The politicians there are of the obscene idea that DeCSS is a tool of pirates, and that preventing piracy trumps the US Constituion guaranteed right of free speech (which in reality is SUPPOSED absolutely any authority that or any court has).
Clintons economic coattails? You realize that the dotcom crash and recession started at the tail end of clinton's administration right?
The economy doesn't change overnight. What we are seeing now is how clinton affected the economy, it won't be until well after the election that see the real standing economic impact of what bush has done.
Actually it was clinton who fucked the economy. The economy doesn't work as fast as some people seem to think... we will be a ways into the next candidate before we actually see how what bush has done has impacted the economy.
Somehow I suspect it won't be bad at all. War is good for the economy, reduced taxes are good for the economy, and liberating the oil in iraq is definately good for the economy (your a complete idiot if you think that had even the slightest to do with anything else... from the first gulf war to now it was always 150% about oil and us).
Because of the average idiot, people will give credit (be it good or bad) to the next candidate for what happens with the economy... it's actually kind of hilarious.
About 1/3 of all windows XP machines crash 3 or more times daily DUE TO THE OS NOT APPS. And that is just the ones that actually click "send report".
1/3 is 1/3 regardless of how many there are. 80+% of the web runs on apache last time I looked. So to be on even keel the other 20% would have to all be IIS (which they aren't) and 80% of defacements would have to be on apache sites, and 20% on IIS. This would make it 50/50, IIS+ windows is no more or less exploitable than linux+apache.
Remember boys and girls... microsoft may have a monopoly on the desktop. But in the web sphere they are WAY out of their league.
Now what we have is 60%, not 80%, and then we start chopping... how many of those defacements are due to insecure cgi scripting (my guess would be damn near all of em), php scripting, etc. How many are due to servers which have no been properly secured. How many of them are due to applications rather than OS itself (we'll be fair, only microsoft made apps continue to count against windows 3rd party don't, and only project maintained by linux torvalds count against linux).
Actually if you think about it, as depressing as 60% sounds... These numbers show linux to be MORE secure than windows, not less.
By default all these things stupid users want should not be turned on. That is a prime example of the mindset which is responsible for 90% of the architectural issues with windows.
These things shouldn't be difficult to turn on... if you know how. The users should have to learn at least enough about what they are doing that they couldn't blame anyone but themselves if something goes wrong after turning them on.
Users should have to go out of their way to run on a priveliged user, and the default should be unpriveliged.
I've worked for many fortune 500 companies if not microsoft. It's generally harder to get a job at a small business. At the small business you actually have to show you know something, you have to impress it and then show it to keep the job.
At a fortune 500 you have to go through a reem of warnings that reset before they run out and you can know lots of technospeak without knowing how to write a proper line of code and STILL keep the job.
Are you intentionally ignoring the fact that most of the world's population is NOT in the US themselves and therefore STILL out of the reach of the US? Or are you so far gone you automatically ignore the vast majority of the people on this planet?
Linux = good BSD = good NT = bad proprietary Unix = good but expensive BeOS = bad Plam = wtf is plam?
here is a comparison:
Linux VS NT = linux wins bsd vs nt = bsd wins anything vs NT = anything wins bsd vs linux = linux wins proprietary unix vs linux = linux wins but it's a tight race bsd vs proprietary unix = bsd wins again a tight race won by price and development model;) plam vs anything = again wtf is plam?
I'll take software released with UI flaws over software released with security and stability flaws anytime;) Security and stability should be taken care of first, UI bugs come in second.
Although to be honest I haven't really had any UI problems with open source software. Not following one single scheme is a strength in my book. This is what has made the video game generation good at adapting to different applications and schemes... not two video games have UI's designed to be similar. Yet players still pick up a new game and don't even have to think about the UI 90% of the time.
I look at uniform UI scheme's as a way of getting people tied into your mindshare scheme. Once they get used to the box you present it's hard for them to adapt to something else. If however the users are not acustomed to a single scheme, but learn in a world where the UI differs from one application to the next, their minds learn to quickly adapt to new and different interfaces as a matter of course.
Surely this is what you mean? Most open source apps don't have buggy UI's, they just aren't uniform. The UI's are typically more intuitive and powerful. It's also my belief that the UI should be designed for the power users, not the bottom denominator... the bottom denominator is not a level users should be staying at... so software design should not stay there either. Using a linux system, an average user ends up a power user naturally within a couple years. In the windows world this is not true, the user has to go out of their way to learn anything about the system. As far as I'm concerned, it's the windows way that contitutes bad UI design when one looks at the big picture... not the linux way.
Just because open source can do in a couple months what takes a commercial entity a year doesn't mean those releases aren't higher quality.
Incremental releases aren't "new versions" however. They are primarily to fix bugs and round out loose ends. 1.0 is a release. 1.1 is NOT a release, it's an incremental release that is just an update for various reasons on 1.0.
That's all very well and good. But that "market determined reality" won't stop SCO from losing their lawsuit and being sued out the arse for the copyright infringement they are commiting. It won't stop sco from being bitch slapped into non-existance.
Those who are buying SCO legitimately thinking it's a good investment (as opposed to the day traders who literally "play" the market) will lose their ass because they had no idea what reality was.
The average user, the average user doesn't know how to hide and reopen the folder list. Their lucky if they know how to view mail in different folders.
Aye I find email a bit easier to deal with since I filter out spam on my mail server and I don't have to examine the source of any mail I read.
The OSS community has exactly ZERO motivation to "get the product to market". In case you don't know it nobody is paying them millions or even buying them a bear for producing a release. In most projects MASSIVE amounts of time are spent looking for bugs and security holes. Want to help? You can go look for security holes in ANY project under development... turn in patches for legit holes and guess what, they'll be accepted.
You do realize that the people who program for "Microsoft are normal everyday mistake making humans, right? You also realize that somebody spent a great deal of time trying to find that exploit, right?
MS could be held responsible, but what would that really accomplish? MS can run around trying to do everything it can to make itself 'exploit-free', and somebody'll find a way to be obnoxious anyway. Chain letters come to mind. Socially engineered obnoxiousness."
I suppose leaving literally tens of thousands of security holes which are exploited by viruses worms, etc over the years could be looked at as the side of "mistake making human beings" but these things aren't really even mistakes. If you are intentionally not looking for security holes because you consider it more important to get the product to market or because the market demands the bad design, then it's not missing anything at all when security holes get through, is it?
" Why does Microsoft security and Windows Update keep coming up in this? This is an e-mail worm. People keep running the damned attachment like morons. It's their fault. Hell, my ISP doesn't even let.scr or any other sorts of files get through without specific permission from the user. Outlook won't run executables unless I tell it to."
Your ISP is likely not even running windows or uses a seperate "box" which filters the mail. Alot of people running windows sit behind a linksys router with a built in firewall and laugh about these vulnerabilities. They don't realize they are sitting behind a layer of the simpliest and weakest form a linux security living in that router.
Outlook won't run executables unless you tell it to... yeah we already had worms that executed automatically in outlook. But wait that fixed that hole.. you sure there aren't any others? All you have to do is click the attachment and that is "telling it to". Me on the other hand, I have to save the file and then change the filesystem permission on the file to executable and THEN and only then AFTER I have explicitly gone out of my way to make the system recognize the file as being executable may I execute the file. Sure I can set my mask so that EVERY file has execute permission by default but why would I? Or I could do it another way, make up a system where I put 3 letter codes at the end of files and the ones with the rights codes are executable... but hey, couldn't anyone name the file that way? oops.
This boils down to a fundemental flaw in the way the system was designed back in the DOS days. Any change would completely annihilate the existing windows structure and all the code surrounding it. Course they could have... I dunno. Designed the system using ANY of the concepts implemented in ANY OTHER operating system in existance and we wouldn't see this kind of thing today.
If a user is too stupid to right click on the file and check the box by the execute permission. He's too stupid to be trusted to execute files.
"No matter what you do to lock them, people will find more and use them in a destructive manner."
I wonder if this is the logic microsoft uses when they don't bother looking for them at all?
We aren't talking about a couple human oversights here. We are talking about tens of thousands of viruses, worms, trojans, exploits, etc. This isn't "oops missed a couple" this is a case of them not bothering to look or not caring. The market wants something, they put it out whether it's good or not and they do their best to put it out before anyone else (something they usually fail at since 90% of their ideas are stolen and the rest are BAD ideas like mail scripting!) even if the only way to do that is skip the part where they look for security holes, or design schemes.
The idiots put ease of use before functionality, stability and security and THIS is the result.
I 100% agree. If a "feature"'s function is a security hole, that feature should never be implemented. No matter how useful, no matter how many people want it.
That is the difference between corporate design and that of open source projects. Open source has no motive to put things like mail scripting into an email app... they aren't subject to the demand of the market. A commercial entity only cares about it's bottom line.
Truely it is tragic, and no, if the coders do their best what more can you ask? But Microsoft has continued to produce the most insecure and bug ridden software. If there is a flaw in apache, they are on it in a heartbeat... everything possible is done to prevent security holes.
The number minor and serious holes in microsoft software which are actively exploited makes it pretty clear. Microsoft basically seems to release software first, and then look for security holes second. Apparently what they are looking for in beta testing is usability bugs that would prevent them from releasing. They are in a hurry to get software to market and leave the looking for holes part for later.
Apache and other open source software on the other hand tends to run the other way (although anybody can make a project and develop however they please). Look for bugs that cause security problems and system instability first... minor graphic update glitches and such come second.
In a perfect world both would be ironed out before ever being seen by the public... in the real world I think it's obvious that the open source way is better.
absolutely, all the good stuff from novell, including their vaulted directory services being migrated to the *nix world is great. But netware itself is definately on it's way out.
If that's the case, and it comes out in the falling of SCO. It could make ALOT of proprietary code magically enter the open source world... since it would make unixware and sysv core gpl'd, and all the derivatives made by each company thereafter. Further, it would make a difference because every customer who purchased copies they used this code in is entitled to the complete source. There is a good chance that SCO's "assets" in unix copyright will be repo'd to pay for their loses in court anyway, and in turn be gpl'd.
But something like this could put proprietary unix to death once and for all.
Because the merits of their leaked code are not mainstream news. If you follow slashdot and the stock market you'll notice you hear about advances on slashdot long before it goes through the market news channels (and inevitably the ones reporting attempt to discuss the effects and have NO clue wth they are talking about).
From what I've seen the business world has little interest in investing based on reality.
yes but THESE are default. If you don't understand how to make the file executable, you can't execute it.. not even as root. No distro defaults to giving newly created files executable permission!
Congratulations, your anal. In any case, if you buy a pirated cd, all the same legal issues apply as if you downloaded it off the web. It does not magically become ok because you bought it.
The politicians there are of the obscene idea that DeCSS is a tool of pirates, and that preventing piracy trumps the US Constituion guaranteed right of free speech (which in reality is SUPPOSED absolutely any authority that or any court has).
Clintons economic coattails? You realize that the dotcom crash and recession started at the tail end of clinton's administration right?
The economy doesn't change overnight. What we are seeing now is how clinton affected the economy, it won't be until well after the election that see the real standing economic impact of what bush has done.
Actually it was clinton who fucked the economy. The economy doesn't work as fast as some people seem to think... we will be a ways into the next candidate before we actually see how what bush has done has impacted the economy.
Somehow I suspect it won't be bad at all. War is good for the economy, reduced taxes are good for the economy, and liberating the oil in iraq is definately good for the economy (your a complete idiot if you think that had even the slightest to do with anything else... from the first gulf war to now it was always 150% about oil and us).
Because of the average idiot, people will give credit (be it good or bad) to the next candidate for what happens with the economy... it's actually kind of hilarious.
About 1/3 of all windows XP machines crash 3 or more times daily DUE TO THE OS NOT APPS. And that is just the ones that actually click "send report".
1/3 is 1/3 regardless of how many there are. 80+% of the web runs on apache last time I looked. So to be on even keel the other 20% would have to all be IIS (which they aren't) and 80% of defacements would have to be on apache sites, and 20% on IIS. This would make it 50/50, IIS+ windows is no more or less exploitable than linux+apache.
Remember boys and girls... microsoft may have a monopoly on the desktop. But in the web sphere they are WAY out of their league.
Now what we have is 60%, not 80%, and then we start chopping... how many of those defacements are due to insecure cgi scripting (my guess would be damn near all of em), php scripting, etc. How many are due to servers which have no been properly secured. How many of them are due to applications rather than OS itself (we'll be fair, only microsoft made apps continue to count against windows 3rd party don't, and only project maintained by linux torvalds count against linux).
Actually if you think about it, as depressing as 60% sounds... These numbers show linux to be MORE secure than windows, not less.
By default all these things stupid users want should not be turned on. That is a prime example of the mindset which is responsible for 90% of the architectural issues with windows.
These things shouldn't be difficult to turn on... if you know how. The users should have to learn at least enough about what they are doing that they couldn't blame anyone but themselves if something goes wrong after turning them on.
Users should have to go out of their way to run on a priveliged user, and the default should be unpriveliged.
I've worked for many fortune 500 companies if not microsoft. It's generally harder to get a job at a small business. At the small business you actually have to show you know something, you have to impress it and then show it to keep the job.
At a fortune 500 you have to go through a reem of warnings that reset before they run out and you can know lots of technospeak without knowing how to write a proper line of code and STILL keep the job.
This only affects people in california. It was the california state supreme court. Doesn't affect ISP's here in IL that actually matter.
Are you intentionally ignoring the fact that most of the world's population is NOT in the US themselves and therefore STILL out of the reach of the US? Or are you so far gone you automatically ignore the vast majority of the people on this planet?
ok here is the short:
;)
Linux = good
BSD = good
NT = bad
proprietary Unix = good but expensive
BeOS = bad
Plam = wtf is plam?
here is a comparison:
Linux VS NT = linux wins
bsd vs nt = bsd wins
anything vs NT = anything wins
bsd vs linux = linux wins
proprietary unix vs linux = linux wins but it's a tight race
bsd vs proprietary unix = bsd wins again a tight race won by price and development model
plam vs anything = again wtf is plam?
I'll take software released with UI flaws over software released with security and stability flaws anytime ;) Security and stability should be taken care of first, UI bugs come in second.
Although to be honest I haven't really had any UI problems with open source software. Not following one single scheme is a strength in my book. This is what has made the video game generation good at adapting to different applications and schemes... not two video games have UI's designed to be similar. Yet players still pick up a new game and don't even have to think about the UI 90% of the time.
I look at uniform UI scheme's as a way of getting people tied into your mindshare scheme. Once they get used to the box you present it's hard for them to adapt to something else. If however the users are not acustomed to a single scheme, but learn in a world where the UI differs from one application to the next, their minds learn to quickly adapt to new and different interfaces as a matter of course.
Surely this is what you mean? Most open source apps don't have buggy UI's, they just aren't uniform. The UI's are typically more intuitive and powerful. It's also my belief that the UI should be designed for the power users, not the bottom denominator... the bottom denominator is not a level users should be staying at... so software design should not stay there either. Using a linux system, an average user ends up a power user naturally within a couple years. In the windows world this is not true, the user has to go out of their way to learn anything about the system. As far as I'm concerned, it's the windows way that contitutes bad UI design when one looks at the big picture... not the linux way.
Yeah it's called faster development.
Just because open source can do in a couple months what takes a commercial entity a year doesn't mean those releases aren't higher quality.
Incremental releases aren't "new versions" however. They are primarily to fix bugs and round out loose ends. 1.0 is a release. 1.1 is NOT a release, it's an incremental release that is just an update for various reasons on 1.0.
That's all very well and good. But that "market determined reality" won't stop SCO from losing their lawsuit and being sued out the arse for the copyright infringement they are commiting. It won't stop sco from being bitch slapped into non-existance.
Those who are buying SCO legitimately thinking it's a good investment (as opposed to the day traders who literally "play" the market) will lose their ass because they had no idea what reality was.
The average user, the average user doesn't know how to hide and reopen the folder list. Their lucky if they know how to view mail in different folders.
Aye I find email a bit easier to deal with since I filter out spam on my mail server and I don't have to examine the source of any mail I read.
The OSS community has exactly ZERO motivation to "get the product to market". In case you don't know it nobody is paying them millions or even buying them a bear for producing a release. In most projects MASSIVE amounts of time are spent looking for bugs and security holes. Want to help? You can go look for security holes in ANY project under development... turn in patches for legit holes and guess what, they'll be accepted.
You do realize that the people who program for "Microsoft are normal everyday mistake making humans, right? You also realize that somebody spent a great deal of time trying to find that exploit, right?
MS could be held responsible, but what would that really accomplish? MS can run around trying to do everything it can to make itself 'exploit-free', and somebody'll find a way to be obnoxious anyway. Chain letters come to mind. Socially engineered obnoxiousness."
I suppose leaving literally tens of thousands of security holes which are exploited by viruses worms, etc over the years could be looked at as the side of "mistake making human beings" but these things aren't really even mistakes. If you are intentionally not looking for security holes because you consider it more important to get the product to market or because the market demands the bad design, then it's not missing anything at all when security holes get through, is it?
" Why does Microsoft security and Windows Update keep coming up in this? This is an e-mail worm. People keep running the damned attachment like morons. It's their fault. Hell, my ISP doesn't even let .scr or any other sorts of files get through without specific permission from the user. Outlook won't run executables unless I tell it to."
Your ISP is likely not even running windows or uses a seperate "box" which filters the mail. Alot of people running windows sit behind a linksys router with a built in firewall and laugh about these vulnerabilities. They don't realize they are sitting behind a layer of the simpliest and weakest form a linux security living in that router.
Outlook won't run executables unless you tell it to... yeah we already had worms that executed automatically in outlook. But wait that fixed that hole.. you sure there aren't any others? All you have to do is click the attachment and that is "telling it to". Me on the other hand, I have to save the file and then change the filesystem permission on the file to executable and THEN and only then AFTER I have explicitly gone out of my way to make the system recognize the file as being executable may I execute the file. Sure I can set my mask so that EVERY file has execute permission by default but why would I? Or I could do it another way, make up a system where I put 3 letter codes at the end of files and the ones with the rights codes are executable... but hey, couldn't anyone name the file that way? oops.
This boils down to a fundemental flaw in the way the system was designed back in the DOS days. Any change would completely annihilate the existing windows structure and all the code surrounding it. Course they could have... I dunno. Designed the system using ANY of the concepts implemented in ANY OTHER operating system in existance and we wouldn't see this kind of thing today.
If a user is too stupid to right click on the file and check the box by the execute permission. He's too stupid to be trusted to execute files.
"No matter what you do to lock them, people will find more and use them in a destructive manner."
I wonder if this is the logic microsoft uses when they don't bother looking for them at all?
We aren't talking about a couple human oversights here. We are talking about tens of thousands of viruses, worms, trojans, exploits, etc. This isn't "oops missed a couple" this is a case of them not bothering to look or not caring. The market wants something, they put it out whether it's good or not and they do their best to put it out before anyone else (something they usually fail at since 90% of their ideas are stolen and the rest are BAD ideas like mail scripting!) even if the only way to do that is skip the part where they look for security holes, or design schemes.
The idiots put ease of use before functionality, stability and security and THIS is the result.
I 100% agree. If a "feature"'s function is a security hole, that feature should never be implemented. No matter how useful, no matter how many people want it.
That is the difference between corporate design and that of open source projects. Open source has no motive to put things like mail scripting into an email app... they aren't subject to the demand of the market. A commercial entity only cares about it's bottom line.
Truely it is tragic, and no, if the coders do their best what more can you ask? But Microsoft has continued to produce the most insecure and bug ridden software. If there is a flaw in apache, they are on it in a heartbeat... everything possible is done to prevent security holes.
The number minor and serious holes in microsoft software which are actively exploited makes it pretty clear. Microsoft basically seems to release software first, and then look for security holes second. Apparently what they are looking for in beta testing is usability bugs that would prevent them from releasing. They are in a hurry to get software to market and leave the looking for holes part for later.
Apache and other open source software on the other hand tends to run the other way (although anybody can make a project and develop however they please). Look for bugs that cause security problems and system instability first... minor graphic update glitches and such come second.
In a perfect world both would be ironed out before ever being seen by the public... in the real world I think it's obvious that the open source way is better.
absolutely, all the good stuff from novell, including their vaulted directory services being migrated to the *nix world is great. But netware itself is definately on it's way out.
If that's the case, and it comes out in the falling of SCO. It could make ALOT of proprietary code magically enter the open source world... since it would make unixware and sysv core gpl'd, and all the derivatives made by each company thereafter. Further, it would make a difference because every customer who purchased copies they used this code in is entitled to the complete source. There is a good chance that SCO's "assets" in unix copyright will be repo'd to pay for their loses in court anyway, and in turn be gpl'd.
But something like this could put proprietary unix to death once and for all.
Because the merits of their leaked code are not mainstream news. If you follow slashdot and the stock market you'll notice you hear about advances on slashdot long before it goes through the market news channels (and inevitably the ones reporting attempt to discuss the effects and have NO clue wth they are talking about).
From what I've seen the business world has little interest in investing based on reality.
yes but THESE are default. If you don't understand how to make the file executable, you can't execute it.. not even as root. No distro defaults to giving newly created files executable permission!
Congratulations, your anal. In any case, if you buy a pirated cd, all the same legal issues apply as if you downloaded it off the web. It does not magically become ok because you bought it.
refer to other reply, paying for pirated software doesn't give you the right to run it.