Somehow I think you're making my point with that last line. What would happen to the Internet if the US
suddenly blinked off the map? Are you really going to be reading content off a server in India or
Nairobi?
Sprint provides services; Microsoft provides products. If Sprint were to cease operations tomorrow, lots of formerly light fiber would go dark and customers would be out of Internet connectivity, immediately. If Microsoft were to do so, nobody's software would suddenly stop working (yet - MS does plan to change this...) except of course Hotmail and other Passport-dependent applets.
Even if nobody could fill Microsoft's shoes within 24 hours - it wouldn't matter. Since MS software is a bought product, new copies of their stuff would still be on shelves for perhaps a month, maybe longer. After that, people could continue using their existing copies until something better came along. You know, kind of how people operate already.
The only real problem would be if you believed the crap about how their pre-installed Windows OS can "only be used with the computer it was bundled with", which to me is way overreaching the First Sale doctrine, since I never signed any piece of paper saying that, but if you take it as legally binding, I guess it would become harder and harder to purchase new computers and put Windows on them. This is a problem for the months and years following the hypothetical collapse, in any case, giving competitors ample time to ramp up their offerings.
Statements like all the replies to my post prove that most of you know nothing of
Windows networking at the enterprise level and how things like OpenOffice/StarOffice/Ximian are only the
tip of the iceberg of what needs to be replicated to covering the day-to-day productivity apps that
Microsoft has grafted onto the world.
(I disagree about the irreplaceability of their applications, but I'll skip it because I'm too tired to argue..)
Productivity apps which customers can continue to use until they feel the need for an upgrade. As much as the "upgrade machine" would like you to think otherwise, shrink-wrap software doesn't expire. It doesn't grow new bugs. The only compelling reason to upgrade the software you are already using for bug fixes is if those are security fixes - which themselves are a good reason to consider migrating to a safer software platform.
If you think the world will come to a screeching halt because someone can't upgrade from Office 2000 to Office XP because Microsoft is no longer around to sell Office XP... I hate to tell you this but you are the one using the permanent markers in a poorly ventilated area. Sure, everyone would eventually migrate to another productivity suite, but there's no reason they would have to rush into anything.
Just a few ex-Microsoft employees? I don't think so. Think of the software vendors, game stores (half
these stores are game consoles, half Windows games), and anyone else that is technology related in the
most minor way, most of which are skating on thin profit margins as it is, suddenly losing about half
their revenue.
Once again - short term, people wouldn't stop buying Windows games or indeed other shrink-wrap Windows software. What would happen is that a demand would quickly spring up for ports to Unix or MacOS X or Linux or perhaps all of the above, and companies would respond (perhaps by outsourcing to companies like Codeweavers), and customers would eventually migrate their networks to new platforms.
Speaking of Codeweavers (contract firm whose specialty is porting software from Windows to Unix), you must admit that "anyone else that is technology related in the most minor way" is a bit of an exaggeration. I think Codeweavers would be rolling in it, and would very quickly grow a lot of competition. I think I would be rolling in it too, as something of a Unix expert. I think a lot of loser "I know what rm -rf / does, therefore I am l33t" types would come out of the woodwork due to the supply/demand ratios of people like me. IT people lose their jobs? Only the inflexible ones.
The market skitishness after September 11 showed us what happens when businesses disappear of the face
of the planet, and they were minor league by comparison.
No, the market skittishness after Sept 11 showed us that the market can be skittish in the face of general panic of the population. Surprise. Move along, nothing to see here. Oh, it might have also showed that Wall Street is shaken when two of their biggest office buildings are leveled with a lot of their colleagues inside. But lots of small companies failed before September of last year as well. I don't see causality here, and anyway I think it's pretty Katzesque to pin things on Sept 11 without concrete reasons.
Dude, what if DRM software/hardware had builtin copyright expiration ?
Not possible, since thanks to Congress, the creators have no idea how long the copyright on a work will last. It wouldn't do to make the DRM disable itself after a mere 95 years, now would it?
Does anyone know whether the various acts extending copyright have severability clauses in them? If not, does that mean that the extensions might be struck down entirely? That could be a bombshell.
One of the interviews with the plaintiffs mentioned that the Bono Act is in fact inseverable, so the Court would have to strike down the whole thing. It is being argued, apparently, that all the heavy lobbying was for the retroactivity, and Congress would not have passed the law without it, so the Court doesn't have the authority to strike down only the retroactivity.
I for one would love to see copyright pushed all the way back down to 14+14, but honestly I don't think it would matter all that much if the Court repealed the Bono Act in toto. I guess I'm a little bit cynical. I think Congress would just bump it back up again, sans retroactivity, and nobody outside the copyright sanity meta-community would notice - just as happened with the DMCA. The only way I can see that not happening is if the Court specifically rules that not only does copyright have a fixed Constitutional limit, they actually give a hard number - 28 years, or 50 years, or whatever.
And that, unfortunately, is a much harder argument to make. Not that the plaintiffs have done a poor job of making it, mind!
Aside: am I the only one who would like to see an amicus brief from Tim O'Reilly?
Remember that companies like Microsoft are the powerplants of the economy. Laugh while they fail and you will be crying about not being able to eat.
You don't honestly believe that, do you? That's Microsoft's line. They didn't invent it, of course - cf. "what's good for General Motors is good for America". MS has tried to use this one numerous times, most recently when the courts talked about not letting them ship XP. That would surely have ruined the economy, remember?
Do a little reflected-sound-of-underground-spirits analysis, and you'll note that if Microsoft were to sink under the waves tomorrow, lots of people in Washington State, and a few sales critters here and there, would be unemployed. But. Demand for consumer operating systems, and office applications, and <cough> web server software, and little two-button mice, and of course (to stay on topic) game consoles, will not suddenly disappear. Someone will have to keep supplying the general public with these things we currently buy from Microsoft. Apple, perhaps, would finally port MacOS X to the PC. Linux distributors would go nuts. The BeOS would rise from its grave. Corel would start making money on WordPerfect again. IBM and Sun would go head-to-head with SmartSuite and StarOffice. Logitech would eat up the rest of the crap-mouse market share.
In other words... nobody would end up hurting except any ex-MS employees unable to find another job with one of the above-mentioned companies - and remember, at this point they would all be hiring. Sure, the IT trade rags would go on for months and months about the dire disaster, and a lot of Y2K-type jobs would spring up in the consultancy business for migrating businesses off Microsoft software.
But overall, despite what you hear from General Motors, Microsoft, or any other company who wants you to think they are indispensible to our economy and/or way of life... no company is. (Closest thing would be someone like Sprint - if they went away, the Internet backbone would be a few months recovering.)
If I would run a SOAP service I would run it by convenience not via the standard HTTP port but over its own port.
Ok, you can do that. The fact remains that the designers of SOAP intentionally subverted common firewalling practice. Like I said, an arms race to no purpose. Build a better firewall, we'll build a better way to tunnel through it, y'know? The guy providing the legitimate network service and the guy running the firewall are theoretically on the same team, so what's with the one-upmanship?
It seems the SOAP designers figured they knew better than the firewall administrators whether or not SOAP services should go through firewalls. Else why tunnel through HTTP? HTTP is a stateless protocol; it's quite poorly suited for maintaining sessions and interactivity (not to say it isn't used for that a lot!) so they could just as well have picked a more suitable transport. CIFS, say. Except that Microsoft already did that - see the ncacn_np transport for DCE/RPC....
Allan Cox particulary mentioned: somone inside of the network would easily be able to upload my corporate data via SOAP(to an outside destination). Thats wrong. Thats not a SOAP problem but a generic one.
Yah, I never did get that argument. I figure it's a lost cause trying to keep your data in - people will always figure a way to break out, and for this purpose SOAP isn't any worse than, say, a POST method CGI program over HTTPS.
Anyway, the main point: if you are vigilant enough to block off all incoming data to port 80 of any machine other than your public web servers / SOAP servers, then you are fine. Assuming the SOAP services on a particular machine should either be all open, or all closed. Because SOAP is a whole transport mechanism, not just a single service at a time, so you can have any number of services muxed through the same port 80 (or other) of the same IP number. (That's another minor gripe: SOAP makes it more difficult to filter out specific services since they all use the same host / port. By contrast, look at ONC (aka Sun RPC, used for NFS/NIS/etc on most Unix boxes): the portmapper gives each service its own port, so assuming you can control the portmapper, you can use port-based firewalling to mask off individual RPC services. The firewall itself doesn't have to be stateful or indeed even ONC-aware at all.)
So, I still lack a good crafted soluition how to use SOAP securely and what to avoid and whre teh in depth problems reside.
You got me. I don't particularly know SOAP. Serious question: why do you need it? What exactly does it bring to the table that ONC, DCE, or CORBA didn't already have? (XML-based wire encoding? Someone please explain that one - wire encoding is a solved problem, and no application writer need concern himself with the details anyway. Sheesh, use a library already.)
If I run a corporate network and I have a server inside of my network, which exposes its functionality via SOAP, my firewall does not NEED to filter it.
How is this different from any other network service?
Think about it. Why do you bother with a firewall at all? Since you are such a hot-shot administrator, you only have certain services running on the computers on your network, and these services are running for a reason. Unlike in the movies, a "hacker" can only do certain things from outside your network - mainly send packets in (possibly with forged data), and get responses back out. The responses can only come from services you have configured, so why bother to filter anything?
If you haven't caught my point yet: obviously your firewall is useful, because it takes away some of the burden to secure every single service on your network. Now only certain services are reachable from the outside world, and you can concentrate on making sure those are properly configured and secure.
Enter SOAP. It tunnels through HTTP - a design point intended to minimise hassle reconfiguring firewalls. Or to put it another way: SOAP was explicitly designed to circumvent the protection of a firewall, trading it for the convenience of an open network transport. Currently you say you explicitly configured a service that uses SOAP, and it therefore should pass through the firewall. But what if SOAP catches on as a way to deliver generic services, similar to raw TCP ports? What if every new install of Windows 2006 comes with "Simple SOAP Services" including echo, daytime, bgiqotd (BG's inspirational quote of the day) and so forth?
Back in 1988, everyone wrote his own inetd.conf file (or was inetd even around back then?) and knew exactly what TCP ports he was using. Now Unix boxes come with telnet, rlogin, rexec, lpd, and lots of other junk enabled by default, a lot of which is a good idea to firewall off. SOAP or XML-RPC could easily be in the same boat, say, five years from now.
Tunneling through port 80 created an unnecessary arms race between firewall vendors and web services vendors. "I can tunnel through your firewall"... "I can intelligently block your flows"... "I can use SSL to keep you from making decisions about my flows"... "I can use MITM to decrypt your SSL"... "I can use and verify certificates"... Why? It's one thing to have an arms race with an actual adversary. In this case the two are on the same team - unless you consider "defeating your own firewall" to be an actual conflict situation.
What do slashdotters think of free software (especially if you wrote or contributed to it) being used
for immoral purposes ?
In my case, I would consider it unfortunate, but not worth getting hung up about. In the balance, releasing software that is free for any use whatsoever, and redistributable under quite generous terms, seems to be a net gain to society no matter to what nefarious purposes it can be put.
It's sort of tempting to put a licensing condition in to make it illegal, but that would be incompatible with the GPL.
Incompatible in letter and in spirit. Lots of people claim to "have no use for source code", but they can still benefit greatly from open source software in that its use is completely unencumbered. With free software, unlike with Windows NT Workstation, you don't have to worry about whether your web server ever gets too many (more than 10) concurrent hits. You never have to think about whether a particular use is "commercial", "non-commercial" or "educational". You don't have to wonder when your license costs will start to increase, or whether your sweet volume licensing deal with the vendor will be suddenly cut off because you somehow manage to piss them off.
The moment I say "this you may not do with my software", potential users can no longer say "open source, no worries". They now have to comb through my exact license terms to see what they can or can't use it for, and wonder whether future restrictions could affect them when they wish to upgrade. That's in my mind a much bigger deal than someone using the fruit of my brain to evil purpose.
Just like I can't blame my puter maker for
allowing me to feed 200w into the soundcard, it wasn't built for it, and it's not their responsibility
to make sure I don't mess up.
I guess you missed the part of my post where I said "It's not like you're subjecting something to strong magnetism, or some other physical influence outside the engineering parameters." The "fake CD" is not supplying any excess wattage here. It is a passive medium - if the CD-ROM drive is being screwed up it is the CD-ROM drive itself that caused it.
According to other threads here this discussion is mostly moot anyway - apparently there was some bad reporting, and the CD-ROM drives in question do not actually sustain any permanent damage. They just refuse to eject the CD via software means (which for a Mac apparently means you have to reboot and eject via Open Firmware). That situation is more acceptible, though I still think it is bad design on the part of either the device, the software driver, the ATAPI CD-ROM protocol, or all three. (And yes, I know that would make three separate culprits here - I'm not solely blaming Apple now.) I know about the "software drive locking" commands, and I agree that they are necessary, it's just unfortunate that the software driver can get itself wedged with bad input such that it never unlocks the drive - which is what appears to have happened. Probably Apple's fault, but like I said, possibly at least partially a hardware problem.
Speaking of whom, I fondly remember the user manuals for the Apple ][+. This is back when the manual came with a schematic for the mainboard - seems odd now, doesn't it, actual technical information in a user manual, and from Apple of all people? This would have been 1983 or so, but I still distinctly remember the bit where they encouraged you to play around with your new, powerful, wonder of modern 8-bit technology. Paraphrasing: "Nothing you can do will cause permanent damage (unless you type with a hammer)."
Ever since, I have held computers to that standard. If a component is flash-upgradable, it should have fail-safe provisions where the code that actually reads the updated ROM off a floppy and writes to flash memory is not itself part of the update. (When I first heard about flash upgrades, I immediately thought, "Oooh, nasty, that violates the Apple ][+ Prime Directive!" Well, I didn't actually think "Prime Directive" but that was the sentiment.) It should always be possible to clear out the NVRAM in a computer by means of a jumper or something equally fail-safe. Monitors should refuse to run past their rated bandwidth and v/h-sync parameters. (Modern ones do refuse - older ones didn't, and you could fry them that way.) No computer component should have a "self-destruct" command. Except perhaps smart cards, for security purposes, when you enter the wrong PIN too many times. All hardware with moving parts must check input and not allow those moving parts to be damaged.
I honestly don't think any of this is too much to ask.
Yes, software should never crash, but sorry to say, this isn't a perfect world. Apples iMac, and most
other CD readers are designed to read CDs, that's Compact Discs(tm), not compact discs.
Sorry, but that's just lame. You can explain anything with "this isn't a perfect world". Putting a 5.25 inch round plastic thing in a CD-ROM drive might make it spin for awhile and sound funny, but when I press the Eject button it had better pop that sucker back out and act as though nothing had happened.
It's not like you're subjecting something to strong magnetism, or some other physical influence outside the engineering parameters. You aren't wearing out your motors spinning a too-heavy disc, or scratching your lens with bits of metal stuck to the CD. No, this is merely reading signals from a laser, for which there is no excuse for any kind of permanent damage to the device.
In the software business, if an application is publically accessible (say a network server) and you can crash it with random data, we call this a "denial-of-service attack" and it is classed as a security bug. Even Microsoft take these things seriously nowadays - NT4 is ridiculously easy to crash from untrusted network access, but the RPC infrastructure in NT5, from all reports, is much more robust.
WordPerfect still has a strong
presence in certain industries. Law is frequently mentioned but many academics are still using
WordPerfect as well.
I never did quite figure that out. The only feature Word has that WordPerfect does not - that I've noticed, anyway - is Clippit. And it is missing two features we consider quite essential: PDF export, and reveal codes. (OK, so PDF export can be accomplished with third-party tools like ghostscript + samba, and indeed I did precisely that to support our Word users.)
So why isn't WordPerfect the standard word processor? Why do people, when I mention WordPerfect, have this attitude of "oh, you haven't upgraded to Word yet?" Nobody would buy an HTML editor that didn't support "view raw source" - yet almost all Word users are puzzled as to why we consider this useful in WP. Guess I just don't understand this whole "leveraging monopoly power to dominate new markets" thing.
We write a lot of 200- to 300-page manuals. Writing them in Word would be insane. So in order for us even to evaluate a free word processor, it must support.wpd format. Fortunately, this is hardly a moving target: unlike Word.doc format,.wpd has remained stable for the past several years (WP 6.1 can read documents from WP 10).
You may be right..but Shouldn't it be 3 people? I mean, how does it help that 2 people have differing
numbers? You still need to spend time to figure out which is right.
If the two copies don't match, the system beeps, or turns the record red, or something. Then someone (either the second operator himself, on the spot, or somebody after the fact) can determine which (if either) is the correct copy.
This should be a lot faster in terms of man-hours than entering a whole third copy of the data.
(And on a more annoyingly pedantic note: "PIN number" is a tautology.)
Uh, what? "Personal identification number number" is a self-evident logical statement? Perhaps you mean redundancy, like "Based on NT Technology" or "hot water heater".
Access control in NT is rarely enforced actually, since the common practice is to run everything as
admin anyway.
And yet, even when you run as admin, you still have access control. Admin (or more precisely the Administrators group) is not all-powerful like Unix root. File permissions, for example - if you don't have explicit permissions to read / write / delete a file, it doesn't matter who you are. Now if you are an admin, you can certainly gain access, by forcibly changing file owner to yourself and adding the "full control" permission for yourself... but that gets really annoying, really fast, when you have to work with a deep directory tree whose owner saw fit to "lock" you out of it. Absent third-party tools, there seems to be no way to do this gracefully (i.e. without resetting all other permissions on said directory tree).
I believe the "SYSTEM" user is indeed all-powerful, or close to it. But you can't log in interactively as SYSTEM.
Back to boot viruses - I have to admit that I don't know whether or not INT13-style facilities (raw disk access) are available to the admin users.
I'm sure the Linux NTFS crowd would be happy to
take your contributions, as would the GNU Parted people.
Oh, let me amend that. The GNU Parted people would be happy to take your contributions, so long as you do the usual cede-copyright-to-FSF thing. I.e. all your bits are belong to RMS. (:
True, but the commercial program Partition Magic does support shrinking NTFS partitions. I wonder why no
distribution's installer does...
Maybe because Partition Magic is not free software and no distribution vendor is willing to pay for a bulk license? And because there is no free program out there that can resize an NTFS partition? And because NTFS itself is pretty much undocumented (unless you sign an NDA with Microsoft, which is probably how the PM people wrote their NTFS support), and a complex enough filesystem (including metadata journalling, I believe) that in several years, Anton Altaparmakov and the other Linux-NTFS hackers still do not support read-write mode?
If you know more about this stuff than I do, I'm sure the Linux NTFS crowd would be happy to take your contributions, as would the GNU Parted people.
Why is that? AFAICT, highlight menus in text mode, such as the ones used by the NT boot loader and recent versions of LILO, do a more than adequate job. But then, I never did get the point of those mouse-enabled CMOS setup screens either.
(LILO even combines a highlight menu with the ability to specify command-line parameters - very nicely designed IMHO, though the default white-on-red color scheme is, ahem, a good thing to override in lilo.conf.)
What imaginary version of NT are you running that can be brought down
by a DOS boot virus?
Doesn't matter. Boot viruses load before the OS does anyway.
So how exactly does the boot virus end up on the boot sector? NT doesn't let just anyone write to the raw spindles - it has this neat new feature called "access control" and actually enforces it. You can't just call INT 13 and write your data whenever, wherever.
That is, their CFO invests that cash with their internal money management system. (ie,
enter Microsoft Money, type IDKFA).
That was the funniest thing I've read in the past 24 hours. Still trying to picture exactly what Microsoft Money does in response to the "full weapons and ammo" command. Thanks.
calling microsoft gay demeans the gay community, irregardless of "gay" having
different meanings in the past. The fact is, no one says that they're "gay" anymore when they mean
"happy", gay means homosexual and every other meaning has faded away.
Ironic, isn't it, that "gay" has become slang for "stupid"? The word was originally coopted by homosexuals in an attempt to battle the stereotype of being moody and depressed. Whether or not that worked, you have to admit it's kind of funny that manipulating a word's meaning to make a point eventually came full circle.
Ah, I'd forgotten about the reboots the windows installer requires, yes, that is really annoying, and
linux does all in one sweep.
Actually that's my biggest pet peeve in the Debian installer. It shouldn't have to reboot at all - the Linux kernel provides facilities to go from zero to production with no reboot (see the docs on "pivot_root") - but it does, once. It's historical, I know (earlier releases of Linux didn't have the capability I'm talking about) and perhaps the forced reboot is supposed to be a way to make sure the system was actually installed correctly such that it is bootable... but I still like the idea of having a Linux system which has never been rebooted. (:
Do other Linux distributions reboot during the install? I know NT reboots twice (not counting service packs and software installation), which I never did understand....
Why is it that hardware manufacturers don't allow for 3rd party driver development? How could open specs
hurt their sales? Their goal is to sell hardware, right?
You'd think. And indeed some hardware is quite open. But other hardware mfrs are really really paranoid about letting their "intellectual property" out of the barn. They seem to think the spec sheets from their current-generation hardware will help their competitors develop stuff to compete with their next-generation hardware.
Paranoia about trade secrets is quite common, even outside the computer hardware field. Boeing gets real antsy about how we can use their nacelle structure drawings. As though any other aircraft could use that exact nacelle shape anyway! And I've got a piece of paper from MSC.Software in front of me, with a strict non-disclosure statement on it. What is it? A CAD drawing of a hard-to-mill bracket, which some guy came up with off the top of his head for use in a CAD operator showdown contest. Commercial value: exactly $0, but there's NDA boilerplate just the same.
so what exactly is the SSE instruction set that intel intro'd with the P3?..
To be honest I'm not sure - it may include FP math as well. Note, however, that 3DNow! was out quite awhile before SSE - the former debuted with (I think) the AMD K6-2.
Re:The author of that article needs some cheese...
on
The Future of Ogg Vorbis
·
· Score: 2, Informative
I mean honestly... if you're going to make a player for music,
you really should have the hardware support. (They don't rip the computers out of a microwave and try to
adapt them to portable MP3 players.
For embedded, you want as cheap as possible while still able to do the job. The CPUs commonly used in embedded designs often don't have floating point capabilities - too much silicon, too little need. Complexity means not only unit cost but power usage and cooling requirements.
Sure, you can ship a machine with a 486DX instead of an ARM, but the optimal solution is to figure out how to use fixed point. Software-emulated floating point won't cut it either - too inefficient. In the embedded world, "inefficient" doesn't mean "oh well, just so long as the CPU is fast enough to handle it", it means "unit cost is higher than necessary since we should have been able to get away with a slower CPU".
Fractint was fast with integer operations, cause in those days, integer operations were traditionally
much faster than floating point operations on the x86 platform.
Yeah, this used to matter a lot. I remember once seeing integer-only code for drawing a circle on an Apple II. This was in 6502 assembly language, which doesn't have floating point. Neither does 8086 assembly language [no I'm not counting the 8087 bridge instructions], which explains why Fractint was such a win.
Even when the 486DX came with an integrated x87, it pretended that the FP logic was still on a separate, optional chip - and as a result, floating point access sucked in a number of ways - specifically for context switching - the FP registers are really slow to load / unload in bulk. I guess Intel finally fixed this with new instructions in the PIII; AMD meanwhile seem to have given up on the x87, re-implementing FP math (incompatibly) with the 3DNow! instruction set.
As open source Ogg Vorbis is released under the GPL/LGPL. However doesn't this prevent companies to
integrate the sources into their software ?
Where did you hear that Ogg Vorbis [by which I assume you mean the reference implementation libraries] was released under the GPL/LGPL?
The sample tools are GPL - but the libraries are under a license similar to the 3-clause [ie old] BSD. This is specifically to encourage widespread adoption of the standard. Think about it: if you want to add Ogg Vorbis support to your application or embedded box, you won't be borrowing the command-line tools, just the libraries.
Slashdot Mirror
Sprint provides services; Microsoft provides products. If Sprint were to cease operations tomorrow, lots of formerly light fiber would go dark and customers would be out of Internet connectivity, immediately. If Microsoft were to do so, nobody's software would suddenly stop working (yet - MS does plan to change this...) except of course Hotmail and other Passport-dependent applets.
Even if nobody could fill Microsoft's shoes within 24 hours - it wouldn't matter. Since MS software is a bought product, new copies of their stuff would still be on shelves for perhaps a month, maybe longer. After that, people could continue using their existing copies until something better came along. You know, kind of how people operate already.
The only real problem would be if you believed the crap about how their pre-installed Windows OS can "only be used with the computer it was bundled with", which to me is way overreaching the First Sale doctrine, since I never signed any piece of paper saying that, but if you take it as legally binding, I guess it would become harder and harder to purchase new computers and put Windows on them. This is a problem for the months and years following the hypothetical collapse, in any case, giving competitors ample time to ramp up their offerings.
(I disagree about the irreplaceability of their applications, but I'll skip it because I'm too tired to argue..)
Productivity apps which customers can continue to use until they feel the need for an upgrade. As much as the "upgrade machine" would like you to think otherwise, shrink-wrap software doesn't expire. It doesn't grow new bugs. The only compelling reason to upgrade the software you are already using for bug fixes is if those are security fixes - which themselves are a good reason to consider migrating to a safer software platform.
If you think the world will come to a screeching halt because someone can't upgrade from Office 2000 to Office XP because Microsoft is no longer around to sell Office XP ... I hate to tell you this but you are the one using the permanent markers in a poorly ventilated area. Sure, everyone would eventually migrate to another productivity suite, but there's no reason they would have to rush into anything.
Once again - short term, people wouldn't stop buying Windows games or indeed other shrink-wrap Windows software. What would happen is that a demand would quickly spring up for ports to Unix or MacOS X or Linux or perhaps all of the above, and companies would respond (perhaps by outsourcing to companies like Codeweavers), and customers would eventually migrate their networks to new platforms.
Speaking of Codeweavers (contract firm whose specialty is porting software from Windows to Unix), you must admit that "anyone else that is technology related in the most minor way" is a bit of an exaggeration. I think Codeweavers would be rolling in it, and would very quickly grow a lot of competition. I think I would be rolling in it too, as something of a Unix expert. I think a lot of loser "I know what rm -rf / does, therefore I am l33t" types would come out of the woodwork due to the supply/demand ratios of people like me. IT people lose their jobs? Only the inflexible ones.
No, the market skittishness after Sept 11 showed us that the market can be skittish in the face of general panic of the population. Surprise. Move along, nothing to see here. Oh, it might have also showed that Wall Street is shaken when two of their biggest office buildings are leveled with a lot of their colleagues inside. But lots of small companies failed before September of last year as well. I don't see causality here, and anyway I think it's pretty Katzesque to pin things on Sept 11 without concrete reasons.
Not possible, since thanks to Congress, the creators have no idea how long the copyright on a work will last. It wouldn't do to make the DRM disable itself after a mere 95 years, now would it?
(:
One of the interviews with the plaintiffs mentioned that the Bono Act is in fact inseverable, so the Court would have to strike down the whole thing. It is being argued, apparently, that all the heavy lobbying was for the retroactivity, and Congress would not have passed the law without it, so the Court doesn't have the authority to strike down only the retroactivity.
I for one would love to see copyright pushed all the way back down to 14+14, but honestly I don't think it would matter all that much if the Court repealed the Bono Act in toto. I guess I'm a little bit cynical. I think Congress would just bump it back up again, sans retroactivity, and nobody outside the copyright sanity meta-community would notice - just as happened with the DMCA. The only way I can see that not happening is if the Court specifically rules that not only does copyright have a fixed Constitutional limit, they actually give a hard number - 28 years, or 50 years, or whatever.
And that, unfortunately, is a much harder argument to make. Not that the plaintiffs have done a poor job of making it, mind!
Aside: am I the only one who would like to see an amicus brief from Tim O'Reilly?
You don't honestly believe that, do you? That's Microsoft's line. They didn't invent it, of course - cf. "what's good for General Motors is good for America". MS has tried to use this one numerous times, most recently when the courts talked about not letting them ship XP. That would surely have ruined the economy, remember?
Do a little reflected-sound-of-underground-spirits analysis, and you'll note that if Microsoft were to sink under the waves tomorrow, lots of people in Washington State, and a few sales critters here and there, would be unemployed. But. Demand for consumer operating systems, and office applications, and <cough> web server software, and little two-button mice, and of course (to stay on topic) game consoles, will not suddenly disappear. Someone will have to keep supplying the general public with these things we currently buy from Microsoft. Apple, perhaps, would finally port MacOS X to the PC. Linux distributors would go nuts. The BeOS would rise from its grave. Corel would start making money on WordPerfect again. IBM and Sun would go head-to-head with SmartSuite and StarOffice. Logitech would eat up the rest of the crap-mouse market share.
In other words ... nobody would end up hurting except any ex-MS employees unable to find another job with one of the above-mentioned companies - and remember, at this point they would all be hiring. Sure, the IT trade rags would go on for months and months about the dire disaster, and a lot of Y2K-type jobs would spring up in the consultancy business for migrating businesses off Microsoft software.
But overall, despite what you hear from General Motors, Microsoft, or any other company who wants you to think they are indispensible to our economy and/or way of life ... no company is. (Closest thing would be someone like Sprint - if they went away, the Internet backbone would be a few months recovering.)
Ok, you can do that. The fact remains that the designers of SOAP intentionally subverted common firewalling practice. Like I said, an arms race to no purpose. Build a better firewall, we'll build a better way to tunnel through it, y'know? The guy providing the legitimate network service and the guy running the firewall are theoretically on the same team, so what's with the one-upmanship?
It seems the SOAP designers figured they knew better than the firewall administrators whether or not SOAP services should go through firewalls. Else why tunnel through HTTP? HTTP is a stateless protocol; it's quite poorly suited for maintaining sessions and interactivity (not to say it isn't used for that a lot!) so they could just as well have picked a more suitable transport. CIFS, say. Except that Microsoft already did that - see the ncacn_np transport for DCE/RPC....
Yah, I never did get that argument. I figure it's a lost cause trying to keep your data in - people will always figure a way to break out, and for this purpose SOAP isn't any worse than, say, a POST method CGI program over HTTPS.
Anyway, the main point: if you are vigilant enough to block off all incoming data to port 80 of any machine other than your public web servers / SOAP servers, then you are fine. Assuming the SOAP services on a particular machine should either be all open, or all closed. Because SOAP is a whole transport mechanism, not just a single service at a time, so you can have any number of services muxed through the same port 80 (or other) of the same IP number. (That's another minor gripe: SOAP makes it more difficult to filter out specific services since they all use the same host / port. By contrast, look at ONC (aka Sun RPC, used for NFS/NIS/etc on most Unix boxes): the portmapper gives each service its own port, so assuming you can control the portmapper, you can use port-based firewalling to mask off individual RPC services. The firewall itself doesn't have to be stateful or indeed even ONC-aware at all.)
You got me. I don't particularly know SOAP. Serious question: why do you need it? What exactly does it bring to the table that ONC, DCE, or CORBA didn't already have? (XML-based wire encoding? Someone please explain that one - wire encoding is a solved problem, and no application writer need concern himself with the details anyway. Sheesh, use a library already.)
How is this different from any other network service?
Think about it. Why do you bother with a firewall at all? Since you are such a hot-shot administrator, you only have certain services running on the computers on your network, and these services are running for a reason. Unlike in the movies, a "hacker" can only do certain things from outside your network - mainly send packets in (possibly with forged data), and get responses back out. The responses can only come from services you have configured, so why bother to filter anything?
If you haven't caught my point yet: obviously your firewall is useful, because it takes away some of the burden to secure every single service on your network. Now only certain services are reachable from the outside world, and you can concentrate on making sure those are properly configured and secure.
Enter SOAP. It tunnels through HTTP - a design point intended to minimise hassle reconfiguring firewalls. Or to put it another way: SOAP was explicitly designed to circumvent the protection of a firewall, trading it for the convenience of an open network transport. Currently you say you explicitly configured a service that uses SOAP, and it therefore should pass through the firewall. But what if SOAP catches on as a way to deliver generic services, similar to raw TCP ports? What if every new install of Windows 2006 comes with "Simple SOAP Services" including echo, daytime, bgiqotd (BG's inspirational quote of the day) and so forth?
Back in 1988, everyone wrote his own inetd.conf file (or was inetd even around back then?) and knew exactly what TCP ports he was using. Now Unix boxes come with telnet, rlogin, rexec, lpd, and lots of other junk enabled by default, a lot of which is a good idea to firewall off. SOAP or XML-RPC could easily be in the same boat, say, five years from now.
Tunneling through port 80 created an unnecessary arms race between firewall vendors and web services vendors. "I can tunnel through your firewall" ... "I can intelligently block your flows" ... "I can use SSL to keep you from making decisions about my flows" ... "I can use MITM to decrypt your SSL" ... "I can use and verify certificates" ... Why? It's one thing to have an arms race with an actual adversary. In this case the two are on the same team - unless you consider "defeating your own firewall" to be an actual conflict situation.
In my case, I would consider it unfortunate, but not worth getting hung up about. In the balance, releasing software that is free for any use whatsoever, and redistributable under quite generous terms, seems to be a net gain to society no matter to what nefarious purposes it can be put.
Incompatible in letter and in spirit. Lots of people claim to "have no use for source code", but they can still benefit greatly from open source software in that its use is completely unencumbered. With free software, unlike with Windows NT Workstation, you don't have to worry about whether your web server ever gets too many (more than 10) concurrent hits. You never have to think about whether a particular use is "commercial", "non-commercial" or "educational". You don't have to wonder when your license costs will start to increase, or whether your sweet volume licensing deal with the vendor will be suddenly cut off because you somehow manage to piss them off.
The moment I say "this you may not do with my software", potential users can no longer say "open source, no worries". They now have to comb through my exact license terms to see what they can or can't use it for, and wonder whether future restrictions could affect them when they wish to upgrade. That's in my mind a much bigger deal than someone using the fruit of my brain to evil purpose.
I guess you missed the part of my post where I said "It's not like you're subjecting something to strong magnetism, or some other physical influence outside the engineering parameters." The "fake CD" is not supplying any excess wattage here. It is a passive medium - if the CD-ROM drive is being screwed up it is the CD-ROM drive itself that caused it.
According to other threads here this discussion is mostly moot anyway - apparently there was some bad reporting, and the CD-ROM drives in question do not actually sustain any permanent damage. They just refuse to eject the CD via software means (which for a Mac apparently means you have to reboot and eject via Open Firmware). That situation is more acceptible, though I still think it is bad design on the part of either the device, the software driver, the ATAPI CD-ROM protocol, or all three. (And yes, I know that would make three separate culprits here - I'm not solely blaming Apple now.) I know about the "software drive locking" commands, and I agree that they are necessary, it's just unfortunate that the software driver can get itself wedged with bad input such that it never unlocks the drive - which is what appears to have happened. Probably Apple's fault, but like I said, possibly at least partially a hardware problem.
Speaking of whom, I fondly remember the user manuals for the Apple ][+. This is back when the manual came with a schematic for the mainboard - seems odd now, doesn't it, actual technical information in a user manual, and from Apple of all people? This would have been 1983 or so, but I still distinctly remember the bit where they encouraged you to play around with your new, powerful, wonder of modern 8-bit technology. Paraphrasing: "Nothing you can do will cause permanent damage (unless you type with a hammer)."
Ever since, I have held computers to that standard. If a component is flash-upgradable, it should have fail-safe provisions where the code that actually reads the updated ROM off a floppy and writes to flash memory is not itself part of the update. (When I first heard about flash upgrades, I immediately thought, "Oooh, nasty, that violates the Apple ][+ Prime Directive!" Well, I didn't actually think "Prime Directive" but that was the sentiment.) It should always be possible to clear out the NVRAM in a computer by means of a jumper or something equally fail-safe. Monitors should refuse to run past their rated bandwidth and v/h-sync parameters. (Modern ones do refuse - older ones didn't, and you could fry them that way.) No computer component should have a "self-destruct" command. Except perhaps smart cards, for security purposes, when you enter the wrong PIN too many times. All hardware with moving parts must check input and not allow those moving parts to be damaged.
I honestly don't think any of this is too much to ask.
Sorry, but that's just lame. You can explain anything with "this isn't a perfect world". Putting a 5.25 inch round plastic thing in a CD-ROM drive might make it spin for awhile and sound funny, but when I press the Eject button it had better pop that sucker back out and act as though nothing had happened.
It's not like you're subjecting something to strong magnetism, or some other physical influence outside the engineering parameters. You aren't wearing out your motors spinning a too-heavy disc, or scratching your lens with bits of metal stuck to the CD. No, this is merely reading signals from a laser, for which there is no excuse for any kind of permanent damage to the device.
In the software business, if an application is publically accessible (say a network server) and you can crash it with random data, we call this a "denial-of-service attack" and it is classed as a security bug. Even Microsoft take these things seriously nowadays - NT4 is ridiculously easy to crash from untrusted network access, but the RPC infrastructure in NT5, from all reports, is much more robust.
I never did quite figure that out. The only feature Word has that WordPerfect does not - that I've noticed, anyway - is Clippit. And it is missing two features we consider quite essential: PDF export, and reveal codes. (OK, so PDF export can be accomplished with third-party tools like ghostscript + samba, and indeed I did precisely that to support our Word users.)
So why isn't WordPerfect the standard word processor? Why do people, when I mention WordPerfect, have this attitude of "oh, you haven't upgraded to Word yet?" Nobody would buy an HTML editor that didn't support "view raw source" - yet almost all Word users are puzzled as to why we consider this useful in WP. Guess I just don't understand this whole "leveraging monopoly power to dominate new markets" thing.
We write a lot of 200- to 300-page manuals. Writing them in Word would be insane. So in order for us even to evaluate a free word processor, it must support .wpd format. Fortunately, this is hardly a moving target: unlike Word .doc format, .wpd has remained stable for the past several years (WP 6.1 can read documents from WP 10).
If the two copies don't match, the system beeps, or turns the record red, or something. Then someone (either the second operator himself, on the spot, or somebody after the fact) can determine which (if either) is the correct copy.
This should be a lot faster in terms of man-hours than entering a whole third copy of the data.
Uh, what? "Personal identification number number" is a self-evident logical statement? Perhaps you mean redundancy, like "Based on NT Technology" or "hot water heater".
And yet, even when you run as admin, you still have access control. Admin (or more precisely the Administrators group) is not all-powerful like Unix root. File permissions, for example - if you don't have explicit permissions to read / write / delete a file, it doesn't matter who you are. Now if you are an admin, you can certainly gain access, by forcibly changing file owner to yourself and adding the "full control" permission for yourself ... but that gets really annoying, really fast, when you have to work with a deep directory tree whose owner saw fit to "lock" you out of it. Absent third-party tools, there seems to be no way to do this gracefully (i.e. without resetting all other permissions on said directory tree).
I believe the "SYSTEM" user is indeed all-powerful, or close to it. But you can't log in interactively as SYSTEM.
Back to boot viruses - I have to admit that I don't know whether or not INT13-style facilities (raw disk access) are available to the admin users.
Oh, let me amend that. The GNU Parted people would be happy to take your contributions, so long as you do the usual cede-copyright-to-FSF thing. I.e. all your bits are belong to RMS. (:
Maybe because Partition Magic is not free software and no distribution vendor is willing to pay for a bulk license? And because there is no free program out there that can resize an NTFS partition? And because NTFS itself is pretty much undocumented (unless you sign an NDA with Microsoft, which is probably how the PM people wrote their NTFS support), and a complex enough filesystem (including metadata journalling, I believe) that in several years, Anton Altaparmakov and the other Linux-NTFS hackers still do not support read-write mode?
If you know more about this stuff than I do, I'm sure the Linux NTFS crowd would be happy to take your contributions, as would the GNU Parted people.
Why is that? AFAICT, highlight menus in text mode, such as the ones used by the NT boot loader and recent versions of LILO, do a more than adequate job. But then, I never did get the point of those mouse-enabled CMOS setup screens either.
(LILO even combines a highlight menu with the ability to specify command-line parameters - very nicely designed IMHO, though the default white-on-red color scheme is, ahem, a good thing to override in lilo.conf.)
So how exactly does the boot virus end up on the boot sector? NT doesn't let just anyone write to the raw spindles - it has this neat new feature called "access control" and actually enforces it. You can't just call INT 13 and write your data whenever, wherever.
That was the funniest thing I've read in the past 24 hours. Still trying to picture exactly what Microsoft Money does in response to the "full weapons and ammo" command. Thanks.
Ironic, isn't it, that "gay" has become slang for "stupid"? The word was originally coopted by homosexuals in an attempt to battle the stereotype of being moody and depressed. Whether or not that worked, you have to admit it's kind of funny that manipulating a word's meaning to make a point eventually came full circle.
Actually that's my biggest pet peeve in the Debian installer. It shouldn't have to reboot at all - the Linux kernel provides facilities to go from zero to production with no reboot (see the docs on "pivot_root") - but it does, once. It's historical, I know (earlier releases of Linux didn't have the capability I'm talking about) and perhaps the forced reboot is supposed to be a way to make sure the system was actually installed correctly such that it is bootable ... but I still like the idea of having a Linux system which has never been rebooted. (:
Do other Linux distributions reboot during the install? I know NT reboots twice (not counting service packs and software installation), which I never did understand....
You'd think. And indeed some hardware is quite open. But other hardware mfrs are really really paranoid about letting their "intellectual property" out of the barn. They seem to think the spec sheets from their current-generation hardware will help their competitors develop stuff to compete with their next-generation hardware.
Paranoia about trade secrets is quite common, even outside the computer hardware field. Boeing gets real antsy about how we can use their nacelle structure drawings. As though any other aircraft could use that exact nacelle shape anyway! And I've got a piece of paper from MSC.Software in front of me, with a strict non-disclosure statement on it. What is it? A CAD drawing of a hard-to-mill bracket, which some guy came up with off the top of his head for use in a CAD operator showdown contest. Commercial value: exactly $0, but there's NDA boilerplate just the same.
To be honest I'm not sure - it may include FP math as well. Note, however, that 3DNow! was out quite awhile before SSE - the former debuted with (I think) the AMD K6-2.
For embedded, you want as cheap as possible while still able to do the job. The CPUs commonly used in embedded designs often don't have floating point capabilities - too much silicon, too little need. Complexity means not only unit cost but power usage and cooling requirements.
Sure, you can ship a machine with a 486DX instead of an ARM, but the optimal solution is to figure out how to use fixed point. Software-emulated floating point won't cut it either - too inefficient. In the embedded world, "inefficient" doesn't mean "oh well, just so long as the CPU is fast enough to handle it", it means "unit cost is higher than necessary since we should have been able to get away with a slower CPU".
Yeah, this used to matter a lot. I remember once seeing integer-only code for drawing a circle on an Apple II. This was in 6502 assembly language, which doesn't have floating point. Neither does 8086 assembly language [no I'm not counting the 8087 bridge instructions], which explains why Fractint was such a win.
Even when the 486DX came with an integrated x87, it pretended that the FP logic was still on a separate, optional chip - and as a result, floating point access sucked in a number of ways - specifically for context switching - the FP registers are really slow to load / unload in bulk. I guess Intel finally fixed this with new instructions in the PIII; AMD meanwhile seem to have given up on the x87, re-implementing FP math (incompatibly) with the 3DNow! instruction set.
Where did you hear that Ogg Vorbis [by which I assume you mean the reference implementation libraries] was released under the GPL/LGPL?
The sample tools are GPL - but the libraries are under a license similar to the 3-clause [ie old] BSD. This is specifically to encourage widespread adoption of the standard. Think about it: if you want to add Ogg Vorbis support to your application or embedded box, you won't be borrowing the command-line tools, just the libraries.