The CDDL is an OSI-approved open source license. What is your problem with it? It may not be compatible with the GPL but why should it be? And wait... very few licenses are GPL-compatible. Are you also blaming the Apache License, the BSD license, the Mozilla Public License and many other open-source licenses, for beeing GPL incomplatible? Are they all evil or something?
... but apparently since it was NOT MADE HERE, GlassFish just can't be in any way better than the open source application servers, isn't it? The same way Open Solaris is not in any way better than Linux? So, of course, it is justified to bash Sun, even when they make a very good move for us.
... I tought that the K in KSVG2 was from KDE, and KDE comes with Linux, BSD and many other Unices (http://www.kde.org/download/distributions.php). Then I thought that the Adobe SVG Viewer is available for Windows platforms for a couple of years now - and while you consider it awful, it is the most compliant SVG viewer I have ever tried.
Then there is Firefox 1.1 and the beautiful (because of JavaScript) support for SVG in Dear Park Alpha.
So no, SVG was probably not "first addopted" by Apple, but yes the addoption of SVG by Apple will certainly help SVG go mainstream. However, not as much as Adobe did, nor as Firefox will.
He is 30 years old... hardly a teenager anymore! Stil living in a student residence though. The student residences usually have the best internet connections in this town. Yup, it is the town I'm living in know:)
If you don't get accepted into the program your aplication probably sucked and/or nobody in the mentoring organizations found it interesting. The competition is great and they cannot chose all of us. This is what they would tell you in a rejection letter, whether it is "personal" or not. Anyway, this is no reason to feel discuraged, I have information that they will accept all Slashdotters who submited applications;)
So the only way to prevent this, is not signing "binary" (not fully plain text human parsable) files written by someone else.
Last time I checked everybody was using md5 to hash binaries and text files alike, some binaries don't have a "human parsable" form you can sign on and (most important) binaries are NOT ALWAYS SIGNED BY HUMANS. How will a program tell the difference between a tampered and a non tampered file that it cannot understand anyway? Finally, you cannot tell exactly what an executable does unless you run it.
I think that the most important type of attack involves binaries. For example I could surpass tripwire and enable an exploit that was never visible in my binary code. Almost none of you would be able to tell the difference (a couple of bits), not even tripwire (md5), between the exploitable and non-exploitable version of the program. But the change in behavior could be different so that the exploit is possible.
Steps: 1. Write a very useful tool 2. Compile it 3. Tamper the file to get two almost identical versions, one exploitable, the other "secure" 4. Release the source and the secure binary 5. Wait for the tool to achieve widespread adoption based on its "security" 6. Overwrite the secure version with the exploitable one on your server and log the IPs of the people downloading it 7. Wait a little more 8. Use the exploit and gain access to the exploitable machines 9. Once you are in charge overwrite the exploitable version of the tool with the "secure" one - tripwire should not detect this 10. Party
He was talking about the Flash/SVG file formats, not the tools. And from the file format point of view I would go with SVG any time rather than go with the proprietary Flash.
You can rest assured though, that SVG support in tools is catching up very quickly. This will happen even if Adobe goes all Flashy and entirely drops SVG, which I hope won't happen. Opera 8.0 and Firefox 1.1 (alpha) have both SVG support. Also the Renesis SVG 1.2 Rendering Engine will be available this autumn for Firefox/Mozilla/Netscape, Internet Explorer and Opera. I would rather worry about what will happen to Flash once Macromedia got bought by Adobe than what will happen to SVG, because SVG is a vendor independent standard.
Adobe's SVG Viewer plugin is huge and rarely updated
You call 2.27MB huge? Sure, that is more than 684KB (Flash Player) but still it is very small. And unlike the Flash Player the Adobe SVG Viewer is implementing a standard and they are doing it very well. Should I care how often they have to update it to do this?
I said they were supportive. Discussions on mailing lists, blog entries, that sort of thing. Encouraging.
Please note that Macromedia is being supportive to their own developer community. Also every tool (open source or not) that has a chance to provide added value to their own platform while not being a competitive threat to their own product line is likely to get some (little) support as well. That does not even compare to what other companies do, by really embracing the free software / open source movement. IBM offered a couple of dozzens of programs to the open source community (list) one of them being an Integrated Development Environment (IDE) for Laszlo. Sun open sourced Star Office, Netbeans and will soon open source Solaris. Laszlo Systems open sourced their RIA Platform (OpenLaszlo). These and others are companies being supportive to the open source community. Macromedia however is not one of these companies. On a greed scale they would be somewhere very close to Microsoft.
Flash (which, btw, costs half of what you said)
I don't know where you live but in Germany the half cripple Macromedia Flash MX 2004 costs 694.84 euro (=855.926701 US$) and the full Macromedia Flash MX Professional 2004 costs 973.24 euro (=1,198.868952 US$).
If you don't like it -- don't buy it.
You can bet I won't. I already told about OpenLaszlo. That is what I would use, should I ever consider writing Flash applications again. For now I am a lot better off using SVG and JavaScript for the open source projects to which I contribute. SVG and JavaScript are both open standards while Macromedia's technologies are proprietary. Supporting Macromedia's technologies would help Macromedia more than anybody else, and would surely hurt web standards and interoperability.
So far, Macromedia has been quite supportive of the community, they seem to understand it's for the benefit of all.
What community support are you talking about? They are offering the Flash Player for free and charging $1000 for Flash MX 2004? That is not community support! That is marketing. Windows Media Player, MSN Messenger, Internet Explorer all free of cost. Does that mean that Microsoft is being supportive of the community? No, that is once again marketing.
Is Macromedia making Flex open source, or are they just making a tool for creating Flex applications open source?
Dream on baby, dream on... Macromedia is not open sourcing anything, not now, not in the forseenable future. They are making plugins for Eclipse, which (Eclipse) happens to be open source. That is the only connection between Macromedia and open source. You should go to bed now.
Sorry, I just got up. I will try to make a better point.
My opinion is that dual core processors are not for dummies. They don't offer a better performance in games or in office applications. And these are the first processors implementing DRM (am I wrong?) so they don't have a huge market for DRM yet (have they?).
I think that if Intel wants to start selling dual core processors (and thus help spreading DRM and trusted computer) they will have to convince power users not clueless drones. This comes from the processor series they have chosen to implement DRM. If they had gone with Celerons or plain P4s then your "people are stupid, will swallow everything Intel marketing throws at them" argument would have made more sense.
Plus if Windows won't run (and thus the games/office/etc.) because the system lacks this wonder feature then most people will not only buy it, but actually insist on this new magic chip features that stops viruses, beats OBL and cures Yaws.
Well, guess what, the speed gain from having two processors is zero for current (single threaded) games and negligible under light load (office) (benchmark)) Where dual processing is useful is 3d rendering (3ds max) and small servers. But these guys will never buy any of the "arguments" you enlisted.
Intel is just trying its luck with this series - if they will manage to get away with it they will try to push it harder, if not Microsoft can never blame them for not trying.
These folks really never get it, do they? It also happened with DVD region protection. No user likes being traped outside her system, and if she has the knowledge to break the protection she will do it faster than you can possibly imagine.
Actually they'll make a big issue of how viruses won't be able to run because they're not 'blessed' and how it can be used to make shure you have the best drivers and how it'll block terrorist (have no clue how they could claim the last, but I'm shure they'll find a way) and so on.
No, as soon as the first virus spreading over AMT will apear (and trust me, it will!) people will go crazy. Everybody will be an easy target to such an atack and since these chips will be primarly used in small servers and high end systems people will not just stand there and watch as their systems get owned.
Remember what happened with the
Pentium FDIV bug? Intel has adopted a no-questions-asked replacement policy for its customers with the Pentium FDIV bug. As soon as the first security hole is discovered in AMT or DRM hell will break lose again for Intel and this time they won't have ANY excuse. No customer asked for these so-called features and Intel will have to have their precessors fixed. The sooner it happens the better because after that no other processor builder will risk such a certain fiasco. Only Microsoft would be arogant enough to try it, but fortunately they are not building processors (yet).
Slashdot Mirror
Firefox should have it [SVG] by 1.5
Deer Park Alpha already has pretty good SVG support (JavaScript support is particularly interesting).
The CDDL is an OSI-approved open source license. What is your problem with it? It may not be compatible with the GPL but why should it be? ... very few licenses are GPL-compatible. Are you also blaming the Apache License, the BSD license, the Mozilla Public License and many other open-source licenses, for beeing GPL incomplatible? Are they all evil or something?
And wait
... but apparently since it was NOT MADE HERE, GlassFish just can't be in any way better than the open source application servers, isn't it? The same way Open Solaris is not in any way better than Linux? So, of course, it is justified to bash Sun, even when they make a very good move for us.
The "J2EE 5" link in TFA links to OpenSolaris, not to http://java.sun.com/j2ee/5.0/index.jsp or http://www.jcp.org/en/jsr/detail?id=244 .
... I tought that the K in KSVG2 was from KDE, and KDE comes with Linux, BSD and many other Unices (http://www.kde.org/download/distributions.php).
Then I thought that the Adobe SVG Viewer is available for Windows platforms for a couple of years now - and while you consider it awful, it is the most compliant SVG viewer I have ever tried.
Then there is Firefox 1.1 and the beautiful (because of JavaScript) support for SVG in Dear Park Alpha.
So no, SVG was probably not "first addopted" by Apple, but yes the addoption of SVG by Apple will certainly help SVG go mainstream. However, not as much as Adobe did, nor as Firefox will.
Ooops, I forgot the link (in Romanian):2
...
http://ziuaiasi.ro/display.php?art=Eveniment&num=
Sorry, I also forgot to spellcheck
He is 30 years old ... hardly a teenager anymore! Stil living in a student residence though. The student residences usually have the best internet connections in this town. Yup, it is the town I'm living in know :)
If it wasn't for the recent Open Solaris buzz, i wouldn't have known there is a Unix category on /. :)
If you don't get accepted into the program your aplication probably sucked and/or nobody in the mentoring organizations found it interesting. The competition is great and they cannot chose all of us. This is what they would tell you in a rejection letter, whether it is "personal" or not. Anyway, this is no reason to feel discuraged, I have information that they will accept all Slashdotters who submited applications ;)
Complex and messy code affects every large piece of software, but Microsoft seems to have managed at least moderately well
...
What metric are you using for this? Code indentation? Because if you were using my new "the bugs/line of code" ratio
One year is not too much time to wait for a great open source operating system. Not when you are using Linux :)
Here you go; this atack should be more meaningful.
To quote Cringely: "Remember, you read it here first."So the only way to prevent this, is not signing "binary" (not fully plain text human parsable) files written by someone else.
Last time I checked everybody was using md5 to hash binaries and text files alike, some binaries don't have a "human parsable" form you can sign on and (most important) binaries are NOT ALWAYS SIGNED BY HUMANS. How will a program tell the difference between a tampered and a non tampered file that it cannot understand anyway? Finally, you cannot tell exactly what an executable does unless you run it.
I think that the most important type of attack involves binaries. For example I could surpass tripwire and enable an exploit that was never visible in my binary code. Almost none of you would be able to tell the difference (a couple of bits), not even tripwire (md5), between the exploitable and non-exploitable version of the program. But the change in behavior could be different so that the exploit is possible.
Steps:
1. Write a very useful tool
2. Compile it
3. Tamper the file to get two almost identical versions, one exploitable, the other "secure"
4. Release the source and the secure binary
5. Wait for the tool to achieve widespread adoption based on its "security"
6. Overwrite the secure version with the exploitable one on your server and log the IPs of the people downloading it
7. Wait a little more
8. Use the exploit and gain access to the exploitable machines
9. Once you are in charge overwrite the exploitable version of the tool with the "secure" one - tripwire should not detect this
10. Party
He was talking about the Flash/SVG file formats, not the tools. And from the file format point of view I would go with SVG any time rather than go with the proprietary Flash.
You can rest assured though, that SVG support in tools is catching up very quickly. This will happen even if Adobe goes all Flashy and entirely drops SVG, which I hope won't happen. Opera 8.0 and Firefox 1.1 (alpha) have both SVG support. Also the Renesis SVG 1.2 Rendering Engine will be available this autumn for Firefox/Mozilla/Netscape, Internet Explorer and Opera. I would rather worry about what will happen to Flash once Macromedia got bought by Adobe than what will happen to SVG, because SVG is a vendor independent standard.
Adobe's SVG Viewer plugin is huge and rarely updated
You call 2.27MB huge? Sure, that is more than 684KB (Flash Player) but still it is very small. And unlike the Flash Player the Adobe SVG Viewer is implementing a standard and they are doing it very well. Should I care how often they have to update it to do this?
I said they were supportive. Discussions on mailing lists, blog entries, that sort of thing. Encouraging.
Please note that Macromedia is being supportive to their own developer community. Also every tool (open source or not) that has a chance to provide added value to their own platform while not being a competitive threat to their own product line is likely to get some (little) support as well. That does not even compare to what other companies do, by really embracing the free software / open source movement. IBM offered a couple of dozzens of programs to the open source community (list) one of them being an Integrated Development Environment (IDE) for Laszlo. Sun open sourced Star Office, Netbeans and will soon open source Solaris. Laszlo Systems open sourced their RIA Platform (OpenLaszlo). These and others are companies being supportive to the open source community. Macromedia however is not one of these companies. On a greed scale they would be somewhere very close to Microsoft.
Flash (which, btw, costs half of what you said)
I don't know where you live but in Germany the half cripple Macromedia Flash MX 2004 costs 694.84 euro (=855.926701 US$) and the full Macromedia Flash MX Professional 2004 costs 973.24 euro (=1,198.868952 US$).
If you don't like it -- don't buy it.
You can bet I won't. I already told about OpenLaszlo. That is what I would use, should I ever consider writing Flash applications again. For now I am a lot better off using SVG and JavaScript for the open source projects to which I contribute. SVG and JavaScript are both open standards while Macromedia's technologies are proprietary. Supporting Macromedia's technologies would help Macromedia more than anybody else, and would surely hurt web standards and interoperability.
So far, Macromedia has been quite supportive of the community, they seem to understand it's for the benefit of all.
What community support are you talking about? They are offering the Flash Player for free and charging $1000 for Flash MX 2004? That is not community support! That is marketing. Windows Media Player, MSN Messenger, Internet Explorer all free of cost. Does that mean that Microsoft is being supportive of the community? No, that is once again marketing.
Is Macromedia making Flex open source, or are they just making a tool for creating Flex applications open source?
... Macromedia is not open sourcing anything, not now, not in the forseenable future. They are making plugins for Eclipse, which (Eclipse) happens to be open source. That is the only connection between Macromedia and open source. You should go to bed now.
Dream on baby, dream on
AgainstTCPA.com - Computers and Internet gave you freedom. TCPA would TAKE your FREEDOM.
Sure, I'll use it together with this handy gadget to do pair programming :)
Kids, when you buy a bootleg DVD, you may be supporting people who might sympathize with a terrorist group that hasn't actually attacked us
/.
----
I already passed the Turing test but failed to prove my humanity to
Sorry, I just got up. I will try to make a better point.
My opinion is that dual core processors are not for dummies. They don't offer a better performance in games or in office applications. And these are the first processors implementing DRM (am I wrong?) so they don't have a huge market for DRM yet (have they?).
I think that if Intel wants to start selling dual core processors (and thus help spreading DRM and trusted computer) they will have to convince power users not clueless drones. This comes from the processor series they have chosen to implement DRM. If they had gone with Celerons or plain P4s then your "people are stupid, will swallow everything Intel marketing throws at them" argument would have made more sense.
Plus if Windows won't run (and thus the games/office/etc.) because the system lacks this wonder feature then most people will not only buy it, but actually insist on this new magic chip features that stops viruses, beats OBL and cures Yaws.
Well, guess what, the speed gain from having two processors is zero for current (single threaded) games and negligible under light load (office) (benchmark)) Where dual processing is useful is 3d rendering (3ds max) and small servers. But these guys will never buy any of the "arguments" you enlisted.
Intel is just trying its luck with this series - if they will manage to get away with it they will try to push it harder, if not Microsoft can never blame them for not trying.
These folks really never get it, do they? It also happened with DVD region protection. No user likes being traped outside her system, and if she has the knowledge to break the protection she will do it faster than you can possibly imagine.
Actually they'll make a big issue of how viruses won't be able to run because they're not 'blessed' and how it can be used to make shure you have the best drivers and how it'll block terrorist (have no clue how they could claim the last, but I'm shure they'll find a way) and so on.
No, as soon as the first virus spreading over AMT will apear (and trust me, it will!) people will go crazy. Everybody will be an easy target to such an atack and since these chips will be primarly used in small servers and high end systems people will not just stand there and watch as their systems get owned.
Remember what happened with the Pentium FDIV bug? Intel has adopted a no-questions-asked replacement policy for its customers with the Pentium FDIV bug. As soon as the first security hole is discovered in AMT or DRM hell will break lose again for Intel and this time they won't have ANY excuse. No customer asked for these so-called features and Intel will have to have their precessors fixed. The sooner it happens the better because after that no other processor builder will risk such a certain fiasco. Only Microsoft would be arogant enough to try it, but fortunately they are not building processors (yet).