Don't even get me started on why. Just let me say that I currently use Ada, C, and Perl approximately equally and consider myself fluent in all 3. Guess which one more frequently works right for me the first time by a significant margin? Guess which one I spend the least time debugging other people's code in?
I think you struck at the heart of the problem with drivers and Linux. There is a gap between the driver developers and the distributions that isn't getting filled.
At this point, were I in your shoes, I would already be in contact with the person who wrote the kernel patch. Chances are that the driver works fine, and the problem will be solved with some obscure configuration that will take a lot of time and effort to figure out.
The gap happens when I fix the problem. It works for me and will work forever, so I am happy and satisfied. The driver developer doesn't do anything to make it easier for the next guy with the same problem, because the driver works as intended with the proper configuration. The distro doesn't do anything to make it easier for the next guy because it was just a configuration problem.
No one is taking responsibility to make the installation and configuration of drivers easier. This makes the WORKSFORME and the DOESN'TWORKFORME camps both right at the same time. The drivers are available and work, but are often prohibitively difficult to install and configure.
In a way I agree with Dvorak. The first distribution to come up with a comprehensive solution to the driver management problem will become quickly dominant. Even better would be a distro-neutral standalone driver management solution.
Did you forget that there are already commercial drivers for Linux that are shipped in binary form? NVidia is the most well known example.
They get around the ABI incompatibility by creating their own compatibility layer that gets compiled against one's specific kernel version. The compatibility layer takes a trivial amount of time to compile and is done automatically by the install script. They only have to make significant binary changes between 2.4 and 2.6 kernel series, for example.
There are pros and cons about this approach, but keep in mind that there is nothing stopping anyone from creating a standard ABI except perhaps inertia. I think if it was really worth doing, someone would have done it already.
The list of unsupported hardware for Linux is small, and getting smaller every day. Support for "vintage" hardware is just as good if not better than for cutting edge hardware.
Just for fun about a year ago I installed Linux on an old 486 SX my in-laws were throwing out. There is something surreal about combining software with up to the minute security and bug fixes with a ~10 year old computer and a ~6 year old network and sound card, and then turning around and using pretty much the same software to interface with digital video and still cameras and wireless network cards that weren't even conceived of when 486s were cutting edge.
If you haven't checked out Linux in a couple of years, look again. In my opinion, Linux is well beyond the catch up stage and is starting to lead the pack in some areas. As an example of free software being ahead of its time, one of my recent configuration frustrations has been trying to keep a handful of applications like mplayer from using IPv6 by default. Look at the hardened gentoo project for another example of Linux leading the pack.
When I was an undergrad at Arizona State, the public labs were all about half windows and half macs, with occasional "xterms" (their name for some unix flavor) mixed in. I believe that since then, they have gotten rid of most if not all of the mac machines.
I used to love it around term paper time, because there would be a line of 20 people waiting hours to use the Windows machines and usually over 20 vacant Macs. The funny thing is that they were all waiting to use Microsoft Word, which was installed on all of the Macs. Their OS prejudice was my gain. You can't convince me those people were computer literate. It's like saying a child can read because they know all the words to "Green Eggs and Ham."
We haven't had a Microsoft partition since before Windows XP. I'll be very interested to see how my 8 month old daughter reacts to a Windows world after growing up with only Linux at home. I suspect she will do just fine. After all, we all grew up with TRS-80s, Apple IIes, and commodores, and we still manage to be productive at work. I won't even feel too bad if she rebels as a teenager by switching to xpde to fit in with her friends. Although, who knows what the state of desktop computing will be by then?
Then put both servers on the Internet and compare the compromise rates.
That doesn't really compare the inherent security of the systems, just the probability of compromise. Someone may write a worm to massively exploit a vulnerability, but a single targeted attack is easier to perform and probably more dangerous to the targeted machine.
I like their idea of measuring the number of days between a vulnerability being discovered and when it is fixed, but I suggest extending the idea a bit.
A better study would be to take a large sample of popular web sites and measure the amount of time they were vulnerable to potential exploits over the course of about a year and the potential severity of those exploits. Also measure the site availability.
Popular web sites are more likely to be targets for attack. They are also more likely to have competent system administrators that have an average obsession with security.
If you aren't a competent system administrator with an average obsession with security you have no business putting a web server on the internet anyway. Dealing with joe user with an internet connection for email, IM, and web browsing is a topic for a whole separate study. I suspect with some sort of automatic updates it would be possible to make a relatively secure machine for a clueless user, but you'd also have to restrict them quite a bit.
Now, I don't condone doing stupid things like cyber-cheating on your wife, but you have to admit that this is the perfect application for a Knoppix CD. Not a trace on your hard drive and you get a clean system on every boot.
Let's drop the tired TCO argument and put that on the brochure.
Very interesting blog post. MSDOS 4.0 broke windows because windows used undocumented API calls and deep memory references, so they included code in 4.0 that dynamically patched windows in memory!?! If I wrote code that tightly coupled, even minor changes would cause... Oh!
I think you hit the nail on the head about TCO. Any switch is going to be painful and expensive in the short term, making TCO comparison only useful in the long term. The problem is TCO is extremely difficult to predict in the long term, especially for a highly customizable environment like Linux.
I also think that most people that use Linux didn't originally switch because of cost. For myself, I put Linux on a spare laptop when I was doing contract cgi programming and wanted to be able to work offline. It was many years of off-and-on experimenting with various distros and purposely buying hardware that would be Linux compatible before I permanently erased my Windows partitions, and a couple of years after that before it really saved me any money. I suspect most Linux advocates have similar stories.
I don't really think focusing on security is going to do it either. Microsoft is making daily improvements in that department. I believe that focusing on reducing the switching cost will have the most benefit. When the short term cost is low, it is easier to see the long term cost reduction.
What does that mean? Advocate choosing OS and vendor neutral solutions when your company is making a change anyway. Advocate creating documents in open formats and do it yourself. Help make free software easier to install and configure. Help make Linux easier for the Windows administrator or CTO to install at home and "take for a spin."
The funny thing to me was that the only difference between the legal and illegal versions is in the number of bits used. The algorithms are essentially identical.
It would be like KFC publishing its secret recipe and expecting that since the recipe only serves 4, that no one will be able to use it in a competing restaurant that serves hundreds of people a day.
By the way, as an arms dealer (the legal kind) who gets reminded constantly of export regulations, I can tell you that encryption technology is still regulated as a munition.
Its how to do something that efficient (a single read or write call) using good OOP techniques.
You touched on the heart of the matter. OOP isn't for efficiency of the program, it is for efficiency of the programmer. There is a time and a place for program efficiency, but most of the time programmer (especially maintainer) efficiency is paramount. Saving a game is relatively infrequent and users expect a delay anyway, so saving a few cycles is probably not worth the cost in maintainability.
I always enjoy the thrill when a well-designed module works perfectly on the first attempt. When done right, each component of an object is trivial and almost tedious to implement, like each individual tile of a large mosaic is unremarkable. However, when you pull back and look at the big picture, the structure of the mundane individual pieces creates a thing of beauty.
Linux requires ten times as much support as any other operating system.
This is the wrong forum to post unresearched comments. Linux is a lot more standardized than Microsoft would have you believe. Let me save some bandwidth and post just one counter-example. Note the conspicuous lack of dozens of different installation programs.
Generally, Linux users don't pay for things. If they can't get it for free, they either pirate it anyway or use something else.
That's why there are so many warez sites filled with Linux software. One of the reasons I stopped using windows was because of the rampant piracy. Everyone who knew I was a "computer guy" kept asking me to copy commercial software for them.
I currently use 4 commercial programs on Linux, 2 of which are freely licensed (like macromedia flash player) and 2 of which I paid fairly good money for, and have paid for various distributions and other Linux software in the past. Even if you don't count the amount of free tech support, bug reports, and patches I have given back to free software at my normal billable rate, I have still paid more for Linux software than most people I know have paid for Windows software, and it was worth every penny. I don't appreciate being stereotyped as a leech because I prefer free software.
My laptop hard drive crashed (tinkling noise and all) about two years ago and I haven't bothered to replace it thanks to the wonderful invention that is Knoppix. That still amazes me.
The OS can't tell the difference between a good TCP connection and an evil one.
I would say an outgoing SMTP connection from a web browser could always be classified as an evil connection. That's exactly why something like SELinux is needed. It can block SMTP connections from web browser processes, allow SMTP connections only from MTA processes, and not allow web browser processes to spawn MTA processes. In addition, it can restrict the web browser to reading or writing only specific files or directories, and prevent executing any unnecessary programs, like a shell for example.
No one is implying that securing a browser is unnecessary with mandatory access control. The reality is that it is near-impossible to detect and remove all potential vulnerabilities in any software, including a security-enhanced kernel. For the most secure system possible, you need a combination of mandatory access control, vulnerability patching, firewall, intrusion detection, virus and spyware scanning, user education, and a guy working full time to make sure all of the above is working properly.
Scoff if you will, but page render times on lynx are lightning fast even on a 486! Not to mention the fact that everyone who stops by my desk doesn't instantly recognize the slashdot color scheme when I'm supposed to be working.
As a software engineer who uses C and Ada approximately equally, I'm afraid I'm going to have to disagree on which language encumbers the programmer more.
C programmers constantly have to be aware of array indices going out of bounds, pointers being valid, making sure values are constrained appropriately (like keeping a day of the month being between 1 and 31), accidentally assigning two incompatible variables to each other, and a host of other potential problems. When a mistake is made in any of these areas, the effects of the bug are often far removed from the source.
Ada, on the other hand, is more of a set-and-forget language. Yes, it might take one or two extra lines of code to declare a variable, but it pays off by making the body of the function much more consise, easier to write, easier to maintain, and less likely to contain bugs.
Consider aircraft software that must deal with altitudes in feet and meters as an example. An Ada compiler will instantly catch most unit confusion errors that a C programmer may spend hours tracking down or even worse, never find.
The irony is that Ada is a great language for sloppy programmers because it catches so many careless mistakes, and those are the very people who shun it.
Yeah, those guys at Disney, Dreamworks, and ILM are real idiots for using Linux for their blockbuster films when it's not up to the task.
The truth is that Linux is a very capable video production platform, but also requires a more significant investment of time in lieu of an investment of money.
Kino is a good entry level one-track editor and has excellent video capture capabilities.
Cinelerra is an excellent advanced editor and compositor, supporting a multitude of professional features on an unlimited number of video and audio tracks.
DvdAuthor together with the gimp is a great solution for authoring DVDs. Its home page lists a number of gui front ends that have come a long way in the last year.
The best part of these applications is the excellent support offered by the developers. Scott at dvdauthor has responded to my email questions in under an hour before and averages less than 8 hours for a response. I witnessed a conversation on the cinelerra IRC channel in which a user mentioned wanting professional timecode support, and within an hour the requirements were clarified and preliminary work had already begun. Try getting that kind of response from Adobe, Sony, or Ulead. I myself will welcome emails anytime with questions about how everything fits together.
As an example of what is possible using only GPL software on Linux, let me tell you about my last wedding video. It was done all in 16:9 widescreen using two synchronized miniDV cameras captured via firewire. The full motion and sound menus on the DVD provide a choice of stereo or 5.1 surround, long or short versions of the video, full scene selection, and viewing of all the still photos taken at the wedding using the menu buttons. Effects include smooth transitions from black and white to color, animated picture-in-picture, slow motion, deinterlacing, color correction, and scrolling credits in my choice of true-type font.
I can't comment on ease of use compared to Windows or Mac because I haven't edited video on Windows since before XP came out and have never tried a Mac for video editing, but you can see from my example that it is possible to produce professional quality results with only GPL software and some investment of time to learn how to use it. My offer to help you get started via email always stands.
If you use the mpeg encoder internal to cinelerra, that may be the problem. That code is over 5 years old.
The cvs version contains vast improvements to the mpeg encoding by providing a yuv4mpeg output stream that can be fed to the latest ffmpeg or mpeg2enc version. When I started using it, my mpeg quality went up and my render times improved 4x. I don't know if that change made it into 1.2.2 or not.
Multimedia on Linux is very capable and progressing rapidly. I highly recommend using the cvs versions of video editing and encoding applications if you have the ability to manage the instability, because the features are implemented rapidly in cvs, but take a while to trickle out to the stable releases.
An added bonus is that you are better able to contribute meaningful feedback to the developers, which makes them more likely to listen when you have a feature request.
Actually, most mini-DV cameras have a pass through mode where you just connect your video source to your camera and it passes digital video through to the computer in real time. No need to capture to mini-DV first. You usually have to activate it through one of the menus.
You can do better than survive on a single middle class income, you can thrive.
My wife and I have digital cable, get a new-for-us but gently-used car every 3-5 years, eat out a couple of times a week or more, support a couple of relatively expensive hobbies, and take two fairly nice week-long vacations a year including a stay in our timeshare, all on just my single middle class income so my wife can stay home and take care of our daughter.
How do we do it? We keep track of how much we spend each year on non-monthly expenses like car and house repairs, vacations, hobbies, gifts, and other unexpected expenses, divide by 26, and put that amount in savings accounts every 2 weeks. It is amazing how much less stress an unexpected expense is on your marriage when you are prepared for it.
Contrast this with typical consumer behavior of charging unexpected expenses on a credit card because they are maxed out on their regular monthly expenses and you can see why most people think they need two incomes to survive.
Slashdot Mirror
Interesting idea, but still vulnerable to man in the middle attacks unless the DNS is authenticated.
Never underestimate the power of inertia. Without it, no one would be using Windows or C.
Don't even get me started on why. Just let me say that I currently use Ada, C, and Perl approximately equally and consider myself fluent in all 3. Guess which one more frequently works right for me the first time by a significant margin? Guess which one I spend the least time debugging other people's code in?
At this point, were I in your shoes, I would already be in contact with the person who wrote the kernel patch. Chances are that the driver works fine, and the problem will be solved with some obscure configuration that will take a lot of time and effort to figure out.
The gap happens when I fix the problem. It works for me and will work forever, so I am happy and satisfied. The driver developer doesn't do anything to make it easier for the next guy with the same problem, because the driver works as intended with the proper configuration. The distro doesn't do anything to make it easier for the next guy because it was just a configuration problem.
No one is taking responsibility to make the installation and configuration of drivers easier. This makes the WORKSFORME and the DOESN'TWORKFORME camps both right at the same time. The drivers are available and work, but are often prohibitively difficult to install and configure.
In a way I agree with Dvorak. The first distribution to come up with a comprehensive solution to the driver management problem will become quickly dominant. Even better would be a distro-neutral standalone driver management solution.
Did you forget that there are already commercial drivers for Linux that are shipped in binary form? NVidia is the most well known example.
They get around the ABI incompatibility by creating their own compatibility layer that gets compiled against one's specific kernel version. The compatibility layer takes a trivial amount of time to compile and is done automatically by the install script. They only have to make significant binary changes between 2.4 and 2.6 kernel series, for example.
There are pros and cons about this approach, but keep in mind that there is nothing stopping anyone from creating a standard ABI except perhaps inertia. I think if it was really worth doing, someone would have done it already.
Fact: Just because your graduate school can't configure a Linux box properly, doesn't mean a Mexican elementary school can't handle it.
Just for fun about a year ago I installed Linux on an old 486 SX my in-laws were throwing out. There is something surreal about combining software with up to the minute security and bug fixes with a ~10 year old computer and a ~6 year old network and sound card, and then turning around and using pretty much the same software to interface with digital video and still cameras and wireless network cards that weren't even conceived of when 486s were cutting edge.
If you haven't checked out Linux in a couple of years, look again. In my opinion, Linux is well beyond the catch up stage and is starting to lead the pack in some areas. As an example of free software being ahead of its time, one of my recent configuration frustrations has been trying to keep a handful of applications like mplayer from using IPv6 by default. Look at the hardened gentoo project for another example of Linux leading the pack.
I used to love it around term paper time, because there would be a line of 20 people waiting hours to use the Windows machines and usually over 20 vacant Macs. The funny thing is that they were all waiting to use Microsoft Word, which was installed on all of the Macs. Their OS prejudice was my gain. You can't convince me those people were computer literate. It's like saying a child can read because they know all the words to "Green Eggs and Ham."
We haven't had a Microsoft partition since before Windows XP. I'll be very interested to see how my 8 month old daughter reacts to a Windows world after growing up with only Linux at home. I suspect she will do just fine. After all, we all grew up with TRS-80s, Apple IIes, and commodores, and we still manage to be productive at work. I won't even feel too bad if she rebels as a teenager by switching to xpde to fit in with her friends. Although, who knows what the state of desktop computing will be by then?
I like their idea of measuring the number of days between a vulnerability being discovered and when it is fixed, but I suggest extending the idea a bit.
A better study would be to take a large sample of popular web sites and measure the amount of time they were vulnerable to potential exploits over the course of about a year and the potential severity of those exploits. Also measure the site availability.
Popular web sites are more likely to be targets for attack. They are also more likely to have competent system administrators that have an average obsession with security.
If you aren't a competent system administrator with an average obsession with security you have no business putting a web server on the internet anyway. Dealing with joe user with an internet connection for email, IM, and web browsing is a topic for a whole separate study. I suspect with some sort of automatic updates it would be possible to make a relatively secure machine for a clueless user, but you'd also have to restrict them quite a bit.
Let's drop the tired TCO argument and put that on the brochure.
Very interesting blog post. MSDOS 4.0 broke windows because windows used undocumented API calls and deep memory references, so they included code in 4.0 that dynamically patched windows in memory!?! If I wrote code that tightly coupled, even minor changes would cause ... Oh!
I also think that most people that use Linux didn't originally switch because of cost. For myself, I put Linux on a spare laptop when I was doing contract cgi programming and wanted to be able to work offline. It was many years of off-and-on experimenting with various distros and purposely buying hardware that would be Linux compatible before I permanently erased my Windows partitions, and a couple of years after that before it really saved me any money. I suspect most Linux advocates have similar stories.
I don't really think focusing on security is going to do it either. Microsoft is making daily improvements in that department. I believe that focusing on reducing the switching cost will have the most benefit. When the short term cost is low, it is easier to see the long term cost reduction.
What does that mean? Advocate choosing OS and vendor neutral solutions when your company is making a change anyway. Advocate creating documents in open formats and do it yourself. Help make free software easier to install and configure. Help make Linux easier for the Windows administrator or CTO to install at home and "take for a spin."
It would be like KFC publishing its secret recipe and expecting that since the recipe only serves 4, that no one will be able to use it in a competing restaurant that serves hundreds of people a day.
By the way, as an arms dealer (the legal kind) who gets reminded constantly of export regulations, I can tell you that encryption technology is still regulated as a munition.
I always enjoy the thrill when a well-designed module works perfectly on the first attempt. When done right, each component of an object is trivial and almost tedious to implement, like each individual tile of a large mosaic is unremarkable. However, when you pull back and look at the big picture, the structure of the mundane individual pieces creates a thing of beauty.
I currently use 4 commercial programs on Linux, 2 of which are freely licensed (like macromedia flash player) and 2 of which I paid fairly good money for, and have paid for various distributions and other Linux software in the past. Even if you don't count the amount of free tech support, bug reports, and patches I have given back to free software at my normal billable rate, I have still paid more for Linux software than most people I know have paid for Windows software, and it was worth every penny. I don't appreciate being stereotyped as a leech because I prefer free software.
My laptop hard drive crashed (tinkling noise and all) about two years ago and I haven't bothered to replace it thanks to the wonderful invention that is Knoppix. That still amazes me.
No one is implying that securing a browser is unnecessary with mandatory access control. The reality is that it is near-impossible to detect and remove all potential vulnerabilities in any software, including a security-enhanced kernel. For the most secure system possible, you need a combination of mandatory access control, vulnerability patching, firewall, intrusion detection, virus and spyware scanning, user education, and a guy working full time to make sure all of the above is working properly.
Scoff if you will, but page render times on lynx are lightning fast even on a 486! Not to mention the fact that everyone who stops by my desk doesn't instantly recognize the slashdot color scheme when I'm supposed to be working.
C programmers constantly have to be aware of array indices going out of bounds, pointers being valid, making sure values are constrained appropriately (like keeping a day of the month being between 1 and 31), accidentally assigning two incompatible variables to each other, and a host of other potential problems. When a mistake is made in any of these areas, the effects of the bug are often far removed from the source.
Ada, on the other hand, is more of a set-and-forget language. Yes, it might take one or two extra lines of code to declare a variable, but it pays off by making the body of the function much more consise, easier to write, easier to maintain, and less likely to contain bugs.
Consider aircraft software that must deal with altitudes in feet and meters as an example. An Ada compiler will instantly catch most unit confusion errors that a C programmer may spend hours tracking down or even worse, never find.
The irony is that Ada is a great language for sloppy programmers because it catches so many careless mistakes, and those are the very people who shun it.
ffmpeg is a lot faster than mpeg2enc and the target dvd sets the quality to pretty much as good as the dvd spec will allow. Give it a try.
The truth is that Linux is a very capable video production platform, but also requires a more significant investment of time in lieu of an investment of money.
Kino is a good entry level one-track editor and has excellent video capture capabilities.
Cinelerra is an excellent advanced editor and compositor, supporting a multitude of professional features on an unlimited number of video and audio tracks.
DvdAuthor together with the gimp is a great solution for authoring DVDs. Its home page lists a number of gui front ends that have come a long way in the last year.
The best part of these applications is the excellent support offered by the developers. Scott at dvdauthor has responded to my email questions in under an hour before and averages less than 8 hours for a response. I witnessed a conversation on the cinelerra IRC channel in which a user mentioned wanting professional timecode support, and within an hour the requirements were clarified and preliminary work had already begun. Try getting that kind of response from Adobe, Sony, or Ulead. I myself will welcome emails anytime with questions about how everything fits together.
As an example of what is possible using only GPL software on Linux, let me tell you about my last wedding video. It was done all in 16:9 widescreen using two synchronized miniDV cameras captured via firewire. The full motion and sound menus on the DVD provide a choice of stereo or 5.1 surround, long or short versions of the video, full scene selection, and viewing of all the still photos taken at the wedding using the menu buttons. Effects include smooth transitions from black and white to color, animated picture-in-picture, slow motion, deinterlacing, color correction, and scrolling credits in my choice of true-type font.
I can't comment on ease of use compared to Windows or Mac because I haven't edited video on Windows since before XP came out and have never tried a Mac for video editing, but you can see from my example that it is possible to produce professional quality results with only GPL software and some investment of time to learn how to use it. My offer to help you get started via email always stands.
The cvs version contains vast improvements to the mpeg encoding by providing a yuv4mpeg output stream that can be fed to the latest ffmpeg or mpeg2enc version. When I started using it, my mpeg quality went up and my render times improved 4x. I don't know if that change made it into 1.2.2 or not.
Multimedia on Linux is very capable and progressing rapidly. I highly recommend using the cvs versions of video editing and encoding applications if you have the ability to manage the instability, because the features are implemented rapidly in cvs, but take a while to trickle out to the stable releases.
An added bonus is that you are better able to contribute meaningful feedback to the developers, which makes them more likely to listen when you have a feature request.
Actually, most mini-DV cameras have a pass through mode where you just connect your video source to your camera and it passes digital video through to the computer in real time. No need to capture to mini-DV first. You usually have to activate it through one of the menus.
My wife and I have digital cable, get a new-for-us but gently-used car every 3-5 years, eat out a couple of times a week or more, support a couple of relatively expensive hobbies, and take two fairly nice week-long vacations a year including a stay in our timeshare, all on just my single middle class income so my wife can stay home and take care of our daughter.
How do we do it? We keep track of how much we spend each year on non-monthly expenses like car and house repairs, vacations, hobbies, gifts, and other unexpected expenses, divide by 26, and put that amount in savings accounts every 2 weeks. It is amazing how much less stress an unexpected expense is on your marriage when you are prepared for it.
Contrast this with typical consumer behavior of charging unexpected expenses on a credit card because they are maxed out on their regular monthly expenses and you can see why most people think they need two incomes to survive.