True, but one cannot deny the fact that SCO does act very weird. Usually when some company "steals" GPL code, the copyright holder gives the company a chance to correct his mistake
So if I go rob a bank and I get caught, the bank should give me a chance to give the money back, and if I do everything is fine?
Re:This went through my workplace like wildfire to
on
Yet Another Windows Worm
·
· Score: 4, Interesting
One interesting thing is it opens port 1080, which is normally used by MSN messenger
Sounds like you're using a Socks server to connect to MSN - 1080 is the default Socks proxy port, not MSN messenger.
Even if you used Delphi you would be better off than VB...not an OSS thing but a general usability and code speed, reliability, quality dev environment thing.
Not all decisions are made on which technology is better. There are other factors such as the availability of programmers, third party tools, and technical support. VB beats Delphi hands-down in all three cases. Usability, speed, and reliability are more than adequate with VB to make them non-issues for us.
SQL Server is a load of crap as well.
As far as SQL Server goes, we rely heavily on stored procedures so the availability of freebies is moot for the time being. We also use an accounting package and an HR package that need either SQL Server or Oracle to run, so even if we moved our internal applications to another platform we'd still need to support SQL Server. We used to use Sybase, but switched to MS after v7.0 came out. It was a relatively easy migration, and we were able to reduce our support and maintenance costs significantly.
Incidentally, did you apply the Slammer patch?
I applied the Slammer patch to our SQL servers over the weekend before the worm hit the 'net in full force. I missed one installation of MSDE which did end up getting infected and causing some slowness on our network. I can't say the same for our parent company, however. Their network was effectively down for almost 24 hours while they cleaned up. I ended up putting a firewall between us and the parent company as a result...
It's like dating. You spend a while finding out what you want. Eventually you find it, or find something you're reasonably sure is it. Stick with it for a while. Things going good? Stick with it for a long while.
That's a great analogy, and I think you can extend it to organizations as well as individuals. For most companies, and I'm talking about companies not in the software business, it doesn't make sense to constantly change platforms to keep up with the latest trends. Even if a new platform is technically better or cheaper it can make very good financial sense to stay with what the company knows.
Our designers are not stupid; they just seem incapable of thinking outside the Windows world. You don't know what "mindshare" means until you've seen this in action... Microsoft products have a total lock on their way of thinking. They just won't consider any alternatives, they use Microsoft stuff, and they LIKE it. A friend and I are gradually introducing open source stuff (an internal web app I wrote uses PHP and MySQL as opposed to ASP/SQL Server... and I had to fight for it!) but mostly, Microsoft is ALL THERE IS to them.
I'm the lead architect at a shop that also uses mostly Microsoft tools for internal development. Our development staff would not be considered to be great programmers, but they do have an excellent background in the industry we work in. VB is the perfect tool for this type of programmer (even VB.Net has a ways to go). I understand that you're talking about the designers in your company, but here's the reason I'm bringing this up. I have had to deal with consultants and one new hire in the past couple of years who have recommended bringing in or converting to open source software, and one who even went over my head to try to sell the idea to upper management (spectacularly unsuccessfully - he didn't make it past his probationary period, and it wasn't my decision). It may seem to them like I am brainwashed by Microsoft or that I am being closed-minded by asking them to write VB or ASP code that runs against SQL server - which is what they were hired to do in the first place - but in fact we are currently using the best tools for our particular environment. I don't know if this is the case in your organization, but it may not be Microsoft's "brain lock" abilities - it may just be that the designers have heard it all before and just aren't really interested in rehashing the same old debates. In our case if we completely eliminated all of the licensing costs for Microsoft development tools and SQL Server, I doubt that anybody would even notice the change in our IS budget. The money spent is well worth it to us.
Like I said, if more money is to be made in selling DVDs than broadcasting, broadcasting could simply become a means to convince people to buy DVDs
The only reason that they can make more money from the DVD's is that the show's run on TV was a commercial failure. At this point nobody will pay much to advertise during the show, so they're cutting their losses by selling directly to the public. With a successful show, they can make a LOT more money by putting it on the air, selling advertising, and later syndicating the show.
I'm going to be uncharacteristically non-cynical for a moment, and suggest an alternate theory. Perhaps Fox will see how many DVD sets are sold, and if sales are surprisingly high, continue the series.
Don't count on it... Since the episodes are already made, the DVD's cost them next to nothing to produce. They'll probably end up making more money selling the "extra" episodes on DVD than they would have by putting the shows on the air.
We had a fix within 1 hour of the problem being reported, and that was mainly due to mail propagation delays from Australia ! We had to co-ordinate the release with all the Samba vendors, that's what took the time.
I'm not sure it really matters why the delay occurred - maybe that's something to work on for next time. Even if the fix could not be released immediately, it may have been a good idea to alert people that a problem existed so they could take additional precautions while the coordination efforts were taking place.
No company pays the sort of money needed to do the amount of code auditing a major OSS project gets *for free* by the vendor community
Releasing the source does not guarantee that anybody will actually perform a code audit. Neither does writing proprietary code. I don't claim like you do to know if they do so or not, but companies like Microsoft certainly have the resources to hire people to do audits and security reviews if they want to. This is more than most OSS projects can say.
Maybe you could set up a system so that the people in the community who you say are doing these reviews for free could document what parts of the code they have reviewed. That way we would know what parts have been looked at the most or least, and look at the track record of the people doing the reviews.
This one was discovered last Thursday, and five days to patch a remote root vulnerability with exploits already in the wild is not very good in my book.
when it's debugged, you don't just read the code to solve the problem
My point is that releasing code to the public does nothing to improve security. Nothing was stopping anybody from looking at the source code and/or loading Samba into a debugger and finding this problem, and yet this vulnerability has existed for seven or eight years. Code audits can be done by the general public with OSS, or internally by a company that writes proprietary software.
cause if it had been a problem with a Microsoft product we'd have to wait until actual exploits were in the wild to get a fix for it...
RTFA - exploits for this one have been in the wild for a while The only reason it was found is because somebody looked at a packet trace, not the source code.
This sort of thing could never have happened if it was Open Source! Thousands of people would have reviewed the source code to make sure that there were no problems like this.
I submitted an article yesterday that commented on the ruling, but it was rejected. Basically, Sun got their asses handed to them by at least one of the judges. Here's the article.
but AFAIK nobody ever claimed it was entirely about combatting terrorism
Well, there was this George W. Bush guy who, when signing the bill, said "But one thing is for certain: These terrorists must be pursued, they must be defeated, and they must be brought to justice. And that is the purpose of this legislation."
And also, it's called the "Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT ACT) Act of 2001"
if you were trying to convey the fact that MS has embraced and extended the fsck out of XML, thus totally destroying it and not properly implementing it, then yes, I would agree...
Micro$oft sure has some balls extending the "eXtensible Markup Language"...
Slashdot Mirror
True, but one cannot deny the fact that SCO does act very weird. Usually when some company "steals" GPL code, the copyright holder gives the company a chance to correct his mistake
So if I go rob a bank and I get caught, the bank should give me a chance to give the money back, and if I do everything is fine?
One interesting thing is it opens port 1080, which is normally used by MSN messenger
Sounds like you're using a Socks server to connect to MSN - 1080 is the default Socks proxy port, not MSN messenger.
You could tag each grape, and then monitor them for quality and choose only the best ones for making wine
Digital ripes management?
(Sorry)
Even if you used Delphi you would be better off than VB...not an OSS thing but a general usability and code speed, reliability, quality dev environment thing.
Not all decisions are made on which technology is better. There are other factors such as the availability of programmers, third party tools, and technical support. VB beats Delphi hands-down in all three cases. Usability, speed, and reliability are more than adequate with VB to make them non-issues for us.
SQL Server is a load of crap as well.
As far as SQL Server goes, we rely heavily on stored procedures so the availability of freebies is moot for the time being. We also use an accounting package and an HR package that need either SQL Server or Oracle to run, so even if we moved our internal applications to another platform we'd still need to support SQL Server. We used to use Sybase, but switched to MS after v7.0 came out. It was a relatively easy migration, and we were able to reduce our support and maintenance costs significantly.
Incidentally, did you apply the Slammer patch?
I applied the Slammer patch to our SQL servers over the weekend before the worm hit the 'net in full force. I missed one installation of MSDE which did end up getting infected and causing some slowness on our network. I can't say the same for our parent company, however. Their network was effectively down for almost 24 hours while they cleaned up. I ended up putting a firewall between us and the parent company as a result...
It's like dating. You spend a while finding out what you want. Eventually you find it, or find something you're reasonably sure is it. Stick with it for a while. Things going good? Stick with it for a long while.
That's a great analogy, and I think you can extend it to organizations as well as individuals. For most companies, and I'm talking about companies not in the software business, it doesn't make sense to constantly change platforms to keep up with the latest trends. Even if a new platform is technically better or cheaper it can make very good financial sense to stay with what the company knows.
Our designers are not stupid; they just seem incapable of thinking outside the Windows world. You don't know what "mindshare" means until you've seen this in action... Microsoft products have a total lock on their way of thinking. They just won't consider any alternatives, they use Microsoft stuff, and they LIKE it. A friend and I are gradually introducing open source stuff (an internal web app I wrote uses PHP and MySQL as opposed to ASP/SQL Server... and I had to fight for it!) but mostly, Microsoft is ALL THERE IS to them.
I'm the lead architect at a shop that also uses mostly Microsoft tools for internal development. Our development staff would not be considered to be great programmers, but they do have an excellent background in the industry we work in. VB is the perfect tool for this type of programmer (even VB.Net has a ways to go). I understand that you're talking about the designers in your company, but here's the reason I'm bringing this up. I have had to deal with consultants and one new hire in the past couple of years who have recommended bringing in or converting to open source software, and one who even went over my head to try to sell the idea to upper management (spectacularly unsuccessfully - he didn't make it past his probationary period, and it wasn't my decision). It may seem to them like I am brainwashed by Microsoft or that I am being closed-minded by asking them to write VB or ASP code that runs against SQL server - which is what they were hired to do in the first place - but in fact we are currently using the best tools for our particular environment. I don't know if this is the case in your organization, but it may not be Microsoft's "brain lock" abilities - it may just be that the designers have heard it all before and just aren't really interested in rehashing the same old debates. In our case if we completely eliminated all of the licensing costs for Microsoft development tools and SQL Server, I doubt that anybody would even notice the change in our IS budget. The money spent is well worth it to us.
Like I said, if more money is to be made in selling DVDs than broadcasting, broadcasting could simply become a means to convince people to buy DVDs
The only reason that they can make more money from the DVD's is that the show's run on TV was a commercial failure. At this point nobody will pay much to advertise during the show, so they're cutting their losses by selling directly to the public. With a successful show, they can make a LOT more money by putting it on the air, selling advertising, and later syndicating the show.
I'm going to be uncharacteristically non-cynical for a moment, and suggest an alternate theory. Perhaps Fox will see how many DVD sets are sold, and if sales are surprisingly high, continue the series.
Don't count on it... Since the episodes are already made, the DVD's cost them next to nothing to produce. They'll probably end up making more money selling the "extra" episodes on DVD than they would have by putting the shows on the air.
This post shows why "the mysterious future" is a good thing!
If you're rewriting the applications, why couldn't you move the data into a relational database at the same time?
We had a fix within 1 hour of the problem being reported, and that was mainly due to mail propagation delays from Australia ! We had to co-ordinate the release with all the Samba vendors, that's what took the time.
I'm not sure it really matters why the delay occurred - maybe that's something to work on for next time. Even if the fix could not be released immediately, it may have been a good idea to alert people that a problem existed so they could take additional precautions while the coordination efforts were taking place.
No company pays the sort of money needed to do the amount of code auditing a major OSS project gets *for free* by the vendor community
Releasing the source does not guarantee that anybody will actually perform a code audit. Neither does writing proprietary code. I don't claim like you do to know if they do so or not, but companies like Microsoft certainly have the resources to hire people to do audits and security reviews if they want to. This is more than most OSS projects can say.
Maybe you could set up a system so that the people in the community who you say are doing these reviews for free could document what parts of the code they have reviewed. That way we would know what parts have been looked at the most or least, and look at the track record of the people doing the reviews.
RMFA: problems get fixed faster in open source.
This one was discovered last Thursday, and five days to patch a remote root vulnerability with exploits already in the wild is not very good in my book.
when it's debugged, you don't just read the code to solve the problem
My point is that releasing code to the public does nothing to improve security. Nothing was stopping anybody from looking at the source code and/or loading Samba into a debugger and finding this problem, and yet this vulnerability has existed for seven or eight years. Code audits can be done by the general public with OSS, or internally by a company that writes proprietary software.
cause if it had been a problem with a Microsoft product we'd have to wait until actual exploits were in the wild to get a fix for it...
RTFA - exploits for this one have been in the wild for a while The only reason it was found is because somebody looked at a packet trace, not the source code.
This sort of thing could never have happened if it was Open Source! Thousands of people would have reviewed the source code to make sure that there were no problems like this.
Oh wait...
I think they're off by, ... ohh, about a factor of a thousand?
I'm sure the students are breathing a sigh of relief that it's only $97.8 billion...
Well that explains the lawyers with frickin' lasers mounted on their frickin' heads...
I submitted an article yesterday that commented on the ruling
Oops, not the ruling - the oral arguments! The ruling will come at a later date.
I submitted an article yesterday that commented on the ruling, but it was rejected. Basically, Sun got their asses handed to them by at least one of the judges. Here's the article.
That was sooo not off-topic..
Fifth Post!
but AFAIK nobody ever claimed it was entirely about combatting terrorism
Well, there was this George W. Bush guy who, when signing the bill, said "But one thing is for certain: These terrorists must be pursued, they must be defeated, and they must be brought to justice. And that is the purpose of this legislation."
And also, it's called the "Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT ACT) Act of 2001"
Yet more evidence that the PATRIOT act had little or nothing to do with actual terrorism...
Hell even Windows has it. (I await MS's announcement of its invention soon).
I thought Al Gore was on Apple's board of directors...
if you were trying to convey the fact that MS has embraced and extended the fsck out of XML, thus totally destroying it and not properly implementing it, then yes, I would agree...
Micro$oft sure has some balls extending the "eXtensible Markup Language"...
Whenever possible, go for java instead of C#. Go for PHP instead of ASP. Learn to use as little platform-dependant code as possible.
Doing this while employed for a company that is using C# and ASP is a great way to NOT keep your job.