I'm not sure how exactly it works, but the InfoNet project provides a world-wide bulletin board of sorts that operates completely inside the virtual world. It's centralized, though. It'd be neat if someone could develop a proper decentralized network, but now that you can make arbitrary HTTP requests from LSL scripts there doesn't seem much point when you could just use the real Internet.
At least this is one problem that can be addressed by hacking the open-source viewer; the compilation's done client-side, so you wouldn't need any LL co-operation to use and distribute an improved compiler.
There's more to VB.NET than just an alternative syntax to C#. For example, VB.NET also provides its own runtime library containing a large number of functions that were present in VB6, and it supports late binding of method calls in a similar manner to VB6. Microsoft also provided a converter in Visual Studio.NET that is apparently able to do a reasonable job of adapting VB6-style projects into VB.NET projects including the source code. It can't do all the work for you, but it would certainly be a lot more work to port to C# for most projects.
The most important thing to this discussion is that VB.NET has its own runtime library above and beyond the standard.NET class library. Mono wouldn't be able to run apps developed for VB.NET without supporting this library. The compiler is not necessary for this, but it will at least provide a solution for those who are migrating from Windows to other platforms but have legacy VB.NET code.
With SMTP, anyone can say "I'm powerlord@livejournal.com" and there's no way to verify that. With OpenID, only you can successfully assert that you are powerlord.livejournal.com. Consequently, it's much more trustworthy than SMTP.
Sites accepting OpenIDs aren't any more vulnerable to comment spam than those requiring local usernames/passwords. You can use the same controls (CAPTCHAS, moderation, etc) that you'd use for either anonymous or locally-authenticated comments.
As for it being hard for developers to use, I disagree. I added OpenID authentication to my company's website platform in an afternoon with only rudimentary knowledge of the protocol, using the PHP libraries from openidenabled. The action class that actually does the OpenID authentication steps is 62 lines long, and one additional table was added to the system to map OpenIDs onto local userids. We already had a modular authentication API, so I just had to write a new auth frontend. If you're using any decent web framework this'll be true for you as well.
No, you authenticate someone to find out who they are. Once you're sure who they are, you can *then* make decisions about what they are allowed to do.
For example, you could make the rule that "only someone who successfully authenticates as powerlord.livejournal.com can post in this blog", using OpenID to authenticate the user and then your own code to decide, based on that result, whether the user can post in the blog. OpenID makes sure that no-one else but you can authenticate as powerlord.livejournal.com. (They might authenticate as powerlord.myopenid.com, but that's okay because that doesn't match your rule.)
From watching recent discussions (read: arguments), the main concern seems to be that these things would look like email addresses but, except in a few minor cases, they wouldn't actually *be* email addresses, so you'd just have another identifier with an at sign in it that was still not an email address. There aren't many providers (AOL being a notable exception) that provide both email and OpenID at the moment.
They seem to think that it's okay because you don't actually have to tell users that they are URLs. You could just say to users "Your OpenID is blah.aol.com" and not mention that it's an URL. AOL's OpenIDs are actually ugly things like openid.aol.com/username, but most providers seem to have standardized on the username.domain format, which can potentially be only one character different from an equivilent email address.
The OpenID guys seem to be concerned about their "trademark" becoming generic, so I just figured I'd report it in a way they'd approve of. This is similar to Lego insisting that you call their product "Lego bricks" rather than "Legos".
I can't get too excited about it myself, though. Calling it "an OpenID" is fine by me!
I think the main thing that is needed is to decentralize the package management. While apt allows me to specify several sources, if I deviate from the official repositories provided by my distribution there is the chance that I'll end up with incompatibility due to the shared namespace.
It'd be nice if you could just grab a random.deb (or whatever) file from a website and install it, having it automatically install all necessary libraries even if they're not part of the distribution and without breaking anything I've installed from elsewhere. This needs several things as a starting point: a decentralized package namespace (identifying packages with URIs could work), completely declarative packages (so that software and users can predict what'll happen as a result of installing a package, and so that the installation can be adapted to suit each distro) and the ability to have multiple versions of the same thing -- possibly all from different sources, with possibly-conflicting version numbers -- installed at the same time.
OpenID 1.1 was pretty simple. OpenID 2 is getting crazy, I'll agree. I've been lurking on some of their mailing lists and i can see that they're currently discussing the slimming down of the new specifications, so theyre well aware of this issue. I don't even know what XRI or XRDS is and from their mailing lists I can see I'm not the only one. I hope they'll make it a lot simpler before they publish the final version.
Centralizing your "login page" worsens the problem but it also offers several solutions. For example, a browser plugin (and hopefully later, a browser feature) can be configured to make it extremely obvious to the user that they are on the correct site when it's time to present credentials, because there is only one correct answer. Also, it's much easier to make use of new-fangled authentication schemes in place of usernames/passwords when they become available since only the OpenID providers have to implement them. Some providers are already preparing to offer WS-Trust/WS-Security logins in addition to or in place of username/password logins, which users will be able to make use of via Microsoft's Cardspace once deployment becomes a bit more pervasive.
OpenID 2 (whose spec is nearing completion, with implementations to follow) has a feature where instead of entering your own URL you enter just your provider's URL. Your provider can then optionally offer an option to generate a one-time gibberish identifier for that single site, which it'll remember so that you can present it again to that site next time. This will make the creation of per-site identifiers much easier, though of course it'll take some time for all of the existing OpenID sites to migrate to the new version.
Also, there has already been at least one implementation of a mailinator-like "just say yes" provider which you can use for signing into things that you'll probably never log into again.
I guess this advice might be a little late for you now, but hopefully it'll be of use to others. The best way to get a reasonable job out of college is to bite the bullet and do some kind of internship or work experience thing. My university didn't offer any particular assistance with this on my CS course, but I contacted employers in the area and basically offered to work for pittance for a few months to "gain professional experience". I ended up working for a month for a company in the local area during a break and at the end of it they offered me a job purely on the basis of my work during that period, with no interview whatsoever.
You have to target the right sort of company; in particular, the company has to be structured in such a way that you -- as an intern -- are reporting directly to someone with hiring clout so that you can actually be noticed. I picked a little company, but I suspect a larger company with the right sort of culture would work out as well.
When it comes down to it, it's that old adage of "it's not what you know, it's who you know."
Once you added a hard drive to your Amiga it was much more competitive, though. My A1200 with a hard disk could go from power on to the Workbench screen in less than five seconds. It takes my PC more than five seconds just to complete the BIOS POST.
While you're correct that lots of people misuse the term "tag" when it comes to HTML/XML, there is a construct called a "tag": it's the syntactic construct that marks the start and end of an element. A non-empty element consists of a start tag, some content, and then an end tag. (though in HTML the end tag is often optional and implied.)
What would be amusing is to take the already-existing cross-over between SG-1 and Atlantis and just merge the two into one show. I'm not saying that it'd make great television, but it would certainly have the "Fuck you Sci-Fi!" charm.
That didn't work out so well for LiveJournal
on
Inside MySpace.com
·
· Score: 1
That sounds like what LiveJournal did when they launched their spangly-new object-oriented style system. Under the new system the templates expose a bunch of settings the users can choose to customize within the limits of the style. They now have an option where you can choose whether you want to use the old system or the new. Guess what? Most of the sort of users that make those obscene pages on MySpace continue to use the old system because it makes it easier for them to do that sort of stuff.
Now they have two template systems to maintain rather than just one. Once you get above the data access layer everything seems to be completely separate with no chance of uniting them. Whenever they add new features, some of them get added to the old system, some to the new and occasionally both. So much wasted effort.
Of course, it could be argued that if they'd never had the hacky old system most people who got into LiveJournal never would have, because they wouldn't have been able to make their journals "express their individuality" with limited technical knowledge.
It's been a while since I saw the Minority Report movie (and even longer since I read the short story, though I don't remember this coming up at all there; was it in a different story?) but weren't these ads doing iris recognition? I seem to remember that he'd just had his eyes replaced so he wouldn't be recognised by security, but all of the stores started barking ads at him with the name of the person whose eyes he now had, and made it harder for him to run through the mall and escape.
The small company I work at has all of the "important" stuff (home directories, shared files, domain controller, DHCP, DNS, VPN...) on one Windows Server 2003 box. Each month when we have to install updates everyone cries and moans when the server's down for ten minutes and they can't do any work.
I generally blame Microsoft, but I've not made any inroads to get everything except the domain controller moved onto some kind of UNIX derivative (Probably Debian, since our existing Linux boxes run that already) but the problem is that there's just too much other stuff to do so the time it'd take to do that can't be justified by my boss. I think that's a problem that most would-be migrators encounter.
I wonder if anyone will ever attempt to use Mono to create a compatibility layer for these games to run on Linux/OSX or even on the original XBox. Presumably this would just be "a simple matter" of reimplementing the APIs used by this toolkit, since Mono is compatible with Microsoft's CLI already.
Re:Or just allow your email address to be a userna
on
The Case for OpenID
·
· Score: 1
I guess you're joking, but OpenID actually uses a scheme very similar to how advertisers track users cross-site. The difference is that OpenID is designed with your interests in mind rather than the advertisers, so random sites can't just track you without your permission.
The CSS 2 standard actually supports table-based layout applied to any markup. However, it's one of the many things that Microsoft simply haven't bothered to implement in their butchered tag soup layout engine. Let's not blame CSS here, but instead blame the one browser that leaves out the two most important layout features of CSS: the table model and generated content. With those two things, the common grid-based layouts that we all desire would be so much easier to create.
There are still several things missing in CSS2, of course. Many of them are addressed in CSS3, but I doubt that'll ever see the light of day.
Slashdot Mirror
I'm not sure how exactly it works, but the InfoNet project provides a world-wide bulletin board of sorts that operates completely inside the virtual world. It's centralized, though. It'd be neat if someone could develop a proper decentralized network, but now that you can make arbitrary HTTP requests from LSL scripts there doesn't seem much point when you could just use the real Internet.
At least this is one problem that can be addressed by hacking the open-source viewer; the compilation's done client-side, so you wouldn't need any LL co-operation to use and distribute an improved compiler.
That's a good reason to put your braces on the same line as the control construct they belong to!
There's more to VB.NET than just an alternative syntax to C#. For example, VB.NET also provides its own runtime library containing a large number of functions that were present in VB6, and it supports late binding of method calls in a similar manner to VB6. Microsoft also provided a converter in Visual Studio.NET that is apparently able to do a reasonable job of adapting VB6-style projects into VB.NET projects including the source code. It can't do all the work for you, but it would certainly be a lot more work to port to C# for most projects.
The most important thing to this discussion is that VB.NET has its own runtime library above and beyond the standard .NET class library. Mono wouldn't be able to run apps developed for VB.NET without supporting this library. The compiler is not necessary for this, but it will at least provide a solution for those who are migrating from Windows to other platforms but have legacy VB.NET code.
With SMTP, anyone can say "I'm powerlord@livejournal.com" and there's no way to verify that. With OpenID, only you can successfully assert that you are powerlord.livejournal.com. Consequently, it's much more trustworthy than SMTP.
Sites accepting OpenIDs aren't any more vulnerable to comment spam than those requiring local usernames/passwords. You can use the same controls (CAPTCHAS, moderation, etc) that you'd use for either anonymous or locally-authenticated comments.
As for it being hard for developers to use, I disagree. I added OpenID authentication to my company's website platform in an afternoon with only rudimentary knowledge of the protocol, using the PHP libraries from openidenabled. The action class that actually does the OpenID authentication steps is 62 lines long, and one additional table was added to the system to map OpenIDs onto local userids. We already had a modular authentication API, so I just had to write a new auth frontend. If you're using any decent web framework this'll be true for you as well.
No, you authenticate someone to find out who they are. Once you're sure who they are, you can *then* make decisions about what they are allowed to do.
For example, you could make the rule that "only someone who successfully authenticates as powerlord.livejournal.com can post in this blog", using OpenID to authenticate the user and then your own code to decide, based on that result, whether the user can post in the blog. OpenID makes sure that no-one else but you can authenticate as powerlord.livejournal.com. (They might authenticate as powerlord.myopenid.com, but that's okay because that doesn't match your rule.)
From watching recent discussions (read: arguments), the main concern seems to be that these things would look like email addresses but, except in a few minor cases, they wouldn't actually *be* email addresses, so you'd just have another identifier with an at sign in it that was still not an email address. There aren't many providers (AOL being a notable exception) that provide both email and OpenID at the moment.
They seem to think that it's okay because you don't actually have to tell users that they are URLs. You could just say to users "Your OpenID is blah.aol.com" and not mention that it's an URL. AOL's OpenIDs are actually ugly things like openid.aol.com/username, but most providers seem to have standardized on the username.domain format, which can potentially be only one character different from an equivilent email address.
The OpenID guys seem to be concerned about their "trademark" becoming generic, so I just figured I'd report it in a way they'd approve of. This is similar to Lego insisting that you call their product "Lego bricks" rather than "Legos".
I can't get too excited about it myself, though. Calling it "an OpenID" is fine by me!
I think the main thing that is needed is to decentralize the package management. While apt allows me to specify several sources, if I deviate from the official repositories provided by my distribution there is the chance that I'll end up with incompatibility due to the shared namespace.
.deb (or whatever) file from a website and install it, having it automatically install all necessary libraries even if they're not part of the distribution and without breaking anything I've installed from elsewhere. This needs several things as a starting point: a decentralized package namespace (identifying packages with URIs could work), completely declarative packages (so that software and users can predict what'll happen as a result of installing a package, and so that the installation can be adapted to suit each distro) and the ability to have multiple versions of the same thing -- possibly all from different sources, with possibly-conflicting version numbers -- installed at the same time.
It'd be nice if you could just grab a random
OpenID 1.1 was pretty simple. OpenID 2 is getting crazy, I'll agree. I've been lurking on some of their mailing lists and i can see that they're currently discussing the slimming down of the new specifications, so theyre well aware of this issue. I don't even know what XRI or XRDS is and from their mailing lists I can see I'm not the only one. I hope they'll make it a lot simpler before they publish the final version.
Centralizing your "login page" worsens the problem but it also offers several solutions. For example, a browser plugin (and hopefully later, a browser feature) can be configured to make it extremely obvious to the user that they are on the correct site when it's time to present credentials, because there is only one correct answer. Also, it's much easier to make use of new-fangled authentication schemes in place of usernames/passwords when they become available since only the OpenID providers have to implement them. Some providers are already preparing to offer WS-Trust/WS-Security logins in addition to or in place of username/password logins, which users will be able to make use of via Microsoft's Cardspace once deployment becomes a bit more pervasive.
OpenID 2 (whose spec is nearing completion, with implementations to follow) has a feature where instead of entering your own URL you enter just your provider's URL. Your provider can then optionally offer an option to generate a one-time gibberish identifier for that single site, which it'll remember so that you can present it again to that site next time. This will make the creation of per-site identifiers much easier, though of course it'll take some time for all of the existing OpenID sites to migrate to the new version.
Also, there has already been at least one implementation of a mailinator-like "just say yes" provider which you can use for signing into things that you'll probably never log into again.
OpenID is the technology. An "OpenID Identifier" is used to identify a user of the technology.
I guess this advice might be a little late for you now, but hopefully it'll be of use to others. The best way to get a reasonable job out of college is to bite the bullet and do some kind of internship or work experience thing. My university didn't offer any particular assistance with this on my CS course, but I contacted employers in the area and basically offered to work for pittance for a few months to "gain professional experience". I ended up working for a month for a company in the local area during a break and at the end of it they offered me a job purely on the basis of my work during that period, with no interview whatsoever.
You have to target the right sort of company; in particular, the company has to be structured in such a way that you -- as an intern -- are reporting directly to someone with hiring clout so that you can actually be noticed. I picked a little company, but I suspect a larger company with the right sort of culture would work out as well.
When it comes down to it, it's that old adage of "it's not what you know, it's who you know."
Once you added a hard drive to your Amiga it was much more competitive, though. My A1200 with a hard disk could go from power on to the Workbench screen in less than five seconds. It takes my PC more than five seconds just to complete the BIOS POST.
Big red button? Never! It's a standard VB button widget with "CommandButton34" written on it, right next to "Label76".
While you're correct that lots of people misuse the term "tag" when it comes to HTML/XML, there is a construct called a "tag": it's the syntactic construct that marks the start and end of an element. A non-empty element consists of a start tag, some content, and then an end tag. (though in HTML the end tag is often optional and implied.)
What would be amusing is to take the already-existing cross-over between SG-1 and Atlantis and just merge the two into one show. I'm not saying that it'd make great television, but it would certainly have the "Fuck you Sci-Fi!" charm.
That sounds like what LiveJournal did when they launched their spangly-new object-oriented style system. Under the new system the templates expose a bunch of settings the users can choose to customize within the limits of the style. They now have an option where you can choose whether you want to use the old system or the new. Guess what? Most of the sort of users that make those obscene pages on MySpace continue to use the old system because it makes it easier for them to do that sort of stuff.
Now they have two template systems to maintain rather than just one. Once you get above the data access layer everything seems to be completely separate with no chance of uniting them. Whenever they add new features, some of them get added to the old system, some to the new and occasionally both. So much wasted effort.
Of course, it could be argued that if they'd never had the hacky old system most people who got into LiveJournal never would have, because they wouldn't have been able to make their journals "express their individuality" with limited technical knowledge.
It's been a while since I saw the Minority Report movie (and even longer since I read the short story, though I don't remember this coming up at all there; was it in a different story?) but weren't these ads doing iris recognition? I seem to remember that he'd just had his eyes replaced so he wouldn't be recognised by security, but all of the stores started barking ads at him with the name of the person whose eyes he now had, and made it harder for him to run through the mall and escape.
Is that you, Eliza?
Come, come, elucidate your thoughts!
The small company I work at has all of the "important" stuff (home directories, shared files, domain controller, DHCP, DNS, VPN...) on one Windows Server 2003 box. Each month when we have to install updates everyone cries and moans when the server's down for ten minutes and they can't do any work.
I generally blame Microsoft, but I've not made any inroads to get everything except the domain controller moved onto some kind of UNIX derivative (Probably Debian, since our existing Linux boxes run that already) but the problem is that there's just too much other stuff to do so the time it'd take to do that can't be justified by my boss. I think that's a problem that most would-be migrators encounter.
I wonder if anyone will ever attempt to use Mono to create a compatibility layer for these games to run on Linux/OSX or even on the original XBox. Presumably this would just be "a simple matter" of reimplementing the APIs used by this toolkit, since Mono is compatible with Microsoft's CLI already.
I guess you're joking, but OpenID actually uses a scheme very similar to how advertisers track users cross-site. The difference is that OpenID is designed with your interests in mind rather than the advertisers, so random sites can't just track you without your permission.
The CSS 2 standard actually supports table-based layout applied to any markup. However, it's one of the many things that Microsoft simply haven't bothered to implement in their butchered tag soup layout engine. Let's not blame CSS here, but instead blame the one browser that leaves out the two most important layout features of CSS: the table model and generated content. With those two things, the common grid-based layouts that we all desire would be so much easier to create.
There are still several things missing in CSS2, of course. Many of them are addressed in CSS3, but I doubt that'll ever see the light of day.