their craft only in designated, acceptable areas, and that spamming outside of those lines will have significant legal repercussions. Digital signatures are part of the solution, as are whitelisting and blacklisting. If spammers can be forced to operate legitimately, using only legitimate information so that they can be contacted and held liable for their actions, it would be a truly enormous step in the right direction. I don't think that part will happen through legislation, but through very large installed bases of users beginning to use mail platforms which transparently implement this kind of functionality...
Well, they say you can pick your friends, and you can pick your nose, but you can't pick your friend's nose. My non-geek friends generally have difficulty wrapping their heads around what an "alternative operating system" is. I have one in particular that tries very, very hard, and is actually making some headway understanding GNU/Linux and how to create Docbook XML, but by and large most are simply not interested.
I agree, though, that the OpenBSD installer is quite straightforward. However, here was my experience (and I'm a person with around 7 years of experience dedicated in the UNIX arena):
Download the boot image
Try to extract it onto a floppy
Find a new floppy because it had write errors on the previous one
It looks like the floppy installer is on the floppy disk. Transport to the AMD K6-2/300 that is to be my OpenBSD host.
Crap. The kernel dumps partway through load. Looks like that floppy is actually bad. Repeat the first steps again two or three more times until I finally find a floppy disk that doesn't have any bad sectors. (Note: These are standard floppy disks from Wal-Mart. The quality of floppies has gone down the tube, and they sit on the shelf way, way too long before they are sold)
Finally. Whew. The installer is running. Select packages
Hmm. It only configured one Ethernet interface. "ifconfig -a". Interesting device names. Which one is my Ethernet interface?
Look up the FAQ at openbsd.org. Oh, yeah, there it is. "Devices are named by the brand of chipset they use". Mmkay, so the configured device is the "xl0" device. I think it was a 3com, probably the Ethernet XL then, by the name. The other one is (down box, yank card, look hard) an Intel Ether Express Pro. (boot again) OK, that's probably the "fxp0" card.
"ping 123.45.67.89". OK, check, looks like networking is up. Set the default gateway, "route add -net 0.0.0.0 gw 123.45.67.1". "ping www.google.com". Crap, forgot to edit/etc/resolv.conf to add my real name server. (vi vi vi vi) OK, that's done...
Hmm, now to turn on NAT. (lynx to openbsd.org again, check out the FAQ). Right. "vi/etc/pf.conf" . Dump in line "nat on fxp0 from 192.168.1.0/24 to any -> 123.45.67.89"
Hmm, right, need to set up port forwarding for my freenet node. (check out the FAQ again) "rdr on fxp0 proto tcp from any to 123.45.67.89/32 port 17777 -> 192.168.1.2 port 17618" (By the way, this syntax is actually easier than iptables, woo woo!)
Set up various firewall rules. Drop everything except the stuff I want. Much mucking about in pf.conf (which, I notice fondly, seems to be way more intuitive than iptables, but that's not saying much)
Now, after all this, I have a working NAT device. Don't get me wrong -- I'm a UNIX admin for a living, and doing this kind of stuff is old hat. But it's really intimidating for the new user. Maybe I just don't know the tricks for OpenBSD yet, but it would be really nice to see the following:
Initial installation simple and sweet. I hear it's a lot easier if you buy the CD, that way you don't have to muck with broken floppy disks. It's pretty good as it is, just the whole floppy thing is driving me nuts. I need to find a vendor with some kind of guarantee on floppy disks.
After you boot for the first time, some kind of simple, step-by-step configuration dialog is in order. I am really a fan of "Bastille" for GNU/Linux systems. Something on the order of that, which detects your network interfaces, allows you to choose some stuff you want to install without having to learn "pkg_add" (easy as that is, point to an FTP site and it handles dependencies, pretty sweet), and then leaves you with a working system without plunging into a single configuration file.
A simple, web-based GUI which uses SSL out of the box (generating a new certificate, prompting for a good passphrase back in the configuration program), and allows you to configure basic services on the machine without knowing the command line
Those kind of things would really help with bringing OpenBSD to the masses. However, some of them are probably a security risk, and if I really want Bastille for OpenBSD, I'd probably have better luck writing it myself than waiting for someone else to do so. I'm becoming a fan of the system, though. It seems a good deal faster on some things than a comparable GNU/Linux system on the same single-processor hardware (and considerably slower on other things, notably things like updating the locate database), and I am really in love with the security-related configuration of the system.
To bring it back to the discussion at hand, I'm not certain which approach is really the "best" for end-users, since I'm so far removed from the "normal" end-user experience myself. I suspect it would be to take a secure system, with a capabilities-enabled kernel, and then build a usable system from that secure base. However, as shown above, the installation/configuration process (while easy enough for geeks) is still probably above the average user's head IMHO...
If you live in a shack in the moutains with only a shitstained pair of cover-alls made from roadkill, do you really think you need to barricade the front door?... The average home computer is the dilapidated shack with shitstained coveralls.
I had to re-read that about five times before I understood its pure profundity (is that a word?). It's another way of paraphrasing George Lucas:
Jarjar: "We'sa gettin' robbed an' crunched!"
Qui-Gonn: "That's our problem. We have nothing of value."
The average exploit is not used in and of itself as a thing of value, but as currency in the script kiddie world. It's not the thing itself, but your control over that thing that gives it value. It reminds me of an old story:
An old man gave a young man a gift of a box which had a large, red button on top. "Merely press the red button," said the old man, "and someone you don't know will die".
The young man put the box on a shelf, and for some days did not touch it. However, one day curiosity got the better of him and he pushed the button on the box. Later that day, the old man returned and asked for the box back. Upon being asked why, the old man responded, "to give this box to someone who does not know you."
I think maybe there are just so dang many boxes with red buttons floating around right now that the script kiddies have enough currency that they don't need much more...
On a related note, I have a 1988 Toyota Tercel. One time I was walking out of the local State Tax Office, saw what I thought was my car. I walked up, and attempted to use the handle. It was locked. I thought that was kind of odd, because I usually leave my complete POS car unlocked (I figure if someone needs this old, crappy, beat-up car badly enough to steal it, they need it worse than I do at the moment and it would be a great excuse to get a new one). I whipped out my key, put it in, unlocked the door, sat in the driver's seat, and put my key in the ignition. The ignition wouldn't turn. I thought this was odd, until I looked around more closely and realized THIS WAS NOT MY CAR. I got out, checked that my key really did lock and unlock the door, re-locked it, and walked away to my almost identical (but far more badly treated) light-blue Tercel a few cars down.
Most security exploits on computers seem to be of the same variety. Given some remote chance that a user has a particular system configuration, you might be able to exploit their system. The Internet just hands you a parking lot full of identical cars to try out your keys on. My experience has been that only the really easy marks get widely exploited, with the more sophisticated attacks being left to the domain of the security companies that make a living off writing reports at $60K a pop to tell some company they need to improve their security.
These days, really, the talented virus writers are gainfully employed at $70K-$90K a year to figure out how to convince clients that they need a good system audit. If you have the skills to write a really clever, unique exploit, and can demonstrate the code to the right people, you have a good chance of landing a job doing it full-time. In my opinion, that pretty much gives away why the exploits aren't being exploited. People are too busy making money from scaring people over the fact that they exist to want to risk jail time for using them.
If I recall correctly, about ten years ago there were a couple of viruses floating around that would literally melt the CMOS on certain motherboards. The virus was not very widespread, however. Absolute destruction of the host organism before reproducing is generally not an ideal evolutionary strategy for any virus-like entity, I think.
However, saying that no virus has or can physically destroy hardware is incorrect. You flash your BIOS using a DOS boot floppy, and it is possible to cause physical damage (if nothing else, permanent degradation) to a CMOS chip by re-flashing constantly. In general, a computer virus will not cause physical damage to computer hardware, but I'm certain clever system hackers can figure out a way.
As I previously said, though, viral infections that destroy hardware are rare for the simple reason that it's unproductive to destroy the host. Far better to find innocuous means of reproduction without the notice of the host computer. There's a window of opportunity for a new virus to spread before it is caught, and the clever virus writer has to figure out how to deploy the "payload" of the virus (whatever that is) before it is discovered...
Touche! I went back to touch up my grammer and missed a reference. When I speak, I generally refer to something doing so-and-so "to you" and "you do this" or "you do that", but in written English that does not work so well.
Nice catch:) Imagine a system where it *did* mail your insecurity information to me. That could be kind of cool, in a BigBrother-ish, scary sort of way...
Since we installed Postfix and "anomy" to automatically defang HTML, rename or delete possibly dangerous file attachments, and so forth, we've not had a single electronic mail-borne virus at my work. Prior to that, Groupwise 5.5 was exposed to the public Internet and weekly virus updates required to handle the massive quantities of virus attempts.
We still get a bizarrely large number of Klez mails, but running Groupwise plus Anomy plus SpamAssassin seems to have dramatically reduced our quantity of other attempted scripted exploits.
Anti-intrusion systems should be built into the OS.
This is a very, very good point. So far, the only systems I've installed that automatically install intrusion detection of any reasonable sort are Mandrake Linux and OpenBSD. I've been particularly impressed with OpenBSD's daily reporting facilities. By default, it mails a "daily insecurity report" and daily status report on your network interfaces and basic system information to me. In addition, when installing OpenBSD packages, the packages spit out a little blurb after they install, explaining what is left to configure the package, any general security concerns, and suggestions on additionally securing the service. It even installs those packages with decent default security settings. My only complaint is that I have difficulty recommending it, at this point, to my friends who are less experienced in the UNIX world.
The political baggage OpenBSD carries with it is rather unfortunate, but I note that after I am port-scanned on my OpenBSD box, I've never had an intruder attempt to use an exploit. Meanwhile, my GNU/Linux box routinely has crackers (unsuccessfully) attempt to do some well-known Apache exploits or attack my mail server. Oy, veh, annoying.
I think that user education is also critical for any operating system. Although you don't expect users to become security experts, it is the responsibility of the distribution designers to make sure the security information reported by their system is concise, easily understood, and presented in an obvious but non-annoying way.
I used to think I was at least somewhat in touch with what users wanted at my work and at my home. I thought I was responsive to their needs.
Then I sat down with a regular computer user. He asked why I had "Don't use this" underneath the "E" on my desktop (Crossover Office, Internet Explorer icon on Windows desktop). I explained that the browser was insecure due to some recent security exploits, and that I only had that particular browser installed so my wife would be able to do online ordering for one particular business she runs.
"So, you mean, you don't use the Internet?" he asked.
"No, we just don't use Internet Explorer here due to security problems." I responded.
"But when I click on the Internet, it still works," replied he.
I shortly thereafter realized, this kid thought the "e" on the desktop WAS THE INTERNET. He had no idea that it is a network of high-speed fibre circumnavigating the globe, carrying terabytes of information. He had no clue what a web browser or email reader was. He had no idea what a protocol was, or even the concept of security beyond it being what those guys in uniforms in the mall do.
This is the state of the average computer user. We either educate them, or dumb the computer down enough that they can use it. So I have to agree that it seems that only the "geekier" chunk of society even understands what a computer bug is, much less why we'd want few of them...
I'd regard Windows Services for UNIX as a competitor to Cygwin. Both are native tools for doing what you want to do, but doing it in slightly different ways. It seems kind of like choosing between Microsoft Office and OpenOffice.org.
Going to go download it, though, and see how different it is from when I evaluated it three years ago. Thanks for the link.
If I recall correctly (and my memory may be flawed, my copy of MS-DOS 6.22 has been sitting on this shelf next to me no small number of years), the environment space on MS-DOS was quite limited, so your %PATH%, by necessity, had to be somewhat small. The work-around in Windows 3.1, continuing to this day in Windows XP, is to have desktop "shortcuts" to the applications you use.
Until a distribution is developed where the only planned interaction with the underlying operating system for the casual user is through a GUI, we'll probably continue to have the pain we have now with PATH and other environment variables. I've often thought it would be fun to develop a completely GNU/Linux distribution that was completely pain-free for casual users, but it looks like Xandros, Lindows, and XPde are making admirable progress in that arena.
I expect that arriving at some home-directory standard for installing software that does not run as the root user will be the eventual solution. Something like "$HOME/opt/packagename", with automatic desktop shortcut creation in Gnome/KDE (Crossover Office and Crossover Plugin both do this admirably well at present).
I feel the need to respond to this, though the parent poster borders on flamebait.
You've provided a straw man argument in "Those unix people who use cygwin under Windows think it is so cool to list files in a 'ls' type format", and then attempt to categorize Eric S. Raymond and other UNIX or Cygwin users in this light. Cygwin is a tool, part of your arsenal of options in systems administration, and nothing more. The ability to obtain a UNIX-style directory listing is irrelevant compared to the ability to use the same script to accomplish the same thing regardless of software platform.
"Using Cygwin under Windows is about as intelligent as using Microsoft command shell batch files on UNIX."
"Crock of Crap" is the first thing that comes to mind. Bash/tcsh/ksh/psh/etc. are so many light-years ahead of the MS-DOS command line scripting language when it comes to pure functionality and understandability that there it is difficult to know where to begin creating a valid comparison. Using a Bash shell under Cygwin to accomplish systems administration or automation duties on W32 is a sound, rational decision for reducing your time investment when supporting legacy platforms like Microsoft Windows 32-bit stuff. Using Cygwin to be able to provide environmental portability across platforms can be an intelligent, measured decision that can make sense both on a personal level as well as corporate decision-making.
Many of the [legacy W32] command shell commands are designed to handle the way you do things in the Microsoft world... using cygwin is a step backward, that is unless you are mind-locked into the unix paradigm.
You've made at least one incorrect assumption in this paragraph, and that is that using Cygwin makes DOS scripting unavailable. That is simply not true. Every facility of the MS-DOS command shell is available via a Bash shell in Cygwin. You can call external programs, or even use an MS-DOS batch program to launch a Bash shell. Cygwin gives you more power and flexibility to deal with all the things you wrote of, not less, and in a fully POSIX-compliant environment to boot. Using Cygwin is a giant step forward, that is, unless you are mind-locked into the legacy Microsoft Windows paradigm.
the command shell being too incomplete... I also think this has been a good thing. [I can see] when shell scripting is at its end and jumps to coding a c binary to do something... Using shell scripting for real programming is like using Perl to write a database. It's just silly
You're entitled to your opinion. I'm a professional systems administrator, not a professional programmer, yet I've used Perl, Python, Bash, Cshell, Visual Basic, Excel scripting, MS-DOS command scripting, TCL, and other languages to automate certain tasks, make my job easier, or provide additional functionality where it was needed. Each tool has its place. I would not use Python to attempt to create a performance-critical OpenGL game, no more than I would use C to write a small daily cron job that mounts a filesystem, copies files, and unmounts the file system. Each tool has its strength. Cygwin and the programs available within that environment allow you to do more and go further with command scripting than MS-DOS command can possibly do. The "jumping off point" to an alternative language is very, very low on W32 MS-DOS scripting. Conversely, the "jumping off" point using a real, powerful command shell is quite high, and allows you to accomplish a great deal without having an enormous knowledge base of various programming languages.
The line between "scripting languages" and "programming languages" doesn't exist except at some arbitrary line which differs from programmer to programmer. Whatever language lets you get the job done in the shortest amount of time with the greatest degree of maintainability is probably what you want to pick. I can take my pick of Perl, Python, Bash/csh/ksh/whatever, Java, C, or anything in between to create what I need to get the project complete. Cygwin lets me have that additional flexibility, with the side benefit that I can use the superior command-line tools (grep/awk/sed/uniq, for instance) of a UNIX environment from Windows.
They just learned a few words, then decided that the rest of the vocabulary wasn't needed.
The world always has a need for the simple, elegant, and practical. I would submit that your analogy is flawed. Allow me to share an analogy of my own. I recently had a choice of transportation to and from work, between daily riding the bus (an hour and fifteen-minute affair each way), or driving my car (45 minutes each way). Now, for many people, the choice is very obvious: Use the option that takes the least amount of time, driving the car. Given only the time data, many would come to the same conclusion, that driving the car takes 1.5 hours per day, while riding the bus takes 2.5 hours per day. This overly simplistic view of the question doesn't nearly cover all the facts, however. Here are some other factors that influence my decision:
My car consumes a gallon of gas every 30 miles. Work is 40 miles away, so I will fill my 10-gallon tank roughly every 3-4 driving days, which will cost me somewhere a bit less than $20 each time
My work provides me with a parking space ($40 value) or a bus pass ($40) every month.
I have to pay for maintenance on my car.
Time spent in the car is time that I cannot do something else: I must be exclusively driving
On balance, I decided to take the bus. The extra time consumed by the bus ride is time that I can sleep, work on my laptop, or read a book, whereas if I were driving that hour and a half would simply be lost to me.
How does this relate to the question? Well, I think your perspective on why people use Cygwin and other UNIX-like tools on non-UNIX operating systems is a bit skewed. The native tools may be elegant, powerful, and complete (which would be quite a debatable point on legacy W32 platforms IMHO), but the question lies in the balance. Would using native tools allow you to take that same programming effort and use the same script on another operating system? Would using native tools give those who follow you a proper perspective on how to maintain your programs once you've moved on? Would re-implementing something in a native tool, when one could otherwise just install Cygwin and run the same code that is running elsewhere in the enterprise successfully, be the best use of time and the company's dollars?
Regardless, when using Cygwin you are using the native tools available to you, but just substituting a powerful command shell and scripting language for the severely retarded one that is provided by default on W32. "When in Rome" (or some foreign operating system), they say, do as the Romans do. However, if doing so would compromise system integrity, maintainability, stability, or compatability, then I do whatever I need to to make the system work well, even if it requires using a tool that doesn't quite seem "native".
I do not use Cygwin much myself. I boot to Microsoft Windows to run legacy or gaming applications on my home system, and exclusively use GNU/Linux at work and home otherwise. I do a lot of work with legacy W32 systems at work and am a big fan of "use the right tool for the job", which, to date, has not included installing Cygwin on those machines. However, it has included installing Perl, Python, or TCL as the situation requires; if Cygwin were needed to make something work, I'd use it as just another tool in my box.
Get with the program! When running any OS, use the best tool for the job!
(As a final note, I think it's very interesting that Microsoft has finally acknowledge that their shell is horribly crippled and are working to fix that. I'm not anti-Microsoft, I am pro-GNU/Linux, and am very excited to see them finally addressing the massive wart of a lack of decent systems automation on W32 platforms.)
That's what I set up at work. We have those same type of numbers -- 5555551212@mobile.att.net -- so we just set up email aliases on our mail server, so when someone sends a mail to "page-soandso@domain.com" it goes to their pager. Very useful, and if a phone ever starts getting spam, we just change the email address or remove it. Makes it so we can recycle our phones to new people easily.
You can even do this easily at home using any standard mailer and a mail alias file. Just point a domain at your home DSL link (or whatever you use), and put the entry into your "aliases" file. Even if you use Fetchmail to retrieve mail from a remote account, you can make it so that those remote accounts can eventually go to a pager address. Fun fun fun:)
This happened to me once when I telecommuted for a company in Silicon Valley. I knew I was history long before the HR director called and said "I have some extraordinarily bad news". I said "Yep, I know, I've been laid off or fired" and he asked "What would make you think that?". I explained about the fact I couldn't log into any systems (and had watched my access get pulled, system by system, while trying to get work done that day). He suggested that it could have been chance, and found it odd I would jump to that conclusion.
Nope. If I get forcibly booted from a system, and then can't log into it again, I'm pretty sure either I pissed off another sysadmin or it's time start looking elsewhere...
$2,100 bonus. Full-time UNIX admin, with a liberal sprinkling of integration work on MacOS X.x, Win32, and various bizarre platforms.
After federal, state, and local taxes (which are quite extreme on any income that is not your standard "wage"), $1,263 net take-home. Gave my wife $350, myself $350, and saved the rest for family expenses.
Plus around Thanksgiving, they gave us a gift certficate for a ham that normally costs around $45. It's a nice place to work, lots of fun and challenging projects. Believe it or not, I work for a bank. Times are tough all around, particularly on banks (which really get stiffed with the bills during tough economies), but those who value their employees still try to make sure employees stay satisfied with their employment. To paraphrase P.T. Barnum, the knowledge inside the heads of your employees is your greatest asset, and should be rewarded with reasonable annual increases. Should the employee begin to believe s/he is invaluable, and demand extortionary rates for their continued employ, you should show them the door.
The dance comes when trying to figure out the fine line between "reasonable" and "extortionary":)
Your theory sounds about right to me. The work on NWN is, fundamentally, a work to create a new engine for their RPG's to replace the aging one used in the Baldur's Gate series. They milked Baldur's Gate for many years, and it was tremendously popular and a big money-maker. The same can be expected of NWN.
Fundamentally, NWN is a method for telling stories. Everything else is simply a means to achieve that end. They've made amazing, engrossing stories before. Having a client run on all platforms will almost surely be a money-loser, but all those future expansions, cranked out every 8 months, is a sure way to continue being profitable for this company, because they know how to tell an engrossing story via a game engine.
So yeah, I agree with you. But it's not some mysterious future project that they are laying the groundwork for, but simply more and more expansions so they can use this as their base engine for the next 6 years.
DNS has the solution to the "key" issue. There is already in the standard a "key" type of record; this is widely used for opportunistic encryption between IPSEC devices. Simply set a key for the MX record on a domain (or a key:value list set for all valid users on a given MX or something like that, though that sounds very non-scalable) and away you go.
DNS is the most scalable directory the world has yet seen, eclipsing Novell's NDS by a good margin for sheer volume of records. Using TXT or KEY record types, heretofore largely unused, could be the key (no pun intended) to making a scheme like this work for email.
Slashdot Mirror
Your information is dated, Anonymous Coward. I've been running Microsoft Office 2000 and Quicken under Crossover Office for about six weeks now, and they work *perfectly*. There are no strange crashes, no weird hiccups, and the installer works perfectly right out of the box using Cxoffice's install facility.
Already done in many places. However, in general those schemes are very generic and easily avoided if you receive the document from more than one source. I've played this game before, and except in releases that are too general to be useful (like releasing identically to different groups, to at least narrow it down to a particular group), or in exceptionally small distribution groups (fewer than six, IMHO), exposure of contacts can be avoided by having more than one contact to forward you the documents. As gigantic as the Redmond campus and MS around the world is, people will feel pretty safe in their anonymity.
Security like this is a bit like nailing posters of a barbed-wire fence to 2x4's around one's property. Yeah, you might think it makes things more secure, but it actually just baffles people and makes the owner look stupid...
His main claim to popularity comes from writing "The Cathedral and the Bazaar". The problem is that the seminal understandings that sprang from that lightweight volume are now considered common knowledge. ESR was the first to codify into easily-understood form the innate truths about free software development that people had long since suspected.
He's come out with some more good ones (in particular, I like "Homesteading the Noosphere), but he hasn't written any work with more impact than than "Cathedral". He was also the first to publish the original "Halloween Document", which showed that Microsoft was, at last, taking the GNU/Linux threat seriously.
These days, almost everybody in the free-software/OSS development world understands the difference between the Bazaar and Cathedral development methods. They often consciously choose one or the other, or to develop according to Cathedral methodology, and transition to Bazaar after initial successful release. People understand the success of the development of GNU/Linux now, and despite what some will try to say, most really didn't until 1996 and the CaTB publication.
Lately, he's mostly a critic. Fetchmail is very slow on the development side these days, and his efforts to create a new build system for the Linux kernel were not accepted (killer effort, though, and well thought out, just too politically charged and too sweeping of a change for most people's tastes). However, he's still an exceptionally influential self-appointed Linux advocate. His opinions are read by millions of readers in and out of the free software community.
For the bio on the stuff he's done that has had a massive impact on the free/oss software scene, check out his bio: http://tuxedo.org/~esr/resume.html
Regardless, he has many publications in print and does a lot of speaking conventions. Like Bruce Perens, who is also influential in the community, he chose the role of public advocate for GNU/Linux for himself, and has been very successful in that role.
Don't forget the fact that you could solder a new pin and convert your SX into a DX just like that... Oh, the joy of the fun days. The old company I worked for many years ago (Las Vegas Computers) ended up with a great client and lots of referrals.
You know, now that I think about it, the clients weren't so great, but they were really fun. They were a pair of twin sisters who were selling online pornography back before it was a big deal. It was a modem dailup deal, and they had these video cameras in tiny rooms with strippers. I did several service calls there, and I think the proprietors thought it was funny that I was so squeamish about being around all those near-naked women.
But the reason they hired that company was because the company was the only one willing to solder a bunch of 486 SX chips into DX chips for them...
Despite many efforts to create "worldwide hardware load balancing", every idea that doesn't use DNS round-robin in some form to distribute load across caches that do not share high-speed private networks between them has been a fairly unspectacular failure. Hardware load balancers like the Cisco LocalDirector, BigIP F5 (which also does reverse proxy-caching), and Arrowpoint (same) are very cool, and give you very nice redundancy, but don't scale to a globally distributed architecture at all. In those situations (sorry I wasn't more explicit), a DNS round-robin is the main choice if you're not going to attempt to do some sort of ARIN lookup to redirect people to the correct cache, or have a manual redirect to a more responsive country. Of course, behind each of those DNS round-robin entries, you should have an HLB so that that IP will not go unavailable.
Good uptime is generally a side-effect of competent systems administration, not a direct effect of the architecture underlying it. Poor architecture can be worked around by good systems administration, and likewise good architecture made better the same way. However, the original question was about performance, not uptime. A reverse proxy web-cache in front of your web server is a sound decision for high-performance web serving. The uptime or lack thereof can be caused by other systems administration problems, or perhaps something as simple as having a single point of failure along the path.
That said, I should probably have pointed to CNN, Yahoo, or another heavy-load web site that uses reverse proxy web-caches to improve their site's responsiveness, rather than Slashdot.
Most garbage, and the garbage in question in the article, is left "curbside". Curbside generally includes the sidewalk and everything between it and the street. Although the property is "owned" by an individual who is responsible for its upkeep, it is considered a public right-of-way in all other respects. It's yours, but by purchasing the land you have granted an "easement" to the public utilities and local government to use it. Normal uses include sidewalk maintenance, laying electrical, cable, or telephone lines, and maintaining sewers (although sewers are usually under the street, with a demarcation point within your easement to your individual home). If garbage is not collected from within that easement, usually the garbage collection company requires that you sign a document granting them an easement to enter your property to obtain your refuse.
In this case the police simply arranged for the regular garbage collectors to pick up the trash as usual, but deliver it to them specially rather than take it to the dump. No question about police entering private property without a warrant -- the garbage had already been picked up and held aside by the workers who are supposed to do it.
As far as civil rights goes, yeah, it's probably an invasion of privacy for someone to go through your trash. I'd lump it right in there with a credit card company knowing every purchase you make using a card, though.
If you're seriously expecting a ton of traffic to a web site, DNS round-robin to multiple web caches is an excellent idea. Akamai has a pretty good thing going, where people pay to put their content out on the proxy network that has convenient nodes all over the planet. Even just for a farm of web servers, though, putting a Squid cache in front of them and "pegging" certain URLs in memory makes an amazing speed difference.
Back when I worked for Excite@Home, we got to play with this on our E-Commerce sites. Usually it took ten web servers to handle peak load. We tried out transparent reverse proxy-caching, and were able to reduce that to *two* web servers. We could have easily gotten by with one if we didn't need fault-tolerance. It may seem unnecessarily complex, but IMHO any site that expects to handle massive web traffic should seriously investigate a front-end proxy-cache server. Virtually all of the very high-traffic sites do this (including Slashdot, though done in a slightly different way).
So, complex? Yeah, a little bit. But the performance benefits of using specialized products designed to do one job well (squid proxy cache, plus an apache-based cgi engine behind it) cannot be ignored by anybody expecting her site to get hammered.
Was true until a little while ago. http://www.xiph.org/ogg/vorbis/index.html. The new "Tremor" codec is integer-only. I think it may require a bit more CPU speed than mp3, though.
Contrary to what many anti-spam activists would have people believe, you are correct. Spammers are not thieves. They are, however, engaged in an unethical form of guerrilla marketing which has the net effect of shifting costs of advertisement to the consumer, rather than to the advertiser. Much like the RIAA labels people that infringe copyright as "pirates" and "thieves", to little effect, calling spammers "thieves" is probably over the top and unlikely to bring positive change.
The key difference you've missed is where the costs are borne. My company pays $650 a month for our T-1. By 9 AM this morning, we had received over 11,000 attempted emails. We have 300 employees. Of those 11,000, roughly 200 were legitimate mail. The rest were spam, double bounces, or roughly 4,000 attempts in nine hours to send mail to addresses which do not exist in our domain. We used to accept these and send bounces directly from our Groupwise server; I put Groupwise behind a firewall and Postfix mail relay shortly after I was hired here, and noticed that in two weeks we had over two gigabytes of double-bounces sitting in our queue. Yes, I use RBL, Anomy, and SpamAssassin. Nevertheless, the amount of time that I have had to spend to limit the problem to manageable levels that don't drive us out of disk space and bandwidth has cost my company dearly from payroll. I can drive past billboards and ignore them. I can choose not to listen to the radio or watch television. I don't miss much by not watching TV or listening to the radio, and thankfully any important global news I get relayed through my co-workers. In today's world, however, it would be extraordinarily difficult to decide to not use the telephone, or, if you conduct a great deal of business using electronic mail, to suddenly decide to stop using the medium entirely.
I'm not saying you are wrong, but it seems to me that both the "spammers are thieves" and "spammers are not thieves" arguments are not quite hitting the mark. Whether unintentionally or intentionally, a single unsolicited commercial email can end up collectively costing the world a great deal of money. It seems that the best analogy I could use is that spammers are like cigarette smokers. A smoker's behavior hurts only themselves, but the secondary aspects of their behavior (second-hand smoke) impact the health of others, and so that portion is regulated. It's difficult to find a public building in the U.S. these days that allows smoking due to the known, unhealthy side effects. But it took the human race hundreds of years of dealing with "annoyance levels" of the problem before coming face-to-face with the predictable health consequences of the smokers' actions.
No offense meant to smokers! I know it's a hassle to have to go outside when it's sleeting and windy in order to find a place to smoke. Spammers, also, are exercising their right to free enterprise and free speech, but, ultimately, I think spammers will find themselves in a similar regulatory position, that they must practice their craft only in designated, acceptable areas, and that spamming outside of those lines will have significant legal repercussions. Digital signatures are part of the solution, as are whitelisting and blacklisting. If spammers can be forced to operate legitimately, using only legitimate information so that they can be contacted and held liable for their actions, it would be a truly enormous step in the right direction. I don't think that part will happen through legislation, but through very large installed bases of users beginning to use mail platforms which transparently implement this kind of functionality...
I agree, though, that the OpenBSD installer is quite straightforward. However, here was my experience (and I'm a person with around 7 years of experience dedicated in the UNIX arena):
Now, after all this, I have a working NAT device. Don't get me wrong -- I'm a UNIX admin for a living, and doing this kind of stuff is old hat. But it's really intimidating for the new user. Maybe I just don't know the tricks for OpenBSD yet, but it would be really nice to see the following:
Those kind of things would really help with bringing OpenBSD to the masses. However, some of them are probably a security risk, and if I really want Bastille for OpenBSD, I'd probably have better luck writing it myself than waiting for someone else to do so. I'm becoming a fan of the system, though. It seems a good deal faster on some things than a comparable GNU/Linux system on the same single-processor hardware (and considerably slower on other things, notably things like updating the locate database), and I am really in love with the security-related configuration of the system.
To bring it back to the discussion at hand, I'm not certain which approach is really the "best" for end-users, since I'm so far removed from the "normal" end-user experience myself. I suspect it would be to take a secure system, with a capabilities-enabled kernel, and then build a usable system from that secure base. However, as shown above, the installation/configuration process (while easy enough for geeks) is still probably above the average user's head IMHO...
- If you live in a shack in the moutains with only a shitstained pair of cover-alls made from roadkill, do you really think you need to barricade the front door?
... The average home computer is the dilapidated shack with shitstained coveralls.
I had to re-read that about five times before I understood its pure profundity (is that a word?). It's another way of paraphrasing George Lucas: The average exploit is not used in and of itself as a thing of value, but as currency in the script kiddie world. It's not the thing itself, but your control over that thing that gives it value. It reminds me of an old story: I think maybe there are just so dang many boxes with red buttons floating around right now that the script kiddies have enough currency that they don't need much more...On a related note, I have a 1988 Toyota Tercel. One time I was walking out of the local State Tax Office, saw what I thought was my car. I walked up, and attempted to use the handle. It was locked. I thought that was kind of odd, because I usually leave my complete POS car unlocked (I figure if someone needs this old, crappy, beat-up car badly enough to steal it, they need it worse than I do at the moment and it would be a great excuse to get a new one). I whipped out my key, put it in, unlocked the door, sat in the driver's seat, and put my key in the ignition. The ignition wouldn't turn. I thought this was odd, until I looked around more closely and realized THIS WAS NOT MY CAR. I got out, checked that my key really did lock and unlock the door, re-locked it, and walked away to my almost identical (but far more badly treated) light-blue Tercel a few cars down.
Most security exploits on computers seem to be of the same variety. Given some remote chance that a user has a particular system configuration, you might be able to exploit their system. The Internet just hands you a parking lot full of identical cars to try out your keys on. My experience has been that only the really easy marks get widely exploited, with the more sophisticated attacks being left to the domain of the security companies that make a living off writing reports at $60K a pop to tell some company they need to improve their security.
These days, really, the talented virus writers are gainfully employed at $70K-$90K a year to figure out how to convince clients that they need a good system audit. If you have the skills to write a really clever, unique exploit, and can demonstrate the code to the right people, you have a good chance of landing a job doing it full-time. In my opinion, that pretty much gives away why the exploits aren't being exploited. People are too busy making money from scaring people over the fact that they exist to want to risk jail time for using them.
If I recall correctly, about ten years ago there were a couple of viruses floating around that would literally melt the CMOS on certain motherboards. The virus was not very widespread, however. Absolute destruction of the host organism before reproducing is generally not an ideal evolutionary strategy for any virus-like entity, I think.
However, saying that no virus has or can physically destroy hardware is incorrect. You flash your BIOS using a DOS boot floppy, and it is possible to cause physical damage (if nothing else, permanent degradation) to a CMOS chip by re-flashing constantly. In general, a computer virus will not cause physical damage to computer hardware, but I'm certain clever system hackers can figure out a way.
As I previously said, though, viral infections that destroy hardware are rare for the simple reason that it's unproductive to destroy the host. Far better to find innocuous means of reproduction without the notice of the host computer. There's a window of opportunity for a new virus to spread before it is caught, and the clever virus writer has to figure out how to deploy the "payload" of the virus (whatever that is) before it is discovered...
Touche! I went back to touch up my grammer and missed a reference. When I speak, I generally refer to something doing so-and-so "to you" and "you do this" or "you do that", but in written English that does not work so well.
:) Imagine a system where it *did* mail your insecurity information to me. That could be kind of cool, in a BigBrother-ish, scary sort of way...
Nice catch
Since we installed Postfix and "anomy" to automatically defang HTML, rename or delete possibly dangerous file attachments, and so forth, we've not had a single electronic mail-borne virus at my work. Prior to that, Groupwise 5.5 was exposed to the public Internet and weekly virus updates required to handle the massive quantities of virus attempts.
We still get a bizarrely large number of Klez mails, but running Groupwise plus Anomy plus SpamAssassin seems to have dramatically reduced our quantity of other attempted scripted exploits.
- Anti-intrusion systems should be built into the OS.
This is a very, very good point. So far, the only systems I've installed that automatically install intrusion detection of any reasonable sort are Mandrake Linux and OpenBSD. I've been particularly impressed with OpenBSD's daily reporting facilities. By default, it mails a "daily insecurity report" and daily status report on your network interfaces and basic system information to me. In addition, when installing OpenBSD packages, the packages spit out a little blurb after they install, explaining what is left to configure the package, any general security concerns, and suggestions on additionally securing the service. It even installs those packages with decent default security settings. My only complaint is that I have difficulty recommending it, at this point, to my friends who are less experienced in the UNIX world.The political baggage OpenBSD carries with it is rather unfortunate, but I note that after I am port-scanned on my OpenBSD box, I've never had an intruder attempt to use an exploit. Meanwhile, my GNU/Linux box routinely has crackers (unsuccessfully) attempt to do some well-known Apache exploits or attack my mail server. Oy, veh, annoying.
I think that user education is also critical for any operating system. Although you don't expect users to become security experts, it is the responsibility of the distribution designers to make sure the security information reported by their system is concise, easily understood, and presented in an obvious but non-annoying way.
I used to think I was at least somewhat in touch with what users wanted at my work and at my home. I thought I was responsive to their needs.
Then I sat down with a regular computer user. He asked why I had "Don't use this" underneath the "E" on my desktop (Crossover Office, Internet Explorer icon on Windows desktop). I explained that the browser was insecure due to some recent security exploits, and that I only had that particular browser installed so my wife would be able to do online ordering for one particular business she runs.
"So, you mean, you don't use the Internet?" he asked.
"No, we just don't use Internet Explorer here due to security problems." I responded.
"But when I click on the Internet, it still works," replied he.
I shortly thereafter realized, this kid thought the "e" on the desktop WAS THE INTERNET. He had no idea that it is a network of high-speed fibre circumnavigating the globe, carrying terabytes of information. He had no clue what a web browser or email reader was. He had no idea what a protocol was, or even the concept of security beyond it being what those guys in uniforms in the mall do.
This is the state of the average computer user. We either educate them, or dumb the computer down enough that they can use it. So I have to agree that it seems that only the "geekier" chunk of society even understands what a computer bug is, much less why we'd want few of them...
I'd regard Windows Services for UNIX as a competitor to Cygwin. Both are native tools for doing what you want to do, but doing it in slightly different ways. It seems kind of like choosing between Microsoft Office and OpenOffice.org.
Going to go download it, though, and see how different it is from when I evaluated it three years ago. Thanks for the link.
If I recall correctly (and my memory may be flawed, my copy of MS-DOS 6.22 has been sitting on this shelf next to me no small number of years), the environment space on MS-DOS was quite limited, so your %PATH%, by necessity, had to be somewhat small. The work-around in Windows 3.1, continuing to this day in Windows XP, is to have desktop "shortcuts" to the applications you use.
Until a distribution is developed where the only planned interaction with the underlying operating system for the casual user is through a GUI, we'll probably continue to have the pain we have now with PATH and other environment variables. I've often thought it would be fun to develop a completely GNU/Linux distribution that was completely pain-free for casual users, but it looks like Xandros, Lindows, and XPde are making admirable progress in that arena.
I expect that arriving at some home-directory standard for installing software that does not run as the root user will be the eventual solution. Something like "$HOME/opt/packagename", with automatic desktop shortcut creation in Gnome/KDE (Crossover Office and Crossover Plugin both do this admirably well at present).
You've provided a straw man argument in "Those unix people who use cygwin under Windows think it is so cool to list files in a 'ls' type format", and then attempt to categorize Eric S. Raymond and other UNIX or Cygwin users in this light. Cygwin is a tool, part of your arsenal of options in systems administration, and nothing more. The ability to obtain a UNIX-style directory listing is irrelevant compared to the ability to use the same script to accomplish the same thing regardless of software platform.
"Crock of Crap" is the first thing that comes to mind. Bash/tcsh/ksh/psh/etc. are so many light-years ahead of the MS-DOS command line scripting language when it comes to pure functionality and understandability that there it is difficult to know where to begin creating a valid comparison. Using a Bash shell under Cygwin to accomplish systems administration or automation duties on W32 is a sound, rational decision for reducing your time investment when supporting legacy platforms like Microsoft Windows 32-bit stuff. Using Cygwin to be able to provide environmental portability across platforms can be an intelligent, measured decision that can make sense both on a personal level as well as corporate decision-making.
You've made at least one incorrect assumption in this paragraph, and that is that using Cygwin makes DOS scripting unavailable. That is simply not true. Every facility of the MS-DOS command shell is available via a Bash shell in Cygwin. You can call external programs, or even use an MS-DOS batch program to launch a Bash shell. Cygwin gives you more power and flexibility to deal with all the things you wrote of, not less, and in a fully POSIX-compliant environment to boot. Using Cygwin is a giant step forward, that is, unless you are mind-locked into the legacy Microsoft Windows paradigm.
- the command shell being too incomplete... I also think this has been a good thing. [I can see] when shell scripting is at its end and jumps to coding a c binary to do something... Using shell scripting for real programming is like using Perl to write a database. It's just silly
You're entitled to your opinion. I'm a professional systems administrator, not a professional programmer, yet I've used Perl, Python, Bash, Cshell, Visual Basic, Excel scripting, MS-DOS command scripting, TCL, and other languages to automate certain tasks, make my job easier, or provide additional functionality where it was needed. Each tool has its place. I would not use Python to attempt to create a performance-critical OpenGL game, no more than I would use C to write a small daily cron job that mounts a filesystem, copies files, and unmounts the file system. Each tool has its strength. Cygwin and the programs available within that environment allow you to do more and go further with command scripting than MS-DOS command can possibly do. The "jumping off point" to an alternative language is very, very low on W32 MS-DOS scripting. Conversely, the "jumping off" point using a real, powerful command shell is quite high, and allows you to accomplish a great deal without having an enormous knowledge base of various programming languages.The line between "scripting languages" and "programming languages" doesn't exist except at some arbitrary line which differs from programmer to programmer. Whatever language lets you get the job done in the shortest amount of time with the greatest degree of maintainability is probably what you want to pick. I can take my pick of Perl, Python, Bash/csh/ksh/whatever, Java, C, or anything in between to create what I need to get the project complete. Cygwin lets me have that additional flexibility, with the side benefit that I can use the superior command-line tools (grep/awk/sed/uniq, for instance) of a UNIX environment from Windows.
- They just learned a few words, then decided that the rest of the vocabulary wasn't needed.
The world always has a need for the simple, elegant, and practical. I would submit that your analogy is flawed. Allow me to share an analogy of my own. I recently had a choice of transportation to and from work, between daily riding the bus (an hour and fifteen-minute affair each way), or driving my car (45 minutes each way). Now, for many people, the choice is very obvious: Use the option that takes the least amount of time, driving the car. Given only the time data, many would come to the same conclusion, that driving the car takes 1.5 hours per day, while riding the bus takes 2.5 hours per day. This overly simplistic view of the question doesn't nearly cover all the facts, however. Here are some other factors that influence my decision:- My car consumes a gallon of gas every 30 miles. Work is 40 miles away, so I will fill my 10-gallon tank roughly every 3-4 driving days, which will cost me somewhere a bit less than $20 each time
- My work provides me with a parking space ($40 value) or a bus pass ($40) every month.
- I have to pay for maintenance on my car.
- Time spent in the car is time that I cannot do something else: I must be exclusively driving
On balance, I decided to take the bus. The extra time consumed by the bus ride is time that I can sleep, work on my laptop, or read a book, whereas if I were driving that hour and a half would simply be lost to me.How does this relate to the question? Well, I think your perspective on why people use Cygwin and other UNIX-like tools on non-UNIX operating systems is a bit skewed. The native tools may be elegant, powerful, and complete (which would be quite a debatable point on legacy W32 platforms IMHO), but the question lies in the balance. Would using native tools allow you to take that same programming effort and use the same script on another operating system? Would using native tools give those who follow you a proper perspective on how to maintain your programs once you've moved on? Would re-implementing something in a native tool, when one could otherwise just install Cygwin and run the same code that is running elsewhere in the enterprise successfully, be the best use of time and the company's dollars?
Regardless, when using Cygwin you are using the native tools available to you, but just substituting a powerful command shell and scripting language for the severely retarded one that is provided by default on W32. "When in Rome" (or some foreign operating system), they say, do as the Romans do. However, if doing so would compromise system integrity, maintainability, stability, or compatability, then I do whatever I need to to make the system work well, even if it requires using a tool that doesn't quite seem "native".
I do not use Cygwin much myself. I boot to Microsoft Windows to run legacy or gaming applications on my home system, and exclusively use GNU/Linux at work and home otherwise. I do a lot of work with legacy W32 systems at work and am a big fan of "use the right tool for the job", which, to date, has not included installing Cygwin on those machines. However, it has included installing Perl, Python, or TCL as the situation requires; if Cygwin were needed to make something work, I'd use it as just another tool in my box.
Get with the program! When running any OS, use the best tool for the job!
(As a final note, I think it's very interesting that Microsoft has finally acknowledge that their shell is horribly crippled and are working to fix that. I'm not anti-Microsoft, I am pro-GNU/Linux, and am very excited to see them finally addressing the massive wart of a lack of decent systems automation on W32 platforms.)
That's what I set up at work. We have those same type of numbers -- 5555551212@mobile.att.net -- so we just set up email aliases on our mail server, so when someone sends a mail to "page-soandso@domain.com" it goes to their pager. Very useful, and if a phone ever starts getting spam, we just change the email address or remove it. Makes it so we can recycle our phones to new people easily.
:)
You can even do this easily at home using any standard mailer and a mail alias file. Just point a domain at your home DSL link (or whatever you use), and put the entry into your "aliases" file. Even if you use Fetchmail to retrieve mail from a remote account, you can make it so that those remote accounts can eventually go to a pager address. Fun fun fun
This happened to me once when I telecommuted for a company in Silicon Valley. I knew I was history long before the HR director called and said "I have some extraordinarily bad news". I said "Yep, I know, I've been laid off or fired" and he asked "What would make you think that?". I explained about the fact I couldn't log into any systems (and had watched my access get pulled, system by system, while trying to get work done that day). He suggested that it could have been chance, and found it odd I would jump to that conclusion.
Nope. If I get forcibly booted from a system, and then can't log into it again, I'm pretty sure either I pissed off another sysadmin or it's time start looking elsewhere...
$2,100 bonus. Full-time UNIX admin, with a liberal sprinkling of integration work on MacOS X.x, Win32, and various bizarre platforms.
:)
After federal, state, and local taxes (which are quite extreme on any income that is not your standard "wage"), $1,263 net take-home. Gave my wife $350, myself $350, and saved the rest for family expenses.
Plus around Thanksgiving, they gave us a gift certficate for a ham that normally costs around $45. It's a nice place to work, lots of fun and challenging projects. Believe it or not, I work for a bank. Times are tough all around, particularly on banks (which really get stiffed with the bills during tough economies), but those who value their employees still try to make sure employees stay satisfied with their employment. To paraphrase P.T. Barnum, the knowledge inside the heads of your employees is your greatest asset, and should be rewarded with reasonable annual increases. Should the employee begin to believe s/he is invaluable, and demand extortionary rates for their continued employ, you should show them the door.
The dance comes when trying to figure out the fine line between "reasonable" and "extortionary"
Your theory sounds about right to me. The work on NWN is, fundamentally, a work to create a new engine for their RPG's to replace the aging one used in the Baldur's Gate series. They milked Baldur's Gate for many years, and it was tremendously popular and a big money-maker. The same can be expected of NWN.
Fundamentally, NWN is a method for telling stories. Everything else is simply a means to achieve that end. They've made amazing, engrossing stories before. Having a client run on all platforms will almost surely be a money-loser, but all those future expansions, cranked out every 8 months, is a sure way to continue being profitable for this company, because they know how to tell an engrossing story via a game engine.
So yeah, I agree with you. But it's not some mysterious future project that they are laying the groundwork for, but simply more and more expansions so they can use this as their base engine for the next 6 years.
DNS has the solution to the "key" issue. There is already in the standard a "key" type of record; this is widely used for opportunistic encryption between IPSEC devices. Simply set a key for the MX record on a domain (or a key:value list set for all valid users on a given MX or something like that, though that sounds very non-scalable) and away you go.
DNS is the most scalable directory the world has yet seen, eclipsing Novell's NDS by a good margin for sheer volume of records. Using TXT or KEY record types, heretofore largely unused, could be the key (no pun intended) to making a scheme like this work for email.