"My buddy's sunk about $10,000 into his demo so far. They'll be lucky to recoup that selling 1000 CDs at concerts for $10. To recoup it from allofmp3.com -- a service they have never agreed to be a part of, and in Russia they don't have to be -- they'd have to receive nearly 16,0000 downloads. That is not fair. And I know you don't care about artists' costs and think the label is screwing everybody...but this is an amateur produced demo! Music is expensive to make and of limited appeal -- and "legal" overseas services that give it away are bad, bad, BAD for American artists. It's like having your sales outsourced against your will!"
You're right -- making music is expensive, time-consuming, and not necessarily universally appealling. But that was not the point of the grandparent post. It's all well and good to cry foul when something is not "fair".... but having things not be fair is the whole point of a free market economy. Do you think it's "fair" to the BP station that the Mom-and-Pop gas station across the street is selling their gas for $0.05 less? Do you think it's "fair" that Amazon sells books for 15% less than brick and mortar stores? No. But that's the whole point. If someone can figure out how to do things more cheaply, the public will follow. The competition will then need to either adapt their ways and sell for less, or die. It's very simple.
The Russian website in question is clearly illegal, and is not considering all parties when they pay royalties. But the point of the grandfather post was not that particular Russian website, but digital music in general. What the RIAA doesn't seem to get is that people are willing to pay for digital music, but only when there is some advantage to doing so. The RIAA/record companies are service organizations. They perform services to both the consumer and the artist, for a fee. For the artist, their service is providing capital for recording/prodution fees and promoting the artists' music. For the consumer, their service is researching the thousands of potential artists and choosing to promote the ones they think the consumer will enjoy listening to. Somewhere along the line, that service to the consumer was lost. It's not about finding good music that the consumers will like anymore. Now it's just about molding someone into something marketable; they're not looking for good music as much as they're looking for low-risk salable products.
The problem with your cry for "fairness" is that your buddy has paid over $10,000 producing his music, and you feel that he should be entitled to make all that back. Well, I've got news for you. There's no such think as a no-risk business opportunity. He spends $X producing music, and then offers it for sale for $Y per album. If it doesn't sell because no one likes it, then he will have to reduce the price to $(Y-1). This will continue until he finds a price where it will sell. If he ends up not making back his $10,000, then that's not the market's fault. If the product being offered is worthy of sale and sold at the right price, then people will buy it.
I, for one, would happily pay for an online download if I thought the price was representative of the cost of producing the music, with compensation for all parties involved, and if I was able to *truly* *purchase* (as in "own"... and do whatever I like with -- no DRM) the music. So far, there is no online service that provides both of those, so I will continue to not download music.
"The free OO is very expensive if you use it to actually do work(what a concept). If OO just burned up an extra 10 minutes a day for my users by being buggy or quirky, that would cost me $60,000 per user(users bill at $150/hour)!!!! I think $500 for a copy of office 2003 is cheap!"
Why is it that people assume software you pay for is inherently better than free software? Have you *used* MS Office lately? It's so full of bugs and holes that I simply avoid using the power-user features at all costs, which are really the only things separating Word from Notepad, Excel from Calculator, and Access from some 3x5 notecards.
The problem here is that the vast majority of computer users learned in a very Microsoft-centric environment. People *expect* their software to be buggy and difficult, because that's what they've been using all the time (Apple users excepted -- I have problems with Apple for other reasons, but poor software is *definitely* not one of them). For these MS-centric people, Microsoft IS computers. If something doesn't work just like an Microsoft product, than it's bad. If it doesn't use the same terminology as Microsoft, it's wrong. And if it doesn't open Microsoft-formatted documents, it's garbage. Please, people, get over your stupid "everyone else is doing it" status-quo fears and try out some alternative softwares objectively. You'll find that not only are they more stable, more mature, and more honest than Microsoft products, but they are always a good deal cheaper, even when you factor in costs of training and migration. Yes, change is hard. But Microsoft has been force-feeding the world substandard products for years, and we've just been sitting back and accepting it because they were the only game in town. Other people have finally created viable alternatives to MS, and we can finally move away from MS and not sacrifice productivity. We just have to get up off our asses to do it.
"You're forgetting who put all those PCs on the government worker desks. it wasn't some kickasss software a Unix vendor or local open source guru developed.
Was a little company from Redmond."
I realize this is a troll, but I'll bite.
The company that put the PCs on the government workers' desks wasn't from Redmond, it was from San Diego, or Austin, or Houston. All three of these companies started without Microsoft, and all three would still be providing computers to government workers, with or without the Redmond bully. (Oh, and Compaq was started by three guys from Texas Instruments, who wanted to design a computer to run all of IBM's (UNIX) software.)
"Until OO.org figures out a way to interact with specialized programs in specialized fields (legal, medicine, engineering, etc), I think it will be hard for many companies to make a switch."
But that's not OO.o's problem. Microsoft has nothing to do with these third party program vendors; they do not make MS Office "interact with specialized programs" any more than they make Excel interact with that VB macro you just wrote. All they do is publish an API, and let the third-party people go nuts. OO.o is doing that, too, because they are open-source. Everything they do is published and available for easy integration.
It's possible to have some sections of the company running MS Office and other sections (that don't need to use the proprietary third-party software) using OpenOffice. The transition can be gradual. But as soon as the bottom-liners start to notice how much money they are saving by not buying into MS's forced upgrade and support scheme, they will put pressure on the company to aquire third-party accounting programs that DO interface with OpenOffice, and the transition will be completed.
Additionally, third-party software developers should be *jumping* at the chance to also support OpenOffice format in their output documents. First of all, OO.o is far easier to code for, since the documents are all in PLAINTEXT XML and FULLY DOCUMENTED. Compare this with the proprietary binary format used by MS Office. Secondly, OpenOffice is clearly becoming a viable competitor for MS Office; any third-party company that refuses to support them can kiss their market-share goodbye.
"So, we've been buying copies of Works 2003 which contains Word XP/2002 at 40 bucks a pop on eBay. We just don't need Excel or PowerPoint to pony up for MS Office, and can use OO.org when we need those programs."
eBay, huh? I hope it wasn't this one, since I have a good feeling it's pirated. The real MS Works Suite comes on CD, not DVD, and the box design is very different. The real thing also costs $99. It would be highly ironic if a legal firm ended up using pirated software they bought on eBay...
"You don't know how something works unless you can explain it to a five-year-old."
I was in a talk a couple of years ago and the speaker was Jim Gray (winner of the turing award in 1998) and he also said something along these lines... as a researcher, you have a clear picture of what you are doing if you can easily explain your research to your partner (assuming of course that your partner is not in your field and assuming that he/she understands your explanation).
Yes, exactly my point. One of my mantras as an undergrad was that the best way to learn is to teach. The more I explained things to someone, the better I felt I knew the material. Of course, as an unintended side effect, my theater-major roommate ended up knowing quite a bit about engineering.:-)
"It doesn't matter to me if you're a bricklayer, an accountant, or a CEO, if you ask a question and you don't pay attention to the answer, you can go fuck yaself."
Agreed. I was not talking about those people who are too arrogant/busy/inattentive/preoccupied/ignorant to listen to the answers to their questions. Those people who ask questions with the intent of getting verification of their preconcieved answer (as opposed to really wanting to know the answer) are not worth anyone's time. If your answer isn't what they wanted to hear, they will simply ask more questions to justify their original answer to themselves. They are not learning; they're just securing their opinion.
"People don't have to know how to use computers beyond their applications in most cases. That's really not the issue. I don't need them to know how computers work. I need them to listen to my answers when they ask a question."
Something about this attitude strikes me as a little elitist. You, the PC Support Person, has all the Knowledge and Power needed to Fix The Computer. Users don't need this information; they are just the users.
But consider this: if you gave your users a general intuition regarding the operation of their computers (we're talking big-picture stuff, here, not details) then they can help you narrow down problems before you even arrive in front of their PC. For example, when a user says, "My email is not working," that could be one of potentially hundreds of causes. But if a user had the computer intuition to write down (or remember) error messages (most just click through without a second glance), they would be able to tell you, "my email program gave me the following error message when trying to download my mail: Network timeout when connecting to mail.domain.com." Now the list of potential problems is smaller, and it will take less time to fix the problem.
I'm not suggesting that users need to know how a computer works "under the hood," so to speak. They just need to have a little intuition regarding their machines, which most users don't have because their computers are all radically different every few years. Techies have intuition: they can fire up a new application they've never seen before, play around in the menus, and generally know how to use the app before even cracking a manual. Many general users need to be sent to training classes to learn applications, not because they're stupid, but because they lack intuition and confidence in regards to their machines.
"If people ask me new questions that prove that they are listening, then I will continue answering them as long as they keep asking. (I get paid for my time, right?) But when people repeat questions I've already answered, especially in the cases where people have written down those answers in the past then I get annoyed because I DO have better things to do than to stand around repeating myself."
Also elitist. Many people don't learn things exactly the first time around. To continue your school metaphor about skills being carried into the rest of your life, can you honestly say you've never gone to a professor's office hours for clarification on something you learned in lecture? I'll bet most of what the professor said was a repeat of what was said in lecture. You'd feel pretty alienated if the professor became visibly agitated every time someone asked him the same question more than once. Like I said before, most users don't have any intuition or confidence with their computers, and they look to the techies for guidance and support. Don't brush them off because you have no patience.
"As for not knowing how something works unless you can explain it to a five year old, I do more or less agree, but five year olds have short attention spans - so do some of the people whose computers I maintain - and thus they will not sit still long enough to learn what you're trying to express."
My "explain it to a five-year-old" analogy took attention spans into account. If your
One can either respond smugly, or, one can give the user words that make them comfortable. **snip** Of course this is slashdot, and I'm preaching to the choir.
I'm not so sure you are. In my experience, I've found that the majority of people who are exceptionally good with computers, such as the general population of Slashdot, simply do not understand the mentality of someone who is not technically inclined. To the novice computer users (and I'm speaking mostly about Windows and Macintosh users here -- the vast majority of Linux users are not novices) a computer is so complex and so powerful that it seems almost like magic. It is a completely new world to them, and it can be a little frightening and/or intimidating, but they plow ahead anyway because this thing is supposed to be easy to use. They really have no intuition regarding how things work. To use your example from above: RAM. Ask a novice computer user what RAM does, and they will likely tell you that it makes their computer faster, or that it gives their computer more memory (and when they say "memory" they are really referring to "disk space" -- many people cannot distinguish the two). Us techies have intuition regarding RAM. We know how it's used as temporary space for running processes and such, and we understand how most of that works on a fundamental level, even if we don't actually hard-code memory locations in our programs. So asking if adding RAM to their machine will affect other areas is a valid question -- they've been told by other people that RAM "makes their computer faster"... i.e., it affects the entire machine. Most techies I know, since the definition of RAM is so basic to them, will usually respond, at first, with astonishment at the supposedly stupid question (even if they don't express it out loud). Many will express astonishment verbally and say something smug, like, "No, of course not," as if they were reminding the user that 2+2 is indeed 4.
The vast majority of computer users think they know how computers work; so when they ask what we perceive as "stupid questions" they are merely trying to reconsile all the conflicting views of their computers they have gotten from various sources. What the technical community has to learn is how to explain computers to novices without slipping into techspeak, without overwhelming them with information they don't need to know, without condescending, and with the idea that these people are not as passionate about computers as the techie.
I see a lot of people on Slashdot getting frustruated with "supid users," usually because the users ask what the techie hears as "stupid questions." So I issue a challenge to the technically inclined: if you are unable to explain to a novice how a basic part of the computer works (like the video card) without diving into techincal details the user doesn't care about or talking down to them, then you are bogged down in details and need to step back to see the big picture. You don't know how something works unless you can explain it to a five-year-old.
God, that is awful. 4 people standing around moving their heads up and down. It's reminded me a lot of "Stimpy's Cartoon." If that's the state of the art, the art has a long way to go.
Hear, hear. If I wanted to watch someone running around a Halo game being stupid, I would just go play Halo.
Re:Well, if you host a dinner party to watch them.
on
The Lyrids Are Coming!
·
· Score: 1
... just be sure there isn't a dead seal nearby. And that you have permission to use the house you're in.
"I'm allergic to bivalves. A good host should know such things about his guests."
"Next time I'll remember to cater to your shellfish demands."
Most of the Jedi who died at Geonosis were woefully unprepared for any sort of large-scale battle. Note that the survivors were all either Jedi Council members or extremely skilled Knights. **snip** Sad fact is that the Jedi have begun to lose their connection to the Force and their lightsaber training is pretty pathetic.
Ok, granted. I realize that the Order is in decline, and many of the Jedi have become complacent in peacetime, neglected their training, etc. But it would have been nice if that was shown in the movies at all. While knowing more about the Order via the Expanded Universe is all well and good, I would think a small tidbit like the *decline of the Jedi Order* might warrant a few moments' screen time. But no, instead we get to watch Anakin blow up a Trade Federation ship *by accident* at the tender age of 10, or whatever he was in Episode I, and see R2 suddenly grow rockets in a damn droid factory. (The Order's decline might have been mentioned in passing, but if it was, it was buried so deep in the steaming piles of poorly written dialog that I missed it. What I saw in the movie was a large group of Jedi whom I'd never met before and were historically handy with a lightsaber, get picked off like rookies by a bunch of *droids*, which not only don't use the Force, but presumably they can't anticipate attacks very well, either -- they seem to be just walking blasters. They should be absolutely no match for the Jedi, trained or not.)
I'm not trying to tear down your points above; they are fully valid within the realm of the Star Wars Universe. The Jedi have to fall at some time, and that won't happen until either a) they lose their skills or b) Dooku has an equally large army of Dark Jedi to defeat them, which I think he would find hard to hide. However, what we're witnessing here is George Lucas losing all respect for the Star Wars Universe. It's obvious that he just doesn't care about continuity or logical plot turns. He wants to make what he wants to make, and the Star Wars Universe be damned! He adds totally contrived plot devices for the singular purpose of adding an action sequence (the Podrace Wager, the Coruscant Speeder Chase, etc.) and these plot devices take away from the story so totally that it takes a couple of watchings of the movies just to pin down what's really going on.
All I'm asking from George is a little passion, not *just* about the CGI (although that element is undoubtably some of the finest on film), but about the characters, the story, and ultimately, the motivations behind the transformation from a democratic Republic to a totalitarian Empire. After all, when he first announced Episode I, he said that was what fascinated him the most about the prequels: the fall to darkness, both for a single person (Anakin) and for an entire galaxy (the Republic). The problem he has right now is the lack of any gray area, except for adolescents. Every character in the Prequels is either Good or Evil, with nothing in between. (This was not true in Episodes IV and V; case in point, Han and Lando.) I want to see some of that gray area. I want to see members of the Jedi order having doubt about the future of the Order and looking to Palpatine for guidance. I want to see Dooku's followers balk at his plan for domination and leave, or perhaps be destroyed. I want to see Jedi losing the faith and leaving in disgust. I want to see an attempt on Yoda's life, by someone trying to destroy the Order outright. I want to see infighting within each side of the battle, growing more dangerous as the stakes escalate, and enabling Palpatine to make a grab for power. I want the audience to not be sure which side of the war is the right one.
In short, I want to *witness* the downfall of a great Republic and a fantastically strong Jedi order, and the subsequent rise of a totalitarian Empire. So far, all we've gotten to that effect are a few ominous comments from Yoda, which just makes him look like a hopeless pessimist. The fact that the Bad Guys are droids, and therefore no
What's really amazing is that the Clone Wars animated shorts are better than the last two movies. There's no particular reason - they just feel more like the Star Wars we're used to. And there's definitely "Who's gonna fly it?" lines. Hell, ANAKIN gets a couple. (Like the sequence where he's zipping back and forth dogfighting with that Sith chick over Obi-Wan's head while Obi-wan lectures at him)
I think Clone Wars is better than the prequels because the Jedi are really modern-day Samurai, and who better to create Samurai action sequences than Genndy Tartakovsky? Lucas has the Jedi fight, and they fall like flies to a bunch of stupid droids. Tartakovsky has the Jedi fight, and Mace takes out an entire field of droids with his *bare hands*.
There were only a couple of spots in Clone Wars that I wish weren't so cheesy, such as the sequence with Padme and R2-D2/C3-PO in the snowstorm. That section smacked of Saturday-morning tripe. But the action sequences were definitely well done. The best thing about Clone Wars was that we finally get to see what the Jedi are capable of. Lucas has all this SFX power at his fingertips, and the Jedi fight sequences either look uninspired (the Arena Battle in Episode II), just plain silly (Yoda's fight with Dooku), or completely implausible (Qui-Gon and Obi-Wan vs. Maul in Episode I -- seriously: two against one? Maul would have been toast in under two minutes). I realize some of the Jedi fight sequences weren't very fast in the Original Trilogy, but there were technical limitations, and George made up for it by injecting emotion. He has no excuses now -- if the fight is going to be emotionless, it better be hardcore.
My three year old's gonna grow up idolizing Harry Potter, instead of Han Solo, as I did. Boo.
Lucky for you, Harry Potter shoots first.
Seriously. He's starting to get pretty badass in Book 5.
And J.K. Rowling has no intention of "updating" Harry so it's less traumatizing for the kiddies -- in fact, the biggest theme in the books is that there is no rigidly defined good and evil. Everyone has the potential to be both (or either).
Come to think of it, Harry Potter mirrors the Star Wars themes extremely well. Voldemort was once a regular student who was tempted by evil magic (Fall to Darkness), Snape is an egotistical, self-serving guy with heart (Dark Hero), Dumbledore is wise and learned, but hardcore when he needs to be (Jedi Warrior/Teacher), and Harry himself is the innocent boy with connections to a dark past who must "face his destiny." Oh, and he's pretty powerful, too.
Harry Potter is now what Star Wars used to be: under all that merchandizing sits a great story with fantastic characters and universal themes. I can think of many worse fantasy worlds for your three-year-old to be engrossed in.
I think it's time we all finally admitted that the Star Wars universe ceased to be compelling the moment midechlorians arrived on the scene. George has lost his touch with reality, so we need to pass the baton. Get over your fear of "Potter-mania" and your belief that Harry is only for kids and go read the Harry Potter books. They are every bit as good as the Original Trilogy.
Are we to believe Mechanics are some how "less smart" than other individuals, or conversely that people in IT are some how smarter. I'm a programmer and most programmers I know have no clue what is under the hook. Ask 1000 programmers to identify the carburator, or the distributor. How many do you think know the answer to that? Better yet, give a IT guy a manual for building the transmission and engine. How many could do it by themselves correclty on the first try without screwing something up. Modern engines have thousands of parts. Building one and tuning it is not trivial or simple. It takes real talent.
Here you are confusing "intelligence" with "knowledge." You're right, most programmers could not repair a carbeurator if you placed them in front of an engine with some tools. However, hand them the manual, and they will not only learn how to fix it, but they will probably comment on how much fun it is. I'm sure they won't do it correctly on the first try, but I'll bet that mechanic didn't do it perfectly on *his* first try, either. Conversely, if you set a car mechanic down in front of a Linux Console, s/he will likely not know what to do. But hand them a manual, and they will learn how to fire up a web browser and research prices on that '67 Mustang fan belt they've been looking for.
I notice that most people look down on car mechanics because such a profession does not require a college degree (while programming jobs, in general, do). However, every car mechanic I've ever met/known has been an extremely intelligent, capable, problem-solving type of person. Knowledge is not the same thing as intelligence. Just because you know something that I don't doesn't make you smarter than me. Just because I can't do perfectly on the first try what you have spent years training to do doesn't make you smarter than me, either. What makes you smarter than me is your ability to learn new things faster and/or use existing knowledge in a novel way to come up with a new solution. Both car mechanics and programmers do that. Same problem-solving skills, different worlds.
"Part of the original license agreement was that theywouldn't offer local content through repeaaters."
but why was that in the original license agreement in the first place? whats wrong with offering local content?
The problem with offering local content is that local content is now the only reason to listen to regular radio over satellite, subscription fees aside. The standard radio stations (including ClearChannel) make their money with advertising revenue, and they can only sell that advertising space if the can guarantee that X number of listeners will hear that ad when it plays. If the satellite companies start giving local news and traffic reports, there will no longer be any reason to not spend the $20 monthly fee: satellite radio has the same music, the same talk shows, no commercials, and now, local information. The AM/FM radio companies are trying to use legislation to preserve their business model. They know that they are losing listeners, and instead of changing their business plan to match the market, they instead use their large legal leverage to bully the competition into not changing the market.
From a third-party point of view, there's nothing wrong with offering local content. From the point of view of the AM/FM media companies, it's forcing them to change, and that's painful. So they try to legislate their way around it.
1. Put the CD in the drive 2. Enter the registration key 3. Select "Complete Installation" 4. Wait and watch the blinkenlights
Huh? That's strange.. here's my additional steps...
5. Insert CD#2 (Professional) 6. Watch more blikenlights 7. Reboot 8. Go to Windows Update 9. Traverse through a couple of loops to Office Update. 10. Update Office 11. Eject CD#2 and put CD#1 back in. 12...blinken-da-blinken... 13. Eject CD#1 and put CD#2 back in. 14. More blinken... 15. Reboot
Ahh, but we can't forget:
16. Launch Office 17. Enter initials... blinkenlights (just what is it installing, anyway?) 18. Get presented with blank document 19. Type in document 20. Click menu item to use Fancy Feature 21. Fancy Feature was set to install on first run 22. Dig through pile of CDs to find Office Install CD #2 23. Curse 24. Find CD, wipe off spilled pop, put in drive 25....blinken... Installing Fancy Feature...blinken... 26. Eject disc, toss back on pile 27. Open menu to use Fancy Feature.... hey! where did it go? 28. Click arrow thingy on the bottom of the menu to see all the options again 29. Use Fancy Feature 30. Clippy pops up and says "It looks like you're trying to use Fancy Feature... do you need help?"
My idea was not Virtual Reality, but "reality augmentation". The idea being that you would wear glasses (of some type) and could drag windows "off" the monitor to float is space around you. You had two choices at that point. Drag a window to your viewport (the monitor), or spin the viewport (and floating windows) to the view you desired.
That's a fantastic idea, but it would be clunky to use with a regular mouse/keyboard pair. With the sheer number of windows I keep open at the same time across multiple desktops, I would either have to dig through the windows floating in space so I can see the keyboard on my desk to start typing, or I would have to lift the glasses momentarily.
So instead of a mouse, lets add on a dual-webcam system that sits on either top corner of your monitor, and tracks several white spots on a dark glove (motion capture, essentially), and use that to move the windows around, change focus, surf, use web forms, etc. (Very similar to the fictional system in Minority Report.) That way, when you needed to move a bunch of different windows around, you can just sweep them away with your hand, instead of clicking and dragging on each one. If you wanted to type*, there would be a motion you perform with the glove to temporarily deactivate the glove's input. Then head to the keyboard, type away, and when you're finished make the same motion again to reactivate the glove's functionality. I see it almost as a hybrid of Opera's mouse gestures feature and physically picking up windows.
Theoretically, this system could be implemented with current technologies, but a large amount of work would have to go the glasses tracking where they are relative to their surroundings, and keeping the windows static, i.e., the windows would not move with the glasses when the user turned his head-- they would stay in place relative to the desk (or wall). It would also be difficult for the glasses to put up an image that would not be tiring to read for long amounts of time.
Food for thought.
*I've always been against virtual keyboards of any kind, since there's no tactile feedback.
That's an example of not maintaining forward compatibility, i.e., trying to open a Word 2003 document with Word 95. I'm talking the other way round where installing the newest version of some OS app requires significant reworking of your existing stuff created in an earlier version.
I've had many instances where I've saved a Word document in Word 2000 and then opened it up in Word XP just to have all my cutomized numbering styles contain random numbers, instead of the usual preferred order of 1-2-3-4-5-6-7-8-9.
Come to think of it, I can't remember a single instance where I used custom styles in a Word document and had it work exactly as it should, in several versions, from '95 on up. Every single one has either a). needed manual tweaking after the fact, b). been broken by version changes, both forward and backward, c). actually crashed Word when combined with a Table of Contents and a few Equations, or d). took twice as long to set up as it would have taken just to type the damn thing out the long way. That's a shame; styles are really the only thing separating Word from Notepad. I wish they worked.
I just went back over this whole thread, and I fail to see where either the OP or myself claimed that Apple's security was "infallible". And I haven't seen any display of "zealotry" in this thread either, unless zealotry means saying, "hey, here's a good idea..."
I was talking about Mac zealots in general. Read some of the other posts in this discussion.
So you're saying that the problem of security is not a systemic one, but a problem of user-level training. And that no matter what security features you put into a system, dumb users will still break the system.
That sounds like a cop-out to me. "There's no point in trying to build in additional security, because dumb users will always screw things up. No operating system can fix that problem. We just need users to become more educated. Our system isn't broken, it's fine the way it is."
Putting words into my mouth. What I really meant by my transcribed console session was that Linux DOES need to change, that it is NOT "fine the way it is." Having a single password allow access to all the deep recesses of the machine works for sysadmins and those with a large knowledge/experience base, but not for general users. If Linux is ever going to succeed on the desktop, these glaring security issues will need to be addressed. Additionally, applying a patch, like requiring a root password to be typed for administrative tasks and disabling the root user, will not fix it.
I've got news for you. YOU'LL NEVER FIX THE PROBLEM OF DUMB USERS. You can't train every computer user to be a sysadmin, because the vast majority have no interest in learning.
That's true, but since computers have been around for such a short amount of time, there is no intuition regarding them either. Other devices have intuition associated with them: to use a lawnmower, you fill it with gas, pull this cord, and push it around. Everyone knows this because lawnmowers have been around for such a long time. People have no clue how to operate their computers, and they refuse to learn because computer companies keep advertising that computers are really easy to use, and actively seeking out training about their computers admits that they are an idiot. Well, I have news for the Slashdot community: computers are not easy, no matter how many pretty icons or autoinstall wizards exist on the desktop. Even the most trivial tasks, like copying a file instead of moving it, are not intuitive. (Ask anyone who works in tech support how intuitive computers are.) Both Apple and Microsoft are guilty of this mentality, and AOL is responsible for a certain amount of it when people get on the internet, which is far from simple and easy to use, and also more dangerous than a stand-alone computer.
If you're waiting for the day when computer users are all educated and informed, and security abounds because nobody is stupid enough to be fooled by script kiddies, get yourself a coat and a chair. Hell will freeze over first, and you may get tired from standing.
I'm not waiting for that day. But I am waiting for the day when people are just knowledgeable enough to not click on every damn thing they see on their computer. This will require a certain amount of intuition and familiarity-- but computers change drastically every five years. How is anyone supposed to find their way around this maze when the builders keep shifting walls to make room for more features? Yes, systems should be hardened. Yes, security in software is an issue. But what we really need to focus on now is standards compliance, compatibility, and above all, *consistency of design*. When using computers from different companies is as similar as driving cars from different companies, then users will start to gain familiarity and intuition about their machines (sure, the dashboard has the speedometer in a different location, and all the sound system buttons are different, but the gas and the brake are in the right place). Then these types of "USER=ID-10-T" problems will become far less frequent. People are not stupid. They're just lost.
There are things an administrator is NOT permitted to do (and deleting System files is one). If the root user is disabled (as it is by default), those files simply can't be deleted, no matter how clever the script kiddie is.
You're right. But that's why I said my deleting system files example was JUST AN EXAMPLE (and meant to be humorous, as well). There is quite a bit a script kiddie could do to an OSX machine without deleting system files. Setting up a spam relay and installing spyware come to mind, and you certainly can write to the program directories with Administrator permissions. How else would you install software? But again, my post was talking about Linux. Not Mac.
I think that was the point of this thread, wasn't it? MacOS X was held up as an example of the way an operating system can be both usable and secure at the same time. In MacOS X, you can do any admin-level tasks as a non-root administrator, EXCEPT destroy the system.
Yes, that is the point of the thread. MacOSX is currently the best balance between admin power and end user security. But don't underestimate the power of uninformed users, which was my point. If the user has an admin password, *someone* will find a way to dupe them into typing it, and then that someone will be able to do nasty things to the computer. Perhaps not deleting system files, but something nasty nonetheless. A system is not foolproof unless you remove the fool from the system.
No, but it illustrates that while you are clearly not familiar with the technical workings of MacOS X's security features, you are quick to dismiss them as useless.
I'm not dismissing them as useless. I'm taking them down off the Pedestal of Infallibility Mac zealots have put them on. Yes, these features are nice, but an end user can still be fooled by outside software.
I was not talking about OSX in my post, a fact you seem to have missed. I was talking about asking for a superuser password (be it root, Administrator, whoever--someone with privilege) whenever an administrative task needs to be completed. The user will get so used to typing in that password, that the next time malicious software comes along and asks for it, and the little window it pops up looks just like the one the operating system uses, that password is going to get typed in faster than you can say "spam relay." Perhaps the software was run because the email it came in made it look like a jpg file; whatever. Unless users have a basic grasp of how to tell when something is suspect, these issues will arise. No operating system can plug the security hole between the chair and the keyboard. Only training can do that.
"The U.S. District court last year decided that the RIAA could not subpoena ISPs [techtv.com] to reveal the identities of users who have violated copyright laws on the network."
It's probably nitpicking, but it is not "The" U.S. District Court, it is one U.S. District Court, specifically the Appellate Court for the District of Columbia. The legal decision is not binding on courts outside the jurisdiction of that court.
Yes, that's true. I forgot to add the words "for the District of Columbia." In any case, the ruling was groundbreaking, and would be a precedent in similar cased tried in other jurisdictions.
They also could have an admin-side interface to search any given user's account for any given keyword (since that search is already presented to each user) which they'd run when presented with a valid legal warrant.
The issue here is not whether Google *could* search a user's email for a keyword; we all know they can. The question is whether or not they *would*. The U.S. District court last year decided that the RIAA could not subpoena ISPs to reveal the identities of users who have violated copyright laws on the network. I don't see GMail being any different: since GMail is not involved in the communication, but merely the conduit for it, it's not responsible for the content, nor does it have a legal obligation to reveal the identity of a person using the service.
However, I also see 1GB of email storage being highly abused by the mp3 trading community, and as a storage medium. If copyright-infringing files are stored on Google's servers, it would be a different issue. But in that case, the authorities (meaning the police, not the RIAA) would be able to present a valid warrant and Google would have to turn over the contents of that user's account. No searching would be involved... just turn over all the data the warrant requests.
I can't think of a legal instance where Google would be required to search emails for keywords for the authorities, in order to, for example, look for child molestors or potential terrorists. That would be in clear violation of Google's privacy policy and several federal laws, and the authorities would likely have to come up with a specific name and a warrant.
By the way, it's obvious that you are a Linux user, and have never seen the guts of OS X. The following directory structures don't even exist under OS X:/boot/home/lib/mnt/opt/proc/root
You're just like the Windows Admin talking about Linux security. Ironic, eh?
No, it's not ironic at all; this topic is about security in Linux as used by general users, and I was merely applying what Macintosh believes to be a decent security measure to Linux.
My point was that the root user in (most flavors of) Linux is NOT disabled; with a single password, it is extremely easy to do some very dangerous things. But again, even if the root user *was* disabled, and only Administrators could do root-level things, the script would ask for that password. It could still do a lot of damage, installing software, setting up relays, etc. Asking for a password every time a root-level function needs to be executed, as OSX does, is not that great for security when the user is uninformed.
You can only secure the operating system so much. Any more and it's far too difficult for an Admin to get in there and do what s/he needs to do. The rest needs to come from the user making informed decisions about which programs to run (and the OS having dangerous services turned off by default, but that's a topic for another post).
And you're right; that directory structure is from my own install of Gentoo. But the example was not intended to address a specific problem. It was only intended to illustrate that people do what their computers tell them to, even if the instructions were written by some script kiddie and emailed through a relay with a spoofed From: address. Because they're not informed enough to make good decisions. Computers are, quite frankly, a mystery to them. If their computer asks them for a password, they will type it. They're not going to stop and ask themselves if they should, especially when their computer asks them that all the time.
Many of Microsoft's engineers in the 90s had no concept of trust and privilege, and it showed. Those few who understood the implications couldn't drive the rest of the overwhelmingly "convenience-driven" corporate culture to really care about the down-sides to an all-root-all-the-time lack of security. Now that Microsoft knows the implications, their inertia has them at a strict disadvantage: they must change, and in so changing, they break their #1 asset: long-term backwards compatibility.
Apple recently broke backwards-compatibility, and they have thrived because of it. Sure, they added some "compatibility mode", which really amounts to a fast dual-boot, but as more and more new applications support only OSX, that will slowly fade away.
Oh, and Windows XP broke backwards compatibility with DOS, and Windows 9x. They also added a "compatibility mode" to run old applications. The problem is that Microsoft's breaking of backwards compatibility was for a half-assed operating system that still needs epic overhauls to be secure. When Mac did it, they set down the foundation first. OS 10.0 was buggy, full of holes, and very inconsistent. However, since the foundation was there, only incremental improvements were needed and now it's fantastic. MS still doesn't have a foundation. How well will their XP SP2 patch hold up without any support from below?
Breaking compatibility can be done, but it has to be done RIGHT.
Imagine the computer as a house. It's a place where you keep your stuff. (Yes, kids, here comes the analogy!)
Within that house, usability is a matter of placing light switches and doorknobs so that they're both within easy reach and easily recognizeable as such. It's a matter of leaving a clear path between rooms, unblocked by furniture. It's a matter of making doorways large enough (or using furniture thin enough) that you can moving things around if you must. To the person that lives within it, usability is a matter of making as much as possible convenient and accessible.
And within that house, security is a matter of sturdy locks on the doors and windows that close firmly, without room to stick a credit card in. It's also a matter of denying spaces within to those that don't need it. It may involve locking certain rooms, or if those rooms must be left open, then locking those few cabinets that contain dangerous things (like bleach and ammonia) or putting those dangerous things up and out of reach. Security is as great as possible a deterrant against anyone outside the house who doesn't have a key or permission to be there, and safeguards within the house to keep the unwary from setting the curtains on fire with a misplaced candle.
That's a fine analogy, but it's missing one rather large ingredient: the internet. Connecting your house with lots of other peoples' houses, the vast majority of whom you don't even know and never meet. You get to exchange furniture, gain ideas about the color of your curtains, and even sell your car. So here's the kicker: how do you make it easy to exchange all this data between the houses, yet still keep your house secure from outside attacks? Your front door is locked, to be sure... but a burglar could be clinging to the underside of that couch you just bought and are currently pulling in through the window.
Microsoft is actively trying to blur the line between online and offline. Already they have the option of downloading whole websites and viewing them offline, yet these offline sites look exactly as they would when viewing them online (except, perhaps, for a tiny icon way down in the corner, amid the other onslaught of tiny icons no one pays attention to). Not only are both copies of the website (online and offline) seen in the OS as a *single folder* by default, but most users don't even understand the concept of an HTML file having to be downloaded to a cache directory before it can be viewed. The internet is a very abstract concept, and it doesn't help that we (the geeks) keep metaphorizing it. Many of the "Joe Blow" users I deal with on a daily basis refer to sites like Google and Yahoo as if they were applications that are launched from the toolbar.
I think the true solution is to make an extremely clear distinction between "online" and "offline." Only when users understand that fundamental concept will they be able to make their own judgements about what to trust. They can't always rely on us to educate them on what's good and what's bad: they should be able to see an instruction on the computer screen and decide for themselves whether it's "online" (meaning not installed by them, and therefore probably malicious) or "offline" (meaning installed by them or GatewayDellCompaq, and therefore probably legit).
Slashdot Mirror
"My buddy's sunk about $10,000 into his demo so far. They'll be lucky to recoup that selling 1000 CDs at concerts for $10. To recoup it from allofmp3.com -- a service they have never agreed to be a part of, and in Russia they don't have to be -- they'd have to receive nearly 16,0000 downloads. That is not fair. And I know you don't care about artists' costs and think the label is screwing everybody...but this is an amateur produced demo! Music is expensive to make and of limited appeal -- and "legal" overseas services that give it away are bad, bad, BAD for American artists. It's like having your sales outsourced against your will!"
.... but having things not be fair is the whole point of a free market economy. Do you think it's "fair" to the BP station that the Mom-and-Pop gas station across the street is selling their gas for $0.05 less? Do you think it's "fair" that Amazon sells books for 15% less than brick and mortar stores? No. But that's the whole point. If someone can figure out how to do things more cheaply, the public will follow. The competition will then need to either adapt their ways and sell for less, or die. It's very simple.
... and do whatever I like with -- no DRM) the music. So far, there is no online service that provides both of those, so I will continue to not download music.
You're right -- making music is expensive, time-consuming, and not necessarily universally appealling. But that was not the point of the grandparent post. It's all well and good to cry foul when something is not "fair"
The Russian website in question is clearly illegal, and is not considering all parties when they pay royalties. But the point of the grandfather post was not that particular Russian website, but digital music in general. What the RIAA doesn't seem to get is that people are willing to pay for digital music, but only when there is some advantage to doing so. The RIAA/record companies are service organizations. They perform services to both the consumer and the artist, for a fee. For the artist, their service is providing capital for recording/prodution fees and promoting the artists' music. For the consumer, their service is researching the thousands of potential artists and choosing to promote the ones they think the consumer will enjoy listening to. Somewhere along the line, that service to the consumer was lost. It's not about finding good music that the consumers will like anymore. Now it's just about molding someone into something marketable; they're not looking for good music as much as they're looking for low-risk salable products.
The problem with your cry for "fairness" is that your buddy has paid over $10,000 producing his music, and you feel that he should be entitled to make all that back. Well, I've got news for you. There's no such think as a no-risk business opportunity. He spends $X producing music, and then offers it for sale for $Y per album. If it doesn't sell because no one likes it, then he will have to reduce the price to $(Y-1). This will continue until he finds a price where it will sell. If he ends up not making back his $10,000, then that's not the market's fault. If the product being offered is worthy of sale and sold at the right price, then people will buy it.
I, for one, would happily pay for an online download if I thought the price was representative of the cost of producing the music, with compensation for all parties involved, and if I was able to *truly* *purchase* (as in "own"
"The free OO is very expensive if you use it to actually do work(what a concept). If OO just burned up an extra 10 minutes a day for my users by being buggy or quirky, that would cost me $60,000 per user(users bill at $150/hour)!!!! I think $500 for a copy of office 2003 is cheap!"
Why is it that people assume software you pay for is inherently better than free software? Have you *used* MS Office lately? It's so full of bugs and holes that I simply avoid using the power-user features at all costs, which are really the only things separating Word from Notepad, Excel from Calculator, and Access from some 3x5 notecards.
The problem here is that the vast majority of computer users learned in a very Microsoft-centric environment. People *expect* their software to be buggy and difficult, because that's what they've been using all the time (Apple users excepted -- I have problems with Apple for other reasons, but poor software is *definitely* not one of them). For these MS-centric people, Microsoft IS computers. If something doesn't work just like an Microsoft product, than it's bad. If it doesn't use the same terminology as Microsoft, it's wrong. And if it doesn't open Microsoft-formatted documents, it's garbage. Please, people, get over your stupid "everyone else is doing it" status-quo fears and try out some alternative softwares objectively. You'll find that not only are they more stable, more mature, and more honest than Microsoft products, but they are always a good deal cheaper, even when you factor in costs of training and migration. Yes, change is hard. But Microsoft has been force-feeding the world substandard products for years, and we've just been sitting back and accepting it because they were the only game in town. Other people have finally created viable alternatives to MS, and we can finally move away from MS and not sacrifice productivity. We just have to get up off our asses to do it.
"You're forgetting who put all those PCs on the government worker desks. it wasn't some kickasss software a Unix vendor or local open source guru developed.
Was a little company from Redmond."
I realize this is a troll, but I'll bite.
The company that put the PCs on the government workers' desks wasn't from Redmond, it was from San Diego, or Austin, or Houston. All three of these companies started without Microsoft, and all three would still be providing computers to government workers, with or without the Redmond bully. (Oh, and Compaq was started by three guys from Texas Instruments, who wanted to design a computer to run all of IBM's (UNIX) software.)
"Until OO.org figures out a way to interact with specialized programs in specialized fields (legal, medicine, engineering, etc), I think it will be hard for many companies to make a switch."
But that's not OO.o's problem. Microsoft has nothing to do with these third party program vendors; they do not make MS Office "interact with specialized programs" any more than they make Excel interact with that VB macro you just wrote. All they do is publish an API, and let the third-party people go nuts. OO.o is doing that, too, because they are open-source. Everything they do is published and available for easy integration.
It's possible to have some sections of the company running MS Office and other sections (that don't need to use the proprietary third-party software) using OpenOffice. The transition can be gradual. But as soon as the bottom-liners start to notice how much money they are saving by not buying into MS's forced upgrade and support scheme, they will put pressure on the company to aquire third-party accounting programs that DO interface with OpenOffice, and the transition will be completed.
Additionally, third-party software developers should be *jumping* at the chance to also support OpenOffice format in their output documents. First of all, OO.o is far easier to code for, since the documents are all in PLAINTEXT XML and FULLY DOCUMENTED. Compare this with the proprietary binary format used by MS Office. Secondly, OpenOffice is clearly becoming a viable competitor for MS Office; any third-party company that refuses to support them can kiss their market-share goodbye.
"So, we've been buying copies of Works 2003 which contains Word XP/2002 at 40 bucks a pop on eBay. We just don't need Excel or PowerPoint to pony up for MS Office, and can use OO.org when we need those programs."
eBay, huh? I hope it wasn't this one, since I have a good feeling it's pirated. The real MS Works Suite comes on CD, not DVD, and the box design is very different. The real thing also costs $99. It would be highly ironic if a legal firm ended up using pirated software they bought on eBay...
"You don't know how something works unless you can explain it to a five-year-old."
:-)
I was in a talk a couple of years ago and the speaker was Jim Gray (winner of the turing award in 1998) and he also said something along these lines... as a researcher, you have a clear picture of what you are doing if you can easily explain your research to your partner (assuming of course that your partner is not in your field and assuming that he/she understands your explanation).
Yes, exactly my point. One of my mantras as an undergrad was that the best way to learn is to teach. The more I explained things to someone, the better I felt I knew the material. Of course, as an unintended side effect, my theater-major roommate ended up knowing quite a bit about engineering.
"It doesn't matter to me if you're a bricklayer, an accountant, or a CEO, if you ask a question and you don't pay attention to the answer, you can go fuck yaself."
Agreed. I was not talking about those people who are too arrogant/busy/inattentive/preoccupied/ignorant to listen to the answers to their questions. Those people who ask questions with the intent of getting verification of their preconcieved answer (as opposed to really wanting to know the answer) are not worth anyone's time. If your answer isn't what they wanted to hear, they will simply ask more questions to justify their original answer to themselves. They are not learning; they're just securing their opinion.
"People don't have to know how to use computers beyond their applications in most cases. That's really not the issue. I don't need them to know how computers work. I need them to listen to my answers when they ask a question."
Something about this attitude strikes me as a little elitist. You, the PC Support Person, has all the Knowledge and Power needed to Fix The Computer. Users don't need this information; they are just the users.
But consider this: if you gave your users a general intuition regarding the operation of their computers (we're talking big-picture stuff, here, not details) then they can help you narrow down problems before you even arrive in front of their PC. For example, when a user says, "My email is not working," that could be one of potentially hundreds of causes. But if a user had the computer intuition to write down (or remember) error messages (most just click through without a second glance), they would be able to tell you, "my email program gave me the following error message when trying to download my mail: Network timeout when connecting to mail.domain.com." Now the list of potential problems is smaller, and it will take less time to fix the problem.
I'm not suggesting that users need to know how a computer works "under the hood," so to speak. They just need to have a little intuition regarding their machines, which most users don't have because their computers are all radically different every few years. Techies have intuition: they can fire up a new application they've never seen before, play around in the menus, and generally know how to use the app before even cracking a manual. Many general users need to be sent to training classes to learn applications, not because they're stupid, but because they lack intuition and confidence in regards to their machines.
"If people ask me new questions that prove that they are listening, then I will continue answering them as long as they keep asking. (I get paid for my time, right?) But when people repeat questions I've already answered, especially in the cases where people have written down those answers in the past then I get annoyed because I DO have better things to do than to stand around repeating myself."
Also elitist. Many people don't learn things exactly the first time around. To continue your school metaphor about skills being carried into the rest of your life, can you honestly say you've never gone to a professor's office hours for clarification on something you learned in lecture? I'll bet most of what the professor said was a repeat of what was said in lecture. You'd feel pretty alienated if the professor became visibly agitated every time someone asked him the same question more than once. Like I said before, most users don't have any intuition or confidence with their computers, and they look to the techies for guidance and support. Don't brush them off because you have no patience.
"As for not knowing how something works unless you can explain it to a five year old, I do more or less agree, but five year olds have short attention spans - so do some of the people whose computers I maintain - and thus they will not sit still long enough to learn what you're trying to express."
My "explain it to a five-year-old" analogy took attention spans into account. If your
One can either respond smugly, or, one can give the user words that make them comfortable.
**snip**
Of course this is slashdot, and I'm preaching to the choir.
I'm not so sure you are. In my experience, I've found that the majority of people who are exceptionally good with computers, such as the general population of Slashdot, simply do not understand the mentality of someone who is not technically inclined. To the novice computer users (and I'm speaking mostly about Windows and Macintosh users here -- the vast majority of Linux users are not novices) a computer is so complex and so powerful that it seems almost like magic. It is a completely new world to them, and it can be a little frightening and/or intimidating, but they plow ahead anyway because this thing is supposed to be easy to use. They really have no intuition regarding how things work. To use your example from above: RAM. Ask a novice computer user what RAM does, and they will likely tell you that it makes their computer faster, or that it gives their computer more memory (and when they say "memory" they are really referring to "disk space" -- many people cannot distinguish the two). Us techies have intuition regarding RAM. We know how it's used as temporary space for running processes and such, and we understand how most of that works on a fundamental level, even if we don't actually hard-code memory locations in our programs. So asking if adding RAM to their machine will affect other areas is a valid question -- they've been told by other people that RAM "makes their computer faster"... i.e., it affects the entire machine. Most techies I know, since the definition of RAM is so basic to them, will usually respond, at first, with astonishment at the supposedly stupid question (even if they don't express it out loud). Many will express astonishment verbally and say something smug, like, "No, of course not," as if they were reminding the user that 2+2 is indeed 4.
The vast majority of computer users think they know how computers work; so when they ask what we perceive as "stupid questions" they are merely trying to reconsile all the conflicting views of their computers they have gotten from various sources. What the technical community has to learn is how to explain computers to novices without slipping into techspeak, without overwhelming them with information they don't need to know, without condescending, and with the idea that these people are not as passionate about computers as the techie.
I see a lot of people on Slashdot getting frustruated with "supid users," usually because the users ask what the techie hears as "stupid questions." So I issue a challenge to the technically inclined: if you are unable to explain to a novice how a basic part of the computer works (like the video card) without diving into techincal details the user doesn't care about or talking down to them, then you are bogged down in details and need to step back to see the big picture. You don't know how something works unless you can explain it to a five-year-old.
God, that is awful. 4 people standing around moving their heads up and down. It's reminded me a lot of "Stimpy's Cartoon." If that's the state of the art, the art has a long way to go.
Hear, hear. If I wanted to watch someone running around a Halo game being stupid, I would just go play Halo.
... just be sure there isn't a dead seal nearby. And that you have permission to use the house you're in.
"I'm allergic to bivalves. A good host should know such things about his guests."
"Next time I'll remember to cater to your shellfish demands."
Good episode.
Most of the Jedi who died at Geonosis were woefully unprepared for any sort of large-scale battle. Note that the survivors were all either Jedi Council members or extremely skilled Knights.
**snip**
Sad fact is that the Jedi have begun to lose their connection to the Force and their lightsaber training is pretty pathetic.
Ok, granted. I realize that the Order is in decline, and many of the Jedi have become complacent in peacetime, neglected their training, etc. But it would have been nice if that was shown in the movies at all. While knowing more about the Order via the Expanded Universe is all well and good, I would think a small tidbit like the *decline of the Jedi Order* might warrant a few moments' screen time. But no, instead we get to watch Anakin blow up a Trade Federation ship *by accident* at the tender age of 10, or whatever he was in Episode I, and see R2 suddenly grow rockets in a damn droid factory. (The Order's decline might have been mentioned in passing, but if it was, it was buried so deep in the steaming piles of poorly written dialog that I missed it. What I saw in the movie was a large group of Jedi whom I'd never met before and were historically handy with a lightsaber, get picked off like rookies by a bunch of *droids*, which not only don't use the Force, but presumably they can't anticipate attacks very well, either -- they seem to be just walking blasters. They should be absolutely no match for the Jedi, trained or not.)
I'm not trying to tear down your points above; they are fully valid within the realm of the Star Wars Universe. The Jedi have to fall at some time, and that won't happen until either a) they lose their skills or b) Dooku has an equally large army of Dark Jedi to defeat them, which I think he would find hard to hide. However, what we're witnessing here is George Lucas losing all respect for the Star Wars Universe. It's obvious that he just doesn't care about continuity or logical plot turns. He wants to make what he wants to make, and the Star Wars Universe be damned! He adds totally contrived plot devices for the singular purpose of adding an action sequence (the Podrace Wager, the Coruscant Speeder Chase, etc.) and these plot devices take away from the story so totally that it takes a couple of watchings of the movies just to pin down what's really going on.
All I'm asking from George is a little passion, not *just* about the CGI (although that element is undoubtably some of the finest on film), but about the characters, the story, and ultimately, the motivations behind the transformation from a democratic Republic to a totalitarian Empire. After all, when he first announced Episode I, he said that was what fascinated him the most about the prequels: the fall to darkness, both for a single person (Anakin) and for an entire galaxy (the Republic). The problem he has right now is the lack of any gray area, except for adolescents. Every character in the Prequels is either Good or Evil, with nothing in between. (This was not true in Episodes IV and V; case in point, Han and Lando.) I want to see some of that gray area. I want to see members of the Jedi order having doubt about the future of the Order and looking to Palpatine for guidance. I want to see Dooku's followers balk at his plan for domination and leave, or perhaps be destroyed. I want to see Jedi losing the faith and leaving in disgust. I want to see an attempt on Yoda's life, by someone trying to destroy the Order outright. I want to see infighting within each side of the battle, growing more dangerous as the stakes escalate, and enabling Palpatine to make a grab for power. I want the audience to not be sure which side of the war is the right one.
In short, I want to *witness* the downfall of a great Republic and a fantastically strong Jedi order, and the subsequent rise of a totalitarian Empire. So far, all we've gotten to that effect are a few ominous comments from Yoda, which just makes him look like a hopeless pessimist. The fact that the Bad Guys are droids, and therefore no
What's really amazing is that the Clone Wars animated shorts are better than the last two movies. There's no particular reason - they just feel more like the Star Wars we're used to. And there's definitely "Who's gonna fly it?" lines. Hell, ANAKIN gets a couple. (Like the sequence where he's zipping back and forth dogfighting with that Sith chick over Obi-Wan's head while Obi-wan lectures at him)
I think Clone Wars is better than the prequels because the Jedi are really modern-day Samurai, and who better to create Samurai action sequences than Genndy Tartakovsky? Lucas has the Jedi fight, and they fall like flies to a bunch of stupid droids. Tartakovsky has the Jedi fight, and Mace takes out an entire field of droids with his *bare hands*.
There were only a couple of spots in Clone Wars that I wish weren't so cheesy, such as the sequence with Padme and R2-D2/C3-PO in the snowstorm. That section smacked of Saturday-morning tripe. But the action sequences were definitely well done. The best thing about Clone Wars was that we finally get to see what the Jedi are capable of. Lucas has all this SFX power at his fingertips, and the Jedi fight sequences either look uninspired (the Arena Battle in Episode II), just plain silly (Yoda's fight with Dooku), or completely implausible (Qui-Gon and Obi-Wan vs. Maul in Episode I -- seriously: two against one? Maul would have been toast in under two minutes). I realize some of the Jedi fight sequences weren't very fast in the Original Trilogy, but there were technical limitations, and George made up for it by injecting emotion. He has no excuses now -- if the fight is going to be emotionless, it better be hardcore.
My three year old's gonna grow up idolizing Harry Potter, instead of Han Solo, as I did. Boo.
Lucky for you, Harry Potter shoots first.
Seriously. He's starting to get pretty badass in Book 5.
And J.K. Rowling has no intention of "updating" Harry so it's less traumatizing for the kiddies -- in fact, the biggest theme in the books is that there is no rigidly defined good and evil. Everyone has the potential to be both (or either).
Come to think of it, Harry Potter mirrors the Star Wars themes extremely well. Voldemort was once a regular student who was tempted by evil magic (Fall to Darkness), Snape is an egotistical, self-serving guy with heart (Dark Hero), Dumbledore is wise and learned, but hardcore when he needs to be (Jedi Warrior/Teacher), and Harry himself is the innocent boy with connections to a dark past who must "face his destiny." Oh, and he's pretty powerful, too.
Harry Potter is now what Star Wars used to be: under all that merchandizing sits a great story with fantastic characters and universal themes. I can think of many worse fantasy worlds for your three-year-old to be engrossed in.
I think it's time we all finally admitted that the Star Wars universe ceased to be compelling the moment midechlorians arrived on the scene. George has lost his touch with reality, so we need to pass the baton. Get over your fear of "Potter-mania" and your belief that Harry is only for kids and go read the Harry Potter books. They are every bit as good as the Original Trilogy.
Are we to believe
Mechanics are some how "less smart" than other individuals, or conversely that people in IT are some how smarter. I'm a programmer and most programmers I know have no clue what is under the hook. Ask 1000 programmers to identify the carburator, or the distributor. How many do you think know the answer to that? Better yet, give a IT guy a manual for building the transmission and engine. How many could do it by themselves correclty on the first try without screwing something up. Modern engines have thousands of parts. Building one and tuning it is not trivial or simple. It takes real talent.
Here you are confusing "intelligence" with "knowledge." You're right, most programmers could not repair a carbeurator if you placed them in front of an engine with some tools. However, hand them the manual, and they will not only learn how to fix it, but they will probably comment on how much fun it is. I'm sure they won't do it correctly on the first try, but I'll bet that mechanic didn't do it perfectly on *his* first try, either. Conversely, if you set a car mechanic down in front of a Linux Console, s/he will likely not know what to do. But hand them a manual, and they will learn how to fire up a web browser and research prices on that '67 Mustang fan belt they've been looking for.
I notice that most people look down on car mechanics because such a profession does not require a college degree (while programming jobs, in general, do). However, every car mechanic I've ever met/known has been an extremely intelligent, capable, problem-solving type of person. Knowledge is not the same thing as intelligence. Just because you know something that I don't doesn't make you smarter than me. Just because I can't do perfectly on the first try what you have spent years training to do doesn't make you smarter than me, either. What makes you smarter than me is your ability to learn new things faster and/or use existing knowledge in a novel way to come up with a new solution. Both car mechanics and programmers do that. Same problem-solving skills, different worlds.
What are you incinuating, that operating systems should be written in Java?
"I tried writing an operating system completely in Java back in 1998."
"Oh? How'd that work out?"
"I don't know. It's still booting."
"Part of the original license agreement was that theywouldn't offer local content through repeaaters."
but why was that in the original license agreement in the first place? whats wrong with offering local content?
The problem with offering local content is that local content is now the only reason to listen to regular radio over satellite, subscription fees aside. The standard radio stations (including ClearChannel) make their money with advertising revenue, and they can only sell that advertising space if the can guarantee that X number of listeners will hear that ad when it plays. If the satellite companies start giving local news and traffic reports, there will no longer be any reason to not spend the $20 monthly fee: satellite radio has the same music, the same talk shows, no commercials, and now, local information. The AM/FM radio companies are trying to use legislation to preserve their business model. They know that they are losing listeners, and instead of changing their business plan to match the market, they instead use their large legal leverage to bully the competition into not changing the market.
From a third-party point of view, there's nothing wrong with offering local content. From the point of view of the AM/FM media companies, it's forcing them to change, and that's painful. So they try to legislate their way around it.
I just installed Office 2003 on my laptop here:
..blinken-da-blinken...
... blinkenlights (just what is it installing, anyway?) ...blinken... Installing Fancy Feature ...blinken... .... hey! where did it go? ... do you need help?"
1. Put the CD in the drive
2. Enter the registration key
3. Select "Complete Installation"
4. Wait and watch the blinkenlights
Huh? That's strange.. here's my additional steps...
5. Insert CD#2 (Professional)
6. Watch more blikenlights
7. Reboot
8. Go to Windows Update
9. Traverse through a couple of loops to Office Update.
10. Update Office
11. Eject CD#2 and put CD#1 back in.
12.
13. Eject CD#1 and put CD#2 back in.
14. More blinken...
15. Reboot
Ahh, but we can't forget:
16. Launch Office
17. Enter initials
18. Get presented with blank document
19. Type in document
20. Click menu item to use Fancy Feature
21. Fancy Feature was set to install on first run
22. Dig through pile of CDs to find Office Install CD #2
23. Curse
24. Find CD, wipe off spilled pop, put in drive
25.
26. Eject disc, toss back on pile
27. Open menu to use Fancy Feature
28. Click arrow thingy on the bottom of the menu to see all the options again
29. Use Fancy Feature
30. Clippy pops up and says "It looks like you're trying to use Fancy Feature
My idea was not Virtual Reality, but "reality augmentation". The idea being that you would wear glasses (of some type) and could drag windows "off" the monitor to float is space around you. You had two choices at that point. Drag a window to your viewport (the monitor), or spin the viewport (and floating windows) to the view you desired.
That's a fantastic idea, but it would be clunky to use with a regular mouse/keyboard pair. With the sheer number of windows I keep open at the same time across multiple desktops, I would either have to dig through the windows floating in space so I can see the keyboard on my desk to start typing, or I would have to lift the glasses momentarily.
So instead of a mouse, lets add on a dual-webcam system that sits on either top corner of your monitor, and tracks several white spots on a dark glove (motion capture, essentially), and use that to move the windows around, change focus, surf, use web forms, etc. (Very similar to the fictional system in Minority Report.) That way, when you needed to move a bunch of different windows around, you can just sweep them away with your hand, instead of clicking and dragging on each one. If you wanted to type*, there would be a motion you perform with the glove to temporarily deactivate the glove's input. Then head to the keyboard, type away, and when you're finished make the same motion again to reactivate the glove's functionality. I see it almost as a hybrid of Opera's mouse gestures feature and physically picking up windows.
Theoretically, this system could be implemented with current technologies, but a large amount of work would have to go the glasses tracking where they are relative to their surroundings, and keeping the windows static, i.e., the windows would not move with the glasses when the user turned his head-- they would stay in place relative to the desk (or wall). It would also be difficult for the glasses to put up an image that would not be tiring to read for long amounts of time.
Food for thought.
*I've always been against virtual keyboards of any kind, since there's no tactile feedback.
That's an example of not maintaining forward compatibility, i.e., trying to open a Word 2003 document with Word 95. I'm talking the other way round where installing the newest version of some OS app requires significant reworking of your existing stuff created in an earlier version.
I've had many instances where I've saved a Word document in Word 2000 and then opened it up in Word XP just to have all my cutomized numbering styles contain random numbers, instead of the usual preferred order of 1-2-3-4-5-6-7-8-9.
Come to think of it, I can't remember a single instance where I used custom styles in a Word document and had it work exactly as it should, in several versions, from '95 on up. Every single one has either a). needed manual tweaking after the fact, b). been broken by version changes, both forward and backward, c). actually crashed Word when combined with a Table of Contents and a few Equations, or d). took twice as long to set up as it would have taken just to type the damn thing out the long way. That's a shame; styles are really the only thing separating Word from Notepad. I wish they worked.
I just went back over this whole thread, and I fail to see where either the OP or myself claimed that Apple's security was "infallible". And I haven't seen any display of "zealotry" in this thread either, unless zealotry means saying, "hey, here's a good idea..."
I was talking about Mac zealots in general. Read some of the other posts in this discussion.
So you're saying that the problem of security is not a systemic one, but a problem of user-level training. And that no matter what security features you put into a system, dumb users will still break the system.
That sounds like a cop-out to me. "There's no point in trying to build in additional security, because dumb users will always screw things up. No operating system can fix that problem. We just need users to become more educated. Our system isn't broken, it's fine the way it is."
Putting words into my mouth. What I really meant by my transcribed console session was that Linux DOES need to change, that it is NOT "fine the way it is." Having a single password allow access to all the deep recesses of the machine works for sysadmins and those with a large knowledge/experience base, but not for general users. If Linux is ever going to succeed on the desktop, these glaring security issues will need to be addressed. Additionally, applying a patch, like requiring a root password to be typed for administrative tasks and disabling the root user, will not fix it.
I've got news for you. YOU'LL NEVER FIX THE PROBLEM OF DUMB USERS. You can't train every computer user to be a sysadmin, because the vast majority have no interest in learning.
That's true, but since computers have been around for such a short amount of time, there is no intuition regarding them either. Other devices have intuition associated with them: to use a lawnmower, you fill it with gas, pull this cord, and push it around. Everyone knows this because lawnmowers have been around for such a long time. People have no clue how to operate their computers, and they refuse to learn because computer companies keep advertising that computers are really easy to use, and actively seeking out training about their computers admits that they are an idiot. Well, I have news for the Slashdot community: computers are not easy, no matter how many pretty icons or autoinstall wizards exist on the desktop. Even the most trivial tasks, like copying a file instead of moving it, are not intuitive. (Ask anyone who works in tech support how intuitive computers are.) Both Apple and Microsoft are guilty of this mentality, and AOL is responsible for a certain amount of it when people get on the internet, which is far from simple and easy to use, and also more dangerous than a stand-alone computer.
If you're waiting for the day when computer users are all educated and informed, and security abounds because nobody is stupid enough to be fooled by script kiddies, get yourself a coat and a chair. Hell will freeze over first, and you may get tired from standing.
I'm not waiting for that day. But I am waiting for the day when people are just knowledgeable enough to not click on every damn thing they see on their computer. This will require a certain amount of intuition and familiarity-- but computers change drastically every five years. How is anyone supposed to find their way around this maze when the builders keep shifting walls to make room for more features? Yes, systems should be hardened. Yes, security in software is an issue. But what we really need to focus on now is standards compliance, compatibility, and above all, *consistency of design*. When using computers from different companies is as similar as driving cars from different companies, then users will start to gain familiarity and intuition about their machines (sure, the dashboard has the speedometer in a different location, and all the sound system buttons are different, but the gas and the brake are in the right place). Then these types of "USER=ID-10-T" problems will become far less frequent. People are not stupid. They're just lost.
There are things an administrator is NOT permitted to do (and deleting System files is one). If the root user is disabled (as it is by default), those files simply can't be deleted, no matter how clever the script kiddie is.
You're right. But that's why I said my deleting system files example was JUST AN EXAMPLE (and meant to be humorous, as well). There is quite a bit a script kiddie could do to an OSX machine without deleting system files. Setting up a spam relay and installing spyware come to mind, and you certainly can write to the program directories with Administrator permissions. How else would you install software? But again, my post was talking about Linux. Not Mac.
I think that was the point of this thread, wasn't it? MacOS X was held up as an example of the way an operating system can be both usable and secure at the same time. In MacOS X, you can do any admin-level tasks as a non-root administrator, EXCEPT destroy the system.
Yes, that is the point of the thread. MacOSX is currently the best balance between admin power and end user security. But don't underestimate the power of uninformed users, which was my point. If the user has an admin password, *someone* will find a way to dupe them into typing it, and then that someone will be able to do nasty things to the computer. Perhaps not deleting system files, but something nasty nonetheless. A system is not foolproof unless you remove the fool from the system.
No, but it illustrates that while you are clearly not familiar with the technical workings of MacOS X's security features, you are quick to dismiss them as useless.
I'm not dismissing them as useless. I'm taking them down off the Pedestal of Infallibility Mac zealots have put them on. Yes, these features are nice, but an end user can still be fooled by outside software.
I was not talking about OSX in my post, a fact you seem to have missed. I was talking about asking for a superuser password (be it root, Administrator, whoever--someone with privilege) whenever an administrative task needs to be completed. The user will get so used to typing in that password, that the next time malicious software comes along and asks for it, and the little window it pops up looks just like the one the operating system uses, that password is going to get typed in faster than you can say "spam relay." Perhaps the software was run because the email it came in made it look like a jpg file; whatever. Unless users have a basic grasp of how to tell when something is suspect, these issues will arise. No operating system can plug the security hole between the chair and the keyboard. Only training can do that.
"The U.S. District court last year decided that the RIAA could not subpoena ISPs [techtv.com] to reveal the identities of users who have violated copyright laws on the network."
It's probably nitpicking, but it is not "The" U.S. District Court, it is one U.S. District Court, specifically the Appellate Court for the District of Columbia. The legal decision is not binding on courts outside the jurisdiction of that court.
Yes, that's true. I forgot to add the words "for the District of Columbia." In any case, the ruling was groundbreaking, and would be a precedent in similar cased tried in other jurisdictions.
They also could have an admin-side interface to search any given user's account for any given keyword (since that search is already presented to each user) which they'd run when presented with a valid legal warrant.
The issue here is not whether Google *could* search a user's email for a keyword; we all know they can. The question is whether or not they *would*. The U.S. District court last year decided that the RIAA could not subpoena ISPs to reveal the identities of users who have violated copyright laws on the network. I don't see GMail being any different: since GMail is not involved in the communication, but merely the conduit for it, it's not responsible for the content, nor does it have a legal obligation to reveal the identity of a person using the service.
However, I also see 1GB of email storage being highly abused by the mp3 trading community, and as a storage medium. If copyright-infringing files are stored on Google's servers, it would be a different issue. But in that case, the authorities (meaning the police, not the RIAA) would be able to present a valid warrant and Google would have to turn over the contents of that user's account. No searching would be involved... just turn over all the data the warrant requests.
I can't think of a legal instance where Google would be required to search emails for keywords for the authorities, in order to, for example, look for child molestors or potential terrorists. That would be in clear violation of Google's privacy policy and several federal laws, and the authorities would likely have to come up with a specific name and a warrant.
By the way, it's obvious that you are a Linux user, and have never seen the guts of OS X. The following directory structures don't even exist under OS X: /boot /home /lib /mnt /opt /proc /root
You're just like the Windows Admin talking about Linux security. Ironic, eh?
No, it's not ironic at all; this topic is about security in Linux as used by general users, and I was merely applying what Macintosh believes to be a decent security measure to Linux.
My point was that the root user in (most flavors of) Linux is NOT disabled; with a single password, it is extremely easy to do some very dangerous things. But again, even if the root user *was* disabled, and only Administrators could do root-level things, the script would ask for that password. It could still do a lot of damage, installing software, setting up relays, etc. Asking for a password every time a root-level function needs to be executed, as OSX does, is not that great for security when the user is uninformed.
You can only secure the operating system so much. Any more and it's far too difficult for an Admin to get in there and do what s/he needs to do. The rest needs to come from the user making informed decisions about which programs to run (and the OS having dangerous services turned off by default, but that's a topic for another post).
And you're right; that directory structure is from my own install of Gentoo. But the example was not intended to address a specific problem. It was only intended to illustrate that people do what their computers tell them to, even if the instructions were written by some script kiddie and emailed through a relay with a spoofed From: address. Because they're not informed enough to make good decisions. Computers are, quite frankly, a mystery to them. If their computer asks them for a password, they will type it. They're not going to stop and ask themselves if they should, especially when their computer asks them that all the time.
Many of Microsoft's engineers in the 90s had no concept of trust and privilege, and it showed. Those few who understood the implications couldn't drive the rest of the overwhelmingly "convenience-driven" corporate culture to really care about the down-sides to an all-root-all-the-time lack of security. Now that Microsoft knows the implications, their inertia has them at a strict disadvantage: they must change, and in so changing, they break their #1 asset: long-term backwards compatibility.
Apple recently broke backwards-compatibility, and they have thrived because of it. Sure, they added some "compatibility mode", which really amounts to a fast dual-boot, but as more and more new applications support only OSX, that will slowly fade away.
Oh, and Windows XP broke backwards compatibility with DOS, and Windows 9x. They also added a "compatibility mode" to run old applications. The problem is that Microsoft's breaking of backwards compatibility was for a half-assed operating system that still needs epic overhauls to be secure. When Mac did it, they set down the foundation first. OS 10.0 was buggy, full of holes, and very inconsistent. However, since the foundation was there, only incremental improvements were needed and now it's fantastic. MS still doesn't have a foundation. How well will their XP SP2 patch hold up without any support from below?
Breaking compatibility can be done, but it has to be done RIGHT.
Imagine the computer as a house. It's a place where you keep your stuff. (Yes, kids, here comes the analogy!)
... but a burglar could be clinging to the underside of that couch you just bought and are currently pulling in through the window.
Within that house, usability is a matter of placing light switches and doorknobs so that they're both within easy reach and easily recognizeable as such. It's a matter of leaving a clear path between rooms, unblocked by furniture. It's a matter of making doorways large enough (or using furniture thin enough) that you can moving things around if you must. To the person that lives within it, usability is a matter of making as much as possible convenient and accessible.
And within that house, security is a matter of sturdy locks on the doors and windows that close firmly, without room to stick a credit card in. It's also a matter of denying spaces within to those that don't need it. It may involve locking certain rooms, or if those rooms must be left open, then locking those few cabinets that contain dangerous things (like bleach and ammonia) or putting those dangerous things up and out of reach. Security is as great as possible a deterrant against anyone outside the house who doesn't have a key or permission to be there, and safeguards within the house to keep the unwary from setting the curtains on fire with a misplaced candle.
That's a fine analogy, but it's missing one rather large ingredient: the internet. Connecting your house with lots of other peoples' houses, the vast majority of whom you don't even know and never meet. You get to exchange furniture, gain ideas about the color of your curtains, and even sell your car. So here's the kicker: how do you make it easy to exchange all this data between the houses, yet still keep your house secure from outside attacks? Your front door is locked, to be sure
Microsoft is actively trying to blur the line between online and offline. Already they have the option of downloading whole websites and viewing them offline, yet these offline sites look exactly as they would when viewing them online (except, perhaps, for a tiny icon way down in the corner, amid the other onslaught of tiny icons no one pays attention to). Not only are both copies of the website (online and offline) seen in the OS as a *single folder* by default, but most users don't even understand the concept of an HTML file having to be downloaded to a cache directory before it can be viewed. The internet is a very abstract concept, and it doesn't help that we (the geeks) keep metaphorizing it. Many of the "Joe Blow" users I deal with on a daily basis refer to sites like Google and Yahoo as if they were applications that are launched from the toolbar.
I think the true solution is to make an extremely clear distinction between "online" and "offline." Only when users understand that fundamental concept will they be able to make their own judgements about what to trust. They can't always rely on us to educate them on what's good and what's bad: they should be able to see an instruction on the computer screen and decide for themselves whether it's "online" (meaning not installed by them, and therefore probably malicious) or "offline" (meaning installed by them or GatewayDellCompaq, and therefore probably legit).