I can verify that the MCSE community is about 50% losers who I would not trust to tie their own shoe, and about 50% who know what they are doing on SOME if not MOST computing environments. Those are the ones who DONT just do Windows, but are versed in UNIX, Mac and other systems, and are prepared to deal with differences. I would suggest that any company that hires an MCSE who knows no other platform, is a very dumb company.
That's right. Because an el cheap-o quickie cert is no substitute for actually knowing something about computers
It's certainly no substitute for a CS degree and 20 years development and admin
experience on other platforms. Experience on a variety of platforms is actually the only guarantee you have
that the person has any idea what's going on when taken out of their little point-and-click dumbed-down MCSE world.
I just had to laugh when this one MCSE was running around to my management telling
them that my Linux box was "insecure" because it didn't have a virus checker. In actual
fact, I'd put a virus checker on it that was 10 times faster than his, just to whipe his arse
when his complaints got loud enough. I was also running a full-blown IDS, proxy and firewall
on the Linux box.
When the "meeting" came, where I was supposed to be on the defensive
about my "insecure" Linux box box, I told him how I'd tested the security on his "corporate level IT",
described the measures I'd taken on the Linux box, and told him if he could show me a text file on my hard drive saying
"MCSE WAS HERE" (like I'd left a note on his saying "TUX WAS HERE", and showed it
to him in front of the very management he was bitching to about my "insecure" box), then
I'd agree with him that his systems were more secure
than mine. Never happened. The little toad. He went out and spent 30 grand on a turnkey
firewall box after that, and had to get someone else in to set it up. And it
was still crackable because it was so badly configured. Helped that I knew the guy that
had designed it. BSD-based box. Nice little unit. Utterly useless in the wrong hands.
You know if these stupid, arrogant little MCSE toads weren't running around trying to play
politics while not knowing even the fundamentals of their fields, it would be easier to help
them get on with learning what Linux is about. They must get some sort of Ballmeresque
Monkey-Dance Pep Talk about how it's in their best interest to play politics to try to ensure
Micorsoft lock-down in their company or something. Monoculture.
I suspect little dramas like this are being played out all across the world, and the details
of this particular story (mine, or the MadHatter's) are not particularly important.
What is
important is the point that a quickie cert on which buttons to push is no substitute for
actually understanding how things work, by the experience of having built things
yourself , noticed the commonalities between systems (and the differences amongst them)
when going from MVS to VM/CMS to Wylbur to TECO to TOPS to UCSD Pascal to
VMS to BSD to
SysII to HP/UX to SysV to Irix to SunOS to Solaris to NT to DOS to WinXX to RedHat to
SuSE...in addition to a formal education.
The difference between an MCSE with 5 years of "experience" pushing buttons, and an MSCS with 20 years of experience
in devlopment and systems planning and admin is
like the difference between the machine-operator and the engineer. Why aren't the engineering
societies demanding that the "E" in MCSE be changed to "O" -- for OPERATOR. (Support
Engineer? What is that, somebody who designs sports bras and jock straps?) Because
that's all they really are, is computer operators, NOT Engineers -- unless they have a whole lot
of other training and experience, as you point out.
An MCSE is like someone who
struggled through a high-school equivalency and then
barely got an SAT score that qualified them for college by "studying the exam" vs someone
though they may be faster trigger and stored procs for the most part only serve to confuse and frighten the developer, because you've moved events outside of the programmer's control
It will only "confuse and frighten" developers that don't know SQL, and who, by
definition, shouldn't be
programming database apps in the first place
, (hmmm that table got updated but none of my code touches it)
So dump out the metadata
table where the trigger and SP code is stored. It's not exactly rocket science
By avoiding triggers and stored procs you also make portability easier.
But not more reliable. What happens when hundreds of connections are
being made to a transactional database, where updates are being made that need
to cascade down several tables in order to ensure referential integrity. You really
want to do that without triggers? With your "portable" apps, either you'll have to
lock *all* the tables (if the database does not support row locking) involved in an
update until *all* of the updates associated with a single transaction, or
you'll just have to tolerate concurrent updates destroying your referential integrity.
I've seen programmers do the latter, and then refuse to disclose their source
code on the basis that they're the big expert. What a larf.
Furthermore, you must be only acquainted with toy databases, if the order
of magnitude difference in the execution speed of a stored procedure is not a
*major* consideration. Databases are operating all the time, and there are some
operations which must be completed before others. If your little java app falls
over in the middle of taking ten times longer to complete a critical transaction
with all of its tables locked when the same transaction could have been completed
with a single stored procedure that fires off half a dozen triggers, and automatically
rolls back if it doesn't complete -- I know which one I'd prefer. If it was my money
being transferred from one account to another in a bank, for example.
My main problem with PostgreSQL is the query optimiser. Oracle's query optimiser is definitely superior as Postgres occasionally comes up with some peculiar query plans.
I had the same experience. You basically have to optimse large queries combined with joins and subselects on Postgresql yourself -- and
often with Oracle, as well, if its for tables with > 1-10M records. ish. You might want to check out DB2. Awesome clustering -- IMHO
more sophisticated and flexible than Oracle's. YMMV depending on the application, as always. Also, if it's a development environment,
you can test DB2 and Oracle on linux boxen to your heart's content for the same price as PostGreSQL -- free .
MySQL may be able to handle subselects, but it's still struggling with triggers and stored procedures.
However, what kinds of "facts" do you have on these people leaving SCO to try to find work elsewhere? What do you know about them?
Well, You can read Ron Record's Resume on line. He states quite explicitly,
under the heading "Objectives" --
"I may soon be seeking employment as an Open Source Solutions Architect" and quite frankly, my heart goes out to him.
I don't know the man
personally, but I do know that, when SCO started it was a bunch of academics at UCSC who were implementing Unix because
it was the fastest damn thing on the planet (within budget) for doing their Chaos research. Ron was one of the original
UCSC adacemics, and I for one, do not
think he should be tainted with the same brush that Darl McBride has painted himself with. His work is there to be viewed by all,
so you can evaluate it on its merits, rather than the slime-balls who happened to buy up the company.
Microsoft didn't "rip off" BSD/X/Apache/MIT code, or for that matter not QDOS and probably not AT&T. They used then in complience with the terms they were licenced under. For BSD style code, the reason it is licenced in that way is to allow other companies to make commericial products out of it. That is the whole point. How else is it that so many OSes managed to get TCP/IP support, and get it working well? Becuase it was possible to freely use the BSD code for it. (Linux is unusual in having its own implementation, a good thing for tcp/ip biodiversity.) Using the term "ripped off" here is quite wrong and totally misleading.
Certainly Microsoft may have had a legalistic right to commercialise code that others had written.
But the Microsoft customer who thinks that what they're paying for is
"trusted" Microsoft code, that this is not a shiny new car--it is an old rustbucket with a flash
new paint job, and Bill Gates is no better than a used car salesman .
Furthermore, the customer has a right to know that the
reason that for example, the "ping of death" bug was carried over from old BSD code to
the first releases of Microsoft's TCP/IP stack -- was that they simply got it from somewhere else,
and didn't bother to read, study and understand the code before cutting-and-pasting it (I won't even
dignify what they did with the word "reimpliment" here).
Microsoft's basic misunderstanding of
the importance of using consistent data types (in this case it was a bad mix of signed ints and
unsigned ints -- the same reason the memory limitations on MS servers are so screwy) is the
kind of thing that wouldn't be tolerated for five minutes in a homework problem turned in by
a first-year CS student. Because Microsoft ripped-off this code
rather than study, understand, reimplement and test this code -- and furthermore,
didn't even keep up, intellectually, with their colleagues at UCB by contributing their own
observations based on their own study of their understanding and reimplementation
of the BSD code base, the ping-of-death
bug persisted in Microsoft products for years after it had been fixed in BSD.
By contrast, other implementations, which were done from scratch, on their own dime, not big
DARPA and IBM grants -- Linux, for example --of did not have this bug. Why? Because they openly
studied, discussed, understood, and then re-implemented a whole new TCP/IP stack.
What you averr to in passing, is actually the main point.
This gives us a score of: Open Source Development:2 -- Microsoft Proprietary Development:0
Despite having been technically out-performed by the open source community while trying to
commercialise a bad cut-and-paste job (i.e. rip-off ) of the Open Source Community's
earlier BSD releases (the only ones Microsoft could get its hands on legalistically after
RMS' brilliant GPL -- and the widespread adoption of it),
Bill Gates, rather than thanking the open source community for providing him with the IP
that has made him bazillions of dollars, has the nerve to turn around and characterize
the very people who's code he is using as a bunch of spotty teenagers operating out of mom's
basement, who, when engaged in the very activity that MS has ripped-off in
the first place -- he accuses us of being the rip-off artists -- his rationale is, apparently that
we don't have
to pay microsoft for the code we've developed and shared amongst ourselves--
and microsoft can't commercialise it, either. ( heh heh heh...thank YOU, FSF for the GPL!)
I don't know the state of their source code (but rumour has it that its crap, true), but I do know the
overwhelming reason for keeping it under wraps is becuase it is fully commercial code that they plan to make money on, and they don't want it in t
As long as they retain the copyright message etc. they are allowed to use BSD and X source code - in fact, they are encouraged to. They had a licence from AT&T for Xenix, and they bought the source code outright for QDOS. So the only significant thing is whether Microsoft have incorporated GPLed code into propriatory productcs
Is the legality of Microsoft's merely having ripped-off and marketed code developed by
IBM, AT&T and UCB really the point?
Or is the point that it might be extremely interesting to know
what percentage of MSDOS was their work, and what percentage was simply cut-and-pasted verbatim
from orphaned products they got at bargain-basement prices when they couldn't just download it and
redistribute it (adding a single line of (c) in the binary )?
A significant portion of a "cut-paste-hack it until it sorta works-release" OS development
would certainly explain a great deal about the resulting
security holes, memory bugs, and just plain badness of Microsoft's releases.
The suspicion is, of course, that Microsoft keeps their source code under wraps, not because it's so good
that others might steal it,
but because it's so badly hacked, and so obviously a cut-and-paste job that it will completely
discredit the Microsoft developers.
We know that the Linux kernel, by contrast, was developed quite explicitly and demonstrably by
a combination of "design-impliment-test-modify-test" and "study-understand-reimpliment from scratch"
development methodology, not "cut-paste-hack".
We know this because we can read the LKML and see the level of discussion, and see how this
follows the succession of changes to each part of the code, and see the alacrity and level of
intelligence with which bug reports are attended in Linux. In the beginning, Linux was originally
a complete re-write of Minix, not a badly hacked port.
Likewise, X was a complete re-implementation of the windowing systems developed at Xerox
and Sun Microsystems, not a bad cut-and-paste job. But how much of the Win3.11, Win95
and MFC code was a bad cut-and-paste job from X? How much of MSDOS was a bad cut-and-paste job from
QDOS, XENIX and BSD?
Inquiring minds may want to know how extensive Microsoft's rip-off been, whether or not the rip-off was "perfectly legal."
Furthermore, it would be extremely interesting to see what percentage of Microsoft's OS's are derived
by bad cut-paste-hacked , versus the percentage of code Linux legitimately has in common with BSD and
early AT&T Unices.
Why is this interesting? Because perhaps the most destructive aspect of SCO's
claims against linux is that it creates the impression that it's all "borrowed code." Whereas, I would
wager that the percentage of *borrowed* code in MSDOS, Win3.11, Win95 and WinXP are far higher.
And not just the percentage-of-lines of code would tell you something, but also would
the size of clusters of common code. For examples, large blocks of common code would generally
indicate cut-and-paste, whereas a function here and a function there, each with a line here and a line there
different -- would indicate that it had been partly borrowed, but extensively modified. Identical function names,
but with completely different code inside them indicates a complete re-implementation of an API, probably for
backward compatibility's sake. And so on and so forth.
A very public shred of MSDOS/Xenix/QDOS/BSD compared to a shred of Linux/BSD/AT&T Unix
would not only be extremely enlightening, but, from a Public Relations point of view (as well
as an intellectual integrity point of view) essentially highlight the fact that MS code was never a shiny new
car, but just an old rustbucket gotten out of the junkyard, and given a new coat of paint. Whereas Linux
really is a shiny new car, with many parts modelled after, and improved over the best
classic designs.
Of course, you'd expect people to be able to figure
don't know if anyone could even use it. Under HIPAA law you have to have a business associate's agreement with all vendors, and ALL vendors must supply support for the products or they aren't compliant. That's not even about the actual security or code flow of the program, but the whole project itself. I do HIPAA audits, and I couldn't give them a a good rating on the risk analysis if they used it, because of that. No support==non-compliant. I could suggest they buy it from your company if your selling it, I don't see it being used by an IT staff somewhere without a vendor.
The parent of that posting is the original article. Shall we quibble about what the word it means? Open Source? This project based
on Open Source? The ONLY information you have on the project based on the original article
is that (a) it is open source and (b) that it has the inside track on funding.
If you read the sourceforge entry, the only additional information you can gain is that they plan to use Windows/Delphi/Kylix on the client side
and MySQL on the server side. (eeeyuck! but that's a technical preference of mine, nothing to do with HIPAA audits).
So, whether you meant that you "couldn't give them a good rating on the risk analysis if they used [open source]" or that you
"couldn't give them a good rating on the risk analysis if they used [project you know nothing about except that it uses open source and
has an inside track on some funding]" -- the bottom line of what you wrote implies that (since the only substantive thing you
know about the software they propose is that it will be an open source package for keeping medical records) this medical
records system will be inadequate.
Obviously, there is a big difference between what you wrote and what you meant to say .
If what you meant to do was to alert the author to the imporance of having
an SDLC or an SLA such that the institution using it wil pass HIPAA muster, then tell them, that they use open source it or not
secondary to the importance of the quality of their SDLC and support SLA, in order that the institutions who may adopt their
software pass an HIPAA audit. This is perfectly reasonable. You might also suggest that he use a slightly better and more
platform-independent system than Delphi, as many Delphi components do not port nicely to Kylix. You might also suggest
that he consider using a more robust database than MySQL -- PostGreSQL perhaps, one that can handle triggers and stored
procedures, as the sheer size of medical records storage problems are legendary . There are a host of
technical suggestions you could make that would contribute to the final systems' ability to actually work in the real world.
In your reply, your objection is that This particular law requires vendor support. It wants an externally designatted source that will say "we support this software for technical issues". This could be just about anyone who downloads it and takes the time to learn it. It could be them. It will probably be the people funding them.
So? Why not. Could be you. Are you objecting to the fact that one group wrote it, and any number of others might
sell support for it? In that case, what do we do with all those MSCEs that would support the Windows part of it, but did not
have any part in developing MS Windows?
There is only one developer registered for the sourceforge project, and while one beta prototype has been released,
one would expect that the author intends, by stating he is open sourcing it, to check the code into the
sourceforge CVS repository. Granted, CVS is only an SDLC tool, not the SDLC itself, but it bodes well.
What else?
Oh, that toy RDBMS and thick Delphi-based Windows client. Well, until we see the proposal, we really
have no idea what he's going to do to redevelop the prototype into something ready for Cedar-Sinai, do we
I can't imagine that MS would want to create a court approved method to compare its code to those that it might have stolen from in a way that doesn't give MS the cover of not wanting to reveal its code in public
OOOH, now that's interesting. I wonder how much of MSDOS was ripped-off AT&T XENIX and IBM's QDOS. I
I wonder how much of Win3.1, Win95 was inherited from ripped-off AT&T XENIX and IBM QDOS. I wonder how
much of the ftp, tracert and telnet apps on MSDOS/Windows is line-for-line copied from 4.2 BSD. I wonder how much
of the Windows GUI was "borrowed" from X.
I don't know if anyone could even use it. Under HIPAA law you have to have a business associate's agreement with all vendors, and ALL vendors must supply support for the products or they aren't compliant. That's not even about the actual security or code flow of the program, but the whole project itself.
I do HIPAA audits, and I couldn't give them a a good rating on the risk analysis if they used it, because of that. No support==non-compliant. I could suggest they buy it from your company if your selling it, I don't see it being used by an IT staff somewhere without a vendor.
The underlying assumptions you are making are:
open source == no vendor
open source == no support
open source == pay no money to the vendor
open source == unknown parties are modifying the code in an uncontrolled manner
But all four of these assumptions are not necessarily so. Remember those little logic problems you had
to solve to pass your GMAT? If some Snickers are Doodles and Some Snorkers are Doodles, is the statement
"All Snickers are Snorkers" (a) True (b) False (c) Indeterminate? (hint: the answer is (c) Indeterminate).
I will disprove each of your assumptions by giving a counterexample.
1. open source == no vendor
The IBM Corporation develops open source software. But maybe you'll need to give them a call to determine if they're "real company" .
You could just check their SEC filings, or perhaps their current stock price.
But perhaps you will call IBM Coporation's CEO -- y'know, just to make sure that The IBM Corporation isn't just some kid working out
of his mom's basement? D'ya think?
Therefore, the statement "open source == no vendor" is...(c'mon, I know you can figure it out...trying, trying) FALSE! correct. .
2. open source == no support
I use SuSE Linux, which, when you register, gives you a free installation support contract. I've used
it twice, and gotten the solution to the problem back within a couple of days. I therefore conclude
that their support is good. If you need corporate-level instant-turnaround support, SuSE will happily
sell you a support contract. Their terms are very good, and their reputation for honoring their support
contracts is sterling .
Therefore, the statement "open source == no support" is... FALSE! Right again.
3. open source == pay no money to the vendor
Read the GPL. Open source means that you must distribute the source code with the executable,
and that all derivative works must also distribute the source code. It does not prohibit you from
accepting money for the executable, it does not prohibit you from supporting the code, and it
does not prohibit you from providing the support, as a company, in exchange for money.
Even the "Free" in "Free software" means "Free as in speech" not "Free as in Beer."
Therefore, the statement "open source == pay no money to the vendor" is... FALSE! Hey, we're batting a thousand today.
4. open source == unknown parties are modifying the code in an uncontrolled manner
I think that Linus would be extremely surprised to hear this. Quite frankly, I have never
seen an SDLC as tight, in any proprietary software house I've worked in, as tight as that applied
to the development of the Linux kernel. Although I hear that *BSD is even harder to get code
committed to than to Linux. In many open source projects, there is one person who
decides whether each individual mod will be accepted or rejected. Insitituting tight SDLC, including source code version control,
unit testing, conformance testing, integration testing and user acceptance testing -- is up to
the manager, whether it's open source or proprietary code that's under development. Under
open source, the customer actually has a far better guarantee that these tests are being completed
than in a closed source environment, because the customer
This is interesting, because I was just searching for some old BSD archives the other day.
The reason was, some NZ orgs have been threatened with patent infringment on
"a system that encrypts/decripts to a database on a separate server" -- immediately
I thought of the old practice of using Rot13 in combination with usenet news (net.jokes)
to obfuscate potentially offensive jokes -- well, they didn't say how strong
the encryption had to be in order to qualify as "encryption."
The matter of concern was whether we could obtain evidence that this was
being done prior to 1997 or so -- Rot13 was being used in conjunction with rn
at least as early as 1983 -- I know, I used it -- but Google's net.jokes archives (a) don't go back that
far, and (b) auto-decrypt the Rot13 jokes in its archives.
So, while it's not a matter of burning importance at the moment, it would have
been nice if I could have grepped out the source for an historical version of rn from,
say, 4.2 BSD, to definitively prove that this technology existed long before
the patent claim this org was being hit with. As it was, they took my word for
it at the org, and heck if we have to dig out some old 1600 BPI tape to prove
the point, guess that's what we'll have to do.
This is why I think that the historical versions of Linux on the net is a really,
really good thing, and wish that there were also 4.2 BSD, 4.3 BSD, Unix V6, SysIII and SysV
historical sources available as well. Not only to invalidate SCO's claims, but a whole host
of frivolous patent suits.
Could be, Could be. But as they say, there's a seeker born every minute.
Travels in the Eastern US, with emphasis on Northeast cities
B&P members, when going abroad, tend to go to latin american countries -- where have the tiles
been sighted overseas? Chile, Brazil. Places to look next -- Nicaragua, Hondouras, DR
Typography is almost identical on Toynbee Tiles and the block-printed leaflets and posters B&P print
Phraseology is very similar to those used on B&P leaflets and posters: cryptic announcements,
incomplete sentences, etc.
Ideology is consistent: the use of street theatre as a tool of waking up peoples' ideas,
references to "Resurrection" and history, decline of civilisations, so forth.
When I saw the picture of the tile, I could swear I saw something exactly like it
on one of the B&P leaflets or posters, not the last time I was in Glover, but on one of their
trips to Ithaca, NY
Therefore, I think it would be worth a trip to Glover, Vermont to have a peek through their archives,
if there are any Toynbee Tiles Obsessives up in that area. It's just a hunch. Listen to your
real gas music from Jupiter on the way.:)
The IBM ad doesn't have even a whiff of technology. It consists entirely of human contributions. Techies manage technology, they solve problems by applying tech to problems. But managers manage people, they solve problems by applying people to problems. Managers don't need or want to understand "open-source". The IBM ad teaches managers that open-source means people are constantly working to improve Linux. The manager learns he can harness all of those people and all of that work for his own benefit. Open source means all of thouse people are working to solve his problems for him.
In an ideal world, yes. In the real world, in order for managers to "apply people to problems"
(which means that the technologically clueless one is in charge -- great )
they first must control those people who can solve problems. And controlling
programmers is difficult.
One of the prime mechanisms of control managers have
over the in-house programmers is requiring to see a purchase order
out front of everything they need to do their job. And one of the prime
mechanisms of control managers have over "out-house" programmers
is whether or not they get paid .
As the open source model undermines the most potent mechanism of control
these non-programmers have over their technological resources, it also
undermines the IT manager who is not able to win the respect of his
or her programming staff by dint of having done a great deal of software development
himself -- or herself.
Programmers will respect and follow ESR, Linus, and any number of people for no
pay whatsoever, because they respect their judgment . Progremmers will
simply put in face-time and a nominal effort, even if they're being paid if
they have no respect for the abilities of the person they're working for.
Unfortunately, since MS crap has spawned a whole generation of IT "managers"
who don't have a farking clue -- there is a whole layer of management who
simply cannot get with the open source programme.
I saw the best minds of my generation destroyed by Redmond.
So, quite frankly, I must respectfully disagree with you that there is any
way of winning over these glorified secretaries that call themselves managers,
because their non-existent technological judgment will never win the respect of either
the open source community or their own staff.
The need to reach a diverse audience is growing, as studies show that technology buying is more frequently decided by business managers rather than technical specialists.
Correct. Which is also why the PHBs frown on use of Open Source in general, even when the company's
directors have decided to go in an Open Source direction, unfortunately.
The PHBs can more effectively control the technical specialists when every time the technical specialist
turns around to solve a simple problem or do something new, it requires purchasing something .
Purchasing something, in turn, requires providing lenghly explanations to these weasels in middle
IT management who have never written a line of code in their lives, but who desperately need to
keep justifying their existence by throwing around new buzzwords in *their* management meetings.
Take away their purchasing power by using Open Source, and the poor dears will flounder -- and founder.
Also, the way these PHB's get to feel important, is by the sheer number of staff and dollars in their
command. Fewer dollars for software that can be supported by fewer people, means the PHB is less
important--in both his own eyes, and in the eyes of his peers -- other PHB's.
If the techo can be the hero just on the basis of having acquired, modified, fully tested and deployed
something before PHB even gets wind of it, good-bye PHB.
Open Source threatens to take away a whole layer of IT "management" which, in the interest of
the company's productivity and profitability is a GOOD thing. But not in the interests of the smarmy layer of
IT "management" that is so clearly undermined by the Open Source process.
So IBM has to market to company directors and senior management, because
their interest is in the company's productivity and profitability.
Perhaps IBM needs to air a commercial which features a lowly techo and a company director
violently agreeing on an Open Source deployment that has saved the company millions, with a PHB
middle management drone making increasingly weak arguments against it,
while the PHB is taking back-handers and getting his latest round of meaningless buzzwords
and lame, losing anti-linux rhetoric from some MicroSlut PR drone.
Have you ever thought that maybe women aren't going the route of academia?
Yah, and all the reasons why--sexual harassment, the well-documented "chilly climate",
a tenure clock that makes it easy for men with a stay-at-home wife to have children, but not
female faculty, prejudices of women's ability to do science based on statistically insignificant
differences in standardised tests that produce equal performance when womens'
education is equal--add up to something between "unconscious" sex discrimination (was the
prof putting his hand up his grad student's skirt "unconscious" -- or was he just drunk ?)
and
cold and deliberate sex discrimination .
The exclusion
of african americans and hispanics from the academy has more to do with the accumulation
of the disadvantages of class discrimination than outright racial discrimination--
but racial discrimination goes on too. At one department at UIUC, I noticed a black face
I'd never seen at departmental functions up on the faculty photo board. When I asked
who he was, they said, "oh, we let him teach a few classes. We had to hire him because
of Affirmative Action. His office is across campus." And then they laughed at him.
Totally disgusting.
The fact that women have outnumbered men in certain scientific fields
for decades yet have hovered around the 5% mark in representation at the
senior faculty level is yet further proof. I've never heard men worry about being
"overqualified" by getting a PhD, for example, yet it's a common concern among
female biologists. Why? Because they certainly would be overqualified with a
PhD -- for the kinds of jobs that women are supposed to do. What we call
"bottle-washing." Lab techs. Rather than PI on research grants.
One woman I know wrote a proposal as a post-doc only to have her advisor
give the grant money to an incoming graduate student. A year later, she was
sitting on a board evaluating the same faculty member's next proposal -- a request
for an extension on the original proposal she'd written. Apparently, the incoming
graduate student couldn't do the job as well as the person who's idea it was --
hers. She simply sent the request for extension to the guy's most
hated enemies for peer review.
As for sports programs: they are a must-have, because they attract alumni donations and things like that. A uni cannot operate without donations from the outside, and a sports team is one way to get those.
This used to be the case when rich alums were mostly men. Stupid white men, to be exact.
That is changing.
I tell them flat out that they're not getting a dime from me or any of my friends
until they have 50% representation of women, 12% african-american and 8% hispanic
on the engineering, mathematics and physical sciences faculty-- at the full professor
and endowed chair level not just puling away teaching 4-5 introductory courses without
tenure semester after semester.
Cornell, The University of Chicago and Harvard have all gotten this message
in their postage-paid self-addressed envelopes soliciting donations--instead of money.
And lo and behold, on the front page of the next newsletter, you hear how hard their trying.
Not good enough.
20 years of women being 50% of the undergraduate biology majors,
and they still have only 5% women on the senior faculty in biology ! If
they can't even make any progress in fields where they've had more than enough
gals in the pipeline for 20 years -- and in a field that's extremely well-funded...
They won't convince me that they're trying in fields that have
gone from zero female faculty and zero women graduated with their PhD ever --
to having between one and zero female faculty-- where that one is just somebody's
wife on a two-for-the-price-of-one deal. Sheesh.
One reason might be what has happened to critical parts of BSD due to its licensing terms
being less restrictive than GPL. Look at what happened to Gated. Sad, really.
In other news, NASA officials have reported that their latest
multispectral Earth Observation Satellite in geosynchronous
orbit over the Pacific has detected a line of mysterious
brown spots that apparently "appeared overnight".
NASA officials reported that the line extended from Sydney to
what appeared to be "a real steaming pile of it" in Redmond,
Washington.
NASA went on to point out that this line is oddly
similar to another line detected by its LandSAT satellite--
extending from Redmond, WA to "somewhere in Utah".
Female + CS degree = they'll just assume that the only thing
useful you'll really be able to do is technical writing and glorified secretarial
work er- I mean "management." Even after you've been coding for 20 years.
Microsoft security has always been implemented as an afterthought. They write code as quickly as possible, test it under normal use, and release it. Internet Explorer is a good example. Most of the exploits people find are just variations on past exploits, and Microsoft just patches each specific exploit rather than fixing the design flaw that responsible for the whole class of exploits.
Amen. I formed my opinion of Microsoft coders when I got a student at a prestigious national lab to supervise
in one of our summer-schools nearly a decade ago now.
His claim to fame was that he was a double major in math and CS and worked for Microsoft.
His first task, which I thought should have taken a couple days at most, was to write a table lookup function
in C. First he
insisted on using C++, and after a week, he had something: hundreds of lines of cases and ifs hand-tailored to
the specific table at hand. And the lookup just took forever. And crashed for half the cases.
Oh, he presorted the table first--with a hand-coded neither
bubble nor shell sort, extremely inefficient.
WTF? Didn't they cover hash tables and sort algorithms in any of his CS courses? Hadn't he used anything
covered in 4 years of undergraduate training in his work at MS? I was shocked.
But I haven't been
surprised by any of the utter crap we've seen come out of Redmond since that time.
More recently MS sent one of these blowhard.NET advocates to a company I was doing some work
for a couple years ago.
The guy thought we
should actually fall for their claims of having invented mixed language programming, mixed language IDE's and cross
platform development. The MSCE's in IT actually did.
I told him we used to call C functions from Fortran and vice versa on the VAX 11/780 running 4.2 BSD back
in '83 -- simple, because the compilers used a common object format, and all you had to do was understand
how the linker worked, and the differences in how both languages indexed arrays. And the MPW -- Mac Programmers'
workbench did the same for mixed-language programming in Pascal, C and Fortran with a pointy-clicky IDE. Again,
in the 80's. It's not rocket science. In fact, it's easier to have a single object format no matter what the higher-level
language is--why bother coming up with a different object format for every language you build a compiler for when
you can just keep re-using the same one. This is something new? NOT! And cross-platform development? UCSD Pascal accomplished
that in the 70's for crissake, and Sun borrowed the idea for Java.
Microsoft try to paint themselves as "at the forefront" and "implementing new ideas" and "doing research" and "innovating"
and use this to excuse their crap releases to the public.
But in fact, everything Microsoft has evern done have been
re-implementations of very old ideas (and often bad ports of old code), where, in many cases,
the open source community has already redeveloped
and reimplemented the code several times over, over several decades and already identified a lot of pitfalls,
security problems, and run across a wider
variety of use case scenarios.
But Microsoft is doing it for the very first time, and very publically stumble into known
pitfall after known pitfall (in the case of viruses, they stumbled in years ago and still haven't figured
out how to get out!), and seem to be completely ignorant of basic concepts that have been
very well-understood -- and discussed in the literature, if not undergraduate textbooks -- for decades.
Microsoft's apparent fundamental inability to design an operating system or have fundamental security measures
in place is consistent with something that a small army of Mr..NET and that CS/Math double major would
come up with. I used to concede that possibly those two guys were
just MS' cast-offs, sent out a-marketing and to summer school precisely because they obviously
did not know
jack shit. However, after seeing MS poor technical performance go on for year after year after year after year I really do think that they might actually representative of the quality of the people MS
hire.
She added that the WIPO official who embraced the meeting had done so without proper consultation with the member states, and that WIPO's budget already is strained and cannot accommodate another meeting next year.
Duh! Because she blew the budget (and god only knows who else) for M$ licensing. Not to
mention the
unexpected budget hits due to MSCE's having to come in and clean up after a bunch
of uh, recent viruses and worms. So she can't even afford to hold a meeting to figure out
how ditch this shit that
put her in the hole in the first place!
Good one, Lois! Where's your Man of Steel now ?
You've got to wonder about the intellectual capacity of someone who
is running the world Intellectual Property Organisation and doesn't even
have the brains to install Linux -- for free .
I don't mean to hurt your patriotic feelings, but isn't it very possible that many of those millions dies exactly for tho right of those huge corporations to trample over poverty stricken bodies?
The people that put their lives on the line did not do it for IBM or Microsoft or Bechtel,
or Halliburton -- they did do it for their country and what they
believed their country stood for -- freedom.
That some corporations connected to some reigning power elites
have seized opportunities to usurp and pervert the
freedoms that so many have died for, is the very sad irony and
disgrace that I identified.
And there appears to be a similar theme between the
corporate power that would usurp, pervert, monopolise and profit from the
nascent freedom of the Iraqi people, and the corporate power that would
usurp, pervert, monopolise and profit from control over the means
of distribution and certification of intellectual property.
That common theme is
corporate power perverting democratic institutions for their own gain.
So, in a sense, we actually agree with one another.
The UN on the other hand, is actively promoting both Linux and
WiFi in developing countries -- so it would appear that supporting and
developing open source
software is a way of eroding corporate power and corruption
in both the foreign and domestic arenas.
And it's something we can each actually do . If we
dare, in the face of potential reprisals--it's "a career-limiting move" after all.
Scared? There is no pump more efficient than a scared man with a bucket.
Gentlemen may cry, Peace, Peace-- but there is no peace. The war is actually begun! The next gale that sweeps from the north will bring to our ears the clash of resounding arms! Our brethren are already in the field! Why stand we here idle? What is it that gentlemen wish? What would they have? Is life so dear, or peace so sweet, as to be purchased at the price of chains and slavery? Forbid it, Almighty God! I know not what course others may take; but as for me, give me liberty or give me death!
There really isn't an opportunity to offer the price for freedom in this case.
Well this wasn't really a call to revolt --
more an observation that a whole lot of
people have put their very lives on the
line for the cause of freedom, only to
allow those same freedoms to be taken away, bit by
bit, by administrative maneuvers.
It is ironic -- and very, very sad -- that a people with the
courage to put their lives on the line for freedom will cower in terror when reprisals
are threatened for merely speaking
out against the erosion of those same freedoms.
Now clearly there is a road (no simple highway), which is to support open source software,
run linux yourself, and promote its adoption in the public sector, in schools, in
community organisations, and in small businesses. And when you find yourself
being criticised or penalised for it, remember that keeping to your own path despite
the reprisals is a very very
small sacrifice compared to what others have already sacrificed.
Freedom is like a muscle. You have to exercise it just a little bit more every day
in order for it to grow stronger -- and if you don't, it gets flabby and weak and useless.
If you push it too hard too fast (revolution) it tears. So I think that it's a false dilemma to say:
At the moment, it's either live under the tyranny, or leave the country.
When we have freedoms we can exercise, just a little bit more every day,
to unmask and weaken the forces of tyranny -- bit by bit, just as tyrants would
limit our freedom bit by bit.
Goddam well I declare
Have you seen the like?
Their walls are built of cannon-balls
Their motto is "Don't Tread on Me."
Slashdot Mirror
I can verify that the MCSE community is about 50% losers who I would not trust to tie their own shoe, and about 50% who know what they are doing on SOME if not MOST computing environments. Those are the ones who DONT just do Windows, but are versed in UNIX, Mac and other systems, and are prepared to deal with differences. I would suggest that any company that hires an MCSE who knows no other platform, is a very dumb company.
That's right. Because an el cheap-o quickie cert is no substitute for actually knowing something about computers It's certainly no substitute for a CS degree and 20 years development and admin experience on other platforms. Experience on a variety of platforms is actually the only guarantee you have that the person has any idea what's going on when taken out of their little point-and-click dumbed-down MCSE world.
I just had to laugh when this one MCSE was running around to my management telling them that my Linux box was "insecure" because it didn't have a virus checker. In actual fact, I'd put a virus checker on it that was 10 times faster than his, just to whipe his arse when his complaints got loud enough. I was also running a full-blown IDS, proxy and firewall on the Linux box.
When the "meeting" came, where I was supposed to be on the defensive about my "insecure" Linux box box, I told him how I'd tested the security on his "corporate level IT", described the measures I'd taken on the Linux box, and told him if he could show me a text file on my hard drive saying "MCSE WAS HERE" (like I'd left a note on his saying "TUX WAS HERE", and showed it to him in front of the very management he was bitching to about my "insecure" box), then I'd agree with him that his systems were more secure than mine. Never happened. The little toad. He went out and spent 30 grand on a turnkey firewall box after that, and had to get someone else in to set it up. And it was still crackable because it was so badly configured. Helped that I knew the guy that had designed it. BSD-based box. Nice little unit. Utterly useless in the wrong hands.
You know if these stupid, arrogant little MCSE toads weren't running around trying to play politics while not knowing even the fundamentals of their fields, it would be easier to help them get on with learning what Linux is about. They must get some sort of Ballmeresque Monkey-Dance Pep Talk about how it's in their best interest to play politics to try to ensure Micorsoft lock-down in their company or something. Monoculture.
I suspect little dramas like this are being played out all across the world, and the details of this particular story (mine, or the MadHatter's) are not particularly important.
What is important is the point that a quickie cert on which buttons to push is no substitute for actually understanding how things work, by the experience of having built things yourself , noticed the commonalities between systems (and the differences amongst them) when going from MVS to VM/CMS to Wylbur to TECO to TOPS to UCSD Pascal to VMS to BSD to SysII to HP/UX to SysV to Irix to SunOS to Solaris to NT to DOS to WinXX to RedHat to SuSE...in addition to a formal education.
The difference between an MCSE with 5 years of "experience" pushing buttons, and an MSCS with 20 years of experience in devlopment and systems planning and admin is like the difference between the machine-operator and the engineer. Why aren't the engineering societies demanding that the "E" in MCSE be changed to "O" -- for OPERATOR. (Support Engineer? What is that, somebody who designs sports bras and jock straps?) Because that's all they really are, is computer operators, NOT Engineers -- unless they have a whole lot of other training and experience, as you point out.
An MCSE is like someone who struggled through a high-school equivalency and then barely got an SAT score that qualified them for college by "studying the exam" vs someone
though they may be faster trigger and stored procs for the most part only serve to confuse and frighten the developer, because you've moved events outside of the programmer's control
It will only "confuse and frighten" developers that don't know SQL, and who, by definition, shouldn't be programming database apps in the first place
, (hmmm that table got updated but none of my code touches it)
So dump out the metadata table where the trigger and SP code is stored. It's not exactly rocket science
By avoiding triggers and stored procs you also make portability easier.
But not more reliable. What happens when hundreds of connections are being made to a transactional database, where updates are being made that need to cascade down several tables in order to ensure referential integrity. You really want to do that without triggers? With your "portable" apps, either you'll have to lock *all* the tables (if the database does not support row locking) involved in an update until *all* of the updates associated with a single transaction, or you'll just have to tolerate concurrent updates destroying your referential integrity.
I've seen programmers do the latter, and then refuse to disclose their source code on the basis that they're the big expert. What a larf.
Furthermore, you must be only acquainted with toy databases, if the order of magnitude difference in the execution speed of a stored procedure is not a *major* consideration. Databases are operating all the time, and there are some operations which must be completed before others. If your little java app falls over in the middle of taking ten times longer to complete a critical transaction with all of its tables locked when the same transaction could have been completed with a single stored procedure that fires off half a dozen triggers, and automatically rolls back if it doesn't complete -- I know which one I'd prefer. If it was my money being transferred from one account to another in a bank, for example.
My main problem with PostgreSQL is the query optimiser. Oracle's query optimiser is definitely superior as Postgres occasionally comes up with some peculiar query plans.
I had the same experience. You basically have to optimse large queries combined with joins and subselects on Postgresql yourself -- and often with Oracle, as well, if its for tables with > 1-10M records. ish. You might want to check out DB2. Awesome clustering -- IMHO more sophisticated and flexible than Oracle's. YMMV depending on the application, as always. Also, if it's a development environment, you can test DB2 and Oracle on linux boxen to your heart's content for the same price as PostGreSQL -- free .
MySQL may be able to handle subselects, but it's still struggling with triggers and stored procedures.
However, what kinds of "facts" do you have on these people leaving SCO to try to find work elsewhere? What do you know about them?
Well, You can read Ron Record's Resume on line. He states quite explicitly, under the heading "Objectives" -- "I may soon be seeking employment as an Open Source Solutions Architect" and quite frankly, my heart goes out to him. I don't know the man personally, but I do know that, when SCO started it was a bunch of academics at UCSC who were implementing Unix because it was the fastest damn thing on the planet (within budget) for doing their Chaos research. Ron was one of the original UCSC adacemics, and I for one, do not think he should be tainted with the same brush that Darl McBride has painted himself with. His work is there to be viewed by all, so you can evaluate it on its merits, rather than the slime-balls who happened to buy up the company.
Microsoft didn't "rip off" BSD/X/Apache/MIT code, or for that matter not QDOS and probably not AT&T. They used then in complience with the terms they were licenced under. For BSD style code, the reason it is licenced in that way is to allow other companies to make commericial products out of it. That is the whole point. How else is it that so many OSes managed to get TCP/IP support, and get it working well? Becuase it was possible to freely use the BSD code for it. (Linux is unusual in having its own implementation, a good thing for tcp/ip biodiversity.) Using the term "ripped off" here is quite wrong and totally misleading.
Certainly Microsoft may have had a legalistic right to commercialise code that others had written. But the Microsoft customer who thinks that what they're paying for is "trusted" Microsoft code, that this is not a shiny new car--it is an old rustbucket with a flash new paint job, and Bill Gates is no better than a used car salesman .
Furthermore, the customer has a right to know that the reason that for example, the "ping of death" bug was carried over from old BSD code to the first releases of Microsoft's TCP/IP stack -- was that they simply got it from somewhere else, and didn't bother to read, study and understand the code before cutting-and-pasting it (I won't even dignify what they did with the word "reimpliment" here).
Microsoft's basic misunderstanding of the importance of using consistent data types (in this case it was a bad mix of signed ints and unsigned ints -- the same reason the memory limitations on MS servers are so screwy) is the kind of thing that wouldn't be tolerated for five minutes in a homework problem turned in by a first-year CS student. Because Microsoft ripped-off this code rather than study, understand, reimplement and test this code -- and furthermore, didn't even keep up, intellectually, with their colleagues at UCB by contributing their own observations based on their own study of their understanding and reimplementation of the BSD code base, the ping-of-death bug persisted in Microsoft products for years after it had been fixed in BSD.
By contrast, other implementations, which were done from scratch, on their own dime, not big DARPA and IBM grants -- Linux, for example --of did not have this bug. Why? Because they openly studied, discussed, understood, and then re-implemented a whole new TCP/IP stack. What you averr to in passing, is actually the main point.
This gives us a score of: :2 -- Microsoft Proprietary Development :0
Open Source Development
Despite having been technically out-performed by the open source community while trying to commercialise a bad cut-and-paste job (i.e. rip-off ) of the Open Source Community's earlier BSD releases (the only ones Microsoft could get its hands on legalistically after RMS' brilliant GPL -- and the widespread adoption of it), Bill Gates, rather than thanking the open source community for providing him with the IP that has made him bazillions of dollars, has the nerve to turn around and characterize the very people who's code he is using as a bunch of spotty teenagers operating out of mom's basement, who, when engaged in the very activity that MS has ripped-off in the first place -- he accuses us of being the rip-off artists -- his rationale is, apparently that we don't have to pay microsoft for the code we've developed and shared amongst ourselves-- and microsoft can't commercialise it, either. ( heh heh heh...thank YOU, FSF for the GPL!)
I don't know the state of their source code (but rumour has it that its crap, true), but I do know the overwhelming reason for keeping it under wraps is becuase it is fully commercial code that they plan to make money on, and they don't want it in t
As long as they retain the copyright message etc. they are allowed to use BSD and X source code - in fact, they are encouraged to. They had a licence from AT&T for Xenix, and they bought the source code outright for QDOS. So the only significant thing is whether Microsoft have incorporated GPLed code into propriatory productcs
Is the legality of Microsoft's merely having ripped-off and marketed code developed by IBM, AT&T and UCB really the point?
Or is the point that it might be extremely interesting to know what percentage of MSDOS was their work, and what percentage was simply cut-and-pasted verbatim from orphaned products they got at bargain-basement prices when they couldn't just download it and redistribute it (adding a single line of (c) in the binary )? A significant portion of a "cut-paste-hack it until it sorta works-release" OS development would certainly explain a great deal about the resulting security holes, memory bugs, and just plain badness of Microsoft's releases. The suspicion is, of course, that Microsoft keeps their source code under wraps, not because it's so good that others might steal it, but because it's so badly hacked, and so obviously a cut-and-paste job that it will completely discredit the Microsoft developers.
We know that the Linux kernel, by contrast, was developed quite explicitly and demonstrably by a combination of "design-impliment-test-modify-test" and "study-understand-reimpliment from scratch" development methodology, not "cut-paste-hack". We know this because we can read the LKML and see the level of discussion, and see how this follows the succession of changes to each part of the code, and see the alacrity and level of intelligence with which bug reports are attended in Linux. In the beginning, Linux was originally a complete re-write of Minix, not a badly hacked port. Likewise, X was a complete re-implementation of the windowing systems developed at Xerox and Sun Microsystems, not a bad cut-and-paste job. But how much of the Win3.11, Win95 and MFC code was a bad cut-and-paste job from X? How much of MSDOS was a bad cut-and-paste job from QDOS, XENIX and BSD?
Inquiring minds may want to know how extensive Microsoft's rip-off been, whether or not the rip-off was "perfectly legal."
Furthermore, it would be extremely interesting to see what percentage of Microsoft's OS's are derived by bad cut-paste-hacked , versus the percentage of code Linux legitimately has in common with BSD and early AT&T Unices. Why is this interesting? Because perhaps the most destructive aspect of SCO's claims against linux is that it creates the impression that it's all "borrowed code." Whereas, I would wager that the percentage of *borrowed* code in MSDOS, Win3.11, Win95 and WinXP are far higher.
And not just the percentage-of-lines of code would tell you something, but also would the size of clusters of common code. For examples, large blocks of common code would generally indicate cut-and-paste, whereas a function here and a function there, each with a line here and a line there different -- would indicate that it had been partly borrowed, but extensively modified. Identical function names, but with completely different code inside them indicates a complete re-implementation of an API, probably for backward compatibility's sake. And so on and so forth.
A very public shred of MSDOS/Xenix/QDOS/BSD compared to a shred of Linux/BSD/AT&T Unix would not only be extremely enlightening, but, from a Public Relations point of view (as well as an intellectual integrity point of view) essentially highlight the fact that MS code was never a shiny new car, but just an old rustbucket gotten out of the junkyard, and given a new coat of paint. Whereas Linux really is a shiny new car, with many parts modelled after, and improved over the best classic designs.
Of course, you'd expect people to be able to figure
No need to get angry. Read what you wrote:
don't know if anyone could even use it. Under HIPAA law you have to have a business associate's agreement with all vendors, and ALL vendors must supply support for the products or they aren't compliant. That's not even about the actual security or code flow of the program, but the whole project itself. I do HIPAA audits, and I couldn't give them a a good rating on the risk analysis if they used it, because of that. No support==non-compliant. I could suggest they buy it from your company if your selling it, I don't see it being used by an IT staff somewhere without a vendor.
The parent of that posting is the original article. Shall we quibble about what the word it means? Open Source? This project based on Open Source? The ONLY information you have on the project based on the original article is that (a) it is open source and (b) that it has the inside track on funding. If you read the sourceforge entry, the only additional information you can gain is that they plan to use Windows/Delphi/Kylix on the client side and MySQL on the server side. (eeeyuck! but that's a technical preference of mine, nothing to do with HIPAA audits).
So, whether you meant that you "couldn't give them a good rating on the risk analysis if they used [open source]" or that you "couldn't give them a good rating on the risk analysis if they used [project you know nothing about except that it uses open source and has an inside track on some funding]" -- the bottom line of what you wrote implies that (since the only substantive thing you know about the software they propose is that it will be an open source package for keeping medical records) this medical records system will be inadequate.
Obviously, there is a big difference between what you wrote and what you meant to say .
If what you meant to do was to alert the author to the imporance of having an SDLC or an SLA such that the institution using it wil pass HIPAA muster, then tell them, that they use open source it or not secondary to the importance of the quality of their SDLC and support SLA, in order that the institutions who may adopt their software pass an HIPAA audit. This is perfectly reasonable. You might also suggest that he use a slightly better and more platform-independent system than Delphi, as many Delphi components do not port nicely to Kylix. You might also suggest that he consider using a more robust database than MySQL -- PostGreSQL perhaps, one that can handle triggers and stored procedures, as the sheer size of medical records storage problems are legendary . There are a host of technical suggestions you could make that would contribute to the final systems' ability to actually work in the real world.
In your reply, your objection is that This particular law requires vendor support. It wants an externally designatted source that will say "we support this software for technical issues". This could be just about anyone who downloads it and takes the time to learn it. It could be them. It will probably be the people funding them.
So? Why not. Could be you. Are you objecting to the fact that one group wrote it, and any number of others might sell support for it? In that case, what do we do with all those MSCEs that would support the Windows part of it, but did not have any part in developing MS Windows?
There is only one developer registered for the sourceforge project, and while one beta prototype has been released, one would expect that the author intends, by stating he is open sourcing it, to check the code into the sourceforge CVS repository. Granted, CVS is only an SDLC tool, not the SDLC itself, but it bodes well.
What else? Oh, that toy RDBMS and thick Delphi-based Windows client. Well, until we see the proposal, we really have no idea what he's going to do to redevelop the prototype into something ready for Cedar-Sinai, do we
I can't imagine that MS would want to create a court approved method to compare its code to those that it might have stolen from in a way that doesn't give MS the cover of not wanting to reveal its code in public
OOOH, now that's interesting. I wonder how much of MSDOS was ripped-off AT&T XENIX and IBM's QDOS. I I wonder how much of Win3.1, Win95 was inherited from ripped-off AT&T XENIX and IBM QDOS. I wonder how much of the ftp, tracert and telnet apps on MSDOS/Windows is line-for-line copied from 4.2 BSD. I wonder how much of the Windows GUI was "borrowed" from X.
Shred hard. Shred fast. Shred MICROSOFT .
I don't know if anyone could even use it. Under HIPAA law you have to have a business associate's agreement with all vendors, and ALL vendors must supply support for the products or they aren't compliant. That's not even about the actual security or code flow of the program, but the whole project itself. I do HIPAA audits, and I couldn't give them a a good rating on the risk analysis if they used it, because of that. No support==non-compliant. I could suggest they buy it from your company if your selling it, I don't see it being used by an IT staff somewhere without a vendor.
The underlying assumptions you are making are:
But all four of these assumptions are not necessarily so. Remember those little logic problems you had to solve to pass your GMAT? If some Snickers are Doodles and Some Snorkers are Doodles, is the statement "All Snickers are Snorkers" (a) True (b) False (c) Indeterminate? (hint: the answer is (c) Indeterminate).
I will disprove each of your assumptions by giving a counterexample.
1. open source == no vendor
The IBM Corporation develops open source software. But maybe you'll need to give them a call to determine if they're "real company" . You could just check their SEC filings, or perhaps their current stock price. But perhaps you will call IBM Coporation's CEO -- y'know, just to make sure that The IBM Corporation isn't just some kid working out of his mom's basement? D'ya think?
Therefore, the statement "open source == no vendor" is...(c'mon, I know you can figure it out...trying, trying) FALSE! correct.
.
2. open source == no support
I use SuSE Linux, which, when you register, gives you a free installation support contract. I've used it twice, and gotten the solution to the problem back within a couple of days. I therefore conclude that their support is good. If you need corporate-level instant-turnaround support, SuSE will happily sell you a support contract. Their terms are very good, and their reputation for honoring their support contracts is sterling .
Therefore, the statement "open source == no support" is... FALSE! Right again.
3. open source == pay no money to the vendor ... FALSE! Hey, we're batting a thousand today.
Read the GPL. Open source means that you must distribute the source code with the executable, and that all derivative works must also distribute the source code. It does not prohibit you from accepting money for the executable, it does not prohibit you from supporting the code, and it does not prohibit you from providing the support, as a company, in exchange for money. Even the "Free" in "Free software" means "Free as in speech" not "Free as in Beer."
Therefore, the statement "open source == pay no money to the vendor" is
4. open source == unknown parties are modifying the code in an uncontrolled manner
I think that Linus would be extremely surprised to hear this. Quite frankly, I have never seen an SDLC as tight, in any proprietary software house I've worked in, as tight as that applied to the development of the Linux kernel. Although I hear that *BSD is even harder to get code committed to than to Linux. In many open source projects, there is one person who decides whether each individual mod will be accepted or rejected. Insitituting tight SDLC, including source code version control, unit testing, conformance testing, integration testing and user acceptance testing -- is up to the manager, whether it's open source or proprietary code that's under development. Under open source, the customer actually has a far better guarantee that these tests are being completed than in a closed source environment, because the customer
Thank you!!!!
... who was that masked AC? I almost didn't get a chance to thank her!
This is interesting, because I was just searching for some old BSD archives the other day. The reason was, some NZ orgs have been threatened with patent infringment on "a system that encrypts/decripts to a database on a separate server" -- immediately I thought of the old practice of using Rot13 in combination with usenet news (net.jokes) to obfuscate potentially offensive jokes -- well, they didn't say how strong the encryption had to be in order to qualify as "encryption."
The matter of concern was whether we could obtain evidence that this was being done prior to 1997 or so -- Rot13 was being used in conjunction with rn at least as early as 1983 -- I know, I used it -- but Google's net.jokes archives (a) don't go back that far, and (b) auto-decrypt the Rot13 jokes in its archives.
So, while it's not a matter of burning importance at the moment, it would have been nice if I could have grepped out the source for an historical version of rn from, say, 4.2 BSD, to definitively prove that this technology existed long before the patent claim this org was being hit with. As it was, they took my word for it at the org, and heck if we have to dig out some old 1600 BPI tape to prove the point, guess that's what we'll have to do.
This is why I think that the historical versions of Linux on the net is a really, really good thing, and wish that there were also 4.2 BSD, 4.3 BSD, Unix V6, SysIII and SysV historical sources available as well. Not only to invalidate SCO's claims, but a whole host of frivolous patent suits.
Could be, Could be. But as they say, there's a seeker born every minute.
- Travels in the Eastern US, with emphasis on Northeast cities
- B&P members, when going abroad, tend to go to latin american countries -- where have the tiles
been sighted overseas? Chile, Brazil. Places to look next -- Nicaragua, Hondouras, DR
- Typography is almost identical on Toynbee Tiles and the block-printed leaflets and posters B&P print
- Phraseology is very similar to those used on B&P leaflets and posters: cryptic announcements,
incomplete sentences, etc.
- Ideology is consistent: the use of street theatre as a tool of waking up peoples' ideas,
references to "Resurrection" and history, decline of civilisations, so forth.
- When I saw the picture of the tile, I could swear I saw something exactly like it
on one of the B&P leaflets or posters, not the last time I was in Glover, but on one of their
trips to Ithaca, NY
Therefore, I think it would be worth a trip to Glover, Vermont to have a peek through their archives, if there are any Toynbee Tiles Obsessives up in that area. It's just a hunch. Listen to your real gas music from Jupiter on the way.The IBM ad doesn't have even a whiff of technology. It consists entirely of human contributions. Techies manage technology, they solve problems by applying tech to problems. But managers manage people, they solve problems by applying people to problems. Managers don't need or want to understand "open-source". The IBM ad teaches managers that open-source means people are constantly working to improve Linux. The manager learns he can harness all of those people and all of that work for his own benefit. Open source means all of thouse people are working to solve his problems for him.
In an ideal world, yes. In the real world, in order for managers to "apply people to problems" (which means that the technologically clueless one is in charge -- great ) they first must control those people who can solve problems. And controlling programmers is difficult.
One of the prime mechanisms of control managers have over the in-house programmers is requiring to see a purchase order out front of everything they need to do their job. And one of the prime mechanisms of control managers have over "out-house" programmers is whether or not they get paid .
As the open source model undermines the most potent mechanism of control these non-programmers have over their technological resources, it also undermines the IT manager who is not able to win the respect of his or her programming staff by dint of having done a great deal of software development himself -- or herself.
Programmers will respect and follow ESR, Linus, and any number of people for no pay whatsoever, because they respect their judgment . Progremmers will simply put in face-time and a nominal effort, even if they're being paid if they have no respect for the abilities of the person they're working for.
Unfortunately, since MS crap has spawned a whole generation of IT "managers" who don't have a farking clue -- there is a whole layer of management who simply cannot get with the open source programme.
I saw the best minds of my generation destroyed by Redmond.
So, quite frankly, I must respectfully disagree with you that there is any way of winning over these glorified secretaries that call themselves managers, because their non-existent technological judgment will never win the respect of either the open source community or their own staff.
Repeat after me, we are all individuals
I'm not!
The need to reach a diverse audience is growing, as studies show that technology buying is more frequently decided by business managers rather than technical specialists.
Correct. Which is also why the PHBs frown on use of Open Source in general, even when the company's directors have decided to go in an Open Source direction, unfortunately.
The PHBs can more effectively control the technical specialists when every time the technical specialist turns around to solve a simple problem or do something new, it requires purchasing something .
Purchasing something, in turn, requires providing lenghly explanations to these weasels in middle IT management who have never written a line of code in their lives, but who desperately need to keep justifying their existence by throwing around new buzzwords in *their* management meetings. Take away their purchasing power by using Open Source, and the poor dears will flounder -- and founder.
Also, the way these PHB's get to feel important, is by the sheer number of staff and dollars in their command. Fewer dollars for software that can be supported by fewer people, means the PHB is less important--in both his own eyes, and in the eyes of his peers -- other PHB's.
If the techo can be the hero just on the basis of having acquired, modified, fully tested and deployed something before PHB even gets wind of it, good-bye PHB.
Open Source threatens to take away a whole layer of IT "management" which, in the interest of the company's productivity and profitability is a GOOD thing. But not in the interests of the smarmy layer of IT "management" that is so clearly undermined by the Open Source process.
So IBM has to market to company directors and senior management, because their interest is in the company's productivity and profitability.
Perhaps IBM needs to air a commercial which features a lowly techo and a company director violently agreeing on an Open Source deployment that has saved the company millions, with a PHB middle management drone making increasingly weak arguments against it, while the PHB is taking back-handers and getting his latest round of meaningless buzzwords and lame, losing anti-linux rhetoric from some MicroSlut PR drone.
Have you ever thought that maybe women aren't going the route of academia?
Yah, and all the reasons why--sexual harassment, the well-documented "chilly climate", a tenure clock that makes it easy for men with a stay-at-home wife to have children, but not female faculty, prejudices of women's ability to do science based on statistically insignificant differences in standardised tests that produce equal performance when womens' education is equal--add up to something between "unconscious" sex discrimination (was the prof putting his hand up his grad student's skirt "unconscious" -- or was he just drunk ?) and cold and deliberate sex discrimination .
The exclusion of african americans and hispanics from the academy has more to do with the accumulation of the disadvantages of class discrimination than outright racial discrimination-- but racial discrimination goes on too. At one department at UIUC, I noticed a black face I'd never seen at departmental functions up on the faculty photo board. When I asked who he was, they said, "oh, we let him teach a few classes. We had to hire him because of Affirmative Action. His office is across campus." And then they laughed at him. Totally disgusting.
The fact that women have outnumbered men in certain scientific fields for decades yet have hovered around the 5% mark in representation at the senior faculty level is yet further proof. I've never heard men worry about being "overqualified" by getting a PhD, for example, yet it's a common concern among female biologists. Why? Because they certainly would be overqualified with a PhD -- for the kinds of jobs that women are supposed to do. What we call "bottle-washing." Lab techs. Rather than PI on research grants.
One woman I know wrote a proposal as a post-doc only to have her advisor give the grant money to an incoming graduate student. A year later, she was sitting on a board evaluating the same faculty member's next proposal -- a request for an extension on the original proposal she'd written. Apparently, the incoming graduate student couldn't do the job as well as the person who's idea it was -- hers. She simply sent the request for extension to the guy's most hated enemies for peer review.
As for sports programs: they are a must-have, because they attract alumni donations and things like that. A uni cannot operate without donations from the outside, and a sports team is one way to get those.
This used to be the case when rich alums were mostly men. Stupid white men, to be exact.
That is changing.
I tell them flat out that they're not getting a dime from me or any of my friends until they have 50% representation of women, 12% african-american and 8% hispanic on the engineering, mathematics and physical sciences faculty-- at the full professor and endowed chair level not just puling away teaching 4-5 introductory courses without tenure semester after semester. Cornell, The University of Chicago and Harvard have all gotten this message in their postage-paid self-addressed envelopes soliciting donations--instead of money.
And lo and behold, on the front page of the next newsletter, you hear how hard their trying.
Not good enough.
20 years of women being 50% of the undergraduate biology majors, and they still have only 5% women on the senior faculty in biology ! If they can't even make any progress in fields where they've had more than enough gals in the pipeline for 20 years -- and in a field that's extremely well-funded...
They won't convince me that they're trying in fields that have gone from zero female faculty and zero women graduated with their PhD ever -- to having between one and zero female faculty-- where that one is just somebody's wife on a two-for-the-price-of-one deal. Sheesh.
One reason might be what has happened to critical parts of BSD due to its licensing terms being less restrictive than GPL. Look at what happened to Gated. Sad, really.
In other news, NASA officials have reported that their latest multispectral Earth Observation Satellite in geosynchronous orbit over the Pacific has detected a line of mysterious brown spots that apparently "appeared overnight".
NASA officials reported that the line extended from Sydney to what appeared to be "a real steaming pile of it" in Redmond, Washington.
NASA went on to point out that this line is oddly similar to another line detected by its LandSAT satellite-- extending from Redmond, WA to "somewhere in Utah".
Female + CS degree = they'll just assume that the only thing useful you'll really be able to do is technical writing and glorified secretarial work er- I mean "management." Even after you've been coding for 20 years.
Microsoft security has always been implemented as an afterthought. They write code as quickly as possible, test it under normal use, and release it. Internet Explorer is a good example. Most of the exploits people find are just variations on past exploits, and Microsoft just patches each specific exploit rather than fixing the design flaw that responsible for the whole class of exploits.
Amen. I formed my opinion of Microsoft coders when I got a student at a prestigious national lab to supervise in one of our summer-schools nearly a decade ago now. His claim to fame was that he was a double major in math and CS and worked for Microsoft.
His first task, which I thought should have taken a couple days at most, was to write a table lookup function in C. First he insisted on using C++, and after a week, he had something: hundreds of lines of cases and ifs hand-tailored to the specific table at hand. And the lookup just took forever. And crashed for half the cases. Oh, he presorted the table first--with a hand-coded neither bubble nor shell sort, extremely inefficient. WTF? Didn't they cover hash tables and sort algorithms in any of his CS courses? Hadn't he used anything covered in 4 years of undergraduate training in his work at MS? I was shocked.
But I haven't been surprised by any of the utter crap we've seen come out of Redmond since that time.
More recently MS sent one of these blowhard .NET advocates to a company I was doing some work
for a couple years ago.
The guy thought we
should actually fall for their claims of having invented mixed language programming, mixed language IDE's and cross
platform development. The MSCE's in IT actually did.
I told him we used to call C functions from Fortran and vice versa on the VAX 11/780 running 4.2 BSD back in '83 -- simple, because the compilers used a common object format, and all you had to do was understand how the linker worked, and the differences in how both languages indexed arrays. And the MPW -- Mac Programmers' workbench did the same for mixed-language programming in Pascal, C and Fortran with a pointy-clicky IDE. Again, in the 80's. It's not rocket science. In fact, it's easier to have a single object format no matter what the higher-level language is--why bother coming up with a different object format for every language you build a compiler for when you can just keep re-using the same one. This is something new? NOT! And cross-platform development? UCSD Pascal accomplished that in the 70's for crissake, and Sun borrowed the idea for Java.
Microsoft try to paint themselves as "at the forefront" and "implementing new ideas" and "doing research" and "innovating" and use this to excuse their crap releases to the public.
But in fact, everything Microsoft has evern done have been re-implementations of very old ideas (and often bad ports of old code), where, in many cases, the open source community has already redeveloped and reimplemented the code several times over, over several decades and already identified a lot of pitfalls, security problems, and run across a wider variety of use case scenarios.
But Microsoft is doing it for the very first time, and very publically stumble into known pitfall after known pitfall (in the case of viruses, they stumbled in years ago and still haven't figured out how to get out!), and seem to be completely ignorant of basic concepts that have been very well-understood -- and discussed in the literature, if not undergraduate textbooks -- for decades. Microsoft's apparent fundamental inability to design an operating system or have fundamental security measures in place is consistent with something that a small army of Mr. .NET and that CS/Math double major would
come up with. I used to concede that possibly those two guys were
just MS' cast-offs, sent out a-marketing and to summer school precisely because they obviously
did not know
jack shit. However, after seeing MS poor technical performance go on for year after year after year after year I really do think that they might actually representative of the quality of the people MS
hire.
It certainly would explain a lot.
Insane Anglo Warlord
She added that the WIPO official who embraced the meeting had done so without proper consultation with the member states, and that WIPO's budget already is strained and cannot accommodate another meeting next year.
Duh! Because she blew the budget (and god only knows who else) for M$ licensing. Not to mention the unexpected budget hits due to MSCE's having to come in and clean up after a bunch of uh, recent viruses and worms. So she can't even afford to hold a meeting to figure out how ditch this shit that put her in the hole in the first place!
Good one, Lois! Where's your Man of Steel now ?
You've got to wonder about the intellectual capacity of someone who is running the world Intellectual Property Organisation and doesn't even have the brains to install Linux -- for free .
I don't mean to hurt your patriotic feelings, but isn't it very possible that many of those millions dies exactly for tho right of those huge corporations to trample over poverty stricken bodies?
The people that put their lives on the line did not do it for IBM or Microsoft or Bechtel, or Halliburton -- they did do it for their country and what they believed their country stood for -- freedom.
That some corporations connected to some reigning power elites have seized opportunities to usurp and pervert the freedoms that so many have died for, is the very sad irony and disgrace that I identified.
And there appears to be a similar theme between the corporate power that would usurp, pervert, monopolise and profit from the nascent freedom of the Iraqi people, and the corporate power that would usurp, pervert, monopolise and profit from control over the means of distribution and certification of intellectual property.
That common theme is corporate power perverting democratic institutions for their own gain.
So, in a sense, we actually agree with one another.
The UN on the other hand, is actively promoting both Linux and WiFi in developing countries -- so it would appear that supporting and developing open source software is a way of eroding corporate power and corruption in both the foreign and domestic arenas.
And it's something we can each actually do . If we dare, in the face of potential reprisals--it's "a career-limiting move" after all.
Scared? There is no pump more efficient than a scared man with a bucket.
-- Patrick HenryThere really isn't an opportunity to offer the price for freedom in this case.
Well this wasn't really a call to revolt -- more an observation that a whole lot of people have put their very lives on the line for the cause of freedom, only to allow those same freedoms to be taken away, bit by bit, by administrative maneuvers.
It is ironic -- and very, very sad -- that a people with the courage to put their lives on the line for freedom will cower in terror when reprisals are threatened for merely speaking out against the erosion of those same freedoms.
Now clearly there is a road (no simple highway), which is to support open source software, run linux yourself, and promote its adoption in the public sector, in schools, in community organisations, and in small businesses. And when you find yourself being criticised or penalised for it, remember that keeping to your own path despite the reprisals is a very very small sacrifice compared to what others have already sacrificed.
Freedom is like a muscle. You have to exercise it just a little bit more every day in order for it to grow stronger -- and if you don't, it gets flabby and weak and useless. If you push it too hard too fast (revolution) it tears. So I think that it's a false dilemma to say:
At the moment, it's either live under the tyranny, or leave the country.
When we have freedoms we can exercise, just a little bit more every day, to unmask and weaken the forces of tyranny -- bit by bit, just as tyrants would limit our freedom bit by bit.
Goddam well I declare
Have you seen the like?
Their walls are built of cannon-balls
Their motto is "Don't Tread on Me."