AutoDesk used the DMCA to try to prevent a sale of their software. The DMCA is not in place to enforce breech of contract disputes - it is for copyright protection. Using the DMCA in this way constitutes fraud. They are trying to enforce part of their licensing terms that say you cannot transfer a software license. Certainly whether or not that provision is legal or enforceable if it is legal will come up at trial.
California has a law that if a company guilty of fraud and they are sued, they can be forced to transfer all profits from that fraudulent activity to the plaintiff. I believe last year that some of the teeth surrounding this law were removed partially because people were using the law to extort money from small business owners all around the state - but given the fact that AutoDesk has done the same thing to the same guy 7 times I would bet they are in a bit of trouble.
Woz is no Dvorak. He keeps a low profile. It's a bit sad that this kind of a statement ends up making news, because it really isn't much of a statement at all.
He's one of the guys who is largely responsible for making computers the mainstream tools that they are today, so he's worth listening to. Jimmy Carter still makes headlines when he says anything. So does Paris Hilton. Certainly a guy like Woz who has actually made a much more direct impact on each of our lives is deserving of attention from our community.
If he does a tech talk or does some sort of commentary on the future of our industry, I'll be listening. He certainly is deserving of respect. You might say he doesn't have the business sense that some of the other guys like Jobs or Bill have, but maybe he does. He had the brains to get out and live a normal life, whereas Bill and Steve have been slaves to their success. When it came down to the question of how much is success worth, Woz' answer was closer to what mine would be than most other industry giants.
MIT is a prestigious institution. Does anybody really decide between Universities based on a US News rating?
Scoring high may or may not help you get into the right school. The right school will make a difference for pretty much your first job. After that, if people are even mentioning your education other than in passing during an interview, you've already lost.
I know very few people who value educational qualifications over proven experience. Of course, the tech world is a bit different than the rest of the business world, but this is slashdot.
I think some of the other major lessons are as follows:
* Use mature, well-tested, effective software (eg. Solaris, Oracle, FreeBSD). Absolutely, and this should be a given but it isn't always.
* Avoid immature fad "technologies" like AJAX. There are plenty of people here who would defend AJAX and blame the developers for a poor implementation, but really the point to be made is that if you are going with something that is new to the environment your research needs to be thorough and you need a lot of usability testing.
* Traditional applications offer more flexibility than Web-based applications. Very true, but the benefit of a web application is easy deployment/easy updating and hopefully OS independence. Many companies are pushing for web based apps but they are ignoring the initial premises that led them down that road. If you are doing a web based app, there is no excuse for at the very least supporting Firefox. And you have to pay attention to screen readers / accessibility issues.
* Always give much consideration to back-end scalability. This is another common gotcha in corporate environments. I see more than my share of apps that are highly scalable, but the licensing costs associated with scaling are enormous. Just because an application supports a load balanced environment doesn't mean that you are going to get linear performance increases by throwing more hardware at it.
* Sometimes a text-based interface is far more efficient than a GUI. Sometimes? Always. Any application that requires a person to interact with it during their entire workday needs to be designed in such a way that you can use it without a mouse. It seems like such a simple task, but it is so frequently ignored. Sometimes a software solution isn't the best solution at all - everyone WANTS things in computers, but when the development project costs more than two years of temp monkeys pushing paper to get the job done, you should think long and hard about creating an internship program instead of throwing money at a software project.
* Get user feedback on software early and often. This one is often ignored because third party companies don't share their intermediary results and project managers cut out the end users because of historic cooperation problems coupled with agressive roll out timelines. End user communication should be in the hands of somebody dedicated to the task and project planning should account for user feedback delays. If you really have to move forward without the delays, the push should be for dedicated time from a group of end users instead of cutting them out of the loop all together.
* Maintain a reasonable level of heterogeneity, when it comes to software, hardware and vendors. I would argue that documentation is more important, and independence from vendors in order to perform maintenance and implement high level enhancements / bug fixes. As long as you have good in-house knowledge about how a system works and the decisions that went into laying out the requirements you should always be able to work with another vendor for a replacement system. It might be painful and expensive, but it is important to have the option.
If you don't have anythign to hide, what are you afraid of?
This argument seems to have lost a great deal of lustre. While it never held any water with me, it seems the whole country was under the spell of "support the president, or else!" from 2002-2006.
You can make constitutional arguments, political arguments, national security arguments, etc. but the whole issue comes down to this - how much privacy should the average citizen consider reasonable?
Somehow in the last few years the expectation of privacy has dwindled to almost nothing. The fact that the telcos are lobbying for retroactive protection is no surprise. They did some very questionable things under the guise of national security and now are facing consequences for doing so. They have the resources to lobby and everyone else is doing it.
Frankly, I hope they don't get any protection and that they do lose an absurd amount of money - maybe the next time our nation is facing down some arbitrary and imagined enemy corporate america will think twice before just blindly ignoring the responsibility they have to their customers.
T1 lines are much more reasonable than they used to be, although your particular geography may prove to make one an expensive option. Still, it's worth getting a quote - you never know until you ask.
Alternatively, setting up a directional antenna pointed towards a house that you have line-of-sight with that may have access to broadband is an option. If you don't have single directional line of sight, you could set up relay antennas as well. Do a little bit of research into pringle's can antennas and you'll find that there are a plethora of plans for long range home made antennas that are out there.
If you get cell signal, you may get decent access with a verizon high speed internet card or a sprint one. Make sure whatever you get, you can try out for a while first. You don't want a 2 year contract with something you can't use.
ISDN lines are an option as well, and may be available for you. Take a gander at a frame relay connection as well.
Thinking outside the box, you could talk to other members of your community about setting up a local area wireless network all sourced through a T1 located somewhere near the Telco facility or a well connected data center. Have the city put up a small bond to pay for the infrastructure and pay it back over time with collected access fees. You probably don't want to run an ISP, but I imagine somebody in the area might be.
Getting the local telco or cable provider to upgrade the area infrastructure is probably a losing proposition unless they have plans already in place, and you will have a difficult plan finding somebody that would fill you in on whether or not there are plans to get you guys high speed access.
There's also the option of a satellite dish on a flag pole or something similar that could get a clear view of the sky. Just because you can't get a clear view form your roof doesn't mean it can't be done.
Of course, this is all assuming that you absolutely need access at your house. Maybe you just need to be closer to home or freedom to do other things during the day - small businesses nearby with broadband connections may be sympathetic to your needs and might give you access to their network. Alternatively you could rent out some office space with a broadband connection.
There are a lot of options. It really is just a matter of how much time, money, and effort you are willing to expend to get rid of that 26K barrier.
I played around with Beryl a while back. Unfortunately, it was during a period when they were having problems with SVN and their website was hacked and taken down. Since then, I got the gist that they were working towards an un-fork with Compiz.
I really liked it, but there were a lot of problems - nothing insurmountable, but it did take a lot of work searching through forums and playing around with configurations to get everything the way I wanted it. There were stability issues, but I was using a lot of pre-release features and plugins.
So question... does Beryl = Compiz now? And if so, is it stable, or is it just expected to be once 7.10 is ready to go?
From a consumer standpoint, I really like this move.
It seems to be completely random which site a given story will point to and there are times when I click through to a news item and I'm immediately skeptical of the source site. If a news vendor isn't doing any sort of value-add, I don't see why I should get sent to bob's scraped wire site versus a trusted major news source.
This kind of thing highlights the fact that so many of these cases may be implemented with improper defense strategy.
The defendants are vaguely accused and therefore are stripped of the capability to offer a real defense. How many of these cases get dragged into technical arguments about the merits of the case instead of real defenses regarding whether or not the law was actually broken.
For instance - you say that there is "ongoing copyright infringement..." did you try to successfully download a copy of the song today? If it's not currently available, there is not ongoing infringement.
Let's take a look at the royalty checks given to the artists in the 2 years prior to the alleged infringement, the year during, and the year after. Do they indicate the possibility of infringement?
Did the plaintiff actually make any effort to do anything to stop this infringement?
Is there any proof that anybody illegally downloaded the songs from the defendant's computers?
How many downloads of the songs were made? How many people had them available? Is there a possibility that the song was made available for download, but never actually downloaded?
Did the defendant promote his shared songs to the public at large?
If there is a defined date for the alleged infringement or a date range, you can offer proof that it was not possible for the infringement to have occurred during that time frame (i.e. on vacation with computer during that time frame, power outage during the time frame in the local area, computer never on long enough during the time frame for a download to occur. Computer in the repair shop during that time frame, etc.)
We all know the suits are based on flimsy technical merits. OK... so moving forward past the technical aspects - is there reasonable suspicion that infringement did occur within a defined time frame?
The time frame is key to actually being able to defend yourself. Having a defined time frame to work with could save the courts, the plaintiffs, and the defendants plenty of time and energy because the technical merits may not need to be argued if a defense other than "this is a bunch of horsecrap and here is why" is available.
The big problem is that most webmasters design their sites in such a way that they are dependent on a third party product being available prior to their pages being rendered.
Google isn't always up. Plenty of times, I see issues because my comcast connection can't see the google servers even though everyone else can get to them just fine.
It's entirely feasible to write your page in such a way that it can display data before any other files are loaded. Serve up ads in an iframe, include tracking images in an iframe or as the last element of a page, etc.
But ads aren't the only thing causing page load problems. Third party widgets, crazy fat CSS and JS files, and pages with way too many images are still a problem.
Agreed. There's nothing especially difficult about using Postgres or even administering it. Performance is great and there are connections with PHP, Perl, etc. that are drop in replacements.
The only thing is that there are a few web apps that have MySQL support, but not Postgres - I believe vBulletin is one, but I don't know for sure. An engine is an engine. Installation is easy - in fact, compiling Postgres from source is much easier than MySQL.
Frankly, I don't know why I haven't made the switch for all my webapps. I don't use it much, but when I have, I have run into exactly zero problems. n00b problems are a myth.
Exchange isn't so problematic because it is written poorly. The problem is that it is so frequently administered poorly.
It's also problematic because exchange experts are few and far between. But then again how many sendmail or qmail experts are there?
I wonder though - are they using exchange just for e-mail? Or are they using it for scheduling, shared folders, etc.? I can't see implementing shared schedules university wide and only receiving 8 help desk calls. You'd think more than 8 people would be calling about how to use their software.
Aside from that - is it really a good idea to require an Outlook client for students? That pushes the student body away from Linux boxes as there is no exchange client for linux that I'm aware of.
I have found that when selecting point sizes directly that there are definite differences in rendering quality between OS's and browsers - what looks fine on one machine can look exceptionally poor on another. I've been meaning to put together a page that showed the differences, but I haven't gotten around to getting a browsercam account.
Not exactly on topic, but maybe someone will find it useful.
I honestly don't know about DSS or SOX, but I have had plenty of fun with HIPAA.
Unalterable logs as a matter of compliance does not mean "absolutely unalterable under any circumstances". There should be no way for an end user to modify audit trails. There should be no preconceived way for an administrator to alter audit trails - i.e. no utilities for doing so. That does not mean that an admin can't go directly into the DB and alter the data from behind the application layer.
Under every circumstance when I have run into audit logs involving HIPAA compliance, they have been written by an application directly into a SQL database (oracle, ms sql, informix, and one time db2). It used to be that they were written in a fairly easy to decipher format within a single text column on a per record basis - which made for a fairly-difficult-to-alter audit trail because within that easy to decipher format were non-printable characters that you would at least have to know to look for them. With current implimentations, however, the records are stored in a separate table with a many-to-one relationship with the audit-required records, in varchar fields, as plain text - much easier to alter or get rid of single entries. There is still a level of obfuscation as far as table names and column names but thats really a side effect of other things that are going on.
These systems have been reviewed by auditors and certified as compliant. In the older system, there was no application interface to delete audit records. In the newer system, there is an application interface to delete records in any given application table - and therefore there is one for the audit tables as well. Admin level access is required to delete or alter the records, though.
Personally, I would expect more as far as HIPAA compliance goes - from both a customer standpoint and an auditor standpoint. My experience (and it is pretty extensive across several high profile enterprises) - is that the customer will demand a better system only when the auditors demand a better system. I haven't run into an auditor yet who has even given more than a casual glance at the 'back door' scenario. I suppose it's because there is no true way to keep things absolutely secure and application level audit log security is only one layer of the onion.
Before you get too far into an overly complex and potentially expensive solution, talk with your auditors about the requirements for your specific scenarios. They've seen it before and can tell you exactly what they are looking for from an audit compliance standpoint. They are usually pretty easy to work with and open with their knowledge.
CSS Sprites - agreed. These aren't that useful, but in terms of a simple page and a long/slow connection they can improve performance a bit. I see them in the wild very rarely. "A list apart" has an implementation article somewhere thats worth a gander if you can find it.
Inline Images - agreed. Dead on. Quite stupid.
Combined Files - I've flip-flopped a great deal about this one myself. While a single file can greatly reduce data transfer overhead by eliminating headers and ensuring packets are their fullest, it makes for difficult file and version management. It also means that a simple change to what used to be a single small file requires that your entire script be re-downloaded and cached, making for a slower site experience. Also, your end users end up having a lot of fairly large cached files no longer in use if you are actively developing and that's just not nice. At the very least, this should be discussed rather than advised on way or another.
Expires Header / ETags - contrarily, I think these are by far the most effective site performance things that you can do. They do require forward planning in order to use them effectively, but migrating small static files to a properly tuned http server that pushes out these headers properly really makes a difference. Spreading them over multiple static servers is slightly more effective, but that depends on how heavy the pages are to begin with.
CSS at the Top - Firefox and IE have different rendering experiences, but looking at IE - the page displays as soon as it has "layout" - which is essentially all the information it needs to show it. You can place enough css information inline to yield the fastest rendering speed and use a few tricks to hide the requirement of external CSS files. The best thing to do (IMO) is to play around a little bit using a proxy server that you can pause at each file (like burpsuite) and watch how many file downloads happen prior to page display and examine what the page looks like in each browser after each file is downloaded.
I don't see mentioned a recommendation against third party services. Adsense, Analytics, etc. may seem fast most of the time to you, but realize that those connections aren't always as smooth for your end users. My roadrunner connection has had very slow connectivity to the google servers in particular a good 12 times this year - which means that most sites with adsense won't display anything until the connection times out. If they are declared towards the end of the page, at least the stuff declared prior to these things can display. Again, something like burpsuite is very helpful in determining perceived performance.
It's disturbing how much the court gets involved in pressuring the accused party to settle a dispute outside of normal procedures.
Take traffic court for example: 1) if you show up, you are presented with a judge who is not a judge. You have the option to talk to a real judge at your own peril. 2) you are presented an offer of settlement by the not-judge. Don't accept it and traffic school is off the table. No judge and no prosecutor present. 3) if you reject the offer, you have to come back another day. When you come back, you are presented with another not-judge. Ask to talk to a real judge at your own peril. 4) settlement offer by not-judge 2, reject and you'll have to come back a third time. 5) if you reject, on your third trip you are presented with yet another not-judge. This judge offers you another settlement - before you find out if the officer has even showed up to court. Reject it, and you'll have to face (oh no!) a real judge. You are warned that the real judges punishment will be more harsh. 6) if you reject, you are sent to another court room. If the officer showed up on time, you will get your case presented first. Your odds of winning with documented facts contrary to those the officer stated, even when the officer agrees with you, and even when your facts are backed by basic math and simple logic, are not good. 7) if the officer did not show up on time, you get rescheduled and have to come back yet again. Getting rescheduled once does not mean that it can't happen again. If you finally are having your day in court and the officer didn't show up on time, you can very well expect to be in court all day - just in case he's running late.
My point is that court representatives have absolutely no business pushing for a resolution outside of a decision by the court. We have the justice system set up for a reason. It baffles me why the judicial system works so hard to undermine itself.
I hear you. They actually tried triple billing me at one point. I could go on for hours about them - including pretty much a breakdown at a store because it was plain to the employees in the store, the manager on premises, and the rep on the phone that they had fraudulently billed me AND fraudulently extended my contract and not a single one of them would do a thing about it. If I only knew calling them 25 times a month would get rid of them, I would have been calling them non-stop.
I see your point. I'm not entirely excited about this particular clause myself, but strangely I didn't comment on the draft. I meant to.
I see the reason the GPL moves in this direction, but I don't agree with it myself. I think it can be dangerous.
I will say, however, that the GPL has done a great job of fostering free software development and the FSF is doing a good job of migrating the license towards the future. I believe that future versions of the GPL will change on this issue if a need arises that pushes it out to the forefront. We'll just have to wait and see.
Re:tivoisation
on
GPLv3 Released
·
· Score: 5, Interesting
It's pretty simple. If I buy a product, let's say it's a PDA and the PDA interface uses software I developed. I find a major security hole in my software, so I want to patch it.
Tivoisation prevents me from patching it. It prevents me from adding features. It prevents me from fixing bugs.
It's my software. I want to update it, and the only thing preventing that is licensing. That and a hardware based security system enforcing the licensing. When I wrote the software originally, I did not intend for products to be developed using my software that I could not update. In fact, I licensed my software in order to prevent that kind of a thing. Unfortunately, the PDA manufacturer found a loophole that stuck to the letter of my license, but not the spirit of it.
This is pretty much what Tivo did. The anti-Tivoisation language in the new GPL effectively closes that loophole.
Now, if Tivo wants to do the same thing in the future, they can either utilize software who's authors don't mind (and it's widely available for what Tivo wants to do), or they can contact the original author team for alternative licensing. In the case of large scale community projects where no such licensing option exists, they can either stick to the license or they can develop their own similar project in-house.
All the FSF is doing is ensuring that software licensees abide by the spirit of what the original authors intended. They recognized that business enterprises were taking advantage by using loopholes and they've attacked that problem - pretty effectively.
--- I can't think of a single instance where Tivo actually contributed code back to the community as you state.
Regardless, they are not without free options. All they need to do is shift to BSD licensed products - which they should have done in the first place given their long term strategy.
That's based on our Porting Kit, which is a C++ source code implementation of Windows Media that can be licensed by anyone wishing to build a player.
And therein lies the problem.
Proprietary, Patented, Licensed - these are all keywords that flag projects that should be avoided. They inherently imply an enhancement cycle dependent on the success of marketing efforts, and one that favors bells and whistles over stability and security.
IANAP(hysicist), but it is my lamens understanding that the No Communication Theorem is such that the act of observation lies in direct contradiction with the potential for communication.
If you have a set of atoms on earth, and an equivalent set of atoms on say Mars (light minutes away), synced with teleportation - any message sent from earth would be received on Mars faster than the speed of light, but when observed the message would inherently be garbled to the point where it could not be understood due to the fact that the observation of said atoms would disturb their state.
Somebody please correct me if I have misinterpreted.
This is certainly a great feat - displaying the capabilities of teleportation, but it is not the only mountain to climb. I do not read that they have resolved the issue of observational mish-mashing, but one could deduct that they did at least to a degree in order to prove that the teleportation happened - although they probably used a known quantum teleportation scheme which would involve additionally a classical information transportation method and thus limiting teleportation communication by the limits of that already existing information transportation methodology. (still pretty neat, but not necessarily groundbreaking as experimentation on this level has been happening since roughly 1998)
It's not that difficult to come up with a potential list of ways to resolve this problem, finding a solution that actually is provable certainly would be difficult. If in fact they have surmised a way to communicate via teleportation rather than just prove that teleportation is possible an entire world of possibilities just opened up that will take us centuries to truly realize.
Probably 6 months ago, there was a Pot truck that got busted. I can't seem to find a link. It had this crazy rotating setup so that it maximized the space inside the truck with each plant getting equal amounts of light and a once a rotation dip into a hydroponic solution. Do that with strawberries and all of a sudden you don't need 3 acres of land for a decent sized crop, you get strawberries year round, you don't have to bend over to pick them, and you can easily come back to undergrown strawberries in small quantities later.
Robots is a great idea, but the cost of the machinery coupled with the cost of operating the machinery makes it a difficult sell over cheap immigrant labor. An idea like the one I just stated pushes "strawberry picking" into a reasonable job, one that can be filled year round, and one that can be strategically placed in areas where a work force is plentiful.
Sometimes you don't need a rocket scientist or a robot designer to revolutionize the industry - you just need a guy to walk up and say "why aren't you doing it this way?"
Videotaping of officers in the line of duty is an issue for every law enforcement union in the country.
It would be for any union realistically. How would you feel about being videotaped while you were working?
The difference is that police are in a position to suppress, harrass, and intimidate those who would potentially be taping their activities.
While I agree that the officer most likely did not consider wiretapping as the original charge, I would postulate that he had absolutely no reason to arrest this child. His intention was to intimidate one kid, hopefully get him charged and convicted of something, and get the word out to the local high schools that cops don't react well to cell phone videos of their activities. One can hardly surmise an excuse for arresting this child outside the scope of intimidation.
If I had a video tape of every traffic stop I received, I would have a collection of questionable police activity.
I remember one such instance very clearly. The police came up behind me with no red/blue lights at about 2:00 AM in the middle of an empty stretch of highway. They came up so fast, I was sure they were going to rear end me. I accelerated and changed lanes. They did it again. I changed lanes back trying to get away from this harassing driver. They did it a third time. At this point, a rest stop exit had popped up, so I hit the brakes to slow for the exit. Red and Blues flash. They slam open my door and yank me out of the car like I'm Rodney King, proceed to search my car - trunk and all without asking, and against my verbal demand not to do so. They gave me several sobriety tests that most sober people would have issues with. I passed, but had the sense to mention in front of the car camera - "First, you're freaking me out by how aggressive you are. Second, it's freezing out here. If I have any problems, those are contributing factors." They were totally freaking me out. I surprised myself with the presence of mind to say something like that. Then they moved me to the passenger side of the cop car and asked me how much money I had on me. I said "I don't know, let me count." Without thinking, I walked in front of the police car (where the camera would be mounted) and counted my cash. Halfway through the cop grabbed my arm, pulled me back to the side of the car and said "forget it, put your money back in your wallet". They cited me for 140 mph. My car shaked severely at 125 because of a poorly installed sunroof, but regardless I was doing 75 when they nearly rammed me. 140 would normally get you thrown in jail, a wreckless driving charge, and a towed car. They cited me and let me go.
These kinds of things happen all the time all over the country. I had another cop pull me out of the middle of a big traffic cluster with 25+ cars all going the same speed. He laughed. "I just really wanted to get me a Porsche. I've been weaving through cars for 20 miles to get to you." I have had my car searched at least a dozen times in my life with zero cause and without permission. I've been detained and released without charges - and I was a stinking passenger on that one. I've had six guns drawn at me once with barking police dogs on the background (no citation, no charge).
I had a cop order me to my knees at gunpoint in my garage. My neighbor popped his head over the fence and said "What's going on?" The cop jumped 180 degrees and nearly shot my neighbor who he ordered back into his house. Then he jumped 180 degrees and nearly shot me all while I was pleading "please don't shoot me." A family member drove up. They left. No charges. Thought I was a burglar. They laughed on their way out and the partner slapped him on the butt and said "oh well, next time." No apology.
I'm not black. These things didn't happen in the ghetto. I'm no gang member. I don't look like one. I don't hang out with the wrong people. I'm just a regular guy - computer nerd. I'm not cocky or rude to police (they'd probably beat me if I was). Fo
Slashdot Mirror
AutoDesk used the DMCA to try to prevent a sale of their software. The DMCA is not in place to enforce breech of contract disputes - it is for copyright protection. Using the DMCA in this way constitutes fraud. They are trying to enforce part of their licensing terms that say you cannot transfer a software license. Certainly whether or not that provision is legal or enforceable if it is legal will come up at trial.
California has a law that if a company guilty of fraud and they are sued, they can be forced to transfer all profits from that fraudulent activity to the plaintiff. I believe last year that some of the teeth surrounding this law were removed partially because people were using the law to extort money from small business owners all around the state - but given the fact that AutoDesk has done the same thing to the same guy 7 times I would bet they are in a bit of trouble.
Woz is no Dvorak. He keeps a low profile. It's a bit sad that this kind of a statement ends up making news, because it really isn't much of a statement at all.
He's one of the guys who is largely responsible for making computers the mainstream tools that they are today, so he's worth listening to. Jimmy Carter still makes headlines when he says anything. So does Paris Hilton. Certainly a guy like Woz who has actually made a much more direct impact on each of our lives is deserving of attention from our community.
If he does a tech talk or does some sort of commentary on the future of our industry, I'll be listening. He certainly is deserving of respect. You might say he doesn't have the business sense that some of the other guys like Jobs or Bill have, but maybe he does. He had the brains to get out and live a normal life, whereas Bill and Steve have been slaves to their success. When it came down to the question of how much is success worth, Woz' answer was closer to what mine would be than most other industry giants.
MIT is a prestigious institution. Does anybody really decide between Universities based on a US News rating?
Scoring high may or may not help you get into the right school. The right school will make a difference for pretty much your first job. After that, if people are even mentioning your education other than in passing during an interview, you've already lost.
I know very few people who value educational qualifications over proven experience. Of course, the tech world is a bit different than the rest of the business world, but this is slashdot.
I think some of the other major lessons are as follows:
* Use mature, well-tested, effective software (eg. Solaris, Oracle, FreeBSD).
Absolutely, and this should be a given but it isn't always.
* Avoid immature fad "technologies" like AJAX.
There are plenty of people here who would defend AJAX and blame the developers for a poor implementation, but really the point to be made is that if you are going with something that is new to the environment your research needs to be thorough and you need a lot of usability testing.
* Traditional applications offer more flexibility than Web-based applications.
Very true, but the benefit of a web application is easy deployment/easy updating and hopefully OS independence. Many companies are pushing for web based apps but they are ignoring the initial premises that led them down that road. If you are doing a web based app, there is no excuse for at the very least supporting Firefox. And you have to pay attention to screen readers / accessibility issues.
* Always give much consideration to back-end scalability.
This is another common gotcha in corporate environments. I see more than my share of apps that are highly scalable, but the licensing costs associated with scaling are enormous. Just because an application supports a load balanced environment doesn't mean that you are going to get linear performance increases by throwing more hardware at it.
* Sometimes a text-based interface is far more efficient than a GUI.
Sometimes? Always. Any application that requires a person to interact with it during their entire workday needs to be designed in such a way that you can use it without a mouse. It seems like such a simple task, but it is so frequently ignored. Sometimes a software solution isn't the best solution at all - everyone WANTS things in computers, but when the development project costs more than two years of temp monkeys pushing paper to get the job done, you should think long and hard about creating an internship program instead of throwing money at a software project.
* Get user feedback on software early and often.
This one is often ignored because third party companies don't share their intermediary results and project managers cut out the end users because of historic cooperation problems coupled with agressive roll out timelines. End user communication should be in the hands of somebody dedicated to the task and project planning should account for user feedback delays. If you really have to move forward without the delays, the push should be for dedicated time from a group of end users instead of cutting them out of the loop all together.
* Maintain a reasonable level of heterogeneity, when it comes to software, hardware and vendors.
I would argue that documentation is more important, and independence from vendors in order to perform maintenance and implement high level enhancements / bug fixes. As long as you have good in-house knowledge about how a system works and the decisions that went into laying out the requirements you should always be able to work with another vendor for a replacement system. It might be painful and expensive, but it is important to have the option.
If you don't have anythign to hide, what are you afraid of?
This argument seems to have lost a great deal of lustre. While it never held any water with me, it seems the whole country was under the spell of "support the president, or else!" from 2002-2006.
You can make constitutional arguments, political arguments, national security arguments, etc. but the whole issue comes down to this - how much privacy should the average citizen consider reasonable?
Somehow in the last few years the expectation of privacy has dwindled to almost nothing. The fact that the telcos are lobbying for retroactive protection is no surprise. They did some very questionable things under the guise of national security and now are facing consequences for doing so. They have the resources to lobby and everyone else is doing it.
Frankly, I hope they don't get any protection and that they do lose an absurd amount of money - maybe the next time our nation is facing down some arbitrary and imagined enemy corporate america will think twice before just blindly ignoring the responsibility they have to their customers.
T1 lines are much more reasonable than they used to be, although your particular geography may prove to make one an expensive option. Still, it's worth getting a quote - you never know until you ask.
Alternatively, setting up a directional antenna pointed towards a house that you have line-of-sight with that may have access to broadband is an option. If you don't have single directional line of sight, you could set up relay antennas as well. Do a little bit of research into pringle's can antennas and you'll find that there are a plethora of plans for long range home made antennas that are out there.
If you get cell signal, you may get decent access with a verizon high speed internet card or a sprint one. Make sure whatever you get, you can try out for a while first. You don't want a 2 year contract with something you can't use.
ISDN lines are an option as well, and may be available for you. Take a gander at a frame relay connection as well.
Thinking outside the box, you could talk to other members of your community about setting up a local area wireless network all sourced through a T1 located somewhere near the Telco facility or a well connected data center. Have the city put up a small bond to pay for the infrastructure and pay it back over time with collected access fees. You probably don't want to run an ISP, but I imagine somebody in the area might be.
Getting the local telco or cable provider to upgrade the area infrastructure is probably a losing proposition unless they have plans already in place, and you will have a difficult plan finding somebody that would fill you in on whether or not there are plans to get you guys high speed access.
There's also the option of a satellite dish on a flag pole or something similar that could get a clear view of the sky. Just because you can't get a clear view form your roof doesn't mean it can't be done.
Of course, this is all assuming that you absolutely need access at your house. Maybe you just need to be closer to home or freedom to do other things during the day - small businesses nearby with broadband connections may be sympathetic to your needs and might give you access to their network. Alternatively you could rent out some office space with a broadband connection.
There are a lot of options. It really is just a matter of how much time, money, and effort you are willing to expend to get rid of that 26K barrier.
I played around with Beryl a while back. Unfortunately, it was during a period when they were having problems with SVN and their website was hacked and taken down. Since then, I got the gist that they were working towards an un-fork with Compiz.
I really liked it, but there were a lot of problems - nothing insurmountable, but it did take a lot of work searching through forums and playing around with configurations to get everything the way I wanted it. There were stability issues, but I was using a lot of pre-release features and plugins.
So question... does Beryl = Compiz now? And if so, is it stable, or is it just expected to be once 7.10 is ready to go?
From a consumer standpoint, I really like this move.
It seems to be completely random which site a given story will point to and there are times when I click through to a news item and I'm immediately skeptical of the source site. If a news vendor isn't doing any sort of value-add, I don't see why I should get sent to bob's scraped wire site versus a trusted major news source.
This kind of thing highlights the fact that so many of these cases may be implemented with improper defense strategy.
The defendants are vaguely accused and therefore are stripped of the capability to offer a real defense. How many of these cases get dragged into technical arguments about the merits of the case instead of real defenses regarding whether or not the law was actually broken.
For instance - you say that there is "ongoing copyright infringement..." did you try to successfully download a copy of the song today? If it's not currently available, there is not ongoing infringement.
Let's take a look at the royalty checks given to the artists in the 2 years prior to the alleged infringement, the year during, and the year after. Do they indicate the possibility of infringement?
Did the plaintiff actually make any effort to do anything to stop this infringement?
Is there any proof that anybody illegally downloaded the songs from the defendant's computers?
How many downloads of the songs were made? How many people had them available? Is there a possibility that the song was made available for download, but never actually downloaded?
Did the defendant promote his shared songs to the public at large?
If there is a defined date for the alleged infringement or a date range, you can offer proof that it was not possible for the infringement to have occurred during that time frame (i.e. on vacation with computer during that time frame, power outage during the time frame in the local area, computer never on long enough during the time frame for a download to occur. Computer in the repair shop during that time frame, etc.)
We all know the suits are based on flimsy technical merits. OK... so moving forward past the technical aspects - is there reasonable suspicion that infringement did occur within a defined time frame?
The time frame is key to actually being able to defend yourself. Having a defined time frame to work with could save the courts, the plaintiffs, and the defendants plenty of time and energy because the technical merits may not need to be argued if a defense other than "this is a bunch of horsecrap and here is why" is available.
The big problem is that most webmasters design their sites in such a way that they are dependent on a third party product being available prior to their pages being rendered.
Google isn't always up. Plenty of times, I see issues because my comcast connection can't see the google servers even though everyone else can get to them just fine.
It's entirely feasible to write your page in such a way that it can display data before any other files are loaded. Serve up ads in an iframe, include tracking images in an iframe or as the last element of a page, etc.
But ads aren't the only thing causing page load problems. Third party widgets, crazy fat CSS and JS files, and pages with way too many images are still a problem.
Agreed. There's nothing especially difficult about using Postgres or even administering it. Performance is great and there are connections with PHP, Perl, etc. that are drop in replacements.
The only thing is that there are a few web apps that have MySQL support, but not Postgres - I believe vBulletin is one, but I don't know for sure. An engine is an engine. Installation is easy - in fact, compiling Postgres from source is much easier than MySQL.
Frankly, I don't know why I haven't made the switch for all my webapps. I don't use it much, but when I have, I have run into exactly zero problems. n00b problems are a myth.
Exchange isn't so problematic because it is written poorly. The problem is that it is so frequently administered poorly.
It's also problematic because exchange experts are few and far between. But then again how many sendmail or qmail experts are there?
I wonder though - are they using exchange just for e-mail? Or are they using it for scheduling, shared folders, etc.? I can't see implementing shared schedules university wide and only receiving 8 help desk calls. You'd think more than 8 people would be calling about how to use their software.
Aside from that - is it really a good idea to require an Outlook client for students? That pushes the student body away from Linux boxes as there is no exchange client for linux that I'm aware of.
I put together a sample page of fonts for my own design activities.
Web Design Font Families
same thing, but a little bit of javascript to keep things on a single page
I have found that when selecting point sizes directly that there are definite differences in rendering quality between OS's and browsers - what looks fine on one machine can look exceptionally poor on another. I've been meaning to put together a page that showed the differences, but I haven't gotten around to getting a browsercam account.
Not exactly on topic, but maybe someone will find it useful.
Nobody really makes that choice. The world makes it for them.
I honestly don't know about DSS or SOX, but I have had plenty of fun with HIPAA.
Unalterable logs as a matter of compliance does not mean "absolutely unalterable under any circumstances". There should be no way for an end user to modify audit trails. There should be no preconceived way for an administrator to alter audit trails - i.e. no utilities for doing so. That does not mean that an admin can't go directly into the DB and alter the data from behind the application layer.
Under every circumstance when I have run into audit logs involving HIPAA compliance, they have been written by an application directly into a SQL database (oracle, ms sql, informix, and one time db2). It used to be that they were written in a fairly easy to decipher format within a single text column on a per record basis - which made for a fairly-difficult-to-alter audit trail because within that easy to decipher format were non-printable characters that you would at least have to know to look for them. With current implimentations, however, the records are stored in a separate table with a many-to-one relationship with the audit-required records, in varchar fields, as plain text - much easier to alter or get rid of single entries. There is still a level of obfuscation as far as table names and column names but thats really a side effect of other things that are going on.
These systems have been reviewed by auditors and certified as compliant. In the older system, there was no application interface to delete audit records. In the newer system, there is an application interface to delete records in any given application table - and therefore there is one for the audit tables as well. Admin level access is required to delete or alter the records, though.
Personally, I would expect more as far as HIPAA compliance goes - from both a customer standpoint and an auditor standpoint. My experience (and it is pretty extensive across several high profile enterprises) - is that the customer will demand a better system only when the auditors demand a better system. I haven't run into an auditor yet who has even given more than a casual glance at the 'back door' scenario. I suppose it's because there is no true way to keep things absolutely secure and application level audit log security is only one layer of the onion.
Before you get too far into an overly complex and potentially expensive solution, talk with your auditors about the requirements for your specific scenarios. They've seen it before and can tell you exactly what they are looking for from an audit compliance standpoint. They are usually pretty easy to work with and open with their knowledge.
CSS Sprites - agreed. These aren't that useful, but in terms of a simple page and a long/slow connection they can improve performance a bit. I see them in the wild very rarely. "A list apart" has an implementation article somewhere thats worth a gander if you can find it.
Inline Images - agreed. Dead on. Quite stupid.
Combined Files - I've flip-flopped a great deal about this one myself. While a single file can greatly reduce data transfer overhead by eliminating headers and ensuring packets are their fullest, it makes for difficult file and version management. It also means that a simple change to what used to be a single small file requires that your entire script be re-downloaded and cached, making for a slower site experience. Also, your end users end up having a lot of fairly large cached files no longer in use if you are actively developing and that's just not nice. At the very least, this should be discussed rather than advised on way or another.
Expires Header / ETags - contrarily, I think these are by far the most effective site performance things that you can do. They do require forward planning in order to use them effectively, but migrating small static files to a properly tuned http server that pushes out these headers properly really makes a difference. Spreading them over multiple static servers is slightly more effective, but that depends on how heavy the pages are to begin with.
CSS at the Top - Firefox and IE have different rendering experiences, but looking at IE - the page displays as soon as it has "layout" - which is essentially all the information it needs to show it. You can place enough css information inline to yield the fastest rendering speed and use a few tricks to hide the requirement of external CSS files. The best thing to do (IMO) is to play around a little bit using a proxy server that you can pause at each file (like burpsuite) and watch how many file downloads happen prior to page display and examine what the page looks like in each browser after each file is downloaded.
I don't see mentioned a recommendation against third party services. Adsense, Analytics, etc. may seem fast most of the time to you, but realize that those connections aren't always as smooth for your end users. My roadrunner connection has had very slow connectivity to the google servers in particular a good 12 times this year - which means that most sites with adsense won't display anything until the connection times out. If they are declared towards the end of the page, at least the stuff declared prior to these things can display. Again, something like burpsuite is very helpful in determining perceived performance.
It's disturbing how much the court gets involved in pressuring the accused party to settle a dispute outside of normal procedures.
Take traffic court for example:
1) if you show up, you are presented with a judge who is not a judge. You have the option to talk to a real judge at your own peril.
2) you are presented an offer of settlement by the not-judge. Don't accept it and traffic school is off the table. No judge and no prosecutor present.
3) if you reject the offer, you have to come back another day. When you come back, you are presented with another not-judge. Ask to talk to a real judge at your own peril.
4) settlement offer by not-judge 2, reject and you'll have to come back a third time.
5) if you reject, on your third trip you are presented with yet another not-judge. This judge offers you another settlement - before you find out if the officer has even showed up to court. Reject it, and you'll have to face (oh no!) a real judge. You are warned that the real judges punishment will be more harsh.
6) if you reject, you are sent to another court room. If the officer showed up on time, you will get your case presented first. Your odds of winning with documented facts contrary to those the officer stated, even when the officer agrees with you, and even when your facts are backed by basic math and simple logic, are not good.
7) if the officer did not show up on time, you get rescheduled and have to come back yet again. Getting rescheduled once does not mean that it can't happen again. If you finally are having your day in court and the officer didn't show up on time, you can very well expect to be in court all day - just in case he's running late.
My point is that court representatives have absolutely no business pushing for a resolution outside of a decision by the court. We have the justice system set up for a reason. It baffles me why the judicial system works so hard to undermine itself.
I think that's the point. It improves Vista's sales numbers while showing that the Linux product has very weak sales.
Why would anyone not buy the Vista version if a quick download and a 30 minute install nets you bargain basement upgrades?
I hear you. They actually tried triple billing me at one point. I could go on for hours about them - including pretty much a breakdown at a store because it was plain to the employees in the store, the manager on premises, and the rep on the phone that they had fraudulently billed me AND fraudulently extended my contract and not a single one of them would do a thing about it. If I only knew calling them 25 times a month would get rid of them, I would have been calling them non-stop.
/dials 611
Come to think of it...
I see your point. I'm not entirely excited about this particular clause myself, but strangely I didn't comment on the draft. I meant to.
I see the reason the GPL moves in this direction, but I don't agree with it myself. I think it can be dangerous.
I will say, however, that the GPL has done a great job of fostering free software development and the FSF is doing a good job of migrating the license towards the future. I believe that future versions of the GPL will change on this issue if a need arises that pushes it out to the forefront. We'll just have to wait and see.
It's pretty simple. If I buy a product, let's say it's a PDA and the PDA interface uses software I developed. I find a major security hole in my software, so I want to patch it.
Tivoisation prevents me from patching it. It prevents me from adding features. It prevents me from fixing bugs.
It's my software. I want to update it, and the only thing preventing that is licensing. That and a hardware based security system enforcing the licensing. When I wrote the software originally, I did not intend for products to be developed using my software that I could not update. In fact, I licensed my software in order to prevent that kind of a thing. Unfortunately, the PDA manufacturer found a loophole that stuck to the letter of my license, but not the spirit of it.
This is pretty much what Tivo did. The anti-Tivoisation language in the new GPL effectively closes that loophole.
Now, if Tivo wants to do the same thing in the future, they can either utilize software who's authors don't mind (and it's widely available for what Tivo wants to do), or they can contact the original author team for alternative licensing. In the case of large scale community projects where no such licensing option exists, they can either stick to the license or they can develop their own similar project in-house.
All the FSF is doing is ensuring that software licensees abide by the spirit of what the original authors intended. They recognized that business enterprises were taking advantage by using loopholes and they've attacked that problem - pretty effectively.
---
I can't think of a single instance where Tivo actually contributed code back to the community as you state.
Regardless, they are not without free options. All they need to do is shift to BSD licensed products - which they should have done in the first place given their long term strategy.
And therein lies the problem.
Proprietary, Patented, Licensed - these are all keywords that flag projects that should be avoided. They inherently imply an enhancement cycle dependent on the success of marketing efforts, and one that favors bells and whistles over stability and security.
IANAP(hysicist), but it is my lamens understanding that the No Communication Theorem is such that the act of observation lies in direct contradiction with the potential for communication.
If you have a set of atoms on earth, and an equivalent set of atoms on say Mars (light minutes away), synced with teleportation - any message sent from earth would be received on Mars faster than the speed of light, but when observed the message would inherently be garbled to the point where it could not be understood due to the fact that the observation of said atoms would disturb their state.
Somebody please correct me if I have misinterpreted.
This is certainly a great feat - displaying the capabilities of teleportation, but it is not the only mountain to climb. I do not read that they have resolved the issue of observational mish-mashing, but one could deduct that they did at least to a degree in order to prove that the teleportation happened - although they probably used a known quantum teleportation scheme which would involve additionally a classical information transportation method and thus limiting teleportation communication by the limits of that already existing information transportation methodology. (still pretty neat, but not necessarily groundbreaking as experimentation on this level has been happening since roughly 1998)
It's not that difficult to come up with a potential list of ways to resolve this problem, finding a solution that actually is provable certainly would be difficult. If in fact they have surmised a way to communicate via teleportation rather than just prove that teleportation is possible an entire world of possibilities just opened up that will take us centuries to truly realize.
Probably 6 months ago, there was a Pot truck that got busted. I can't seem to find a link. It had this crazy rotating setup so that it maximized the space inside the truck with each plant getting equal amounts of light and a once a rotation dip into a hydroponic solution. Do that with strawberries and all of a sudden you don't need 3 acres of land for a decent sized crop, you get strawberries year round, you don't have to bend over to pick them, and you can easily come back to undergrown strawberries in small quantities later.
Robots is a great idea, but the cost of the machinery coupled with the cost of operating the machinery makes it a difficult sell over cheap immigrant labor. An idea like the one I just stated pushes "strawberry picking" into a reasonable job, one that can be filled year round, and one that can be strategically placed in areas where a work force is plentiful.
Sometimes you don't need a rocket scientist or a robot designer to revolutionize the industry - you just need a guy to walk up and say "why aren't you doing it this way?"
Videotaping of officers in the line of duty is an issue for every law enforcement union in the country.
It would be for any union realistically. How would you feel about being videotaped while you were working?
The difference is that police are in a position to suppress, harrass, and intimidate those who would potentially be taping their activities.
While I agree that the officer most likely did not consider wiretapping as the original charge, I would postulate that he had absolutely no reason to arrest this child. His intention was to intimidate one kid, hopefully get him charged and convicted of something, and get the word out to the local high schools that cops don't react well to cell phone videos of their activities. One can hardly surmise an excuse for arresting this child outside the scope of intimidation.
If I had a video tape of every traffic stop I received, I would have a collection of questionable police activity.
I remember one such instance very clearly. The police came up behind me with no red/blue lights at about 2:00 AM in the middle of an empty stretch of highway. They came up so fast, I was sure they were going to rear end me. I accelerated and changed lanes. They did it again. I changed lanes back trying to get away from this harassing driver. They did it a third time. At this point, a rest stop exit had popped up, so I hit the brakes to slow for the exit. Red and Blues flash. They slam open my door and yank me out of the car like I'm Rodney King, proceed to search my car - trunk and all without asking, and against my verbal demand not to do so. They gave me several sobriety tests that most sober people would have issues with. I passed, but had the sense to mention in front of the car camera - "First, you're freaking me out by how aggressive you are. Second, it's freezing out here. If I have any problems, those are contributing factors." They were totally freaking me out. I surprised myself with the presence of mind to say something like that. Then they moved me to the passenger side of the cop car and asked me how much money I had on me. I said "I don't know, let me count." Without thinking, I walked in front of the police car (where the camera would be mounted) and counted my cash. Halfway through the cop grabbed my arm, pulled me back to the side of the car and said "forget it, put your money back in your wallet". They cited me for 140 mph. My car shaked severely at 125 because of a poorly installed sunroof, but regardless I was doing 75 when they nearly rammed me. 140 would normally get you thrown in jail, a wreckless driving charge, and a towed car. They cited me and let me go.
These kinds of things happen all the time all over the country. I had another cop pull me out of the middle of a big traffic cluster with 25+ cars all going the same speed. He laughed. "I just really wanted to get me a Porsche. I've been weaving through cars for 20 miles to get to you." I have had my car searched at least a dozen times in my life with zero cause and without permission. I've been detained and released without charges - and I was a stinking passenger on that one. I've had six guns drawn at me once with barking police dogs on the background (no citation, no charge).
I had a cop order me to my knees at gunpoint in my garage. My neighbor popped his head over the fence and said "What's going on?" The cop jumped 180 degrees and nearly shot my neighbor who he ordered back into his house. Then he jumped 180 degrees and nearly shot me all while I was pleading "please don't shoot me." A family member drove up. They left. No charges. Thought I was a burglar. They laughed on their way out and the partner slapped him on the butt and said "oh well, next time." No apology.
I'm not black. These things didn't happen in the ghetto. I'm no gang member. I don't look like one. I don't hang out with the wrong people. I'm just a regular guy - computer nerd. I'm not cocky or rude to police (they'd probably beat me if I was). Fo