Actually, you'd be hard pressed to find a file system not supporting ACLs in Suse Linux (reiserfs, ext3, xfs and jfs all do in Suse's kernel). Same for Solaris (ACLs supported on ufs since at least Solaris 7). Same for AIX (ACLs supported on jfs since at least AIX 3.2.x). And I bet even trusty HP/UX supports ACLs out of the box.
The funny thing is that they all implement the same POSIX 1003.1e draft, which never made it into a standard.
Also, your average 2003 Unix will run a service s under a special userid s, thus isolating subsystems and preventing privilege escalation.
Additionally,I know that Linux and Solaris both have an support capabilities (Linux since 2.2, usable since 2.4, and Solaris since Solaris 8 or 9), limiting what a privileged process may do. Solaris 9 also adds role based access control, which is not yet available by default in the Linux kernel.
There is no "No" in the workplace. But there is a lot of other things.
For example, there is the current list of your tasks, with a timeline and priorities. If your management comes with new projects, have them look at that schedule and ask them to reorder priorities and timelines, if necessary. That will give them an idea of what the new project will cost them in terms of delay of other projects, messed dependencies and other consequences.
For example, there is the simple question of money. If an external customer comes to you with a new project or a new idea that will mess up the current project, show them the consequences of their doing, and attach a price to this. "Your new idea will fit into the current project here, here and here. It will use up to x mandays of work, costing $$$ each, and will delay the first shipment of the deliverables by y days. Also, the new things will need adjustments to the project documentation, the handbooks, the testing procedures, costing another $$$. That comes down to a total of $$$$$$ for you at this point in time. Another alternative would be a separate project adding your features to the finished product. That might be slightly cheaper because of... and will not stall us with the current project."
The basic idea behind all these techniques is to make the internal structure of your projects and your schedule as transparent as necessary for the person asking you. It enables them to understand that their idea may be good (it probably even is), but that it is not suitable at this point in time. It also makes transparent for them the ressources they allocate and probably waste, if they insist on it now.
Which is much more effective as a plain "no" anyway.
If you want to discuss the success probability of a worm, there are three aspects here which need coverage: First is the actual quality of the implementation of the operating system. Second is the concepts behind that implementation. Third is the density of the system population.
The quality of the implementation in Linux is highly variable, depending on what part of the system you are looking. There are parts of Linux that are of an extremely high implementation quality such as the kernel, the Apache web server or other active and well researched projects. There are other parts of only medium quality such as for example the popular PHP language.
And there is a lot of stuff that is of actually pretty low quality, badly researched and incredibly crappily written from a security point of view. Common PHP applications such as PHP Nuke, TikiWiki or other "CMS" style applications belong into that category. Getting web server privileges through one of these using a pathname exploit, badly written uploads or other commonly known classes of security problems is usually a piece of cake. From that you need to find a local root exploit to own the machine. That's a little harder to do than a simple web exploit, but also nowhere near impossible.
Also, current PHP coding techniques do little to minimize the amount of such code being written and to encourage clean coding. Brings us directly to the concepts section: There is no equivalent of ASP.NET type infrastructure and tools in the PHP world. Window may have bugs, but in this particular instance they may be in an area where PHP for example has not even code to show...
When you are discussing security concepts, Windows often is on par or even surpasses common Linux systems. Windows failure is too often in the area of implementation, or it fails to leverage and deploy the concepts it implements. That's why Windows passes US and European securty evaluations, but does not feel "more secure" in day to day use. For example, Windows had Access Control Lists as part of NTFS since the very first 3.0 days.
Only with the advent of Windows 2000 Microsoft started shipping Windows with halfway decent defaults, though. Also, getting to see and check the ACLs of a directory hierarchy with onboard tools is laughably complicated to what Unix presents (namely, a moderately complex security system with ugo/rwx and ACLs tacked on for that special cases, and "ls -l" to mass check an entire directory with a single command).
Windows also has superior concepts regarding impersonation (instead of SUID), RAID as part of the default operating system way before the actual Unices had it, a PKI and a directory service as part of the default operating system shipment (and code that actually uses that, by default, unlike Unix, where you have to jump though hoops to get your mail server, samba server, your different logins and your client applications to use such a service if you had one by default) and serveral other things that look nice in the book.
Unfortunately, all of this is of little use against worm style attacks. Here the conceptually bad parts of Windows reign: Treating data as code and in some cases even automatically execute data that has been recognized as code (HTML mail with Javascript, Office macros, HTML with Javascript that is being executed when entering directories) is the major attack vector. Also, badly designed and protected desktop IPC, allowing for the shatter attack and other legacy sins make the Windows desktop a primary target for worms and viruses. None of the above security mechanisms help protecting against this style of attacks, which is why Windows looks good on paper, but not on your desktop.
Also, unfortunately, the Windows population in your average company is dense enough and homogenous enough to allow for wildfire type effects when the attack is spreading over the network.
Linux has similar vulnerabilities as Windows has, but we do not see them at the moment, because even if there were a worm that could uti
CBM did not want the 1540 and 1541 to be fast. These drives were consumer models, and sold vastly cheaper than their 4040 and 8080 drives, which had a parallel IEEE bus. CBM wanted you to buy their IEEE user port adapter and then pay for the 4040 and 8080 drives in order to get a "professional" floppy.
You don't want X to be network transparent, because it is highly inefficient. X is transmitting at the level of "draw this line", "draw this rect", which is simply the wrong thing to do.
Instead you want a display server that has the capability to execute local programlets, perhaps written in Postscript (as Nextstep did), or in Java or Parrot Bytecode. Then you want to transmit over the network calls to the procedures stored in your display server. That would be calls at the level of "display dialogue box with the content of..., and tell me if the user hit yes or no."
No, this is not to slow - Nextstep did it with Display Postscript on a 25 MHz 68040 processor.
Yes, it is much faster on the line.
X relates to such a systems as fax relates to email.
The German government has paid for a number of applications that have been implemented as GPLed software products. In particular, there have been several high profile projects such as Sphinx (gpg and kmail integration) and kroupware (now transforming into kolab and kontact).
But there is a lot of OSS activity at lower levels, for example the Java Anon Proxy (JAP) project as a joint venture between Dresden University and the privacy commissioner of Land Schleswig-Holstein, several School Linux Projects, a large scale Linux deployment for schools around the city of Moers (serving 250.000 users), and many more projects at a similar level.
In studies on Open Source Development, many European countries come out "on top", that is the number of developers from European countries is higher than it should be according to their proportional headcount. Such Government subsidized OSS projects and deployments are a strong factor, creating a climate where OSS can flourish and produce many good projects and products.
Never check for an error condition you don't know how to handle.
I mean, what use is this? If you do not have the source, you may use this tool to check for potential security vulnerabilities. The result will leave you with a binary which you cannot change because you don't have the source, and with a list of potential vulnerabilities, which you can't validate without a great deal more of work which you would need to create working exploits. Failure to produce an exploit does not prove that there is no vulnerability, though.
And if you happen to have the source, what use is this tool? There are better tools to find this class of errors on source level.
If anything contains that many tags, that many entities, that many accented characters, then it surely is spam. There is no need at all to decode it. You just drop it. Quickly.
Kristian
Re:Problems with newer versions
on
PHP 5 Beta 1
·
· Score: 1
The PHP people need to provide ways that people can upgrade the versions of PHP on their system such that they can be reasonably sure that existing users aren't suddenly going to find their sites don't work.
Actually, there is only one big break in the PHP line, and that is the change with register_globals. You are right that this change should have happened during the 3.x to 4.0 transition, but the powers that be were to frightened to do it then, because it would have broken quite a lot of existing code.
The same powers that be were then forced to do this change, and during a "dot x" version number change because of the large number of security issues that many popular PHP scripts generated. These scripts often contained code along the lines of
if (something security relevant)
$flag = true;
if ($flag)
do_the_scary_stuff();
and with PHP importing request parameters as globals automatically, it is very obvious why this is security relevant. The register_globals fix and the introduction of the $_GET and friends superglobals fixed that, but admittedly at an awkward time.
The big hope is that PHP 5 will be an incentive for providers and hosters to upgrade their installations, and it will reunite the different streams of PHP development again.
Anyway, if you are doing something important with PHP, you'll hopefull be on a rootserver yourself, and completly control your deployment environment yourself (Rootserver in germany -> less than EUR50 per month).
Kristian
Re:Kiss and say goodbye to Java language!!
on
PHP 5 Beta 1
·
· Score: 1
We ended up running cron jobs that would reboot the farm, round-robin, just to solve memory issues and instability.
PHP is often slammed for not keeping state across requests, but saving serialized state to disk and reloading it on the next page. While this seems awkward in an ideal world, it is often the right thing to do in the real world.
PHP does incorporate very many (often more than two dozen) client libraries written in C by third parties. These come in very different levels of maturity and many of then are not only unsafe to use in a threaded environment, but also have memory leaks or other spurious problems. The default execution modes of PHP (throw away all memory at the end of the request) and Apache (execute each PHP interpreter single threaded in a separate process, but reuse the process) is very suited to run such libraries in a stable manner even if the code being executed is slightly defective.
The end result is often that PHP application run seemingly stable and use very little memory, whereas a comparable Java application leaks memory over time or has stability problems (one thread dies, killing the entire process with it).
Kristian
Re:Kiss and say goodbye to Java language!!
on
PHP 5 Beta 1
·
· Score: 1
PHP is usually run as a apache mod or sometimes, as a cgi. Because of this, it cannot store session state or cache inside of its process (since the process is either apache httpd, or the cgi, which terminates at the end of a page run).
This is also, why PHP can easily be hosted and maintained in a shared environment and Java usually can't. You'll find a lot of commercial web hosters offering you a directory and a shared PHP interpreter for very little money, because running PHP does not incur the overhead of an application server instance per application.
On the other hand, if you had a large PHP application that used a lot of state, needed a connection pool and needed to keep compiled code in memory, you'd probably install SRM, the script running machine. SRM is basically a persistent VM that runs precompiled PHP programs called Bananas in a way very similar to what Java does with Beans.
....how long before we start seeing cd burning terminals at music stores where you can either buy full licensed albums, or pick and choose tracks ala cart?
Until last week. The first such terminal was enabled last week in the city of Lübeck, Germany, which is incidentally pretty close to where I live.
In Germany: Yes. Such a thing exists and is common.
That is, if you print something about a person, and the person you write about thinks that there are factual errors, that person can request a Gegendarstellung ("reply") in order to present their version of the facts and you are required to print it. You are also entitled to print your comment on this Gegendarstellung with it.
For example, in the very well respected german magazine "Der Spiegel" (The Mirror) you will often find articles of some kind of investigative journalism. Sometimes the people being reported on request a Gegendarstellung, often saying that "I was never involved in..., and in fact have never seen... before. It is not true that...".
In many cases you will find a comment by Der Spiegel below, where they present again their version of the facts ("Der Spiegel still stands by its story. We have evidence showing... together with... and we have papers that actually incriminate... which we believe are genuine").
For newspapers, for radio and televisision programmes as well. If you report on a person or company, that person or company has the right to insist on their POV being published in an appropriate form. This works fairly well, and has a very low to non-noticeable actual impact on the content or cost of newspapers or programmes.
And I think it is a good idea to apply this to non-printed media as well. If you read the text carefully, you'll see that linking is okay. This more or less automatically solves the authentication problem, keeps editing for space out of the way and does generally the right thing network-wise.
This is not bad at all. In fact, it forces a lot of people into a fair discussion with argument and counterargument, whereas there were only soapboxes and shouting before.
I am a maintainer of the FAQ for the de.comp.lang.php.* cluster of newsgroups and we see quite a lot of beginners coming over. Many of these people have already been creating HTML pages and now want dynamism in their pages, by adding counters and guestbooks. Or they have a site based on some PHP nuke variant or the other, and now want to understand the code and customize it. Often these people do not even know the most basic programming concepts, such as variables, scope, conditionals, loops and the like.
Using PHP, beginners get going from hour 0, and they have instant gratification because very little code can have rather well visible effects on web pages. Also, PHP has a very gentle learning curve, but goes a long way: Starting with simple echo statements and a few conditionals, PHP reaches up into the realm of low-end application servers (with SRM), touches on issues of concurrency which are often seen in web server environments, handles databases very well, introducing beginners to the concepts of relational databases, and starting with version 5 even has a decent object concept.
PHP is in no way pure or structured, but this is not really necessary. PHP is not an academic project or tries to make a point. It gets the job done, it gets the idea across, and it does it gently and conveniently.
Also, it is ubiquitous in hosting environments. At least in Germany, you'd be hard pressed to find web space that does NOT offer some version of PHP, again making it a very common beginners language.
How about making the cell phone have better reception so call-drops are less frequent, instead of being able to download mp3s to play them on the cellphone speakers.
I have had a cellphone now since 1996 or so, starting with a Siemens S4 and I am currently the Siemens ME45 and I can count the number of calls that have terminated due to bad reception or network failures on a single hand. I really do not understand how you can view cellphone connection stability as an issue?
Also, Bavaria is the home county of SuSE, the makers of SuSE linux.
Can you imagine what would happen if some politician in bavaria would drive up to the parliament while NOT sitting in a BMW? Similar situation here with the software, I presume.
SCO Openforum is a conference and trade show held by SCO in Las Vegas from August 17 - 19, 2003. The Agenda includes a lot of uninteresting stuff, and lots of opportunities to talk to the C?Os and managers of SCO and tell them what you think of them. Are you a SCO partner and want to be associated with SCO? Come to the partner pavillion or even become a sponsor and showcase you association with one of the boldest defenders of IP rights in the US.:-)
SCO realized that IBM wasn't biting, and panicked. This is SCO's flailing around for anything and everything to halt its inevitable destruction.
This is not a panic.
IBM was until now not interested into buying SCO, nor was anyone else big enough in the Linux business.
What SCO is doing now is producing much FUD against the Linux brand. They want to make themselves interesting for any buyers from the Linux camp, i.e. buying SCO should be less expensive than the damage SCO might be doing to the name of Linux. Also, buying SCO might be a faster way to end the FUD against the name of Linux then actually going through all the motions of due process.
Want to find more music that matches your taste? Install Audioscrobbler and start listening. Audioscrobbler will find people listening to similar bands and will tell you what else they like.
No, not any more. Or if so, not without checking for a CDDA label.
Over here in Germany, almost everthing on CD-like media is not CDDA any more. It does not play in what I have as playing devices and I am simply tired of unpacking, trying, failing and then arguing with the shop upon return.
I used to spend 1200 or so per year on new records, and getting new music always has been great fun. But for the past 15 months, it has been zero CDs for me. I just don't feel like it any more.
Yes, it is. I have been lecturing using OpenOffice Impress last year and this year, using Suse Linux 8.1 and OpenOffice 1.0.x on a Dell Inspiron 8100, and it just works fine, thank you.
The difference between me and that student you describe is that I do not try to bring my presentations to another format, but I am using sxi, sxw and sxc natively. OpenOffice is free after all, so if students want to use the slides they might as well install a copy. For those who don't want to, I do PDF exports.
Slashdot Mirror
Sorry, but your link 404's.
Some people claim that KDE stands for Kalle Dalheimer Experience.
Actually, you'd be hard pressed to find a file system not supporting ACLs in Suse Linux (reiserfs, ext3, xfs and jfs all do in Suse's kernel). Same for Solaris (ACLs supported on ufs since at least Solaris 7). Same for AIX (ACLs supported on jfs since at least AIX 3.2.x). And I bet even trusty HP/UX supports ACLs out of the box.
The funny thing is that they all implement the same POSIX 1003.1e draft, which never made it into a standard.
Also, your average 2003 Unix will run a service s under a special userid s, thus isolating subsystems and preventing privilege escalation.
Additionally,I know that Linux and Solaris both have an support capabilities (Linux since 2.2, usable since 2.4, and Solaris since Solaris 8 or 9), limiting what a privileged process may do. Solaris 9 also adds role based access control, which is not yet available by default in the Linux kernel.
Kristian
There is no "No" in the workplace. But there is a lot of other things.
... and will not stall us with the current project."
For example, there is the current list of your tasks, with a timeline and priorities. If your management comes with new projects, have them look at that schedule and ask them to reorder priorities and timelines, if necessary. That will give them an idea of what the new project will cost them in terms of delay of other projects, messed dependencies and other consequences.
For example, there is the simple question of money. If an external customer comes to you with a new project or a new idea that will mess up the current project, show them the consequences of their doing, and attach a price to this. "Your new idea will fit into the current project here, here and here. It will use up to x mandays of work, costing $$$ each, and will delay the first shipment of the deliverables by y days. Also, the new things will need adjustments to the project documentation, the handbooks, the testing procedures, costing another $$$. That comes down to a total of $$$$$$ for you at this point in time. Another alternative would be a separate project adding your features to the finished product. That might be slightly cheaper because of
The basic idea behind all these techniques is to make the internal structure of your projects and your schedule as transparent as necessary for the person asking you. It enables them to understand that their idea may be good (it probably even is), but that it is not suitable at this point in time. It also makes transparent for them the ressources they allocate and probably waste, if they insist on it now.
Which is much more effective as a plain "no" anyway.
Kristian
If you want to discuss the success probability of a worm, there are three aspects here which need coverage: First is the actual quality of the implementation of the operating system. Second is the concepts behind that implementation. Third is the density of the system population.
The quality of the implementation in Linux is highly variable, depending on what part of the system you are looking. There are parts of Linux that are of an extremely high implementation quality such as the kernel, the Apache web server or other active and well researched projects. There are other parts of only medium quality such as for example the popular PHP language.
And there is a lot of stuff that is of actually pretty low quality, badly researched and incredibly crappily written from a security point of view. Common PHP applications such as PHP Nuke, TikiWiki or other "CMS" style applications belong into that category. Getting web server privileges through one of these using a pathname exploit, badly written uploads or other commonly known classes of security problems is usually a piece of cake. From that you need to find a local root exploit to own the machine. That's a little harder to do than a simple web exploit, but also nowhere near impossible.
Also, current PHP coding techniques do little to minimize the amount of such code being written and to encourage clean coding. Brings us directly to the concepts section: There is no equivalent of ASP.NET type infrastructure and tools in the PHP world. Window may have bugs, but in this particular instance they may be in an area where PHP for example has not even code to show...
When you are discussing security concepts, Windows often is on par or even surpasses common Linux systems. Windows failure is too often in the area of implementation, or it fails to leverage and deploy the concepts it implements. That's why Windows passes US and European securty evaluations, but does not feel "more secure" in day to day use. For example, Windows had Access Control Lists as part of NTFS since the very first 3.0 days.
Only with the advent of Windows 2000 Microsoft started shipping Windows with halfway decent defaults, though. Also, getting to see and check the ACLs of a directory hierarchy with onboard tools is laughably complicated to what Unix presents (namely, a moderately complex security system with ugo/rwx and ACLs tacked on for that special cases, and "ls -l" to mass check an entire directory with a single command).
Windows also has superior concepts regarding impersonation (instead of SUID), RAID as part of the default operating system way before the actual Unices had it, a PKI and a directory service as part of the default operating system shipment (and code that actually uses that, by default, unlike Unix, where you have to jump though hoops to get your mail server, samba server, your different logins and your client applications to use such a service if you had one by default) and serveral other things that look nice in the book.
Unfortunately, all of this is of little use against worm style attacks. Here the conceptually bad parts of Windows reign: Treating data as code and in some cases even automatically execute data that has been recognized as code (HTML mail with Javascript, Office macros, HTML with Javascript that is being executed when entering directories) is the major attack vector. Also, badly designed and protected desktop IPC, allowing for the shatter attack and other legacy sins make the Windows desktop a primary target for worms and viruses. None of the above security mechanisms help protecting against this style of attacks, which is why Windows looks good on paper, but not on your desktop.
Also, unfortunately, the Windows population in your average company is dense enough and homogenous enough to allow for wildfire type effects when the attack is spreading over the network.
Linux has similar vulnerabilities as Windows has, but we do not see them at the moment, because even if there were a worm that could uti
CBM did not want the 1540 and 1541 to be fast. These drives were consumer models, and sold vastly cheaper than their 4040 and 8080 drives, which had a parallel IEEE bus. CBM wanted you to buy their IEEE user port adapter and then pay for the 4040 and 8080 drives in order to get a "professional" floppy.
The 1540 and 1541 were crippled on purpose.
Kristian
You don't want X to be network transparent, because it is highly inefficient. X is transmitting at the level of "draw this line", "draw this rect", which is simply the wrong thing to do.
..., and tell me if the user hit yes or no."
Instead you want a display server that has the capability to execute local programlets, perhaps written in Postscript (as Nextstep did), or in Java or Parrot Bytecode. Then you want to transmit over the network calls to the procedures stored in your display server. That would be calls at the level of "display dialogue box with the content of
No, this is not to slow - Nextstep did it with Display Postscript on a 25 MHz 68040 processor.
Yes, it is much faster on the line.
X relates to such a systems as fax relates to email.
Kristian
http://www.mackido.com/History/AppleTimeline.html
1993 saw the introduction of Nextstep 3.0 and NeXT taking up support for the 486 version of Nextstep.
Not many improvements in programming or multimedia have been made since then. Just how visionary can a system design be?
Kristian
The German government has paid for a number of applications that have been implemented as GPLed software products. In particular, there have been several high profile projects such as Sphinx (gpg and kmail integration) and kroupware (now transforming into kolab and kontact).
But there is a lot of OSS activity at lower levels, for example the Java Anon Proxy (JAP) project as a joint venture between Dresden University and the privacy commissioner of Land Schleswig-Holstein, several School Linux Projects, a large scale Linux deployment for schools around the city of Moers (serving 250.000 users), and many more projects at a similar level.
In studies on Open Source Development, many European countries come out "on top", that is the number of developers from European countries is higher than it should be according to their proportional headcount. Such Government subsidized OSS projects and deployments are a strong factor, creating a climate where OSS can flourish and produce many good projects and products.
The Golden Rule Of Programming:
Never check for an error condition you don't know how to handle.
I mean, what use is this? If you do not have the source, you may use this tool to check for potential security vulnerabilities. The result will leave you with a binary which you cannot change because you don't have the source, and with a list of potential vulnerabilities, which you can't validate without a great deal more of work which you would need to create working exploits. Failure to produce an exploit does not prove that there is no vulnerability, though.
And if you happen to have the source, what use is this tool? There are better tools to find this class of errors on source level.
Kristian
Why?
If anything contains that many tags, that many entities, that many accented characters, then it surely is spam. There is no need at all to decode it. You just drop it. Quickly.
Kristian
The PHP people need to provide ways that people can upgrade the versions of PHP on their system such that they can be reasonably sure that existing users aren't suddenly going to find their sites don't work.
Actually, there is only one big break in the PHP line, and that is the change with register_globals. You are right that this change should have happened during the 3.x to 4.0 transition, but the powers that be were to frightened to do it then, because it would have broken quite a lot of existing code.
The same powers that be were then forced to do this change, and during a "dot x" version number change because of the large number of security issues that many popular PHP scripts generated. These scripts often contained code along the lines of
if (something security relevant)
$flag = true;
if ($flag)
do_the_scary_stuff();
and with PHP importing request parameters as globals automatically, it is very obvious why this is security relevant. The register_globals fix and the introduction of the $_GET and friends superglobals fixed that, but admittedly at an awkward time.
The big hope is that PHP 5 will be an incentive for providers and hosters to upgrade their installations, and it will reunite the different streams of PHP development again.
Anyway, if you are doing something important with PHP, you'll hopefull be on a rootserver yourself, and completly control your deployment environment yourself (Rootserver in germany -> less than EUR50 per month).
Kristian
We ended up running cron jobs that would reboot the farm, round-robin, just to solve memory issues and instability.
PHP is often slammed for not keeping state across requests, but saving serialized state to disk and reloading it on the next page. While this seems awkward in an ideal world, it is often the right thing to do in the real world.
PHP does incorporate very many (often more than two dozen) client libraries written in C by third parties. These come in very different levels of maturity and many of then are not only unsafe to use in a threaded environment, but also have memory leaks or other spurious problems. The default execution modes of PHP (throw away all memory at the end of the request) and Apache (execute each PHP interpreter single threaded in a separate process, but reuse the process) is very suited to run such libraries in a stable manner even if the code being executed is slightly defective.
The end result is often that PHP application run seemingly stable and use very little memory, whereas a comparable Java application leaks memory over time or has stability problems (one thread dies, killing the entire process with it).
Kristian
PHP is usually run as a apache mod or sometimes, as a cgi. Because of this, it cannot store session state or cache inside of its process (since the process is either apache httpd, or the cgi, which terminates at the end of a page run).
This is also, why PHP can easily be hosted and maintained in a shared environment and Java usually can't. You'll find a lot of commercial web hosters offering you a directory and a shared PHP interpreter for very little money, because running PHP does not incur the overhead of an application server instance per application.
On the other hand, if you had a large PHP application that used a lot of state, needed a connection pool and needed to keep compiled code in memory, you'd probably install SRM, the script running machine. SRM is basically a persistent VM that runs precompiled PHP programs called Bananas in a way very similar to what Java does with Beans.
Kristian
....how long before we start seeing cd burning terminals at music stores where you can either buy full licensed albums, or pick and choose tracks ala cart?
Until last week. The first such terminal was enabled last week in the city of Lübeck, Germany, which is incidentally pretty close to where I live.
Kristian
In Germany: Yes. Such a thing exists and is common.
..., and in fact have never seen ... before. It is not true that ...".
... together with ... and we have papers that actually incriminate ... which we believe are genuine").
That is, if you print something about a person, and the person you write about thinks that there are factual errors, that person can request a Gegendarstellung ("reply") in order to present their version of the facts and you are required to print it. You are also entitled to print your comment on this Gegendarstellung with it.
For example, in the very well respected german magazine "Der Spiegel" (The Mirror) you will often find articles of some kind of investigative journalism. Sometimes the people being reported on request a Gegendarstellung, often saying that "I was never involved in
In many cases you will find a comment by Der Spiegel below, where they present again their version of the facts ("Der Spiegel still stands by its story. We have evidence showing
In Germany, yes.
For newspapers, for radio and televisision programmes as well. If you report on a person or company, that person or company has the right to insist on their POV being published in an appropriate form. This works fairly well, and has a very low to non-noticeable actual impact on the content or cost of newspapers or programmes.
And I think it is a good idea to apply this to non-printed media as well. If you read the text carefully, you'll see that linking is okay. This more or less automatically solves the authentication problem, keeps editing for space out of the way and does generally the right thing network-wise.
This is not bad at all. In fact, it forces a lot of people into a fair discussion with argument and counterargument, whereas there were only soapboxes and shouting before.
Kristian
I am a maintainer of the FAQ for the de.comp.lang.php.* cluster of newsgroups and we see quite a lot of beginners coming over. Many of these people have already been creating HTML pages and now want dynamism in their pages, by adding counters and guestbooks. Or they have a site based on some PHP nuke variant or the other, and now want to understand the code and customize it. Often these people do not even know the most basic programming concepts, such as variables, scope, conditionals, loops and the like.
Using PHP, beginners get going from hour 0, and they have instant gratification because very little code can have rather well visible effects on web pages. Also, PHP has a very gentle learning curve, but goes a long way: Starting with simple echo statements and a few conditionals, PHP reaches up into the realm of low-end application servers (with SRM), touches on issues of concurrency which are often seen in web server environments, handles databases very well, introducing beginners to the concepts of relational databases, and starting with version 5 even has a decent object concept.
PHP is in no way pure or structured, but this is not really necessary. PHP is not an academic project or tries to make a point. It gets the job done, it gets the idea across, and it does it gently and conveniently.
Also, it is ubiquitous in hosting environments. At least in Germany, you'd be hard pressed to find web space that does NOT offer some version of PHP, again making it a very common beginners language.
Kristian
How about making the cell phone have better reception so call-drops are less frequent, instead of being able to download mp3s to play them on the cellphone speakers.
I have had a cellphone now since 1996 or so, starting with a Siemens S4 and I am currently the Siemens ME45 and I can count the number of calls that have terminated due to bad reception or network failures on a single hand. I really do not understand how you can view cellphone connection stability as an issue?
Kristian
Also, Bavaria is the home county of SuSE, the makers of SuSE linux.
Can you imagine what would happen if some politician in bavaria would drive up to the parliament while NOT sitting in a BMW? Similar situation here with the software, I presume.
SCO Openforum is a conference and trade show held by SCO in Las Vegas from August 17 - 19, 2003. The Agenda includes a lot of uninteresting stuff, and lots of opportunities to talk to the C?Os and managers of SCO and tell them what you think of them. Are you a SCO partner and want to be associated with SCO? Come to the partner pavillion or even become a sponsor and showcase you association with one of the boldest defenders of IP rights in the US. :-)
SCO realized that IBM wasn't biting, and panicked. This is SCO's flailing around for anything and everything to halt its inevitable destruction.
This is not a panic.
IBM was until now not interested into buying SCO, nor was anyone else big enough in the Linux business.
What SCO is doing now is producing much FUD against the Linux brand. They want to make themselves interesting for any buyers from the Linux camp, i.e. buying SCO should be less expensive than the damage SCO might be doing to the name of Linux. Also, buying SCO might be a faster way to end the FUD against the name of Linux then actually going through all the motions of due process.
Kristian
Want to find more music that matches your taste? Install Audioscrobbler and start listening. Audioscrobbler will find people listening to similar bands and will tell you what else they like.
Kristian
No, not any more. Or if so, not without checking for a CDDA label.
Over here in Germany, almost everthing on CD-like media is not CDDA any more. It does not play in what I have as playing devices and I am simply tired of unpacking, trying, failing and then arguing with the shop upon return.
I used to spend 1200 or so per year on new records, and getting new music always has been great fun. But for the past 15 months, it has been zero CDs for me. I just don't feel like it any more.
Kristian
Yes, it is. I have been lecturing using OpenOffice Impress last year and this year, using Suse Linux 8.1 and OpenOffice 1.0.x on a Dell Inspiron 8100, and it just works fine, thank you.
The difference between me and that student you describe is that I do not try to bring my presentations to another format, but I am using sxi, sxw and sxc natively. OpenOffice is free after all, so if students want to use the slides they might as well install a copy. For those who don't want to, I do PDF exports.
Kristian