There's a difficult balance here though. A game would be no fun if it was so hard to get rich in the game that it would take a single person years to get the good stuff. That would only be fun for the true fanatic. The game would go out of business. But a game would need to be that had to prevent farming.
If you make it easy enough that it only takes a few months to get the good stuff, well, then it is cheap enough to hire people to farm the good stuff and sell it on ebay, but still difficult enough that there would be a demand to buy the high level stuff on ebay. At the same time the challenge level in the game would be enough to keep many players playing.
If you make it so easy to get the good stuff that there would be no demand for it on ebay then there would be no farming, but the game would be so easy that nobody would want to play. Again the game would go out of business.
Anyway, finding the economic sweet spot where there is no demand for buying high level stuff with real-world cash might not be possible. The only option left is to try to artificially regulate the economy.
Imposing some sort of regulation on the market isn't unrealistic or 'OOC' anyway. In the real world truly free markets don't work either. That's why we have real world economic regulation, unions, etc.
I was thinking the same thing. It should be like a credit card, where you aren't liable for more than $50 or so of fraudulant charges if you card is stolen.
But my cell phone is about 5 years old now, so I don't have to worry about these things.
You're right. All the most well rounded, healthy, happy children I know are not allowed any toys except blocks of wood and books, and are never allowed to leave their parents sight. Sure, even in high school they won't be able to take a crap without their mother wiping their ass, but they'll enter college as a junior. Parenting success! Well, until they die of alcohol poisoning at their first college party away from mother.
Relax. Just because a toy has fancy gizmos you didn't have when you were a kid doesn't mean it will turn good parents into bad. And taking toys away from kids with bad parents won't make the bad parents good.
Generally the fun part of software development is doing the higher level design. After that it is satisfying to see your project come together, no matter what language you use.
Also, C# really is a pretty good language. It is just Java with a few extra things that make life easier (using(..) for example). And there is nothing visual studio doesn't allow you to do. You can edit every single line of code if you really want to (you don't though. That boiler plate code isn't the fun part anyway).
Like anything, there's a learning curve to new tools and languages. It sounds like you didn't even bother climbing up the curve to try them out (that's why you feel like you don't have control. You didn't learn to control it.) before you jumped ship. You won't like any tools/languages you haven't learned yet. Do you plan on spending the rest of your life using the one set of tools/languages you currently know?
Right. 99% of the content being downloaded consists of 40 year old mickey mouse cartoons and m*a*s*h re-runs. I bet every slashdotter is scouring the interweb for a good rip of Citizen Kane right now.
No. The people with contempt for paying for the _latest_ content (whatever you last saw on TRL) are directly responsible for the publishing industry protecting what is legally theirs.
Nice job parroting "Slashdot Juvinile Rationalization #4 for Why I'm Thieving Scum (+5 guaranteed)" though. I leave it as an exercise to the reader to find rationalizations 1,2,3,5,6,7,8,9,10... in other +5 slashdot comments.
There are a few independent coffee shops around here (Boulder, CO) with free wifi, with no ads or restrictions. Reading some other alarmist slashdot articles it looks like the phone companies may make that illegal soon. I hope it lasts. Otherwise I'll have to go through a starbucks drive thru and park in the phone companies parking lot and use their "free" wireless.
I don't really care if it is patented or not, but I do have to work on some projects in VB. They day I don't have to write
"if not foo is nothing then"
will be a good day.
That's an astoundingly good bit of logic there. So all logic on slashdot is astoundingly good. I wish I could bump it up to "+6, kneel before my powerful logic."
When people are thrilled that they can click and drag something, and the app is slightly more responsive than a pot head at 6 in the morning. I remember way back in the old days before the web was big everything utilized the full power of my processor. Things were clickable, dragable, etc. Hell, we even had text boxes bigger than 400x300. You could resize them, and they would even check your spelling for you. You could save them and work on them later. I think they were called "word processors". Ah, those were the days.
Type in the url for any site where security is a concern rather than clicking a link on an untrusted web page. They are usually short and easy to type. paypal.com, ebay.com, amazon.com, mybank.com.
If there is a bunch of state information in the url copy/paste the url into your address bar, hit "type-over" mode, and re-type the host name and you should be ok.
You wouldn't think it would happen, but it does from time to time. One truth in software development is "If a user can do it they will eventually do it." One case where it can easily happen is a samba mount of a unix drive on a windows box. A windows user wouldn't know rm is the delete command on Unix, wouldn't know paramter expansion is broken on Unix, and on windows there is no problem prefixing a file name with "-".
But the point is that the most dangerous command on a unix system behaves differently depending on the names of the files in the directory. Now if you were writing a new piece of software, and you told your customer it works fine as long as no user ever names a file starting with a dash, and it will destroy your system if there is a file name "-rf", I think they whould show you the door.
This is true of every unix command. This is because they way paramter expansion is done on unix is fundamentally broken. The shell expands the parameters _before_ passing them to the program being called. There is _no_ way for the program to know what the parameters actally are. This means there is _no_ way for the author of rm or any other unix command to fix the problem (the authors of the basic gnu commands are aware if this hole. They are smart people. It just can't be fixed)
The correct way to do parameter expansion is to pass the command line unaltered to the program, and provide a comman api that every program can use to parse the command line. This would allow commands like rm to verify the command line and know when someone is using the -rm option, and when they are trying to delete a file named -rm.
"Your psycho with a gun is not an appropriate metaphor. You can only nerf yourself, not others."
The psycho is the virus writer. Try and keep up. Anyway, you can change the metaphore to russian roulet if you want to use it your way.
"Linux has had file permissions since day 1. Windows did not have it until NT."
The relative insecurity of old windows systems doesn't make linux more secure. In fact the security of any system, windows or otherwise, doesn't make linux any more secure.
"I dont know why you started talking about usability, thats not what we're talking about."
Security and useability go hand in hand. The failure of the linux community to recognize this contributes to the security flaws in linux.
""Linux users are not as likely to do something stupid". That has no bering on the security of the acutal operating system."
A secure system prevents a user from doing something stupid. Again, an examaple of the linux community not understanding the full scope of security problems. Human factors are just as, if not more important than, technical security factors. "Users are never stupid. Software is." Understanding and believing that quote is the first step toward a secure system.
"Your argument that idiots who will run anything means that a OS is not secure is not valid. Anyone who -wants- to nerf their own system is perfectly able to do so without assistance."
A secure system makes it hard to nurf your system. An insecure system makes it easy. Nurfing your own files is just as bad for you as someone else nurfing your files. That means, from a security standpoint, both situations must be addressed. The fact that nearly every expert unix admin with any amount of time under the belt has destroyed things they didn't mean to is testament to the lack of security in this area.
Most of Linux's security problems aren't in the kernel.
There are major security problems with linux, windows, and most other OSes. If windows developers are willing to admit that, and linux developers aren't, the linux community is in trouble.
"I could debate with you about this further, but its obvious that you dont understand, and I dont feel like being a teacher."
Funny, I was just thinking the same thing about you.
The point about the ports is that most malware makes outgoing connections. It doesn't listen for inbound counnections. And if it does the malware author is smart enough to make it listen on a port above 1024, or whatever the cutoff is.
Re 1:
Thinking that because a user can delete all their own files, but no others, by accident is good security is sort of like letting an armed psycho free in public and saying people are secure because the psycho only has one bullet, so he can't kill everyone anyway. Sure, it is safer than a psycho with a BFG and a banana clip (or 'root', as he is called in UNIX speak), but it still isn't safe.
Anyway, Linux is being used more and more as a single user desktop system.
Also, a well written system is explicitly designed to prevent idiots from nerfing their own files. That's why windows stole the trash can idea from apple. "rm -rf" is second only to spelling create 'creat' as the stupidest software error that's ever made it into an OS.
Note that "rm -rf", coupled with the half assed way UNIX shells do command line expansion (perhaps the 3rd stupidest....) before passing arguments to applications leads to this gem:
mkdir ~/test
cd ~/test
make a file name -rf. An easy way: vi[enter]:w -rf[enter]:q[enter]
mkdir -p important/reallyimportant
touch unimportant
touch unimportant2
At this point you have a dir with a file name -rm, two files named unimpor*, and a directory named important. Say you want to quickly delete the unimport* files, and you don't notice the -rf file, because there are 100 unimportant files in the dir.
rm *
ls
output is: -rf
I leave it as an exercise to the reader to delete the file named -rf.
The point is UNIX does _not_ have well written file handling tools. It not only makes it easy for novice users to destroy hours of work in a flash, it also makes it easy to trick an experienced user into destroying hours of work in a flash.
re2:
Again restricting the psycho to one bullet isn't security, it is just better than giving him all the bullets he wants.
re3:
Linux applications do tend to be more secure. Not because the OS is more secure, but because Linux users tend to be more computer literate, aren't targets of virus writers, and aren't targets of commercial software writers. Open source authors tend to be more concerned with security. If Linux had a user base like Windows lots of insecure commercial software would target it, and lots of uneducated users would use it, and virus writers would target it.
NTFS has more granular security than the commonly used Linux file systems. I'm no windows expert, so I can't go into detail, but looking at the "Security" tab on a file on my system I can modify at least five different permissions on a file, and I can assign permissions to specific users or groups of users. Linux file systems like reiserfs are working on stuff like this, but there still isn't much application level support.
I say nobody uses Linux because at least 90% of machines run windows.
The reason that makes it safer is that malware writers don't target systems that almost nobody uses. It makes it safer because the people who do use it know how to not get viruses and such.
If Linux where installed on 90% of the systems out there, and run by the same computer illiterate people who run windows today, I could write a shell script to create a file named "-rf" in every directory and call it "Free Boobies Here!". Every person who runs windows viruses today would run that script, and it would do just as much damage.
The Linux community has its security head in the sand. Linux isn't secure. It is just that it is only run by a few computer literate people who know how to keep their insecure systems safe.
I suppose I should prefix this by saying I love Linux, and I've been running it for nearly 10 years. But the Linux community has its head buried in the sand when it comes to security. The only reason Linux doesn't have thousands of viruses written for it is because nobody runs it. Same with macs. Windows XP has a better security infrastructure than any UNIX knock off. Let's knock down the standard UNIX security myths now.
1) Running as user rather than root keeps my important files safe, and prevents bad things like rm -rf from destroying everything.
False. Your most important files are the files you can read/write as a user. The root owned files are all just the files you copied off your Redhat (or whatever distro) cd onto your hard drive. You can just reinstall Redhat (or whatever) in 30 minutes. Running as non-root only prevents you from deleting the files that don't matter.
2) Running as user rather than root protects me from viruses/worms/spyware, etc.
False again. Executables execute just fine when they are owned by a user rather than root. Sure, they can't delete your root owned files, but see #1 above.
3) Linux won't automatically run code off the web like ActiveX, etc.
Only true because Linux doesn't have ActiveX. There is nothing in Linux that prevents insecure frameworks like ActiveX from being written/used. Linux has the security weaknesses required (just as Windows does) for ActiveX, it just doesn't have ActiveX.
4) Linux doesn't allow users to open privileged ports.
I never understood this one. Users can still open all the other ports.
Windows NTFS also has a much more mature security infrastructure than the Linux file systems in real world use.
Linux has a primitive "all or nothing" style security infrastructure.
The only reason Linux is a safer system to run today is because nobody uses it, so 1 - Linux isn't a target and 2 - no commercial software is written for it. The few Linux users that are out there are computer hobbyists with enough experience to know not to run arbitrary, unknown code. Computer literate Windows users also have no problems with viruses/etc because they know not to run arbitrary untrusted code.
The article is basically some guy who has a hard time reading code and blamesItOn trivial_things like
whiteSpace usage and camelCase vs_underscores_.
If you're having a hard time understanding code it has nothing to do with little nit picky things like white space and underscores (unless the code has been deliberately obfuscated). It is because:
You don't have enough experience reading/writing code. You have to read (more so than write) a tremendous amount of code to get good at reading code.
You don't understand the problem the code is solving.
The code is very badly designed at a higher level than things like white space and underscores.
A lot of people get frustrated when they don't understand code right away, and rather than trying to grok why they don't understand it (because 2/3rds of the time it is the reader's fault, not the coders), they just bitch about white space and brace placement. That is never the problem.
I think the firewall is there to prevent all that mal|spy|ad-ware stuff from listening on a port without the user knowing about it. That way when your machine gets owned the new owner can't connect to it and tell it to DOS amazon. At least until the new version of the mal|spy|ad-ware comes out that quietly drops the firewall.
Preventing the user from opening privileged ports isn't really a solution to anything. You can write malware that listens to port 6666 just as easily as you can write software that listens to port 666. Restricting certain ports to the root user is really just there so that, on a multi-user system, the admin controls which is the "official" web server and ftp server and such.
I think it should cache the changes and tell you about it. The next time you plug the drive/floppy back in it should notify you there are files that need to be written to that device.
Actually, if an extention is causing the crash it is still the main app's fault. If you write an app that allows third party plugins it is important to architect the plugin system in a way that isolates the main app from the plugins. Like if a user land app causes your linux kernel to panic, it is the kernel's fault. Of course this is easier said than done, so in the real world the easiest short term fix is to fix the extention.
Slashdot Mirror
Yeah. What are we paying these opensource developers for anyway? Oh, wait...
If you make it easy enough that it only takes a few months to get the good stuff, well, then it is cheap enough to hire people to farm the good stuff and sell it on ebay, but still difficult enough that there would be a demand to buy the high level stuff on ebay. At the same time the challenge level in the game would be enough to keep many players playing.
If you make it so easy to get the good stuff that there would be no demand for it on ebay then there would be no farming, but the game would be so easy that nobody would want to play. Again the game would go out of business.
Anyway, finding the economic sweet spot where there is no demand for buying high level stuff with real-world cash might not be possible. The only option left is to try to artificially regulate the economy.
Imposing some sort of regulation on the market isn't unrealistic or 'OOC' anyway. In the real world truly free markets don't work either. That's why we have real world economic regulation, unions, etc.
But my cell phone is about 5 years old now, so I don't have to worry about these things.
Relax. Just because a toy has fancy gizmos you didn't have when you were a kid doesn't mean it will turn good parents into bad. And taking toys away from kids with bad parents won't make the bad parents good.
You can't counter one fallacy with another. Sillyness will ensue.
Also, C# really is a pretty good language. It is just Java with a few extra things that make life easier (using(..) for example). And there is nothing visual studio doesn't allow you to do. You can edit every single line of code if you really want to (you don't though. That boiler plate code isn't the fun part anyway).
Like anything, there's a learning curve to new tools and languages. It sounds like you didn't even bother climbing up the curve to try them out (that's why you feel like you don't have control. You didn't learn to control it.) before you jumped ship. You won't like any tools/languages you haven't learned yet. Do you plan on spending the rest of your life using the one set of tools/languages you currently know?
Yeah. I think he was being ironic.
No. The people with contempt for paying for the _latest_ content (whatever you last saw on TRL) are directly responsible for the publishing industry protecting what is legally theirs.
Nice job parroting "Slashdot Juvinile Rationalization #4 for Why I'm Thieving Scum (+5 guaranteed)" though. I leave it as an exercise to the reader to find rationalizations 1,2,3,5,6,7,8,9,10... in other +5 slashdot comments.
There are a few independent coffee shops around here (Boulder, CO) with free wifi, with no ads or restrictions. Reading some other alarmist slashdot articles it looks like the phone companies may make that illegal soon. I hope it lasts. Otherwise I'll have to go through a starbucks drive thru and park in the phone companies parking lot and use their "free" wireless.
I don't really care if it is patented or not, but I do have to work on some projects in VB. They day I don't have to write
"if not foo is nothing then"
will be a good day.
That's an astoundingly good bit of logic there. So all logic on slashdot is astoundingly good. I wish I could bump it up to "+6, kneel before my powerful logic."
When people are thrilled that they can click and drag something, and the app is slightly more responsive than a pot head at 6 in the morning. I remember way back in the old days before the web was big everything utilized the full power of my processor. Things were clickable, dragable, etc. Hell, we even had text boxes bigger than 400x300. You could resize them, and they would even check your spelling for you. You could save them and work on them later. I think they were called "word processors". Ah, those were the days.
Of course the "fix" will probably be some popup saying something about "code pages" and other languages, and grandma won't grok that either.
If there is a bunch of state information in the url copy/paste the url into your address bar, hit "type-over" mode, and re-type the host name and you should be ok.
Editing the kids out of child porn replaces AOL phone support as the worst possible job in technology.
But the point is that the most dangerous command on a unix system behaves differently depending on the names of the files in the directory. Now if you were writing a new piece of software, and you told your customer it works fine as long as no user ever names a file starting with a dash, and it will destroy your system if there is a file name "-rf", I think they whould show you the door.
This is true of every unix command. This is because they way paramter expansion is done on unix is fundamentally broken. The shell expands the parameters _before_ passing them to the program being called. There is _no_ way for the program to know what the parameters actally are. This means there is _no_ way for the author of rm or any other unix command to fix the problem (the authors of the basic gnu commands are aware if this hole. They are smart people. It just can't be fixed)
The correct way to do parameter expansion is to pass the command line unaltered to the program, and provide a comman api that every program can use to parse the command line. This would allow commands like rm to verify the command line and know when someone is using the -rm option, and when they are trying to delete a file named -rm.
The psycho is the virus writer. Try and keep up. Anyway, you can change the metaphore to russian roulet if you want to use it your way.
"Linux has had file permissions since day 1. Windows did not have it until NT."
The relative insecurity of old windows systems doesn't make linux more secure. In fact the security of any system, windows or otherwise, doesn't make linux any more secure.
"I dont know why you started talking about usability, thats not what we're talking about."
Security and useability go hand in hand. The failure of the linux community to recognize this contributes to the security flaws in linux.
""Linux users are not as likely to do something stupid". That has no bering on the security of the acutal operating system."
A secure system prevents a user from doing something stupid. Again, an examaple of the linux community not understanding the full scope of security problems. Human factors are just as, if not more important than, technical security factors. "Users are never stupid. Software is." Understanding and believing that quote is the first step toward a secure system.
"Your argument that idiots who will run anything means that a OS is not secure is not valid. Anyone who -wants- to nerf their own system is perfectly able to do so without assistance."
A secure system makes it hard to nurf your system. An insecure system makes it easy. Nurfing your own files is just as bad for you as someone else nurfing your files. That means, from a security standpoint, both situations must be addressed. The fact that nearly every expert unix admin with any amount of time under the belt has destroyed things they didn't mean to is testament to the lack of security in this area.
Most of Linux's security problems aren't in the kernel.
There are major security problems with linux, windows, and most other OSes. If windows developers are willing to admit that, and linux developers aren't, the linux community is in trouble.
"I could debate with you about this further, but its obvious that you dont understand, and I dont feel like being a teacher."
Funny, I was just thinking the same thing about you.
The point about the ports is that most malware makes outgoing connections. It doesn't listen for inbound counnections. And if it does the malware author is smart enough to make it listen on a port above 1024, or whatever the cutoff is.
Thinking that because a user can delete all their own files, but no others, by accident is good security is sort of like letting an armed psycho free in public and saying people are secure because the psycho only has one bullet, so he can't kill everyone anyway. Sure, it is safer than a psycho with a BFG and a banana clip (or 'root', as he is called in UNIX speak), but it still isn't safe.
Anyway, Linux is being used more and more as a single user desktop system.
Also, a well written system is explicitly designed to prevent idiots from nerfing their own files. That's why windows stole the trash can idea from apple. "rm -rf" is second only to spelling create 'creat' as the stupidest software error that's ever made it into an OS.
Note that "rm -rf", coupled with the half assed way UNIX shells do command line expansion (perhaps the 3rd stupidest....) before passing arguments to applications leads to this gem:
- mkdir ~/test
- cd ~/test
- make a file name -rf. An easy way: vi[enter]:w -rf[enter]:q[enter]
- mkdir -p important/reallyimportant
- touch unimportant
- touch unimportant2
At this point you have a dir with a file name -rm, two files named unimpor*, and a directory named important. Say you want to quickly delete the unimport* files, and you don't notice the -rf file, because there are 100 unimportant files in the dir.- rm *
- ls
- output is: -rf
I leave it as an exercise to the reader to delete the file named -rf.The point is UNIX does _not_ have well written file handling tools. It not only makes it easy for novice users to destroy hours of work in a flash, it also makes it easy to trick an experienced user into destroying hours of work in a flash.
re2:
Again restricting the psycho to one bullet isn't security, it is just better than giving him all the bullets he wants.
re3:
Linux applications do tend to be more secure. Not because the OS is more secure, but because Linux users tend to be more computer literate, aren't targets of virus writers, and aren't targets of commercial software writers. Open source authors tend to be more concerned with security. If Linux had a user base like Windows lots of insecure commercial software would target it, and lots of uneducated users would use it, and virus writers would target it.
NTFS has more granular security than the commonly used Linux file systems. I'm no windows expert, so I can't go into detail, but looking at the "Security" tab on a file on my system I can modify at least five different permissions on a file, and I can assign permissions to specific users or groups of users. Linux file systems like reiserfs are working on stuff like this, but there still isn't much application level support.
I say nobody uses Linux because at least 90% of machines run windows.
The reason that makes it safer is that malware writers don't target systems that almost nobody uses. It makes it safer because the people who do use it know how to not get viruses and such.
If Linux where installed on 90% of the systems out there, and run by the same computer illiterate people who run windows today, I could write a shell script to create a file named "-rf" in every directory and call it "Free Boobies Here!". Every person who runs windows viruses today would run that script, and it would do just as much damage.
The Linux community has its security head in the sand. Linux isn't secure. It is just that it is only run by a few computer literate people who know how to keep their insecure systems safe.
Linux has a primitive "all or nothing" style security infrastructure.
The only reason Linux is a safer system to run today is because nobody uses it, so 1 - Linux isn't a target and 2 - no commercial software is written for it. The few Linux users that are out there are computer hobbyists with enough experience to know not to run arbitrary, unknown code. Computer literate Windows users also have no problems with viruses/etc because they know not to run arbitrary untrusted code.
- You don't have enough experience reading/writing code. You have to read (more so than write) a tremendous amount of code to get good at reading code.
- You don't understand the problem the code is solving.
- The code is very badly designed at a higher level than things like white space and underscores.
A lot of people get frustrated when they don't understand code right away, and rather than trying to grok why they don't understand it (because 2/3rds of the time it is the reader's fault, not the coders), they just bitch about white space and brace placement. That is never the problem.Looks pretty darn empty in there.
I think the firewall is there to prevent all that mal|spy|ad-ware stuff from listening on a port without the user knowing about it. That way when your machine gets owned the new owner can't connect to it and tell it to DOS amazon. At least until the new version of the mal|spy|ad-ware comes out that quietly drops the firewall. Preventing the user from opening privileged ports isn't really a solution to anything. You can write malware that listens to port 6666 just as easily as you can write software that listens to port 666. Restricting certain ports to the root user is really just there so that, on a multi-user system, the admin controls which is the "official" web server and ftp server and such.
I think it should cache the changes and tell you about it. The next time you plug the drive/floppy back in it should notify you there are files that need to be written to that device.
Actually, if an extention is causing the crash it is still the main app's fault. If you write an app that allows third party plugins it is important to architect the plugin system in a way that isolates the main app from the plugins. Like if a user land app causes your linux kernel to panic, it is the kernel's fault. Of course this is easier said than done, so in the real world the easiest short term fix is to fix the extention.