Goodness, if possible, forget VM's. Use multiple OLPC systems, which are fiscally sensible, extremely low power, and startingly robust. Salt air and water is a problem: consider machines exposed to that for a year or so to be due for replacement.
[In reply to both you and GP]
I like the XO a lot, but as a personal computing system, not a server. Frankly, the CPU's a little lightweight for anything non-trivial. Keyboard input is difficult for adults - that's by design, of course - and while I agree that the machine is remarkably robust, the form factor isn't ideal for adult use.
As for a cluster of anything... while I agree that ruggedised laptops are a good solution for general computing needs, adding pieces to this particular puzzle isn't necessarily a Good Thing. If it were up to me, you'd have to make a pretty compelling case that more than one machine was needed before I'd even contemplate that kind of configuration.
I've seen systems break down for the most trivial of reasons. You have to factor in local technical capability on top of everything else. In the country I'm living in right now, there's not a single individual with significant experience with distributed computing. If you're confident that support for that level of complexity will be there for the life of the project, then by all means go ahead. Just don't expect things to work if you go offsite for more than 24 hours.
The KISS principle applies in spades here, Cleverness is usually punished in such scenarios. As a friend of mine likes to say: If you want to make the gods laugh, tell them your plans.
To boil it down, it sounds like the biggest single problem once you actually HAVE a machine is keeping juice to it consistently.
Yep. Power is the single biggest problem faced by rural ICT-related projects in my part of the world. It's dead easy to find someone to donate equipment. It's incredibly hard finding someone willing to pay you to run it.
The answer to the power question is horses for courses, I'm afraid. Some places have great power generation possibilities, either through solar, small-scale hydro or wind. Some projects just find the cash to keep a generator running. Most don't.
In every case, reducing your power footprint only makes sense. Batteries are hugely expensive and difficult to transport, so the less power storage you need, the better. Running off low-voltage DC is great, because it's much more efficient over short distances.
Solid-state is your friend. It's more resistant to heat, dust and other environmental factors. Small form factors also help, because buildings are often rudimentary at best. Being able to stick everything in a seal-able, easily transported box makes everyone's life easier.
In many cases, the right answer is actually to reduce the amount of automation in your work. Human labour is cheap and time is plentiful, whereas power and equipment are not. Building the right amount of inefficiency into your system is a counter-intuitive but often rewarding approach.
What would you suggest? Lesser hardware? Surely there must be a solution somewhere in the middle of "I want this" and "I can use this".
Yep, there is. But it's not always where you think.
Shameless (but hopefully useful) self-promotion:
I've been living and working in Least Developed Countries in the tropics for nearly 6 years now, and for the last 2, I've been writing a weekly IT-related column called Communications. There's a ton of advice in there. Go take a look. Check my tag cloud for relevant topics.
Here are a few fundamentals:
-1- The first thing to do is to adjust both hardware and - and this is important- software to the circumstances. Focus on the task first, then avoid confusing how that task is completed in a North American office environment with 'the right way' to do things.
-2- Scale everything down, in order to make the cost of failure of any single element as small as possible. This way, you get a solution that's replicable, affordable and - most importantly- easily replaced when (not if) it breaks.
-3- If you have unreliable power, then do two things first: Make your system tolerant to current fluctuations[*], and then plan for an intermittently available service. Forget about trying to keep it running at all times. Just minimise the cost of interruptions. A surge suppressing electrical switch on the wall where your main power source enters the building will cost you less and save you more than anything else.
[*] Bad (i.e. poor quality) power is the source of about 80% of hardware failure where I live. Every time the local power company hits us with brown-outs and spikes, I'd get a surge (heh!) of customer service calls.
To me, this situation screams 'require redundancy'. I understand this was not given as an option originally, but with the environment described I would certainly not want to rely on one single server.
Yes, redundancy is good. Cheap, small, easily replaced devices are good. Snap-shotted VMs are also good. The bottom line is that you need to keep the cost of failure low, because the system is certain to fail due to environmental factors. A good motto for working in the Developing World is: If you can't beat 'em, at least don't lose too much.
The best way to do this is to try to run on hardware that's about 3-5 years behind the curve, or to go straight to the bleeding edge of low-power tech.
To the submitter: I have a personal interest in Bangladesh, by the way. You can reach me by leaving a comment on my website. Good luck!
P.S. Unless money and space are no object, you'll never run full-time computing services on solar power. Especially in monsoon season. IMO, best not to try.
When a parent tells a child to commit a crime there isn't really a point to punish the kid. The government asked them to do something. Even if it is illegal the boss of the country asked them. It would be silly for the boss to then punish the kid for doing as told.
Tell that to the German officers who were executed for crimes against humanity, despite pleading their innocence on exactly these grounds.
This plea has since become known as the Nuremberg Defence. To my mind, it's no more compelling today than it was over 60 years ago, when we rejected it out of hand.
In order for a democracy to remain healthy, it requires the participation of its citizens. This means more than just occasionally visiting a polling station. It means that, from time to time, we will be asked to challenge, in very practical terms, the validity of the assumptions to which we all adhere.
I do not for a second believe that the NSA management and staff involved in this operation were not acutely aware that they were circumventing the law. If they knowingly broke the law, then they should be prepared to face the consequences.
Opposing the System usually comes with a price. I don't doubt that refusing to carry out orders would be a, uh, career-limiting decision. But those who willingly participate in an immoral, unethical and illegal system should face the consequences of their choice as well.
One character messages only. Now you can say the same things even faster.
Feh. Ancient history.
An entire genre of prose was derived from the high cost of sending telegrams. Hemingway is probably the most famous example, but a whole generation of journalists learned to pare down their sentences to the absolute minimum to save on transmission costs.
True story: A foreign correspondent was sent to a distant country to prepare some coverage of an imminent war. Because telegraph costs were so high, the home office had prepared large amounts of background already, and kept it sitting on file. All they needed to know was when to print it.
The parsimonious editor sent the following message to his correspondent:
?
To which the correspondent replied:
!
The same day the front page announced news of the outbreak of war.
Services like Amazon could just have a personal preferences for users that allows them to selectively exclude either gay content or content from gay authors. Problem solved.
[Emphasis mine]
Er, why would you want to omit classics by Christopher Marlowe, Somerset Maugham, Oscar Wilde, Evelyn Waugh, Walt Whitman, Joe Orton etc. etc. etc.?
Maybe while we're at it we should stop looking at sculptures by Michelangelo and listening to music by Tchaikovsky. And who needs Newtonian physics, anyway?
Sheesh. Just think for two seconds before you post. Please.
It's still a government trying to tell its people what words they should and should not see, which is censorship and something to notice and oppose.
I give a shit, precisely because it's notgovernment performing these actions. I get worried whenever an autonomous body takes it on itself to be an arbiter of public morals, and even the courts refuse to step into the fray.
I've a number of personal reasons for finding this particular story interesting. My parents and extended family are Irish, and some of them have been fighting for a generation against the reactionary inclinations of some elements of Irish society. (That's half the reason I was born in Canada.) This sanctimonious approach to 'dirty' subjects is typical of the kind of thing that makes even a polite discussion about morality nearly impossible. How can you talk about something if you can't even use the word that most aptly describes it?
Second, I'm coordinating work on the creation of a governance mechanism for a ccTLD in the developing world. Society here is very conservative in nature, and this is exactly the kind of object lesson we need to learn from.
You may not find this an interesting or enlightening topic, but those of us who care about the places where technology and society intersect find stories like this fascinating, challenging and yes, definitely news for nerds.
He discovered her identity fair and square. Would you propose that one must pretend not to know who someone behind a publication is based on some arbitrary set of circumstances. "Pay no attention to the man behind the curtain" and whatnot.
That's not the issue. What's being questioned here is what purpose is served by sharing that knowledge with a few thousand of his closest friends via his political mailing list.
It's not so much that he's broken any laws that sticks on my craw, it's the fact that he felt it necessary to expose a critic (from within his own party, no less) to ad hominem attack. He could have engaged constructively with the ideas themselves, but instead he felt it necessary to spend all his time and effort simply putting a name to the words.
As an ex-journalist, Doogan should have shown a little more respect to the long history in the US of anonymous political speech, dating from the Federalist Papers. Disagree with what they're saying? No problem; let's engage on the ideas. I can respect that.
But when he spends all his time and effort publicly identifying and attacking the person, Doogan loses whatever respect I might have been willing to give him.
What he's done is not necessarily illegal. It's just petty and disrespectful.
...I trust those Debian guys to check the code before they build it into securely signed binary packages for me and other joes to consume. Before it reaches me the software has already had "many eyes" looking at it.
The funny thing is that even when 'many eyes' fail (for example, the recent Debian SSL debacle), people still assume that the process works, including the bad guys.
I'm no security professional, so I could be wrong here, but I've seen no indication that there was any systematic exploitation of that gaping security hole during the 18 months it was present. Yes, the reason is laxity, and that's a flaw in the process. But the fascinating part is that it appears everyone - white hat to black - has faith in the process.
It seizes to amaze me as to why they would make this public, 8 days before conficker is "supposed" to become active.
It's like telling your enemy "Hey, I know where and when your going to strike"
We know it's capable to updating itself, this just gives the author an 8 day head start on writing a new pseudo random URL generator.
Others have already answered to the effect that publicly coordinating actions doesn't significantly raise the exposure in this particular case.
But going beyond that, are you sure that they're not manoeuvring in the face of the enemy, trying to elicit a response? Once you've got a subject under observation, sometimes the best way to learn its true nature is to poke it and see what it does.
What everyone before us has done when they were fed up with their rulers: Line a few of the worst offenders up against the wall. Makes one hell of an example for the rest, at least for a while.
You're forgetting the part where the guy with the gun gets really good at it, and starts lining everyone up to the wall unless they sit down and shut up.
That, by the way, is the example which democracy was supposed to learn from: Force of law instead of rule of force.
This is Canada. We don't make noise. We write letters. And only if it's about something that's really really annoying.
Yeah, things like the invasion of Poland, or when someone (ahem!) burnt down the city of York. Of course, we deliver those letters personally, and staple the envelope to the forehead of the recipient. Repeatedly.
Computers, for most of us, exist to accomplish other tasks. The users really don't care about the underlying architecture, or how comp sci awesome it might be, they just care about feature parity when big chunks are replaced.
I propose we come up with a name or a term for this argument so that it doesn't have to be rewritten verbatim every single time there's an article that even begins to hint at either a usability issue or the expectations of the average end-user.
Call it 'Little Red Hen Syndrome', then. The unfortunate truth is that non-participants in FOSS culture are only coincidentally beneficiaries of its largesse.
Actually finding a role for oneself in the process of making Free Software better is at times onerous, awkward and occasionally frustrating. Ironing out differences in perspective and expectation is a task that humanity has never done well, and - surprise surprise - FOSS is no exception.
My personal experience, however, is that, like democracy, it's simply the least terrible of all the alternatives.
An example: I endured online standards flame wars of the 1990s, trying to maintain a calm, rational stance in the face of unreasoning demands made by co-called Web Developers who really thought they could author HTML with the same ease (and tools) as a Word document.
It was ugly at times, an imperfect and agonisingly slow process, but now at last it's conventional wisdom that content and presentation are two separate things. Most web developers working today don't realise just what an effort it took to actually sell people on the approach that's now accepted as axiomatic.
I'll be the last person to say that everyone who doesn't participate in FOSS projects should shut up. Quite the opposite. All I'm suggesting is that if you're going to tell Mama Raguzzi how to cook better pasta, you'd do well to learn a little Italian.
Criticism, discussion, griping and debate all have their place. Learning to formulate one's thoughts in a culturally appropriate manner sure helps make them more palatable and ultimately more useful.
For those who don't know and don't care: You have my sympathy when things don't work out to your satisfaction. But it's simply not realistic for you to expect FOSS to care about you if you don't care about it.
The infinite replicability of binary data makes it possible for everyone to share in the outputs of a few. But it's not rational to expect those bits to take a shape that more perfectly meets your needs unless you help to shape them yourself.
In that respect, "software freedom" is rather like "freedom of the press," something to be celebrated on the Fourth of July.
It's practical significance is for those in the trade - and even there it can be more symbolic than real.
I was tempted to say that your attitude toward press freedom is telling, but then I decided to replace the word 'symbolic' above with 'potential'.
Ultimately, I think I can accept your premise, if not your interpretation. But then again, I've contributed to more than a couple of FOSS projects, andI write a weekly IT column, precisely because I think there's a place for both every day in the year.
I work in the developing world, and am an aggressive user and promoter of FOSS mostly because of the robustness of the system (if not in all particulars). Speaking from experience, the virtues of an open system have direct, practical applications in my day-to-day work.
Call me lucky, or call me someone who's decided to actually use those things that you insist exist mostly in potentio, but I've actually had FOSS developers travel thousands of miles to see how they can help here.
You can call me lucky if you like, but I don't think I'd agree. I can certainly accept that my example is not common. But it would be more accurate to say that I'm simply one person who's decided that FOSS culture is there to be exploited, and I've been rewarded significantly for my efforts, and those of others as well.
Bottom line: The strengths that you seem to pooh-pooh are real; and they have very real rewards. If you invest in them.
I think it's rather impressive that Microsoft hasn't run out of feet to shoot. Nor bullets, apparently. Then again, they may have amassed an ample supply of peg-legs in their fight against piracy.
Completely off-topic: am I the only one who has ever had the thought that companies selling products and then also selling training/certifications for use of those products is a weird conflict of interest?
It's not at all off-topic, and no, you're not the only one who writhes whenever some vendor announces their new certification scheme.
No matter how 'neutrally' they dress it up, product-specific training is more about product sales than it is about education. Not only that, but cookie-cutter certs also degrade the value of real learning. Rather than teach the fundamentals of, say, networked systems, standards and principles, 'students' are given cookbook approaches that encourage the worst kinds of cargo cult behaviour.
The only thing I'm thankful to the MCSE programme for is that it allowed me a quick way to identify which potential employers were worth even the cost of a stamp.
But the thing is, HTML was/is *designed* so that companies can extend it! (That's why HTML ignores tags it doesn't understand, for example.)
The extensibility you are referring to is for XHTML (the 'X' actually stands for eXtensible). That's an important distinction, because when a company extends XHTML, they do it using XML, which must be valid and well-formed.
I am nearly certain that microsoft.com is not being marked incompatible because of valid, well-formed XHTML extensions. I know for certain that google.com. is not.
With reference to ActiveX - the issue has always been security, not validity. Valid or not, ActiveX is a security hole you can drive a sandworm through.
Show them how quickly discovered vulnerabilities are patched and how much discussion each bug receives. Ask the competitors to provide access to their discussion groups and bug logs. Compare. Contrast.
I'd put the emphasis on 'Compare'.
Print two lists. One containing all the critical vulnerabilities that have been reported in the last twelve months, along with numbers of exploited machines worlwide. The other will be a list of how many of these vulnerabilities have affected your supported machines.
If you've been doing your job well, the second list will be a blank page.
This couldn't be a political ploy to appear to be reaching across the gender isle to fill an ambiguous position with no real future impact on society, could it?
'Gender Isle'. That's inadvertent genius.
Okay, seriously, she does have serious military training, pretty decent database chops, and she did create cocaine traffic flow models for the government in the past. That leads me to believe that:
She knows a thing or two about geek stuff.
She has a pretty high security clearance.
She could probably kill you with her bare hands.
Conclusion: Probably best to show a little respect.
My company provides VSAT service in the Middle East and Africa, including as far east as Afghanistan.
I have a colleague working in Internet in Afghanistan. He tells me there are others investing directly in building out VSAT access there as well. See o3b Networks for details.
His personal observation? It's interesting work and very very challenging in a place like Afghanistan, fighting your way through the red tape alone is a major achievement, then there are all the service delivery problems without any infrastructure.
If you're there on a military assignment, it sounds like your best option - for now, at least - is to use whatever's available on the base. Outside of Kabul, it's bound to be better (or at least, more robust) than any commercial offering.
In some developing countries, software piracy is not considered illegal. In Russia, which is not a signatory to the Berne Convention it is legal to copy any software as long as it is not in the Russian language.
Erm, careful. I live in a country that hasn't ratified the Berne Conventions on Copyright, but that only protects the vendors downtown who copy every application and movie they can get their hands on.
If you install software, you generally have to agree to the terms of the license before you get going. Contract law does exist in nearly every jurisdiction, and EULA's are (arguably) widely enforceable.
At least, that was the argument that Microsoft made when they paid a visit to the government a couple of years back. It was compelling enough that the government sat down and negotiated a blanket license agreement with them.
Slashdot Mirror
Goodness, if possible, forget VM's. Use multiple OLPC systems, which are fiscally sensible, extremely low power, and startingly robust. Salt air and water is a problem: consider machines exposed to that for a year or so to be due for replacement.
[In reply to both you and GP]
I like the XO a lot, but as a personal computing system, not a server. Frankly, the CPU's a little lightweight for anything non-trivial. Keyboard input is difficult for adults - that's by design, of course - and while I agree that the machine is remarkably robust, the form factor isn't ideal for adult use.
As for a cluster of anything... while I agree that ruggedised laptops are a good solution for general computing needs, adding pieces to this particular puzzle isn't necessarily a Good Thing. If it were up to me, you'd have to make a pretty compelling case that more than one machine was needed before I'd even contemplate that kind of configuration.
I've seen systems break down for the most trivial of reasons. You have to factor in local technical capability on top of everything else. In the country I'm living in right now, there's not a single individual with significant experience with distributed computing. If you're confident that support for that level of complexity will be there for the life of the project, then by all means go ahead. Just don't expect things to work if you go offsite for more than 24 hours.
The KISS principle applies in spades here, Cleverness is usually punished in such scenarios. As a friend of mine likes to say: If you want to make the gods laugh, tell them your plans.
Yep. Power is the single biggest problem faced by rural ICT-related projects in my part of the world. It's dead easy to find someone to donate equipment. It's incredibly hard finding someone willing to pay you to run it.
The answer to the power question is horses for courses, I'm afraid. Some places have great power generation possibilities, either through solar, small-scale hydro or wind. Some projects just find the cash to keep a generator running. Most don't.
In every case, reducing your power footprint only makes sense. Batteries are hugely expensive and difficult to transport, so the less power storage you need, the better. Running off low-voltage DC is great, because it's much more efficient over short distances.
Solid-state is your friend. It's more resistant to heat, dust and other environmental factors. Small form factors also help, because buildings are often rudimentary at best. Being able to stick everything in a seal-able, easily transported box makes everyone's life easier.
In many cases, the right answer is actually to reduce the amount of automation in your work. Human labour is cheap and time is plentiful, whereas power and equipment are not. Building the right amount of inefficiency into your system is a counter-intuitive but often rewarding approach.
What would you suggest? Lesser hardware? Surely there must be a solution somewhere in the middle of "I want this" and "I can use this".
Yep, there is. But it's not always where you think.
Shameless (but hopefully useful) self-promotion:
I've been living and working in Least Developed Countries in the tropics for nearly 6 years now, and for the last 2, I've been writing a weekly IT-related column called Communications. There's a ton of advice in there. Go take a look. Check my tag cloud for relevant topics.
Here are a few fundamentals:
-1- The first thing to do is to adjust both hardware and - and this is important- software to the circumstances. Focus on the task first, then avoid confusing how that task is completed in a North American office environment with 'the right way' to do things.
-2- Scale everything down, in order to make the cost of failure of any single element as small as possible. This way, you get a solution that's replicable, affordable and - most importantly- easily replaced when (not if) it breaks.
-3- If you have unreliable power, then do two things first: Make your system tolerant to current fluctuations[*], and then plan for an intermittently available service. Forget about trying to keep it running at all times. Just minimise the cost of interruptions. A surge suppressing electrical switch on the wall where your main power source enters the building will cost you less and save you more than anything else.
[*] Bad (i.e. poor quality) power is the source of about 80% of hardware failure where I live. Every time the local power company hits us with brown-outs and spikes, I'd get a surge (heh!) of customer service calls.
To me, this situation screams 'require redundancy'. I understand this was not given as an option originally, but with the environment described I would certainly not want to rely on one single server.
Yes, redundancy is good. Cheap, small, easily replaced devices are good. Snap-shotted VMs are also good. The bottom line is that you need to keep the cost of failure low, because the system is certain to fail due to environmental factors. A good motto for working in the Developing World is: If you can't beat 'em, at least don't lose too much.
The best way to do this is to try to run on hardware that's about 3-5 years behind the curve, or to go straight to the bleeding edge of low-power tech.
To the submitter: I have a personal interest in Bangladesh, by the way. You can reach me by leaving a comment on my website. Good luck!
P.S. Unless money and space are no object, you'll never run full-time computing services on solar power. Especially in monsoon season. IMO, best not to try.
When a parent tells a child to commit a crime there isn't really a point to punish the kid. The government asked them to do something. Even if it is illegal the boss of the country asked them. It would be silly for the boss to then punish the kid for doing as told.
Tell that to the German officers who were executed for crimes against humanity, despite pleading their innocence on exactly these grounds.
This plea has since become known as the Nuremberg Defence. To my mind, it's no more compelling today than it was over 60 years ago, when we rejected it out of hand.
In order for a democracy to remain healthy, it requires the participation of its citizens. This means more than just occasionally visiting a polling station. It means that, from time to time, we will be asked to challenge, in very practical terms, the validity of the assumptions to which we all adhere.
I do not for a second believe that the NSA management and staff involved in this operation were not acutely aware that they were circumventing the law. If they knowingly broke the law, then they should be prepared to face the consequences.
Opposing the System usually comes with a price. I don't doubt that refusing to carry out orders would be a, uh, career-limiting decision. But those who willingly participate in an immoral, unethical and illegal system should face the consequences of their choice as well.
One character messages only. Now you can say the same things even faster.
Feh. Ancient history.
An entire genre of prose was derived from the high cost of sending telegrams. Hemingway is probably the most famous example, but a whole generation of journalists learned to pare down their sentences to the absolute minimum to save on transmission costs.
True story: A foreign correspondent was sent to a distant country to prepare some coverage of an imminent war. Because telegraph costs were so high, the home office had prepared large amounts of background already, and kept it sitting on file. All they needed to know was when to print it.
The parsimonious editor sent the following message to his correspondent:
?
To which the correspondent replied:
!
The same day the front page announced news of the outbreak of war.
Services like Amazon could just have a personal preferences for users that allows them to selectively exclude either gay content or content from gay authors. Problem solved.
[Emphasis mine]
Er, why would you want to omit classics by Christopher Marlowe, Somerset Maugham, Oscar Wilde, Evelyn Waugh, Walt Whitman, Joe Orton etc. etc. etc.?
Maybe while we're at it we should stop looking at sculptures by Michelangelo and listening to music by Tchaikovsky. And who needs Newtonian physics, anyway?
Sheesh. Just think for two seconds before you post. Please.
Really. Who gives a shit? Nobody should.
[snip]
It's still a government trying to tell its people what words they should and should not see, which is censorship and something to notice and oppose.
I give a shit, precisely because it's not government performing these actions. I get worried whenever an autonomous body takes it on itself to be an arbiter of public morals, and even the courts refuse to step into the fray.
I've a number of personal reasons for finding this particular story interesting. My parents and extended family are Irish, and some of them have been fighting for a generation against the reactionary inclinations of some elements of Irish society. (That's half the reason I was born in Canada.) This sanctimonious approach to 'dirty' subjects is typical of the kind of thing that makes even a polite discussion about morality nearly impossible. How can you talk about something if you can't even use the word that most aptly describes it?
Second, I'm coordinating work on the creation of a governance mechanism for a ccTLD in the developing world. Society here is very conservative in nature, and this is exactly the kind of object lesson we need to learn from.
You may not find this an interesting or enlightening topic, but those of us who care about the places where technology and society intersect find stories like this fascinating, challenging and yes, definitely news for nerds.
He discovered her identity fair and square. Would you propose that one must pretend not to know who someone behind a publication is based on some arbitrary set of circumstances. "Pay no attention to the man behind the curtain" and whatnot.
That's not the issue. What's being questioned here is what purpose is served by sharing that knowledge with a few thousand of his closest friends via his political mailing list.
It's not so much that he's broken any laws that sticks on my craw, it's the fact that he felt it necessary to expose a critic (from within his own party, no less) to ad hominem attack. He could have engaged constructively with the ideas themselves, but instead he felt it necessary to spend all his time and effort simply putting a name to the words.
As an ex-journalist, Doogan should have shown a little more respect to the long history in the US of anonymous political speech, dating from the Federalist Papers. Disagree with what they're saying? No problem; let's engage on the ideas. I can respect that.
But when he spends all his time and effort publicly identifying and attacking the person, Doogan loses whatever respect I might have been willing to give him.
What he's done is not necessarily illegal. It's just petty and disrespectful.
The funny thing is that even when 'many eyes' fail (for example, the recent Debian SSL debacle), people still assume that the process works, including the bad guys.
I wrote more about this issue in an article titled 'Trust Works All Ways'.
I'm no security professional, so I could be wrong here, but I've seen no indication that there was any systematic exploitation of that gaping security hole during the 18 months it was present. Yes, the reason is laxity, and that's a flaw in the process. But the fascinating part is that it appears everyone - white hat to black - has faith in the process.
It seizes to amaze me as to why they would make this public, 8 days before conficker is "supposed" to become active.
It's like telling your enemy "Hey, I know where and when your going to strike"
We know it's capable to updating itself, this just gives the author an 8 day head start on writing a new pseudo random URL generator.
Others have already answered to the effect that publicly coordinating actions doesn't significantly raise the exposure in this particular case.
But going beyond that, are you sure that they're not manoeuvring in the face of the enemy, trying to elicit a response? Once you've got a subject under observation, sometimes the best way to learn its true nature is to poke it and see what it does.
And what do you propose we do?
What everyone before us has done when they were fed up with their rulers: Line a few of the worst offenders up against the wall. Makes one hell of an example for the rest, at least for a while.
You're forgetting the part where the guy with the gun gets really good at it, and starts lining everyone up to the wall unless they sit down and shut up.
That, by the way, is the example which democracy was supposed to learn from: Force of law instead of rule of force.
Yeah, things like the invasion of Poland, or when someone (ahem!) burnt down the city of York. Of course, we deliver those letters personally, and staple the envelope to the forehead of the recipient. Repeatedly.
...And politely.
For god's sake, someone nail his feet to the pedestal.
I propose we come up with a name or a term for this argument so that it doesn't have to be rewritten verbatim every single time there's an article that even begins to hint at either a usability issue or the expectations of the average end-user.
Call it 'Little Red Hen Syndrome', then. The unfortunate truth is that non-participants in FOSS culture are only coincidentally beneficiaries of its largesse.
Actually finding a role for oneself in the process of making Free Software better is at times onerous, awkward and occasionally frustrating. Ironing out differences in perspective and expectation is a task that humanity has never done well, and - surprise surprise - FOSS is no exception.
My personal experience, however, is that, like democracy, it's simply the least terrible of all the alternatives.
An example: I endured online standards flame wars of the 1990s, trying to maintain a calm, rational stance in the face of unreasoning demands made by co-called Web Developers who really thought they could author HTML with the same ease (and tools) as a Word document.
It was ugly at times, an imperfect and agonisingly slow process, but now at last it's conventional wisdom that content and presentation are two separate things. Most web developers working today don't realise just what an effort it took to actually sell people on the approach that's now accepted as axiomatic.
I'll be the last person to say that everyone who doesn't participate in FOSS projects should shut up. Quite the opposite. All I'm suggesting is that if you're going to tell Mama Raguzzi how to cook better pasta, you'd do well to learn a little Italian.
Criticism, discussion, griping and debate all have their place. Learning to formulate one's thoughts in a culturally appropriate manner sure helps make them more palatable and ultimately more useful.
For those who don't know and don't care: You have my sympathy when things don't work out to your satisfaction. But it's simply not realistic for you to expect FOSS to care about you if you don't care about it.
The infinite replicability of binary data makes it possible for everyone to share in the outputs of a few. But it's not rational to expect those bits to take a shape that more perfectly meets your needs unless you help to shape them yourself.
I was tempted to say that your attitude toward press freedom is telling, but then I decided to replace the word 'symbolic' above with 'potential'.
Ultimately, I think I can accept your premise, if not your interpretation. But then again, I've contributed to more than a couple of FOSS projects, and I write a weekly IT column, precisely because I think there's a place for both every day in the year.
I work in the developing world, and am an aggressive user and promoter of FOSS mostly because of the robustness of the system (if not in all particulars). Speaking from experience, the virtues of an open system have direct, practical applications in my day-to-day work.
Call me lucky, or call me someone who's decided to actually use those things that you insist exist mostly in potentio, but I've actually had FOSS developers travel thousands of miles to see how they can help here.
You can call me lucky if you like, but I don't think I'd agree. I can certainly accept that my example is not common. But it would be more accurate to say that I'm simply one person who's decided that FOSS culture is there to be exploited, and I've been rewarded significantly for my efforts, and those of others as well.
Bottom line: The strengths that you seem to pooh-pooh are real; and they have very real rewards. If you invest in them.
I think it's rather impressive that Microsoft hasn't run out of feet to shoot. Nor bullets, apparently. Then again, they may have amassed an ample supply of peg-legs in their fight against piracy.
Actually, they're the legs from broken chairs.
Its 43.
I think you've got a fencepost error in your life_the_universe_and_everything() method.
IPv9 would be the testing branch. IPv10 would be production.
What. Ever.
You and I both know we'll barely be finished the IPv6 roll out by then.
Looks like you already did.
/me ducks and runs
It's not at all off-topic, and no, you're not the only one who writhes whenever some vendor announces their new certification scheme.
No matter how 'neutrally' they dress it up, product-specific training is more about product sales than it is about education. Not only that, but cookie-cutter certs also degrade the value of real learning. Rather than teach the fundamentals of, say, networked systems, standards and principles, 'students' are given cookbook approaches that encourage the worst kinds of cargo cult behaviour.
The only thing I'm thankful to the MCSE programme for is that it allowed me a quick way to identify which potential employers were worth even the cost of a stamp.
The extensibility you are referring to is for XHTML (the 'X' actually stands for eXtensible). That's an important distinction, because when a company extends XHTML, they do it using XML, which must be valid and well-formed.
I am nearly certain that microsoft.com is not being marked incompatible because of valid, well-formed XHTML extensions. I know for certain that google.com. is not.
With reference to ActiveX - the issue has always been security, not validity. Valid or not, ActiveX is a security hole you can drive a sandworm through.
HTH, HAND
Show them how quickly discovered vulnerabilities are patched and how much discussion each bug receives. Ask the competitors to provide access to their discussion groups and bug logs. Compare. Contrast.
I'd put the emphasis on 'Compare'.
Print two lists. One containing all the critical vulnerabilities that have been reported in the last twelve months, along with numbers of exploited machines worlwide. The other will be a list of how many of these vulnerabilities have affected your supported machines.
If you've been doing your job well, the second list will be a blank page.
'Gender Isle'. That's inadvertent genius.
Okay, seriously, she does have serious military training, pretty decent database chops, and she did create cocaine traffic flow models for the government in the past. That leads me to believe that:
Conclusion: Probably best to show a little respect.
I have a colleague working in Internet in Afghanistan. He tells me there are others investing directly in building out VSAT access there as well. See o3b Networks for details.
His personal observation? It's interesting work and very very challenging in a place like Afghanistan, fighting your way through the red tape alone is a major achievement, then there are all the service delivery problems without any infrastructure.
If you're there on a military assignment, it sounds like your best option - for now, at least - is to use whatever's available on the base. Outside of Kabul, it's bound to be better (or at least, more robust) than any commercial offering.
Good luck. Keep your head down.
Erm, careful. I live in a country that hasn't ratified the Berne Conventions on Copyright, but that only protects the vendors downtown who copy every application and movie they can get their hands on.
If you install software, you generally have to agree to the terms of the license before you get going. Contract law does exist in nearly every jurisdiction, and EULA's are (arguably) widely enforceable.
At least, that was the argument that Microsoft made when they paid a visit to the government a couple of years back. It was compelling enough that the government sat down and negotiated a blanket license agreement with them.