Debian has no release date. It never had, and doesn't seem to have any plans on adopting release dates. Thus, Debian can't be "late", since being late implies on missing a release date, and Debian doesn't have that. Or, maybe I didn't repeat that enough, so let me tell you: Debian never made a compromisse on releasing any version on any exact day.
What Debian does have is a list of bugs. Everytime testing is frozen, it is created a list with the showstopper bugs, and release happens when that list becomes empty. The list can increase if more bugs are found, or decrease if bugs are solved or some functionality removed.
Debian also do have people betting when it'll be out. Those people give specific (or sometimes not very specific) dates, but that isn't a release date for the team, just a guesstimate.
Well, to be fair, LaTeX formats all your text at will from the begining. It is just that it makes a good work, so people don't care.
But I wouldn't try to push things that requite knowing emacs or vi into people. If someone is wiling to learn one of them, then LaTeX and r-cran are much better than any office package out there, but most people won't, and for them it is WYSIWYG all the way down.
KeePass is an excelent tool for creating and keepng track of passwords. It is multiplataform, easy to use, portable (on the "no instalation required" sense), uses a simple file oriented database protected by common libraries and can keep a lot of informations about each password, what includes a quite porwerfull hierarchical organization for them.
Just a small rant: Can't those multiplataform tools use/dev/urandom where it is available? Some systems already have a tool that turns mouse and keyboard events into randomness, and it is better than yours since it is always on and can work with a much bigger amount of events.
Well, we can't fix the battery life. It'll always be too short (redefining "too short" every time there is a breaktrough). Also, we can't fix bandwidth and heat dissipation. We may be able to fix the problem of small disks for a time, but even if so, it will come back to haunt us latter.
All those are physical constraints, so don't expect portable devices to replace fixed ones.
If you try to RTFA, and understand a bit of quantum physics (that part is easy*) you'd have some less vague things to say. In meantime, please, don't relay on qauntum cryptography for anything important, ok.
*That part of quantum mechanics is quite easy to deal with, it is just some trivial algebra. Not to say that quantum mechanics is easy, there are plenty of hard things in it, just not quantum cryptography.
vfopen opens a vague file, somewhere within the system, or the internet. vfclose closes a file oppened with vfopen.
Usage
Use vfopen when you must open a file, with an anknown name, but with vague references about its location. Use vfclose for closing a file oppened with vfopen. That flushes all the buffers and frees all the resources taken by vfopen.
vfopen receives two arguments, a file identifier, that vagely locates it within the system or the internet, and an opening mode.
The file identifier is a value from the enum vague_location, that can have the following values: IHAVENOIDEA, SOMEWHEREINSIDESYSTEM32, ANYTHINGTHATNEEDSADMINISTRATORACCESS, SOMETHINGATMYHOMEDIR, FIRSTGOOGLEANSWERTOMONKEY, THIRDLINKATSLASHDOTHOMEPAGE
SOMEWHEREINSIDESYSTEM32 is not supported on UNIX like systems.
The opening mode can be one of the following: "%r": For "r"eally editing the file. "$w": For only "w"ipping out information. " ": For quietly changing just one value, that will be unnoticed for months. "@#$&": For use when you have no @#$& idea what to do with the file.
KNOWN ISSUES
vfopen and vfclose are knwon to cause erratic software behaviour. Its use is not recommended where deterministic behaviour is expected.
Opening THIRDLINKATSLASHDOTHOMEPAGE is know to take an unacceptable long time to execute.
SEE ALSO
swapoffalluserddata(5), bsod(5 - Windows Specific), takeanividiadown(1 - Linux Specific), filldiskbuffers(1 - alternatively windowsdesktopsearch - Windows Vista Specific)
From the top 4 lenders, nobody seems to be bying. Of course, somebody is, and lots of people. Otherwise Brazil couldn't even sell their stocked treasures.
The Dolar, and treasures are surely worth something. I have no idea of how much, and most people don't have the liquidity for waiting it to be settled, but those 4 governemnts have, and they are betting on it being just slightly devalued or just slightly overvalued (the case of Brazil).
Ok, that link is so far off that I had to check it in order to know that there isn't some relevant info hidden in it. Turns out that it doesn't.
If you have a cryptography algorithm that depends on thrid parties decoding and reencoding your text, you can't be sure that those third parties won't eveasdrop your plain text. That is simply not secure.
(1) is a short to mid term factor, no rush lasts for the long term. How the dollar will be valued 2 or 3 years from now depends on the fundamentals, but I have no clear idea of what they are.
(2) is mostly a consequence of (1). Zero yelds makes now a very nice time to sell US treasures:), and about "China or anyone else will dump treasuries?", well, Brazil and Mexico are already doing so. Investing the money on Brazil and Mexico, respectively. I can't tell you for sure that it is a good bet, but the Brazilian Central Bank earned a big amount of my trust at the last years. From the 4 biggest US treasures holders, Japan is holding, nobody can really know what China is doing, Russia is holding and Brazil is selling. Nobody seems to be buying.
Now, about your "stocks at all time lows", I bet you didn't do much hystoric researching, did you? They are still quite far from all time lows, and still have a quite hight P/E, even considering the lucrativity they had last year, before the US entered in a ressecion.
If it rellies on the concept of "trusted relays", it is not really secure. Point to point cryptography can be secure, but when you start to depend on third parties, how can you be sure?
"I waited for a long time for basic niceties like a GUI installer, a nice splash screen when I didn't feel like reading the boot log"
Really? What difference does a splash screen really make to your system*? And why is a GUI installer better than a ncurses one? Because you can't use it without mouse and it is hard to tunnel via ssh? All the usability features of a GUI are there.
If you want your toy to be pretty, I'm ok with that. But don't come saying that a system is bad just because it is not a toy.
* I have a machine where I need a splash screen, that is because I have some information that I need to convey at boot time. Somehow I guess that is not your case. By the way, that machine runs Debian, and I just apt-get (ok, aptitude install) the splash screen.
"NAT breaks the internet and is essentially an ugly workaround that results in the need for lots of other workarounds."
Yeah, but the pretty thing is that we are the ones suffering the problems caused by NAT, and spending on the workarounds. But the ISPs are the one economizing at the IPv6 migration.
You can arguee until the end of time that on a competitive environment, if the consumers want, somebody will supply them. But that doesn't make the broadband market competitive.
Supporting net-neutrality involves supporting the governemnt oblying the ISP to give it to you. The no-governemnt option is the current one, where the ISP collude and destroy net-neutrality.
That said, I have no idea if any of them support it or are lying.
I did not argue that self signed certificates should be "invalid", only that pages with self signed certificates should be presented the same way that pages with no certificate and encryption. That doesn't involve an error message, warnings, or a dialog asking the user what to do next. In fact, that involves no interation at all, and no trusting.
Well, the users will have as much contact with certs as they have now. They'll see the lock icon when visiting a site that is verified by some trusted CA, and will see no lock when visiting a not trusted site. If a webmaster wants his self sigend cert to be trusted by the users, he'll have to instruct them to proceed with options 'A' or 'B' from your post. The only difference is that they aren't presented a dialog that they already trained themselves to dismiss.
Users train themselves very fast when presented with a dialog that says "click here and get what you want" and "click here and don't get" and there isn't any danger on any of the options. When you display a warning at every single site that has a self signed certificate, most of the time the first option won't be dangerous. For that reason alone, people will train themselves to ignore the new Firefox dialog too, it is just a matter of time.
Now, when there is a real risk with some option, people do pay atention. That is why they know how to deal with their house keys. On places where violence is very low, people are as lax with keys* as most people are with digital certificates. Note that I'm not saying that the risks with certificates are low, just that there is a too big rate of false positives, so they are a very big burden when compared to the probability of loss. When presented with such a situation people simply don't cooperate with security.
* I've being in a place where people go out without locking their houses, because they cooked some food and the neighbours may want some. That is lax security.
Debian has no release date. It never had, and doesn't seem to have any plans on adopting release dates. Thus, Debian can't be "late", since being late implies on missing a release date, and Debian doesn't have that. Or, maybe I didn't repeat that enough, so let me tell you: Debian never made a compromisse on releasing any version on any exact day.
What Debian does have is a list of bugs. Everytime testing is frozen, it is created a list with the showstopper bugs, and release happens when that list becomes empty. The list can increase if more bugs are found, or decrease if bugs are solved or some functionality removed.
Debian also do have people betting when it'll be out. Those people give specific (or sometimes not very specific) dates, but that isn't a release date for the team, just a guesstimate.
Mx - doctor, is that you?
Thanks, I'm used to the longer F10 - f - c, I guess it would be advantajeous to change :)
Well, to be fair, LaTeX formats all your text at will from the begining. It is just that it makes a good work, so people don't care.
But I wouldn't try to push things that requite knowing emacs or vi into people. If someone is wiling to learn one of them, then LaTeX and r-cran are much better than any office package out there, but most people won't, and for them it is WYSIWYG all the way down.
Ok for you, but I'd use SSL.
KeePass is an excelent tool for creating and keepng track of passwords. It is multiplataform, easy to use, portable (on the "no instalation required" sense), uses a simple file oriented database protected by common libraries and can keep a lot of informations about each password, what includes a quite porwerfull hierarchical organization for them.
Just a small rant: Can't those multiplataform tools use /dev/urandom where it is available? Some systems already have a tool that turns mouse and keyboard events into randomness, and it is better than yours since it is always on and can work with a much bigger amount of events.
Maybe from somebody that has showed no proof of incompetence by distributing broken software and correcting tools that didn't correct...
But forget it, they'll buy from whoever has an ad on that fancy business magazine that was recomending people to invest on houses just two years ago.
Well, we can't fix the battery life. It'll always be too short (redefining "too short" every time there is a breaktrough). Also, we can't fix bandwidth and heat dissipation. We may be able to fix the problem of small disks for a time, but even if so, it will come back to haunt us latter.
All those are physical constraints, so don't expect portable devices to replace fixed ones.
I know it is bad to reply to a sig but... Does "C-x k" do anything or it was just made up? I'm too afraid to test it :)
If you try to RTFA, and understand a bit of quantum physics (that part is easy*) you'd have some less vague things to say. In meantime, please, don't relay on qauntum cryptography for anything important, ok.
*That part of quantum mechanics is quite easy to deal with, it is just some trivial algebra. Not to say that quantum mechanics is easy, there are plenty of hard things in it, just not quantum cryptography.
man 5 vfopen, vfclose
Must include vio.h>
Summary
FILE *vfopen(vague_location file_identifier, char *mode)
void vfclose(FILE *handler)
vfopen opens a vague file, somewhere within the system, or the internet.
vfclose closes a file oppened with vfopen.
Usage
Use vfopen when you must open a file, with an anknown name, but with vague references about its location.
Use vfclose for closing a file oppened with vfopen. That flushes all the buffers and frees all the resources
taken by vfopen.
vfopen receives two arguments, a file identifier, that vagely locates it within the system or the internet,
and an opening mode.
The file identifier is a value from the enum vague_location, that can have the following values:
IHAVENOIDEA, SOMEWHEREINSIDESYSTEM32, ANYTHINGTHATNEEDSADMINISTRATORACCESS, SOMETHINGATMYHOMEDIR,
FIRSTGOOGLEANSWERTOMONKEY, THIRDLINKATSLASHDOTHOMEPAGE
SOMEWHEREINSIDESYSTEM32 is not supported on UNIX like systems.
The opening mode can be one of the following:
"%r": For "r"eally editing the file.
"$w": For only "w"ipping out information.
" ": For quietly changing just one value, that will be unnoticed for months.
"@#$&": For use when you have no @#$& idea what to do with the file.
KNOWN ISSUES
vfopen and vfclose are knwon to cause erratic software behaviour. Its use is not recommended
where deterministic behaviour is expected.
Opening THIRDLINKATSLASHDOTHOMEPAGE is know to take an unacceptable long time to execute.
SEE ALSO
swapoffalluserddata(5), bsod(5 - Windows Specific), takeanividiadown(1 - Linux Specific),
filldiskbuffers(1 - alternatively windowsdesktopsearch - Windows Vista Specific)
I'm sure the lack of any authenticating authority doesn't make it any easier.
From the top 4 lenders, nobody seems to be bying. Of course, somebody is, and lots of people. Otherwise Brazil couldn't even sell their stocked treasures.
The Dolar, and treasures are surely worth something. I have no idea of how much, and most people don't have the liquidity for waiting it to be settled, but those 4 governemnts have, and they are betting on it being just slightly devalued or just slightly overvalued (the case of Brazil).
Ok, that link is so far off that I had to check it in order to know that there isn't some relevant info hidden in it. Turns out that it doesn't.
If you have a cryptography algorithm that depends on thrid parties decoding and reencoding your text, you can't be sure that those third parties won't eveasdrop your plain text. That is simply not secure.
(1) is a short to mid term factor, no rush lasts for the long term. How the dollar will be valued 2 or 3 years from now depends on the fundamentals, but I have no clear idea of what they are.
(2) is mostly a consequence of (1). Zero yelds makes now a very nice time to sell US treasures :), and about "China or anyone else will dump treasuries?", well, Brazil and Mexico are already doing so. Investing the money on Brazil and Mexico, respectively. I can't tell you for sure that it is a good bet, but the Brazilian Central Bank earned a big amount of my trust at the last years. From the 4 biggest US treasures holders, Japan is holding, nobody can really know what China is doing, Russia is holding and Brazil is selling. Nobody seems to be buying.
Now, about your "stocks at all time lows", I bet you didn't do much hystoric researching, did you? They are still quite far from all time lows, and still have a quite hight P/E, even considering the lucrativity they had last year, before the US entered in a ressecion.
If it rellies on the concept of "trusted relays", it is not really secure. Point to point cryptography can be secure, but when you start to depend on third parties, how can you be sure?
They could go directly to 2.8...
Really? What difference does a splash screen really make to your system*? And why is a GUI installer better than a ncurses one? Because you can't use it without mouse and it is hard to tunnel via ssh? All the usability features of a GUI are there.
If you want your toy to be pretty, I'm ok with that. But don't come saying that a system is bad just because it is not a toy.
* I have a machine where I need a splash screen, that is because I have some information that I need to convey at boot time. Somehow I guess that is not your case. By the way, that machine runs Debian, and I just apt-get (ok, aptitude install) the splash screen.
Wait, Lenny is already frozen?!? Ok, that explains why new packages stopped comming, but it was quite a fast upgrade cycle.
Soon I'll have to edit all my sources.list again...
So now we start to ignore reality because we don't like how it is presented?
Yeah, one can learn a lot with WallStreet nowadays.
Yeah, but the pretty thing is that we are the ones suffering the problems caused by NAT, and spending on the workarounds. But the ISPs are the one economizing at the IPv6 migration.
You can arguee until the end of time that on a competitive environment, if the consumers want, somebody will supply them. But that doesn't make the broadband market competitive.
Well, people use liquid telecopes here on Earth because they are perfectly parabolic. Solidifying it will probably change that.
Supporting net-neutrality involves supporting the governemnt oblying the ISP to give it to you. The no-governemnt option is the current one, where the ISP collude and destroy net-neutrality.
That said, I have no idea if any of them support it or are lying.
I did not argue that self signed certificates should be "invalid", only that pages with self signed certificates should be presented the same way that pages with no certificate and encryption. That doesn't involve an error message, warnings, or a dialog asking the user what to do next. In fact, that involves no interation at all, and no trusting.
Well, the users will have as much contact with certs as they have now. They'll see the lock icon when visiting a site that is verified by some trusted CA, and will see no lock when visiting a not trusted site. If a webmaster wants his self sigend cert to be trusted by the users, he'll have to instruct them to proceed with options 'A' or 'B' from your post. The only difference is that they aren't presented a dialog that they already trained themselves to dismiss.
Users train themselves very fast when presented with a dialog that says "click here and get what you want" and "click here and don't get" and there isn't any danger on any of the options. When you display a warning at every single site that has a self signed certificate, most of the time the first option won't be dangerous. For that reason alone, people will train themselves to ignore the new Firefox dialog too, it is just a matter of time.
Now, when there is a real risk with some option, people do pay atention. That is why they know how to deal with their house keys. On places where violence is very low, people are as lax with keys* as most people are with digital certificates. Note that I'm not saying that the risks with certificates are low, just that there is a too big rate of false positives, so they are a very big burden when compared to the probability of loss. When presented with such a situation people simply don't cooperate with security.
* I've being in a place where people go out without locking their houses, because they cooked some food and the neighbours may want some. That is lax security.