Free source code that's available on the internet is no different than any other commodity: take it with a grain - and preferable a whole block - of salt.
There have been dozens of times where I thought "surely someone must have done this before" and then wasted quite a bit of time hunting it down. In some cases I simply couldn't find it (search engines yield irrelevant hits most of the time) and in the cases where I did I still had to spend a great deal of time looking through unfamiliar code with a fine comb to see if it wasn't leaky and bug-ridden. In a lot of those cases I found that the code wouldn't simply work as-is and needed adjusting, in others it appeared to have been written by someone who didn't know what he or she was doing.
Reusing code is only a timesaver when you can plug it in and not have to worry about it which is why I'd personally rather write it myself than be stuck with code I don't fully trust.
Obviously this doesn't apply when you're dealing with reusable components of several thousands of lines of code.
3. Yes. Much better. Search would be Google's "core competancy", or, as normal people say it, "what they're good at".
I don't know how you keep track of your email, but trying to search GMail is like taking a step back 20 years.
I have a number of 'pinned' search folders in my email client, among others 'flagged for follow-up', 'unread' and 'unanswered within the past 7 days' that I simply can not live without.
When I search email it's almost always by date, whether or not it was sent to me directly or Cc'ed, by tag or by part of an attachment's name when I don't remember who sent it or when but I remember the filename and others. None of that is possible with GMail.
For mom-and-pop's email needs it might be adequate, but that's about all of it. Webmail simply does not even begin to compare with the functionality of a modern desktop email client, especially if you have to deal with a bunch of different email account.
Whether you agree with the parent or not I can easily see his point. Google only seems to use open source as both a major advertising tool and to cut back on both development time and research costs.
The dispute is not that open source should not sustain a commercial company but that a company should not reap in billions by using open source and then only contribute mere pennies back and proceed to claim it holds open source in high regards. It doesn't make Google evil or a villain but it does have a hint of hypocrisy.
The latest messenger is a prime example of this: Google used an open standard to build a private client on top of it rather than taking an existing open sourced client under its wing and actively contributing to it and possibly branding the end result of that effort.
Open source isn't in need of new projects that do exactly the same thing as what exists already, it's in need of active funding either directly or paid developers who contribute code back into the community instead of improving on it and hoarding the fruits of others' efforts.
The work done on Firefox and other projects is commendable but doesn't appear to be much more than a drop of water on a hot plate and as a personal opinion an attempt to buy good will cheap. It's the fact that Google isn't doing as much as it could, should or claims that stands out; there's little dispute about the fact that Google doesn't contribute at all, it obviously does. In the end I'd very surprised if Google's investment back into open source is even noticeable in a graph of its global expenses.
I'll happily eat up every word of this post in case I'm wrong but at this point in time it certainly doesn't feel that way to me.
That part of it I can understand only too well and it's good they're finally doing something about it.
But a sblog just doesn't seem like it would be a problem. Spam email is intrusive, spam comments are as well, but a sblog just sits there doing nothing unless I'm missing something obvious.
I still completely fail to see the problem with splogs. It's not like anyone is going to subscribe to those or bother reading them since it's rather obvious what they are.
I can see the argument that they pollute search engines but they're polluted with spam regardless of splogs.
As far as I understand it only an unpatched Windows 2000 is directly vulnerable over the Internet.
An infected machine needs to be able to authenticate against an unpatched XP or 2003 to be able to infect them which is a rather significant mitigating factor for the general public.
They're not deleting cookies for your benifit but for their own. They actively rely on the fact that most people can't tell the difference between an innocent cookie and malicious software/spyware.
Including cookies in their detection engine is meant solely to artificially inflate the number of 'threats' the program finds on every run and trick the clueless user into thinking they *really* need the software because "OMG! It found 100 threats!!!!! Microsoft crap!!!!". It's also the reason why every single file and registry key counts as one threat as opposed to grouping everything together.
If Ad-Aware really wanted to keep you save, instead of the deleting the Doubleclick cookie it would replace it with the "don't track me" cookie Doubleclick provides to give one example.
Anti-spyware software is no different than anti-virus software. They both aim to instill 'fear' to retain users and to generate revenue.
Even so they could produce much more accurate "statistics" if they wanted to.
If they were to track the number of update downloads in the first two weeks following a new release then you'd have a very good idea of how many legitimate FireFox users there are.
Regardless, the numbers game only tends to hurt whoever is playing it in the long run. Quick adoption (which was predictable given the huge 'geek' appeal of FireFox) led to the "FireFox will take over the world in 12 months!" myth which in turn led to a huge amount of good publicity. But now that the numbers seem to be settling down it comes back to haunt since after all the hype "FireFox usage down!!!!!!!" makes for a very good sensationalist headline. And while most people here will simply dismiss those, the masses will take it as an (unjust) evaluation of FireFox.
(It's also midly ironic that my CAPTA word for this post is 'increase')
In addition to being a dupe and a rather obvious attempt to self-promote, it's also a non-story.
"In its request for comments, the office made clear that it plans to support other browsers in the future. In an interview, an attorney with the office said that the sticking point was Siebel software that guaranteed compatibility with only selected browsers--including both IE and Netscape 7.02, a browser with negligible market share--in the current Siebel 7.7 software.
Assuming they're sincere about their intent to support other browsers in the future it's better to have a limited site now rather than no site at all. (Demographically IE does still cater to the largest audience) It would also be a pointless waste of tax dollars to come up with an interim solution for other browsers when it's already slated to happen for the next revision anyway.
I think you just have the wrong approach. If you don't reeducate the people who's computer you're trying to salvage then you're only punishing yourself since 99% of the time they themselves caused the infections and as soon as you turn your back they'll reinstall that cute "dancing pigs" screensaver that comes with 10 trojans.
It's easy to blame Windows/Microsoft/whoever but if you're honest you know that most of what's there is there because of their doing.
Get them a software firewall, or if you can convince them of the value, a home broadband router will go a long way. Then sit them down and teach them how to install programs using alternate credentials so they can run under a LUA all the time. That takes care of most of it. Then convince them not to blindly click or answer 'Yes' to everything that comes their way (by far the hardest).
I only had a few who didn't want to take the trouble and for those I simply told them they were on their own from then on. Everyone else has been clean ever since saving me countless hours regardless of whether they went with Firefox or preferred to stick to IE.
I haven't gotten to the point where they'll all update Windows or some other program when I mail them saying they need to but even so they manage to stay safe still.
Just because Microsoft reduces the need to reboot doesn't mean other software companies will necessarily care.
It's the same deal with everything that requires admin rights to install even though in a large majority of cases it's simply not needed.
The next time some piece of software requires you to restart upon installation put the blame where it belongs which is with the company and not Microsoft. Or simply don't restart and run the application anyway and it's 99% guaranteed to work just fine without the reboot.
Although you were just ranting since none of the applications you listed requires a reboot on either installation or uninstallation and Microsoft switched to monthly release cycles ages ago.
The problem is that an OS has to cater to an enormous variety of people who each have their own idea of how things should work.
On my desktop, the power button will hibernate without asking and that's exactly what I want.
On my laptop, the power button will bring up the list of choices since what I want it to do will depend on the circumstance so again, it does exactly what I want.
In this very specific instanc, what Windows offers suits me just fine. If it did what you proposed instead, I'd find it annoying. Reverse the feature and our roles reverse as well.
Given that you can pick exactly what you want for your own PCs, I would have to say they made the right choice. If you're elsewhere you're unlikely to have to shut down in any case and otherwise the menu will be consistent all across.
I happen to have a strong dislike about the default Explorer settings but as long as I can set things the way I like on my own desktop, I'll adjust and cope whenever I'm using someone else's.
Now the reason it came across as a 'flame' is because in the majority of cases people complain because they never bothered to investigate whether what they want is actually there (doesn't matter if it's about Windows/Linux/OS-X/). If they can't find it in 2 seconds, it must not exist and that was the impression I got from your earlier post so I'll apologize if I was mistaken.
"Yet again I'd have to be an Apple whore and say that OS X wins on that one - one little window pops up asking you what you want to do."
Control Panel/Power Options/Advanced/"When I press the power button my computer"
Do nothing Ask me what to do <- that's the one you want Stand by Hibernate Shut down
You can debate the point of having your power button do different things based on user preference, but it certainly is a feature and Windows has had it for years. Next time you think of pulling an "my X is bigger/better/hotter/... than your Y" you might want to verify that you're not just making an obviously uninformed statement.
"Dummy devices could be installed at some stations to reduce the overall cost."
I read that as: "we won't be bothering to install them on stations with low traffic." It probably isn't too difficult to set these things off with something that looks suspicious but if you should get stopped lets you off the hook. As others have pointed out, once you're in, you're unencumbered to go to any other station you please.
Should it come to that, I also don't see this stopping suicide bombers since all they need is a crowd; the fact that they'll get detected probably doesn't deter them a whole lot.
Even assuming the system is completely fail-safe it still won't prevent anything, it just means they'll try it somewhere else. If it's really about offering protection and making a difference then taking the whole budget and using it to train and deploy security guards all over the city would be a lot more effective. It's not fancy or much of a guarantee but at least you'll have a minimum level of security all over instead of pockets where you just need to move a few feet and you can get away with trying anything.
In case you never read it before the non-admin blog has a few tips on reducing the amount of back and forth switching ( http://blogs.msdn.com/aaron_margosis/ ).
I've been running as non admin for a good while now. There are plenty of hoops to jump through to get some things done and Microsoft has a long way to go still to make the entire thing painless, but it's doable if you're willing.
Hold down Shift before you right-click the control panel section you need and pick 'Run as'. Works just fine.
As an alternative, make sure you have "Launch folder windows in a separate process" checked on the Admin account. If you did that you can start a new instance of explorer that runs under an Admin account. That should allow you to do almost anything you'd ever need to do. Just remember that programs you start from it run as Admin and not your LU account.
If the aim is to prosecute the average Joe for what they do online I can understand why forcing them to retain logs (connection or raw captures) would help but I fail to see how it would help with the kind of serious criminal activity they're alluding to.
Assuming there even is a way to search through such vast amounts of data in a reasonable fashion, anything that's encrypted isn't going to be identified that easily and if they can easily pinpoint it, they still wouldn't know if it was criminal until after breaking the encryption.
A lot of the 'popular' open source software doesn't deal with patches however, they just release a new version which is of course a whole lot easier to test than an actual patch.
Take something like Firefox where they don't ever patch or fix anything. They do release a new *version* that isn't vulnerable anymore, but if for any reason the new version either doesn't work or breaks an extention, you're out of luck and stuck with the choice of using secure software with a loss of functionality, or keep the functionality but be vulnerable.
More generally, there can be a ton of valid reasons why you'd want to stick to an older version of anything instead of the latest one. The difference is that we all expect commercial vendors to cater to that and continue to offer support even years after the initial release, but OSS doesn't have to provide any backwards support at all.
Since OSS in most cases only choses to support the very latest build (which in a lot cases even happens to be the unreleased development build) and commercial vendors have to support any combination of current builds they sell, the patching processes of the two really can not be compared at all.
Just because >you know that everything they will find is innocent, doesn't mean it will appear that way to them in the context the search happens.
If they're there with a search warrant already, everything they see will be looked at in the most unfavourable light you can imagine and it will happen with the "confiscate now, sort it out much, much later" attitude.
You're only "innocent until proven otherwise" in a criminal court. As far as investigations go, you're guilty until they have exhausted every option and still can't find something to substantiate it.
Slashdot Mirror
Free source code that's available on the internet is no different than any other commodity: take it with a grain - and preferable a whole block - of salt.
There have been dozens of times where I thought "surely someone must have done this before" and then wasted quite a bit of time hunting it down. In some cases I simply couldn't find it (search engines yield irrelevant hits most of the time) and in the cases where I did I still had to spend a great deal of time looking through unfamiliar code with a fine comb to see if it wasn't leaky and bug-ridden.
In a lot of those cases I found that the code wouldn't simply work as-is and needed adjusting, in others it appeared to have been written by someone who didn't know what he or she was doing.
Reusing code is only a timesaver when you can plug it in and not have to worry about it which is why I'd personally rather write it myself than be stuck with code I don't fully trust.
Obviously this doesn't apply when you're dealing with reusable components of several thousands of lines of code.
Hmm. You can search for Cc specifically without it checking the To field?
It always seems to return all the matches whenever I've tried.
Thanks for the "is:unread" tip, but it would really only be useful if Gmail allowed you to save searches so you'd have to enter it just once.
3. Yes. Much better. Search would be Google's "core competancy", or, as normal people say it, "what they're good at".
I don't know how you keep track of your email, but trying to search GMail is like taking a step back 20 years. I have a number of 'pinned' search folders in my email client, among others 'flagged for follow-up', 'unread' and 'unanswered within the past 7 days' that I simply can not live without.
When I search email it's almost always by date, whether or not it was sent to me directly or Cc'ed, by tag or by part of an attachment's name when I don't remember who sent it or when but I remember the filename and others. None of that is possible with GMail.
For mom-and-pop's email needs it might be adequate, but that's about all of it. Webmail simply does not even begin to compare with the functionality of a modern desktop email client, especially if you have to deal with a bunch of different email account.
Whether you agree with the parent or not I can easily see his point. Google only seems to use open source as both a major advertising tool and to cut back on both development time and research costs.
The dispute is not that open source should not sustain a commercial company but that a company should not reap in billions by using open source and then only contribute mere pennies back and proceed to claim it holds open source in high regards. It doesn't make Google evil or a villain but it does have a hint of hypocrisy.
The latest messenger is a prime example of this: Google used an open standard to build a private client on top of it rather than taking an existing open sourced client under its wing and actively contributing to it and possibly branding the end result of that effort.
Open source isn't in need of new projects that do exactly the same thing as what exists already, it's in need of active funding either directly or paid developers who contribute code back into the community instead of improving on it and hoarding the fruits of others' efforts.
The work done on Firefox and other projects is commendable but doesn't appear to be much more than a drop of water on a hot plate and as a personal opinion an attempt to buy good will cheap.
It's the fact that Google isn't doing as much as it could, should or claims that stands out; there's little dispute about the fact that Google doesn't contribute at all, it obviously does.
In the end I'd very surprised if Google's investment back into open source is even noticeable in a graph of its global expenses.
I'll happily eat up every word of this post in case I'm wrong but at this point in time it certainly doesn't feel that way to me.
That part of it I can understand only too well and it's good they're finally doing something about it. But a sblog just doesn't seem like it would be a problem. Spam email is intrusive, spam comments are as well, but a sblog just sits there doing nothing unless I'm missing something obvious.
I still completely fail to see the problem with splogs. It's not like anyone is going to subscribe to those or bother reading them since it's rather obvious what they are.
I can see the argument that they pollute search engines but they're polluted with spam regardless of splogs.
As far as I understand it only an unpatched Windows 2000 is directly vulnerable over the Internet.
An infected machine needs to be able to authenticate against an unpatched XP or 2003 to be able to infect them which is a rather significant mitigating factor for the general public.
They're not deleting cookies for your benifit but for their own. They actively rely on the fact that most people can't tell the difference between an innocent cookie and malicious software/spyware.
Including cookies in their detection engine is meant solely to artificially inflate the number of 'threats' the program finds on every run and trick the clueless user into thinking they *really* need the software because "OMG! It found 100 threats!!!!! Microsoft crap!!!!".
It's also the reason why every single file and registry key counts as one threat as opposed to grouping everything together.
If Ad-Aware really wanted to keep you save, instead of the deleting the Doubleclick cookie it would replace it with the "don't track me" cookie Doubleclick provides to give one example.
Anti-spyware software is no different than anti-virus software. They both aim to instill 'fear' to retain users and to generate revenue.
Even so they could produce much more accurate "statistics" if they wanted to.
If they were to track the number of update downloads in the first two weeks following a new release then you'd have a very good idea of how many legitimate FireFox users there are.
Regardless, the numbers game only tends to hurt whoever is playing it in the long run. Quick adoption (which was predictable given the huge 'geek' appeal of FireFox) led to the "FireFox will take over the world in 12 months!" myth which in turn led to a huge amount of good publicity.
But now that the numbers seem to be settling down it comes back to haunt since after all the hype "FireFox usage down!!!!!!!" makes for a very good sensationalist headline.
And while most people here will simply dismiss those, the masses will take it as an (unjust) evaluation of FireFox.
(It's also midly ironic that my CAPTA word for this post is 'increase')
In addition to being a dupe and a rather obvious attempt to self-promote, it's also a non-story.
E -only+OK/2100-1038_3-5827627.html)
"In its request for comments, the office made clear that it plans to support other browsers in the future. In an interview, an attorney with the office said that the sticking point was Siebel software that guaranteed compatibility with only selected browsers--including both IE and Netscape 7.02, a browser with negligible market share--in the current Siebel 7.7 software.
The Copyright Office said it planned to upgrade to Siebel 7.8, which supports Netscape 7.2, Firefox 1.0.3 and Mozilla 1.7.7, but not in time for the Oct. 24 launch."
(http://news.com.com/U.S.+Copyright+Office+poll+I
Assuming they're sincere about their intent to support other browsers in the future it's better to have a limited site now rather than no site at all. (Demographically IE does still cater to the largest audience)
It would also be a pointless waste of tax dollars to come up with an interim solution for other browsers when it's already slated to happen for the next revision anyway.
If you look at http://ff.asbjorn.it/hourly.php you'll see a significant spike on the 12 or 13th and another spike on the 20th.
1.0.5 was released the 12th, 1.0.6 was released the 20th. The download stats have always peaked whenever there is an update in the past as well.
So updates clearly do affect the number and make it of little value to anyone except for marketing purposes.
I think you just have the wrong approach. If you don't reeducate the people who's computer you're trying to salvage then you're only punishing yourself since 99% of the time they themselves caused the infections and as soon as you turn your back they'll reinstall that cute "dancing pigs" screensaver that comes with 10 trojans.
It's easy to blame Windows/Microsoft/whoever but if you're honest you know that most of what's there is there because of their doing.
Get them a software firewall, or if you can convince them of the value, a home broadband router will go a long way.
Then sit them down and teach them how to install programs using alternate credentials so they can run under a LUA all the time. That takes care of most of it.
Then convince them not to blindly click or answer 'Yes' to everything that comes their way (by far the hardest).
I only had a few who didn't want to take the trouble and for those I simply told them they were on their own from then on. Everyone else has been clean ever since saving me countless hours regardless of whether they went with Firefox or preferred to stick to IE.
I haven't gotten to the point where they'll all update Windows or some other program when I mail them saying they need to but even so they manage to stay safe still.
Just because Microsoft reduces the need to reboot doesn't mean other software companies will necessarily care.
It's the same deal with everything that requires admin rights to install even though in a large majority of cases it's simply not needed.
The next time some piece of software requires you to restart upon installation put the blame where it belongs which is with the company and not Microsoft. Or simply don't restart and run the application anyway and it's 99% guaranteed to work just fine without the reboot.
Although you were just ranting since none of the applications you listed requires a reboot on either installation or uninstallation and Microsoft switched to monthly release cycles ages ago.
The problem is that an OS has to cater to an enormous variety of people who each have their own idea of how things should work. On my desktop, the power button will hibernate without asking and that's exactly what I want. On my laptop, the power button will bring up the list of choices since what I want it to do will depend on the circumstance so again, it does exactly what I want. In this very specific instanc, what Windows offers suits me just fine. If it did what you proposed instead, I'd find it annoying. Reverse the feature and our roles reverse as well. Given that you can pick exactly what you want for your own PCs, I would have to say they made the right choice. If you're elsewhere you're unlikely to have to shut down in any case and otherwise the menu will be consistent all across. I happen to have a strong dislike about the default Explorer settings but as long as I can set things the way I like on my own desktop, I'll adjust and cope whenever I'm using someone else's. Now the reason it came across as a 'flame' is because in the majority of cases people complain because they never bothered to investigate whether what they want is actually there (doesn't matter if it's about Windows/Linux/OS-X/). If they can't find it in 2 seconds, it must not exist and that was the impression I got from your earlier post so I'll apologize if I was mistaken.
"Yet again I'd have to be an Apple whore and say that OS X wins on that one - one little window pops up asking you what you want to do."
Control Panel/Power Options/Advanced/"When I press the power button my computer"
Do nothing
Ask me what to do <- that's the one you want
Stand by
Hibernate
Shut down
You can debate the point of having your power button do different things based on user preference, but it certainly is a feature and Windows has had it for years.
Next time you think of pulling an "my X is bigger/better/hotter/... than your Y" you might want to verify that you're not just making an obviously uninformed statement.
"Dummy devices could be installed at some stations to reduce the overall cost."
I read that as: "we won't be bothering to install them on stations with low traffic."
It probably isn't too difficult to set these things off with something that looks suspicious but if you should get stopped lets you off the hook. As others have pointed out, once you're in, you're unencumbered to go to any other station you please.
Should it come to that, I also don't see this stopping suicide bombers since all they need is a crowd; the fact that they'll get detected probably doesn't deter them a whole lot.
Even assuming the system is completely fail-safe it still won't prevent anything, it just means they'll try it somewhere else.
If it's really about offering protection and making a difference then taking the whole budget and using it to train and deploy security guards all over the city would be a lot more effective. It's not fancy or much of a guarantee but at least you'll have a minimum level of security all over instead of pockets where you just need to move a few feet and you can get away with trying anything.
In case you never read it before the non-admin blog has a few tips on reducing the amount of back and forth switching ( http://blogs.msdn.com/aaron_margosis/ ).
I've been running as non admin for a good while now. There are plenty of hoops to jump through to get some things done and Microsoft has a long way to go still to make the entire thing painless, but it's doable if you're willing.
Hold down Shift before you right-click the control panel section you need and pick 'Run as'.
Works just fine.
As an alternative, make sure you have "Launch folder windows in a separate process" checked on the Admin account. If you did that you can start a new instance of explorer that runs under an Admin account. That should allow you to do almost anything you'd ever need to do.
Just remember that programs you start from it run as Admin and not your LU account.
http://img197.echo.cx/img197/7969/ie0uq.jpg
IE breaks the title after 'det' but other than that I don't see a difference.
Funny considering how it seems to like mine just fine :).
You did get me to click though so A+ for effort and cleverness.
If the aim is to prosecute the average Joe for what they do online I can understand why forcing them to retain logs (connection or raw captures) would help but I fail to see how it would help with the kind of serious criminal activity they're alluding to.
Assuming there even is a way to search through such vast amounts of data in a reasonable fashion, anything that's encrypted isn't going to be identified that easily and if they can easily pinpoint it, they still wouldn't know if it was criminal until after breaking the encryption.
"One of the unique things about the V500 is its scroll panel, and this is the very first mouse to actually use this concept"
Yawn. I've been using one of those for ages.
Microsoft calls it tilt wheel, Logitech calls it scroll panel. Potato, potatoe.
A lot of the 'popular' open source software doesn't deal with patches however, they just release a new version which is of course a whole lot easier to test than an actual patch.
Take something like Firefox where they don't ever patch or fix anything. They do release a new *version* that isn't vulnerable anymore, but if for any reason the new version either doesn't work or breaks an extention, you're out of luck and stuck with the choice of using secure software with a loss of functionality, or keep the functionality but be vulnerable.
More generally, there can be a ton of valid reasons why you'd want to stick to an older version of anything instead of the latest one. The difference is that we all expect commercial vendors to cater to that and continue to offer support even years after the initial release, but OSS doesn't have to provide any backwards support at all.
Since OSS in most cases only choses to support the very latest build (which in a lot cases even happens to be the unreleased development build) and commercial vendors have to support any combination of current builds they sell, the patching processes of the two really can not be compared at all.
Just because >you know that everything they will find is innocent, doesn't mean it will appear that way to them in the context the search happens.
If they're there with a search warrant already, everything they see will be looked at in the most unfavourable light you can imagine and it will happen with the "confiscate now, sort it out much, much later" attitude.
You're only "innocent until proven otherwise" in a criminal court. As far as investigations go, you're guilty until they have exhausted every option and still can't find something to substantiate it.