Re:Head first series is great.
on
Head Rush Ajax
·
· Score: 2, Insightful
It's taken me a few years and a lot of tech books to appreciate what they're doing; most books make the mistake of trying to mix tutorial with reference.
That means you end up with a very bloated reference book, and a poorly structured learning experience - i.e. my general experience is that authors will try and structure a book so that they start with simple concepts - primitive types, basic conditional control - before building up to collections, iteration, etc - but suffering from needing to introduce some features too early in order to get full coverage. Do you cover iterating over a collection in the chapter on collections? Or iteration?
Perhaps a neat marketing idea would be if they sold them with a matching slim reference volume.
The problem is that it's not just about Apple, it's about the whole future of digital content. It just happens that acting now would hurt Apple more than anyone else.
The French law itself is actually a DMCA style piece of law handing powers from consumers to companies.
What people are getting upset over is an amendment to ensure that in 10,20,30 years time you will be able to legally transfer your files to devices that will actually play them. That might just mean you will be able to carry on using your iPod, should the content providers decide to stop playing with Apple (and you actually cared about what they produced), or Windows Media Centre win the video download market.
Lest we forget, there is no LEGAL way for people to load bought DVD material onto their iPods. In some countries it's illegal to even rip your own CDs. In many places what you can do with a video recorder is quite heavily policed. It just so happens that currently, the laws are either un-enforcable or there are technical remedies.
The next round of technology and laws is aimed at eliminating the technical remedies, at which point it ceases to be an abstract - you literally will NOT be able to keep a copy of something recorded off TV for longer than 2 weeks, you will obey exactly the rights you are given.
(Although we all know what happens when you introduce prohibition)
In the UK, the Register, Need to Know, and other tech liberty sites organised techies to actually make a contribution against the ID card bill. They were very careful to point out that all responses had to be individual objections - no form letter.
The government responded by counting all these responses as 'an organised campaign', while responses from companies approving the scheme were, of course, counted individually. I'm not quite sure what lobbying groups are if not 'organised campaigns'.
What's has been successful is targeting the right-wing press and people's avaricious nature - 'you have nothing to fear if you have nothing to hide' sounds good when applied to criminals and CCTV cameras, but people change their mind when you bring up tax and speeding tickets as the main issues. Something like this could be a similar issue for DRM - right thinking people have no problem stopping illegal downloading and piracy, but stopping them from being able to record from TV or Radio???
>I would argue that it has hardly been tested, so one can't really say that it has "proven" anything.
As atheists have long known, it's almost impossible to prove the absence of something, despite the complete lack of evidence for it's existence or nature. Faith always wins out.
I would argue that (as per first post) that you can, at the very least, compare OS X with Classic - the threat level is about the same, and we are seeing almost nothing. It is certainly not for want of effort.
I am not disagreeing that Mac security is often over-stated. There have been two KNOWN problems that I would categorise as genuinely critical - the 'auto-install widgets' incident, and the issue covered in the parent article (failure to detect a file is in fact a shell script). The only reason either didn't spread widely is definitely down to market-share - 2 weeks would be long enough to cause substantial problems on unprotected PCs.
However, I do think the threat hysteria is often over-stated - every other vulnerability, including the 7 outstanding issues, has been as meaningless and low-threat as your typical reported Windows or Linux vulnerability. (As you note, the main vector is trojans, not code embedded in JPG on web pages).
Mac users do also have the useful advantage that even a slight potential threat makes mainstream news coverage.
Java may have finally replaced C++, and growth may continue as it replaces legacy languages, but I think my point still stands - people no longer see it as a panacea. The 'hype' cycle is over, followed by the trough of despondency, and now we are into the phase of real use. Which is generally when the cutting-edge move off elsewhere.
C# also defangs Java to a large degree. It offers your career MS developer much the same linguistics as Java, but integration with more familiar APIs.
A large amount - by volume - of web development IS in PHP. The majority of small hosting companies don't even offer JSP hosting. Whether it's commercially significant development is another matter. I guess it's a bit like Visual Basic development - there's a lot of it about but no one really talks about it.
I should add that I'm not wholly convinced by all Tate's arguments either; the key thing he missed for me is that the real solution most people need for the web app problem is a better client rather than a more productive JSP. If JavaScript can come back, perhaps Applets can.
I'm well aware there's more to development that web pages and web apps, but I'm still sceptical about Java desktop apps. Look-and-feel is more than using native widgets.
If you're talking about the Ars benchmarking of OS X server, it definitely showed problems running standard Unix software (mySQL). However, Oracle state that they've achieved good performance on OS X server by modifying their software.
I've also seen the same idea suggested but with Linux rather than Solaris, for roughly similar reasons. I've even read suggestions they should port Aqua to run on X11!
Leaving aside the licensing issues of trying to build a proprietary layer on a non-BSD licence, The usual error is to think that the OS X GUI environment is just something like KDE or Gnome, that can be stuck on front. The problem is that OS X is NOT a standard Unix architecture. Take a look at this diagram, and it shows the issue a little clearer. You don't have Aqua sat over X11 over Darwin over Mach. Darwin's sort of off to one size (explained on the next page), while the rest of the layers are - well closer to the old-school MacOS or Windows. In which case I'm not really sure what you'd get switching Darwin for Solaris.
Another factor to consider is that the main use of OS/X is as a desktop system while the main use of Solaris and most flavours of Unix is as a server-side operating system, typically supporting large volumes of concurrent requests (page requests, d/b queries, etc). I would wager that Apple have substantially modified Mach towards good Cocoa/Obj-C performance (which is heavily dependent on messaging) rather than the heavy threading optimisation that would be useful in a server OS.
Largely I would agree, except I would not describe the additional protection as marginal - realistically it has proven sufficient.
I'd have to say that being callous I have little concern for the user's own data. They should be backing it up anyway*. Nor can I see an easy way of protecting it (a database style approach may work, where the data is owned by another user and only accessible via specific client applications, but this would be annoying for many reasons).
However, it's been a long time since your typical virus merely damaged user data. Installing automatically executing code that survives between reboots, without alerting the user, is not something anyone has yet achieved - despite the fact that there have been known auto-execution AND privilege escalation issues, no one has yet been able to combine the two in a dangerous way. (They came close with the 2-week window where sites could auto-install Dashboard widgets).
Of course, viruses aren't the only threat. Trojans are increasingly significant (especially as virus-delivery becomes harder on Windows) - and the Mac is not substantially more 'trojan-proof'. An idiot installing a p2p program will not be stopped by an admin password, and a family are as likely to set up every user as Admin on a Mac as on Windows.
Actually the whole discussion on security is generally crap.
Vulnerabilities in IE where 'viewing a web page can allow execution of arbitrary code' sound bad to ignorant users - they don't understand they need to visit a specially crafted page rather than Amazon or ebay. Security sites don't help by calling such issues 'critical'.
We need to distinguish between risks that result from user action (visiting a specific web page, downloading p2p software) and user inaction. The ability to exploit the default installation of an OS through open ports, or transmit a virus through reading an email is at least an order of magnitude greater in risk.
On those grounds, OS X has always been a much lower risk platform (Windows continues to improve with each SP). Instead the discussion has largely deteriorated into throwing vuln counts at each other.
* Apple, like Microsoft, deserve shooting for not incorporating backup as a standard feature in their consumer operating system - selling it as part of a.Mac subscription is completely underhand.
The one thing that is true is that Apple don't know how to deal with security, although they seem to be learning. You can't ignore the press and hope that the facts are good enough.
Especially when there an army of 'security researchers' out there, with a story to tell, and a public who can't tell the difference between 'immune' and 'robust'.
Say 9/11 and Saddam in the same sentence enough times and people will start believing there is a link - even if your sentence is 'There is no known link between 9/11 and Saddam'.
Incorrect. OS 9 and prior certainly had viruses, despite a market share comparable to OS X based machines. Not as many as Windows, but enough to cause problems for Mac users. Hell, I remember virus problems on Macs when the only way of distributing a virus was by floppy disk and the operating system was held in a ROM.
OS X is substantially more resistant to virus attack than all prior Mac operating systems, and most default Windows installations.
That doesn't mean it's 'immune'. Equally an increase in popularity will almost certainly raise the threat level - but that doesn't change the fact that the underlying system provides better protection by default. Failing to be 'immune' does not mean 'equally vulnerable'.
The default installation implements much of what corporate Windows admins have to implement to secure a Windows system / will be implemented by default in Vista.
Obviously there are other Unix systems that are still more secure - some security has been sacrificed for ease of use. It would be much more secure if new startup services and firewall changes had to be manually configured - but users won't stand for it. (Hence why we got in this mess in the first place).
I don't think you're an anomaly; it's pretty much what every GUI design expert says.
Improving the design of 'use-once' applications can be done with little impact - i.e. loan application websites, configuration wizards, etc.
Changing the layout of anything used by people on an everyday basis shouldn't be done unless there is a really good reason to do it, even if that layout it 'wrong'. People quickly adapt to dealing with wrong systems, because we mostly use systems by auto-pilot. We stop looking for the back icon and just move the mouse to where it is. Moving the icon is therefore annoying.
That's not saying we should live with bad mistakes forever, but that developers should be mindful of the cost of change. Unlike software bugs, it may be better to let GUI changes build up and address them all in one major revision, than constant small fixes. If something is clearly different this is less of an issue to be people than when it is nearly the same but there are small cognitive differences.
Joel Spolksy's short book on Interface Design also makes a couple of good points about customisable GUI - firstly, if you are a GUI designer, your job is to design usable software. If you have two options, it's your job to make a decision which one is best, rather than expecting the user to decide which one is best for them.
Secondly - a lot of people give up on GUI customisation because it's not portable. For instance if I tweak Word to completely suit me, using it on someone else's machine - particularly if they have also tweaked it in a different way - gives me a learning curve. Ditto when I upgrade machine I need to do all the tweaking again. For some people, it's worth the hassle, but for most people the inconvenience outweighs any convenience.
A problem I can see going forward is that 'Web 2.0' sites are going to make it very difficult for software to automatically distinguish between a site that's legitimately using a third-party web service to serve content, and one doing the same to serve advertising. You could say that the first 'mash-ups' were actually those sites that seem to consist of nothing but externally served ads and the tiniest bit of original content.
Personally, I find the best thing to do with adverts is ignore them. However, rather like commercial television I can accept WHY they are there - it strikes me as a bit irrational to get upset by their presence while also enjoying what they are supporting. But then it's hardly new - people always complain about the number of adverts in magazines, while refusing to pay the extra for magazines whose price isn't subsidised by ads. The likes of HBO are also in a minority - while GMail is more appealing to people than paying for a private email account. People are generally cheap-skates who will sell their minds for a small saving.
>But don't forget that the origin of all open projects is the desire to build a better product, and it's only because we want to be better that we can achieve
I don't think you can ascribe the same motive to all open projects. Some are entirely happy to build a 'worse' or equivalent product so long as it's free - in the sense of freedom. That's one of Stallman's key disagreements with the Open Source community - he's never insisted that open development would result in better software - but that freedom in itself was better, even if that means making sacrifices in functionality or usability.
A prime example for me is Open Office - no one can say it's a better productivity app, as it's stuck - by nature of it's project definition - with mirroring MS Office. There are other projects that have aimed (and succeeded) in producing better word processors.
Others are about wanting to customise, extend and improve systems - a purely technical desire to do better without any politically motivated goal (Windows tweakers would be a good example).
I'd also add that Apache on Linux is a very popular form of Java server, even if it doesn't have a great acronym. What's happening - and I think it's a postive thing - is that we're seeing the death of the idea that Java is going to replace all other programming languages, which seemed a major meme for a while. (Certainly University courses bought into it, teaching it as the main programming language in the 90s).
Bruce Tate's 'Beyond Java' is an interesting read on the subject - his main theme is that Java has become too tied up with the needs of enterprise vendors and developers - hence it's heavy use in complex server side applications - while the actual majority (numerically) of developers needs something to simply get data onto web pages and persist it back. (The most common commercial web application is the small web-based store).
Isn't that pretty much the same situation you're in with any disk encryption system?
I can certainly lock my disk up beyond recoverability now (at least using current public software/hardware) with publicly known encryption. I can lock up my machine so that the only think a thief could do is reinstall the OS (and even then they'd need to flash the firmware to get it to boot off CD without entering a password). If I was in the 'secrets' business that is what I'd want.
A more serious concern is whether it will actually do the encryption it says on the tin (i.e no back door).
(I mean didn't you know that the whole reason Windows was so insecure was so that we could hack into all those machines running pirate copies running in China, Latin America, et al!)
Yeah, screw the content companies. And the software companies. In the future all software and content will be free. And everything physical will be manufactured in China.
We'll finally all be able to put our feet up and live a life of creative contemplation, tending our vegetable gardens, watched over by machines of loving grace.
Well either that or compete viciously with each other for meaningless service jobs that will suck away our free time.
From a certain point of view, those older sites are going to be 'broken' anyway - i.e. old 800x600 sites already render 'too small' on my HD display. As people squeeze HD resolutions into smaller and smaller screens that's only going to get worse.
Similar problems are faced by desktop GUI, hence most O/S moving towards resolution independent ways of specifying UI layout, typically involving specifying position and size as a percentage of the available canvas, or in the physical size rendered. (Of course some older apps don't even support resizable windows).
And don't forget that old standards never die on the web : most browsers have backward compatibility / quirks modes, rather than insisting on only supporting the latest standards. You would just get a slow transition because the newer sites will just look better - much like the 800x600 to 1024x768 transition.
I would also imagine that you'd end up with two methods of scaling up. 1) A resolution independent method. 2) A 'zoom' based approach for legacy sites.
To an extent, option 2 already exists, with most OS supporting window zooming for accesibility. Improvements could certainly be made, such as re-rendering components that can be (fonts / vector graphics) and only enlarging bitmaps.
(All that said, resolution independent UI on the desktop shows it's not a trivial problem; automatic scaling, even of vectors and fonts, has limits - there are times when it is better to switch to a font that is designed for clarity at small size, or use a completely different layout. If it was that simple, we wouldn't need graphic designers).
Two reasons : 1) The data you are using might not live on your server. (You could certainly write server side code to connect to the external server).
2) The Asyncronous bit. You're moving away from the idea that the server creates and delivers HTML to the idea that a server delivers data and the application renders it - i.e. back towards a client-server architecture. Using the wrong tools, but we don't really have a lot of choice in that.
What's the incentive now, when the market share is so low?
A. Some developers like working with OS X, some users prefer OS X apps. Being a big fish in a small pond.
Agreed that people will generally put up with annoyance over change. Most people will struggle on with cheap unreliable cars than spend the extra up-front on a more reliable vehicle (or learn to do maintanance themselves).
It's also worth doing a search on the Economic Theory of Lemons.
In summary, traditional market theory presumes consumers are acting with perfect knowledge - thus competition will arrive at the best product / price point.
In reality, the majority of consumers act with less than perfect knowledge, making it hard for anyone to make a return of a genuinely better product, thus driving the quality of the market downwards.
The other problem with switching is that it only takes one site that doesn't work on Firefox or Opera or Safari to make someone decide to stick with the one that 'works'.
After-market car accesories (i.e. stereos - originally cars didn't come with them, then manufacturers shipped with them, but their is still a lively niche market in changing them).
There are also plenty of lessons you can learn - MS came from behind and 'won' by being able to leverage their existing customer base.
(You could learn the same lesson looking at Windows and MacOS, or increasingly SQL Server and Oracle).
For business people that means depressing lessons like, don't bet that 'being first' is going to give you a significant business edge, don't invest money in technological innovation in the hope of recouping it through software sales. Pretty much the bog standard lessons the open source community knows.
That's one keynote I'd have loved to have seen.
'Right guys, I need to stage this so that Powerpoint crashes right in the middle of my presentation, but it looks like it's Windows fault not Apple'.
As a company we have a Windows site licence. We get our machines in and install our configuration of XP Pro. Along the way, we wipe over the version that came with the machine.
My wife's school does the same thing with donated PCs. Now, is it me, or does that sounds like MS are getting money twice?
If the PC had stayed a closed IBM machine, it would never have been more than a niche product as, like Apple, IBM would never have cut their costs. Far better selling to those who can pay (enterprise) than dealing with low margin consumers. This may have been no bad thing - Apple would have benefitted, and no doubt other vendors would have been forced to compete by offering their own business computers rather than cutting the R&D budget and going clone.
All that said, I think a CONSIDERABLE about of IBMs pain was caused by the decline of mainframe sales during the same period, and the matching rise of Unix. I came into IT during the period were migrating off System/36 and VAX (or more accurately VMS) - and most of it's rivals in the mainframe business have gone the same way (a situation we can now see repeating itself in the server sector - the number of customers needing high power over large clusters is a decreasing percentage of the overall business).
Slashdot Mirror
It's taken me a few years and a lot of tech books to appreciate what they're doing; most books make the mistake of trying to mix tutorial with reference.
That means you end up with a very bloated reference book, and a poorly structured learning experience - i.e. my general experience is that authors will try and structure a book so that they start with simple concepts - primitive types, basic conditional control - before building up to collections, iteration, etc - but suffering from needing to introduce some features too early in order to get full coverage.
Do you cover iterating over a collection in the chapter on collections? Or iteration?
Perhaps a neat marketing idea would be if they sold them with a matching slim reference volume.
The problem is that it's not just about Apple, it's about the whole future of digital content. It just happens that acting now would hurt Apple more than anyone else. The French law itself is actually a DMCA style piece of law handing powers from consumers to companies. What people are getting upset over is an amendment to ensure that in 10,20,30 years time you will be able to legally transfer your files to devices that will actually play them. That might just mean you will be able to carry on using your iPod, should the content providers decide to stop playing with Apple (and you actually cared about what they produced), or Windows Media Centre win the video download market. Lest we forget, there is no LEGAL way for people to load bought DVD material onto their iPods. In some countries it's illegal to even rip your own CDs. In many places what you can do with a video recorder is quite heavily policed. It just so happens that currently, the laws are either un-enforcable or there are technical remedies. The next round of technology and laws is aimed at eliminating the technical remedies, at which point it ceases to be an abstract - you literally will NOT be able to keep a copy of something recorded off TV for longer than 2 weeks, you will obey exactly the rights you are given. (Although we all know what happens when you introduce prohibition)
In the UK, the Register, Need to Know, and other tech liberty sites organised techies to actually make a contribution against the ID card bill. They were very careful to point out that all responses had to be individual objections - no form letter.
The government responded by counting all these responses as 'an organised campaign', while responses from companies approving the scheme were, of course, counted individually. I'm not quite sure what lobbying groups are if not 'organised campaigns'.
What's has been successful is targeting the right-wing press and people's avaricious nature - 'you have nothing to fear if you have nothing to hide' sounds good when applied to criminals and CCTV cameras, but people change their mind when you bring up tax and speeding tickets as the main issues. Something like this could be a similar issue for DRM - right thinking people have no problem stopping illegal downloading and piracy, but stopping them from being able to record from TV or Radio???
>I would argue that it has hardly been tested, so one can't really say that it has "proven" anything.
As atheists have long known, it's almost impossible to prove the absence of something, despite the complete lack of evidence for it's existence or nature. Faith always wins out.
I would argue that (as per first post) that you can, at the very least, compare OS X with Classic - the threat level is about the same, and we are seeing almost nothing. It is certainly not for want of effort.
I am not disagreeing that Mac security is often over-stated. There have been two KNOWN problems that I would categorise as genuinely critical - the 'auto-install widgets' incident, and the issue covered in the parent article (failure to detect a file is in fact a shell script). The only reason either didn't spread widely is definitely down to market-share - 2 weeks would be long enough to cause substantial problems on unprotected PCs.
However, I do think the threat hysteria is often over-stated - every other vulnerability, including the 7 outstanding issues, has been as meaningless and low-threat as your typical reported Windows or Linux vulnerability. (As you note, the main vector is trojans, not code embedded in JPG on web pages).
Mac users do also have the useful advantage that even a slight potential threat makes mainstream news coverage.
Java may have finally replaced C++, and growth may continue as it replaces legacy languages, but I think my point still stands - people no longer see it as a panacea. The 'hype' cycle is over, followed by the trough of despondency, and now we are into the phase of real use. Which is generally when the cutting-edge move off elsewhere. C# also defangs Java to a large degree. It offers your career MS developer much the same linguistics as Java, but integration with more familiar APIs. A large amount - by volume - of web development IS in PHP. The majority of small hosting companies don't even offer JSP hosting. Whether it's commercially significant development is another matter. I guess it's a bit like Visual Basic development - there's a lot of it about but no one really talks about it. I should add that I'm not wholly convinced by all Tate's arguments either; the key thing he missed for me is that the real solution most people need for the web app problem is a better client rather than a more productive JSP. If JavaScript can come back, perhaps Applets can. I'm well aware there's more to development that web pages and web apps, but I'm still sceptical about Java desktop apps. Look-and-feel is more than using native widgets.
If you're talking about the Ars benchmarking of OS X server, it definitely showed problems running standard Unix software (mySQL). However, Oracle state that they've achieved good performance on OS X server by modifying their software.
o nceptual/KernelProgramming/index.html
I've also seen the same idea suggested but with Linux rather than Solaris, for roughly similar reasons. I've even read suggestions they should port Aqua to run on X11!
Leaving aside the licensing issues of trying to build a proprietary layer on a non-BSD licence,
The usual error is to think that the OS X GUI environment is just something like KDE or Gnome, that can be stuck on front. The problem is that OS X is NOT a standard Unix architecture. Take a look at this diagram, and it shows the issue a little clearer. You don't have Aqua sat over X11 over Darwin over Mach. Darwin's sort of off to one size (explained on the next page), while the rest of the layers are - well closer to the old-school MacOS or Windows. In which case I'm not really sure what you'd get switching Darwin for Solaris.
http://developer.apple.com/documentation/Darwin/C
Another factor to consider is that the main use of OS/X is as a desktop system while the main use of Solaris and most flavours of Unix is as a server-side operating system, typically supporting large volumes of concurrent requests (page requests, d/b queries, etc). I would wager that Apple have substantially modified Mach towards good Cocoa/Obj-C performance (which is heavily dependent on messaging) rather than the heavy threading optimisation that would be useful in a server OS.
Largely I would agree, except I would not describe the additional protection as marginal - realistically it has proven sufficient.
.Mac subscription is completely underhand.
I'd have to say that being callous I have little concern for the user's own data. They should be backing it up anyway*. Nor can I see an easy way of protecting it (a database style approach may work, where the data is owned by another user and only accessible via specific client applications, but this would be annoying for many reasons).
However, it's been a long time since your typical virus merely damaged user data. Installing automatically executing code that survives between reboots, without alerting the user, is not something anyone has yet achieved - despite the fact that there have been known auto-execution AND privilege escalation issues, no one has yet been able to combine the two in a dangerous way.
(They came close with the 2-week window where sites could auto-install Dashboard widgets).
Of course, viruses aren't the only threat. Trojans are increasingly significant (especially as virus-delivery becomes harder on Windows) - and the Mac is not substantially more 'trojan-proof'. An idiot installing a p2p program will not be stopped by an admin password, and a family are as likely to set up every user as Admin on a Mac as on Windows.
Actually the whole discussion on security is generally crap.
Vulnerabilities in IE where 'viewing a web page can allow execution of arbitrary code' sound bad to ignorant users - they don't understand they need to visit a specially crafted page rather than Amazon or ebay. Security sites don't help by calling such issues 'critical'.
We need to distinguish between risks that result from user action (visiting a specific web page, downloading p2p software) and user inaction. The ability to exploit the default installation of an OS through open ports, or transmit a virus through reading an email is at least an order of magnitude greater in risk.
On those grounds, OS X has always been a much lower risk platform (Windows continues to improve with each SP).
Instead the discussion has largely deteriorated into throwing vuln counts at each other.
* Apple, like Microsoft, deserve shooting for not incorporating backup as a standard feature in their consumer operating system - selling it as part of a
The one thing that is true is that Apple don't know how to deal with security, although they seem to be learning. You can't ignore the press and hope that the facts are good enough.
Especially when there an army of 'security researchers' out there, with a story to tell, and a public who can't tell the difference between 'immune' and 'robust'.
Say 9/11 and Saddam in the same sentence enough times and people will start believing there is a link - even if your sentence is 'There is no known link between 9/11 and Saddam'.
Incorrect. OS 9 and prior certainly had viruses, despite a market share comparable to OS X based machines. Not as many as Windows, but enough to cause problems for Mac users. Hell, I remember virus problems on Macs when the only way of distributing a virus was by floppy disk and the operating system was held in a ROM.
OS X is substantially more resistant to virus attack than all prior Mac operating systems, and most default Windows installations.
That doesn't mean it's 'immune'. Equally an increase in popularity will almost certainly raise the threat level - but that doesn't change the fact that the underlying system provides better protection by default. Failing to be 'immune' does not mean 'equally vulnerable'.
The default installation implements much of what corporate Windows admins have to implement to secure a Windows system / will be implemented by default in Vista.
Obviously there are other Unix systems that are still more secure - some security has been sacrificed for ease of use. It would be much more secure if new startup services and firewall changes had to be manually configured - but users won't stand for it. (Hence why we got in this mess in the first place).
I don't think you're an anomaly; it's pretty much what every GUI design expert says.
Improving the design of 'use-once' applications can be done with little impact - i.e. loan application websites, configuration wizards, etc.
Changing the layout of anything used by people on an everyday basis shouldn't be done unless there is a really good reason to do it, even if that layout it 'wrong'. People quickly adapt to dealing with wrong systems, because we mostly use systems by auto-pilot. We stop looking for the back icon and just move the mouse to where it is. Moving the icon is therefore annoying.
That's not saying we should live with bad mistakes forever, but that developers should be mindful of the cost of change. Unlike software bugs, it may be better to let GUI changes build up and address them all in one major revision, than constant small fixes. If something is clearly different this is less of an issue to be people than when it is nearly the same but there are small cognitive differences.
Joel Spolksy's short book on Interface Design also makes a couple of good points about customisable GUI - firstly, if you are a GUI designer, your job is to design usable software. If you have two options, it's your job to make a decision which one is best, rather than expecting the user to decide which one is best for them.
Secondly - a lot of people give up on GUI customisation because it's not portable. For instance if I tweak Word to completely suit me, using it on someone else's machine - particularly if they have also tweaked it in a different way - gives me a learning curve. Ditto when I upgrade machine I need to do all the tweaking again. For some people, it's worth the hassle, but for most people the inconvenience outweighs any convenience.
A problem I can see going forward is that 'Web 2.0' sites are going to make it very difficult for software to automatically distinguish between a site that's legitimately using a third-party web service to serve content, and one doing the same to serve advertising. You could say that the first 'mash-ups' were actually those sites that seem to consist of nothing but externally served ads and the tiniest bit of original content.
Personally, I find the best thing to do with adverts is ignore them. However, rather like commercial television I can accept WHY they are there - it strikes me as a bit irrational to get upset by their presence while also enjoying what they are supporting. But then it's hardly new - people always complain about the number of adverts in magazines, while refusing to pay the extra for magazines whose price isn't subsidised by ads. The likes of HBO are also in a minority - while GMail is more appealing to people than paying for a private email account. People are generally cheap-skates who will sell their minds for a small saving.
And look who is benefitting (hope it doesn't need a login outside the UK).
8 64.html
http://www.timesonline.co.uk/article/0,,2087-2147
>But don't forget that the origin of all open projects is the desire to build a better product, and it's only because we want to be better that we can achieve
I don't think you can ascribe the same motive to all open projects. Some are entirely happy to build a 'worse' or equivalent product so long as it's free - in the sense of freedom. That's one of Stallman's key disagreements with the Open Source community - he's never insisted that open development would result in better software - but that freedom in itself was better, even if that means making sacrifices in functionality or usability.
A prime example for me is Open Office - no one can say it's a better productivity app, as it's stuck - by nature of it's project definition - with mirroring MS Office. There are other projects that have aimed (and succeeded) in producing better word processors.
Others are about wanting to customise, extend and improve systems - a purely technical desire to do better without any politically motivated goal (Windows tweakers would be a good example).
I'd also add that Apache on Linux is a very popular form of Java server, even if it doesn't have a great acronym. What's happening - and I think it's a postive thing - is that we're seeing the death of the idea that Java is going to replace all other programming languages, which seemed a major meme for a while.
(Certainly University courses bought into it, teaching it as the main programming language in the 90s).
Bruce Tate's 'Beyond Java' is an interesting read on the subject - his main theme is that Java has become too tied up with the needs of enterprise vendors and developers - hence it's heavy use in complex server side applications - while the actual majority (numerically) of developers needs something to simply get data onto web pages and persist it back. (The most common commercial web application is the small web-based store).
The risk there is that they'd have lost control of Java to Microsoft's bastardisation, which would instantly have become the dominant version.
Absolutely.
Actually the wider pattern is :
Build company doing something cool for free to get users.
Whore users off to advertisers.
Users go to next company doing something cool for free.
If you're really lucky you get to sell your company somewhere between steps 2 and 3.
Isn't that pretty much the same situation you're in with any disk encryption system?
I can certainly lock my disk up beyond recoverability now (at least using current public software/hardware) with publicly known encryption. I can lock up my machine so that the only think a thief could do is reinstall the OS (and even then they'd need to flash the firmware to get it to boot off CD without entering a password). If I was in the 'secrets' business that is what I'd want.
A more serious concern is whether it will actually do the encryption it says on the tin (i.e no back door).
(I mean didn't you know that the whole reason Windows was so insecure was so that we could hack into all those machines running pirate copies running in China, Latin America, et al!)
Yeah, screw the content companies. And the software companies. In the future all software and content will be free. And everything physical will be manufactured in China.
We'll finally all be able to put our feet up and live a life of creative contemplation, tending our vegetable gardens, watched over by machines of loving grace.
Well either that or compete viciously with each other for meaningless service jobs that will suck away our free time.
From a certain point of view, those older sites are going to be 'broken' anyway - i.e. old 800x600 sites already render 'too small' on my HD display. As people squeeze HD resolutions into smaller and smaller screens that's only going to get worse.
Similar problems are faced by desktop GUI, hence most O/S moving towards resolution independent ways of specifying UI layout, typically involving specifying position and size as a percentage of the available canvas, or in the physical size rendered. (Of course some older apps don't even support resizable windows).
And don't forget that old standards never die on the web : most browsers have backward compatibility / quirks modes, rather than insisting on only supporting the latest standards. You would just get a slow transition because the newer sites will just look better - much like the 800x600 to 1024x768 transition.
I would also imagine that you'd end up with two methods of scaling up.
1) A resolution independent method.
2) A 'zoom' based approach for legacy sites.
To an extent, option 2 already exists, with most OS supporting window zooming for accesibility. Improvements could certainly be made, such as re-rendering components that can be (fonts / vector graphics) and only enlarging bitmaps.
(All that said, resolution independent UI on the desktop shows it's not a trivial problem; automatic scaling, even of vectors and fonts, has limits - there are times when it is better to switch to a font that is designed for clarity at small size, or use a completely different layout. If it was that simple, we wouldn't need graphic designers).
Two reasons :
1) The data you are using might not live on your server. (You could certainly write server side code to connect to the external server).
2) The Asyncronous bit. You're moving away from the idea that the server creates and delivers HTML to the idea that a server delivers data and the application renders it - i.e. back towards a client-server architecture. Using the wrong tools, but we don't really have a lot of choice in that.
What's the incentive now, when the market share is so low? A. Some developers like working with OS X, some users prefer OS X apps. Being a big fish in a small pond.
Agreed that people will generally put up with annoyance over change. Most people will struggle on with cheap unreliable cars than spend the extra up-front on a more reliable vehicle (or learn to do maintanance themselves).
It's also worth doing a search on the Economic Theory of Lemons.
In summary, traditional market theory presumes consumers are acting with perfect knowledge - thus competition will arrive at the best product / price point.
In reality, the majority of consumers act with less than perfect knowledge, making it hard for anyone to make a return of a genuinely better product, thus driving the quality of the market downwards.
The other problem with switching is that it only takes one site that doesn't work on Firefox or Opera or Safari to make someone decide to stick with the one that 'works'.
After-market car accesories (i.e. stereos - originally cars didn't come with them, then manufacturers shipped with them, but their is still a lively niche market in changing them). There are also plenty of lessons you can learn - MS came from behind and 'won' by being able to leverage their existing customer base. (You could learn the same lesson looking at Windows and MacOS, or increasingly SQL Server and Oracle). For business people that means depressing lessons like, don't bet that 'being first' is going to give you a significant business edge, don't invest money in technological innovation in the hope of recouping it through software sales. Pretty much the bog standard lessons the open source community knows.
That's one keynote I'd have loved to have seen. 'Right guys, I need to stage this so that Powerpoint crashes right in the middle of my presentation, but it looks like it's Windows fault not Apple'.
As a company we have a Windows site licence. We get our machines in and install our configuration of XP Pro. Along the way, we wipe over the version that came with the machine.
My wife's school does the same thing with donated PCs. Now, is it me, or does that sounds like MS are getting money twice?
If the PC had stayed a closed IBM machine, it would never have been more than a niche product as, like Apple, IBM would never have cut their costs. Far better selling to those who can pay (enterprise) than dealing with low margin consumers. This may have been no bad thing - Apple would have benefitted, and no doubt other vendors would have been forced to compete by offering their own business computers rather than cutting the R&D budget and going clone.
All that said, I think a CONSIDERABLE about of IBMs pain was caused by the decline of mainframe sales during the same period, and the matching rise of Unix. I came into IT during the period were migrating off System/36 and VAX (or more accurately VMS) - and most of it's rivals in the mainframe business have gone the same way (a situation we can now see repeating itself in the server sector - the number of customers needing high power over large clusters is a decreasing percentage of the overall business).