I would have thought Debian could avoid these problems. Hmmm... if some of the smartest Linux developers can't package KDE with any degree of sanity, I think that could possibly indicate that KDE's design is fundamentally broken, in that it's quite impossible to break it down into independent modules.
In Debian, there is kdebase. It only installs the essentials for KDE. I think it's reasonable to assume that if someone asks for kde, they'd want most of the stuff kde.org offers.
Actually, since I started using Debian again, I've been fairly impressed by the work that goes into just pulling in what you actually need.
If I pick up a 20-year-old book that has a.su address in it (not likely, I grant you, but work with me here), there should be no reason that it cannot still work, if the domain owner cares to keep it alive.
All good and well (and I use it at work to perform tasks as the Oracle user, especially those that have X clients), but it doesn't solve the problem that you still have to give root access to certain programs to perform certain functions. There are set[ug]id-specific attacks this can mitigate, but quite frankly, you're not gaining much if your target program is insecurely written.
I like not having programs I use be dependant on some bizarre unknown little library or program that Red Hat or Mandrake saw fit to link to something important.
Those dependencies are still there, actually. One of the most annoying things about compiling from source is that configure scripts have this tendency to pick up pieces of your system you may have because you were testing out this or that or the other thing and decide they can depend on their existence.
Then, you try to remove that program you never use (maybe it's even got a security hole), and instead of the package manager telling you you're broken, you just find out next time you try to run the program that depends on it...
Now, this could be mitigated very well by a very tight set of configure patches and arguments, but finding those out is very difficult and error-prone.
(Requiring Sendmail to run a simple cron daemon? Requiring the installation of Vi?)
Sendmail I can understand, although it really should be a dependency on a MDA of any kind. cron mails non-empty results to the user. If we're still talking about cron, vi would fill an "editor" class, which is needed for crontab -e.
But you're not actually breaking the message itself, are you? You're guessing what the message contains based on external observation and a set of rules you're assuming I'll follow. I could just as easily say "ya", meaning the same thing, and you'd think I said "no". Hell, I'd probably just say "y" or "n" to save my OTP bits for future messages. Let's also not forget that essentially all crypto systems use padding anyway, and I would when using OTP.
Anyway, you're not breaking the message itself. You're applying intelligence to the circumstances surrounding it. To say you have broken the message is laughable at best.
Or, he could have understood, and may be alluding to the fact that most users today don't understand the impact of running a server (on themselves, other users, etc.) like they can understand the impact of a client, as it's all readily visible.
Either way, I grant Cerf's statement is a bit unclear.
It seems to me that privacy bugs often get short shrift in Bugzilla. I believe we're still waiting to get inline loads blocked within mail messages (i.e. for web bugs).
This really bothered me when I first heard about it. Because before, someone has a TV signal that was NTSC plus "differences" that made up the HDTV (read about it in Pop Sci I believe). I suspect the FCC was under pressure from TV mfrs to mandate a standard that's going to require that everyone either replace their TV or buy an expensive converter box.
It almost seems like there's an attitude that "old is bad and must be thrown away" amongst technology folk these days. Actually, more likely it's an attitude of "supporting old doesn't help us sell new" and the mfrs of the "new" therefore have incentive to pressure the old to be forcibly killed off.
You could make that argument for any type of physical property rental; but you are still actively working to regulate access to the physical property, of which only one may be rented to one person at a time, and maintain that physical property, as it will wear and tear. That costs you time and money.
By contrast, a copyable work doesn't cost the effort or time of the creator when it is copied (unless the creator is making a copy for sale), nor does the work itself require any kind of maintenance that costs the creator.
Yes, gravity-fed do usually suck. However, the one I bought real cheap ("broken") was fixed with a cheap separator pad. Shortly after I bought the pad, HP offered me one for free. Shortly after that I got notice of a class action lawsuit against HP regarding the problem the original owner had experienced.:-) That was an 1100.
No need for Keith Packard to distribute them? Or no need for Microsoft to pull them?
The move on Microsoft's part was good strategy -- they've effectively broken all those font installers that previously used www.microsoft.com as their download site. Of course, it won't be long before they're updated, but they've made installers released before that date break.
Keith Packard's distribution of them is also a good thing. The EULA permits it, so why not mirror it all over the place?
I guess I don't understand what you're getting at.
I agree providing an incentive for creation is good, but I also believe that providing "maximum incentive" constitutes a tremendous disservice to the public.
Instead, I would expect that the benefits to the author of a copyrighted work would be much more in-line with work in a traditional industry. I think it's crazy that people still get paid for work they did decades ago. The rest of us have to keep producing value in order to get paid. Copyright holders should too.
To be strictly pedantic... you could smother a candle's flame with a thousand other candles' wicks, all at once. Actually, I've done it with far fewer than a thousand. I enjoy playing with fire.:-)
So, umm, where are the PHP facilities to abstract this out? Or are you rolling your own abstraction every time? I looked hard for the abstraction facilities and couldn't find any, but I could just be missing it.
I recently developed some personal stuff in PHP and MySQL (a PHP/MySQL host is much cheaper and usually has many more features than a decent Zope host, which is what I really wanted.) It amazes me how short-sighted just about everything in both PHP and MySQL is. Maybe working with Zope and having worked with PostgreSQL has me spoiled.
While you certainly have a point, I would have to (sadly) say that as long as people can sue (and win?!) for their supposed "right" to be in a private establishment, you're probably going to need laws, because sooner or later a the establishment's owner is going to throw one of the pricks out, and he's gonna sue the crap out of the owner unless the owner has a law to back him up.
The answer, I think, is there is no matter what flavor of Linux they put on the machine, the number of people who actually want that flavor is not going to be significant enough to make it worthwhile.
You may say that x percentage of PCs run Linux, but remember that x is divided up amongst all the myriad flavors Linux comes in. I know if I had Red Hat on a new laptop, I'd reformat it and put Gentoo on it. FreeDOS is a much simpler option.
Of course, there is also the support angle. Linux support is not cheap, partially due to the large number of flavors that all do things differently. "Techs" that can parrot "ummm reinstall, reboot your computer, and try again" for Windows problems are a dime a dozen.
Slashdot Mirror
In Debian, there is kdebase. It only installs the essentials for KDE. I think it's reasonable to assume that if someone asks for kde, they'd want most of the stuff kde.org offers.
Actually, since I started using Debian again, I've been fairly impressed by the work that goes into just pulling in what you actually need.
So what?
If I pick up a 20-year-old book that has a .su address in it (not likely, I grant you, but work with me here), there should be no reason that it cannot still work, if the domain owner cares to keep it alive.
In the interests of pedantry, it's actually ports below 1024.
All good and well (and I use it at work to perform tasks as the Oracle user, especially those that have X clients), but it doesn't solve the problem that you still have to give root access to certain programs to perform certain functions. There are set[ug]id-specific attacks this can mitigate, but quite frankly, you're not gaining much if your target program is insecurely written.
Those dependencies are still there, actually. One of the most annoying things about compiling from source is that configure scripts have this tendency to pick up pieces of your system you may have because you were testing out this or that or the other thing and decide they can depend on their existence.
Then, you try to remove that program you never use (maybe it's even got a security hole), and instead of the package manager telling you you're broken, you just find out next time you try to run the program that depends on it...
Now, this could be mitigated very well by a very tight set of configure patches and arguments, but finding those out is very difficult and error-prone.
Sendmail I can understand, although it really should be a dependency on a MDA of any kind. cron mails non-empty results to the user. If we're still talking about cron, vi would fill an "editor" class, which is needed for crontab -e.
Yeah, the Dems really kicking Disney's ass over in Congress right now, aren't they?
You wink, but it's true. That's why I left Gentoo. I got sick of the constant compiling, even on my 1GHz P3.
Now I follow Debian sid and I do just fine.
But you're not actually breaking the message itself, are you? You're guessing what the message contains based on external observation and a set of rules you're assuming I'll follow. I could just as easily say "ya", meaning the same thing, and you'd think I said "no". Hell, I'd probably just say "y" or "n" to save my OTP bits for future messages. Let's also not forget that essentially all crypto systems use padding anyway, and I would when using OTP.
Anyway, you're not breaking the message itself. You're applying intelligence to the circumstances surrounding it. To say you have broken the message is laughable at best.
Or, he could have understood, and may be alluding to the fact that most users today don't understand the impact of running a server (on themselves, other users, etc.) like they can understand the impact of a client, as it's all readily visible.
Either way, I grant Cerf's statement is a bit unclear.
Yeah, be careful, or Congress'll be naming the next copyright term extension act after you.
C-A-D only works if you have turned off "friendly logins" (IIRC), which is on by default in Home.
It seems to me that privacy bugs often get short shrift in Bugzilla. I believe we're still waiting to get inline loads blocked within mail messages (i.e. for web bugs).
This really bothered me when I first heard about it. Because before, someone has a TV signal that was NTSC plus "differences" that made up the HDTV (read about it in Pop Sci I believe). I suspect the FCC was under pressure from TV mfrs to mandate a standard that's going to require that everyone either replace their TV or buy an expensive converter box.
It almost seems like there's an attitude that "old is bad and must be thrown away" amongst technology folk these days. Actually, more likely it's an attitude of "supporting old doesn't help us sell new" and the mfrs of the "new" therefore have incentive to pressure the old to be forcibly killed off.
Not unless a judge makes them. The database of codecs lives at Microsoft.
Heh, like QuickTime has caught up to be able to play version 2.0 AVIs correctly?
You could make that argument for any type of physical property rental; but you are still actively working to regulate access to the physical property, of which only one may be rented to one person at a time, and maintain that physical property, as it will wear and tear. That costs you time and money.
By contrast, a copyable work doesn't cost the effort or time of the creator when it is copied (unless the creator is making a copy for sale), nor does the work itself require any kind of maintenance that costs the creator.
Yes, gravity-fed do usually suck. However, the one I bought real cheap ("broken") was fixed with a cheap separator pad. Shortly after I bought the pad, HP offered me one for free. Shortly after that I got notice of a class action lawsuit against HP regarding the problem the original owner had experienced. :-) That was an 1100.
No need for Keith Packard to distribute them? Or no need for Microsoft to pull them?
The move on Microsoft's part was good strategy -- they've effectively broken all those font installers that previously used www.microsoft.com as their download site. Of course, it won't be long before they're updated, but they've made installers released before that date break.
Keith Packard's distribution of them is also a good thing. The EULA permits it, so why not mirror it all over the place?
I guess I don't understand what you're getting at.
Hmm, the fontconfig page has the withdrawn Microsoft web fonts.
I agree providing an incentive for creation is good, but I also believe that providing "maximum incentive" constitutes a tremendous disservice to the public.
Instead, I would expect that the benefits to the author of a copyrighted work would be much more in-line with work in a traditional industry. I think it's crazy that people still get paid for work they did decades ago. The rest of us have to keep producing value in order to get paid. Copyright holders should too.
I think the whole idea of tying copyright to an authors' life is quite silly indeed.
I see absolutely nothing wrong with a fixed time period, i.e. 10 years. If you croak on day three, you can will your copyrights to whomever you wish.
To be strictly pedantic... you could smother a candle's flame with a thousand other candles' wicks, all at once. Actually, I've done it with far fewer than a thousand. I enjoy playing with fire. :-)
So, umm, where are the PHP facilities to abstract this out? Or are you rolling your own abstraction every time? I looked hard for the abstraction facilities and couldn't find any, but I could just be missing it.
I recently developed some personal stuff in PHP and MySQL (a PHP/MySQL host is much cheaper and usually has many more features than a decent Zope host, which is what I really wanted.) It amazes me how short-sighted just about everything in both PHP and MySQL is. Maybe working with Zope and having worked with PostgreSQL has me spoiled.
While you certainly have a point, I would have to (sadly) say that as long as people can sue (and win?!) for their supposed "right" to be in a private establishment, you're probably going to need laws, because sooner or later a the establishment's owner is going to throw one of the pricks out, and he's gonna sue the crap out of the owner unless the owner has a law to back him up.
It's really quite a pathetic situation, isn't it?
I didn't see a walking Christmas tree in the cut scenes. Which edition do you have?
So, why FreeDOS? Why not some form of Linux?
The answer, I think, is there is no matter what flavor of Linux they put on the machine, the number of people who actually want that flavor is not going to be significant enough to make it worthwhile.
You may say that x percentage of PCs run Linux, but remember that x is divided up amongst all the myriad flavors Linux comes in. I know if I had Red Hat on a new laptop, I'd reformat it and put Gentoo on it. FreeDOS is a much simpler option.
Of course, there is also the support angle. Linux support is not cheap, partially due to the large number of flavors that all do things differently. "Techs" that can parrot "ummm reinstall, reboot your computer, and try again" for Windows problems are a dime a dozen.