IME (and I freely accept I may be utterly wrong...), all that means is the building blocks are in place to do it.
The F/OSS software for managing virtualisation is still pretty dire - if I'm being honest, it feels like someone read a VMWare feature list and decided to copy it without first ensuring they understood what all the features actually were. So they bang on about how having "feature equivalence" yet close investigation suggests that it's not as simple as that.
The bigger a system is, the more complicated it gets, the more places there are for things to go wrong. And when they go wrong... oh boy.
It doesn't get a great deal bigger or more complicated than Amazon's EC2. Presenting an entire datacentre to the enduser as a big unified blob of computer power you can spin up virtual machines in is distinctly non-trivial.
Did this business pay for the iPads? Yes. Did this business own the iPads? Yes, because they bought them.
Can you do anything you want with your own property, including giving it away to promote your business? Yes.
You're quite right, you can do this.
However, you'll run into a little problem straight away. In order to make it an effective promotion, you're going to have to run adverts. And those adverts are going to have to include photos and descriptions of the product on them - it's not going to be terribly effective to announce "Win a tablet computer with a line drawing of an apple with a chunk taken out of it on the back!" and no photographs of the product itself.
As soon as you do that, you're using Apple's trademark. Obviously they're not going to complain about an authorised reseller who uses their trademarks in the "approved" fashion but this is neither authorised nor approved. They'll use trademark law to force you to withdraw all the sales and marketing material announcing this promotion. So yes, you can give away an iPad. But you can't put up posters with "iPad" all over them, you can't take out an advert in the local paper, you can't run an advert on the radio.
This exact same thing has already been done several times - Sony used trademark law to shutdown Lik-Sang back in 2006; IIRC Levi Strauss used a similar argument against Tesco back in 2002.
(Disclaimer: These cases were both in the UK, which can occasionally be somewhat sympathetic to companies using trademark law to break other law. IANAL etc etc.)
Getting pedantic about terminology won't help - that particular horse bolted many years ago.
I would argue that teaching people won't either - ILOVEYOU was eleven years ago and it was all over the news at the time. Today's 25 year olds were 14 when it came out - they can't claim that "viruses never did stuff like that when I was growing up".
Known-bad malware detection is a bad idea. It was broadly workable fifteen years ago when everything spread by floppy disk, but it hasn't been suitable ever since the Internet became ubiquitous. You want a half-decent solution to malware that actually works, I fear it looks rather like Trusted Computing.
We know it's not a virus. But whether you like it or not, the word has become a generic term meaning "malware" to the layman.
Traditional, self-replicating, can-spread-through-no-other-means file-infector viruses on Windows are not particularly common these days. They exist, and there's generally one or two in the "top 10 things to watch for" at any given point in time but pure viruses don't represent the majority of malware and haven't done in some time. Typically, you'll find they also act as trojans and worms.
You can't take a project, stick it on Sourceforge and magically get an army of developers. Donating it to the Apache foundation amounts to the same thing, and has the same problem.
Office software is not particularly fascinating, and for most F/OSS developers, "good enough" means "never going to see much more work". OO.o is, for most practical purposes, "good enough". Frankly, it's not moved on that much since the late betas of version 1.0 I remember from 2002.
I reckon if you were to write a list of every single person on the planet who is remotely qualified to work on OO.o (including some sort of experience in writing user-facing applications), and exclude:
- Everyone who's under NDA/non-compete agreement for a competing product. - Everyone who's happy with OO.o as it is. - Everyone who cannot afford the time to get up to speed with OO.o's codebase. - Everyone who's already actively contributing to OO.o. - Everyone who has no interest in devoting time to OO.o, and isn't likely to be put on a project contributing to it by their employer.
You'll wind up with maybe a couple of people worldwide.
As the guy who invented them (Terry Nation) died in 1997, the rights would be owned by his heirs. Or maybe the BBC themselves own the rights as the Daleks were created for a BBC show.
AFAICT, television - at least under the BBC - seldom works like that. More often than not, virtually anyone who's had any sort of creative input has some sort of rights in each show and these rights are licensed to the BBC under agreements which expire after a certain number of years, a certain number of re-broadcasts or a certain number of lunar eclipses.
A few years ago the BBC had the great idea to put their entire archive on the Web. Turned out that by the time they excluded everything they didn't have sufficient rights for, they wasn't much left - so the project was shelved.
(I'm not an expert, I'm just going off what I've been able to gather - corrections welcome.)
High time too. The only amazing thing about that is it took the better part of 30 years for anyone to latch onto it as an idea. Carry on at this rate the IT industry will be able to provide systems that work without requiring a four-leafed clover, a rabbit's foot and a black cat regularly crossing your path some time around the twenty-fourth century.
You can't trust a machine that's running malware to tell the truth when it tells you that it is now clean - because for all you know, the malware has hooked into the very API routines your anti-malware product depends upon. Anyone who's spent any serious length of time trying to clean up a heavily infested Windows PC will attest to that.
There's booting from a CD - which is much more sensible but only 100% workable if you have a whacking great database of checksums for every valid executable, every DLL, everything that may contain runnable code on the planet and you can somehow use the CD to patch all known vulnerabilities on a system - including local exploits that may take advantage of something the user's already downloaded.
A heuristic algorithm is never going to be 100% reliable because you're essentially only one step away from trying to solve the halting problem - the only real difference is instead of saying "Will the computer halt?" you're saying "Will the computer do something undesirable?". The best you can hope for is to say it probably won't.
True, but there is a political side-effect of the people who design these reactors naming them based on the technology they use to generate power. It means a poorly conceived nuclear reactor at Fukishima tars every other nuclear reactor with the same brush - even if the design means that it doesn't suffer from the same problems.
What would make far more sense would be to rename a bunch of nuclear reactors "Super Happy Perfectly Safe Generators"
IIRC Torvalds has said that he's not too keen on GPLv3 - and even if he was, he doesn't ask for copyright assignment for patches. Which means you'd need to get everyone whose code is in the kernel to agree to a license change - and re-write any bits where the copyright holder either refuses or cannot be contacted.
In short, an awful lot of work for little perceived benefit.
IIRC there was at least one person had an ancient receipt for a DNF pre-order and GameStop had already said "We won't honour it. Sucks to be you." - which is what makes it news,
It's produced by the OS; a Mac OS package is analogous to an.rpm or a.deb. So it's trivial to stop it installing - hit cancel before it does anything.
But... the package doesn't appear out of nowhere. What happens is you visit a site that downloads it, the site flashes up a very impressive looking virus warning page which pretends to be scanning a bunch of things, find all sorts of malware and flashes up a warning saying "Your system is infected! You must install our package!".
Now to you and me, that'd be a red flag immediately. But this thing is playing the same numbers game as all the other social engineering malware - it doesn't matter if 80, 90 or even 99% of people don't let it run. With just 1%, you still get an impressive number of installs pretty quickly.
I bet if you put 10 laypersons in a room with 10 Macs - people with no specific IT knowledge and nobody to call on to ask "is this okay?" - told them to surf the web and then engineered it so they'd hit this sooner rather than later - within the hour you'd have at least one system infected. Probably many more.
Twitter has stated that it is prepared to identify the users who broke the injunction if it was 'legally required' to do so.
Or, to put it another way:
If the law says we must do something, we'll do it.
No kidding. What's important is what they haven't said. They haven't said:
Even though we're a US-based company, we'll honour an order from a UK court.
Nor have Twitter said:
We still plan to open an office in the UK, and there's a good chance that as soon as we do we'll be slapped with a UK court order which we'll have to honour.
I'm not sure it would have done much good. The general consensus of opinion is that this was a case of a determined attacker with a lot of resources, not some nutter on the Internet with a copy of the latest Virus Generator Toolkit (TM).
How much weight we should give that opinion is something I'm not going to discuss.
In any case, you think a determined attacker is going to be put off by a small thing like that? Hell, if it boils down to it you either organise double agents to apply for jobs at the target site or you target someone who already works there with a brown envelope full of unmarked, non-sequential notes. The latter is high risk, but find the right person, someone who's in debt up to their eyeballs and has been keeping it from their family for some time perhaps, and away you go.
Parent is generally right, subject to a few ifs and buts:
1. Comparison must be truly like-for-like. For instance, the iMac is an all-in-one machine with Bluetooth, integrated webcam and I believe an IPS panel. So if you're comparing something else to the iMac, it also should be all-in-one with Bluetooth, integrated webcam and an IPS panel. These things may not be important to you personally, and if that's the case then by all means don't include them in your feature list when you're going shopping. But you must account for them in any like-for-like comparison otherwise it's not like-for-like.
2. Design and build must be taken into account. All the major vendors have a product line where the laptops have an entirely plastic casing and ventilation in the bottom effectively preventing you from using them actually on your lap; these aren't in any way comparable to a machined lump of aluminium with the ventilation holes hidden in the screen hinge.
Maybe the option wasn't available at the time, but the web server edition of Windows is dramatically cheaper than that. And TBH for a small startup I wouldn't even bother with that - I'd set up on a shared hosting platform. It's unlikely to explode overnight and with any half-respectable hosting firm you can ramp up capacity as and when you need to.
Indeed, but there are plenty of more reputable hosting companies out there that won't charge more per month and there are a plethora of reasons why a startup might fail. It seems foolish to add to your risk.
(BTW, from my own research running my own business I don't think the 90% figure is really accurate. AFAICT it'd be more accurate to say 45% fail miserably leaving the founder utterly screwed, 45% do just well enough to feed you but will never make more than a modest income and you'd have done better keeping a regular job and the remaining 10% do well enough to seriously look at expanding the business).
I would add that 50KB is horrendously optimistic. Even Google's homepage - which is famously fast to load mainly because it doesn't have a huge amount on it and what it does have is hugely optimised (seriously, look at the source - there's not a single extraneous byte) - is 83KB.
- Your upload speed is the outside world's maximum download speed from your site. How many visitors will be using it at any given point in time? - Hosting companies generally have half-decent HVAC, power, spare parts onsite and the spare equipment available that if something goes horribly wrong with a server they can get everything back up fast. If you go to that level of expense for just one server, it very quickly becomes much cheaper to pay a hosting firm for several years.
GoDaddy can afford to offer unlimited space & bandwidth at $14.99 (about £9)/month for the exact same reason your broadband supplier can afford to advertise 24Mb ADSL with no bandwidth caps for £15/month when a 20Mb leased line would cost twenty or thirty times that amount.
They work on the assumption that 90% of their users will use hardly any bandwidth or space, and so over-sell their servers horrendously while providing little to no support if things go horribly wrong. Sooner or later they will, and if you're lucky they'll go wrong at a point and in such a way that it's quite easy for you to move your hosting somewhere more reliable with little impact on your operations.
Let's face it, unless you've seriously screwed up the application design a modern server is plenty powerful enough to cope with a good number of users on a website. Provided you can monetize those users somehow, the extra cost of another Windows license is going to be a drop in the ocean next to the other costs a startup faces.
If your server can't keep up when you've got hardly any visitors and you can't figure out some way of getting money out of the few visitors you do get, you have far greater problems than "can I afford another Windows license?"
Where nuclear power is concerned, governments seem to be remarkably reluctant to commission reactors in the first place.
Commissioning reactors that don't exist anywhere else on the planet outside of a few test environments that were last operated in 1969 is never going to happen.
Slashdot Mirror
IME (and I freely accept I may be utterly wrong...), all that means is the building blocks are in place to do it.
The F/OSS software for managing virtualisation is still pretty dire - if I'm being honest, it feels like someone read a VMWare feature list and decided to copy it without first ensuring they understood what all the features actually were. So they bang on about how having "feature equivalence" yet close investigation suggests that it's not as simple as that.
I don't think that many serfs had access to scanning electron microscopes in 1568.
Not necessarily, for a very simple reason.
The bigger a system is, the more complicated it gets, the more places there are for things to go wrong. And when they go wrong... oh boy.
It doesn't get a great deal bigger or more complicated than Amazon's EC2. Presenting an entire datacentre to the enduser as a big unified blob of computer power you can spin up virtual machines in is distinctly non-trivial.
Quit drinking the Kool-Aid.
Did this business pay for the iPads? Yes.
Did this business own the iPads? Yes, because they bought them.
Can you do anything you want with your own property, including giving it away to promote your business? Yes.
You're quite right, you can do this.
However, you'll run into a little problem straight away. In order to make it an effective promotion, you're going to have to run adverts. And those adverts are going to have to include photos and descriptions of the product on them - it's not going to be terribly effective to announce "Win a tablet computer with a line drawing of an apple with a chunk taken out of it on the back!" and no photographs of the product itself.
As soon as you do that, you're using Apple's trademark. Obviously they're not going to complain about an authorised reseller who uses their trademarks in the "approved" fashion but this is neither authorised nor approved. They'll use trademark law to force you to withdraw all the sales and marketing material announcing this promotion. So yes, you can give away an iPad. But you can't put up posters with "iPad" all over them, you can't take out an advert in the local paper, you can't run an advert on the radio.
This exact same thing has already been done several times - Sony used trademark law to shutdown Lik-Sang back in 2006; IIRC Levi Strauss used a similar argument against Tesco back in 2002.
(Disclaimer: These cases were both in the UK, which can occasionally be somewhat sympathetic to companies using trademark law to break other law. IANAL etc etc.)
Getting pedantic about terminology won't help - that particular horse bolted many years ago.
I would argue that teaching people won't either - ILOVEYOU was eleven years ago and it was all over the news at the time. Today's 25 year olds were 14 when it came out - they can't claim that "viruses never did stuff like that when I was growing up".
Known-bad malware detection is a bad idea. It was broadly workable fifteen years ago when everything spread by floppy disk, but it hasn't been suitable ever since the Internet became ubiquitous. You want a half-decent solution to malware that actually works, I fear it looks rather like Trusted Computing.
We know it's not a virus. But whether you like it or not, the word has become a generic term meaning "malware" to the layman.
Traditional, self-replicating, can-spread-through-no-other-means file-infector viruses on Windows are not particularly common these days. They exist, and there's generally one or two in the "top 10 things to watch for" at any given point in time but pure viruses don't represent the majority of malware and haven't done in some time. Typically, you'll find they also act as trojans and worms.
This doesn't stop such things causing harm.
Before Microsoft really started pouring effort into IE, most people had Netscape.
You've alluded to a very important issue.
You can't take a project, stick it on Sourceforge and magically get an army of developers. Donating it to the Apache foundation amounts to the same thing, and has the same problem.
Office software is not particularly fascinating, and for most F/OSS developers, "good enough" means "never going to see much more work". OO.o is, for most practical purposes, "good enough". Frankly, it's not moved on that much since the late betas of version 1.0 I remember from 2002.
I reckon if you were to write a list of every single person on the planet who is remotely qualified to work on OO.o (including some sort of experience in writing user-facing applications), and exclude:
- Everyone who's under NDA/non-compete agreement for a competing product.
- Everyone who's happy with OO.o as it is.
- Everyone who cannot afford the time to get up to speed with OO.o's codebase.
- Everyone who's already actively contributing to OO.o.
- Everyone who has no interest in devoting time to OO.o, and isn't likely to be put on a project contributing to it by their employer.
You'll wind up with maybe a couple of people worldwide.
As the guy who invented them (Terry Nation) died in 1997, the rights would be owned by his heirs. Or maybe the BBC themselves own the rights as the Daleks were created for a BBC show.
AFAICT, television - at least under the BBC - seldom works like that. More often than not, virtually anyone who's had any sort of creative input has some sort of rights in each show and these rights are licensed to the BBC under agreements which expire after a certain number of years, a certain number of re-broadcasts or a certain number of lunar eclipses.
A few years ago the BBC had the great idea to put their entire archive on the Web. Turned out that by the time they excluded everything they didn't have sufficient rights for, they wasn't much left - so the project was shelved.
(I'm not an expert, I'm just going off what I've been able to gather - corrections welcome.)
High time too. The only amazing thing about that is it took the better part of 30 years for anyone to latch onto it as an idea. Carry on at this rate the IT industry will be able to provide systems that work without requiring a four-leafed clover, a rabbit's foot and a black cat regularly crossing your path some time around the twenty-fourth century.
Complete balderdash.
You can't trust a machine that's running malware to tell the truth when it tells you that it is now clean - because for all you know, the malware has hooked into the very API routines your anti-malware product depends upon. Anyone who's spent any serious length of time trying to clean up a heavily infested Windows PC will attest to that.
There's booting from a CD - which is much more sensible but only 100% workable if you have a whacking great database of checksums for every valid executable, every DLL, everything that may contain runnable code on the planet and you can somehow use the CD to patch all known vulnerabilities on a system - including local exploits that may take advantage of something the user's already downloaded.
A heuristic algorithm is never going to be 100% reliable because you're essentially only one step away from trying to solve the halting problem - the only real difference is instead of saying "Will the computer halt?" you're saying "Will the computer do something undesirable?". The best you can hope for is to say it probably won't.
True, but there is a political side-effect of the people who design these reactors naming them based on the technology they use to generate power. It means a poorly conceived nuclear reactor at Fukishima tars every other nuclear reactor with the same brush - even if the design means that it doesn't suffer from the same problems.
What would make far more sense would be to rename a bunch of nuclear reactors "Super Happy Perfectly Safe Generators"
Not going to happen.
IIRC Torvalds has said that he's not too keen on GPLv3 - and even if he was, he doesn't ask for copyright assignment for patches. Which means you'd need to get everyone whose code is in the kernel to agree to a license change - and re-write any bits where the copyright holder either refuses or cannot be contacted.
In short, an awful lot of work for little perceived benefit.
IIRC there was at least one person had an ancient receipt for a DNF pre-order and GameStop had already said "We won't honour it. Sucks to be you." - which is what makes it news,
It's produced by the OS; a Mac OS package is analogous to an .rpm or a .deb. So it's trivial to stop it installing - hit cancel before it does anything.
But... the package doesn't appear out of nowhere. What happens is you visit a site that downloads it, the site flashes up a very impressive looking virus warning page which pretends to be scanning a bunch of things, find all sorts of malware and flashes up a warning saying "Your system is infected! You must install our package!".
Now to you and me, that'd be a red flag immediately. But this thing is playing the same numbers game as all the other social engineering malware - it doesn't matter if 80, 90 or even 99% of people don't let it run. With just 1%, you still get an impressive number of installs pretty quickly.
I bet if you put 10 laypersons in a room with 10 Macs - people with no specific IT knowledge and nobody to call on to ask "is this okay?" - told them to surf the web and then engineered it so they'd hit this sooner rather than later - within the hour you'd have at least one system infected. Probably many more.
Twitter has stated that it is prepared to identify the users who broke the injunction if it was 'legally required' to do so.
Or, to put it another way:
If the law says we must do something, we'll do it.
No kidding. What's important is what they haven't said. They haven't said:
Even though we're a US-based company, we'll honour an order from a UK court.
Nor have Twitter said:
We still plan to open an office in the UK, and there's a good chance that as soon as we do we'll be slapped with a UK court order which we'll have to honour.
I'm not sure it would have done much good. The general consensus of opinion is that this was a case of a determined attacker with a lot of resources, not some nutter on the Internet with a copy of the latest Virus Generator Toolkit (TM).
How much weight we should give that opinion is something I'm not going to discuss.
In any case, you think a determined attacker is going to be put off by a small thing like that? Hell, if it boils down to it you either organise double agents to apply for jobs at the target site or you target someone who already works there with a brown envelope full of unmarked, non-sequential notes. The latter is high risk, but find the right person, someone who's in debt up to their eyeballs and has been keeping it from their family for some time perhaps, and away you go.
Parent is generally right, subject to a few ifs and buts:
1. Comparison must be truly like-for-like. For instance, the iMac is an all-in-one machine with Bluetooth, integrated webcam and I believe an IPS panel. So if you're comparing something else to the iMac, it also should be all-in-one with Bluetooth, integrated webcam and an IPS panel. These things may not be important to you personally, and if that's the case then by all means don't include them in your feature list when you're going shopping. But you must account for them in any like-for-like comparison otherwise it's not like-for-like.
2. Design and build must be taken into account. All the major vendors have a product line where the laptops have an entirely plastic casing and ventilation in the bottom effectively preventing you from using them actually on your lap; these aren't in any way comparable to a machined lump of aluminium with the ventilation holes hidden in the screen hinge.
Maybe the option wasn't available at the time, but the web server edition of Windows is dramatically cheaper than that. And TBH for a small startup I wouldn't even bother with that - I'd set up on a shared hosting platform. It's unlikely to explode overnight and with any half-respectable hosting firm you can ramp up capacity as and when you need to.
Indeed, but there are plenty of more reputable hosting companies out there that won't charge more per month and there are a plethora of reasons why a startup might fail. It seems foolish to add to your risk.
(BTW, from my own research running my own business I don't think the 90% figure is really accurate. AFAICT it'd be more accurate to say 45% fail miserably leaving the founder utterly screwed, 45% do just well enough to feed you but will never make more than a modest income and you'd have done better keeping a regular job and the remaining 10% do well enough to seriously look at expanding the business).
I would add that 50KB is horrendously optimistic. Even Google's homepage - which is famously fast to load mainly because it doesn't have a huge amount on it and what it does have is hugely optimised (seriously, look at the source - there's not a single extraneous byte) - is 83KB.
The most obvious ones are:
- Your upload speed is the outside world's maximum download speed from your site. How many visitors will be using it at any given point in time?
- Hosting companies generally have half-decent HVAC, power, spare parts onsite and the spare equipment available that if something goes horribly wrong with a server they can get everything back up fast. If you go to that level of expense for just one server, it very quickly becomes much cheaper to pay a hosting firm for several years.
That's the best joke I've heard in a long time.
GoDaddy can afford to offer unlimited space & bandwidth at $14.99 (about £9)/month for the exact same reason your broadband supplier can afford to advertise 24Mb ADSL with no bandwidth caps for £15/month when a 20Mb leased line would cost twenty or thirty times that amount.
They work on the assumption that 90% of their users will use hardly any bandwidth or space, and so over-sell their servers horrendously while providing little to no support if things go horribly wrong. Sooner or later they will, and if you're lucky they'll go wrong at a point and in such a way that it's quite easy for you to move your hosting somewhere more reliable with little impact on your operations.
You need to look at the bigger picture.
Let's face it, unless you've seriously screwed up the application design a modern server is plenty powerful enough to cope with a good number of users on a website. Provided you can monetize those users somehow, the extra cost of another Windows license is going to be a drop in the ocean next to the other costs a startup faces.
If your server can't keep up when you've got hardly any visitors and you can't figure out some way of getting money out of the few visitors you do get, you have far greater problems than "can I afford another Windows license?"
Where nuclear power is concerned, governments seem to be remarkably reluctant to commission reactors in the first place.
Commissioning reactors that don't exist anywhere else on the planet outside of a few test environments that were last operated in 1969 is never going to happen.