I know Plone does and I believe El Reg is running Bricolage.
3338 posts • joined 16 Apr 2007
So the three major free PHP CMSes: Joomla, Drupal, and Wordpress have flaws.
I'd take issue with describing either WordPress or Joomla really as content management systems, despite the fact that they are often used as such.
Security and secure development have never been high on the PHP agenda: ease of use and deployment have traditionally been far more important. Without a culture of security, you'll only get insecure code witness the heap of CVEs related to PHP and systems written in PHP. I'm not saying it's not possible to write good, safe code in PHP but it is harder than in most comparable languages. The recent exploit in Drupal highlighted this because it was down to parameters not being quoted properly. How that kind of code could be accepted by project leaders is beyond me.
The rest of your post is uses the strawman of homemade CMS to justify using the leading crapware. There are lots of CMSes and even ones that take security seriously and run their own pen-testing.
About 10 years ago, Faultline wrote a report on the economics of quad play. We hardly sold any
Given the quality of the research – mainly PR for one company or another – is that any surprise.
Convergence has a been an on-off buzzword for the telecommunications industry since the late 1990s. In the battle for Mannesmman it was was key concept: Mannesmann favoured convergence; Vodafone said the future would be mobile only.
Re: Just a guess
Either that, or a company chasing Microsoft's business.
Re: “As corporates buy apps and devices ...
Who says Microsoft won't play their usual games, and start adding features that are only available on Windows Phone to push people towards their solution?
Well, in the mobile world Microsoft resembles IBM in the OS/2 days: it might make more money from selling Office on Android and IOS than it ever will on Windows Phone. At some point the shareholders might get restless enough to force them to do so.
Where Microsoft will pick up sales is in tablets + docking stations as notebook replacements. Expect the number of "apps" to remain modest, though. It will be largely retooling internal systems for mobile and lots of cloudy, Salesforcey stuff. hm, there's a thought: Microsoft's next acquisition?
Re: It would be good to see their weight thrown in
Then we need a desktop version with GPU
I'm pretty certain we don't need those before the server chips come out. Desktop machines need the OS and all the apps compiled for the architecture, data centres just need a compiler.
For large customers (say Facebook) it might make financial sense to do one-off SoC runs (up to a million units). But, your other point about UEFI and other low-level support is probably the biggest hurdle left for ARM to take. Once that falls then the price advantages of ARM will be very hard to ignore.
Damn, a plausible explanation that isn't a conspiracy theory!
Do No Track is less than a fig leaf, a total waste of time and the mention of it in the article is a red herring. I suspect the dispute with Google was about money and only money.
Google is successful because its search is very, very good.
Re: Humor me here
I just did the same and Windows Update only told me about the July update that I can't install for some reason. However, when I looked at the details the new one was there but just not selected. So, check the details of the available patches.
Re: MS, please help me understand
Thereby, instead of keeping on whining about MS…
No, it's perfectly correct to moan about MS's dreadful track record on this. The issue of liability is also important for software companies: think of the trillions that Microsoft has made over the years by selling shoddy software. Who pays for any lost time / overtime as a result of some of these serial fuck-ups? Will it really take a massive legal case to change fundamental development practices? Will companies start behaving differently if the same recall rights apply to their software as is the case in the car industry?
This doesn't mean the open source community doesn't need to improve either: openssl should make all us shudder and cringe. We need to work together to develop and follow better programming and testing practices. This doesn't mean we'll ever develop bug-free software but we can do a fuck of a lot more to reduce the number of bugs around.
Re: so much for...
That's a pupular misconception Sic.
The misconception could not have anything to do with the PR and marketing spin saying exactly that? Or is your typo in reality a cunning linguistic pun?
Re: This is the castle of my master, Ballmère de Redmonde!
Did Ballmer fart in the general direction of the security team and fetchez la vache onto them and is Nadella resurrecting it?
I get the Monty Python allusion but I just can't make linguistic nor grammatical sense of this
Plus, it's actually Nadella who's done most of the sacking.
Intel's marketing money
But it also refers to the possibility that Nokia would license out the brand to other manufacturers
Looks like they're already doing it. This has generous Intel support written all over it. Must be some kind of bonus for the 1st 10,000 Intel mobile chips
Re: Some People
I just upvoted you but then I realised I didn't know whether there really are such things as porn apps. Does that make me a fuddy-duddy?
Re: Will Nokia be properly supporting the N1 tablet?
Fingers crossed that it is not locked down and a Sailfish install is a breeze
Good luck with that: it's an Intel and the mobile devices traditionally come with secure boot.
How did they manage to sell their industry leading ARM division the year before smart phones caught on?
I suspect that it's because the margins on the x86 kit were so much higher than management (and shareholders) didn't see the point in putting any more resources into it. The history of American companies is littered with those that died because they didn't innovate enough but also with those that innovated too much to the detriment of any money-making business.
It will also draw some scrutiny away from the old Mobile and Communications division …which has been losing both cash and market share, despite the chipmaker's best efforts.
To be honest there have been a number of product launches recently (Hudl, Verizon, Dell, Lenovo, etc.) that might make the numbers look a bit better in the next report, though Intel must be practically giving the chips away. Time will tell whether these attempts to get back into the market at any cost are worth it.
Re: Additional explanation?
Yeah, there's a good deal of correlation not necessarily being causation. Another study a few years back (cited in The Economist) of tribes in Central America correlated foraging with gender: men go further, find new places but are less efficient as a result; women systematically forage the local area (and like in the proverbial supermarket) know where everything is.
Re: Of couser...
"I'm indignant that the contract didn't go to a mega corp along with exclusive media, mineral and tourism rights!"
What does scale mean?
That means it can process 6 million inserts per minute, he said, or 30 million selects per minute.
You can probably get any DB to do that if you know what you're doing. Easiest thing is to disable any checks and don't do transactions.
What some customers want from "cloud" services is that they themselves never have to think about scaling themselves: that even if it's 6 billion ACID inserts a minute the system can handle it. AFAIK only Google's big table will do this if you're prepared to live with the restrictions of the system.
Re: good luck to them
Always wondered why the Oracle compatibilty mode of Postgress was not used more to break the lock-in. Is Postgress performance too slow, because my limited experience suggests it performs very well.
Compatibility mode is only available in the Enterprise DB version and is obviously good enough for many: Enterprise DB costs money but the costs are trivial in comparison with Oracle.
Enterprise DB provides information on comparative performance and my understanding is, that for very large deployments (lots of core) there is still a way to go but there increasing customer base means there are more resources (both in terms of paid developers and code contributions) to make this happen.
Oracle's lock-in is, as is usually the case, little to do with the technology. It's cultural and based around the understanding that managers are more afraid of doing the wrong thing than they are interested in doing the right thing. For "no one every got sacked for buying IBM" read "no one ever got sacked for buying Oracle/SAP/Microsoft…". They have the packages and the eco-systems that meet customer's criteria and a veritable army of consultants and SIs only too happy to reassure managers that nothing can go wrong.
Re: I don'know, wha'd you wanna do tonight?
The genesis of AWS was just that: lots of capacity lying around that was required for a few very busy periods of the year (Thanksgiving, Christmas,…).
Businesses get to choose between operational and capital expenditure and pass the risk onto suppliers like Amazon. But don't worry: their risks are also limited as data centres are usually funded by substantial subsidies.
Re: then touch down seven hours later at about 4pm
I was wondering that myself. And then even more about the schedule: we need El Reg Coordinated Timezones!
RLT – Reg standard lunchtime: 13:00
RTT – Reg standard tea time: 16:00 except on Fridays
RBT – Reg standard booze time: 18:00 except on Fridays when it's 13:00
Irrelevant comment. The ESA is not an organ of the EU.
I never said it was. But when has that ever stopped the swivel-eyed loons? They also fulminate against the ECHR which also isn't part of the EU.
Anyway, you seem to be suffering from an irony deficit. The UK's contribution to the ESA is paltry largely because Maggie decided space research wasn't worth investing in.
The same arguments, of course, can also be heard over the water by UKIP's six-fingered, small government Tea Party cousins: guns are great, research is a waste of time.
I'm waiting for UKIP to stand up and get all shouty, shouty about the waste of taxpayers' money. Just imagine how much better the UKSA's comet mission would be if it didn't have to kowtow to those bureaucratic fools at ESA headquarters!
I'd be surprised if the court sees any case for protection as the use is quite clearly in the interest of a fair, free and open market: the data is already publicly available and the price comparison site is not presenting it as its own.
Another question would be the right for the site to charge a commission because Ryanair does have the right to choose intermediaries.
Re: BORING IS GOOD!!!
Emotional appeal can be had at the porn movies.
Really? Is this your mac by any chance? ;-)
Our partner friend reckoned Nadella’s done no harm to the Microsoft business since February 2014…After nearly two years, it's time for Nadella to update his message and channel his inner Ballmer.
I just checked my calendar and I think it's November 2014 which according to my calculations is 9 months.
Everyone knows that Nadella was given the job when Microsoft couldn't recruit a "champion" CEO from outside. Still, sometimes boring CEOs are just what you need. Ballmer was responsible for some spectacularly expensive acquisitions that have yet to pay off: AQuantive, Skype, Nokia's handset business. Minecraft is small change next to those.
The money could be better spent…
…funding research on security. Rather than snooping on its citizens, a free state is better served by devoting resources to securing their individual freedom, and making its own systems more secure and resilient to attack.
The few potential terrorists that are around will be caught using the traditional but boring methods: patience, observation, search and wire-tapping with a warrant.
Unfortunately the Intel chipsets almost always enforce secure boot so rooting is not an option.
So all the software (this is a Django application) they're using is permissvely licensed and they have to stick the GPL 3 on it? Can't see this getting much take up as a result. Still, I guess it's a start.
Peer review = no conditions
Office’s lock on documents had been cracked by open-source and web-based alternatives like Google Docs in 2004, and latterly, LibreOffice in 2011.
Google Docs in 2004?
StarOffice which became OpenOffice which was forked by LibreOffice was around long before Google Docs.
The rest of the article isn't much better.
Have you just re-invented Glade?
XML isn't very good for layout, which is why HTML got CSS.
National roaming can work
If roaming charges are high enough to encourage continued development. This is how O2 in Germany used it while it was building on its network.
Re: OLED is the future (or so they said in 2003)
I think OLED for Apple is wishful thinking.
Re: Serious issue
OLED life is getting better all the time and is now good enough for most of us: we used to have tellies for > 10 years but I suspect that the norm is now about 5 years. You have to be prepared to tweak anything to get the colours okay.
RGB backlights and filters increase the complexity (massively so for 4k) and cost of LCD with the hope that scale will reduce this over time.
OLED scalability is based on the printable dream. If that ever happens then it will overnight become cheaper than LCD. Obviously, at the moment Samsung can't get good yields on large panels and is concentrating on screens for phones and tablets.
It's the usual Faultline guff. What's surprising is that there is any form of intelligence and even the odd coherent sentence in the rest of the article!
Lisp is also noticeable by its absence.
Re: Real Programmers
I think you're missing an adjective in your last clause.
Interesting but no cigar
The analysis of defects is heavily dependent upon the bug tracker and the quality of that is heavily dependent upon the users.
Additional information could be achieved through static code analysis, test coverage and penetration testing where possible. Tests can serve as the formal expression of the contract that code is supposed to implement. I'd wager that there is a significant negative correlation between (unit) test coverage and errors regardless of the language. There might be a correlation between language and test coverage, though this might be less necessary for purely functional programming.
Re: Erlang and more
C and C++ programmers have at least potential to have worked longer with their language than Erlang, TypeScript and Haskell programmers
Erlang and Haskell have both been around for quite a while and are well-established in certain domains. TypeScript is so new that it doesn't really count.
The problem with the tax situation is two-fold:
- race to the bottom
- cross-border tax-avoidance in free trade zones
Tax-breaks alone are generally not worth it as they do not encourage long term investments and, therefore, often cost more than they generate. Companies often leave as soon as the deal runs out or someone makes them a better offer.
To keep companies long-term you need a well-educated workforce with good productivity.
If it was only the tax-breaks in Ireland then it wouldn't be such an issue. But the ability to combine them with other loopholes in other countries in the EU, while perfectly legal, unfairly benefits the corporations. I say unfair but it is usually perfectly legal.
Re: John Who??
PowerPC was definitely the right choice at the time: the better architecture meant that especially the mobile products were significantly better than their Intel counterparts. It was only later with Motorola struggling that problems occurred - IBM wasn't interested or equipped for the volume. And, of course, it was things like Altivec in the PowerPC that made Intel raise its game. Just like AMD's 64-bit extensions instead of Itanium inside.
Your camel is pregnant!
Re: Smartphones are the new featurephones
Production costs may be little different, but development, sales, marketing and distribution should cost a lot less.
Of those only development could really be moved entirely to China (or elsewhere). Hardware development is already moving to China which had produced good engineers. Software development seems more of a problem but is even more fungible.
Not sure about the cost of Apple's new building. I suspect it's tiny compared to that of the share buybacks. But as a one-off expense I don't think it's relevant.
Land in the US is still comparatively cheap and shale oil and gas have made energy cheap. This certainly matters in some industries but less so in software. The access to international capital means that there is always money to pay for people to work in Silicon Valley as opposed to Detroit or Xianjing and good developers are still a scarce commodity.
It's going to take something very special to compete against that. China is, of course, developing its own software power houses such as AliBaba, Baidu and TenCent but it will need further opening of markets and travel to become a more attractive place to work in.
As Mr Orlowski cogently argued several years ago: the software has become key. This is why power shifted from Ericsson and Nokia to Apple and Google. Will Xiaomi or Huawei create software development departments good enough to build their own Android or IOS? Google is obviously increasingly worried about this which is why it's putting more stuff into Play Store services and mandating more Google apps be installed on devices. This may be a prelude to starving AOSP as a platform in order, say, to prevent Xiaomi partnering with Baidu in international phones.
I don't know how things will turn out. We've seen HTC, Asus and Samsung pour resources into software development with somewhat mixed results.
Smartphones are the new featurephones
A couple of thoughts strike me about the article.
- A phone is a commodity. Welcome to 2007. Companies were making money then, they will now have to learn how to do it again
- Some people will pay more for certain kinds of hardware: huge screen, screen types and resolutions, SD-card, waterproof, battery life, etc.
- Who says the Chinese will do any better? Production is increasingly automated. What advantages do the Chinese have?
- How long can Apple defy gravity? Yes, it makes great products and has fantastic margins but as the recent sales in tablets have shown it's not immune to general trends in the market. And, as the 5c has shown, it sometimes gets things wrong. I'm personally not convinced that the Apple upgrade cycle won't start to look a lot like the Android (extended and increasingly focussed on value). Of course, there is a certain amount of lock-in but that might just encourage people to stick with what they've got.
So, in a nutshell, I don't agree with this black and white analysis.
Headline could be better
Since it affects probably all versions of MacOS X. Hopefully Apple will have a fix in place before January because if this is remotely exploitable I can't see how they can hope to avoid liability when people are exploited. Though I suspect the attack vector will be some kind of payload where a user has to be active.
I really don't like sudo. I usually run a separate shell as root to avoid the hassle. Yes, I know that's no safer I would really prefer being able to run su. Do you get su if you set up an account without admin privileges?
Run VMs for you which can access firewalled sites. With Selenium integration.
Re: Excellent if it happens...
So, having spent quite literally tens of billions for licenses and more to build phone networks with those licenses
I think you'll find that those licences were accounted for in a very tax-efficient way.
Roaming for voice can be done within the existing framework. O2 Germany used it extensively during its buildout. The key is to set the fee high enough to encourage all parties to continue building: networks using roaming should have an incentive to improve their own infrastructure; networks providing roaming should be rewarded for the infrastructure they've built and given incentive to do more. Equilibrium would be reached at some point.
Data, as ever, is a different matter because it can be a much scarcer resource.
While the early adopters will probably have to deal with all the teething troubles, they'll also be the ones most likely to benefit from the change. Germany had an IPv6 plan and has more or less stuck to it.