"I chose to manually partition the disk using fdisk. First, I deleted the partition I had originally created for Linux. Then I created a 256-megabyte swap partition and gave the rest of the drive to Red Hat, choosing the ext3 journaling filesystem.
Red Hat asked a few more questions about the system than the Windows installation did, but the default selections were always satisfactory. I chose to use the GRUB boot manager, to place it on the MBR, and for the Linux to be the default. Next, I accepted DHCP as my network settings, medium security, and picked my time zone. The installation asked for a root password and then let me set up as many user accounts on the laptop as I needed."
I mean come on. Easier for him, maybe. To me one of the main components of "easier" is "can be installed by a less experienced user." I don't see the average grandma calmly partioning the disk by hand using fdisk.
- adam
Re:push for open DATA FORMATS, not open SOURCE
on
Mega-Geek March?
·
· Score: 2
Why can't you have an open data format without the source? It's not any different from a network protocol. Can you have TCP be open without knowing the source code? Sure.
To check, just look at data files and see if the format accurately describes every bit in there (in the article I linked to, I talk about automated ways to do this). Sure the doc might not be perfect at first, but eventually it becomes so.
One big issue is retrieving data from a file in 10 or 20 years. Which would you rather have then, a program that read the file and did something with it (which may or may not even be compilable by then), or a full doc of the format? Keep in mind that almost any company that owns a proprietary format will have some internal complete documentation of it, they just need to release it (and possibly standardize how it is doc'ed).
- adam
push for open DATA FORMATS, not open SOURCE
on
Mega-Geek March?
·
· Score: 5, Insightful
I fearlessly predict this measure won't work, since the proprietary software companies are the ones with the money.
The real point should be open DATA FORMATS...the government should be able to know the format of all the data that it is storing on behalf of the people of the state. I 100% agree that government procurement is a great way to enforce this kind of thing, but they should be pushing for something else. Open source, closed source, whatever...just
make the data formats available.
- adam
Jack Vance had it in the 1960s
on
Spy Fly
·
· Score: 2
If you read the
"DemonPrinces" novels (as everyone should), you will find something called the "sticktight", a family of tracking devices, one of which sounds a lot like this (the "servo-optical", see the footnote on p.51 of The Star King).
- adam
P.S.
"Excuse me for being curious," he said, "but are you Alusz Iphigenia Eperje-Tokay?" "I am Alusz Iphigenia Eperje-Tokay," she said, correcting his pronunciation.
I use
SlickEdit. There is a Visual SlickEdit product, which is a Windows app, but I actually prefer the version that runs in the Command Prompt (because when you exit it, you are right back in the command window so you can compile right then). Unfortunately I don't know if that version is still included with Visual SlickEdit (it used to be a separate product, then it was bundled for a while).
As an added bonus you can tell yourself you are using a descendent of the very editor that was used by the actual developers of the early versions of NT!
I don't know if it's most cars, but certainly a lot of European sporty cars are governed to a top speed in the US, but not in the versions sold in Europe.
I think what the author really meant was a car that was governed to the speed limit.
So the header is spoofed, making it look like the email came from me. Then the virus filter software, which is supposed to report to the infected person, instead generates a report to everybody *but* the infected person. And since the report includes the original email, the virus filter effectively winds up sending all the messages that it was supposed to filter out.
Clever.
- adam
possibly stupid question about Klez's appearance
on
Klez: a closer look
·
· Score: 3, Interesting
Since the detail link up there is/.ed...I keep getting these emails like "your email was rejected by our virus filter" and then there is an email attached, which looks like it came from me, that has Klez in it. Most of these are from people I have never contacted via email that are not in my address book.
So can I just assume that Klez is just generating these on its own and it's actually the *other* guy who is infected? Because I run Norton AntiVirus with the latest filters...or am I actually infected with Klez and I am really generating all this email that is bouncing at the other end?!?
The embedded OS would not be more stable due to what clients demand, but due to the lack of installable apps and hardware/drivers, leading to a vastly smaller text matrix.
I think it is wrong to assume people will flock to an OS that is more secure. It's not just cost...how can it just be cost? If it were just cost, people would all run FreeBSD which is more secure *and* costs nothing. So that points out one reason, which is that most people don't buy an OS, they buy a computer and it comes with an OS.
Anyway, imagine Microsoft was suddenly forced, due to lawsuits or regulation or liability worries, to produce a much more secure OS. So what would they do. Well first of all they would severely limit the apps and drivers that would run, likely requiring their own certification. Do you think Real/AOL/Netscape would like that? Then they would say that no DOS or Win16 apps were supported. Then they would say it will ship a year later so you can't use your fancy new hardware until then. Suddently, most of those people who were supposedly demanding a more robust operating system would change their tune.
An engine management computer is relatively trivial. How many inputs and outputs does it have? Just because it is running a "bona fide" embedded OS, does not mean it approaches the complexity of a general-purpose OS like Linux or XP.
There is a fairly direct inverse relationship between how generalized an operating system is and how hard it is to get stable. For example, engine management computers are not susceptible to remote buffer overflow exploits from the Internet. Or new applications and drivers being installed for that matter.
Look at the Xbox OS, a Microsoft product. I don't hear about it crashing. Why is that?
"It didn't help that so many of the people quoted had no idea what they were talking about, and the ones who did had their quotes taken so far out of context that they made no sense."
As the author of the piece, I'd be interested to learn a) why Nathan Myhrvold, Peter Neumann, the folks at SEI, and the other people I spoke with don't know what they're talking about; and b) how you know I quoted them out of context. Have you read the transcripts of my interviews?
Neumann claims that programmers think as long as code compiles it works, and that Gates testimony that removing the browser would break XP "means there's no structure or architecture or rhyme or reason in the way they've built those systems". Those are both patently false. Cem Kaner claims that companies treat quality as secondary. That's wrong. I don't know if he said the part about bug deferral being a plot to generate later revenue, but that's also absurd. The Ariane 5 rocket failed due to an ARITHMETIC overflow, not a buffer overflow (still a bug that should have been caught of course!). Then this guy Downes claiming that excessive WIndows messages in Visual Studio is "cataclysmic.... It's total chaos" -- I mean come on.
I should not have said, "out of context", I should have said, "without sufficient context." Someone from Microsoft claiming that C# is going to prevent errors is nice, but since IIS and XP aren't going to be rewritten in C#, and the Outlook problems were design issues, why does that matter? Myhrvold's quote was amusing, but you could point out that Microsoft can always say "No" to people, and if the customers weren't asking for features, Microsoft would be dreaming them up themselves -- the real problem is the "new features vs. stability" debate. An 18 megabyte patch -- OK 18 megabytes may be a big number, but saying "it may be a record" is silly (it obviously isn't, look at any NT service pack). Plus how much was bug fixes and how much updates and enhancements?
"It seems a lot of people who never worked at Microsoft know how Microsoft develops software."
I think the people whom I spoke with at Microsoft -- as well as the ex-Microsoft developers -- know how the company develops software. I mean, didn't you read the article?
I'm an ex-Microsoft developer (NT/2000/XP kernel) and I didn't see much I recognized. NT4 should have gone through 4 rounds of tests? What does that mean? Do you mean beta tests? Microsoft leading in component design is nice, but doesn't have much to do with preventing buffer overflows in XP. And comments about the attitudes of Microsoft people are just one person's opinion. "Software's developers were too rushed or too careless to fix obvious defects" -- I'm glad you know so much about me and my former co-workers.
I understand it was an overview article, but you make it sound like any solution will improve on the problems, and it's just not like that.
For the record, here is my opinion on why Microsoft code has buffer overflows in it:
1) Bigger teams -- if you move from 20 devs to 200 and your software is only as good as its weakest link, inevitably the weakest link will be weaker.
2) Lack of training -- Microsoft always assumed good people would do good things, instead of relying on more processes.
3) Too much reliance on the testers -- assumption was "if it's a bug a customer will hit, our testers will find it."
4) [sort of strange considering the previous point] Bad attitudes on the part of developers who think testers are inferior, combined with testers evaluated solely on number of bugs they find, leading to little empowerment for testers to actually find buffer overflows. More on that
here.
I agree 100% there is bad design in Microsoft software -- letting Outlook run executables by default (and the fact that you only have a black/white choice of doing so or not doing so), the fact that most people run as a user with high privilege, etc. And, it's also true that Microsoft has some problems, particularly with how testers are evaluated and the developer-tester relationship, plus not making their source available, that leads to more buffer overflows (and more damaging ones) than other software.
It just so happened, however, that the example linked to and described as "poor design" was actually a bug. That was all I wanted to point out.
It's not a particular part, it's just the number of parts.
How complex is an engine...maybe as complex as a virtual memory manager? Who knows, just an example. But the engine is one of the most complicated parts of a car, and a VMM is just one of many complicated parts of an operating system.
You can also think of what a car can do. A car can be used to drive people down a road. Now compare that to all the things an operating system can do.
Code Red was a buffer overflow exploit as far as I know, not an Outlook executing code problem. And what does this have to do with the security architecture in Windows?
Code Red didn't attack Mac/Unix because it wasn't designed to.
Microsoft's popular Visual Studio programming software is an example, to Downes's way of thinking. Simply placing the cursor over the Visual Studio window, Downes has found, invisibly barrages the central processing unit with thousands of unnecessary messages, even though the program is not doing anything. "It's cataclysmic.... It's total chaos," he complains.
HUH? Sending too many messages is a problem. Wow. Amidst all the Outlook viruses and buffer overflows, that's the first I heard of that. This guy must have an ordered life.
"The attitude today is that you can write any sloppy piece of code and the compiler will run diagnostics," says SRI's Neumann. "If it doesn't spit out an error message, it must be done correctly, right?"
I've never met a single programmer with that attitude since I was in Intro CS class.
Just as houses are built with standardized two-by-fours and electrical fittings, component-based programs are built out of modular, interchangeable elements: an example is the nearly identical menu bar atop every Windows or Macintosh program. Such standardized components, according to Wallach, are not only good engineering practice, they are "the only way you can make something the size of Microsoft Office work at all." Microsoft, he says, was an early, aggressive promoter of this approach -- "it's the single best engineering decision they ever made."
No real idea what he is talking about, anyone else?
. The most widespread example is Windows itself, which Bill Gates testified in an April session of the Microsoft antitrust trial simply would not function if customers removed individual components such as browsers, file managers or e-mail programs. "That's an incredible claim," says Neumann. "It means there's no structure or architecture or rhyme or reason in the way they've built those systems, other than to make them as bundled as possible, so that if you remove any part it will all fail."
It baffles me when people claim this shows no design in Windows. Gates did not say if you took out the email program it wouldn't work, just that if you took out IE it wouldn't. That's because it was designed that way.
At Microsoft itself, according to Amitabh Srivastava, head of the firm's Programmer Productivity Research Center, coders are working with new, "higher-level" languages like C# that don't permit certain errors.
No idea what the PPRC is (new name for the marketing department maybe?), but trust me Windows XP is not being re-written in C#.
"The mindset of the industry is to treat quality as secondary," says Cem Kaner, a computer scientist and lawyer at the Florida Institute of Technology. Before releasing products, companies routinely hold "bug deferral meetings" to decide which defects to fix immediately, which to fix later by forcing customers to download patches or buy upgrades, and which to forget about entirely. "Other industries get sued when they ignore known defects," Kaner says. "In software, it's standard practice. That's why you don't buy version 1.0 of a program."
Deferring minor bugs is standard practice. Otherwise software would never ship. So what does he want? Nice paranoid idea though that bug deferral meetings are actually fiendish plots to generate future revenue with updates and patches.
First of all, Microsoft software does stay up for 99.99% of the time for a sample of typical users -- typical users who don't aggressively look for remote exploits.
Anyway, I am wondering how complex a car would be considered vs. an operating system. For example is an OS roughly as complex (therefore as hard to get right) as a car...or is it more like 10 times as complex...or maybe 100 times as complex? I would say it is more like 100 or 1000 times as complex.
Remember cars aren't perfect either. Almost every car Consumer Reports tests has a few "sample defects" in it (something they could have worked out in the manufacturing process with more time/money/care/design), plus they have "bad design" (unclear controls, etc), and some of them have real "bugs" (occasional stalls, hunting for a gear), and then some have real major bugs that result in recalls.
It's a good overview of current gripes about software, but the article is mish-moshing a lot of things together. For software, it talks about embedded control systems, operating systems, compilers, medical machines, and web servers. For what constitures a bug, it talks about bloated code, ugly code, inefficient code, badly designed code, buffer overflows, bad algorithm implementation, incorrect handling of badly entered data, and of course the ultimate in cataclysmic chaos -- an app that generates unnecessary Windows messages. For how to fix things, it mentions component-based design, exhaustive review of source code before compiling, better initial planning, better programming tools, highly-typed languages like C#, better measuring tools, and never deferring bugs. For the goals that should be aimed for, it talks about usability, reliability, cost effectiveness, and maintainability.
So that's all fine and dandy, but it's not like you can just take one from each column and have something that makes sense. For example, were bugs in an operating system due to inefficient code that would be fixed by component-based design with an eye towards cost effectiveness? Well, uhhh, maybe, I think.
It didn't help that so many of the people quoted had no idea what they were talking about, and the ones who did had their quotes taken so far out of context that they made no sense. It seems a lot of people who never worked at Microsoft know how Microsoft develops software. Oh well.
It would make more sense to talk about a particular class of software and bug and then discuss why it is there. E.g. why do Microsoft systems products have buffer overflows. Even then you would get a bunch of different answers.
You could also flip this around and look from the point of view of someone in a company considering what software to buy. If Microsoft software goes bad, then they know who to sue and they have lots of $$$. But if they buy open source, then who do they sue, and do they have any money anyway?
This could generate an answer to the question "What is the difference between Red Hat/Debian/random-distro" of Linux -- the difference could be in how much they guarantee the liability in their software. Sure it's a risk for a distro to do so, but if they really believe the "many eyeballs == better software" theory, it's a risk someone may take.
OK it was actually early 1995...I was working at Microsoft on an "interactive television" project (one of many such that Microsoft has attempted over the years).
The system would have a set-top box running some Microsoft OS, connected to servers, using an IP network laid over the cable lines (basically like what cable modems do today, except it would only connect to the cable headend, not the Internet beyond).
We wanted to let users run CD-ROM games on the set-top box with the actual CD images on the central computer. So somebody investigated how easy this was to do. Now we are probably talking about a beta of Windows 95 on the client and these are old CD-ROMs conforming to the "MPC" spec. Anyway the guy discovered that most of these games stored the drive letter of the CD-ROM in the win.ini or somesuch place (what would be the registry these days) and if you simply copied the CD-ROM to a network share, mapped that network share to a local drive letter, and changed win.ini, many of them would still work. But some didn't.
Now that was a long time ago and who knows if it would still work (although some of the childrens CDs probably date from that era). Also this is the days of 1X CD-ROMs doing 150 kilobytes/second, which was reasonable to expect to achieve on a 10 megabit/second ethernet. Nowadays with a 100 megabit/second ethernet in yor house, you might get the performance of about a 24X CD-ROM drive (which will probably be fine).
May not be the most useful info but it reminded me of that story so I wanted to share.
I've been on a couple of their cruises and they do have Internet available. I don't recall it being r-e-a-l-l-y slow...not like 56K anyway. But of course it may vary at different times.
The cruises have a public lounge where you get Internet access (there may be a fee, I forget) and you can also get it in your cabin for $$$$.
And it's true you can get net access in port...even in places like St. Thomas, US Virgin Islands, there are places that let you fax/email/Internet right by the dock.
Steinman was the chief designer of the Mackinac Bridge, and the Messina Straits bridge was his dream. Unfortunately he died (long) before it became feasible either technically or politically.
I gather that the Mackinac Bridge, the Confederation Bridge in PEI, and maybe some others have the occasional person who shows up and then is too nervous to drive across. So a toll booth attendant drives them over.
Most modern suspension bridges have gone back to the thin deck instead of the heavy truss, but they make the deck aerodynamic in cross-section to handle the wind. The East Belt bridge in Denmark is like this. Only the Japanese (in some cases, like Akashi-Kaikyo, but not some of the other large ones they have built recently) and the Americans (theoretically, since they have stopped building long-span suspension bridges) still prefer the deep truss.
You would think the narrow deck would look nicer but I like the truss actually. Plus I have not seen a recent bridge (since the Verrazano-Narrows in 1964) that really looked nice, due to ugly tower design or other issues. And don't get me started on cable-stayed, if there has been an elegant looking one built, I have missed it. The Pont de Normandie is one of the ugliest things I have ever seen. Where is Christo when you need him.
This fact was trumpeted for the Verrazano-Narrows bridge, the Humber Bridge, the Akashi-Kaikyo bridge, etc, etc. I guess it is cool but not unique for a bridge over 4000 feet central span.
Slashdot Mirror
"I chose to manually partition the disk using fdisk. First, I deleted the partition I had originally created for Linux. Then I created a 256-megabyte swap partition and gave the rest of the drive to Red Hat, choosing the ext3 journaling filesystem.
Red Hat asked a few more questions about the system than the Windows installation did, but the default selections were always satisfactory. I chose to use the GRUB boot manager, to place it on the MBR, and for the Linux to be the default. Next, I accepted DHCP as my network settings, medium security, and picked my time zone. The installation asked for a root password and then let me set up as many user accounts on the laptop as I needed."
I mean come on. Easier for him, maybe. To me one of the main components of "easier" is "can be installed by a less experienced user." I don't see the average grandma calmly partioning the disk by hand using fdisk.
- adam
To check, just look at data files and see if the format accurately describes every bit in there (in the article I linked to, I talk about automated ways to do this). Sure the doc might not be perfect at first, but eventually it becomes so.
One big issue is retrieving data from a file in 10 or 20 years. Which would you rather have then, a program that read the file and did something with it (which may or may not even be compilable by then), or a full doc of the format? Keep in mind that almost any company that owns a proprietary format will have some internal complete documentation of it, they just need to release it (and possibly standardize how it is doc'ed).
- adam
The real point should be open DATA FORMATS...the government should be able to know the format of all the data that it is storing on behalf of the people of the state. I 100% agree that government procurement is a great way to enforce this kind of thing, but they should be pushing for something else. Open source, closed source, whatever...just make the data formats available.
- adam
- adam
P.S.
"Excuse me for being curious," he said, "but are you Alusz Iphigenia Eperje-Tokay?"
"I am Alusz Iphigenia Eperje-Tokay," she said, correcting his pronunciation.
As an added bonus you can tell yourself you are using a descendent of the very editor that was used by the actual developers of the early versions of NT!
- adam
I think what the author really meant was a car that was governed to the speed limit.
- adam
Clever.
- adam
So can I just assume that Klez is just generating these on its own and it's actually the *other* guy who is infected? Because I run Norton AntiVirus with the latest filters...or am I actually infected with Klez and I am really generating all this email that is bouncing at the other end?!?
Inquiring minds want to know. Thanks.
- adam
I think it is wrong to assume people will flock to an OS that is more secure. It's not just cost...how can it just be cost? If it were just cost, people would all run FreeBSD which is more secure *and* costs nothing. So that points out one reason, which is that most people don't buy an OS, they buy a computer and it comes with an OS.
Anyway, imagine Microsoft was suddenly forced, due to lawsuits or regulation or liability worries, to produce a much more secure OS. So what would they do. Well first of all they would severely limit the apps and drivers that would run, likely requiring their own certification. Do you think Real/AOL/Netscape would like that? Then they would say that no DOS or Win16 apps were supported. Then they would say it will ship a year later so you can't use your fancy new hardware until then. Suddently, most of those people who were supposedly demanding a more robust operating system would change their tune.
- adam
There is a fairly direct inverse relationship between how generalized an operating system is and how hard it is to get stable. For example, engine management computers are not susceptible to remote buffer overflow exploits from the Internet. Or new applications and drivers being installed for that matter.
Look at the Xbox OS, a Microsoft product. I don't hear about it crashing. Why is that?
- adam
As the author of the piece, I'd be interested to learn a) why Nathan Myhrvold, Peter Neumann, the folks at SEI, and the other people I spoke with don't know what they're talking about; and b) how you know I quoted them out of context. Have you read the transcripts of my interviews?
Neumann claims that programmers think as long as code compiles it works, and that Gates testimony that removing the browser would break XP "means there's no structure or architecture or rhyme or reason in the way they've built those systems". Those are both patently false. Cem Kaner claims that companies treat quality as secondary. That's wrong. I don't know if he said the part about bug deferral being a plot to generate later revenue, but that's also absurd. The Ariane 5 rocket failed due to an ARITHMETIC overflow, not a buffer overflow (still a bug that should have been caught of course!). Then this guy Downes claiming that excessive WIndows messages in Visual Studio is "cataclysmic. ... It's total chaos" -- I mean come on.
I should not have said, "out of context", I should have said, "without sufficient context." Someone from Microsoft claiming that C# is going to prevent errors is nice, but since IIS and XP aren't going to be rewritten in C#, and the Outlook problems were design issues, why does that matter? Myhrvold's quote was amusing, but you could point out that Microsoft can always say "No" to people, and if the customers weren't asking for features, Microsoft would be dreaming them up themselves -- the real problem is the "new features vs. stability" debate. An 18 megabyte patch -- OK 18 megabytes may be a big number, but saying "it may be a record" is silly (it obviously isn't, look at any NT service pack). Plus how much was bug fixes and how much updates and enhancements?
"It seems a lot of people who never worked at Microsoft know how Microsoft develops software."
I think the people whom I spoke with at Microsoft -- as well as the ex-Microsoft developers -- know how the company develops software. I mean, didn't you read the article?
I'm an ex-Microsoft developer (NT/2000/XP kernel) and I didn't see much I recognized. NT4 should have gone through 4 rounds of tests? What does that mean? Do you mean beta tests? Microsoft leading in component design is nice, but doesn't have much to do with preventing buffer overflows in XP. And comments about the attitudes of Microsoft people are just one person's opinion. "Software's developers were too rushed or too careless to fix obvious defects" -- I'm glad you know so much about me and my former co-workers.
I understand it was an overview article, but you make it sound like any solution will improve on the problems, and it's just not like that.
For the record, here is my opinion on why Microsoft code has buffer overflows in it:
1) Bigger teams -- if you move from 20 devs to 200 and your software is only as good as its weakest link, inevitably the weakest link will be weaker.
2) Lack of training -- Microsoft always assumed good people would do good things, instead of relying on more processes.
3) Too much reliance on the testers -- assumption was "if it's a bug a customer will hit, our testers will find it."
4) [sort of strange considering the previous point] Bad attitudes on the part of developers who think testers are inferior, combined with testers evaluated solely on number of bugs they find, leading to little empowerment for testers to actually find buffer overflows. More on that here.
- adam
It just so happened, however, that the example linked to and described as "poor design" was actually a bug. That was all I wanted to point out.
- adam
How complex is an engine...maybe as complex as a virtual memory manager? Who knows, just an example. But the engine is one of the most complicated parts of a car, and a VMM is just one of many complicated parts of an operating system.
You can also think of what a car can do. A car can be used to drive people down a road. Now compare that to all the things an operating system can do.
- adam
Code Red didn't attack Mac/Unix because it wasn't designed to.
- adam
HUH? Sending too many messages is a problem. Wow. Amidst all the Outlook viruses and buffer overflows, that's the first I heard of that. This guy must have an ordered life.
"The attitude today is that you can write any sloppy piece of code and the compiler will run diagnostics," says SRI's Neumann. "If it doesn't spit out an error message, it must be done correctly, right?"
I've never met a single programmer with that attitude since I was in Intro CS class.
Just as houses are built with standardized two-by-fours and electrical fittings, component-based programs are built out of modular, interchangeable elements: an example is the nearly identical menu bar atop every Windows or Macintosh program. Such standardized components, according to Wallach, are not only good engineering practice, they are "the only way you can make something the size of Microsoft Office work at all." Microsoft, he says, was an early, aggressive promoter of this approach -- "it's the single best engineering decision they ever made."
No real idea what he is talking about, anyone else?
. The most widespread example is Windows itself, which Bill Gates testified in an April session of the Microsoft antitrust trial simply would not function if customers removed individual components such as browsers, file managers or e-mail programs. "That's an incredible claim," says Neumann. "It means there's no structure or architecture or rhyme or reason in the way they've built those systems, other than to make them as bundled as possible, so that if you remove any part it will all fail."
It baffles me when people claim this shows no design in Windows. Gates did not say if you took out the email program it wouldn't work, just that if you took out IE it wouldn't. That's because it was designed that way.
At Microsoft itself, according to Amitabh Srivastava, head of the firm's Programmer Productivity Research Center, coders are working with new, "higher-level" languages like C# that don't permit certain errors.
No idea what the PPRC is (new name for the marketing department maybe?), but trust me Windows XP is not being re-written in C#.
"The mindset of the industry is to treat quality as secondary," says Cem Kaner, a computer scientist and lawyer at the Florida Institute of Technology. Before releasing products, companies routinely hold "bug deferral meetings" to decide which defects to fix immediately, which to fix later by forcing customers to download patches or buy upgrades, and which to forget about entirely. "Other industries get sued when they ignore known defects," Kaner says. "In software, it's standard practice. That's why you don't buy version 1.0 of a program."
Deferring minor bugs is standard practice. Otherwise software would never ship. So what does he want? Nice paranoid idea though that bug deferral meetings are actually fiendish plots to generate future revenue with updates and patches.
- adam
Anyway, I am wondering how complex a car would be considered vs. an operating system. For example is an OS roughly as complex (therefore as hard to get right) as a car...or is it more like 10 times as complex...or maybe 100 times as complex? I would say it is more like 100 or 1000 times as complex.
Remember cars aren't perfect either. Almost every car Consumer Reports tests has a few "sample defects" in it (something they could have worked out in the manufacturing process with more time/money/care/design), plus they have "bad design" (unclear controls, etc), and some of them have real "bugs" (occasional stalls, hunting for a gear), and then some have real major bugs that result in recalls.
- adam
- adam
So that's all fine and dandy, but it's not like you can just take one from each column and have something that makes sense. For example, were bugs in an operating system due to inefficient code that would be fixed by component-based design with an eye towards cost effectiveness? Well, uhhh, maybe, I think.
It didn't help that so many of the people quoted had no idea what they were talking about, and the ones who did had their quotes taken so far out of context that they made no sense. It seems a lot of people who never worked at Microsoft know how Microsoft develops software. Oh well.
It would make more sense to talk about a particular class of software and bug and then discuss why it is there. E.g. why do Microsoft systems products have buffer overflows. Even then you would get a bunch of different answers.
- adam
P.S. Comment first posted by me on Techdirt.
This could generate an answer to the question "What is the difference between Red Hat/Debian/random-distro" of Linux -- the difference could be in how much they guarantee the liability in their software. Sure it's a risk for a distro to do so, but if they really believe the "many eyeballs == better software" theory, it's a risk someone may take.
- adam
The system would have a set-top box running some Microsoft OS, connected to servers, using an IP network laid over the cable lines (basically like what cable modems do today, except it would only connect to the cable headend, not the Internet beyond).
We wanted to let users run CD-ROM games on the set-top box with the actual CD images on the central computer. So somebody investigated how easy this was to do. Now we are probably talking about a beta of Windows 95 on the client and these are old CD-ROMs conforming to the "MPC" spec. Anyway the guy discovered that most of these games stored the drive letter of the CD-ROM in the win.ini or somesuch place (what would be the registry these days) and if you simply copied the CD-ROM to a network share, mapped that network share to a local drive letter, and changed win.ini, many of them would still work. But some didn't.
Now that was a long time ago and who knows if it would still work (although some of the childrens CDs probably date from that era). Also this is the days of 1X CD-ROMs doing 150 kilobytes/second, which was reasonable to expect to achieve on a 10 megabit/second ethernet. Nowadays with a 100 megabit/second ethernet in yor house, you might get the performance of about a 24X CD-ROM drive (which will probably be fine).
May not be the most useful info but it reminded me of that story so I wanted to share.
- adam
The cruises have a public lounge where you get Internet access (there may be a fee, I forget) and you can also get it in your cabin for $$$$.
And it's true you can get net access in port...even in places like St. Thomas, US Virgin Islands, there are places that let you fax/email/Internet right by the dock.
- adam
I gather that the Mackinac Bridge, the Confederation Bridge in PEI, and maybe some others have the occasional person who shows up and then is too nervous to drive across. So a toll booth attendant drives them over.
- adam
You would think the narrow deck would look nicer but I like the truss actually. Plus I have not seen a recent bridge (since the Verrazano-Narrows in 1964) that really looked nice, due to ugly tower design or other issues. And don't get me started on cable-stayed, if there has been an elegant looking one built, I have missed it. The Pont de Normandie is one of the ugliest things I have ever seen. Where is Christo when you need him.
- adam
- adam
- adam