Nope.. He always makes the speach go something like thigs:
"Linux is the kernel, which was written by Linus (and others). The distributions are the Linux kernel + GNU Utitilites - so Linux distributions should be called GNU/Linux"
And organized crime might love to have access to a lot of wonderful law enforcement data, and lord knows they have the money to hire a few good (well, maybe not good but competent) hackers.
This is almost certainly not an issue.. If you have cash you don't need to rant a hacker.
Instead buy an insider, via bribes, blackmail or one of the other standard forms of manipulation - it's a little riskier, but not much, and a lot more effective than hiring a hacker would ever be...
The real time investment in good programming has nothing to do with how fast you type the program in.
True - but at the same time I am constantly astounded at the inability fellow programmers have to type properly.
I've worked in offices full of good coders, designers, architechts, and programmers who can't type more than 5 wpm!
I know typing speed isn't a good indicator of ability, or anything close, but it seems pragmatic to learn to use the keyboard when you're in front of one for 7+ hours a day.
(Plus it's handy for sending email / IRC when you're in a hurry;)
You might be interested at a look at the User Interface Hall Of Shame then - it's full of examples of developers perverting normal controls to use them for other things, or coming up with their own widgets to replace `normal` controls.
Even Apple aren't immune. (Though to be fair that was quicktime 4 which is quite old).
but the casinos in London require you to "join". You can't go for the first 24 hours after you join
That's not specific to London it's Law for the whole of the UK. A lot of the big casinos are pushing for it to be scrapped so that they can compete fairly with online casino's.
So operating costs are rising are they? That's a good thing. Lets hope they continue to rise until we reach the point where commercial companies sending spam can't operate profitably..
I'm suprized that he has so many fake accounts - if this were a legitimate spam sending company they'd only be sending to legit opt-in requests, and they'd honour removal requests right?
I'd be happy for spamming companies to continue to exist if they:
Had [adv] in each of their subjects, or a similar recognisable mark.
Had valid return addresses.
Had real removal instructions.
Hey if it were legit like that I'd even sign up to a few lists to help convince everybody that using a legit business was better than doing it badly. (Of course they'd get filed to/dev/null - but that's a different story;)
Hmm that's a good point which I hadn't considered.
Luckily the key is located on a different serve to the download - but anybody who was really paranoid could find my key via one of the online key searchs
Re:How many people do check the MD5 checksum?
on
OpenSSH Package Trojaned
·
· Score: 4, Interesting
Do you check the packages downloaded from sites that you usually do not have problems with?
I've been wondering about this - and the answer is almost certainly not.
I've written a fairly widespread mp3/ogg streamer. I used to list MD5 sums on the download page - but recently I've switched to signing with my GPG key.
(On the basis that if somebody altered the downloads they'd be capable of fixing up the MD5sums file in the same directory too).
Taking a look at the download statistics you can see that about 1 person in 50 downloaded the signature file to match their archive.
That suggests that 2% of people routinely check signatures. I assume that less people check the code than check the signatures so... it's probably safe to say that no more than 0.5% of people do.
I found out the hard way how hot these got when I was a kid. I'd bought a NES secondhand and only had one game (Super Mario Bros 3).
When bored one afternoon I took of the top half of the case, squished all the innards down, and screwed a replacement lid of solid polished wood onto it.
It looked great even though it was impossible to change the game - I think the ability to rest mugs of coffee on the machine made up for that!
It died a few months into it's modded life. I suspect it was the heating that did it.
True you can do it for yourself - but half the skill of a DJ is to turn up on the night and with a finite number of albums make a playlist that the folk in the place would like.
I've done a lot of DJ'ing in the past for goth/industrial/metal/punk clubs and I've had a tricky time or two in the past when I'll turn up with 200 albums and the place will be full of punks - instantly wiping out half the tunes that I'd planned to play..
I think DJ's that most are overrated, especially people like Fatboy Slim here in the UK - but I would seriously say that it is harder than it looks. You have to keep things flowing for hours at a time, dealing with drunk people who want you to play their favourite track which either you don't have, or would totally kill the mood you've setup.
To my mind a DJ is good when you don't actually notice them...
One last tip: don't release too early. If what you're writing is complex, make sure the fundamental architecture is there, and make sure the rest is basically filling it out and hacking on it.
Definately agreed upon this point. Too many times you can see projects listed on Freshmeat that have descriptions which promise the earth - you download them and discover there's no code.
That's worse than seeing posts on the SourceForge saying 'I'm looking for volunteers to write the successor to $foo - BTW what's C?'
I've found that the best thing to do is make sure that your original release is as functional as possible. Otherwise people will not have a good experience with it - to the point of refusing to try it again in the future 'Oh, I tried that before - it sucked'.
If you have to work on only a few features, wouldn't you do those which scratch your own itch rather than those you were paid for?
I wrote and maintain GNUMP3d a streaming server for MP3's/OGG's. I originally wrote it because nothing was available which met my needs. After using it myself for a while I decided to make it available to others.
To be honest the last few releases have only happened because of the users. It does everything I set out to do. The features contained in the last few releases were almost exclusively requested by users.
Granted they didn't pay - but that's a good example of programming which wasn't explicitly scratching my itch.
OTOH I have had a couple of people buy stuff from my wishlist in exchange for features, or to persuade me to implement a feature before I'd planned to. So I can see it from both sides.
Personally I think a directory like this is a good idea - if there's somebody out there who wants to support OS work, but not donate to a faceless company like RedHat they can choose an application from the list there which they like and appreciate and easily find contact details.
Slashdot Mirror
Nope .. He always makes the speach go something like thigs:
"Linux is the kernel, which was written by Linus (and others). The distributions are the Linux kernel + GNU Utitilites - so Linux distributions should be called GNU/Linux"
On that basis the Linux Kernel is just Linux.
This is almost certainly not an issue .. If you have cash you don't need to rant a hacker.
Instead buy an insider, via bribes, blackmail or one of the other standard forms of manipulation - it's a little riskier, but not much, and a lot more effective than hiring a hacker would ever be...
The real time investment in good programming has nothing to do with how fast you type the program in.
True - but at the same time I am constantly astounded at the inability fellow programmers have to type properly.
I've worked in offices full of good coders, designers, architechts, and programmers who can't type more than 5 wpm!
I know typing speed isn't a good indicator of ability, or anything close, but it seems pragmatic to learn to use the keyboard when you're in front of one for 7+ hours a day.
(Plus it's handy for sending email / IRC when you're in a hurry ;)
You might be interested at a look at the User Interface Hall Of Shame then - it's full of examples of developers perverting normal controls to use them for other things, or coming up with their own widgets to replace `normal` controls.
Even Apple aren't immune. (Though to be fair that was quicktime 4 which is quite old).
But those people could jmp along to :
Nope what's really bad is PCs that will only accept one or the other.
I love the way with most modern laptops you can plug in either a keyboard or a mouse and it will do the right thing.
PC's should do that too.
Normally I'm against blatent plaguarism; but in this case it's ironic - so no need for the mod-downs.
Admit it you just wish you'd thought of it first; I know I do ;)
Streaming OGG is no harder than streaming MP3's if you use something like the GNUMP3d - and unfortunately named MP3/OGG vorbis streamer.
About a week before I landed my current job I updated my CV to include:
* Decorative around the officeI don't know why you don't just post your real email address, as a linke with the mailto attribute set.
That way you'll get lots of random spam... ;)
But look at it this way .. the sites are using popups to generate revenue, which they use to pay their bandwidth bills, right?
So by not loading the popups we're saving them money - not stealing.
but the casinos in London require you to "join". You can't go for the first 24 hours after you join
That's not specific to London it's Law for the whole of the UK. A lot of the big casinos are pushing for it to be scrapped so that they can compete fairly with online casino's.
Email address only, right? ;)
So operating costs are rising are they? That's a good thing. Lets hope they continue to rise until we reach the point where commercial companies sending spam can't operate profitably..
I'm suprized that he has so many fake accounts - if this were a legitimate spam sending company they'd only be sending to legit opt-in requests, and they'd honour removal requests right?
I'd be happy for spamming companies to continue to exist if they:
Hey if it were legit like that I'd even sign up to a few lists to help convince everybody that using a legit business was better than doing it badly. (Of course they'd get filed to /dev/null - but that's a different story ;)
Whoever moderates this as funny is in need of a longer attention span ...
The thing that really brought home the old-ness of the posts was the use of UUCP addresses in the mails!
I've never seen those used live before...
Hmm that's a good point which I hadn't considered.
Luckily the key is located on a different serve to the download - but anybody who was really paranoid could find my key via one of the online key searchs
I've been wondering about this - and the answer is almost certainly not.
I've written a fairly widespread mp3/ogg streamer. I used to list MD5 sums on the download page - but recently I've switched to signing with my GPG key.
(On the basis that if somebody altered the downloads they'd be capable of fixing up the MD5sums file in the same directory too).
Taking a look at the download statistics you can see that about 1 person in 50 downloaded the signature file to match their archive.
That suggests that 2% of people routinely check signatures. I assume that less people check the code than check the signatures so ... it's probably safe to say that no more than 0.5% of people do.
It's not Konqueror according to their page - It's 'The Desktop/LX Network BrowserTM'.
That seems a bit shabby to me - calling a standard application by a completely different name, and then trademarking it.
I found out the hard way how hot these got when I was a kid. I'd bought a NES secondhand and only had one game (Super Mario Bros 3).
When bored one afternoon I took of the top half of the case, squished all the innards down, and screwed a replacement lid of solid polished wood onto it.
It looked great even though it was impossible to change the game - I think the ability to rest mugs of coffee on the machine made up for that!
It died a few months into it's modded life. I suspect it was the heating that did it.
True you can do it for yourself - but half the skill of a DJ is to turn up on the night and with a finite number of albums make a playlist that the folk in the place would like.
I've done a lot of DJ'ing in the past for goth/industrial/metal/punk clubs and I've had a tricky time or two in the past when I'll turn up with 200 albums and the place will be full of punks - instantly wiping out half the tunes that I'd planned to play..
I think DJ's that most are overrated, especially people like Fatboy Slim here in the UK - but I would seriously say that it is harder than it looks. You have to keep things flowing for hours at a time, dealing with drunk people who want you to play their favourite track which either you don't have, or would totally kill the mood you've setup.
To my mind a DJ is good when you don't actually notice them...
Seconded!
You might want to have a look at the GNU Emacs on Windows FAQ for details of Windows specific things, and oddities.
One last tip: don't release too early. If what you're writing is complex, make sure the fundamental architecture is there, and make sure the rest is basically filling it out and hacking on it.
Definately agreed upon this point. Too many times you can see projects listed on Freshmeat that have descriptions which promise the earth - you download them and discover there's no code.
That's worse than seeing posts on the SourceForge saying 'I'm looking for volunteers to write the successor to $foo - BTW what's C?'
I've found that the best thing to do is make sure that your original release is as functional as possible. Otherwise people will not have a good experience with it - to the point of refusing to try it again in the future 'Oh, I tried that before - it sucked'.
If you have to work on only a few features, wouldn't you do those which scratch your own itch rather than those you were paid for?
I wrote and maintain GNUMP3d a streaming server for MP3's/OGG's. I originally wrote it because nothing was available which met my needs. After using it myself for a while I decided to make it available to others.
To be honest the last few releases have only happened because of the users. It does everything I set out to do. The features contained in the last few releases were almost exclusively requested by users.
Granted they didn't pay - but that's a good example of programming which wasn't explicitly scratching my itch.
OTOH I have had a couple of people buy stuff from my wishlist in exchange for features, or to persuade me to implement a feature before I'd planned to. So I can see it from both sides.
Personally I think a directory like this is a good idea - if there's somebody out there who wants to support OS work, but not donate to a faceless company like RedHat they can choose an application from the list there which they like and appreciate and easily find contact details.
Which is fine, unless you have to stick to HTTP/1.0 so that your ad-killing proxy server work.