It exists in short-range form. You can broadcast within a few houses TV or Radio- it would be a new level of pirate radio if we could bring that further...
This brings in countless other issues such as syncronizing content between multiple servers. Also to load balance these, you need *gasp* a load balancer (or the DNS method, but that means your site is still inaccessable on many requests)- which needs to be updated. So you now need two load balancers taking over IPs from each other, and two hosting boxen...
Now deal with replicating files, settings, e-mail, backup, and databases between them.
The reality is that unless you have a very large operation to start with, it's impractical to do all of this.
Uptime is important to availability, because no transition is perfect.
"So you just plug it in, and Windows says 'hey- I've found a new device'. You'll notice that this scanner build *blue screen* whoa. Ummm... I guess this isn't why we're not shipping Windows 98 yet."
I wonder if that bug actually made it to production...
I'm not a big downloader myself, however I think that's where a lot of the downloading comes from. Your average university student is probably looking for some quick entertainment. Not only that, they want to put a value on it- and that value is less.
Of course, by still demanding it it becomes a catch-22. It just shows that people don't value it at $9USD or $13CDN the way the movie industry does. If a movie was $4-6, it becomes silly to spend an hour downloading it and finding it, because even a university student considers their time worth more than that.
I think the focus of the article was in in-theatre movies rather than 'dvd-rips' and other similar available-at-blockbuster movies. That was largely the focus of my comment.
How about the real issue here. The value proposition. This is consumers saying that paying $13.95CDN (or $9USD on AMC's web site) for a movie isn't kosher. This is consumers saying that paying $20+ for a DVD isn't worth it.
Movies are repetative and much worse than they ever were. I never find myself leaving so dissatisfied so often from so many movies out there.
Stop wasting money fighting this process, realize that just because you made money at the expense of consumers in the past does not mean that you should for the rest of time, and lower prices.
By the time a family of four (2 kids, 2 parents) gets their tickets, drinks, and popcorn, you're already up at $75-$100 for an evening of entertainment... What costs that much? I can go to a hockey game for less- and that's a product put on live!
Lower prices, and people will go. All this started when the $4-$8CDN movie prices disappeared and magically became $10.50, $12.95, $13.95, etc.
I'm not saying it's right to copy music/movies/software ($800+ for Office? $250 for windows? What is Adobe software nowdays?), but I'm saying that price really is the driving factor. Getting a group of 10 friends at someone's house with cheap popcorn and a free movie means you save 150-200 collectively... That's a lot of cash that could be spent elsewhere.
Some time ago (about a year), I called up WorldCom/MCI and asked them about getting an IPv6 address so that we could offer it to our customers (mostly as hype). Naturally, they said they had no IPv6 networks, nothing deployed, and have no immediate plans. Far off in the future.
So North America (mainly US) has no real interest in the cost of switching ALL of their computer systems, legacy systems, routers, and server systems to IPv6, so it really is a lot of work.
The problem isn't in the US where we sit on tons of IPs. Then again, why are there still web browsers that don't sent the HOST: header?
Also, not everyone is upgrading to WIn2k3 (for example)- where's IPv6 for those running NT4, 2000, etc? Where's IPv6 for old AIX machines?
Yes I know an article yesterday said seventy-something percent of Spam comes from the US. Nonetheless, I seem to get a ton of it from Chinanet.. Maybe if they can't access our networks...
*note: meant as funny- there really are a lot of flaws in this statement*
Apache 2 changes CORE functionality- great! But that doesn't really affect what it does, but rather how it does it. Maybe if it implemented some new HTTP 1.2 I would get it in there... but who'd notice?
Apache1 has been tried, tested, and true and has reached a lovely 1.3.33 version, of which security patches are rare and bugfixes are also rare. Similar situation with mod_ssl. So why leave your nice warm, structurally stable house in favour of the blistering cold to try something new that has a new version for bugs and security on a much more common basis? Personally, until Apache 2 gains some serious market share, I see no reason to leave. We provide hosting- and need reliability, and can't be wasting time with constant updates (though updates are better than not fixing of course) when we could otherwise stick with Apache 1.
Apache1 does one thing, and does it well. Period. Sure there are crazy new features of Apache2, and I've tried them else. Personally, I see nothing compelling to move at this point. There are a few small 'that would be nice' features, but really nothing exciting in the way of Linux2.6, WindowsXP, etc. Even 2.6 is having slow adoption. You can only find it on workstations, because no supportive provider is about to live on the bleeding edge and leave their customers bleeding. Apache on the other hand doesn't have a place on the workstation (unless it doubles as a causal server), so in the same way, you're trying to get those folks who prefer stable releases (like Debian stable) over bleeding edge.
So why switch?
"Bad press leads to lots of misinformed morons saying stupid things about how Apache 2 is not ready for prime time." -- I guess I'm one of those morons. Personally I'm not about to replace one of the core pieces of software between us and our customers with something that hasn't proven itself to me. We've set it up in testing environments, and found that it performed similarly and didn't offer anything new we need.
"The short answer is that no one submitted it, but of course there's more to it than that. This year we reached out to the SpamAssassin community and asked them to participate. Although a few well-meaning souls volunteered to be the contacts for SpamAssassin, when it came time to test no one would step up to the plate and represent the product at a level that would make it competitive to the other enterprise-focused vendors."
How about the Apache Software Foundation who now develops the product? ApacheCon happened about a month ago and I'm sure was swarming with all the folks who work on these Apache projects.
While I realize what they are saying (They'll actually have to take an hour, search google, and get directions with _might_ work as expected, rather than clicking NEXT>NEXT>NEXT>FINISH>), I still disagree with it.
Most of the other products are commercial and would cost money. If they paid for them (doubtful), of course there's an 800 number. If they got them free, I'm sure there is a big flag labeled PRIORITY next to their serial number.
So with Apache, there's no 800 number or authoritative contact. Ask any Guru and they'll tell you all about./configure && make && make install and then any final configuration on a system-wide or per-mailbox basis.
Bug a developer and you'll probably get great features like Razor and RBL activity in there.
All I'm saying is this happens all too often. Because there isn't a support@[opensourceproduct], reviewers look no further.
I would have been more impressed if they didn't mention it at all, as at least then they'd be ignorant rather than lazy/unresourceful
Subject: [2-42] Can I draw pictures on a disc with the recording laser?
(2004/03/09)
If you've ever looked at a recorded CD-R, you've probably noticed that the recorded and unrecorded areas have a different appearance. This is usually visible as a slight change in color. By controlling the write laser it's possible to mark the disc in a way that is meaningful to the human eye rather than to a CD player. Unfortunately, the level of control required to do this isn't achievable without firmware support.
In mid-2002, Yamaha announced "DiscT@2" (disc tattoo). This allows moderate-resolution (approx. 250dpi) graphics to be drawn in the parts of the disc that weren't recorded. Yamaha claims to get 256 shades of color (green, blue, or whatever color the disc happens to be), though it works best on dark blue azo discs. For more details and some pictures, see:
Yamaha left the consumer CD recording market in February 2003, and the technology quietly disappeared.
In March 2004, HP announced a different idea: flip the disc over, and burn a design on the label side. This requires a modified drive and special media, but offers the possibility of high-resolution labeling without ink or adhesive labels. The technology, dubbed "LightScribe", is described on http://www.lightscribe.com/.
-M
Actaully, PHP/MySQL and PHP/PostgreSQL will only process one statement, and while these attacks would be possible if you were passing it to the shell, is not possible from PHP. Each mysql_query() for example will process one query and return one record.
Now with a subselect you might be able to do something...
Always use extension addresses in qmail when publishing your e-mail. username-SD@domain.com goes to username if there's not a user by that domain. Then you can easily block that domain. Anyone with questionable policies should indeed have an extension address.
-M
My cell phone seems to work for the first minute or so of a flight... I can see it now "it says here you're going 600km/h":)
And even funnier would be when it re-appears a couple hours later in Mexico, gets service, and subtracts...
TigerDirect- a big distributor of wholesale/retail equipment in Canada and the USA (Apparently now Germany, the UK, and France now as well), also sells PCs in many configurations and custom built with FreeDOS (and the option to add Windows/Linux at a price).
The idea is that a computer should do _something_. You take receipt of a new PC and turn it on to find "No disk or disk error" or some equivalent error. Errors are always bad.
So:
- Small image can be loaded from a floppy, USB drive (with boot ability), CD-ROM, CardReader, etc. Many computers now are starting to come without floppy drives as standard. A custom system without a CD drive (maybe I want to add a DVD-writer later on instead) needs a way to load a _VERY_ small image... FreeDOS is that image, rather than a few hundred megs or more. Plus quick load times.
- System boots (seems to be working)
- Hardware list or diagnostic tool on system to allow basic checking of the configuration (what PCI boards are in there? What size hard drive?)
- Allows testing and diagnostics
- Good starting point to partition for Windows 9x installations
- Not subject to any licenses that they have to worry about (and universal in all countries)
- Can display a logo of some sort and welcome screen (mmm... 320x200)
Hopefully provides some of the reasoning based on the systems I've seen.
IBM has some quality, sturdy laptops that are virtually unbreakable. There is no better quality than an IBM laptop. Plus they have the fantastic trackpoint rather than silly touchpads.
On the other hand, getting anything very recent with them is difficult. The fastest processors and best video boards are impossible to find. On the other hand, a company like Dell comes out with new models every month or two with faster processors and newer video boards and features.... This usually means crappy buggy quality.
Generally, IBM is great for business, but can't cut it in the home/home-business markets.
-M
Upload bandwidth I beleive is more expensive, bit for bit, then the download
Back up here. You've been TOLD upload bandwidth is more expensive due to the cable and DSL providers of the world. A T1 is the same up and down, ethernet is the same up and down, T3, OC-anything- all same upstream as downstream. Dialup is the same up and down (until recently when they introduced better compression and modems on the ISP end to get 56kbps- but lets ignore that one).
Good, expensive bandwidth is always symetric. It was the genius idea of the technology and content providers to say that people download more than they upload, so provide less upload bandwidth to conserve the spectrum.
Keep in mind though, this was all decided before P2P was a big thing. This makes perfect sense in a world of downloading web pages, news groups, mail, the occasional online game, and some groupware apps. But they do need to come to the 21st century.
Or maybe the latest and greatest in spyware technology is actually stopping the passing of the referrer to your host as it promised to when the user installed it.
While most of us wouldn't install such a fine piece of software, I'm sure many users searching for e-commerce sites in Google would have some of that installed.
Lets see-
High definition component video, or DVI should eat up a TON of uncompressed bandwidth.
Add a coaxial or optical audio connection.
Add a remote receiver so that you don't have to leave the room to pause it or change channels.
So is it really worthwhile? DVD is MPEG and is compressed. By the time you get to transmit it, you need to be able to handle the uncompressed signal without quality loss.
-M
>> MySQL certification (I know it's an example, but a good case)
Your example would be fantastic, but it won't happen. MySQL can claim 'no data corruption since 1994' if that's the case, and someone will think that's a good thing and trust it. But there's no standard that says 'two years without corruption' or something. Nobody (not even M$, Oracle, etc) will make that guarentee because... well... who knows. As well, a lot of corruption issues can be caused by the system (power failures, bad memory, disc read errors, filesystem, locking methods of the OS). So you'd need to 'certify' every case. MySQL, to the best of the MySQL team's knowledge, is perfect. Otherwise, you'd have to have faith in them to withhold their release and fix such bugs. The MySQL code is reviewed regularly by the team in making changes, but who knows!
As well, each and every minor version can introduce new bugs as well. Fix one problem, break another. You can't get your software re-certified 8 times a year with your release schedule as you would something released every few years.
>> ISO 9001
ISO 9001 is based around quality, so it's a good thing to bring up. (As far as I recall), we can break it up into product quality and service quality.
a) ISO9001 says that a product should be of quality and meet the customers demands for quality. Note that this also means 'you get what you pay for', because a customer buying a $35 TV probably isn't demanding much quality. It means your product shouldn't fall apart.
b) ISO9001 says that the company should support and back its product to some minimum standards so that customers are happy. So don't sell a car without a dealer network. Don't sell food unless you have a hotline and so on.
It also aims to create some standards between organizations so that they can communicate and share resources.
But how does this fit into the OSS model? You have to PAY to be ISO9001 certified. There is support for MySQL if you pay for it (which is how it should be), or resources if you don't (which is also how it should be).
I think as governments get pickier about security and bugs (such as those wanting to audit M$'s source code and those switching to Linux for infrastructure), more audits will be done. More standards will be built and more 'stamps of approval' will be present. The good software (IMHO Apache, MySQL, PostgreSQL, etc) will prevail, and the shoddy software will fail to be adopted by such companies. That software can choose to improve or remain as it is.
-M
My favourite was that about 8-10 years ago I used to work for a company that supported various K-12 schools in my final few years of schooling. Anyway, I was taking over the phones while someone was gone and received a call from *gasp* the sysadmin of my very own school. Knowing the guy would take a joke well:
[Me] *company* K12, *insert name here* speaking
[Him] My computer is freezing at the 'starting Windows' screen
[Me] Have you done anything to the computer recently? This is one of the network workstations?
[Him] Yes- I was just surfing the web
[Me] The only time I've ever seen this happening is when the customers were looking at gay porn. Would you happen to be doing that or should I file a problem report?
[Him] Ummm... I'm going to try a few things and I'll call you back if I'm still having the problem.
[Me] All right, thank you...
I'll give you that, but for every binary decision, you're going to piss off roughly half the people.
There are security analysts who do spend time looking at the kernel, but it's a big job. As with most of these projects, they usually start becomes someone pays a security company to spend millions auditing it (ie: a government wanting to use it for sensitive data or voting machines). If only we could get every linux user to do one line of code *smirk*:)
BTW: FHS is an attempt at getting some standardization.
You mention 'designed for linux' and 'interoperability' which I think are tough ones. The big difference I find between Linux OS and Windows OS is that one company merges the GUI, kernel, drivers, shared libraries of 3rd party applications (DLLs), and (sadly) web browser into one. Linux, while having folks like RedHat producing distros, has no consistancy.
Now of course, I'm not saying anything you (or anyone on Slashdot) doesn't already know. But the key factor is that I can make my new audio board 'designed for linux 2.6', but the actual installation is different on every system. Some want a kernel compile, some store modules in one place, others will scream that the kernel is tainted when you load them. So how can one ensure that their board will work properly (and easily)?
There are a few attempts at standardizing hardware (as you mention linux hardware). The most popular thus far is DKMS: DKMS stands for Dynamic Kernel Module Support. It is designed to create a framework where kernel dependent module source can reside so that it is very easy to rebuild modules as you upgrade kernels. This will allow Linux vendors to provide driver drops without having to wait for new kernel releases while also taking out the guesswork for customers attempting to recompile modules for new kernels.
See http://linux.dell.com/dkms/ for more information.
I don't spend my time reviewing others' code unless it is, for example, a smaller tool which is of importance (a third party suexec wrapper for example, or a rare Apache module from a less than perfect source).
My point was that:
1. We can if we want to. If something is that important, you at least take a quick look at it to see if any care was taken. This may be more so in smaller projects such as a perl script.
2. If you're not hiding it from other people, you're not ashamed of your potentially sloppy and buggy code being an easy target for anyone to exploit (not that a good hacker needs the code, but you see the point). It's not a black box.
3. People can implement features as needed in the code, and here they find security issues. The constant development to different platforms for big tools means that bugs can be found faster and advancement moves quicker as a whole.
A standard of quality is subjective and really depends on what is 'acceptable' and what you consider 'quality' code. Keep in mind that I'm not saying that M$'s code is not of quality or comparing them (for what Windows does (including application compatibility dating back to Windows 3.1) it does a decent job of it).
Simply, the optimal standard is pristine code that has all the features you want, no bugs, and will work on all systems. But we're in a realistic world. Having countless developers and testers makes some of these projects what they are and acts as a second check for many changes.
I'm not reviewing most of the code on the system, but somewhere, someone is catching the security holes and bugs you hear announced on the various tracking sites... so someone's probably doing it for you...
You are mistaking a 'standard' (such as TCP/IP) with a 'quality standard'. One can make a program to follow a specific protocol, but that doesn't make it a good program at all.
We're talking about quality. How good is the finished product compared to its usage. Is a mission-critical application actually going to be stable? Does your application spend most of its time in spin locks? The quality is in the method of the implementation. A web server can answer HTTP requests without trouble, but will is do so well? Is it expandable? Is it going to advance? Is it useful? Are its libraries useful to other functions?
Quality is a 'degree of excellence'. So what makes the software you see on Linux better than 'average'. Why are we all using it? Price decreases our costs and barriers, but a degree of quality exists because there is a large user base creating quality, and demanding quality.
If you make code that is not readable or properly coded, nobody will use it, or people will say "I'm starting my own project" and fork off (as we've seen so many times in the UNIX world).
A good example of quality (IMHO) is qmail. Written well, coded securely, very functional, and very logical. And it has succeeded for those reasons (and hype). The tens of patches out there for it adding all sorts of neat features are people saying "this code makes sense. This structure makes sense". Adding features to a SMTP system doesn't involve mucking up the mail system. People like it because it screams of quality. A great deal of time, effort, and quality went into the code.
You mention a standard. We need standards in protocols- not in quality. The standard says that a SMTP conversation goes like this... but the style, programming language, where security checks are made, and so on are all up to the programmer or team of programmers. And why should we (you?) take away that freedom? If I want to make my code of low quality, don't use it, don't buy it, don't use the service I offer from it (not that I do produce poor code).
Slashdot Mirror
It exists in short-range form. You can broadcast within a few houses TV or Radio- it would be a new level of pirate radio if we could bring that further...
Whine, whine, whine.
This brings in countless other issues such as syncronizing content between multiple servers. Also to load balance these, you need *gasp* a load balancer (or the DNS method, but that means your site is still inaccessable on many requests)- which needs to be updated. So you now need two load balancers taking over IPs from each other, and two hosting boxen...
Now deal with replicating files, settings, e-mail, backup, and databases between them.
The reality is that unless you have a very large operation to start with, it's impractical to do all of this.
Uptime is important to availability, because no transition is perfect.
-M
You do realize that mods can't participate in discussion- so by posting this message, your mod points on this no longer are effective. -M
"So you just plug it in, and Windows says 'hey- I've found a new device'. You'll notice that this scanner build *blue screen* whoa. Ummm... I guess this isn't why we're not shipping Windows 98 yet."
I wonder if that bug actually made it to production...
-M
I'm not a big downloader myself, however I think that's where a lot of the downloading comes from. Your average university student is probably looking for some quick entertainment. Not only that, they want to put a value on it- and that value is less.
Of course, by still demanding it it becomes a catch-22. It just shows that people don't value it at $9USD or $13CDN the way the movie industry does. If a movie was $4-6, it becomes silly to spend an hour downloading it and finding it, because even a university student considers their time worth more than that.
I think the focus of the article was in in-theatre movies rather than 'dvd-rips' and other similar available-at-blockbuster movies. That was largely the focus of my comment.
-M
How about the real issue here. The value proposition. This is consumers saying that paying $13.95CDN (or $9USD on AMC's web site) for a movie isn't kosher. This is consumers saying that paying $20+ for a DVD isn't worth it.
Movies are repetative and much worse than they ever were. I never find myself leaving so dissatisfied so often from so many movies out there.
Stop wasting money fighting this process, realize that just because you made money at the expense of consumers in the past does not mean that you should for the rest of time, and lower prices.
By the time a family of four (2 kids, 2 parents) gets their tickets, drinks, and popcorn, you're already up at $75-$100 for an evening of entertainment... What costs that much? I can go to a hockey game for less- and that's a product put on live!
Lower prices, and people will go. All this started when the $4-$8CDN movie prices disappeared and magically became $10.50, $12.95, $13.95, etc.
I'm not saying it's right to copy music/movies/software ($800+ for Office? $250 for windows? What is Adobe software nowdays?), but I'm saying that price really is the driving factor. Getting a group of 10 friends at someone's house with cheap popcorn and a free movie means you save 150-200 collectively... That's a lot of cash that could be spent elsewhere.
-M
Some time ago (about a year), I called up WorldCom/MCI and asked them about getting an IPv6 address so that we could offer it to our customers (mostly as hype). Naturally, they said they had no IPv6 networks, nothing deployed, and have no immediate plans. Far off in the future.
So North America (mainly US) has no real interest in the cost of switching ALL of their computer systems, legacy systems, routers, and server systems to IPv6, so it really is a lot of work.
The problem isn't in the US where we sit on tons of IPs. Then again, why are there still web browsers that don't sent the HOST: header?
Also, not everyone is upgrading to WIn2k3 (for example)- where's IPv6 for those running NT4, 2000, etc? Where's IPv6 for old AIX machines?
Yes I know an article yesterday said seventy-something percent of Spam comes from the US. Nonetheless, I seem to get a ton of it from Chinanet.. Maybe if they can't access our networks...
*note: meant as funny- there really are a lot of flaws in this statement*
Apache 2 changes CORE functionality- great! But that doesn't really affect what it does, but rather how it does it. Maybe if it implemented some new HTTP 1.2 I would get it in there... but who'd notice?
Apache1 has been tried, tested, and true and has reached a lovely 1.3.33 version, of which security patches are rare and bugfixes are also rare. Similar situation with mod_ssl. So why leave your nice warm, structurally stable house in favour of the blistering cold to try something new that has a new version for bugs and security on a much more common basis? Personally, until Apache 2 gains some serious market share, I see no reason to leave. We provide hosting- and need reliability, and can't be wasting time with constant updates (though updates are better than not fixing of course) when we could otherwise stick with Apache 1.
Apache1 does one thing, and does it well. Period. Sure there are crazy new features of Apache2, and I've tried them else. Personally, I see nothing compelling to move at this point. There are a few small 'that would be nice' features, but really nothing exciting in the way of Linux2.6, WindowsXP, etc. Even 2.6 is having slow adoption. You can only find it on workstations, because no supportive provider is about to live on the bleeding edge and leave their customers bleeding. Apache on the other hand doesn't have a place on the workstation (unless it doubles as a causal server), so in the same way, you're trying to get those folks who prefer stable releases (like Debian stable) over bleeding edge.
So why switch?
"Bad press leads to lots of misinformed morons saying stupid things about how Apache 2 is not ready for prime time." -- I guess I'm one of those morons. Personally I'm not about to replace one of the core pieces of software between us and our customers with something that hasn't proven itself to me. We've set it up in testing environments, and found that it performed similarly and didn't offer anything new we need.
How about the Apache Software Foundation who now develops the product? ApacheCon happened about a month ago and I'm sure was swarming with all the folks who work on these Apache projects.
While I realize what they are saying (They'll actually have to take an hour, search google, and get directions with _might_ work as expected, rather than clicking NEXT>NEXT>NEXT>FINISH>), I still disagree with it.
Most of the other products are commercial and would cost money. If they paid for them (doubtful), of course there's an 800 number. If they got them free, I'm sure there is a big flag labeled PRIORITY next to their serial number.
So with Apache, there's no 800 number or authoritative contact. Ask any Guru and they'll tell you all about
Bug a developer and you'll probably get great features like Razor and RBL activity in there.
All I'm saying is this happens all too often. Because there isn't a support@[opensourceproduct], reviewers look no further.
I would have been more impressed if they didn't mention it at all, as at least then they'd be ignorant rather than lazy/unresourceful
Here it states that HP made this technology- and this article was posted in March! http://www.cdrfaq.org/faq02.html#S2-42
n dex.html0 622/etc_disctat2.html
Subject: [2-42] Can I draw pictures on a disc with the recording laser?
(2004/03/09)
If you've ever looked at a recorded CD-R, you've probably noticed that the recorded and unrecorded areas have a different appearance. This is usually visible as a slight change in color. By controlling the write laser it's possible to mark the disc in a way that is meaningful to the human eye rather than to a CD player. Unfortunately, the level of control required to do this isn't achievable without firmware support.
In mid-2002, Yamaha announced "DiscT@2" (disc tattoo). This allows moderate-resolution (approx. 250dpi) graphics to be drawn in the parts of the disc that weren't recorded. Yamaha claims to get 256 shades of color (green, blue, or whatever color the disc happens to be), though it works best on dark blue azo discs. For more details and some pictures, see:
*
http://www.tomshardware.com/storage/02q3/020927/i
*
http://www.watch.impress.co.jp/akiba/hotline/2002
Yamaha left the consumer CD recording market in February 2003, and the technology quietly disappeared.
In March 2004, HP announced a different idea: flip the disc over, and burn a design on the label side. This requires a modified drive and special media, but offers the possibility of high-resolution labeling without ink or adhesive labels. The technology, dubbed "LightScribe", is described on http://www.lightscribe.com/.
-M
Actaully, PHP/MySQL and PHP/PostgreSQL will only process one statement, and while these attacks would be possible if you were passing it to the shell, is not possible from PHP. Each mysql_query() for example will process one query and return one record. Now with a subselect you might be able to do something...
Always use extension addresses in qmail when publishing your e-mail. username-SD@domain.com goes to username if there's not a user by that domain. Then you can easily block that domain. Anyone with questionable policies should indeed have an extension address. -M
My cell phone seems to work for the first minute or so of a flight... I can see it now "it says here you're going 600km/h" :)
And even funnier would be when it re-appears a couple hours later in Mexico, gets service, and subtracts...
-M
TigerDirect- a big distributor of wholesale/retail equipment in Canada and the USA (Apparently now Germany, the UK, and France now as well), also sells PCs in many configurations and custom built with FreeDOS (and the option to add Windows/Linux at a price).
The idea is that a computer should do _something_. You take receipt of a new PC and turn it on to find "No disk or disk error" or some equivalent error. Errors are always bad.
So:
- Small image can be loaded from a floppy, USB drive (with boot ability), CD-ROM, CardReader, etc. Many computers now are starting to come without floppy drives as standard. A custom system without a CD drive (maybe I want to add a DVD-writer later on instead) needs a way to load a _VERY_ small image... FreeDOS is that image, rather than a few hundred megs or more. Plus quick load times.
- System boots (seems to be working)
- Hardware list or diagnostic tool on system to allow basic checking of the configuration (what PCI boards are in there? What size hard drive?)
- Allows testing and diagnostics
- Good starting point to partition for Windows 9x installations
- Not subject to any licenses that they have to worry about (and universal in all countries)
- Can display a logo of some sort and welcome screen (mmm... 320x200)
Hopefully provides some of the reasoning based on the systems I've seen.
-M
IBM has some quality, sturdy laptops that are virtually unbreakable. There is no better quality than an IBM laptop. Plus they have the fantastic trackpoint rather than silly touchpads. On the other hand, getting anything very recent with them is difficult. The fastest processors and best video boards are impossible to find. On the other hand, a company like Dell comes out with new models every month or two with faster processors and newer video boards and features.... This usually means crappy buggy quality. Generally, IBM is great for business, but can't cut it in the home/home-business markets. -M
Back up here. You've been TOLD upload bandwidth is more expensive due to the cable and DSL providers of the world. A T1 is the same up and down, ethernet is the same up and down, T3, OC-anything- all same upstream as downstream. Dialup is the same up and down (until recently when they introduced better compression and modems on the ISP end to get 56kbps- but lets ignore that one).
Good, expensive bandwidth is always symetric. It was the genius idea of the technology and content providers to say that people download more than they upload, so provide less upload bandwidth to conserve the spectrum.
Keep in mind though, this was all decided before P2P was a big thing. This makes perfect sense in a world of downloading web pages, news groups, mail, the occasional online game, and some groupware apps. But they do need to come to the 21st century.
-M
Or maybe the latest and greatest in spyware technology is actually stopping the passing of the referrer to your host as it promised to when the user installed it. While most of us wouldn't install such a fine piece of software, I'm sure many users searching for e-commerce sites in Google would have some of that installed.
Lets see- High definition component video, or DVI should eat up a TON of uncompressed bandwidth. Add a coaxial or optical audio connection. Add a remote receiver so that you don't have to leave the room to pause it or change channels. So is it really worthwhile? DVD is MPEG and is compressed. By the time you get to transmit it, you need to be able to handle the uncompressed signal without quality loss. -M
>> MySQL certification (I know it's an example, but a good case) Your example would be fantastic, but it won't happen. MySQL can claim 'no data corruption since 1994' if that's the case, and someone will think that's a good thing and trust it. But there's no standard that says 'two years without corruption' or something. Nobody (not even M$, Oracle, etc) will make that guarentee because... well... who knows. As well, a lot of corruption issues can be caused by the system (power failures, bad memory, disc read errors, filesystem, locking methods of the OS). So you'd need to 'certify' every case. MySQL, to the best of the MySQL team's knowledge, is perfect. Otherwise, you'd have to have faith in them to withhold their release and fix such bugs. The MySQL code is reviewed regularly by the team in making changes, but who knows! As well, each and every minor version can introduce new bugs as well. Fix one problem, break another. You can't get your software re-certified 8 times a year with your release schedule as you would something released every few years. >> ISO 9001 ISO 9001 is based around quality, so it's a good thing to bring up. (As far as I recall), we can break it up into product quality and service quality. a) ISO9001 says that a product should be of quality and meet the customers demands for quality. Note that this also means 'you get what you pay for', because a customer buying a $35 TV probably isn't demanding much quality. It means your product shouldn't fall apart. b) ISO9001 says that the company should support and back its product to some minimum standards so that customers are happy. So don't sell a car without a dealer network. Don't sell food unless you have a hotline and so on. It also aims to create some standards between organizations so that they can communicate and share resources. But how does this fit into the OSS model? You have to PAY to be ISO9001 certified. There is support for MySQL if you pay for it (which is how it should be), or resources if you don't (which is also how it should be). I think as governments get pickier about security and bugs (such as those wanting to audit M$'s source code and those switching to Linux for infrastructure), more audits will be done. More standards will be built and more 'stamps of approval' will be present. The good software (IMHO Apache, MySQL, PostgreSQL, etc) will prevail, and the shoddy software will fail to be adopted by such companies. That software can choose to improve or remain as it is. -M
My favourite was that about 8-10 years ago I used to work for a company that supported various K-12 schools in my final few years of schooling. Anyway, I was taking over the phones while someone was gone and received a call from *gasp* the sysadmin of my very own school. Knowing the guy would take a joke well:
[Me] *company* K12, *insert name here* speaking
[Him] My computer is freezing at the 'starting Windows' screen
[Me] Have you done anything to the computer recently? This is one of the network workstations?
[Him] Yes- I was just surfing the web
[Me] The only time I've ever seen this happening is when the customers were looking at gay porn. Would you happen to be doing that or should I file a problem report?
[Him] Ummm... I'm going to try a few things and I'll call you back if I'm still having the problem.
[Me] All right, thank you...
Hehe- Too classic.
I'll give you that, but for every binary decision, you're going to piss off roughly half the people.
:)
There are security analysts who do spend time looking at the kernel, but it's a big job. As with most of these projects, they usually start becomes someone pays a security company to spend millions auditing it (ie: a government wanting to use it for sensitive data or voting machines). If only we could get every linux user to do one line of code *smirk*
BTW: FHS is an attempt at getting some standardization.
You mention 'designed for linux' and 'interoperability' which I think are tough ones. The big difference I find between Linux OS and Windows OS is that one company merges the GUI, kernel, drivers, shared libraries of 3rd party applications (DLLs), and (sadly) web browser into one. Linux, while having folks like RedHat producing distros, has no consistancy.
Now of course, I'm not saying anything you (or anyone on Slashdot) doesn't already know. But the key factor is that I can make my new audio board 'designed for linux 2.6', but the actual installation is different on every system. Some want a kernel compile, some store modules in one place, others will scream that the kernel is tainted when you load them. So how can one ensure that their board will work properly (and easily)?
There are a few attempts at standardizing hardware (as you mention linux hardware). The most popular thus far is DKMS: DKMS stands for Dynamic Kernel Module Support. It is designed to create a framework where kernel dependent module source can reside so that it is very easy to rebuild modules as you upgrade kernels. This will allow Linux vendors to provide driver drops without having to wait for new kernel releases while also taking out the guesswork for customers attempting to recompile modules for new kernels.
See http://linux.dell.com/dkms/ for more information.
Of course.
I don't spend my time reviewing others' code unless it is, for example, a smaller tool which is of importance (a third party suexec wrapper for example, or a rare Apache module from a less than perfect source).
My point was that:
1. We can if we want to. If something is that important, you at least take a quick look at it to see if any care was taken. This may be more so in smaller projects such as a perl script.
2. If you're not hiding it from other people, you're not ashamed of your potentially sloppy and buggy code being an easy target for anyone to exploit (not that a good hacker needs the code, but you see the point). It's not a black box.
3. People can implement features as needed in the code, and here they find security issues. The constant development to different platforms for big tools means that bugs can be found faster and advancement moves quicker as a whole.
A standard of quality is subjective and really depends on what is 'acceptable' and what you consider 'quality' code. Keep in mind that I'm not saying that M$'s code is not of quality or comparing them (for what Windows does (including application compatibility dating back to Windows 3.1) it does a decent job of it).
Simply, the optimal standard is pristine code that has all the features you want, no bugs, and will work on all systems. But we're in a realistic world. Having countless developers and testers makes some of these projects what they are and acts as a second check for many changes.
I'm not reviewing most of the code on the system, but somewhere, someone is catching the security holes and bugs you hear announced on the various tracking sites... so someone's probably doing it for you...
-M
You are mistaking a 'standard' (such as TCP/IP) with a 'quality standard'. One can make a program to follow a specific protocol, but that doesn't make it a good program at all.
We're talking about quality. How good is the finished product compared to its usage. Is a mission-critical application actually going to be stable? Does your application spend most of its time in spin locks? The quality is in the method of the implementation. A web server can answer HTTP requests without trouble, but will is do so well? Is it expandable? Is it going to advance? Is it useful? Are its libraries useful to other functions?
Quality is a 'degree of excellence'. So what makes the software you see on Linux better than 'average'. Why are we all using it? Price decreases our costs and barriers, but a degree of quality exists because there is a large user base creating quality, and demanding quality.
If you make code that is not readable or properly coded, nobody will use it, or people will say "I'm starting my own project" and fork off (as we've seen so many times in the UNIX world).
A good example of quality (IMHO) is qmail. Written well, coded securely, very functional, and very logical. And it has succeeded for those reasons (and hype). The tens of patches out there for it adding all sorts of neat features are people saying "this code makes sense. This structure makes sense". Adding features to a SMTP system doesn't involve mucking up the mail system. People like it because it screams of quality. A great deal of time, effort, and quality went into the code.
You mention a standard. We need standards in protocols- not in quality. The standard says that a SMTP conversation goes like this... but the style, programming language, where security checks are made, and so on are all up to the programmer or team of programmers. And why should we (you?) take away that freedom? If I want to make my code of low quality, don't use it, don't buy it, don't use the service I offer from it (not that I do produce poor code).
-M