Slashdot Mirror


User: nine-times

nine-times's activity in the archive.

Stories
0
Comments
11,859
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 11,859

  1. Re:The key problem on BBC Wants Evidence of Climate Science Bias · · Score: 4, Insightful

    I agree very much with you, and fear that, unfortunately, this is the way most political issues are being presented by the media, by politicians, and by private individuals. Either you're a Republican or you're a Democrat. Either you're in favor of every kind of affirmative action, or you're a minority-hating bigot. Either you want the US to cede sovereignty to the UN, or you think the US shouldn't work with other countries. Either you wanted the US to invade Iraq or you think Saddam was a good leader. Either your a tree-hugger or you drive and H3.

    It's a divisive and disingenuous method of argumentation, and shame on us for falling for it. Even worse, it pushes people towards extreme positions, one way or the other, when moderate positions would often bring about better results.

    Back to global warming-- it seems there are lots of questions here, but it seems to me that global warming distracts from the larger issue: pollution is real, and the scarcity of energy resources is real. When there were a couple of large civilizations on earth, these were problems, but as the whole world industrializes, the scale of these problems seems unmanageable. Therefore, we must become more efficient and try to minimize our waste, regardless of global warming.

  2. Re: Corporate America Not Ready For Vista on Corporate America Not Ready For Vista · · Score: 1

    How's that different from Win2K and WinXP?

    Win2K was worth it, and WinXP was such a small upgrade that, you could tell it to use the "Windows Classic" theme and no one would know the difference.

  3. Re:Sleight Of Hand on NIST Condemns Paperless Electronic Voting · · Score: 2

    Even then, how do you verify? Go back and ask every single person who they voted for, and compare against the list? How would you know that the recounting process will be more accurate and tamper-proof than the original election?

    Nothing is 100% accurate or 100% verifiable. The best you can hope for is a result where the difference is larger than your estimated margin of error, and then you can feel pretty sure. Even then, you have to just hope that human affairs are not so important or delicate that an error will ruin the universe, because if it's one thing people are good at, it's making mistakes.

  4. Re:Best security practices on Experts Say Ajax Not Inherently Insecure · · Score: 1

    Sure, I'm not saying there aren't problems with javascript. I'm saying you can't expect to get rid of it without offering an alternative. Personally, I'm not sure I see a valid justification for javascript being able to make pop-ups or resize windows and such. If there are security problems, they should be addressed.

    But Google's spreadsheet program is a terrific example, in that people want web applications. It can be extremely useful to have an application that feels like a desktop application, but can be run over the internet without extra installations or application-specific add-ons. I don't think you can get rid of javascript until you have some means to have Google's spreadsheet, word processor, and webmail run on a remote system without prior setup.

    On the other hand, I could see an argument that these should be done in a separate program from the traditional "web browser". I'm not sure I agree, but I've seen the argument that we should really have RSS readers, some sort of a generalized web application client, and a "web browser" that only views static HTML and CSS. I can see the argument, but I suspect that if this were done, you would find that users just wanted to stay in their "web application client" anyway, and have a web browser and rss reader in that client. In that case, this "web application client" would end up being essentially the same as web browsers we have today.

  5. Re:so why then use blocks ? on Pyramid Stones Were Poured, Not Quarried · · Score: 1

    When the concrete sets, and eventually cracks, it will crack along the relatively weaker score line, leaving a safe rounded edge.

    ...leaving behind smaller blocks of concrete. I wasn't trying to be a know-it-all, but was just pointing out that sidewalks (and other modern concrete structures) aren't simply made of single structures of concrete, but are usually divided into blocks of some kind, and that it's done for good reasons. So, admittedly, i don't know everything about sidewalks, but it wasn't a bad example.

  6. Re:Best security practices on Experts Say Ajax Not Inherently Insecure · · Score: 1

    I'm not sure about ActiveX. Do we need a replacement, or do we just need to get rid of it?

    But web applications and interactive/animated web pages are too useful and popular to expect they'll just go away. If the current mixture of PHP, HTML, CSS, Javascript, and XML is too inefficient and insecure, then by all means, I'd like to encourage people to come up with something better. I'd assume it's a bit harder than it sounds, though.

  7. Re:Seems a little Windows-centric ... on Community Comments To Security Absurdity Article · · Score: 1

    A start would be removing all the dialogues that only have the option "OK" as they are useless and don't give the user any choice. They serve only to make other dialogues less effective.

    Unfortunately, most developers seem to like to use unnecessary buttons and dialogs. They like EULAs, and adding things where you have to click "next" or "ok" without any real options, but where there's an introductory screen, a warning, or something you're supposed to read. But nobody reads them. How many times do I have to click to perform a default install of a simple program? I haven't studied it, but most of the time I feel like it's usually more than 5.

  8. Re:Best security practices on Experts Say Ajax Not Inherently Insecure · · Score: 3, Insightful

    Sites should function without script for accessibility and only the bad guys would stand to lose from a more realistic approach to security by browser vendors.

    When you can write a new version of Google's spreadsheet program that uses only HTML and CSS, I'll go along with the idea that we should get rid of javascript.

  9. Re:Doesn't make sense on Pyramid Stones Were Poured, Not Quarried · · Score: 1

    A concrete mixer could be built a the top out of smaller pieces, and used to create lots of stones.

  10. Re:so why then use blocks ? on Pyramid Stones Were Poured, Not Quarried · · Score: 3, Informative

    Have you ever noticed that sidewalks are divided into little squares? I'm no expert, so there may be lots of reasons for it I haven't thought of, and it may not be the same thing at all. However, it seems to me it might be easier to get concrete to dry in little blocks than in one huge pyramid a hundred feet tall. Also, with heat/moisture, these things swell and shrink, and it's good to have a division so they won't crack and fall apart.

  11. Re:Best security practices on Experts Say Ajax Not Inherently Insecure · · Score: 1

    But it's scope of manipulation is such that it can be effectively used to dupe gullible and/or less tech-savvy users into doing something foolish...

    What kind of "something foolish"? I'm just wondering, what are the limits to these sorts of things? Phishing?

    I always try to train people to distrust the internet, but you can't keep people from being stupid. Can javascript be used to open software firewall ports, or establish some kind of tunneling? Can it execute arbitrary code on the client machine? Can it give someone remote access to access/change files on your hard drive? Can it allow someone to look at my browser cache, read my bookmarks or history, or copy my passwords?

    I don't know, but it seems like some common sense is in order. Some sort of scripting seems necessary for decent web apps. We should assume that users generally have javascript enabled anyway, because it's enabled by default when you download any major browser. If there is any one feature of javascript that allows for easy security exploits and doesn't have a real practical use, then let's petition to have it dropped from major browsers.

    Otherwise, it seems like you can't say users should run with javascript disabled. It's not going to happen. We should be able to get rid of ActiveX and even possibly Flash, but to believe you'll be able to regress the web to being pure HTML is just unrealistic.

  12. Re:If it works, don't fix it. on Companies 'Blah' About Vista · · Score: 1

    With that conservative mentality we wouldn't have electricity, cars and the rest

    There are lots of places in the world where people don't have cars, electricity, and the rest anyway. This way we have global warming. Which is better?

  13. Re:Why should businesses care anyways? on Companies 'Blah' About Vista · · Score: 1

    Better centralized management tools. Improved security model. Mostly, the changes affect infrastructure management as opposed to end-user experience

    For some reason, when I read this I had a little flashback to the consultants who tried to sell me an upgrade from Exchange 2000 to Exchange 2003. They were spouting something about improved integration between different domains across an Active Directory forest. I was supporting a small company with 1 domain, 1 location.

    For lots of people, these things are solutions looking for problems. I'd love an update of Windows that solved any of my day-to-day networking/support problems instead of generating new ones.

  14. Re:a new car! on Companies 'Blah' About Vista · · Score: 1

    And lets not forget ceasing hardware support. I remember my upgrade to Windows 98, which was mostly because of improved support for USB. New hardware will come out, and it won't be supported by Windows XP.

  15. Re:Best security practices on Experts Say Ajax Not Inherently Insecure · · Score: 2, Interesting

    Is javascript really that horrible? I know it can be used in annoying ways, how difficult is it to do something outside of superficial changes to the browser?

    I'm really asking. It seems like you should be able to have a simple scripting language that can only really manipulate superficial aspects of web pages without any real increase to the security risk. I thought this was what javascript was. Am I wrong? If so, why doesn't someone replace javascript with something better.

  16. Re:Seems a little Windows-centric ... on Community Comments To Security Absurdity Article · · Score: 1

    This might work to some degree, but a lot of security problems occur in situations where there are warnings. All it takes is for an application to tell users, "This won't work unless you say 'ok'," and people will click on 'ok'. It might not make sense, but people don't understand computers to begin with, so if their spyware-toting emoticon program tells them to do something, they'll often do it.

    In order to be reasonably successful, the ACL would need to be lenient enough that, indeed, it almost never triggered a user prompt. If users get prompted for half of their installations, they'll start clicking 'ok' out of habit.

    Also, I don't know about you, but I don't want Microsoft participating in software certification, where it's hard to install uncertified software. What about open-source products, for example, which won't necessarily have money to pay for certification? Even if it just gave a warning for valid OSS, it will scare off potential users. As if the Microsoft monopoly isn't enough of a problem, Microsoft is going to control which software you can run?

    I recently had a problem with Windows server 2003. under the default settings, I couldn't download programs from untrusted sites. IE just wouldn't let me, and for whatever reason, there was a bug that wouldn't let me change this setting. I was trying to download Firefox as a work around, but ever time I clicked on the link, it directed me to a different mirror, and each time the new mirror wasn't in the "Trusted Sites" list. I figured, fine, I'll download a copy of Firefox from my file server, but then there was apparently some security setting which (I can't figure this out) would report valid EXE files as corrupted if they were downloaded from the local network via SMB/CIFS. They were fine, but Windows wouldn't run them. Finally, I went to ftp.mozilla.org and got a copy of Firefox, and installed it, and then I could download the programs I needed through HTTP.

    And the whole thing was stupid. I was an administrator on the machine, and it just wouldn't let me do ordinary things without effort. So this, apparently, is Microsoft's solution to security: make it hard to do simple things, even if you have an administrator account. I don't want Microsoft or their software deciding what I'm allowed to download, install, or run.

  17. Re:Same with everything on John Dvorak On Vista's Launch · · Score: 1

    I actually bought my first Powerbook in 2002 with 10.1, and I've always kept up to date on the OS.

    • 10.1->10.2 = $20
    • 10.2->10.3 = $120
    • 10.3->10.4 = $120
      • So all in all, I spent $260 to keep it up to date, and I'd say yes, it was worth every penny. I've actually bought a couple Macs and a couple iPods since then, and haven't regretted giving any of that money to Apple.

        Now it's not as though I spent $260 on OSX 10.4. You have to look at each purchase individually, because I was getting a benefit each time I upgraded. You can't simply ignore the benefit of running 10.3 for a year and a half. However, if you were to ask me, right now, would I rather pay $260 and use 10.4 or $399 for Vista Ultimate, I'd chose 10.4.

        And that's not even a price issue. Give me a free copy of Vista Ultimate tomorrow, and I think I'd probably stick with Windows XP. give me the choice between 10.2 and Windows XP, and I'll use 10.2.

        Now, am I willing to spend another $120, on top of what I've already spent, to get a copy of Leopard? Yes. It looks to have a lot of nice features that I'll actually use.

  18. Re:Took a while for XP also on John Dvorak On Vista's Launch · · Score: 4, Insightful

    Of course people are still running Windows 2000. What features does XP have that make the work of your IT staff any easier? What programs do you really need to run for business purposes that run on Windows XP and not Windows 2000? In what way does Windows XP offer a significant improvement to productivity? How will the purchase of Windows XP licenses result in saving your company money? If you can't answer these questions definitively, then there's probably no reason to upgrade.

    Good IT people are practical, and won't want to upgrade to the newest thing just because it's new. Along with everything else, new software usually brings new problems, which require new bug-fixes and work-arounds. Windows 2000 and Office 2000 make a great combo, and don't require inconvenient activation schemes. Sometimes it's better to stick with the devil you know.

  19. Re:Same with everything on John Dvorak On Vista's Launch · · Score: 2, Insightful

    It may not be "necessary" (in the hunter-gatherer sense of the word) to ever upgrade software, but that doesn't mean there's no reason to do so. Sometimes new versions have really useful features. New versions of Linux software (it's not quite right to focus solely on the kernel) are often beneficial, and every new Apple cat-named release has offered increased speed and stability, while also including new features.

    Now, sure there are people who won't benefit from the upgrade. For example, if you're a Mac user and don't want to use expose, file vault, video iChat, spotlight, smart folders, etc. then the upgrade to Panther probably wouldn't have been a good buy. If you don't want the new features in Leopard, then upgrading might not be worth it. For a lot of people, it's worth upgrading. It's especially worth upgrading Linux, since the upgrade is free.

    However, I think a lot of people are looking at the Vista upgrade and just feeling like it's not worth it. It's hundreds of dollars to buy the upgrade, and then some of your software won't work. Hopefully those software developers will release free upgrades, but otherwise you'll have to re-buy your software. The corporate version now requires you to activate (which *is* going to bite IT people in the ass sooner or later). In business environments there will probably also be retraining and the cost of the transition itself. The new DRM and anti-piracy measures are scary.

    And what does the upgrade really buy you?

    • Increased security - Security is decent enough in Windows XP if you know what you're doing. A little gain here, but some of the new security .
    • Prettier - There's a new look which sucks up some extra system resources. Freecell uses more than 256 colors-- whoop-dee-doo. DirectX 10 is supposed to allow games to look better.
    • Previous Versions of files - Nice feature, but the need for it is somewhat mitigated if you have a good backup scheme.

    So there, you have some reasons to upgrade. Maybe I've forgotten some, but everything I've seen and read seems to indicated that most improvements will into the "Increased Security" and "Prettier" categories. But are those reasons worth it? A lot of people seem to be saying "no", and that seems to indicate something. I ran a RC of Vista on my desktop for a little while, and overall, it was an annoying experience. So I say "no". But who knows? Maybe you really need a true-color version of FreeCell.

  20. Re:Seems a little Windows-centric ... on Community Comments To Security Absurdity Article · · Score: 1

    ...but that restricted shell also won't be able to operate on the user's files when the user wants it to. I can't even logically think of a way to allow a service write access to user files and yet prevent that same service from writing to that same file in a bad way. Well, unless you had some sort of defined list of "valid" modifications, and the user files were constantly being monitored, but that'd just be crazy.

    So services and programs either have access to user files or they don't. If Microsoft Word goes rogue and starts screwing with Word documents, it's not a solution to disallow Word from altering Word documents, or else, what's the point?

  21. Re:Zimbra on Novell Dumps the Hula Project · · Score: 1

    I say rant away. Your IT team sounds retarded if they won't enable IMAP/SMTP.

  22. Re:Zimbra on Novell Dumps the Hula Project · · Score: 1

    They don't offer support for POP/IMAP? What about Evolution?

  23. Re:Will It really help all that much? on MS Anti-ODF Lobbyist Named As MA Tech Advisor · · Score: 1

    Yeah, and why have laws at all, when people are just going to break them? Why take showers when I'm just going to get dirty again?

    I agree that there's no need for everyone to use the same file format, but it'll be good if we can all use open standards. Microsoft is coming more in line with HTML and CSS as time goes on, partially because people have recognized that their implementation is the "broken" one. It's not perfect yet, and Microsoft hasn't always been cooperative, but don't surrender before the battle is lost.

  24. Re:Seems a little Windows-centric ... on Community Comments To Security Absurdity Article · · Score: 1

    IE there are no virus scanners/anti-malware tools in common deployment. If the passive defences fail you are screwed, you cannot easily distribute signatures etc to clean up the mess.

    This is false. There are linux-based virus scanners, they just aren't used as frequently on Linux desktop because viruses are less of a threat. More likely, someone will install a virus scanner on Linux when it's a server, and the virus scanner is intended to protect Windows machines. For example, if you have a Linux mail server, it's good to scan e-mail for viruses in order to protect Windows clients.

    Your average desktop is not a mainframe and does not need to protect users from one another - instead it's decayed into some kind of trivial black/white coarse grained security model in which "root" has absolute power and "users" have less power.

    Even if you don't want to protect users from each other, it's good to protect one user for the spyware that another user runs, isn't it? And what's wrong with the root/user split? Someone needs to have absolute power, but most people shouldn't have it.

    Even if you can't get root - who cares? On a modern Linux desktop you can do anything you need without it. Want to crack bank details? Go right ahead, Firefox runs as user and you can ptrace() it to your hearts content.

    Well what security model can prevent a user from a program running under that user account modifying that user's files, but without denying access to that user when he wants it?

  25. Re:Coincidence? I think not on Novell Dumps the Hula Project · · Score: 4, Insightful

    Yes, because Microsoft was seriously on the verge of having Hula overtake Exchange.

    Yes, that's sarcasm.

    I liked Hula, or at least the idea of it, but there are quite a few of these sorts of applications around, I don't find any of them quite satisfying, and I doubt Hula has much of that market anyway. Besides, it's FOSS. Novel can't kill it if it wants to, so long as there are programmers willing to work on it.