I think he was referring to the key when he said "cert."
What I did was presume it understood that if a machine hosting a keyring was sufficiantly compromised getting the keyring passphrase was probably trivial. Shame on me for presuming so much of/. readers. "Cert" comes from too much SSL in my recent past when thinking of how one typically ends up manipulating public and/or private keys. Shame on me for sloppy terms.
The actual lines of code and the method by which they got there were far too clever for either Microsoft or SCO
It was a subtle change but I think it would have been caught if it had been submitted to Linus. He does review code and often catches mistakes. In this case assignment was used in a condition. To good C programmers this is bad taste. I noticed that right off and I haven't written a line of C in about 6 years. Linus isn't just a good C programmer. After half a decade of watching him catch stuff like this in just his public LKML messages, I'm convinced he would have seen this if he were reading braille hardcopy of it from across the room while drunk.
Yeah it's really easy to sign code when you don't have the key.
If a developers machine is compromised (as I imagined in my post) getting the passphrase is trivial. How many different ways can you imagine discovering the keyring passphrase on a machine you have the ability to discretely administer?
Just off the top of my head (and no astronomical exponents required): Man-in-the-middle the keyring editor Scarf it from memory Monitor keystrokes
Harder than breaking into the BK server, anyway.
No one broke into a BK server. The BK content is routinely exported to a CVS server so that free software zealots have something to pull from that doesn't involve using BK. The backdoor was done directly on that CVS export (probably by compromising CVS pserver) in the hope that someone who actually uses the CVS server would pick it up and submit the altered file as a patch into the BK tree. Several more things would have had to occur for the backdoor to have "worked": some developer would have had to pick up the altered file, submit that file to Linus, have Linus (and ultimately everyone else) miss the backdoor and commit the change to BK (not easy because, as in the case of the backdoor, using the assignment operator in a condition: if (foo = 0)... is a huge red flag to good C programmer,) and then go unnoticed for enough time that hosts in-the-wild ended up running it. A long shot, to say the least.
How would a web of trust help? Odds are the backdoor was introduced by compromising some developers machine. If that is the case then whatever cert would be needed to sign a patch would probably also be compromised.
All signatures would do is raise the bar a tiny bit and provide a false sense of security. Whoever pulled this off wouldn't be hindered in the least if the bar had been a little higher. At best you would be able to point a finger at the developer responsible for the cert, but why would the perpetrator care about that?
There is no magic bullet for this kind of thing. It's Open Source and the operative word is "open." Only because it's open was this caught. Closed source is even worse.
Why do people think environmentalists would be biased, anyway?
Because environmental activists (note: I am deeply aware of the distinction between an "environmentalist" and an "environmental activist") travel in the same circles as the anti-capitalist, anti-gun, anti-western(policy,medicine,science,what-have-you ), anti-religion, anti-meat, anti-male, anti-hetrosexual, Blame America First zealots. They pull elements from each of these, the Environment not least, and use them to form a complete quasi-religious world view.
Go attend a protest event sometime. I have. You'll see all of this lined up on tables and sold on tee-shirts, all in one convenient outlet. This is true regardless of which aspect is being protested. It's one wholelistic belief system.
Matters of Environment have been entirely subsumed by politics. There are no unbiased sources beyond your own perceptions. For every argument you can find an equally credible and opposite counter. You're left to count heads which amounts to measuring what's most trendy at the moment. Grant money from inherently collectivist government bodies has a lot to do with that.
Perhaps you question is genuine. You really don't know why environmentalists are often suspected of bias. Then again, perhaps not. For the former case I can only conclude that you are naive beyond my ability to fathom. In the latter case you're a liar.
As for me; It's gotten warmer. I've been around long enough to remember hard winters. I haven't seen one in a long time. I can't deny that and I wouldn't try. I also have seen no evidence extraordinary enough to convince me that humans have had thing #1 to do with it and, furthermore, no evidence at all to convince me that it's bad. As for the argument that it's better to be safe than sorry, you'll have to do a much better job explaining exactly what you mean by safe.
I don't understand this. If the vendor puts out buggy Windows drivers why would their native Linux drivers be any better? Why would it matter whether it's an NDIS driver or something native to Linux? I presume you're a grown-up and it has occurred to you that contemporary hardware vendors will not generally provide sufficient technical information for Open Source developers to do better (but that's just me trying to give you the benefit of the doubt and I could be wrong.) There are, therefore, only two choices; emulate or do without.
NDIS is a de facto standard for network devices that has been around since the 80's. It astonishes me that using NDIS drivers in non-windows systems is a new idea. I personally could care less if there needs to be an adapter layer between the kernel and the driver. Drivers are grunt work with low value-add. Solving the driver mess is one major hurdle jumped to making Linux et al a realistic alternative to Windows.
If these Linuxant people want to resell their work more power to them. I'd pay for an adapter that would let me use DirectX drivers on Linux too. Eventually it would all get bundled into Linux distributions and cost me next to nothing anyhow. I want the latest hardware, working, today.
NAT is a quick and dirty hack that has to be updated for newer, complex protocols
That NAT is a dirty hack it true. That it is being updated for newer protocols is very wrong. Individual vendors support some subset of legacy protocols to various degrees. This cannot be generalized, so the market is doing the opposite: The protocols are being changed to live with NAT, not the other way around. FTP is now largely "passive". SOAP is how RPC is done through contemporary NAT firewalls, all existing RPC protocols be damned. IPSEC now has NAT-T.
it wasn't until fairly recently that NAT would actually deal decently with FTP, but it requires mangling the packets.
Or just upgrade all the FTP servers and clients to do Passive FTP, or obsolete FTP for SFTP, or obsolete FTP altogether and just use HTTP for everything... All of this is happening.
In the end, the only truly STABLE method for addressing is just to have real IP addresses.
In the end, the only way legacy protocols can be truly stable is just to have real IP addresses. Don't underestimate our ability to simply stop using protocols that give headaches. All newer protocols are being designed, for better or worse, with the ugly of NAT and packet filter firewalls in mind.
NATs just add points of failure and complexity in diagnosis.
NAT also adds a fail-safe security barrier. NAT bends over backwards to avoid the need to "cut-over" to a new network paradigm. NAT works today.
Disclaimer: I hate NAT and I don't need a lecture on why it's bad. I have a deep appreciation for this already, thanks.
The need for IPv6 is _not_ shortage of IPv4 addresses, but you find it in the extra features in IPv6 (Build-in security, Automated addressing, etc).
Disclaimer: First, understand, I'd like to agree with this. IPv6 is a good thing.
However, the IPv6 motivations you mention are incorrect. IPv6 does provide the things you mention, but these are not sufficient to cause a migration and do not constitute a "need."
Security; Adhoc VPN is providing this in IPv4. It's messy and complex, but it works within limits. IPv4 was not designed with this in mind and the hacks that appear as a result are deeply wrong, but it works.
Autoconfig; DHCP is providing this to a large degree already. It is working "in the wild" right now in both fixed installations and more recent wireless environments. Again, it's messy and imperfect, but it's working.
NAT is being extended to multiple levels through routing domains (my phone has a RFC1918 address and I wouldn't be surprised if some cable/DSL ISPs aren't distributing them too. A major issue for corporate WANs is making sure RFC1918 subnets don't overlap.) Protocols that don't play well with public IPv4 and NAT are being implicitly deprecated (consider SOAP running an entire RPC stack through HTTP ports and TCP/IP.) Obscene hacks necessary to overcome NAT are being created (IPSEC NAT-T.) How long will it be before ISPs set up tiers where you're only cost effective choice for small enterprise is a single public IP on a NAT gateway because a classless/28 public subnet is 5x more money?
IPv6 will happen only when the pain of the transition approaches zero. Until then IPv4 will persist regardless of how painful it is. People will deal with figuring out how to run multiple virtual hosts through a single address to a NATed DMZ before they read page 1 about IPv6.
When every OS and device supports it out of the box and the base of administrators are finally no longer mystified, it will occur. This will take a long time. I doubt IPv6 will be ubiquitous in the next 8-10 years. IPv6 proponents must continue to focus on vendor support and educating administrators. There is no magic bullet.
For Christ's sake, your configuration screen for the clock has what, four separate tabs? It's just a fucking clock!
Just a fucking clock? Clocks are complicated things. Not everyone lives in your time zone, follows your conventions on time (24 hour vs. 12 hour,) cares to see the date as well (or not.) Clocks often have alarms attached to them. Clocks are supposed to be accurate, requiring some method to set them, or even automate the setting of them. Useful clocks also include the notion of "date."
That it only requires four tabs to get all this right is good. I personally live in a complex world where I must deal with people in Europe and Asia, and their various schedules. I need good time tools. Maybe your world is a nice, simple world of Quake servers and MP3 hoarding, but that's just you. Enjoy your hobbies while I keep the lights on and please try not to bitch when you glimpse a little bit of the complexity that is the real world, and it's various clocks...
yeah, maybe this is flamebait, but mostly I'm tired of bad non-osx file dialogues.
Don't worry, you're not alone. Truth is I was astonished to see that "file open" dialogs are worthy of screen shots. Microsoft had this figured out back in w2k, and OS/X is even better. GTK is right about where win3.x was 10 odd years ago. What is the problem here?
There is no final word in the boutique PDA market until you see one for sale. Whether or not it *will* be available in the US is a complete unknown, and I don't care what some V.P. of Product Development for the Left Side of the Western Hemisphere (on Tuesdays and Thursdays) says about it.
Someone figures out how to get around the price-fixing that goes on between the anointed authors, publishers, distributors and schools for educrat mandated books, and someone else claims this is a triumph over capitalism...
Anymore I'm looking forward to a big, planet wrecking space rock. This fucking species is without hope.
I think X is like Unix : it was inadequate and bloated but computers have caught up with their demands, in terms of power and disk capacity.
Cycles and platters can't solve this problem, because the resource that is being wasted isn't bits or bandwidth, it's "mindshare".
Nearly everything worthy comes from a small number of minds, sometimes only one. In the case of "unix", at some point the world managed to focus on a unified POSIX platform and a uniform set of conventions. We stopped wasting mindshare and Unix grew up, to the point where unencumbered implementations appeared out of thin air.
Meanwhile, X is busy proliferating toolkits and APIs to hell and gone. The genius of the few is spread out all over the map trying to figure out how to make widgets work in n different ways using n different languages. Most of it never gets past early beta.
So you start four different programs in your X environment and you hoist an equal number of entirely unique toolkits into RAM. Taken as a whole, it's slow, buggy and half baked.
Really? How so? for every 1 X user you have a couple hundred GDI users. Have you noticed that OS X isn't using X? No, instead Apple invented a GUI system from the ground up, and it paid off too. X hasn't found it's way into PDAs either. My Zaurus is using Qtopia on a framebuffer. How, exactly, are you defining success?
is that you can use whatever toolkit you want
Once you grow up and discover that one button, checkbox, scrollbar, etc., is just as good as the other, you realize that saying "you can use whatever toolkit you want" is akin to saying "you can use whatever POSIX library you want." You know damn well that in the real world you need a consistent implementation and a standard, even if flawed, API. Windows GDI, for all it's flaws, has remained consistent.
That's one of the reasons Windows has been "so successful".
As for the other complaints -- all these apps are static not because of issues with support for a single widget set, but because Linux inherently doesn't have a standard set of binaries in every distribution.
Yeah. I know. That was my point... Static apps burning RAM because there is no standard, de facto or otherwise.
This approach has plusses and minuses, but the issue is with Linux as a whole --X does not play any kind of special role.
Minuses: Massive bloat, causing poor performance and wasted RAM Abject inconsistency between toolkits Buggy, obsolete toolkits that never die Mind share wasted among n different half baked GUI APIs
Plusses:
?
I use xpdf instead
Ah yes, Athena widgets... Yet another entire collection of obsolete, poorly implemented widgets that must be hoisted into RAM.
Problem: X uses lots of memory. Answer: No, it doesn't.
Technically you are correct, but the empirical results I see tell me that this is incomplete. X has no "standard" GUI libraries. This leads to very poor memory usage by applications. I can clearly remember seeing Netscape 4.x consume 60M or more of memory after a few simple pages were rendered. Not surprising; it was compiled static because Netscape's developers didn't care to port to every conceivable GUI library available for *nix. Unfortunately, I don't see how I can fault them.
Consider other applications; - Acrobat reader; static, compiled against some version of Motif. - Wordperfect; static, compounded by the fact that they implement a separate font subsystem. - All KDE applications; at least one separate GUI library required. - All GNOME/GTK applicatons; at least one separate GUI library required. - All Motif applications; two separate GUI libraries required (1.x and 2.x.)...others?
So, if I open Netscape, Acrobat Reader, Wordperfect, a KDE utility of some sort, a GNOME app and a Motif app, I can say I have achieved a reasonably functional desktop environment. I have also loaded into RAM at least SIX completely separate GUI subsystems. Now I see cache thrash wrecking performance, virtual memory gymnastics trying to float all this bloat, and generally poorer performance than the contemporaries.
The worst part is that all this nonsense is worthless. I see no apparent superiority of a GTK button or edit box as compared to Windows GDI controls. KDE scrollbars aren't orders of magnitude better than Motifs...
The assertion of "Y" is that by coupling the server and the GUI libraries you form a defacto standard that apps may be built on and eliminate all this silly redundancy. Could "Y" be successful? I don't know. It's advantages would have to be so universally appealing that it motivates change-over en-mass to use the new "standard" GUI libraries. If that happened I think the payoff would be staggering. I have no faith that can or will ever happen.
X servers, in and of themselves, are memory efficient. They can't help but be; they're mature, refined and performance matters enough that smart folks have done good optimization work. X Windows applicatons have (taken together in a working environment as you would find "in the wild") very poor memory efficiency.
If you run over someone crossing the street and it's your fault for not properly yielding...
The last paragraph of a story on Russell Weller is telling. Russ is the 86 year old guy that smashed 10 people with his land yacht back in July in a farmers market. A lawyer, C. Robert Brooks, sayeth;
"...he doesn't think the case meets the standards for vehicular homicide, which he says is rarely charged in cases when deaths are not the result of driving under the influence of drugs or alcohol. More often than not, he says, "People die in traffic accidents and the drivers are not charged with a crime."
The bottom line is that drivers usually don't get charged when people die in traffic accidents. That means you have to be trying pretty hard to get charged, must less convicted. You need to be a long way off center doing something blatantly criminal. Just not being competent is not sufficient. Feel free to mow folks down because you're not capable of preventing it...
Fact is that if someone accidentally runs a light and kills your wife, husband, sibling or spawn, they're going to walk. The key is to not kill anyone important.
As for the Join- This would depend on the circumstances.
This is another way of saying "write more code".
Please don't be offended; Zodb, and it's lack of a query mechanism, isn't your fault. Let's just not paper over the fact that object stores have no widely used and well understood means of returning results. Each result is the product of some custom code written by a programmer. You must code imperative logic that hunts through the object model, hopefully correctly (which is hard to prove.)
Davis took a big hit with motorists when he jacked up license fees. He's trying to mitigate that damage. You have the recall to thank for that, and anything other pro-motorist acts that mysteriously get signed during the next two weeks. Feel free to fall for it.
I played DAOC excessively for a little more than a year. In that time, several players on my server died for one reason or another. It hurt to discover that someone you encountered in virtual battle, possibly many times, had cast his last spell or ganked his last noob and assumed room temperature.
If the dead has any virtual friends a memorial will get organized. These get announced on various forums and in-game. In the case of DAOC, at almost no other time will you stand among the enemy without being in battle. At these times, however, possibly hundreds of players gather and have good thoughts about the departed. Honor prevails and people behave.
So lets not get too worked up about a little virtual disobedience. There is a lot more than that going on inside MMORPGs. Ironically, one can imagine that the virtual turnout for the dearly departed will nearly always outstrip the real life version by an order of magnitude. Figure that out and you might have something interesting to get worked up about.
"They" can replicate it and have. "They" still can't control the weather. You are confused. "They" need a stiff breeze to create enough lift to fly. No wind no fly.
Wind speed at street level in downtown Chicago has been recorded above 100mph. The air accelerates while moving between the large structures. Spend some time there and you will gain a deep appreciation for the difference between average wind speed over an empty field and a strong gust channeled by half a mile of steel and glass.
Slashdot Mirror
I think he was referring to the key when he said "cert."
/. readers. "Cert" comes from too much SSL in my recent past when thinking of how one typically ends up manipulating public and/or private keys. Shame on me for sloppy terms.
What I did was presume it understood that if a machine hosting a keyring was sufficiantly compromised getting the keyring passphrase was probably trivial. Shame on me for presuming so much of
The actual lines of code and the method by which they got there were far too clever for either Microsoft or SCO
It was a subtle change but I think it would have been caught if it had been submitted to Linus. He does review code and often catches mistakes. In this case assignment was used in a condition. To good C programmers this is bad taste. I noticed that right off and I haven't written a line of C in about 6 years. Linus isn't just a good C programmer. After half a decade of watching him catch stuff like this in just his public LKML messages, I'm convinced he would have seen this if he were reading braille hardcopy of it from across the room while drunk.
Yeah it's really easy to sign code when you don't have the key.
... is a huge red flag to good C programmer,) and then go unnoticed for enough time that hosts in-the-wild ended up running it. A long shot, to say the least.
If a developers machine is compromised (as I imagined in my post) getting the passphrase is trivial. How many different ways can you imagine discovering the keyring passphrase on a machine you have the ability to discretely administer?
Just off the top of my head (and no astronomical exponents required):
Man-in-the-middle the keyring editor
Scarf it from memory
Monitor keystrokes
Harder than breaking into the BK server, anyway.
No one broke into a BK server. The BK content is routinely exported to a CVS server so that free software zealots have something to pull from that doesn't involve using BK. The backdoor was done directly on that CVS export (probably by compromising CVS pserver) in the hope that someone who actually uses the CVS server would pick it up and submit the altered file as a patch into the BK tree. Several more things would have had to occur for the backdoor to have "worked": some developer would have had to pick up the altered file, submit that file to Linus, have Linus (and ultimately everyone else) miss the backdoor and commit the change to BK (not easy because, as in the case of the backdoor, using the assignment operator in a condition: if (foo = 0)
necessary to hunt through the code for a systematic review.
At least we're allowed to if we wish...
How would a web of trust help? Odds are the backdoor was introduced by compromising some developers machine. If that is the case then whatever cert would be needed to sign a patch would probably also be compromised.
All signatures would do is raise the bar a tiny bit and provide a false sense of security. Whoever pulled this off wouldn't be hindered in the least if the bar had been a little higher. At best you would be able to point a finger at the developer responsible for the cert, but why would the perpetrator care about that?
There is no magic bullet for this kind of thing. It's Open Source and the operative word is "open." Only because it's open was this caught. Closed source is even worse.
I am slightly concerned about work published in a journal with an agenda
As opposed to what? Work funded by government grants and published by academia? Pure as the wind driven snow...
Why do people think environmentalists would be biased, anyway?
u ), anti-religion, anti-meat, anti-male, anti-hetrosexual, Blame America First zealots. They pull elements from each of these, the Environment not least, and use them to form a complete quasi-religious world view.
Because environmental activists (note: I am deeply aware of the distinction between an "environmentalist" and an "environmental activist") travel in the same circles as the anti-capitalist, anti-gun, anti-western(policy,medicine,science,what-have-yo
Go attend a protest event sometime. I have. You'll see all of this lined up on tables and sold on tee-shirts, all in one convenient outlet. This is true regardless of which aspect is being protested. It's one wholelistic belief system.
Matters of Environment have been entirely subsumed by politics. There are no unbiased sources beyond your own perceptions. For every argument you can find an equally credible and opposite counter. You're left to count heads which amounts to measuring what's most trendy at the moment. Grant money from inherently collectivist government bodies has a lot to do with that.
Perhaps you question is genuine. You really don't know why environmentalists are often suspected of bias. Then again, perhaps not. For the former case I can only conclude that you are naive beyond my ability to fathom. In the latter case you're a liar.
As for me; It's gotten warmer. I've been around long enough to remember hard winters. I haven't seen one in a long time. I can't deny that and I wouldn't try. I also have seen no evidence extraordinary enough to convince me that humans have had thing #1 to do with it and, furthermore, no evidence at all to convince me that it's bad. As for the argument that it's better to be safe than sorry, you'll have to do a much better job explaining exactly what you mean by safe.
now linux too can have buggy drivers!
I don't understand this. If the vendor puts out buggy Windows drivers why would their native Linux drivers be any better? Why would it matter whether it's an NDIS driver or something native to Linux? I presume you're a grown-up and it has occurred to you that contemporary hardware vendors will not generally provide sufficient technical information for Open Source developers to do better (but that's just me trying to give you the benefit of the doubt and I could be wrong.) There are, therefore, only two choices; emulate or do without.
NDIS is a de facto standard for network devices that has been around since the 80's. It astonishes me that using NDIS drivers in non-windows systems is a new idea. I personally could care less if there needs to be an adapter layer between the kernel and the driver. Drivers are grunt work with low value-add. Solving the driver mess is one major hurdle jumped to making Linux et al a realistic alternative to Windows.
If these Linuxant people want to resell their work more power to them. I'd pay for an adapter that would let me use DirectX drivers on Linux too. Eventually it would all get bundled into Linux distributions and cost me next to nothing anyhow. I want the latest hardware, working, today.
NAT is a quick and dirty hack that has to be updated for newer, complex protocols
That NAT is a dirty hack it true. That it is being updated for newer protocols is very wrong. Individual vendors support some subset of legacy protocols to various degrees. This cannot be generalized, so the market is doing the opposite:
The protocols are being changed to live with NAT, not the other way around. FTP is now largely "passive". SOAP is how RPC is done through contemporary NAT firewalls, all existing RPC protocols be damned. IPSEC now has NAT-T.
it wasn't until fairly recently that NAT would actually deal decently with FTP, but it requires mangling the packets.
Or just upgrade all the FTP servers and clients to do Passive FTP, or obsolete FTP for SFTP, or obsolete FTP altogether and just use HTTP for everything... All of this is happening.
In the end, the only truly STABLE method for addressing is just to have real IP addresses.
In the end, the only way legacy protocols can be truly stable is just to have real IP addresses. Don't underestimate our ability to simply stop using protocols that give headaches. All newer protocols are being designed, for better or worse, with the ugly of NAT and packet filter firewalls in mind.
NATs just add points of failure and complexity in diagnosis.
NAT also adds a fail-safe security barrier. NAT bends over backwards to avoid the need to "cut-over" to a new network paradigm. NAT works today.
Disclaimer: I hate NAT and I don't need a lecture on why it's bad. I have a deep appreciation for this already, thanks.
The need for IPv6 is _not_ shortage of IPv4 addresses, but you find it in the extra features in IPv6 (Build-in security, Automated addressing, etc).
/28 public subnet is 5x more money?
Disclaimer: First, understand, I'd like to agree with this. IPv6 is a good thing.
However, the IPv6 motivations you mention are incorrect. IPv6 does provide the things you mention, but these are not sufficient to cause a migration and do not constitute a "need."
Security; Adhoc VPN is providing this in IPv4. It's messy and complex, but it works within limits. IPv4 was not designed with this in mind and the hacks that appear as a result are deeply wrong, but it works.
Autoconfig; DHCP is providing this to a large degree already. It is working "in the wild" right now in both fixed installations and more recent wireless environments. Again, it's messy and imperfect, but it's working.
NAT is being extended to multiple levels through routing domains (my phone has a RFC1918 address and I wouldn't be surprised if some cable/DSL ISPs aren't distributing them too. A major issue for corporate WANs is making sure RFC1918 subnets don't overlap.) Protocols that don't play well with public IPv4 and NAT are being implicitly deprecated (consider SOAP running an entire RPC stack through HTTP ports and TCP/IP.) Obscene hacks necessary to overcome NAT are being created (IPSEC NAT-T.) How long will it be before ISPs set up tiers where you're only cost effective choice for small enterprise is a single public IP on a NAT gateway because a classless
IPv6 will happen only when the pain of the transition approaches zero. Until then IPv4 will persist regardless of how painful it is. People will deal with figuring out how to run multiple virtual hosts through a single address to a NATed DMZ before they read page 1 about IPv6.
When every OS and device supports it out of the box and the base of administrators are finally no longer mystified, it will occur. This will take a long time. I doubt IPv6 will be ubiquitous in the next 8-10 years. IPv6 proponents must continue to focus on vendor support and educating administrators. There is no magic bullet.
For Christ's sake, your configuration screen for the clock has what, four separate tabs? It's just a fucking clock!
Just a fucking clock? Clocks are complicated things. Not everyone lives in your time zone, follows your conventions on time (24 hour vs. 12 hour,) cares to see the date as well (or not.) Clocks often have alarms attached to them. Clocks are supposed to be accurate, requiring some method to set them, or even automate the setting of them. Useful clocks also include the notion of "date."
That it only requires four tabs to get all this right is good. I personally live in a complex world where I must deal with people in Europe and Asia, and their various schedules. I need good time tools. Maybe your world is a nice, simple world of Quake servers and MP3 hoarding, but that's just you. Enjoy your hobbies while I keep the lights on and please try not to bitch when you glimpse a little bit of the complexity that is the real world, and it's various clocks...
Thanks.
yeah, maybe this is flamebait, but mostly I'm tired of bad non-osx file dialogues.
Don't worry, you're not alone. Truth is I was astonished to see that "file open" dialogs are worthy of screen shots. Microsoft had this figured out back in w2k, and OS/X is even better. GTK is right about where win3.x was 10 odd years ago. What is the problem here?
There is no final word in the boutique PDA market until you see one for sale. Whether or not it *will* be available in the US is a complete unknown, and I don't care what some V.P. of Product Development for the Left Side of the Western Hemisphere (on Tuesdays and Thursdays) says about it.
Someone figures out how to get around the price-fixing that goes on between the anointed authors, publishers, distributors and schools for educrat mandated books, and someone else claims this is a triumph over capitalism...
Anymore I'm looking forward to a big, planet wrecking space rock. This fucking species is without hope.
I think X is like Unix : it was inadequate and bloated but computers have caught up with their demands, in terms of power and disk capacity.
Cycles and platters can't solve this problem, because the resource that is being wasted isn't bits or bandwidth, it's "mindshare".
Nearly everything worthy comes from a small number of minds, sometimes only one. In the case of "unix", at some point the world managed to focus on a unified POSIX platform and a uniform set of conventions. We stopped wasting mindshare and Unix grew up, to the point where unencumbered implementations appeared out of thin air.
Meanwhile, X is busy proliferating toolkits and APIs to hell and gone. The genius of the few is spread out all over the map trying to figure out how to make widgets work in n different ways using n different languages. Most of it never gets past early beta.
So you start four different programs in your X environment and you hoist an equal number of entirely unique toolkits into RAM. Taken as a whole, it's slow, buggy and half baked.
but one of the reasons that X is so successful
?
Really? How so? for every 1 X user you have a couple hundred GDI users. Have you noticed that OS X isn't using X? No, instead Apple invented a GUI system from the ground up, and it paid off too. X hasn't found it's way into PDAs either. My Zaurus is using Qtopia on a framebuffer. How, exactly, are you defining success?
is that you can use whatever toolkit you want
Once you grow up and discover that one button, checkbox, scrollbar, etc., is just as good as the other, you realize that saying "you can use whatever toolkit you want" is akin to saying "you can use whatever POSIX library you want." You know damn well that in the real world you need a consistent implementation and a standard, even if flawed, API. Windows GDI, for all it's flaws, has remained consistent.
That's one of the reasons Windows has been "so successful".
As for the other complaints -- all these apps are static not because of issues with support for a single widget set, but because Linux inherently doesn't have a standard set of binaries in every distribution.
Yeah. I know. That was my point... Static apps burning RAM because there is no standard, de facto or otherwise.
This approach has plusses and minuses, but the issue is with Linux as a whole --X does not play any kind of special role.
Minuses:
Massive bloat, causing poor performance and wasted RAM
Abject inconsistency between toolkits
Buggy, obsolete toolkits that never die
Mind share wasted among n different half baked GUI APIs
Plusses:
?
I use xpdf instead
Ah yes, Athena widgets... Yet another entire collection of obsolete, poorly implemented widgets that must be hoisted into RAM.
Good god what freaking mess.
Problem: X uses lots of memory.
...others?
Answer: No, it doesn't.
Technically you are correct, but the empirical results I see tell me that this is incomplete. X has no "standard" GUI libraries. This leads to very poor memory usage by applications. I can clearly remember seeing Netscape 4.x consume 60M or more of memory after a few simple pages were rendered. Not surprising; it was compiled static because Netscape's developers didn't care to port to every conceivable GUI library available for *nix. Unfortunately, I don't see how I can fault them.
Consider other applications;
- Acrobat reader; static, compiled against some version of Motif.
- Wordperfect; static, compounded by the fact that they implement a separate font subsystem.
- All KDE applications; at least one separate GUI library required.
- All GNOME/GTK applicatons; at least one separate GUI library required.
- All Motif applications; two separate GUI libraries required (1.x and 2.x.)
So, if I open Netscape, Acrobat Reader, Wordperfect, a KDE utility of some sort, a GNOME app and a Motif app, I can say I have achieved a reasonably functional desktop environment. I have also loaded into RAM at least SIX completely separate GUI subsystems. Now I see cache thrash wrecking performance, virtual memory gymnastics trying to float all this bloat, and generally poorer performance than the contemporaries.
The worst part is that all this nonsense is worthless. I see no apparent superiority of a GTK button or edit box as compared to Windows GDI controls. KDE scrollbars aren't orders of magnitude better than Motifs...
The assertion of "Y" is that by coupling the server and the GUI libraries you form a defacto standard that apps may be built on and eliminate all this silly redundancy. Could "Y" be successful? I don't know. It's advantages would have to be so universally appealing that it motivates change-over en-mass to use the new "standard" GUI libraries. If that happened I think the payoff would be staggering. I have no faith that can or will ever happen.
X servers, in and of themselves, are memory efficient. They can't help but be; they're mature, refined and performance matters enough that smart folks have done good optimization work. X Windows applicatons have (taken together in a working environment as you would find "in the wild") very poor memory efficiency.
If you run over someone crossing the street and it's your fault for not properly yielding...
The last paragraph of a story on Russell Weller is telling. Russ is the 86 year old guy that smashed 10 people with his land yacht back in July in a farmers market. A lawyer, C. Robert Brooks, sayeth;
"...he doesn't think the case meets the standards for vehicular homicide, which he says is rarely charged in cases when deaths are not the result of driving under the influence of drugs or alcohol. More often than not, he says, "People die in traffic accidents and the drivers are not charged with a crime."
The bottom line is that drivers usually don't get charged when people die in traffic accidents. That means you have to be trying pretty hard to get charged, must less convicted. You need to be a long way off center doing something blatantly criminal. Just not being competent is not sufficient. Feel free to mow folks down because you're not capable of preventing it...
Fact is that if someone accidentally runs a light and kills your wife, husband, sibling or spawn, they're going to walk. The key is to not kill anyone important.
As for the Join- This would depend on the circumstances.
This is another way of saying "write more code".
Please don't be offended; Zodb, and it's lack of a query mechanism, isn't your fault. Let's just not paper over the fact that object stores have no widely used and well understood means of returning results. Each result is the product of some custom code written by a programmer. You must code imperative logic that hunts through the object model, hopefully correctly (which is hard to prove.)
Davis took a big hit with motorists when he jacked up license fees. He's trying to mitigate that damage. You have the recall to thank for that, and anything other pro-motorist acts that mysteriously get signed during the next two weeks. Feel free to fall for it.
oooh! Patching every other day is fun!
Fun?
# apt-get upgrade
# exit
Boring. The way it should be.
I played DAOC excessively for a little more than a year. In that time, several players on my server died for one reason or another. It hurt to discover that someone you encountered in virtual battle, possibly many times, had cast his last spell or ganked his last noob and assumed room temperature.
If the dead has any virtual friends a memorial will get organized. These get announced on various forums and in-game. In the case of DAOC, at almost no other time will you stand among the enemy without being in battle. At these times, however, possibly hundreds of players gather and have good thoughts about the departed. Honor prevails and people behave.
So lets not get too worked up about a little virtual disobedience. There is a lot more than that going on inside MMORPGs. Ironically, one can imagine that the virtual turnout for the dearly departed will nearly always outstrip the real life version by an order of magnitude. Figure that out and you might have something interesting to get worked up about.
"They" can replicate it and have. "They" still can't control the weather. You are confused. "They" need a stiff breeze to create enough lift to fly. No wind no fly.
Wind speed at street level in downtown Chicago has been recorded above 100mph. The air accelerates while moving between the large structures. Spend some time there and you will gain a deep appreciation for the difference between average wind speed over an empty field and a strong gust channeled by half a mile of steel and glass.