"Alternatively, only drop a session tracking ID by cookie then maintain session expiry data on the server."
Indeed. I would have thought it was common sense to pass no data at all in a cookie, except a session token. I think every app I've written in the last 6 years uses cookies for session tokens only. It doesn't completely protect you from man-in-the-middle attacks hijacking a session and altering data on the server, but it does help reduce the amount of information that can be stolen. And as a general rule, of course, if you're doing anything that's in any way sensitive, you should be encrypting the traffic anyway.
I work in a country where pornography is illegal, so whenever I set up a network I have to install a content filter as due diligence. Personally, I consider abuse of office resources to be a human resource issue, and I make it very clear to management that no filtering technology I can install will obviate the need for a clear Acceptable Use Policy and careful monitoring by staff and management.
I'm not entirely comfortable about blocking content on the Internet, as it's failure prone and IMO removes the responsibility from where I believe it should lie - squarely on the shoulders of the individual members of the organisation. I also find that the local attitude toward the human body extremely unhealthy and socially repressive. But because failure on my part to actively uphold the law of the land could result in my deportation and, more importantly, could harm the development organisation for whom I work, I hold my nose and install the filter anyway.
I still believe that the work I'm doing - bringing the Internet to places where it has never existed before - has more advantages than drawbacks. That's why I'm willing to compromise my principles and to go ahead with this.
That said, I am not working for the local government. Quite the contrary; I work for civil society organisations who spend a great deal of their time and energy keeping the government responsive to the needs of the people. I feel quite ambivalent about companies like Microsoft, Yahoo! and Google, who are in effect doing the government's work for it.
Gates' logic seems to run as follows:
We're improving access to information to the Chinese public;
In the process of doing that, we have to accept some reasonable compromises;
None the less, a net benefit results, so our proactive blocking of dissident content is mitigated by the more subtle influence of freer communication and more information.
I've tried to weigh the kind of compromises I'm willing to make in the course of trying to benefit society in the country where I work against the purported benefit that accrues to the people of China as a result of the presence of these tech corporations, and for reasons that I can't express very well, I still feel that avarice is leading Gates and co. to make rationalisations.
Anyway, this post is not really trying to prescribe so much as to suggest that the moral and ethical ground is not nearly as clear on either side as we might like. I emphatically disagree with the argument that corporations are amoral and should act only for profit, but at the same time, I have little patience for those who allow Platonic ideals to control their real world behaviour.
"So in designing the next generation of cellphone websites you can saftly ignore old standards."
You mis-spelled 'daftly'. 8^)
Seriously, writing for specific devices is exactly what HTML was supposed not to do. It was designed to be platform and software-independant, able to be displayed equally well in a variety of methods, from CLI to Safari. Netscape and, later, Microsoft did there best to subvert this idea, in an attempt to bind the web to their particular browser implementations. I'll leave it as an exercise to the reader to decide the extent to which they succeeded.
But as far as the future is concerned, as a web applications developer, I honestly hope that I am never asked to write a 'cellphone website'. If I've done my job right, the same structure and a different style sheet should suffice to make my web content render properly on a different device.
But I must give credit where credit is due: While I don't know about ignoring 'old' standards, I do agree that XHTML 2.0 will be much better suited to the task of serving content to a much wider array of devices than any version of HTML ever has.
"What's the big difference between a politician's blog and their already sanitized websites? I'm sure that even if they are the ones writing entries, they have them reviewed before posting."
Good question. In Kerry's case, I'd say the difference is the fact that he didn't post to his own site. He posted to a site that he (or his staffers) would certainly have known has a significant contingent of people who are extremely critical to him, his style and his tactics. He opened himself up to a fair drubbing: People said some very unkind things about him in language that reminds one more of, well, slashdot than any politician's website.
In short, this post could not hope to be a 'plant', or a safe bet. By posting to a site whose independance of opinion from the Democratic party talking points is well known, he promoted and upheld the heretofore waning belief that there is merit in a diversity of viewpoints and the frank exchange of opinion.
Kerry could well have posted the very same polemic on his website, and had his staffers vet a hundred or so positive comments to create the 'proper' impression, had he so wished. I don't want to guess his intentions or his motivations, but regardless of whether they were cynical or principled, he seemed to see some benefit in engaging on a level that few other politicians have done recently.
"And today, a DailyKos posting from John Kerry would be all but unread..."
His post got more responses than just about any other in the two years I've been visiting that blog. The number of comments went well above 1000 within a couple of hours.
What was most refreshing about the event was that many of the comments were extremely critical of Kerry and the Democratic 'mainstream'. Kerry made his points, most of which were accepted fairly readily, and did so in a forum that allowed people to respond not only to the issue at hand, but to him as a presidential candidate, a senator and a Democrat.
Kerry was good enough to follow up with a brief post the following day, stating that he was happy to suffer the 'slings and arrows' that accompanied the positive comments, and to say that he had taken them to heart.
Will he really take them to heart? Time will tell, I suppose. Some people suggested, based on what he said on a political talk show the next day, that he showed some signs of having listened. A quick scan of the other comments revealed a general sense of satisfaction and empowerment that political blogs like this one have gained enough credibility to merit the attention of high-ranking politicos such as Kerry.
For all the faults of political blogs - and they are many - they do have one significant benefit: They (re)create a 'town hall' space where people can present their opinions, gossip, knowledge and insight for consideration to the rest of the community. The fact that high-ranking politicians are willing to enter into this forum is a good sign. In doing so, they are moving into a space where it's much harder to package their views into simplistic aphorisms and anecdotes, a space where it's required that they provide reasoned arguments which can be dissected by those present and weighed by each individual.
That said, there's still a long way to go before Kerry et alia can fully earn the trust of long-time denizens of sites such as DailyKos. As one commentator put it, 'another 200 posts and you'll be a regular!'
"AFAIK, KDE and GNOME has both easy ways to create shares for now, but there is no way to configure SAMBA for just several default scenarios which could be - anonymous read-only, anonymous read-write, user-based read-only, user-based read-write, custom. Default could be user-based read-only."
SME Server does exactly that, through a very simple web interface. If you need corporate support, Mitel Networks provides a hardware/software package that's easily deployed into IT-less situations, like franchise offices or into teleworker setups.
Full disclosure: I worked on this software for a number of years, but in fairness, I like it enough that I continue to deploy it in places where people need robust but simple small network servers.
Not true. It could qualify as pre-Alpha, perhaps, but there's a working Perl 6 compiler (written in Haskell, of all things!), thanks to autrijus.
I recently sat down with a friend who's on the Perl 6 documentation team and she showed me a few of the new features in the language.
The fact that its designer, Larry Wall, is a linguist by training and inclination makes Perl a language that is as powerful and elegant as the author's ability allows. This means that yes, it can be used to create gibberish (and so can English, for that matter), but it can also be made to express things that would be significantly more difficult in other, more inflexible languages. Perl 6 represents a significant improvement in this regard.
I'm especially excited by the ability to create regular expression 'grammars', which are, IMO, going to revolutionise markup and natural language processing. In other words, Perl 6 promises to significantly increase the strengths of Perl 5, and to build on its capabilities.
Perl 6 doesn't ignore advances that have happened elsewhere in the programming universe. Data typing is now possible, and different data types have their own intrinsic functions now, which will allow programmers coming from java, etc. to do things they consider intuitive, like invoke the length property of a string.
It's unfortunate that Larry's poor health rendered the development of this new version such a slow and painful thing, but that doesn't at all mean that Perl 6 doesn't exist, or that it will be a museum piece before it sees the light of day. If you're a programmer working with a lot of textual data, Perl promises to remain just as useful and important as it has ever been.
"Sorry, but I don't see the point in creating a charity that will give out *computers*."
Fair enough. I'll take a few moments to explain what I'm doing. Perhaps that will help.
I work in a Least Developed Country in the South Pacific. Unemployment is about 70% and the average monthly income runs around USD 50. There are 87 inhabited islands in this country, most of them volcanic and mountainous, spread over about 1000 miles of ocean. As a result of the lack of economic capacity and the incredibly difficult geography, communications are extremely poor.
This lack of communications has a really powerful knock-on effect. Among the most glaring examples is the way members of parliament get elected. They travel over very small areas, saturating the constituents with gifts and promises. Once elected, they remove themselves to the capital, where they're seduced or coerced by the major power blocks and they largely neglect rural development. As a result, we have an unstable, fragmented and corrupt government that is largely ineffective in running, let alone improving, the nation.
So how does a conscientious voter in the village become aware of what's going on, and how do they call their prodigal MP to account? Newspapers can take weeks to reach the outer islands, but more often than not they never do. Radio is unavailable on all but three of the islands, and telephone charges run about USD 0.40 per minute. A single phone call can take up a week's income. When you can find a working telephone, that is.
There are any number of other examples that I could offer, like the need to determine a fair price for produce when it goes onto the ship, the need to stay in touch with family, disaster preparedness, emergency health services etc. etc. Every aspect of the nation's business is hindered by poor communications.
The People First Network is addressing the communication needs of people in the nearby Solomon islands using HF radios connected to refurbished laptop computers. We in Vanuatu are participating in that project and doing a little more. We're designing a 'next-generation' implementation that uses more robust devices, lower-power solutions, and wireless mesh networks to build 'islands' of connectivity. This allows us to reduce the costs per person to a level that's expensive but manageable for the average individual.
Having low-cost laptops available that don't require expensive batteries, that are robust and resistant to shock, heat and humidity would make this task immeasurably easier. The fact that they auto-configure into mesh networks makes them very desirable as well. In one scenario, a person could walk around a circuit of several villages, each hidden from the others by mountains, and each time the person comes into contact with another laptop, they could be configured to automatically exchange email using a UUCP-like approach. It wouldn't be instantaneous, but it would be a darn sight more efficient than anything else that's currently available, and it would work.
Computers have reached a level of capacity where consumer-grade products can actually provide decent basic services to people without any workable alternative. The folks at MIT have grasped this, and decided to go one step further. As someone who's spent the last few years working at cracking exactly the same nut, I welcome and congratulate them. What they want to do is ambitious, but it's acheivable, and when and if it works, it will certainly make life more liveable for people in places like Vanuatu.
P.S. One other objection I frequently see to computers is that people should receive books, which are cheaper and more durable. The answer to that one is that they are neither. They cost huge amounts of money to ship, and paper rots at a tremendous rate in the tropics. Also, there are seldom any decent places to house the books. A really durable laptop can store an entire library inside it, and because it's so small, it's easy to store safely and securely.
"Those countries don't need computers and universities. They need food, stable currencies, no war, a fair legal system, and less state, taxes, regulations, and corruption."
[Sorry, I'm normally a lot more restrained than this, but I'm just sick of responding to this same stupid point time after time. Mod me down if you must.]
What is this, the latest Fox news fabulum? I'm going to go crazy if I have to answer this stupid, binary logic many more times. There is absolutely nothing insightful or informative about this half-formed ignorance.
Look, every time someone suggests computers might be useful in the developing world, some pontificator comes out with the observation that they need some shopping list of 'more pragmatic' things, like food, housing etc. But how the fuck, I would like to know, is that ever going to happen if the country doesn't have an educated populace and a decent communications infrastructure? And how the fuck are they going to do that in the modern age without ubiquitous computer technology?
It makes me sick to see people who don't seem to know jack shit about life in the developing world spouting these inane opinions. It makes me sicker when these same rationalisations actually get used to block the progress that some of us are trying to make in this regard. Do you know what it's like to sit down with the head of a national foreign aid program and to see him react with surprise when I suggested that development here might be made easier if they put some effort into improving education and communications capacity?
Next time someone trots out this stale old chestnut, please consider that it is, occasionally, possible to walk and chew bubble-gum, at thew same time. Hunger reduction, human rights, housing etc. can actually be accompanied - and saints preserve us, improved - with better education and communications.
"To be fair, that article completely missed the fact that the WMF vulnerability was a known feature of the file format since times ancient."
That issue is irrelevant to the argument that the author was making, which was that the function itself did not behave the way it would reasonably be expected to, and that the observed behaviour was highly suspicious at best.
Again, the source article was an analysis of the function, not of the exploit per se.
I came to the conclusion that this organisation is nothing more than a marketing arm of the corporations involved when I read their list of recommendations. If this body had any conscience whatsoever, the first item on the list would be:
Use safe software. Some operating systems and software applications are more susceptible to spyware than others. Be sure to verify that any software you run on your computer lives up to the highest security standards.
Afterward, if the member corporations feel that they can make the case for their safety, more power to them. But to ignore this fundamental step is disingenuous and arguably deceptive.
"If that's the case, they chose a dumb place to put it, because the exploit doesn't even work on Windows 2000 and below without some program installed to handle WMF files."
Like, say... MS Office? Or MS Works?
I'm not at a Windows machine right now, so I can't verify whether Wordpad supports WMF. but I strongly suspect it does. It would be trivial to activate this backdoor/exploit/whatever using a Word document, for example, with ever requiring that the WMF file have an explicit association.
I'm one of those people who believes that extraordinary claims require extraordinary evidence. This guy has no proof that this is an intentional backdoor, but he's made a reasonably strong case that merits further investigation. Your assertion does nothing to diminish the weight of his evidence.
"I find the author's main argument, that FLOSS development is a natural and necessary result of economic forces, to be correct. However, to imagine that this is the only thing you should think about is naive."
Indeed. The author's thesis can be summarised thus:
Even if Stallman and the GPL had not come along, Open Source would have happened anyway. Therefore we should ignore the ethical and moral implications of Free Software development; after all, its contribution is only incidental. If there are no moral or ethical implications, and leadership has no value in this new market of ideas, all that remains is the Invisible Hand. All praise the Invisible Hand.
Adam Smith would be proud.
There's only one little drawback to his argument: Just because things could have happened differently doesn't mean they did. And because they happened the way they did, with development communities strongly influenced by the guidance of a few individuals (Linus, Stallman, Larry Wall, etc. etc.), we ignore the philosophical and very human underpinnings of FOSS development at our peril.
Making FOSS palatable to business people is a commendable idea, but doing so through disingenuous prevarication does a disservice to all concerned.
"Remember that by using hte software, you are agreeing to a license of some kind (GPL, Apache...whatever)."
Stop playing with that FUD, it's unhygienic.
GPL is a distribution license. It places no limitations and implies no responsibility whatsoever for users of the software. As far as the GPL is concerned, you can do whatever the heck you want with the software, but if you distribute it you have to make the source available too.
Come on folks, that's not so hard to understand, is it?.
"- Hey, now we're going to make a prediction that is even MORE far-fetched: Google will develop AI"
That's not so far-fetched. If you work in or study information retrieval, you find a lot of problems that could be fairly easily solved using the same advanced pattern recognition skills that higher vertebrates and humans have. Most of what google does is decide what sales message someone would be most receptive, based on the context of their search, email, news choice, etc. Contextualisation is something that's almost impossible to do effectively and efficiently using classical computational logic.
I personally don't like to characterise the problem space as 'developing AI' because that implies building something that acts like a human being. That's not at all what's required. It's entirely possible that new analytical or mathematical approaches might be found that make mechanical contextualisation more sympathetic to human tastes. And for all we know, google is working on them. If they are building sentient, world-crushing automatons, they're not telling anyone.
Available evidence tells us the one lesson they're trying to learn really well is how to do simple things on a scale that virtually no one else has ever attempted. This would be a necessary first step toward any classical solution to the pattern-matching problem at the core of their business. Massively parallel storage, retrieval and processing is critical to it. My conclusion therefore is that we need to look elsewhere for SkyNet. 8^)
"** >1,400,000 hours of actual (in the field) MTBF "
Hmmm. 1.4 million divide by 24... that's, uh, carry the one... about 58,333 days. Which would be, uh... ah, ignore the leap years... Almost 160 years. That means they've been testing this hardware since before the Civil War!
Wow, now is that dedication or what? Where do I buy me one of these babies?
"It doesn't matter who the dominant OS / company is, the biggest threat to security on anyones computers is the person sitting in front of it."
"You can't win a fight against ignorance, misunderstanding or plain stupidity. Microsoft has made some pretty damaging blows and that is commendable."
Bull.
If what you are saying were true, then the 3 Linux-only computer centres that I run would be constantly plagued with security issues caused by stupid user tricks. That's 30-odd computers providing service for a total of about 1000 first time users. That's 1000 people who have never used computers before in their life.[*]
[*] I work in IT in developing countries (i.e. in places where robustness counts).
Basically, what we're dealing with in this example is a QA tester's dream - a horde of cats on the keyboard doing virtually every imaginable thing to the systems. 1000 users playing freely with an operating system and software suite - that is what we call a statistically significant data set.
Do you know what my security-related downtime is over the last 12 months? It's zero. Do you know how many user-facing software bugs I've dealt with? About four. How many are still unresolved? Zero.
Now let's take a look over the fence at the beginner to intermediate-level office staff that I support. They almost exclusively use Windows XP, all at SP2 (if I have any say in the matter). Do you know how much of my service calls have been caused by problems related to spyware, viruses, trojans and other security-related concerns? About 30%. Software bug count? I barely even keep track any more, because when I do find a bug, I have to wait on someone else's corporate development cycle. I just work around and keep moving and hope that - insh'allah - someday it will get fixed.
I'm really tired of that silly 'They only hate us 'cause we're popular' line. I know for my part I hate MS because in my qualified professional opinion it's causes more problems than it solves. I worked developing software and information systems on Windows for almost 8 years before I decided that I could no longer maintain my own professional standards if I continued to use Windows.
So on behalf of those of us who disparage Microsoft for its demonstrably poor quality: Quit pretending that we're just making this up, or that everyone else would suck if they only sold more units. Quit pointing at the fanbois and accept that there are a large number of people who are basing their opinions on empirical fact, on solid professional experience. If you don't agree with the conclusions then either argue points of fact, or accept that we differ in our views. This simplistic and fundamentally speculative kind of hand-waving does nobody any good.
"McCain assures visitors that 'I do not use 'cookies'
Bush assures citizens that 'we get court orders to do wiretaps'"
You know, this is the thing that really shorts my circuits sometimes. Here we have a president who has effectively admitted, "Yeah, so I attack foreign nations, imprison and torture anyone I want to, arbitrarily decide who's allowed to fly and who's not, spy on anyone I want to, whether the courts want me to or not." And people very earnestly debate whether this is a partisan issue, and if so, which way will the libertarians move?
But hey folks, get the rope ready, start heating the tar and plucking the chickens, 'cause the senate website has cookies!
Slashdot Mirror
"Alternatively, only drop a session tracking ID by cookie then maintain session expiry data on the server."
Indeed. I would have thought it was common sense to pass no data at all in a cookie, except a session token. I think every app I've written in the last 6 years uses cookies for session tokens only. It doesn't completely protect you from man-in-the-middle attacks hijacking a session and altering data on the server, but it does help reduce the amount of information that can be stolen. And as a general rule, of course, if you're doing anything that's in any way sensitive, you should be encrypting the traffic anyway.
"If George Bush hired him, he can do whatever he damn well pleases with the reports."
George Bush didn't hire him. He's been working at NASA since 1967.
Care to re-phrase that argument?
"One of the quality assurance guys at work claims to receive "bugasms" when he finds a particularly juicy one."
I hope your company has great disability coverage, because if he's QA'ing Windows apps, that poor boy's going to go blind before long. 8^)
"Santa's invisible workshop is already there. Since it is such a large operation, it takes up most of the real estate up there."
Well, that and the Arctic Ocean, which makes real estate somewhat, er, mobile. 8^)
"I would promote violent overthrow, but that is a capitol offence :-)"
I'd point out that it's actually spelled 'capital', but that would take all the irony out of your statement. So I won't. 8^)
I work in a country where pornography is illegal, so whenever I set up a network I have to install a content filter as due diligence. Personally, I consider abuse of office resources to be a human resource issue, and I make it very clear to management that no filtering technology I can install will obviate the need for a clear Acceptable Use Policy and careful monitoring by staff and management.
I'm not entirely comfortable about blocking content on the Internet, as it's failure prone and IMO removes the responsibility from where I believe it should lie - squarely on the shoulders of the individual members of the organisation. I also find that the local attitude toward the human body extremely unhealthy and socially repressive. But because failure on my part to actively uphold the law of the land could result in my deportation and, more importantly, could harm the development organisation for whom I work, I hold my nose and install the filter anyway.
I still believe that the work I'm doing - bringing the Internet to places where it has never existed before - has more advantages than drawbacks. That's why I'm willing to compromise my principles and to go ahead with this.
That said, I am not working for the local government. Quite the contrary; I work for civil society organisations who spend a great deal of their time and energy keeping the government responsive to the needs of the people. I feel quite ambivalent about companies like Microsoft, Yahoo! and Google, who are in effect doing the government's work for it.
Gates' logic seems to run as follows:
I've tried to weigh the kind of compromises I'm willing to make in the course of trying to benefit society in the country where I work against the purported benefit that accrues to the people of China as a result of the presence of these tech corporations, and for reasons that I can't express very well, I still feel that avarice is leading Gates and co. to make rationalisations.
Anyway, this post is not really trying to prescribe so much as to suggest that the moral and ethical ground is not nearly as clear on either side as we might like. I emphatically disagree with the argument that corporations are amoral and should act only for profit, but at the same time, I have little patience for those who allow Platonic ideals to control their real world behaviour.
"So in designing the next generation of cellphone websites you can saftly ignore old standards."
You mis-spelled 'daftly'. 8^)
Seriously, writing for specific devices is exactly what HTML was supposed not to do. It was designed to be platform and software-independant, able to be displayed equally well in a variety of methods, from CLI to Safari. Netscape and, later, Microsoft did there best to subvert this idea, in an attempt to bind the web to their particular browser implementations. I'll leave it as an exercise to the reader to decide the extent to which they succeeded.
But as far as the future is concerned, as a web applications developer, I honestly hope that I am never asked to write a 'cellphone website'. If I've done my job right, the same structure and a different style sheet should suffice to make my web content render properly on a different device.
But I must give credit where credit is due: While I don't know about ignoring 'old' standards, I do agree that XHTML 2.0 will be much better suited to the task of serving content to a much wider array of devices than any version of HTML ever has.
"...[T]his is what gives me back some faith in my country."
Don't get too ahead of yourself. They're only doing this as a way of apologising for giving us Sara McLaughlin.
"What's the big difference between a politician's blog and their already sanitized websites? I'm sure that even if they are the ones writing entries, they have them reviewed before posting."
Good question. In Kerry's case, I'd say the difference is the fact that he didn't post to his own site. He posted to a site that he (or his staffers) would certainly have known has a significant contingent of people who are extremely critical to him, his style and his tactics. He opened himself up to a fair drubbing: People said some very unkind things about him in language that reminds one more of, well, slashdot than any politician's website.
In short, this post could not hope to be a 'plant', or a safe bet. By posting to a site whose independance of opinion from the Democratic party talking points is well known, he promoted and upheld the heretofore waning belief that there is merit in a diversity of viewpoints and the frank exchange of opinion.
Kerry could well have posted the very same polemic on his website, and had his staffers vet a hundred or so positive comments to create the 'proper' impression, had he so wished. I don't want to guess his intentions or his motivations, but regardless of whether they were cynical or principled, he seemed to see some benefit in engaging on a level that few other politicians have done recently.
"And today, a DailyKos posting from John Kerry would be all but unread..."
His post got more responses than just about any other in the two years I've been visiting that blog. The number of comments went well above 1000 within a couple of hours.
What was most refreshing about the event was that many of the comments were extremely critical of Kerry and the Democratic 'mainstream'. Kerry made his points, most of which were accepted fairly readily, and did so in a forum that allowed people to respond not only to the issue at hand, but to him as a presidential candidate, a senator and a Democrat.
Kerry was good enough to follow up with a brief post the following day, stating that he was happy to suffer the 'slings and arrows' that accompanied the positive comments, and to say that he had taken them to heart.
Will he really take them to heart? Time will tell, I suppose. Some people suggested, based on what he said on a political talk show the next day, that he showed some signs of having listened. A quick scan of the other comments revealed a general sense of satisfaction and empowerment that political blogs like this one have gained enough credibility to merit the attention of high-ranking politicos such as Kerry.
For all the faults of political blogs - and they are many - they do have one significant benefit: They (re)create a 'town hall' space where people can present their opinions, gossip, knowledge and insight for consideration to the rest of the community. The fact that high-ranking politicians are willing to enter into this forum is a good sign. In doing so, they are moving into a space where it's much harder to package their views into simplistic aphorisms and anecdotes, a space where it's required that they provide reasoned arguments which can be dissected by those present and weighed by each individual.
That said, there's still a long way to go before Kerry et alia can fully earn the trust of long-time denizens of sites such as DailyKos. As one commentator put it, 'another 200 posts and you'll be a regular!'
"AFAIK, KDE and GNOME has both easy ways to create shares for now, but there is no way to configure SAMBA for just several default scenarios which could be - anonymous read-only, anonymous read-write, user-based read-only, user-based read-write, custom. Default could be user-based read-only."
SME Server does exactly that, through a very simple web interface. If you need corporate support, Mitel Networks provides a hardware/software package that's easily deployed into IT-less situations, like franchise offices or into teleworker setups.
Full disclosure: I worked on this software for a number of years, but in fairness, I like it enough that I continue to deploy it in places where people need robust but simple small network servers.
"There is a school of thought that Sir Isaac said that not so much to be humble, but as a backhanded compliment towards Robert Hooke."
That may well be, but it seems that Newton was riffing on a metaphor that had already existed for centuries.
"Perl 6 is still vapor at this point."
Not true. It could qualify as pre-Alpha, perhaps, but there's a working Perl 6 compiler (written in Haskell, of all things!), thanks to autrijus.
I recently sat down with a friend who's on the Perl 6 documentation team and she showed me a few of the new features in the language.
The fact that its designer, Larry Wall, is a linguist by training and inclination makes Perl a language that is as powerful and elegant as the author's ability allows. This means that yes, it can be used to create gibberish (and so can English, for that matter), but it can also be made to express things that would be significantly more difficult in other, more inflexible languages. Perl 6 represents a significant improvement in this regard.
I'm especially excited by the ability to create regular expression 'grammars', which are, IMO, going to revolutionise markup and natural language processing. In other words, Perl 6 promises to significantly increase the strengths of Perl 5, and to build on its capabilities.
Perl 6 doesn't ignore advances that have happened elsewhere in the programming universe. Data typing is now possible, and different data types have their own intrinsic functions now, which will allow programmers coming from java, etc. to do things they consider intuitive, like invoke the length property of a string.
It's unfortunate that Larry's poor health rendered the development of this new version such a slow and painful thing, but that doesn't at all mean that Perl 6 doesn't exist, or that it will be a museum piece before it sees the light of day. If you're a programmer working with a lot of textual data, Perl promises to remain just as useful and important as it has ever been.
"Sorry, but I don't see the point in creating a charity that will give out *computers*."
Fair enough. I'll take a few moments to explain what I'm doing. Perhaps that will help.
I work in a Least Developed Country in the South Pacific. Unemployment is about 70% and the average monthly income runs around USD 50. There are 87 inhabited islands in this country, most of them volcanic and mountainous, spread over about 1000 miles of ocean. As a result of the lack of economic capacity and the incredibly difficult geography, communications are extremely poor.
This lack of communications has a really powerful knock-on effect. Among the most glaring examples is the way members of parliament get elected. They travel over very small areas, saturating the constituents with gifts and promises. Once elected, they remove themselves to the capital, where they're seduced or coerced by the major power blocks and they largely neglect rural development. As a result, we have an unstable, fragmented and corrupt government that is largely ineffective in running, let alone improving, the nation.
So how does a conscientious voter in the village become aware of what's going on, and how do they call their prodigal MP to account? Newspapers can take weeks to reach the outer islands, but more often than not they never do. Radio is unavailable on all but three of the islands, and telephone charges run about USD 0.40 per minute. A single phone call can take up a week's income. When you can find a working telephone, that is.
There are any number of other examples that I could offer, like the need to determine a fair price for produce when it goes onto the ship, the need to stay in touch with family, disaster preparedness, emergency health services etc. etc. Every aspect of the nation's business is hindered by poor communications.
The People First Network is addressing the communication needs of people in the nearby Solomon islands using HF radios connected to refurbished laptop computers. We in Vanuatu are participating in that project and doing a little more. We're designing a 'next-generation' implementation that uses more robust devices, lower-power solutions, and wireless mesh networks to build 'islands' of connectivity. This allows us to reduce the costs per person to a level that's expensive but manageable for the average individual.
Having low-cost laptops available that don't require expensive batteries, that are robust and resistant to shock, heat and humidity would make this task immeasurably easier. The fact that they auto-configure into mesh networks makes them very desirable as well. In one scenario, a person could walk around a circuit of several villages, each hidden from the others by mountains, and each time the person comes into contact with another laptop, they could be configured to automatically exchange email using a UUCP-like approach. It wouldn't be instantaneous, but it would be a darn sight more efficient than anything else that's currently available, and it would work.
Computers have reached a level of capacity where consumer-grade products can actually provide decent basic services to people without any workable alternative. The folks at MIT have grasped this, and decided to go one step further. As someone who's spent the last few years working at cracking exactly the same nut, I welcome and congratulate them. What they want to do is ambitious, but it's acheivable, and when and if it works, it will certainly make life more liveable for people in places like Vanuatu.
P.S. One other objection I frequently see to computers is that people should receive books, which are cheaper and more durable. The answer to that one is that they are neither. They cost huge amounts of money to ship, and paper rots at a tremendous rate in the tropics. Also, there are seldom any decent places to house the books. A really durable laptop can store an entire library inside it, and because it's so small, it's easy to store safely and securely.
"Those countries don't need computers and universities. They need food, stable currencies, no war, a fair legal system, and less state, taxes, regulations, and corruption."
[Sorry, I'm normally a lot more restrained than this, but I'm just sick of responding to this same stupid point time after time. Mod me down if you must.]
What is this, the latest Fox news fabulum? I'm going to go crazy if I have to answer this stupid, binary logic many more times. There is absolutely nothing insightful or informative about this half-formed ignorance.
Look, every time someone suggests computers might be useful in the developing world, some pontificator comes out with the observation that they need some shopping list of 'more pragmatic' things, like food, housing etc. But how the fuck, I would like to know, is that ever going to happen if the country doesn't have an educated populace and a decent communications infrastructure? And how the fuck are they going to do that in the modern age without ubiquitous computer technology?
It makes me sick to see people who don't seem to know jack shit about life in the developing world spouting these inane opinions. It makes me sicker when these same rationalisations actually get used to block the progress that some of us are trying to make in this regard. Do you know what it's like to sit down with the head of a national foreign aid program and to see him react with surprise when I suggested that development here might be made easier if they put some effort into improving education and communications capacity?
Next time someone trots out this stale old chestnut, please consider that it is, occasionally, possible to walk and chew bubble-gum, at thew same time. Hunger reduction, human rights, housing etc. can actually be accompanied - and saints preserve us, improved - with better education and communications.
"To be fair, that article completely missed the fact that the WMF vulnerability was a known feature of the file format since times ancient."
That issue is irrelevant to the argument that the author was making, which was that the function itself did not behave the way it would reasonably be expected to, and that the observed behaviour was highly suspicious at best.
Again, the source article was an analysis of the function, not of the exploit per se.
"When have Microsoft made Spyware, exactly?"
Since Windows 2000, apparently. 8^)
I came to the conclusion that this organisation is nothing more than a marketing arm of the corporations involved when I read their list of recommendations. If this body had any conscience whatsoever, the first item on the list would be:
Afterward, if the member corporations feel that they can make the case for their safety, more power to them. But to ignore this fundamental step is disingenuous and arguably deceptive.
"If that's the case, they chose a dumb place to put it, because the exploit doesn't even work on Windows 2000 and below without some program installed to handle WMF files."
Like, say... MS Office? Or MS Works?
I'm not at a Windows machine right now, so I can't verify whether Wordpad supports WMF. but I strongly suspect it does. It would be trivial to activate this backdoor/exploit/whatever using a Word document, for example, with ever requiring that the WMF file have an explicit association.
I'm one of those people who believes that extraordinary claims require extraordinary evidence. This guy has no proof that this is an intentional backdoor, but he's made a reasonably strong case that merits further investigation. Your assertion does nothing to diminish the weight of his evidence.
"I find the author's main argument, that FLOSS development is a natural and necessary result of economic forces, to be correct. However, to imagine that this is the only thing you should think about is naive."
Indeed. The author's thesis can be summarised thus:
Even if Stallman and the GPL had not come along, Open Source would have happened anyway. Therefore we should ignore the ethical and moral implications of Free Software development; after all, its contribution is only incidental. If there are no moral or ethical implications, and leadership has no value in this new market of ideas, all that remains is the Invisible Hand. All praise the Invisible Hand.
Adam Smith would be proud.
There's only one little drawback to his argument: Just because things could have happened differently doesn't mean they did. And because they happened the way they did, with development communities strongly influenced by the guidance of a few individuals (Linus, Stallman, Larry Wall, etc. etc.), we ignore the philosophical and very human underpinnings of FOSS development at our peril.
Making FOSS palatable to business people is a commendable idea, but doing so through disingenuous prevarication does a disservice to all concerned.
"Remember that by using hte software, you are agreeing to a license of some kind (GPL, Apache...whatever)."
Stop playing with that FUD, it's unhygienic.
GPL is a distribution license. It places no limitations and implies no responsibility whatsoever for users of the software. As far as the GPL is concerned, you can do whatever the heck you want with the software, but if you distribute it you have to make the source available too.
Come on folks, that's not so hard to understand, is it?.
"- Hey, now we're going to make a prediction that is even MORE far-fetched: Google will develop AI"
That's not so far-fetched. If you work in or study information retrieval, you find a lot of problems that could be fairly easily solved using the same advanced pattern recognition skills that higher vertebrates and humans have. Most of what google does is decide what sales message someone would be most receptive, based on the context of their search, email, news choice, etc. Contextualisation is something that's almost impossible to do effectively and efficiently using classical computational logic.
I personally don't like to characterise the problem space as 'developing AI' because that implies building something that acts like a human being. That's not at all what's required. It's entirely possible that new analytical or mathematical approaches might be found that make mechanical contextualisation more sympathetic to human tastes. And for all we know, google is working on them. If they are building sentient, world-crushing automatons, they're not telling anyone.
Available evidence tells us the one lesson they're trying to learn really well is how to do simple things on a scale that virtually no one else has ever attempted. This would be a necessary first step toward any classical solution to the pattern-matching problem at the core of their business. Massively parallel storage, retrieval and processing is critical to it. My conclusion therefore is that we need to look elsewhere for SkyNet. 8^)
"** >1,400,000 hours of actual (in the field) MTBF "
Hmmm. 1.4 million divide by 24... that's, uh, carry the one... about 58,333 days. Which would be, uh... ah, ignore the leap years... Almost 160 years. That means they've been testing this hardware since before the Civil War!
Wow, now is that dedication or what? Where do I buy me one of these babies?
"It doesn't matter who the dominant OS / company is, the biggest threat to security on anyones computers is the person sitting in front of it."
"You can't win a fight against ignorance, misunderstanding or plain stupidity. Microsoft has made some pretty damaging blows and that is commendable."
Bull.
If what you are saying were true, then the 3 Linux-only computer centres that I run would be constantly plagued with security issues caused by stupid user tricks. That's 30-odd computers providing service for a total of about 1000 first time users. That's 1000 people who have never used computers before in their life.[*]
[*] I work in IT in developing countries (i.e. in places where robustness counts).
Basically, what we're dealing with in this example is a QA tester's dream - a horde of cats on the keyboard doing virtually every imaginable thing to the systems. 1000 users playing freely with an operating system and software suite - that is what we call a statistically significant data set.
Do you know what my security-related downtime is over the last 12 months? It's zero. Do you know how many user-facing software bugs I've dealt with? About four. How many are still unresolved? Zero.
Now let's take a look over the fence at the beginner to intermediate-level office staff that I support. They almost exclusively use Windows XP, all at SP2 (if I have any say in the matter). Do you know how much of my service calls have been caused by problems related to spyware, viruses, trojans and other security-related concerns? About 30%. Software bug count? I barely even keep track any more, because when I do find a bug, I have to wait on someone else's corporate development cycle. I just work around and keep moving and hope that - insh'allah - someday it will get fixed.
I'm really tired of that silly 'They only hate us 'cause we're popular' line. I know for my part I hate MS because in my qualified professional opinion it's causes more problems than it solves. I worked developing software and information systems on Windows for almost 8 years before I decided that I could no longer maintain my own professional standards if I continued to use Windows.
So on behalf of those of us who disparage Microsoft for its demonstrably poor quality: Quit pretending that we're just making this up, or that everyone else would suck if they only sold more units. Quit pointing at the fanbois and accept that there are a large number of people who are basing their opinions on empirical fact, on solid professional experience. If you don't agree with the conclusions then either argue points of fact, or accept that we differ in our views. This simplistic and fundamentally speculative kind of hand-waving does nobody any good.
"McCain assures visitors that 'I do not use 'cookies'
Bush assures citizens that 'we get court orders to do wiretaps'"
You know, this is the thing that really shorts my circuits sometimes. Here we have a president who has effectively admitted, "Yeah, so I attack foreign nations, imprison and torture anyone I want to, arbitrarily decide who's allowed to fly and who's not, spy on anyone I want to, whether the courts want me to or not." And people very earnestly debate whether this is a partisan issue, and if so, which way will the libertarians move?
But hey folks, get the rope ready, start heating the tar and plucking the chickens, 'cause the senate website has cookies!