Granted, VSS and PVCS aren't *that* far off. You are right about VSS's limitations, and PVCS's origins. They were both from the same era, both obsolete today.
Well, unless you're completely insane, you don't change SCMs more then once a decade.
Agreed - the thing is, PVCS is 15+ years old and completely obsolete feature-wise.
Entire processes get built around the current SCM...that's not something easily changed.
In our case, they have to change that process every few years because as PVCS is upgraded, the database format changes. Rather than spend time migrating the format, they just leave the repository alone. So developers need multiple versions of PVCS and various hacks to get the old version to run (separate PC, virtual machine, batch-file that hacks INI files).
It would have been cleaner to just keep everything maintained, on the latest version, than to jump through hoops. When they found they couldn't access old repositories from Windows 7 (because it was a 16-bit app!) they wanted everyone to have a license for Microsoft Virtual PC + a license for the Windows on that virtual machine + the overhead of putting those virtual machines on the domain + the storage space for those virtual machines.... gah! It would have been cheaper and easier just to run the upgrade once every 3 years.
Agreed. Although after 15 years, it is probably time to update to another tool.:-)
And to your point, they are at the point where using this tool is a constant headache. Every few years they get a new version of PVCS that isn't compatible with the old one. So some developers have 2 and 3 versions on their machines. Those versions aren't intended to install side-by-side to they have batch files with INI file hacks to make it work. In other cases they keep a computer in someone's cube that is the designated machine to access that project.
PVCS isn't proactively maintained, when Windows 7 came-out it was a good year or so before PVCS worked on it. And some features still don't work right. (I think they skipped Vista support entirely.)
Actually, one single planet harbors all of the botnets, viruses, and Justin Bieber fans. That planet should be the real target, no operating systems or poor ISPs or something. Sheesh...
The positive particles (Protons) also have far more mass than negative particles (Electrons)
Protons are not antimatter electrons. Positrons are antimatter electronis, and they do have the same mass as electrons. The antimatter opposite of a Proton is an anti-proton. The naming system is inconsistent, probably because the original creators of the names did not know about antimatter.
I know people are jumping on you for this line of thinking, but do realize this kind of thinking is appropriate, but only in limited situations.
When I am working on securing a computer system, I need to think about how to close every loophole no matter how small. Recently I encountered an internal web site that prompted users for their user name and password and sent it over HTTP. Now, this was only on the local corporate network, in a secure building, with WPA2-Enterprise on the wireless network. So the password is really only exposed to a limited group. But it is easily fixable with HTTPS, and it doesn't need to prompt for the password anyway since everyone is on a domain. So I started the gears toward fixing this.
But in the real world, this kind of thinking doesn't work so well. I could put a bomb in a child and take them into an airport. Okay, so now we can children. But I could get 100 children with bombs and rush the security gate. So now we put up turnstyles. So I get 100 ninjas with bombs in them and they jump over the turnstyles. So we build 20-foot unclimbable walls around a chokepoint that injects a fast-expanding foam that traps the ninjas. So I 1 man with a bazooka and bombs. And the escalation continues... in the mean time, some random person just took a bomb onto the plane unchallenged because they are wearing a suit and tie, and watched someone enter their access code.
In the physical world, there are too many security holes to try to stop every one. Any they are very expensive to fix. At some point we have to give up and accept that in order to have freedom in the real world, we need to give up some level of security. Keep thinking like you do, just make sure you don't impose it on everyone else.
Am I missing something, or is this all based on pre-1.5, when it didn't have merge tracking?
AC replies with:
in SVN it's something complicated requiring you too know the revision when you branched and other stuff, something like 'svn merge -r a:b../../trunk' from inside the branch.
19NervousBreakdown: I think the AC just proved exactly what you were saying. Everyone thinks it is hard because it was hard pre-1.5.
P.S. - One company used their own internal source control. That was by far the worst. - All the small companies and contracts used either perforce or svn.
Just pointing this out since I meant to contrast the relationship between company size and tools.
All of "big" companies I've worked for use ancient out-of-date source control. The first one used VSS (late 90's, so it wasn't so unusual at the time) but then around 2000 moved to PVCS. All the developers assumed that someone got kickbacks because there's no reason to move to an older, more expensive, inferior product. Now I work at a Fortune 500 company that also uses PVCS. Their reason: not a soul in the building has ever used anything else. I explain about the features of modern source control and people look at with with either marvel (it can do that!!??), or disdain (how dare you question my source control system).
I don't know why this one piece of software evokes such illogical responses. Oh well.
so cellular data services and features that require them have been removed.
Then the article closes with:
Seriously, who wants a Kin without the unlimited photo uploads?
I thought the entire point of the Kin was that you could connect to social networking services from anywhere. Removing that ability cripples the phone. But let us suppose that they aer right: buyers want to save money by only using those features when they are connected to WiFi. So be it - no hardware or software changes are required to do that.
Seems to me that a better option would be to take the Kin functionality and sell a Kin app for Windows 7. Or bundle it. But as the article points out, this may just be a way to unload the hardware backlog.
I wonder if gifts are becoming fungible. You can buy gift certificates to store X at Wal-mart. Those Coinstar machines that convert coins to cash actually give you a discount if you convert the coins to gift certificates. Now, Amazon has made the ability to effectively convert any product into any other product, prior to even receiving it. Today, it is popular to buy gifts from someone's online wishlist rather than shopping. For my wedding, my wife and I wanted some furniture that no one could buy individually, so we asked for gift certificates to a certain store. All of this stuff is combining together to form a totally new image of commerce where people only buy gifts via proxy - basically, giving money.
The PSK is supposed to protect against man-in-the-middle attacks. If the PSK is compromised, you can get in there and pretend to be both the AP and the client.
I get that. A MITM attack could intercept the traffic. But that isn't what I keep seeing posted. What was stated was:
know the same key, sniff a session's 4 way handshake, and you can decrypt that session's traffic.
I think that is a false statement. You cannot simply listen to the traffic and get the key. You must perform a MITM attack. That is much harder to do.
One (WPA2 PSK) where if everyone has the same password, it's still not secure (know the same key, sniff a session's 4 way handshake, and you can decrypt that session's traffic).
I keep seeing this posted and I don't understand. Listening to the handshake should not allow an attacker to decrypt the session. This is what key exchange algorithms are for. Why would this not be the case with WPA2?
Well then, I hope no one sold that car used, or now they are liable. And hopefully they didn't donate it to a non-profit who sold it to a junkyard, or the non-profit is liable. And I hope that junkyard didn't resell those parts, or the junkyard is liable. That gets ridiculous. The GPL may say that anyone who distributes the code is liable, but that is probably not how copyright law is written, nor is that the intent of the GPL.
There is a big difference between mix tapes and bittorrent. Those mix tapes probably went to 1 or 2 people. File sharing can send hundreds of copies in a short period of time. That is what is really in question here -- if someone participants in a mass sharing system like this: who is liable? and for what damages? Unfortunately, the law is too technically inept to answer these questions so no result will be reasonable. But don't compare it to 80's mix tapes, that isn't the same situation.
What is frustrating now, is that "Agile" degraded to a bunch of buzzwords and processes (SCRUM, XP, TDD, BDD, etc.) which it was going against originally.
Realistically, the original authors were never against buzzwords and processes. They were against the buzzwords and processes of the time. With experience, their new approach also yielded repeatable processes that needed their own new vocabulary. And that vocabulary gets called "buzzwords" by the next generation, and the cycle repeats forever.
Words are not evil. We assign names to things so that we can clearly communicate those concepts to other people. You can't be a professional in something and not have a vocabulary assigned to it. Anthropologically speaking, you can't even think about something without having a vocabulary for it. So we need to stop making these approaches that boil down to "My approach is whatever approach has no vocabulary or well-defined concepts in it. I want to be unique! I don't have a number!"
Agile is different from Waterfall. Agile approaches include things like SCRUM, XP, TDD, BDD, etc. Those are words describing agile approaches. Don't lament that we now have well-defined ways to be agile. Giving them names doesn't make us less agile, it just means we can talk to someone else and know that we are talking about the same thing. I've worked on teams that claimed to be "agile" which really meant that they didn't have any process, and didn't understand the SDLC, and were always late and buggy.
Why is it a problem that it complains in this situation? Sending a page half-encrypted is a big security problem - not the least of which is t hat the user has no reasonable way to know which information was sent securely.
Great! So Google intends to release a completely proprietary chat application that only supports WiFi and only works with people who have the same exact model phone as you? Oh wait, this is Google... Hmmmm.... somehow, I don't think that's what they will do...
Slashdot Mirror
Granted, VSS and PVCS aren't *that* far off. You are right about VSS's limitations, and PVCS's origins. They were both from the same era, both obsolete today.
Well, unless you're completely insane, you don't change SCMs more then once a decade.
Agreed - the thing is, PVCS is 15+ years old and completely obsolete feature-wise.
Entire processes get built around the current SCM...that's not something easily changed.
In our case, they have to change that process every few years because as PVCS is upgraded, the database format changes. Rather than spend time migrating the format, they just leave the repository alone. So developers need multiple versions of PVCS and various hacks to get the old version to run (separate PC, virtual machine, batch-file that hacks INI files).
It would have been cleaner to just keep everything maintained, on the latest version, than to jump through hoops. When they found they couldn't access old repositories from Windows 7 (because it was a 16-bit app!) they wanted everyone to have a license for Microsoft Virtual PC + a license for the Windows on that virtual machine + the overhead of putting those virtual machines on the domain + the storage space for those virtual machines.... gah! It would have been cheaper and easier just to run the upgrade once every 3 years.
Agreed. Although after 15 years, it is probably time to update to another tool. :-)
And to your point, they are at the point where using this tool is a constant headache. Every few years they get a new version of PVCS that isn't compatible with the old one. So some developers have 2 and 3 versions on their machines. Those versions aren't intended to install side-by-side to they have batch files with INI file hacks to make it work. In other cases they keep a computer in someone's cube that is the designated machine to access that project.
PVCS isn't proactively maintained, when Windows 7 came-out it was a good year or so before PVCS worked on it. And some features still don't work right. (I think they skipped Vista support entirely.)
And deploys sofabelts that prevent you from getting up and walking away while it applies glue to hold your eyes open.
Actually, one single planet harbors all of the botnets, viruses, and Justin Bieber fans. That planet should be the real target, no operating systems or poor ISPs or something. Sheesh...
The positive particles (Protons) also have far more mass than negative particles (Electrons)
Protons are not antimatter electrons. Positrons are antimatter electronis, and they do have the same mass as electrons. The antimatter opposite of a Proton is an anti-proton. The naming system is inconsistent, probably because the original creators of the names did not know about antimatter.
I know people are jumping on you for this line of thinking, but do realize this kind of thinking is appropriate, but only in limited situations.
When I am working on securing a computer system, I need to think about how to close every loophole no matter how small. Recently I encountered an internal web site that prompted users for their user name and password and sent it over HTTP. Now, this was only on the local corporate network, in a secure building, with WPA2-Enterprise on the wireless network. So the password is really only exposed to a limited group. But it is easily fixable with HTTPS, and it doesn't need to prompt for the password anyway since everyone is on a domain. So I started the gears toward fixing this.
But in the real world, this kind of thinking doesn't work so well. I could put a bomb in a child and take them into an airport. Okay, so now we can children. But I could get 100 children with bombs and rush the security gate. So now we put up turnstyles. So I get 100 ninjas with bombs in them and they jump over the turnstyles. So we build 20-foot unclimbable walls around a chokepoint that injects a fast-expanding foam that traps the ninjas. So I 1 man with a bazooka and bombs. And the escalation continues... in the mean time, some random person just took a bomb onto the plane unchallenged because they are wearing a suit and tie, and watched someone enter their access code.
In the physical world, there are too many security holes to try to stop every one. Any they are very expensive to fix. At some point we have to give up and accept that in order to have freedom in the real world, we need to give up some level of security. Keep thinking like you do, just make sure you don't impose it on everyone else.
Am I missing something, or is this all based on pre-1.5, when it didn't have merge tracking?
AC replies with:
in SVN it's something complicated requiring you too know the revision when you branched and other stuff, something like 'svn merge -r a:b ../../trunk' from inside the branch.
19NervousBreakdown: I think the AC just proved exactly what you were saying. Everyone thinks it is hard because it was hard pre-1.5.
P.S.
- One company used their own internal source control. That was by far the worst.
- All the small companies and contracts used either perforce or svn.
Just pointing this out since I meant to contrast the relationship between company size and tools.
All of "big" companies I've worked for use ancient out-of-date source control. The first one used VSS (late 90's, so it wasn't so unusual at the time) but then around 2000 moved to PVCS. All the developers assumed that someone got kickbacks because there's no reason to move to an older, more expensive, inferior product. Now I work at a Fortune 500 company that also uses PVCS. Their reason: not a soul in the building has ever used anything else. I explain about the features of modern source control and people look at with with either marvel (it can do that!!??), or disdain (how dare you question my source control system).
I don't know why this one piece of software evokes such illogical responses. Oh well.
Never attribute to malice that which is adequately explained by stupidity.
Gee, and here I am supporting a bill to make deep packet inspection illegal.
You missed the last question. It was:
Which of the following aborts the quiz and starts a discussion about "nerd" -vs- "geek" ? :-)
A. Nerds
B. Geeks.
C. Trolls
D. Females.
so cellular data services and features that require them have been removed.
Then the article closes with:
Seriously, who wants a Kin without the unlimited photo uploads?
I thought the entire point of the Kin was that you could connect to social networking services from anywhere. Removing that ability cripples the phone. But let us suppose that they aer right: buyers want to save money by only using those features when they are connected to WiFi. So be it - no hardware or software changes are required to do that.
Seems to me that a better option would be to take the Kin functionality and sell a Kin app for Windows 7. Or bundle it. But as the article points out, this may just be a way to unload the hardware backlog.
Okay, thanks for that explanation, that makes sense. Any idea why they did it that way?
I wonder if gifts are becoming fungible. You can buy gift certificates to store X at Wal-mart. Those Coinstar machines that convert coins to cash actually give you a discount if you convert the coins to gift certificates. Now, Amazon has made the ability to effectively convert any product into any other product, prior to even receiving it. Today, it is popular to buy gifts from someone's online wishlist rather than shopping. For my wedding, my wife and I wanted some furniture that no one could buy individually, so we asked for gift certificates to a certain store. All of this stuff is combining together to form a totally new image of commerce where people only buy gifts via proxy - basically, giving money.
The PSK is supposed to protect against man-in-the-middle attacks. If the PSK is compromised, you can get in there and pretend to be both the AP and the client.
I get that. A MITM attack could intercept the traffic. But that isn't what I keep seeing posted. What was stated was:
know the same key, sniff a session's 4 way handshake, and you can decrypt that session's traffic.
I think that is a false statement. You cannot simply listen to the traffic and get the key. You must perform a MITM attack. That is much harder to do.
One (WPA2 PSK) where if everyone has the same password, it's still not secure (know the same key, sniff a session's 4 way handshake, and you can decrypt that session's traffic).
I keep seeing this posted and I don't understand. Listening to the handshake should not allow an attacker to decrypt the session. This is what key exchange algorithms are for. Why would this not be the case with WPA2?
Well then, I hope no one sold that car used, or now they are liable. And hopefully they didn't donate it to a non-profit who sold it to a junkyard, or the non-profit is liable. And I hope that junkyard didn't resell those parts, or the junkyard is liable. That gets ridiculous. The GPL may say that anyone who distributes the code is liable, but that is probably not how copyright law is written, nor is that the intent of the GPL.
There is a big difference between mix tapes and bittorrent. Those mix tapes probably went to 1 or 2 people. File sharing can send hundreds of copies in a short period of time. That is what is really in question here -- if someone participants in a mass sharing system like this: who is liable? and for what damages? Unfortunately, the law is too technically inept to answer these questions so no result will be reasonable. But don't compare it to 80's mix tapes, that isn't the same situation.
You declaw a cat to keep it from damaging furniture, and children. Furniture doesn't heal, and children have thinner skin.
What is frustrating now, is that "Agile" degraded to a bunch of buzzwords and processes (SCRUM, XP, TDD, BDD, etc.) which it was going against originally.
Realistically, the original authors were never against buzzwords and processes. They were against the buzzwords and processes of the time. With experience, their new approach also yielded repeatable processes that needed their own new vocabulary. And that vocabulary gets called "buzzwords" by the next generation, and the cycle repeats forever.
Words are not evil. We assign names to things so that we can clearly communicate those concepts to other people. You can't be a professional in something and not have a vocabulary assigned to it. Anthropologically speaking, you can't even think about something without having a vocabulary for it. So we need to stop making these approaches that boil down to "My approach is whatever approach has no vocabulary or well-defined concepts in it. I want to be unique! I don't have a number!"
Agile is different from Waterfall. Agile approaches include things like SCRUM, XP, TDD, BDD, etc. Those are words describing agile approaches. Don't lament that we now have well-defined ways to be agile. Giving them names doesn't make us less agile, it just means we can talk to someone else and know that we are talking about the same thing. I've worked on teams that claimed to be "agile" which really meant that they didn't have any process, and didn't understand the SDLC, and were always late and buggy.
Why is it a problem that it complains in this situation? Sending a page half-encrypted is a big security problem - not the least of which is t hat the user has no reasonable way to know which information was sent securely.
includes video chat to compete with the iPhone
Great! So Google intends to release a completely proprietary chat application that only supports WiFi and only works with people who have the same exact model phone as you? Oh wait, this is Google... Hmmmm.... somehow, I don't think that's what they will do...
It sounds like this thief taught the professor a lesson:
, was devastated when ten years of work stored on his laptop was stolen.
Why did a professor have 10 years of work on a laptop hard drive with no backup?