So you want everything to be updated faster, but slower. Great thinking, there.
No: I want to install the latest version of the wordprocessor without simultaneously upgrading every other part of the operating system, and committing myself to the glitches, troubleshooting and re-learning that inevitably entails. I want to install a mature, stable core OS that will be viable for several years, and only upgrade the bits of it I have to. I want distros to spend less time generating a new major release every 6 months and more time keeping the individual packages in the software repository up to date with the minimum of dependencies.
Or, more accurately, while I can probably figure out how to do a piecemeal upgrade, a non-techie user should be able to do it from the click-and-drool "add new software" panel. Realistcally, I'd be more inclined to start with something stable like Debian and install my key apps from tarballs or third-party.debs - but Linux needs to stop pitching itself at people like me.
I don't think you quite understand how Linux development and distro packaging work just yet.
And I think you typify the "you're too stupid to use Linux" attitude that has always hampered the widespread adoption of Linux. Users don't give a flying fuck about "how Linux development and distro packaging work" - users are accustomed to an OS version which remains viable, and capable of running the latest applications and hardware, for years. Unlike Linux hackers, users want operating systems in order to run applications - not as a source of recreation. Witness Microsoft's difficulty in killing off XP...
If the "Linux development and distro packaging" system means that mainstream, production releases of the OS have a shelf life of 6 months, then it is unfit for purpose and needs to be fixed. The main flaw of Linux distros is that packages have dependency issues that make the old Windows "DLL Hell" look like heaven. That is not a feature - it is a bug that needs fixing.
That said, I probably will stick with the next long-term release for an extended time period for many of the reasons you mention compounded by my general laziness
Plus the odds are that you, like me, faced with the need for a package or driver not available for your LTS distro, would reach for a tarball and spend a happy afternoon getting it to build. Heck, I'll probably download Karmic for fun, at some stage. Trouble is, Linux needs to start selling itself to people who don't regard installing and troubleshooting a new linux distro as a good weekend's entertainment.
I don't think you know the difference between major releasing and incremental releasing methodology.
Yes, because assigning a buzzword solves all the problems associated with an idea.
Meanwhile, changing the default filing system from EXT3 to EXT4 (for example) doesn't sound very "incremental" to me - not to mention something which should have been in beta for a year before showing up in a public release.
As Linux still lacks a proper standardized and userfriendly way to ship software or kernel drivers outside of the distribution we absolute need regular releases
Sounds more like it absolutely needs a proper way of shipping software or kernel drivers... I don't see why this can't be solved within a distribution, though. However, the current policy seems to be "if you need that new WiFi driver then either hack it in yourself from a tarball or upgrade the whole system and run the risk of fixing a whole load of things which ain't broke".
as the alternative would be to be stuck with year old software and drivers which wouldn't support new hardware.
Yet competing operating systems manage to let you upgrade drivers and individual software packages as and when they need in the years separating OS releases... Its not even as if its not possible on Linux - its the distro system that dictates the all-or-nothing upgrade approach. I suspect the problem is that the techie types who make the decisions don't think twice about stepping outside the distro and rolling a custom kernel or building a tarball, and fail to realize just how inaccessible that is to other types of user.
...a new Ubuntu every 6 months? Seems like a support nightmare - and as other posts here have mentioned, the incremental upgrades are only really viable if you don't skip releases. It would certainly worry me if I were a hardware mfr looking to sell Ubuntu-based machines.
Yes, there are the LTS versions, but the website pretty much steers visitors towards the latest 6-monthly release. Even then the "long term support" seems to be mainly critical bugfixes rather than keeping applications up-to-date. Now, your typical/.er may have no problem scouring the web for a suitable tarball or.deb containing the latest version of Open Office, but with no established equivalent to the user-friendly installers used by Windows and Mac, non-techie users really need to get their upgrades via their distro's "install new software" tool.
Seems to me that, although there will always be a place for bleeding-edge distros, its about time for mainstream, end-user focussed distros like Ubuntu to grow up a bit and settle down to a more sedate lifecycle, with a couple of years between major OS updates (just like MS and Apple) and concentrate on keeping their application repositories up-to-date.
Most users want to run the latest applications, not re-configure their OS every 6 months.
but you have the right to your day in court for ANY ticket.
...and you also have the right to pay all the legal fees that incurs, and - if you lose - face the possibility of a higher fine. Generally, paying the fixed fee is the only sensible thing to do. "If the cop had known I was going to take it to court, he'd have looked the other way" is not a defence.
Its not so much that totally innocent people get fined, its that, since most people just pay up, it makes it economical (and even profitable) to go after petty offences and soft targets, rather than concentrating on the really dangerous people. There is no incentive on the police to use their discretion
Do none of these places have an offense of "driving without due care or attention" which would suffice,
Yeah, but that involves the police gathering evidence and making a case that a driver was not in control of their vehicle. These new offences are mainly "fixed penalty" jobs that bypass all that tedious stuff about "due process" and "a fair hearing", and are absolutely brilliant for soft-targetting people sitting in traffic jams (much easier than catching that idiot in a BMW as he zooms past).
On the bright side, maybe eventually the police will be given powers to simply arrest anybody driving a white van or a large German car.
It's not on my package either but it does say "Use of this product is subject to acceptance of the software license agreement included in this package."
Yes, but the "license agreement included in the package" seems to be a generic one including clauses covering several types of license - the packaging gives no indication that the "upgrade" clause applies. Now, IANAL, so maybe they could still enforce this - but they'd be inviting class actions, complaints to trading standards authorities and much negative publicity for failing to describe their product correctly.
As for any indications as to it being an upgrade at the store, the disks were behind a locked case and there was a sign on the case saying it was an upgrade for Leopard.
YMMV - where I bought it (a fairly upmarket UK department store) there was no indication whatsoever. On Amazon UK the information is there, but only if you link to "More system requirements" - they could probably enforce that, but it would be a PR disaster.
Hence my supposition that this is all a fig leaf against people complaining that 10.6 broke their old version of iLife - if Apple really wanted 10.4 users to pay more for 10.6, surely they'd put an "Upgrade from 10.5" sticker on the box and remove the uncertainty?
Is this really enough for us to go running scared about yet another airplane hazard? 22 incidents over 10 years is enough to make you think,
To get that in perspective, how many serious (presumably non-battery related) air crashes have there been in 10 years? One or two a year sounds about par for the course to me. So the chances of being on a flight with a minor fire, one or two nasty, but non-fatal burns and some smelly fumes are roughly on a par with the danger of becoming geography, which we happily accept every time we step on a plane.
However, after my last flight experience, I think I'm going to skip flying, break into the nearest microbiology lab and snort the contents of a few random petri dishes - the practical effect will probably be about the same. Plus, I'm surprised they have a fire problem on planes, because whatever the shit is that they pump round the cabin, it doesn't seem to bear much resemblance to air.
I believe that all boxed OSX is essentially an upgrade license, since the EULA explicitly forbids non Mac hardware, how could you be buying OSX and not be upgrading?
In the past, the only stated condition has been the "Apple Hardware" one - and although that implies that you already have Mac OS there has never been any requirement to already have a license for any specific version.
With 10.6, this changed and the $30 version (a fraction of the price of previous versions) is described as an upgrade for Leopard (10.5) users. Users of 10.4 or earlier are supposed to buy a more expensive "boxed set" which includes iLife and iWork.
However, my point is that although this is made clear on the Apple Store page above, if you walk into a shop and buy a $30 Snow Leopard box there is absolutely nothing to tell you that you are buying an "upgrade".
The commercial market for Psystar's machines would dry up overnight if Apple released a ~$1100ish headless tower.
The problem is that there is a very, very good reason why Apple only makes small-form-factor, all-in-one, mid/high-end laptops and workstation class machines: profit margins.
Such machines can be sold for a premium price c.f. generic tower hardware - and most objective reviews of Apple hardware find that it is reasonably competetive when compared like-for-like with other SFFs, all-in-ones, workstations or high-end laptops.
A headless tower (or a chunky, entry-level laptop) would be in direct competition with the most competetive sector of the PC market, where manufacturers throw together Windows systems from whatever components are going cheap that month, and only make a profit if they manage to sell you an extended warranty or overpriced upgrade.
So, its very questionable whether releasing an affordable tower would actually expand Apple's market - but it is almost inevitable that it would leech sales from Apple's other, higher margin, products.
Remember, the last time Apple tried licensing its OS, the problem was that rather than introducing cheap'n'cheerful entry level systems, the cloners went after Apple's high-end workstations because that was where the money was.
Also, the PC market has a huge market for basic tower systems in the form of the corporate sector. That sector is pwned, lock stock and barrel, by Microsoft - Apple is not going to crack that any time soon. The other big market for towers is gaming: again, one of Apple's weakest areas (Apple do have a successful gaming platform, but its called the iPhone).
It's only supposed to be installed if Leopard is already installed.
IANAL, but I think Apple would have a hard time making that particular aspect stick: although there is a clause in the EULA referring to "upgrade (from Leopard) versions", the EULA is completely generic (e.g. it also covers "family pack" versions) and I could find nothing on the DVD, packaging or invoice to indicate that I only had an "upgrade" version, nor was there any indication at the (not Apple, but reputable) store where I bought it. The only way I knew I had an "upgrade" version was from online research.
My impression was that Apple are not particularly worried about the "upgrade" issue, but just want to encourage pre-10.5 users to upgrade iLife/iWork at the same time.
(This is separate from the "Apple Branded Computer" thing which is quite explicit in the EULA).
Hey!!! In my country, documents are 210 × 297 mm, you insensitive clod.
Pity the insensitive clod, do not hate him, for he will forever be making his lines of text too long for optimum readability and shall never know the joy of always being able to make the next smallest size of paper by folding a larger sheet in half, without changing the aspect ratio.
This is one of the biggest ways that Android and the iPhone differ. With the iPhone, you have one phone, and one OS.
There's a flipside to that, though, especially when it comes to the App market.
One of the iPhone's huge hidden advantages is that there is that there is only one UI to design for: every App has to work well with just a touchscreen and accelerometer if it is to succeed.
With a diversity of Android handsets appearing, how many developers will actually test their wares on every handset? Already, I've encountered some apps written for the G1 that don't work properly with the Hero's soft keyboard (e.g. most of the terminal emulators). Some games are unplayable because the "chin" buttons have been re-arranged. So far, most authors seem eager to address this, but when these problems are multiplied by 50, will they keep up?
Its not just physical differences: HTC have tinkered with the GUI quite a bit so (e.g.) alternative music players work fine, but don't integrate with the lock screen. Again - seems trivial, but multiply that by 50.
Operating systems for "full size" PCs don't have such a big issue: most variations will include a physical keyboard, a mouse and a decent-sized screen.
It lampooned the Apple ad format, complete with the black text on white and indie music listing off stuff the iPhone can't do, then making a sharp cut to an android logo with a URL.
Hmm - what about the things than an iPhone *can* do, like connect to my work WiFi (which needs a web proxy), reliably re-connect to my home WiFi after its been "slept" and provide a music player that isn't a joke compared to the iPhone player?
Sorry that's a bit troll-y: I have a HTC Hero and an iPod Touch - and while the former probably has more features and is more "open" it still lacks Apple's attention to detail - plus the iPod/Phone has a better screen and is much faster, while all the Android phones so far have been underpowered.
Apple's initial success was with the Apple 2, before the "IBM" PC existed. But when the time came to follow through, they had two massive misfires with the Apple 3 (technical problems) and then the Lisa (revolutionary but completely unaffordable, even by Apple standards).
The Mac was not released until after the IBM PC had risen to dominate the business computing market. Hence the famous "1984" ad which launched the Mac. It was playing catch-up all along.
Oh, and if you think Apple should have taken a leaf out of IBM's book: one of these companies is still selling personal computers in serious quantity today, the other isn't - having been driven out of its own market when the cloners figured out a legal way of copying the supposedly proprietary IBM PC BIOS ROMs. NB: despite the revisionist history, the PC was never intended to be an "open" system in the modern sense of the word.
"I know I'll be flamed, but in all honesty, is the Mac platform even relevant any more? The hardware and OS were revolutionary in 1989, but 20 years later..."
...they have been through 20 years of intensive development in order to stay competitive in the market. The hardware platform has changed fundamentally - twice - and the original Mac OS has been torn up and replaced. Enough software developers have been kept sweet to ensure a substantial set of quality applications for the platform. Because Mac has a non-negligible market share, there is reasonable support from peripheral manufacturers.
Basically, Mac has been a going, evolving, concern with a significant user base for 20 years, while AmigaOS has been in the doldrums, kept dimly flickering by a few die-hard fans.
However, as a media-optimzed OS, I'm a re-vamped AmigaOS might be able to make serious inroads into BeOS's market share.:-)
What do you mean by "fairly recent"? I recall it being just one click on the padlock in Opera 5.12 ~ 2001, and being able to find it somewhat easily in Netscape 4 ~ 1999.
It was usually a couple of clicks to get to the name of the certificate holder. That's 2 clicks too many to get to something which people should really check every time they visit a site. It was Firefox 3 that put the info right there on the address bar.
...and with EV perhaps who runs the site, but nothing about the security or trustworthiness of the site or company.
...but I don't think that problem has a technological solution - it always comes down to some sort of trusted third party. The best technology can do is to make it inconvenient for fraudsters to masquerade as a reputable site. Anything which adds complications, expense or leaves a paper trail (e.g. having to provide a letterhead and a postal address to a CA) is a deterrent against "fly-by-night" scams - even if it isn't a cure. Of course, all the scammers really have to do is send out an email asying "please reply with your username and password".
Long Term Con man (web version of Madoff?) could certainly get certified all the way to EV and still plan to sell off your CC# in, say, a year.
That is a flaw with the credit card system, not the web: if the banks got their fingers out then it would be SOP to generate one-time or restricted credit CC numbers for all web transactions. That way, even sending your CC number in the clear would be safer than handing your card over in a shop.
Are you having some sort of mental issue or something?
No - you seem to be in denial of one basic fact: there is nothing stopping you doing exactly what you want to do! Go ahead, use a self-signed certificate - just don't complain when the user's browser quite rightly warns them of the limitations of using encryption without identity checking.
And yes, certificates are a million miles from perfect. Unfortunately, while you can devise arbitrarily secure encryption schemes, they all start with the axiom that "Alice" really is Alice and "Bob" really is Bob: verifying identity is always going to rely on some sort of chain of trust. Meanwhile, if its a pain in the neck for small forums to buy certificates, its also a pain in the neck for phishers.
Letting people keep stuff behind a standard door just gives them a false sense of security and we should loudly repeatedly war people whenever they attempt to set something of theirs down inside any sort of structure instead of outside.
Actually, yes. A bit like hotels warn you not to keep valuables in your room, despite the fact there is a lock on the door. With the added factor that most users suffer catastrophic common sense failure as soon as they come within 10' of a computer screen.
(Oh, and most browsers warn you before you send data in the clear as well - until you disable that warning).
Then SSL should just go away. For practical purposes the lock icon means someone you don't know anything about has been paid to vouch for this other person.
Yup - that's about it. You trust the browser authors to only add reputable CAs to the trusted list, and to remove any that go bad.
Any better ideas?
Remember, encryption may let someone claiming to be "Alice" talk securely to someone claiming to be "Bob" but, unfortunately, it does nothing to initially establish that "Alice" and "Bob" are who they claim to be - that part is always going to rely on a trusted third party.
A steel door on a tent is much better than no door on a tent.
No it isn't.
A zip fastener and a cheap padlock is enough to make it clear that your tent isn't public. Anything more is a waste of effort - and may just draw attention to your tent.
Let me guess: You think locking a car or house is a waste of time, because any fool can break in via windows?
Nope - but I do think that fitting an expensive high-security door without paying equal attention to the windows is pretty dumb.
Perhaps, you should maybe consider that those of us who want a little more security know exactly what we're asking for
So what is stopping you? People who "know what they are asking for" will understand what the warnings in Firefox are all about and click through them in 10 seconds the first time they visit the site. If someone is put off by the warnings then they clearly don't "know what they are asking for".
That maybe we think protecting web forum password from sniffers, and from man-in-the-middle attacks
Yeah, because the black hats are just queuing up to go to the massive effort of sniffing passwords or staging man-in-the-middle attacks on obscure web forums, whereas the much cheaper technique of phishing (which is neither sniffing nor man-in-the-middle, and won't be stopped by simply using SSL) is exceedingly rare.
It is not a hassle to "drill down" to find the name of the cert holder. Firefox puts it right there on the front of the security popup
Yes, but that is a fairly recent innovation in Firefox and other browsers. Previously, it was several clicks down from the "golden padlock".
And most verified certs are verified to some unknown corporate division anyway - I don't see your point.
The point is that the name on the cert should reassure me that I'm dealing with who I think I am. Often, it doesn't help. If I go to an "Acme Bank" site and find the certificate is registerd to "ABIS.com" it doesn't really help. The new Extended ID system fixes this.
As for the "steel door on a tent" quip, the same is true for verified certs.
At least that's a steel door on a moderately sturdy wooden shack, which is an improvement.
Certs are for encryption.
No - public keys are for encryption. Certs also have to solve the problem of identity verification, and that's always going to be the weak link. Public keys are great - you can give me your PK without worrying about me keeping it secure - but unless you hand it to me personally, I have no way of knowing that it really comes from you. That's where certificates and trusted third parties come in.
Totally agree with this. If I dont want to spend money paying a certification authority I should be able to encrypt anyway without the browser warning the user in big red letters that I am a pirate.
Except, if you don't verify the identity of the recipient, encrypting data is as much use as putting a steel door on a tent. Maybe that's why encryption and authentication are joined at the hip?
The behaviour of Firefox is absolutely correct: it strongly discourages people who don't know any better from connecting to unverified sites, but does not prevent it.
If you want to run an encrypted site without shelling out for a certificate, then fine - but its up to you to reassure visitors that you're not evil.
The real problems are that (a) its such a hassle to drill down to the name of the certificate holder and (b) when you do find it its usually something like "No Obvious Connection to the Website Corp. (Holdings) PLC". (the extended ID in Firefox helps, where its used).
Assuming, of course, Apple didn't start this business of checking the vendor ID in addition to the device ID.)
Wasn't that what they did the first time the Pre started reporting itself as an iPod?
If they think that this is Apple's fault, they're idiots, because they knew full well they got a non-Apple device.
So, you've never done your time on Helldesk, then?
(Have you done anything unusual? No. Did you do anything unusual just before this problem started? No. Are you sure you didn't do anything unusual before this started?
Er... no. Really sure? Er... I did delete some files in a folder called "Library" - but that couldn't have done it, could it?
Apple makes good money selling to people who call any portable music player an iPod, and certainly can't judge whether something is a software or hardware problem.
I think the entire beef is that Apple is spending money specifically to exclude Palm,
Ye gods, I hope nobody here ever has to do a cost estimate on a development project.
Option 1: Maintain a published API for iTunes plug-ins, manage dissemination of any spec changes, manage beta testing of new iTunes releases by third party device manufactures, take responsibility for ensuring that third parties can't evade the DRM; take some of the flak when third parties don't bother to start testing against new iTunes releases until Steve is standing on the podium...
Option 2: Turn a blind eye while all and sundry produce devices which declare "yes, I am an iPod, and so is my wife"; allow a large user base of "fake" iPod users to build up an expectation that their devices will work with iTunes, then deal with support calls from users who don't let you know they're not using a kosher iPod until half an hour into the conversation; take the flak when iTunes bricks "fake" iPods by trying to update their firmware, end up (effectively) having to test all new releases of iTunes against popular iPod clones. Hope that none of the fake iPod makers find a way around the DRM and jeapordize your deal with the record companies (without which iTMS would have never got off the ground). Endanger your reputation for reliable software.
Option 3: nip the practice in the bud by, very rapidly, putting a few extra, simple checks in the code.
Slashdot Mirror
So you want everything to be updated faster, but slower. Great thinking, there.
No: I want to install the latest version of the wordprocessor without simultaneously upgrading every other part of the operating system, and committing myself to the glitches, troubleshooting and re-learning that inevitably entails. I want to install a mature, stable core OS that will be viable for several years, and only upgrade the bits of it I have to. I want distros to spend less time generating a new major release every 6 months and more time keeping the individual packages in the software repository up to date with the minimum of dependencies.
Or, more accurately, while I can probably figure out how to do a piecemeal upgrade, a non-techie user should be able to do it from the click-and-drool "add new software" panel. Realistcally, I'd be more inclined to start with something stable like Debian and install my key apps from tarballs or third-party .debs - but Linux needs to stop pitching itself at people like me.
I don't think you quite understand how Linux development and distro packaging work just yet.
And I think you typify the "you're too stupid to use Linux" attitude that has always hampered the widespread adoption of Linux. Users don't give a flying fuck about "how Linux development and distro packaging work" - users are accustomed to an OS version which remains viable, and capable of running the latest applications and hardware, for years. Unlike Linux hackers, users want operating systems in order to run applications - not as a source of recreation. Witness Microsoft's difficulty in killing off XP...
If the "Linux development and distro packaging" system means that mainstream, production releases of the OS have a shelf life of 6 months, then it is unfit for purpose and needs to be fixed. The main flaw of Linux distros is that packages have dependency issues that make the old Windows "DLL Hell" look like heaven. That is not a feature - it is a bug that needs fixing.
That said, I probably will stick with the next long-term release for an extended time period for many of the reasons you mention compounded by my general laziness
Plus the odds are that you, like me, faced with the need for a package or driver not available for your LTS distro, would reach for a tarball and spend a happy afternoon getting it to build. Heck, I'll probably download Karmic for fun, at some stage. Trouble is, Linux needs to start selling itself to people who don't regard installing and troubleshooting a new linux distro as a good weekend's entertainment.
I don't think you know the difference between major releasing and incremental releasing methodology.
Yes, because assigning a buzzword solves all the problems associated with an idea.
Meanwhile, changing the default filing system from EXT3 to EXT4 (for example) doesn't sound very "incremental" to me - not to mention something which should have been in beta for a year before showing up in a public release.
As Linux still lacks a proper standardized and userfriendly way to ship software or kernel drivers outside of the distribution we absolute need regular releases
Sounds more like it absolutely needs a proper way of shipping software or kernel drivers... I don't see why this can't be solved within a distribution, though. However, the current policy seems to be "if you need that new WiFi driver then either hack it in yourself from a tarball or upgrade the whole system and run the risk of fixing a whole load of things which ain't broke".
as the alternative would be to be stuck with year old software and drivers which wouldn't support new hardware.
Yet competing operating systems manage to let you upgrade drivers and individual software packages as and when they need in the years separating OS releases... Its not even as if its not possible on Linux - its the distro system that dictates the all-or-nothing upgrade approach. I suspect the problem is that the techie types who make the decisions don't think twice about stepping outside the distro and rolling a custom kernel or building a tarball, and fail to realize just how inaccessible that is to other types of user.
...a new Ubuntu every 6 months? Seems like a support nightmare - and as other posts here have mentioned, the incremental upgrades are only really viable if you don't skip releases. It would certainly worry me if I were a hardware mfr looking to sell Ubuntu-based machines.
Yes, there are the LTS versions, but the website pretty much steers visitors towards the latest 6-monthly release. Even then the "long term support" seems to be mainly critical bugfixes rather than keeping applications up-to-date. Now, your typical /.er may have no problem scouring the web for a suitable tarball or .deb containing the latest version of Open Office, but with no established equivalent to the user-friendly installers used by Windows and Mac, non-techie users really need to get their upgrades via their distro's "install new software" tool.
Seems to me that, although there will always be a place for bleeding-edge distros, its about time for mainstream, end-user focussed distros like Ubuntu to grow up a bit and settle down to a more sedate lifecycle, with a couple of years between major OS updates (just like MS and Apple) and concentrate on keeping their application repositories up-to-date.
Most users want to run the latest applications, not re-configure their OS every 6 months.
but you have the right to your day in court for ANY ticket.
...and you also have the right to pay all the legal fees that incurs, and - if you lose - face the possibility of a higher fine. Generally, paying the fixed fee is the only sensible thing to do. "If the cop had known I was going to take it to court, he'd have looked the other way" is not a defence.
Its not so much that totally innocent people get fined, its that, since most people just pay up, it makes it economical (and even profitable) to go after petty offences and soft targets, rather than concentrating on the really dangerous people. There is no incentive on the police to use their discretion
Do none of these places have an offense of "driving without due care or attention" which would suffice,
Yeah, but that involves the police gathering evidence and making a case that a driver was not in control of their vehicle. These new offences are mainly "fixed penalty" jobs that bypass all that tedious stuff about "due process" and "a fair hearing", and are absolutely brilliant for soft-targetting people sitting in traffic jams (much easier than catching that idiot in a BMW as he zooms past).
On the bright side, maybe eventually the police will be given powers to simply arrest anybody driving a white van or a large German car.
It's not on my package either but it does say "Use of this product is subject to acceptance of the software license agreement included in this package."
Yes, but the "license agreement included in the package" seems to be a generic one including clauses covering several types of license - the packaging gives no indication that the "upgrade" clause applies. Now, IANAL, so maybe they could still enforce this - but they'd be inviting class actions, complaints to trading standards authorities and much negative publicity for failing to describe their product correctly.
As for any indications as to it being an upgrade at the store, the disks were behind a locked case and there was a sign on the case saying it was an upgrade for Leopard.
YMMV - where I bought it (a fairly upmarket UK department store) there was no indication whatsoever. On Amazon UK the information is there, but only if you link to "More system requirements" - they could probably enforce that, but it would be a PR disaster.
Hence my supposition that this is all a fig leaf against people complaining that 10.6 broke their old version of iLife - if Apple really wanted 10.4 users to pay more for 10.6, surely they'd put an "Upgrade from 10.5" sticker on the box and remove the uncertainty?
Is this really enough for us to go running scared about yet another airplane hazard? 22 incidents over 10 years is enough to make you think,
To get that in perspective, how many serious (presumably non-battery related) air crashes have there been in 10 years? One or two a year sounds about par for the course to me. So the chances of being on a flight with a minor fire, one or two nasty, but non-fatal burns and some smelly fumes are roughly on a par with the danger of becoming geography, which we happily accept every time we step on a plane.
However, after my last flight experience, I think I'm going to skip flying, break into the nearest microbiology lab and snort the contents of a few random petri dishes - the practical effect will probably be about the same. Plus, I'm surprised they have a fire problem on planes, because whatever the shit is that they pump round the cabin, it doesn't seem to bear much resemblance to air.
I believe that all boxed OSX is essentially an upgrade license, since the EULA explicitly forbids non Mac hardware, how could you be buying OSX and not be upgrading?
In the past, the only stated condition has been the "Apple Hardware" one - and although that implies that you already have Mac OS there has never been any requirement to already have a license for any specific version.
With 10.6, this changed and the $30 version (a fraction of the price of previous versions) is described as an upgrade for Leopard (10.5) users. Users of 10.4 or earlier are supposed to buy a more expensive "boxed set" which includes iLife and iWork.
However, my point is that although this is made clear on the Apple Store page above, if you walk into a shop and buy a $30 Snow Leopard box there is absolutely nothing to tell you that you are buying an "upgrade".
The commercial market for Psystar's machines would dry up overnight if Apple released a ~$1100ish headless tower.
The problem is that there is a very, very good reason why Apple only makes small-form-factor, all-in-one, mid/high-end laptops and workstation class machines: profit margins.
Such machines can be sold for a premium price c.f. generic tower hardware - and most objective reviews of Apple hardware find that it is reasonably competetive when compared like-for-like with other SFFs, all-in-ones, workstations or high-end laptops.
A headless tower (or a chunky, entry-level laptop) would be in direct competition with the most competetive sector of the PC market, where manufacturers throw together Windows systems from whatever components are going cheap that month, and only make a profit if they manage to sell you an extended warranty or overpriced upgrade.
So, its very questionable whether releasing an affordable tower would actually expand Apple's market - but it is almost inevitable that it would leech sales from Apple's other, higher margin, products.
Remember, the last time Apple tried licensing its OS, the problem was that rather than introducing cheap'n'cheerful entry level systems, the cloners went after Apple's high-end workstations because that was where the money was.
Also, the PC market has a huge market for basic tower systems in the form of the corporate sector. That sector is pwned, lock stock and barrel, by Microsoft - Apple is not going to crack that any time soon. The other big market for towers is gaming: again, one of Apple's weakest areas (Apple do have a successful gaming platform, but its called the iPhone).
It's only supposed to be installed if Leopard is already installed.
IANAL, but I think Apple would have a hard time making that particular aspect stick: although there is a clause in the EULA referring to "upgrade (from Leopard) versions", the EULA is completely generic (e.g. it also covers "family pack" versions) and I could find nothing on the DVD, packaging or invoice to indicate that I only had an "upgrade" version, nor was there any indication at the (not Apple, but reputable) store where I bought it. The only way I knew I had an "upgrade" version was from online research.
My impression was that Apple are not particularly worried about the "upgrade" issue, but just want to encourage pre-10.5 users to upgrade iLife/iWork at the same time.
(This is separate from the "Apple Branded Computer" thing which is quite explicit in the EULA).
Hey!!! In my country, documents are 210 × 297 mm, you insensitive clod.
Pity the insensitive clod, do not hate him, for he will forever be making his lines of text too long for optimum readability and shall never know the joy of always being able to make the next smallest size of paper by folding a larger sheet in half, without changing the aspect ratio.
This is one of the biggest ways that Android and the iPhone differ. With the iPhone, you have one phone, and one OS.
There's a flipside to that, though, especially when it comes to the App market.
One of the iPhone's huge hidden advantages is that there is that there is only one UI to design for: every App has to work well with just a touchscreen and accelerometer if it is to succeed.
With a diversity of Android handsets appearing, how many developers will actually test their wares on every handset? Already, I've encountered some apps written for the G1 that don't work properly with the Hero's soft keyboard (e.g. most of the terminal emulators). Some games are unplayable because the "chin" buttons have been re-arranged. So far, most authors seem eager to address this, but when these problems are multiplied by 50, will they keep up?
Its not just physical differences: HTC have tinkered with the GUI quite a bit so (e.g.) alternative music players work fine, but don't integrate with the lock screen. Again - seems trivial, but multiply that by 50.
Operating systems for "full size" PCs don't have such a big issue: most variations will include a physical keyboard, a mouse and a decent-sized screen.
It lampooned the Apple ad format, complete with the black text on white and indie music listing off stuff the iPhone can't do, then making a sharp cut to an android logo with a URL.
Hmm - what about the things than an iPhone *can* do, like connect to my work WiFi (which needs a web proxy), reliably re-connect to my home WiFi after its been "slept" and provide a music player that isn't a joke compared to the iPhone player?
Sorry that's a bit troll-y: I have a HTC Hero and an iPod Touch - and while the former probably has more features and is more "open" it still lacks Apple's attention to detail - plus the iPod/Phone has a better screen and is much faster, while all the Android phones so far have been underpowered.
This is exactly how Apple lost the PC war
Quick history lesson:
Apple's initial success was with the Apple 2, before the "IBM" PC existed. But when the time came to follow through, they had two massive misfires with the Apple 3 (technical problems) and then the Lisa (revolutionary but completely unaffordable, even by Apple standards).
The Mac was not released until after the IBM PC had risen to dominate the business computing market. Hence the famous "1984" ad which launched the Mac. It was playing catch-up all along.
Oh, and if you think Apple should have taken a leaf out of IBM's book: one of these companies is still selling personal computers in serious quantity today, the other isn't - having been driven out of its own market when the cloners figured out a legal way of copying the supposedly proprietary IBM PC BIOS ROMs. NB: despite the revisionist history, the PC was never intended to be an "open" system in the modern sense of the word.
"I know I'll be flamed, but in all honesty, is the Mac platform even relevant any more? The hardware and OS were revolutionary in 1989, but 20 years later..."
...they have been through 20 years of intensive development in order to stay competitive in the market. The hardware platform has changed fundamentally - twice - and the original Mac OS has been torn up and replaced. Enough software developers have been kept sweet to ensure a substantial set of quality applications for the platform. Because Mac has a non-negligible market share, there is reasonable support from peripheral manufacturers.
Basically, Mac has been a going, evolving, concern with a significant user base for 20 years, while AmigaOS has been in the doldrums, kept dimly flickering by a few die-hard fans.
However, as a media-optimzed OS, I'm a re-vamped AmigaOS might be able to make serious inroads into BeOS's market share. :-)
What do you mean by "fairly recent"? I recall it being just one click on the padlock in Opera 5.12 ~ 2001, and being able to find it somewhat easily in Netscape 4 ~ 1999.
It was usually a couple of clicks to get to the name of the certificate holder. That's 2 clicks too many to get to something which people should really check every time they visit a site. It was Firefox 3 that put the info right there on the address bar.
...and with EV perhaps who runs the site, but nothing about the security or trustworthiness of the site or company.
...but I don't think that problem has a technological solution - it always comes down to some sort of trusted third party. The best technology can do is to make it inconvenient for fraudsters to masquerade as a reputable site. Anything which adds complications, expense or leaves a paper trail (e.g. having to provide a letterhead and a postal address to a CA) is a deterrent against "fly-by-night" scams - even if it isn't a cure. Of course, all the scammers really have to do is send out an email asying "please reply with your username and password".
Long Term Con man (web version of Madoff?) could certainly get certified all the way to EV and still plan to sell off your CC# in, say, a year.
That is a flaw with the credit card system, not the web: if the banks got their fingers out then it would be SOP to generate one-time or restricted credit CC numbers for all web transactions. That way, even sending your CC number in the clear would be safer than handing your card over in a shop.
Are you having some sort of mental issue or something?
No - you seem to be in denial of one basic fact: there is nothing stopping you doing exactly what you want to do! Go ahead, use a self-signed certificate - just don't complain when the user's browser quite rightly warns them of the limitations of using encryption without identity checking.
And yes, certificates are a million miles from perfect. Unfortunately, while you can devise arbitrarily secure encryption schemes, they all start with the axiom that "Alice" really is Alice and "Bob" really is Bob: verifying identity is always going to rely on some sort of chain of trust. Meanwhile, if its a pain in the neck for small forums to buy certificates, its also a pain in the neck for phishers.
Letting people keep stuff behind a standard door just gives them a false sense of security and we should loudly repeatedly war people whenever they attempt to set something of theirs down inside any sort of structure instead of outside.
Actually, yes. A bit like hotels warn you not to keep valuables in your room, despite the fact there is a lock on the door. With the added factor that most users suffer catastrophic common sense failure as soon as they come within 10' of a computer screen.
(Oh, and most browsers warn you before you send data in the clear as well - until you disable that warning).
Then SSL should just go away. For practical purposes the lock icon means someone you don't know anything about has been paid to vouch for this other person.
Yup - that's about it. You trust the browser authors to only add reputable CAs to the trusted list, and to remove any that go bad.
Any better ideas?
Remember, encryption may let someone claiming to be "Alice" talk securely to someone claiming to be "Bob" but, unfortunately, it does nothing to initially establish that "Alice" and "Bob" are who they claim to be - that part is always going to rely on a trusted third party.
A steel door on a tent is much better than no door on a tent.
No it isn't.
A zip fastener and a cheap padlock is enough to make it clear that your tent isn't public. Anything more is a waste of effort - and may just draw attention to your tent.
Let me guess: You think locking a car or house is a waste of time, because any fool can break in via windows?
Nope - but I do think that fitting an expensive high-security door without paying equal attention to the windows is pretty dumb.
Perhaps, you should maybe consider that those of us who want a little more security know exactly what we're asking for
So what is stopping you? People who "know what they are asking for" will understand what the warnings in Firefox are all about and click through them in 10 seconds the first time they visit the site. If someone is put off by the warnings then they clearly don't "know what they are asking for".
That maybe we think protecting web forum password from sniffers, and from man-in-the-middle attacks
Yeah, because the black hats are just queuing up to go to the massive effort of sniffing passwords or staging man-in-the-middle attacks on obscure web forums, whereas the much cheaper technique of phishing (which is neither sniffing nor man-in-the-middle, and won't be stopped by simply using SSL) is exceedingly rare.
Oh, wait...
It is not a hassle to "drill down" to find the name of the cert holder. Firefox puts it right there on the front of the security popup
Yes, but that is a fairly recent innovation in Firefox and other browsers. Previously, it was several clicks down from the "golden padlock".
And most verified certs are verified to some unknown corporate division anyway - I don't see your point.
The point is that the name on the cert should reassure me that I'm dealing with who I think I am. Often, it doesn't help. If I go to an "Acme Bank" site and find the certificate is registerd to "ABIS.com" it doesn't really help. The new Extended ID system fixes this.
As for the "steel door on a tent" quip, the same is true for verified certs.
At least that's a steel door on a moderately sturdy wooden shack, which is an improvement.
Certs are for encryption.
No - public keys are for encryption. Certs also have to solve the problem of identity verification, and that's always going to be the weak link. Public keys are great - you can give me your PK without worrying about me keeping it secure - but unless you hand it to me personally, I have no way of knowing that it really comes from you. That's where certificates and trusted third parties come in.
Totally agree with this. If I dont want to spend money paying a certification authority I should be able to encrypt anyway without the browser warning the user in big red letters that I am a pirate.
Except, if you don't verify the identity of the recipient, encrypting data is as much use as putting a steel door on a tent. Maybe that's why encryption and authentication are joined at the hip?
The behaviour of Firefox is absolutely correct: it strongly discourages people who don't know any better from connecting to unverified sites, but does not prevent it.
If you want to run an encrypted site without shelling out for a certificate, then fine - but its up to you to reassure visitors that you're not evil.
The real problems are that (a) its such a hassle to drill down to the name of the certificate holder and (b) when you do find it its usually something like "No Obvious Connection to the Website Corp. (Holdings) PLC". (the extended ID in Firefox helps, where its used).
Assuming, of course, Apple didn't start this business of checking the vendor ID in addition to the device ID.)
Wasn't that what they did the first time the Pre started reporting itself as an iPod?
If they think that this is Apple's fault, they're idiots, because they knew full well they got a non-Apple device.
So, you've never done your time on Helldesk, then?
(Have you done anything unusual? No. Did you do anything unusual just before this problem started? No. Are you sure you didn't do anything unusual before this started? Er... no. Really sure? Er... I did delete some files in a folder called "Library" - but that couldn't have done it, could it?
Apple makes good money selling to people who call any portable music player an iPod, and certainly can't judge whether something is a software or hardware problem.
I think the entire beef is that Apple is spending money specifically to exclude Palm,
Ye gods, I hope nobody here ever has to do a cost estimate on a development project.
Option 1: Maintain a published API for iTunes plug-ins, manage dissemination of any spec changes, manage beta testing of new iTunes releases by third party device manufactures, take responsibility for ensuring that third parties can't evade the DRM; take some of the flak when third parties don't bother to start testing against new iTunes releases until Steve is standing on the podium...
Option 2: Turn a blind eye while all and sundry produce devices which declare "yes, I am an iPod, and so is my wife"; allow a large user base of "fake" iPod users to build up an expectation that their devices will work with iTunes, then deal with support calls from users who don't let you know they're not using a kosher iPod until half an hour into the conversation; take the flak when iTunes bricks "fake" iPods by trying to update their firmware, end up (effectively) having to test all new releases of iTunes against popular iPod clones. Hope that none of the fake iPod makers find a way around the DRM and jeapordize your deal with the record companies (without which iTMS would have never got off the ground). Endanger your reputation for reliable software.
Option 3: nip the practice in the bud by, very rapidly, putting a few extra, simple checks in the code.
Which do you think is most expensive?