RIM used to be the most profitable, biggest smartphone manufacturer in the world.
Look, I'll be the first person to admit that there's a lot of dynamism in this market and that change management is essential to the mid-term survival of any player. But what's being suggested here is that Samsung, who have succeeded with their Android phones, and who have better margins than any other Android handset maker, should fundamentally change their process simply because other companies have been successful with other approaches.
I'm not arguing for complacence or stagnation, I'm saying that there's no real incentive for them to commit to fundamental changes in their processes at this point in time.
Exec 1: Congratulations! Between you and Apple, you have utter dominance in the mobile market! You're also more profitable than every other Android manufacturer in the world!
Exec 2: We are? Quick, stop what we're doing! Change everything! It's the only way we'll continue this success!
Exiting laws, without network neutrally, prevent such shenanigans.
Uhm, sorry, but existing regulations[1] (in this example) supported net neutrality.
The point that some of us are trying to make is that they don't do so explicitly, and given the attitude of so-called content owners and telcos, we feel a little more certainty is required.
-----------
[1] It was the FCC, not Congress, who spanked Comcast, as I recall.
To qualify as a great hacker, the hacks have to be good by this metric too. A lot goes into being a great hacker, but this much is always true: greatness is on more than one level.
I couldn't agree more. My mantra is 'Keep the cost of failure small.' That's how a real hacker manages to stay employed past his first 5 years.
Good hackers have a little bit of the Fonz in them. If they're expending more energy than a quick smack on the side of the jukebox, they find another way to do it. They are deft, and they know that least change means least damage. They're not cavalier about their quick-and-dirty fixes. On the contrary, they know the cost of every hack and know how to mitigate that cost when circumstances allow.
There is a difference. The hacker is an expert in haste and improvisation. When the network is down due to a failure of a nonredundant fiber interface, the troubleshooter is the one who leaves everyone working on pen and paper while a 24-hour urgent delivery of a new SPF is arranged. The hacker is the one who is trailing ethernet cable out of the window on the top floor and back in on the bottom to make a quick-and-dirty workaround that'll have the network somewhat operational again in fifteen minutes.
I beg to differ. The REAL hacker is the one who's been running on their own clandestine ethernet (possibly Internet) connection quietly for weeks or months, and simply turns it on for the rest of the company the moment he sees a connectivity problem. And that's ten minutes before anyone else realises what's happening.
At least that's what I'd do. (Hi, Boss!) 8^)
I have a problem with the 'no budget' part of the assertion, though. It doesn't have to be a lot, but a good hacker does need enough discretion to spend a little money from time to time on 'useless' things like that extraneous ethernet cable or a network-enabled KVM that isn't strictly necessary but sure comes in handy when a server stuffs in a way that nobody can fix, or a 3G modem with a decent data plan that allows him to back up his music collection^W^W^W^Wmonitor mission-critical backups from the road. Most importantly, the hacker-in-residence needs to have discretion enough to contract outsiders from time to time to do little needful things that he can't be arsed to do himself.
Likewise, the real value of a hacker is someone who has management's ear. It's one thing to be the friendly, half-mad hermit living in the cave that nobody visits until they need a Ben Kenobi; it's another thing entirely to be able to explain in clear terms to the CEO that while this Enterprise Solution will indeed increase synergy, maybe they should just use this $2 hack running on PostGRES on a 3 year old server until such time as the company figures out what its requirements really are.
(P.S. In case it escaped you, I am my organisation's hacker. I don't have a lot of budget, but I do have some. And I have real authority, though I don't tend to exercise it for its own sake.)
Y'all idjits go home now, and stop actin' like children in my here courtroom.
I don't necessarily like every one of Judge Posner's decisions or opinions, but he is a remarkably erudite man. He writes opinion pieces fairly regularly, and they're generally informed and well-reasoned. Just Google his name for samples.
I barely graduated high school and I hold a high level IT position.
Key plan: don't lie about your college degree!
Theatre major here. I now work as Chief Technologist for a thinktank. The key in the early days is learning harder than the rest. For my first four years, I read about 1000 pages of technical literature a month on average and spent about 4 non-work hours a day playing with tech stuff. That's slowed down somewhat, but even after 20 years in the field, reading about and playing with new tech is not optional.
Oh, and loving it helps, too. Here I am on holiday in Bali and I can't stay away from geek stuff. I don't wear my heart on my sleeve, but I'm pretty sure my enthusiasm and enjoyment have something to do with the fact that people still hire me.
It seems wherever you are that Slashdot is working ok so it can't be too bad.
Well, I posted from a 3 star hotel in Mataram, which is a fairly populous area (as you know). But even here, the mobile data connection regularly degrades to GPRS for hours ata time. Useless for data sync. In outlying areas in Lombok, GPRS/EDGE is all you get.
I travel to Indo at least twice a year for both work and play (Java, Borneo, Bali and Lombok) and never have many issues (sure it doesn't work out in the bush but the major centres are no problem). Facebook from my SGS2 might cost a lot with roaming charges, but it does work and the company is paying:)
Actually, MY SGS2 got about a week of regular email/facebook and light browsing on R50,000 ($US 5.00). I always just buy a local SIM, then text the office with my number. Much cheaper.
Thirst, possibly? Depending on the size of the atoll, it might have been very difficult to find fresh water.
Nah, as long as you know how to climb a coconut tree (an acquired skill), you can survive. If you're desperate, you can always cut or burn the tree down. Green coconut is excellent for rehydrating, and the meat is not only tasty, it's good for you, too. Combine that with some fresh fish and/or turtle meat, and you're gold....
Until you get sick, or until the next hurricane comes.
My guess is they were pretty banged up when they landed, and infection set in. In the tropics, bacterial infections can get into the blood stream in a couple of weeks. Especially coral cuts, which lodge thousands of tiny bits of grit and microbes under the skin. All it takes is a small scratch to turn septic. And cyclones are no-fooling-around serious, especially on low-lying islands, where the surge can literally immerse the island.
Leaves the fun in it? Either take the suggestions that work, ie Dropbox, or figure it out yourself.
No, don't use Dropbox. Not for large amounts of data, anyway. It's shit on shitty networks (surprise surprise). Not their fault, of course. I live and work in the developing world, so I say this from experience.
You say you don't want to take all the fun out of it, but you're trying to foist this idiocy off on a public forum? Save the fun for yourself, and make a blog post about your solution.
Allow me....
Hello from my vacation in Indonesia. There is no automated solution. What you're ignoring is that networks in the developing world are not only patchy, they're flaky too. So, whatever worked for you yesterday might not work tomorrow or even in half an hour's time. Counting on 3G is a bad idea, because of its unreliability, but also because of its cost. Use wi-fi wherever you can. Most hotels these days provide it free of charge. Use rsync (with the zip option if you like), and keep it simple. My update script looks like this:
rsync -av ${SRC}/* ${USERNAME}@${DEST}:${PATH}
Yep, just a single folder in which I dump everything of value and a corresponding folder on my home machine. I just pop open a command line whenever ity's convenient (and possible) and run it. It doesn't always complete in time (the one I'm running as we speak won't be finished before I leave to go scuba diving), but I can always complete the sync later in the day.
Also, bring one or more external disks. Use them for quick and dirty backup while you're on the move. It only takes one rain storm (or fall in a river) to be glad you did. And don't count on buying new SD cards when you're on the road. Most of the ones for sale in the developing world are convincing knock-offs that last about two weeks. That's my experience anyway.
Anyway, simplicity is the single most important step for you when you're backing up data in the developing world. You can't rely on any other factor, so you should at least be able to rely on your own scripts. Which leads to my maxim: "In the absence of robustness, choose simplicity"
Exactly, it's taken about 60 years to organize this Diamond Jubilee, who knows how long the next one will take to arrive.
Well, the last diamond jubilee was about 117 years ago, so they seem to have got the latency down by almost 50%. I expect the next one in less than 30 years if this trend continues.
(Slashdot, the playground for false statisticians for centuries!)
The business owners I've worked with don't have a lot of patience for people who aren't being productive on their dime. In today's business climate, in most professions goofing off means overstaffed. Our current MBAs don't realize the future benefits of personnel enrichment.
First off, this problem has existed since forever. It was only formalised into doctrine, though, with the time-and-motion studies of the early 20th Century, and the introduction of business schools in the US. That was the point where people could talk about productivity in pseudo-scientific terms, making it okay to forget all other considerations, and to trust 20-something MBAs instead of experienced managers who'd worked their way up through the ranks and who actually knew the business.
There has always been a minority of bosses and business owners who recognise the limitations of an straight-up efficiency --> profit approach. In my professional life, I've stuck with those who realised that the best way to invest in the company was to invest in me, and not with those to whom I was only a cog in the wheel.
In my current job, I negotiated a 'Google' day. It actually took some explaining to make people realise that this wasn't a day off. It was a day in which nobody got to tell me what to do. In other words, for 4 days of the week, I work to other people's priorities, but on the 5th day, I decide what the priority is. Some of the time, it's work on outside projects (last week, it was an editorial for the local newspaper), but most of the time, it's work stuff that wouldn't otherwise get enough time from me - website refinements, code cleanup, automation scripts and other things that add value to the company, but not in a directly linear way.
Get the standard done. Browser vendors are not going to wait 20 years for you to make up your mind. The digital world moves too fast for policy to take too long.
You know that the W3C is an industry consortium, right? In other words, the browser vendors whom you claim are not going to wait are the very same people who are taking too long to finalise the standard.
Proposed ideas are going through vigorous testing in the real world long before a finalized plan for that idea is set.
Yeah, that's kind of how things work here. Vendors take a working draft, implement some experimental features based on that, throw a few implementations at the wall to see what sticks, then bring them back to the committee and suggest them as new inclusions in the standard. The committee (filled as it is with this vendor's competitors) goes through some agonising wrangling until it finally arrives at something everyone can live with. Yes, the process is ugly and it's awkward, but that's how industry consortia work.
You can criticise the W3C for not progressing well, but you cannot pretend that this somehow exonerates the browser makers.
3. Theme vendors limit their support. I dealt with a well-known theme vendor which charges some small amount for a subscription to all its themes. It refuses to provide archive versions or changelogs. So the expert is left guessing what customizations have been made, unless some previous person working on the site has keep a copy. (Plugins are more commonly from the WP site, with changelogs and archives.)
True. As with all vendor markets, YMMV and caveat emptor.
(Also, protip: man diff)
4. Users keep unused themes lying around online and see no reason to update them. (This can also be a problem with inactive plugins.)
Lazy people are lazy. This is a problem with people, not with Wordpress.
5. Wordpress core can do nothing to protect against bad code. A theme can run arbitrary PHP, as can any admin user from the admin interface, as mentioned by parent. (Plugins are similar, though runtime the active theme has priority over plugins.)
Again, this is a 'vulnerability' in programming languages, necessary because write and execute permissions are kind of important to people who want functionality. How this is a 'fault' in Wordpress is beyond me.
Any software that abstracts away some of the details leaves open the possibility that its users might not understand its inner workings well enough to run it securely. It's meaningless to observe this. I could say the same about cars (and be perfectly correct). If I wanted to add something actually useful to the debate, I would:
1) Detail which plugins are responsible for the vulnerability.
2) Describe how they made the system vulnerable.
3) Describe whether they can be made secure, and if so, how.
The real problem that lawyers have with GPL is not that it's "more viral" or something - after all, proprietary third-party code being used also comes with an EULA. No, the problem is that, with GPL, more often than not there's no single code owner. With proprietary stuff, if you find out that you infringe on their copyrights (e.g. because you licensed it for a specific use and then used it elsewhere), it is dealt with simply by "upgrading" the license, and possibly paying damages - unpleasant, but it doesn't directly affect your product. With GPL, if you end up with some code under it in your codebase somehow (e.g. because you outsourced it to the lowest bidder in China), there's no remedy - you have to GPL the whole thing, or revert it back to the point where it was introduced and carefully rewrite it from there on (and preferably not with the same coders who used GPL code in the first place, as otherwise someone could still argue derivation).
Clearly these lawyers have never heard of version control systems.
Okay, somewhat less glibly: I see no significant difference in terms of liability between those two scenarios. I agree that there are differences, but the reasons for wanting sole ownership (or more to the point, wanting to deal with only one copyright holder) are all predicated on the assumption that at some stage you'll want to do something with the code base that the GPL doesn't allow. If not, why would you care at all?
I'll be the last person to suggest that there aren't reasons to do things the GPL doesn't allow. I've worked on both proprietary and Free software projects professionally, and I understand my employers' rationale for keeping some things out of reach. But that said, I don't think it makes a lot of sense to choose to invest your company in open source software if you intend to reverse course down the road. In other words, what might be considered a rational, safe hedge on future prospects by corporate counsel looks (to me) a lot more like someone hasn't thought things through all the way.
You might as well say "I've been saying this for years about Ron Jeremy".
I'll have you know that Ron Jeremy has done breakthrough work in the field of Combinatorics.
Specifically, a paper published in the Journal of the American Mathematical Society titled An Application of the Pigeon Hole Principle in Double-Penetration Scenes.
Not to mention his breakthrough work, Organic Approaches to the Traveling Salesman Scenario in Odd-Numbered Orgy Scenes.
On a different tack, rather than money, it may be due to another theory of economics, the law of diminishing returns. As more discoveries are made, it becomes harder to make discoveries....
That would be true if the problem space were finite, but it's not. The same level of likelihood exists that the next discovery will reveal a vast area of research with all kinds of low-hanging fruit. Standing on the shoulders of giants, as it were, means that our capabilities increase on a greater than linear basis.
Much more of the academic scientific research being performed these days is corporate-funded, and a small but significant amount of that is aimed primarily at verifying the manufacturer's safety/viability claims. The companies in question shop their grant money around to the institution most amenable to their particular needs, which creates an environment that rewards expediency and compromise, sometimes at the cost of scientific rigour.
We shouldn't read Florian Mueller because he takes money from Oracle. OK. Does that mean that we shouldn't listen to the FSF...?
The FSF? No it doesn't mean that at all. First of all, the FSF do not portray themselves as objective, neutral observers. They are advocates for a very specific viewpoint, and they unapologetically follow that viewpoint wherever it takes them. A quick Google (heh) search of the FSF's site for references to Google shows that they are not only willing to criticise the search company and advocate for alternatives to their software, they're also willing to go to court to oppose them.
So no, your example doesn't seem to have anything at all in common with Florian Mueller's.
(It's parenthetically notable that Google doesn't attempt to hide search results that are critical of them, either. So I think the only way you could realistically make the insinuation that the FSF and Google are in bed together is to put them in a ménage à trois with The Truth.)
(I'll leave the Berkman Centre as an exercise for the reader....)
Slashdot Mirror
RIM used to be the most profitable, biggest smartphone manufacturer in the world.
Look, I'll be the first person to admit that there's a lot of dynamism in this market and that change management is essential to the mid-term survival of any player. But what's being suggested here is that Samsung, who have succeeded with their Android phones, and who have better margins than any other Android handset maker, should fundamentally change their process simply because other companies have been successful with other approaches.
I'm not arguing for complacence or stagnation, I'm saying that there's no real incentive for them to commit to fundamental changes in their processes at this point in time.
Exec 1: Congratulations! Between you and Apple, you have utter dominance in the mobile market! You're also more profitable than every other Android manufacturer in the world!
Exec 2: We are? Quick, stop what we're doing! Change everything! It's the only way we'll continue this success!
Exiting laws, without network neutrally, prevent such shenanigans.
Uhm, sorry, but existing regulations[1] (in this example) supported net neutrality.
The point that some of us are trying to make is that they don't do so explicitly, and given the attitude of so-called content owners and telcos, we feel a little more certainty is required.
-----------
[1] It was the FCC, not Congress, who spanked Comcast, as I recall.
To qualify as a great hacker, the hacks have to be good by this metric too. A lot goes into being a great hacker, but this much is always true: greatness is on more than one level.
I couldn't agree more. My mantra is 'Keep the cost of failure small.' That's how a real hacker manages to stay employed past his first 5 years.
Good hackers have a little bit of the Fonz in them. If they're expending more energy than a quick smack on the side of the jukebox, they find another way to do it. They are deft, and they know that least change means least damage. They're not cavalier about their quick-and-dirty fixes. On the contrary, they know the cost of every hack and know how to mitigate that cost when circumstances allow.
There is a difference. The hacker is an expert in haste and improvisation. When the network is down due to a failure of a nonredundant fiber interface, the troubleshooter is the one who leaves everyone working on pen and paper while a 24-hour urgent delivery of a new SPF is arranged. The hacker is the one who is trailing ethernet cable out of the window on the top floor and back in on the bottom to make a quick-and-dirty workaround that'll have the network somewhat operational again in fifteen minutes.
I beg to differ. The REAL hacker is the one who's been running on their own clandestine ethernet (possibly Internet) connection quietly for weeks or months, and simply turns it on for the rest of the company the moment he sees a connectivity problem. And that's ten minutes before anyone else realises what's happening.
At least that's what I'd do. (Hi, Boss!) 8^)
I have a problem with the 'no budget' part of the assertion, though. It doesn't have to be a lot, but a good hacker does need enough discretion to spend a little money from time to time on 'useless' things like that extraneous ethernet cable or a network-enabled KVM that isn't strictly necessary but sure comes in handy when a server stuffs in a way that nobody can fix, or a 3G modem with a decent data plan that allows him to back up his music collection^W^W^W^Wmonitor mission-critical backups from the road. Most importantly, the hacker-in-residence needs to have discretion enough to contract outsiders from time to time to do little needful things that he can't be arsed to do himself.
Likewise, the real value of a hacker is someone who has management's ear. It's one thing to be the friendly, half-mad hermit living in the cave that nobody visits until they need a Ben Kenobi; it's another thing entirely to be able to explain in clear terms to the CEO that while this Enterprise Solution will indeed increase synergy, maybe they should just use this $2 hack running on PostGRES on a 3 year old server until such time as the company figures out what its requirements really are.
(P.S. In case it escaped you, I am my organisation's hacker. I don't have a lot of budget, but I do have some. And I have real authority, though I don't tend to exercise it for its own sake.)
Sounds like ol'timey judgin'.
Y'all idjits go home now, and stop actin' like children in my here courtroom.
I don't necessarily like every one of Judge Posner's decisions or opinions, but he is a remarkably erudite man. He writes opinion pieces fairly regularly, and they're generally informed and well-reasoned. Just Google his name for samples.
I barely graduated high school and I hold a high level IT position.
Key plan: don't lie about your college degree!
Theatre major here. I now work as Chief Technologist for a thinktank. The key in the early days is learning harder than the rest. For my first four years, I read about 1000 pages of technical literature a month on average and spent about 4 non-work hours a day playing with tech stuff. That's slowed down somewhat, but even after 20 years in the field, reading about and playing with new tech is not optional.
Oh, and loving it helps, too. Here I am on holiday in Bali and I can't stay away from geek stuff. I don't wear my heart on my sleeve, but I'm pretty sure my enthusiasm and enjoyment have something to do with the fact that people still hire me.
It seems wherever you are that Slashdot is working ok so it can't be too bad.
Well, I posted from a 3 star hotel in Mataram, which is a fairly populous area (as you know). But even here, the mobile data connection regularly degrades to GPRS for hours ata time. Useless for data sync. In outlying areas in Lombok, GPRS/EDGE is all you get.
I travel to Indo at least twice a year for both work and play (Java, Borneo, Bali and Lombok) and never have many issues (sure it doesn't work out in the bush but the major centres are no problem). Facebook from my SGS2 might cost a lot with roaming charges, but it does work and the company is paying :)
Actually, MY SGS2 got about a week of regular email/facebook and light browsing on R50,000 ($US 5.00). I always just buy a local SIM, then text the office with my number. Much cheaper.
Thirst, possibly? Depending on the size of the atoll, it might have been very difficult to find fresh water.
Nah, as long as you know how to climb a coconut tree (an acquired skill), you can survive. If you're desperate, you can always cut or burn the tree down. Green coconut is excellent for rehydrating, and the meat is not only tasty, it's good for you, too. Combine that with some fresh fish and/or turtle meat, and you're gold....
Until you get sick, or until the next hurricane comes.
My guess is they were pretty banged up when they landed, and infection set in. In the tropics, bacterial infections can get into the blood stream in a couple of weeks. Especially coral cuts, which lodge thousands of tiny bits of grit and microbes under the skin. All it takes is a small scratch to turn septic. And cyclones are no-fooling-around serious, especially on low-lying islands, where the surge can literally immerse the island.
Leaves the fun in it? Either take the suggestions that work, ie Dropbox, or figure it out yourself.
No, don't use Dropbox. Not for large amounts of data, anyway. It's shit on shitty networks (surprise surprise). Not their fault, of course. I live and work in the developing world, so I say this from experience.
You say you don't want to take all the fun out of it, but you're trying to foist this idiocy off on a public forum? Save the fun for yourself, and make a blog post about your solution.
Allow me....
Hello from my vacation in Indonesia. There is no automated solution. What you're ignoring is that networks in the developing world are not only patchy, they're flaky too. So, whatever worked for you yesterday might not work tomorrow or even in half an hour's time. Counting on 3G is a bad idea, because of its unreliability, but also because of its cost. Use wi-fi wherever you can. Most hotels these days provide it free of charge. Use rsync (with the zip option if you like), and keep it simple. My update script looks like this:
rsync -av ${SRC}/* ${USERNAME}@${DEST}:${PATH}
Yep, just a single folder in which I dump everything of value and a corresponding folder on my home machine. I just pop open a command line whenever ity's convenient (and possible) and run it. It doesn't always complete in time (the one I'm running as we speak won't be finished before I leave to go scuba diving), but I can always complete the sync later in the day.
Also, bring one or more external disks. Use them for quick and dirty backup while you're on the move. It only takes one rain storm (or fall in a river) to be glad you did. And don't count on buying new SD cards when you're on the road. Most of the ones for sale in the developing world are convincing knock-offs that last about two weeks. That's my experience anyway.
Anyway, simplicity is the single most important step for you when you're backing up data in the developing world. You can't rely on any other factor, so you should at least be able to rely on your own scripts. Which leads to my maxim: "In the absence of robustness, choose simplicity"
Exactly, it's taken about 60 years to organize this Diamond Jubilee, who knows how long the next one will take to arrive.
Well, the last diamond jubilee was about 117 years ago, so they seem to have got the latency down by almost 50%. I expect the next one in less than 30 years if this trend continues.
(Slashdot, the playground for false statisticians for centuries!)
It's "For all intensive purposes" ffs.
Try "For all intents and purposes."
Try "I need to work harder to identify humour before I post."
The business owners I've worked with don't have a lot of patience for people who aren't being productive on their dime. In today's business climate, in most professions goofing off means overstaffed. Our current MBAs don't realize the future benefits of personnel enrichment.
First off, this problem has existed since forever. It was only formalised into doctrine, though, with the time-and-motion studies of the early 20th Century, and the introduction of business schools in the US. That was the point where people could talk about productivity in pseudo-scientific terms, making it okay to forget all other considerations, and to trust 20-something MBAs instead of experienced managers who'd worked their way up through the ranks and who actually knew the business.
There has always been a minority of bosses and business owners who recognise the limitations of an straight-up efficiency --> profit approach. In my professional life, I've stuck with those who realised that the best way to invest in the company was to invest in me, and not with those to whom I was only a cog in the wheel.
In my current job, I negotiated a 'Google' day. It actually took some explaining to make people realise that this wasn't a day off. It was a day in which nobody got to tell me what to do. In other words, for 4 days of the week, I work to other people's priorities, but on the 5th day, I decide what the priority is. Some of the time, it's work on outside projects (last week, it was an editorial for the local newspaper), but most of the time, it's work stuff that wouldn't otherwise get enough time from me - website refinements, code cleanup, automation scripts and other things that add value to the company, but not in a directly linear way.
Get the standard done. Browser vendors are not going to wait 20 years for you to make up your mind. The digital world moves too fast for policy to take too long.
You know that the W3C is an industry consortium, right? In other words, the browser vendors whom you claim are not going to wait are the very same people who are taking too long to finalise the standard.
Proposed ideas are going through vigorous testing in the real world long before a finalized plan for that idea is set.
Yeah, that's kind of how things work here. Vendors take a working draft, implement some experimental features based on that, throw a few implementations at the wall to see what sticks, then bring them back to the committee and suggest them as new inclusions in the standard. The committee (filled as it is with this vendor's competitors) goes through some agonising wrangling until it finally arrives at something everyone can live with. Yes, the process is ugly and it's awkward, but that's how industry consortia work.
You can criticise the W3C for not progressing well, but you cannot pretend that this somehow exonerates the browser makers.
PHP: Pretty Hard to Protect.
Back in the late '90s it was Poorly Hung Perl.
The beauty of the statement is, the less you like Perl, the greater the insult to PHP. 8^)
The star's ID isn't HP 56948
I believe the only authoritative answer to this is what the star reports over its GPIB interface in response to the '*IDN?' command.
SCIENTIST: PC LOAD LETTER? What the fuck is that supposed to mean?
Gah! Bad mod.
Also, themes are difficult to update. Compared to plugins and the Wordpress core, theme updates have these problems:
1. First, themes do not notify you when they have updates available.
They do now. I'm staring at a theme update notification right now.
2. It takes an expert to merge a theme update with the existing customization of the theme. (Plugins and core updates are one click.)
No it doesn't. Use Child Themes.
3. Theme vendors limit their support. I dealt with a well-known theme vendor which charges some small amount for a subscription to all its themes. It refuses to provide archive versions or changelogs. So the expert is left guessing what customizations have been made, unless some previous person working on the site has keep a copy. (Plugins are more commonly from the WP site, with changelogs and archives.)
True. As with all vendor markets, YMMV and caveat emptor.
(Also, protip: man diff)
4. Users keep unused themes lying around online and see no reason to update them. (This can also be a problem with inactive plugins.)
Lazy people are lazy. This is a problem with people, not with Wordpress.
5. Wordpress core can do nothing to protect against bad code. A theme can run arbitrary PHP, as can any admin user from the admin interface, as mentioned by parent. (Plugins are similar, though runtime the active theme has priority over plugins.)
Again, this is a 'vulnerability' in programming languages, necessary because write and execute permissions are kind of important to people who want functionality. How this is a 'fault' in Wordpress is beyond me.
Any software that abstracts away some of the details leaves open the possibility that its users might not understand its inner workings well enough to run it securely. It's meaningless to observe this. I could say the same about cars (and be perfectly correct). If I wanted to add something actually useful to the debate, I would:
1) Detail which plugins are responsible for the vulnerability.
2) Describe how they made the system vulnerable.
3) Describe whether they can be made secure, and if so, how.
> Dragging an executable to a particular place on the drive (/Applications isn't a system folder) isn't insecure
This kind of thinking is why MacOS is not really a Unix.
If you suggested a comparable thing with any other Unix, you would get laughed at and rightfully so.
Why? If I have write permissions on a directory, I can put whatever the fuck I want into it.
You seem to be under the impression that /Applications is equivalent to /bin or /sbin. It's not. It's more like /usr/bin or even ~/bin.
The real problem that lawyers have with GPL is not that it's "more viral" or something - after all, proprietary third-party code being used also comes with an EULA. No, the problem is that, with GPL, more often than not there's no single code owner. With proprietary stuff, if you find out that you infringe on their copyrights (e.g. because you licensed it for a specific use and then used it elsewhere), it is dealt with simply by "upgrading" the license, and possibly paying damages - unpleasant, but it doesn't directly affect your product. With GPL, if you end up with some code under it in your codebase somehow (e.g. because you outsourced it to the lowest bidder in China), there's no remedy - you have to GPL the whole thing, or revert it back to the point where it was introduced and carefully rewrite it from there on (and preferably not with the same coders who used GPL code in the first place, as otherwise someone could still argue derivation).
Clearly these lawyers have never heard of version control systems.
Okay, somewhat less glibly: I see no significant difference in terms of liability between those two scenarios. I agree that there are differences, but the reasons for wanting sole ownership (or more to the point, wanting to deal with only one copyright holder) are all predicated on the assumption that at some stage you'll want to do something with the code base that the GPL doesn't allow. If not, why would you care at all?
I'll be the last person to suggest that there aren't reasons to do things the GPL doesn't allow. I've worked on both proprietary and Free software projects professionally, and I understand my employers' rationale for keeping some things out of reach. But that said, I don't think it makes a lot of sense to choose to invest your company in open source software if you intend to reverse course down the road. In other words, what might be considered a rational, safe hedge on future prospects by corporate counsel looks (to me) a lot more like someone hasn't thought things through all the way.
I'll have you know that Ron Jeremy has done breakthrough work in the field of Combinatorics.
Specifically, a paper published in the Journal of the American Mathematical Society titled An Application of the Pigeon Hole Principle in Double-Penetration Scenes.
Not to mention his breakthrough work, Organic Approaches to the Traveling Salesman Scenario in Odd-Numbered Orgy Scenes.
There's more money in it now.
On a different tack, rather than money, it may be due to another theory of economics, the law of diminishing returns. As more discoveries are made, it becomes harder to make discoveries....
That would be true if the problem space were finite, but it's not. The same level of likelihood exists that the next discovery will reveal a vast area of research with all kinds of low-hanging fruit. Standing on the shoulders of giants, as it were, means that our capabilities increase on a greater than linear basis.
There's more money in it now.
Not so much more money as different money.
Much more of the academic scientific research being performed these days is corporate-funded, and a small but significant amount of that is aimed primarily at verifying the manufacturer's safety/viability claims. The companies in question shop their grant money around to the institution most amenable to their particular needs, which creates an environment that rewards expediency and compromise, sometimes at the cost of scientific rigour.
We shouldn't read Florian Mueller because he takes money from Oracle. OK. Does that mean that we shouldn't listen to the FSF...?
The FSF? No it doesn't mean that at all. First of all, the FSF do not portray themselves as objective, neutral observers. They are advocates for a very specific viewpoint, and they unapologetically follow that viewpoint wherever it takes them. A quick Google (heh) search of the FSF's site for references to Google shows that they are not only willing to criticise the search company and advocate for alternatives to their software, they're also willing to go to court to oppose them.
So no, your example doesn't seem to have anything at all in common with Florian Mueller's.
(It's parenthetically notable that Google doesn't attempt to hide search results that are critical of them, either. So I think the only way you could realistically make the insinuation that the FSF and Google are in bed together is to put them in a ménage à trois with The Truth.)
(I'll leave the Berkman Centre as an exercise for the reader....)