I suggest that you try out a really good KDE desktop (Arch's KDEMod, Sabayon, openSUSE 11, etc) and the differences should be immediately apparent to you.
Well, let me answer this by referencing two other posts. First, the sibling to mine:
openSUSE is a good KDE, then you are a lost cause:-)
And the reply to that:
Kubuntu is a poor KDE desktop compared to most of the other majors. Ubuntu is solid, but Kubuntu isn't quite up to par. OpenSUSE is certainly far superior.
Sorry, but no, it's not readily apparent, not to me, and not (apparently) to hummassa. If you want me to see the difference, you'll have to point it out.
Agian, I was modded Troll for stating I don't like Ubuntu/Kubuntu, and then people got all in a huff.
Care to point me to that post?
It's very possible that the things you didn't like really were trollish, or that you weren't able of wording them in a non-trollish way.
But you know what? Saying "it's just bad, and I'm afraid to say why" is the real troll here.
SFTP requires that SSH be running, so there is always a risk of shell access being gained through breaking scponly or whatever other jail you use.
FTP requires that some ftpd be running, and there's always the same possibility.
Virtual machines are the only way I know of providing this,
And they can be broken, too.
A vulnerability is a vulnerability is a vulnerability. How is switching from this set of potential vulnerabilities to that set of potential vulnerabilities making you any more secure?
So now you only have to trust the host. Which is a lot better than trusting anyone who sniffs you, I guess.
Encryption is still relevant, even if you only have to trust the host. And if you're doing encryption anyway, it may well be cheaper to get FTP than SFTP.
Nothing is secure because it's only a matter of time/computing power to brute force it.
Ah, but you see, when the time required is longer the heat-death of the universe, and the computer needed would have to be assembled from all of the matter in the universe, I'd call that pretty damned secure.
And the math behind that is simple: CPU time required to encrypt scales linearly. CPU time required to crack scales exponentially. A 4096-bit key is that secure.
No, it's not brute force. It's something you haven't thought of, like trusting your girlfriend with your password, or leaving your private key on a laptop that got stolen. Or you thought DRM could work, which means you gave the key to the attacker and hoped they never used it.
Or it's quantum computers (which also fall under "something you haven't thought of"), but that's because they operate in a fundamentally different way -- with a quantum computer, the time to crack scales linearly, meaning it really is only a matter of time -- to crack RSA. But people are already working on crypto schemes which would work well with quantum computers.
Again: Quantum computers don't kill RSA because they're faster. They kill RSA because they're different.
Another note, storing a file like that is like putting your savings deposit in a bank bag with a lock on it and then just putting it on the sidewalk for strangers to see. One of them, maybe by looking where they shouldn't could think they could open it and take it then you don't have what you need when you need it.
Doesn't really work -- if they wanted to try to see what's inside it, they would copy the file (you can't copy a bank bag). For them to actually delete the file would require more than that -- it would have to be a deliberate act of malice.
Given that the files would also be signed, that's the worst they can do -- delete the file.
Now, I agree that it'd be better to do this some other way. That said, suppose I gave you free FTP access to a server with, say, 10 terabytes of space on it. For some reason, it's trivially easy for me to give you this FTP access, and be reasonably sure you can't do anything other than store files on it, but I'm hopeless to give you any more secure access.
And of course, you don't really trust me, anyway.
So the question arises -- would you rather take your chances that your backups could be destroyed, but not read? Or would you rather pay for backup (implying that you trust the endpoint more than me)? Or would you rather not backup at all?
All of this is very hypothetical, as that situation does sound contrived, even to me. But the idea of having an encrypted backup isn't a bad one -- I can see myself paying for storage on something like Amazon S3 (or, hypothetically, a cheaper competitor), but I can't really see myself trusting Amazon with everything I'd want to backup (SSH keys, porn browsing habits, etc). So if I was to do something like this, I'd probably encrypt the files.
I'm one of those people who doesn't think that Adobe has to open their source. I'm one of the people who think that they should. There is a difference.
I'd agree with that. They have no obligation to do anything.
But by not doing so, they are hurting the Web. And I honestly don't see any benefit to them keeping it proprietary.
We can't blame Microsoft and Adobe any longer.
So your point is that we should blame ourselves? Fine, but I assert that there is plenty of blame to go around.
In particular, I would say that years (decades?) have been lost because of Microsoft.
Yet it's still useful, sometimes, to look at the output of that compiler -- and necessary, sometimes (in very limited situations) to write software without a compiler. Think bootloaders, tight loops in video games or microcontrollers, etc.
and I wouldn't walk the 30 kilometers to work every day.
I do walk the half mile or so, though. At least that way, I get some exercise.
I'm not saying we should all bring back the old ways, but it's useful to know what was (and is still) good about them.
I don't like doing a lot of arithmetic in my head. That said, it's still useful to know how to estimate, because then I know when I've mistyped something, or when there is something seriously wrong with the program. That is: I don't have to know exactly what 23*51 is, but I'm certain it's not under a hundred, and I'm certain it's not over a billion.
Marketing fluff, unless you explain what "rich" means, or what features you're missing elsewhere.
object oriented
Javascript is object oriented.
that just work with a wide installed user base, on a variety of platforms
I think Gmail proves that this can be done with AJAX, also.
If you're only thinking Flash Video, you're thinking too small. Think "any application in the world that does not need direct hardware access or to maximize its access to computing resources" It runs over the web, it runs locally, and it runs the same.
Google Gears.
Hell, we're even looking at Adobe Air to port one of our apps to something stand-alone. Why? Because of the embedded Webkit browser. We'll hardly have to do anything in Flash.
last I checked I believe Flash 9 has a higher installed base than any family of HTML rendering.
How about any abstraction layer? Things like jQuery will work on a fair number of browsers, too.
Reading the comments of people who actually described there system, it seems like there's problems running Flash Player with 64bit browsers in Linux, and not with 32bit browsers...
There are still things missing on a 32-bit browser, though -- for example, the ability to overlay HTML on top of the flash widget.
Is that why Microsoft is officially supporting Moonlight?
Well, for now.
I've seen too much of this from Microsoft in the past to trust that they'll never do that. And certainly, if someone else wanted to wave patents around, would Microsoft be jumping to defend Moonlight?
Quicktime and Real missed the opportunity because of their size and old policies (Real, especially).
Except that Quicktime is still on most computers, as a result of iTunes. That's a more recent development, though...
There is no way you can explain to Apple fans...
I'm not posting this as an Apple fan -- I suggested Quicktime because it's more likely to be supported everywhere than, say, WMV. But both Windows Media Player and QuickTime will play mpeg.
HTML5 guys pushing ogg format really, really doesn't make sense.
Name another patent-free format, then.
Big media is arguing whether they should keep on MPEG4 or convert to H264.
I didn't really read the rest of your paragraph, because this statement is nonsensical: H.264 is part of MPEG4, and it comes in an mp4 container.
That, and people are already doing either H.264 or VC1 for Blu-Ray and/or iPod video.
It might be easy to detect browser support, but it also means doubling the number of video files to store
Only if you do it wrong.
Both Flash and Safari's implementation of the video tag support h.264 video. At the very worst, you have to re-encapsulate it -- which is fast enough that it's likely possible to stream.
You're also ignoring the fact that YouTube, at least, have already done this to support things like the iPhone.
In my experience, embedding video such as mpeg never works as fluidly or easily as.flv flash video. This is usually because of poor software (such as totem player on linux)
Well, given TFA, I would say that Totem on Linux isn't really much worse than Flash on Linux.
So we should all replace one crappy proprietary format with another crappy proprietary format which has an OS company as it's backer?
Given that the mov format has been pretty thoroughly reverse-engineered by now, it's still very much better than Flash.
There's also mpeg...
The only non-proprietary alternative, really, is Theora and Vorbis, and these have far too small an install base -- on top of which, we actually don't know that they're non-proprietary. There's always the possibility of a submarine patent.
I'm saying that it's thriving despite Flash and Silverlight, not because of them.
It's possible to irrigate small patches of desert, and actually grow things there -- things which ordinarily wouldn't. But given the choice, wouldn't it make more sense to grow corn in Iowa, instead of in the Sahara?
Yes, Flash is doing alright -- but this is in spite of the fact that it's closed. Adobe has to realize this, somewhat -- after all, it is open for certain purposes (mostly server-side) -- but this lack of Linux support is a great example.
No 64-bit support. No non-x86 support at all, in fact. Limited to no hardware acceleration -- even for the video, which is pitifully slow, fullscreen. No iPhone support (yet).
None of these would be a problem, if it were open source. It's still possible Gnash could catch up and make it defacto open...
If youtube didn't use flash for video, what would they use instead? Animated gifs?
Or maybe embedded video, which browsers have supported for decades? Like, oh, Quicktime, or mpeg?
You could argue that Flash had a wider install base. And you'd be right -- but what about up-to-date Flash? YouTube has been requiring higher and higher versions, like just about all Flash content. At this point, I would guess that everyone who can watch YouTube also has some sort of player that supports mpeg.
We really need at least some form of video integrated into the browser, and it looks like we might have it in firefox soon
You're talking about the HTML5 video tag. Erm... Safari beat us to it. With h.264 support.
So, Safari and Firefox will support native video. It should be trivial to write a script which detects a browser not supporting the video tag, and replaces it with some embedded Flash, for backwards compatibility -- and because we know it will take a decade or so for IE to support this.
It's only a threat if you think the Internet should stay in the same configuration it was in in 1983, when a 1200 baud connection was considered fast
This isn't about the technology, not directly. There are two points to keep in mind here:
First, Flash is proprietary. Making the Internet depend on proprietary technology is destroying the one thing that makes the Internet great -- anyone can connect, from anything.
That is: The Internet thrives on open standards. Flash isn't open, and Silverlight is neither. (Yeah, I know about Moonlight -- how long till that gets hit with patents from Microsoft, though, if it starts to matter?)
Second: Flash is its own little ecosystem. HTML really is very powerful -- done right, it's possible to both style it up very richly with CSS, and yet keep the HTML itself so clean that it's machine readable -- so much so that people start to build microformats on top of it. Makes the job much easier for screenreaders, also, or for people who want to reskin the page (just load up a Greasemonkey script and add a stylesheet).
Flash supports none of these things. There is some mention of accessibility, yes, but it's nowhere near where HTML is.
HTML separates things into pages and sub-page anchors. It's possible to do this with Flash, but only by piggybacking on top of what HTML is already doing, and with a fair amount of Javascript.
That is: I can bookmark this comment, if I need to. I can link to it from another page, directly. If Slashdot was written in Flash, would I be able to?
I could go on. And on.
The only legitimate use of Flash is to add functionality which isn't yet in a browser, and to select chunks of the page -- that is, YouTube isn't entirely Flash, just the player. But that should only be a holdover until the necessary things are implemented in the browser.
Considering the level of citizen journalism that sites like YouTube and LiveLeak have enabled, all thanks to Flash...
No, thanks to embedded video, which existed long before Flash, and is finally being done in a standard way with the HTML5 video tag. YouTube never needed Flash, and still doesn't.
That will be bandwidth intensive as hell with no server side support.
Moreso than FTP itself? If so, how so?
I suggest that you try out a really good KDE desktop (Arch's KDEMod, Sabayon, openSUSE 11, etc) and the differences should be immediately apparent to you.
Well, let me answer this by referencing two other posts. First, the sibling to mine:
openSUSE is a good KDE, then you are a lost cause :-)
And the reply to that:
Kubuntu is a poor KDE desktop compared to most of the other majors. Ubuntu is solid, but Kubuntu isn't quite up to par. OpenSUSE is certainly far superior.
Sorry, but no, it's not readily apparent, not to me, and not (apparently) to hummassa. If you want me to see the difference, you'll have to point it out.
Agian, I was modded Troll for stating I don't like Ubuntu/Kubuntu, and then people got all in a huff.
Care to point me to that post?
It's very possible that the things you didn't like really were trollish, or that you weren't able of wording them in a non-trollish way.
But you know what? Saying "it's just bad, and I'm afraid to say why" is the real troll here.
I'd prefer something with a good KDE desktop.
What, exactly, don't you like about Kubuntu?
Or is that not among the packages ported? Because to bootstrap from ubuntu-minimal to kubuntu is fairly easy.
SFTP requires that SSH be running, so there is always a risk of shell access being gained through breaking scponly or whatever other jail you use.
FTP requires that some ftpd be running, and there's always the same possibility.
Virtual machines are the only way I know of providing this,
And they can be broken, too.
A vulnerability is a vulnerability is a vulnerability. How is switching from this set of potential vulnerabilities to that set of potential vulnerabilities making you any more secure?
Change your host and use SFTP.
So now you only have to trust the host. Which is a lot better than trusting anyone who sniffs you, I guess.
Encryption is still relevant, even if you only have to trust the host. And if you're doing encryption anyway, it may well be cheaper to get FTP than SFTP.
Access means they can decrypt them. Given enough cycles, encryption can be broken.
When "enough cycles" is going to take them longer than the heat-death of the universe, I don't care.
Look, I know Uplink makes it look easy. The real world doesn't work that way.
Nothing is secure because it's only a matter of time/computing power to brute force it.
Ah, but you see, when the time required is longer the heat-death of the universe, and the computer needed would have to be assembled from all of the matter in the universe, I'd call that pretty damned secure.
And the math behind that is simple: CPU time required to encrypt scales linearly. CPU time required to crack scales exponentially. A 4096-bit key is that secure.
No, it's not brute force. It's something you haven't thought of, like trusting your girlfriend with your password, or leaving your private key on a laptop that got stolen. Or you thought DRM could work, which means you gave the key to the attacker and hoped they never used it.
Or it's quantum computers (which also fall under "something you haven't thought of"), but that's because they operate in a fundamentally different way -- with a quantum computer, the time to crack scales linearly, meaning it really is only a matter of time -- to crack RSA. But people are already working on crypto schemes which would work well with quantum computers.
Again: Quantum computers don't kill RSA because they're faster. They kill RSA because they're different.
Another note, storing a file like that is like putting your savings deposit in a bank bag with a lock on it and then just putting it on the sidewalk for strangers to see. One of them, maybe by looking where they shouldn't could think they could open it and take it then you don't have what you need when you need it.
Doesn't really work -- if they wanted to try to see what's inside it, they would copy the file (you can't copy a bank bag). For them to actually delete the file would require more than that -- it would have to be a deliberate act of malice.
Given that the files would also be signed, that's the worst they can do -- delete the file.
Now, I agree that it'd be better to do this some other way. That said, suppose I gave you free FTP access to a server with, say, 10 terabytes of space on it. For some reason, it's trivially easy for me to give you this FTP access, and be reasonably sure you can't do anything other than store files on it, but I'm hopeless to give you any more secure access.
And of course, you don't really trust me, anyway.
So the question arises -- would you rather take your chances that your backups could be destroyed, but not read? Or would you rather pay for backup (implying that you trust the endpoint more than me)? Or would you rather not backup at all?
All of this is very hypothetical, as that situation does sound contrived, even to me. But the idea of having an encrypted backup isn't a bad one -- I can see myself paying for storage on something like Amazon S3 (or, hypothetically, a cheaper competitor), but I can't really see myself trusting Amazon with everything I'd want to backup (SSH keys, porn browsing habits, etc). So if I was to do something like this, I'd probably encrypt the files.
SSH attempts to secure the untrusted lines or roads the information is taking when the two endpoint are secure. It doesn't secure the endpoint.
Except in this case, the endpoint is the user, not the FTP site.
Of course encrypting the file before hand is an option but then you lose the ability to browse the files without a special viewer
Sounds like he's asking for just such a viewer.
Then paste into somewhere with your own font.
Or better, hack up the stylesheet and apply it with Greasemonkey.
I think the internet is thriving.
That's twice in a row. Did I ever say it wasn't?
I'm one of those people who doesn't think that Adobe has to open their source. I'm one of the people who think that they should. There is a difference.
I'd agree with that. They have no obligation to do anything.
But by not doing so, they are hurting the Web. And I honestly don't see any benefit to them keeping it proprietary.
We can't blame Microsoft and Adobe any longer.
So your point is that we should blame ourselves? Fine, but I assert that there is plenty of blame to go around.
In particular, I would say that years (decades?) have been lost because of Microsoft.
I wouldn't plant a farm using a mule,
Mules don't pollute.
I wouldn't write software without a compiler,
Yet it's still useful, sometimes, to look at the output of that compiler -- and necessary, sometimes (in very limited situations) to write software without a compiler. Think bootloaders, tight loops in video games or microcontrollers, etc.
and I wouldn't walk the 30 kilometers to work every day.
I do walk the half mile or so, though. At least that way, I get some exercise.
I'm not saying we should all bring back the old ways, but it's useful to know what was (and is still) good about them.
I don't like doing a lot of arithmetic in my head. That said, it's still useful to know how to estimate, because then I know when I've mistyped something, or when there is something seriously wrong with the program. That is: I don't have to know exactly what 23*51 is, but I'm certain it's not under a hundred, and I'm certain it's not over a billion.
create rich, full featured
Marketing fluff, unless you explain what "rich" means, or what features you're missing elsewhere.
object oriented
Javascript is object oriented.
that just work with a wide installed user base, on a variety of platforms
I think Gmail proves that this can be done with AJAX, also.
If you're only thinking Flash Video, you're thinking too small. Think "any application in the world that does not need direct hardware access or to maximize its access to computing resources" It runs over the web, it runs locally, and it runs the same.
Google Gears.
Hell, we're even looking at Adobe Air to port one of our apps to something stand-alone. Why? Because of the embedded Webkit browser. We'll hardly have to do anything in Flash.
last I checked I believe Flash 9 has a higher installed base than any family of HTML rendering.
How about any abstraction layer? Things like jQuery will work on a fair number of browsers, too.
Reading the comments of people who actually described there system, it seems like there's problems running Flash Player with 64bit browsers in Linux, and not with 32bit browsers...
There are still things missing on a 32-bit browser, though -- for example, the ability to overlay HTML on top of the flash widget.
Is that why Microsoft is officially supporting Moonlight?
Well, for now.
I've seen too much of this from Microsoft in the past to trust that they'll never do that. And certainly, if someone else wanted to wave patents around, would Microsoft be jumping to defend Moonlight?
I haven't seen anything that's a tenth as controllable as Flash for client-side interface.
Have you seen the HTML5 video tag?
And YouTube is not static. They could switch now, if they wanted.
Quicktime and Real missed the opportunity because of their size and old policies (Real, especially).
Except that Quicktime is still on most computers, as a result of iTunes. That's a more recent development, though...
There is no way you can explain to Apple fans...
I'm not posting this as an Apple fan -- I suggested Quicktime because it's more likely to be supported everywhere than, say, WMV. But both Windows Media Player and QuickTime will play mpeg.
HTML5 guys pushing ogg format really, really doesn't make sense.
Name another patent-free format, then.
Big media is arguing whether they should keep on MPEG4 or convert to H264.
I didn't really read the rest of your paragraph, because this statement is nonsensical: H.264 is part of MPEG4, and it comes in an mp4 container.
That, and people are already doing either H.264 or VC1 for Blu-Ray and/or iPod video.
It might be easy to detect browser support, but it also means doubling the number of video files to store
Only if you do it wrong.
Both Flash and Safari's implementation of the video tag support h.264 video. At the very worst, you have to re-encapsulate it -- which is fast enough that it's likely possible to stream.
You're also ignoring the fact that YouTube, at least, have already done this to support things like the iPhone.
Be angry at the standard's bodies. Heck, its only been in recent years that they've even added asynchronous page updates (AJAX).
Actually, those always existed, they were just harder. But a hidden iframe is all it took...
In my experience, embedding video such as mpeg never works as fluidly or easily as .flv flash video. This is usually because of poor software (such as totem player on linux)
Well, given TFA, I would say that Totem on Linux isn't really much worse than Flash on Linux.
So we should all replace one crappy proprietary format with another crappy proprietary format which has an OS company as it's backer?
Given that the mov format has been pretty thoroughly reverse-engineered by now, it's still very much better than Flash.
There's also mpeg...
The only non-proprietary alternative, really, is Theora and Vorbis, and these have far too small an install base -- on top of which, we actually don't know that they're non-proprietary. There's always the possibility of a submarine patent.
I'm saying that it's thriving despite Flash and Silverlight, not because of them.
It's possible to irrigate small patches of desert, and actually grow things there -- things which ordinarily wouldn't. But given the choice, wouldn't it make more sense to grow corn in Iowa, instead of in the Sahara?
Yes, Flash is doing alright -- but this is in spite of the fact that it's closed. Adobe has to realize this, somewhat -- after all, it is open for certain purposes (mostly server-side) -- but this lack of Linux support is a great example.
No 64-bit support. No non-x86 support at all, in fact. Limited to no hardware acceleration -- even for the video, which is pitifully slow, fullscreen. No iPhone support (yet).
None of these would be a problem, if it were open source. It's still possible Gnash could catch up and make it defacto open...
Must have been awhile since I checked.
I'm on 64-bit Ubuntu.
Saw the headline, and my first thought is, "They're hiring people to play every NPC? Awesome!"
If youtube didn't use flash for video, what would they use instead? Animated gifs?
Or maybe embedded video, which browsers have supported for decades? Like, oh, Quicktime, or mpeg?
You could argue that Flash had a wider install base. And you'd be right -- but what about up-to-date Flash? YouTube has been requiring higher and higher versions, like just about all Flash content. At this point, I would guess that everyone who can watch YouTube also has some sort of player that supports mpeg.
We really need at least some form of video integrated into the browser, and it looks like we might have it in firefox soon
You're talking about the HTML5 video tag. Erm... Safari beat us to it. With h.264 support.
So, Safari and Firefox will support native video. It should be trivial to write a script which detects a browser not supporting the video tag, and replaces it with some embedded Flash, for backwards compatibility -- and because we know it will take a decade or so for IE to support this.
It's only a threat if you think the Internet should stay in the same configuration it was in in 1983, when a 1200 baud connection was considered fast
This isn't about the technology, not directly. There are two points to keep in mind here:
First, Flash is proprietary. Making the Internet depend on proprietary technology is destroying the one thing that makes the Internet great -- anyone can connect, from anything.
That is: The Internet thrives on open standards. Flash isn't open, and Silverlight is neither. (Yeah, I know about Moonlight -- how long till that gets hit with patents from Microsoft, though, if it starts to matter?)
Second: Flash is its own little ecosystem. HTML really is very powerful -- done right, it's possible to both style it up very richly with CSS, and yet keep the HTML itself so clean that it's machine readable -- so much so that people start to build microformats on top of it. Makes the job much easier for screenreaders, also, or for people who want to reskin the page (just load up a Greasemonkey script and add a stylesheet).
Flash supports none of these things. There is some mention of accessibility, yes, but it's nowhere near where HTML is.
HTML separates things into pages and sub-page anchors. It's possible to do this with Flash, but only by piggybacking on top of what HTML is already doing, and with a fair amount of Javascript.
That is: I can bookmark this comment, if I need to. I can link to it from another page, directly. If Slashdot was written in Flash, would I be able to?
I could go on. And on.
The only legitimate use of Flash is to add functionality which isn't yet in a browser, and to select chunks of the page -- that is, YouTube isn't entirely Flash, just the player. But that should only be a holdover until the necessary things are implemented in the browser.
Considering the level of citizen journalism that sites like YouTube and LiveLeak have enabled, all thanks to Flash...
No, thanks to embedded video, which existed long before Flash, and is finally being done in a standard way with the HTML5 video tag. YouTube never needed Flash, and still doesn't.