1740 posts • joined Sunday 19th December 2010 15:08 GMT
Thanks El Reg...
That icon in the preview sure did it for me ;-)
Am I the only one who all of a sudden got the urge to watch Leia in her metal bikini, errhm: I meant to watch Return of the Jedi again ?
TBH I don't think its safe to put too much value at all in any stuff like this since you're always getting one sided stories. I mean; lets not forget that sessions like these also used to tell us how great Windows 8 was (and was going to be) and how the "experts" saw "many companies getting ready to migrate" or "many customers picking up on Win8".
Well, we all know how that turned out in the real world.
My guess is that it will at least support HTML5.
My hosting provider uses KVM and thus provides console access to the VPS using a HTML5 enabled browser. Because it is a Windows server I'm hosting there I figured I might as well use MSIE9. Needless to say; that didn't work too well.
Even so; I'm not so sure I'll be implementing this update myself. For the sporadic use I have for MSIE the current 9 suits me just fine.
We're already there, and its not MS' worst nightmare either...
Check out Windows XP mode. A freely available add-on for users of Windows 7 Professional and up; you basically get Microsoft's virtual PC combined with an ISO image which contains a full version of Windows XP Professional.
I'm using this critter myself and can say it works excellent. My main usage is when I have software which I need to use temporarily; as such I don't want it to "pollute" my Win7 environment. Then I simply install on XP and run it using the virtual environment. Eventually I roll back a snapshot and I have a clean environment again.
The best part is the integration; software inside XP can be propagated in my regular Win7 start menu. So I can start programs seemingly fullscreen as native Win7 applications while they obviously retain their specific XP look and feel. Best of both worlds IMO.
"Virtualisation is THE biggest topic for server OS right now"
Is it really or is that just keen propaganda? Just because many people have found good ways to utilize virtualization doesn't exactly make this "the thing" which is used throughout the entire market.
I think there are more servers out there which are used in-house to perform regular tasks than there are servers which require virtualization capabilities. The main difference is that when talking virtualization you're often talking about bigger thus also more expensive environments. And companies like Microsoft tend to go where the money is...
But that doesn't automatically make it THE overall topic.
"There's that Kool-aid again if you think Windows is the best OS for getting things done. You can get far, far more work done by using Ubuntu or MacOS - they are so much faster."
That heavily depends on what you're doing and how you're doing it. Right now my company is also heavily involved with Windows server maintenance and I can tell from personal experience that although this is easily doable using a Linux desktop (remote desktop connection to a server is no problem) its much quicker when you have a Windows desktop around; preferable one with PowerShell onboard.
Or what about when you actually need to develop Windows related stuff? Maybe you can get Visual Studio to run on Linux using Wine (most likely best in a virtual machine) but I don't think it'll be the most ideal situation. Especially since VS can be quite resource hungry.
As such; it depends. I can well see how anyone would benefit much more from using, say, Ubuntu and LibreOffice instead of Windows 7 & MS Office. But that doesn't make it the de-facto solution for everything. There are just as well plenty of scenario's where Windows can be the better tool for the job.
"This means they don't understand that they need to vastly improve the quality of their operating systems."
I think they do. Just look at, for example, the authorization aspect of Windows XP in comparison to Windows 7. There's a huge difference even though the user only notices this in the form of extra pop-up messages to request permission for changing OS related stuff.
And although MS sure knows how to create and produce horrible software, never underestimate their abilities to improve on it. Its not always for the best (Metro, or take a look at the "improved" user interface of a vanilla installation of Visual Studio 2012) but often they do manage to come up with some good stuff. Windows 7 vs. Vista for example, SharePoint designer vs. FrontPage, Server 2003 vs. Server 2008.
Their main problem, as I see it, is that they still retain their arrogance to think they can dictate how users should approach their products. Visual Studio 2012 is a good example and showed them that they were wrong. After protests from hundreds (if not thousands) of developers they actually had to implement hasty changes to the IDE (most likely out of fear that no one would touch it). Even a hasty "theme editor" was eventually released allowing people to turn the interface back to the way it used to be.
(for those unfamiliar with this: initially they removed all colour from the interface and basically turned it into a bright whitish full-screen window which didn't have any variation between the coding window and the control sections around it whereas VS2010 used to be somewhat dark-blue on the edges with a white coding window).
It doesn't matter who's right anymore
All this bickering does is lower the credibility of Tesla dramatically. People haven't forgotten their (lost!) lawsuit against the BBC (Top Gear). And those same people are very likely reading all this thinking "here they go again...".
Its a given that companies who produce a product aren't very keen on bad reviews. You see this happening a lot in the gaming market where some companies actually push out some extra bucks in order to get positive reviews. This was already the case in the C64 era (games magazine covering $new_game and being very positive about it while also featuring 2 full-page ads for that same game. Yeah right....) and it still holds true today.
But the last you should do is start a public fight. As this article well indicates; the people are left in the dark about who's right (they can only speculate), it only costs time and money and in the end won't change a thing. At best you can simply get other media outlets to give this car a trial run.
Maybe Top Gear US would like to have a shot at it? When looking at the massive downvotes those guys got on YouTube I'd say it could be a win-win combination ;-)
Microsoft isn't Apple...
Balmer claims in a rather bizar speech that developers are very important for the company and how they feel the need to make it as easy as possible for developers to step in. I agree about the importance and quite frankly I think they're doing a good job with on the desktop segments; I've mentioned this several times before; you can pick up Visual Studio 2012 Express free of charge and you can even use it for commercial usage. If you don't like the COOL NEW MENU INTERFACE you can even still download VS 2012 Express. All free and in comparison to their commercial counterparts also very feature rich.
I think you shouldn't underestimate what this can do for a platform. Sure; some people will never touch "the evil Microsoft" but others might be persuaded. Either for hobby, small business who knows... Its for a very good reason that we can now download compilers and such for free while we used to pay dearly for them (from Sun to Microsoft).
However, when it comes to their mobile division then this changes drastically. You can pick up the SDK for free, you can mess around in the emulator all you want but when it comes to messing with your own phone then things become different; you need to cough up $99,-/year before you can unlock yours to access it from within Visual Studio. Just like the market leader Apple does...
But Microsoft needs to realize that they aren't Apple; instead they're still a nobody on this platform. You won't convince techies that programming for your mobile platform is fun by merely giving them a free emulator. Heck; I think one of the key elements to Androids success is because anyone can program for it. You pick up the phone, you unlock it and you're good to go.
If Microsoft were smart they'd have chosen an in-between model: allow home developers to obtain a developer unlock for a price which only covers administration costs. I dunno; $10 - $25 / year? That way you'll maintain some control while also making it much more appealing to give the platform a trial run. Also: because you're not "opening the floodgates" you're still maintaining some sort of "business like" status too ("We're carefully monitoring who can access our platform all for security benefits").
Either you want developers or you want to earn a quick buck; in this day and era you can't have it both ways... Not when you're a nobody that is.
Stuff like this always reminds me of the very first laserprinter I bought: an awesome HP Laserjet 2100m. The m was important (to me) since that indicated postscript functionality; as such much better Linux support.
But the really awesome part was that HP used to have a section on their site devoted to this printer where you could find instructions on how to take the thing /completely/ apart to service it. And in full detail too; from what you should look out for when touching the toner right down to how you could use very fine sandpaper to (carefully!) roughen up the main roll should your paper no longer stick.
Of course this was last century; in the good ole days where you could find much more "geek" stuff online. Nowadays HP would do everything in their power to hide this information from you best as they can. IMO a change for the worst.
Money, money, money....
What I completely fail to understand is how Oracle manages to come to these conclusions even though Java is basically an open source project, you can see so for yourself at its Java.net download page.
When you grab it you'll immediately notice that you don't have to comply with any license or agreement before getting your hands on the code. And when you finally got the tarball and check its contents you'll notice the main license being the GPL. Now, I know GPL doesn't involve itself with copyrights, those will always remain with the original author, but just how far can you take that?
When I take a GPL project I can fork it; which means so much as using all the code one on one and adding my own code to it. How would copyright come into play there? Sure; the original author has a copyright on his code; but that doesn't mean I can't use it or even sell it.
Another thing... Oracle claims to know all that much about their licenses but it also seems they totally ignore whatever doesn't interest them. When you check Java SE's download page you'll notice a link to the Java Research License.
"Sun is supporting the JRL for most Java technologies it releases through the Java Community Process as well as research projects surrounding this code. "
"...Sun requires a click-through license. "
"While not every Sun Java technology has been released under the JRL, many have. Please contact JRLFeedback@sun.com if you have any questions. "
"10. Am I required to purchase a support contract from Sun under this license? "
Not only does that license date from the Sun days, it would also appear as if Oracle never bothered to change or update it, which seems strange. And although this license does state that "COMMERCIAL USE AND DISTRIBUTION OF TECHNOLOGY AND MODIFICATIONS IS PERMITTED ONLY UNDER A SUN COMMERCIAL LICENSE." this is obviously superseded by the inclusion of the GPL in the actual sourcecode tarball.
So quite frankly I can't help think that its kinda obvious that this seems very much like a wild goose chase.
That's no "power user"
I've been using my WinPhone for almost one year now and quite frankly I don't quite agree that the blogwriter is "on the money". In fact; if you call yourself a "hardcore user" and eventually give up with the installation of your previous apps. because its too tedious then you're basically showing your own ignorance.
I'd expect any "power user" who (I quote): "Yep, that wouldn’t be me - as a “hardcore” smartphone users – I need all the new apps, new features, timely updates, good support and the list goes on."
I'm by -far- a power user, merely a casual business / techfreak user yet even I managed to come across ReInstaller. A free app which does just that: re-install everything in your purchased list. Its also not that hard to find: simply search for "reinstaller" and you'll find it.
A "power user" giving up on a task while there's an app for it ?
And when it comes to his endless list of shortcomings I can't help wonder why he got a WinPhone in the first place. I can understand the desire for a notification centre, I don't agree with it because the live tiles work fine for me, but I can see where he's coming from. However... He claims to be a power user yet gives us: "Fair enough but am I supposed to sit blankly at the screen every second of the day or wait 30 minutes for a tile to be updated or better yet wait for a push notification to come and decide to pick between a sip of coffee or clicking on the notification before it goes to a never to be discovered black hole?".
What black hole? That's totally bogus; the notifications only disappear when you activated 'm. When I see "5" on my e-mail tile I know there are 5 unread messages. When I click it the 5 disappears. Which by itself is something which annoys some real power users: they want an option to make it so that the 5 only disappears when they actually read (or handled) all 5 new messages.
Well; and quite frankly its about there when I gave up reading on that rant blog. I mean really; VPN is a mandatory feature on a smartphone ? Heck, I wonder if he actually knows that you can adjust the interval in which the phone checks for new e-mail.
Doesn't mean I disagree with his points perse; there are quite a few things which should be fixed on the WP platform. But there is a difference between constructive criticism or a rant which makes some people wonder why you'd got that phone in the first place. Sounds like the "I gave into the hype, bought a phone, now I hate it" kind of thing.
So the whole NYT article is faked but they're still going to provide new chargers to close the gap ?
When someone starts telling a completely bogus story about something I build and I know its bogus; heck I can even prove it with logs and such, then there's no way I'm going to invest hundreds if not thousands of dollars to change stuff. Why should I when if I know that it simply works as it should?
Doesn't quite add up.
Calc is the wrong tool for the job. For formula's you'd really want to grab Microsoft Mathematics (download link) which can easily build and parse formula's. Then you'll get -1.4142135623731 as the answer (minus the square root of 2).
For a super cheesey movie (though I think its kinda funny) check this Youtube video on what Math 4.0 can do for schools. It'll also give you a good impression as to what Math 4 actually is.
SO to help them out with their impressions I fired up Yahoo.com to see what kind of a search engine we're dealing with (which is basically the only aspect that might interest me).
The icon says it all.. First it loads a page filled with content; which also takes its sweet time. And before I can enter anything some flash-like bar sssllloowwwlly appears at the top and urges me to stay with Yahoo. Sure; we're not talking minutes here, but it feels slow and sluggish. I don't care for a ton of news items to lead; during my visit all I care for is a search query.
Google starts clean, the page loads in a second and I can start searching. Bing starts less clean yet IMO non-intrusive since their daily background easily loads, the name already suggests as much, in the background. And for me it somewhat adds to the overall experience too.
If I want news I'll go "news.google.com" or "news.bing.com" (though 'news.msn.com' makes more sense). I'm not going to a search engine to wait for a news page to load.
The fail should be obvious: I was using SeaMonkey which has both AdBlock Plus and NoScript. I can't imagine what kind of stuff I would have gotten without those two.
Too little, too late
First I once again get the feeling Oracle is looking for cheap labour but alas. They should have pushed FX years ago, in the mean time it has become completely redundant on both the desktop as well as the web.
IMO the whole project is a fail. It started off not that bad IMO; the demo's looked good and with only a few lines of code you could indeed make very interesting applications. Of course, as usual, in the beginning there were lots of nice words but hardly a decent editor which supported JavaFX (that was still Sun's doing back then mind you). Eventually Netbeans did support it but it also made one wonder; why would I use this (it was also pushed forward as a solid solution for easy desktop GUI's). Especially since NetBeans had already provided for that with the evergoing impressive 'Project Matisse' aka the Swing GUI builder, even now this sits firm in both NetBeans and the Java runtime.
Mobile? At that time mobile support was pretty much waning; lots of devices didn't support Java ME anymore and basically made room for something else. So all that was left was the web; but that part is covered by EE mostly (lets ignore applets shall we?) which comes with its own dose of limitations. Or put differently: I don't see anyone who wants to push out RIA's to opt with Java at first, its way too cumbersome on so many levels.. Don't forget that the GUI is but one thing, you'll also need to administer and regulate whatever data comes out of said GUI, and then you'll enter the depths of EE again.
Now, I'm not saying EE is bad; as a matter of a fact I kinda like working with it. But I don't think its the best tool for the job when talking RIA's. I'd be more tempted to look into Flash, Silverlight or perhaps get a dose of HTML5.
Its one of those classics too little, too late kind of things IMO.
Sounds quite a bit expensive. Granted; you get 1TB storage and an additional 200Gb for every new team member but something tells me that this isn't as feasible as they make it out to be. Because apart from the storage itself you'll also need ease of access. And while 1TB sounds awesome; are 5 people actually going to manage and use all that ?
$795/year divided by 5 people makes E 159,- per person per year, so approx. E 13,25 per person per month.
For $1,- more per month you could consider Office 365. Not merely storage (25Gb e-mail storage per user) but also an hosted website, online office apps. conferencing tools, options to seemingly store your Office desktop apps there and of course entitlement to Microsoft support.
But Microsoft isn't alone here; Google's enterprise apps. go as low as $ 10/month per user. Also 25Gb e-mail storage yet "only" 5Gb app. storage, so lets raise that to 25Gb as well (for an additional $4/month thus also going onto $14,-/month). Your own e-mail address, video chat, conferencing and document editing (which is also quite good, I speak from personal experience) as well as full support.
So apart from approx. 25Gb storage for your data both company plans also include extra business services and features such as video conferencing, easy office integration and also important: e-mail.
As mentioned earlier; 1Tb sounds awesome. But ask yourself just how much of that amount you're going to use (don't forget upload and possible download limitations) and if its only storage you need?
And that's not even mentioning their somewhat odd reputation, as mentioned by others. In this case I'd say you're better off with either Google or Microsoft.
They desperately need new PR people
Because at this rate they'll soon have burned up all the credibility they may have left.
Going after Top Gear was very bad marketing, going after a website like El Reg is simply pathetic and as said; if they keep this up then it won't even matter any more if they eventually do manage to come up with a brilliant product. Because if the media covers it in a positive manner a lot of readers might wonder: "Are they positive because of the car or because they're being afraid to get sued if they reported otherwise?".
I guess Tesla never heard of the old saying "Don't shoot the messenger".
Basically you can tell the updater to check daily, weekly or monthly and warn you either before downloading or before installing.
Even so; its not the best kind of tool. I mean; every admin knows that there is a difference between applying minor or major version upgrades. Not Oracle; if you have SE6 and allow the updater to have its way you'll get SE7 in no time, even though that can break stuff.
Like they did with the previous patch which automatically removed SE6 from people's systems. Who cares that sometimes programs target a specific runtime directly; the allmighty hOrricle knows what's best for us.
In some cases the government disagrees; they really enjoy being able to keep some taps on some people.
Which I guess basically also proves your point ;-)
And its not only limited to that. Recently the Guardian reported on RIOT (Rapid Information Overlay Technology); a program solely aimed at grabbing information from social media websites in order to provide as much information about a certain person as you'd want.
You can find the original story here. I don't know how liable this whole story is (the movie page gives out a 404) but its still something to think about nonetheless IMO.
I'd turn it around
The greatest homelab is the one which gets you the results you need. And that is usually hardly dependent on the kind of hardware you're using, but more so on how smart you've set everything up.
Can it get any worse?
What's worse than not fixing critical flaws in your environment? Making people believe that you did, only to follow up with the news that you weren't fully done yet. These are the kind of jokes which aren't very well received within the Enterprise (commonly speaking) because usually implementing patches and updates takes quite a bit of preparation to make sure all works as expected.
So I wouldn't be surprised one bit if certain companies were quite on schedule with updating, only to discover that they can now start all over.
Oracle is playing a dangerous game IMO. Java has its strengths, sure, but one of those used to be its reputation of being a safe platform. Then what's left, ease of programming? Even that remains to be seen; although there have been quite some developments on the SE fronts, EE often remains as obscure as ever. Take for example a trivial issue of uploading a file; before EE6 ('servlet 3.0') this wasn't quite possible without the help of external libraries. It was doable without, but ugh... It sure wasn't easy.
This has changed with EE6 (released around 2010 IIRC), but can still be somewhat confusing, check this tutorial example (link to Oracle's Java EE6 tutorial). In short you define an input form, setup an annotation with extra information, write your code to setup an InputStream, FileOutputStream, obviously catch exceptions and you basically program most of it yourself though by far as difficult as it used to be.
Even so; it gets awkward I think when you find out that one of the competitors basically provides a "2 lines of code" kind of solution. Uploading a file in ASP for example is basically using an <asp:FileUpload> part which allows the user to specify the file to upload, then all you need is using its SaveAs method, as can be seen in this example (link to MSDN page with an ASP Fileupload example).
When looking at its API documentation (MSDN link) you'll notice it has been around since .NET 2.0. Which was released around 2005 (according to Wikipedia).
Now, not insinuating that ASP is so great here, though I think it sure has some key strengths, but its feature set is quite rich when compared to Java's Servlet specifications. File upload is one example, how about JaaS for user authentication ?
If Oracle keeps ticking people off with stunts like this then I don't think its all that unlikely that companies may consider a change. It seems that you certainly don't have to rewrite your entire codebase since many aspects are provided out of the box. This example addresses ASP but I'm pretty sure there are more to be found.
Haven't you read the stories regarding the release of the Surface Pro? Microsoft have changed their strategy; there are no bugs any more, only features.
This isn't a fail, its a sign of how extremely popular Azure really is and that everyone is using it. In fact; the outage alone is merely proof that we all should sign up because if it is so popular it has to be good, right? ;-)
Just like the Surface; customers weren't unhappy because Microsoft released too few devices; on the contrary. The device was so immense popular that Microsoft couldn't meet the demand..
A great man, in my opinion, wouldn't completely condemn others for their belief or what they stand for. Which is exactly what the pope has done regarding certain groups. Also the way he dealt with the whole pedophile incident was in my opinion hardly as great as it could have been.
When looking back I'd say that his predecessor has accomplished a whole lot more during his 'reign'.
Its not merely Australia...
When you go to the Microsoft online store you can buy software packages. A version of Visual Studio 2012 Professional here in Holland costs E 615,-. In the US however people pay merely $499,- for a copy.
Its not Australia; its merely the way these companies work.
"It is as big a leap over 2008 R2 as 2008 R2 was over 2003."
Opinions differ of course, but still using 2k3 and 2k8 myself I completely disagree with this. Because 2012 is basically nothing more but a continuance of already existing technology. Just take a look at the official featurelist yourself.
The main difference though is that it uses different jargon; where 2k8 provides Hyper-V 2k12 provides "cloud capabilities". But with everything else, see the official website yourself, you'll notice that its merely extending on the possibilities which 2k8 already has.
Server 2008 introduced PowerShell as well as the server core component for desktop-less installations. THAT was a major change, you're not seriously insinuating that the inclusion of that dinkey toy interface on 2k12 is as revolutionary as PowerShell ?
"Let's take MS Office. An enterprise switches to LibreOffice. Then it doesn't need outlook anymore. So it ditches Office. Then Sharepoint doesn't make sense anymore. So it ditches sharepoint (hell there are far better alternatives that DON'T SUCK DONKEYS BALLS."
Well, in Munich they actually tried this. And although the mayor claimed to have saved E 4 million the project was eventually deemed unsuccessful since the costs turned out to be a whole lot more than planned.
This project got in jeopardy around 2003 and only last year did the mayor proclaim his success. But that still means it has been an ongoing effort for over 9 years already. And in contrast to popular belief this project basically involved a switch to Open Source software on the Office front.
And speaking of which... your ignorance is showing once again; SharePoint does a whole lot more than merely serving Office based solutions.
"You don't have to buy it. It is available freely and called Linux where reboots are rarely required."
Unless of course a new kernel update is being installed. Which seems to happen more and more often as of late on my CentOS 5 & 6 servers.
Word 2013 can also give me a headache by merely looking at an Office presentation on Youtube. I think I'll sit this one out.
"We're nice people as well as business people."
Business people, especially those representing multi-billion companies, are only interested in one simple, single goal: revenue.
They're not nice; they're nice as long as you're wallet isn't empty or as long as they still have other means to make some money by (ab)using you.
Reminds me of that Google Market forum where hundreds of developers complained about not getting their monthly payment and Google not responding to any e-mails. To which this nice company responded by locking down the entire thread and telling everyone that they should write an e-mail.
Companies, by definition, want your money or your efforts to earn money.
We'd better send another sattelite...
So it can photograph the area in high-res from above just before it nukes it from orbit. After all; we all know it's the only way to be sure.
This could be the beginning of the end...
Now, I know I'm not the average (Windows) user because my approach is both private & business use alike. But even so; one of the reasons I ended up on Windows (after having used Linux on the desktop for years (personal use)) was because of the faster upgrade cycle which Ubuntu & Debian had. And although Ubuntu provided their LTS versions which would give you 3 years of continuous updates, the update which followed often turned into a disaster (meaning: you'd end up doing a clean re-install anyway).
Most of all for my business I don't want change to happen every year (or every 3 months or sooner). I want my programs to do what I require of them and when a new version comes out then sure; I'll evaluate to see if it suits my needs and if I like it.
I could live with such a scenario if Microsoft wouldn't have the reputation of both being quite the maintainer (13 years of XP is IMO impressive) but also quite the changer and ruiner (developers don't need colour in icons, that's only distracting; they need several vague forms looking almost the same).
This could be quite dangerous; its the same crap you get on the PS3. When an update arrives which changes quite a bit then sure; you don't /have/ to put up with it. But if you don't you'll automatically lose the option to take the PS3 online and play games with other people. Worse: you also won't be able to go online to use your PS3 like a chatter box (videochat with the PSEye, quite amazing) because the same limitations apply. You simply can't go online, period.
So you'll just have to go along with them because you don't have much of choice.
I don't really look forward to this same model being applied to Windows where you'd also have to pay for it.
"This subscription/yearly update stuff is crap. That's not what consumers want."
That depends on how you apply it. I'd be very happy to start a subscription with Microsoft if that would mean I can continue to use supported versions of Windows 7 & Office 2010 (on my desktop of course) well after their EOL at 2018.
I agree with your comment on Outlook (I use this on a daily basis, go figure) however there's more than that. Its not merely Outlook; its the interoperability between all the Office components which is the big issue IMO. That stuff (VBA) is so extensive that it can be mind boggling (IMO).
I do tech support on a Windows server for a small company. Within certain business hours people can ring me with questions, e-mail is obviously no problem, I do regular maintenance on the server and to top it off the director of said company gets a weekly report from me where I tell him how many phonecalls were received, how many e-mail inquiries were received and a summary on the maintenance on said server. This doesn't effect costs, but the director likes to be kept in the loop (its a small company, but bigger than mine is).
You don't really think I'm typing all of this ? ;-)
I click my Word template, which then checks the current date, contacts Outlook and starts checking the (dedicated) inbox for that company to see how many e-mails there are between that day and seven days back. Phonecalls are monitored by me through Business Contact Manager (free yet invaluable Outlook 2010 extension) and the same applies.
So all that's left to do for me is fill in what I've been doing on the server.
THAT is IMO one of the key assets of MS Office. With a few lines of VBA code you can make it do whatever you want, and it can save you hours and hours of work.
Take a program like OpenSSL on Debian. Pretty high end in my opinion because it's basically the de-facto tool for SSL certificate maintenance and administration on a Linux environment (also runs fine on Windows btw).
And some day a or some Debian package maintainer(s) got it into his head that he knew better than the OpenSSL author and applied changes to the program to make it more, I dunno, Debian like? Only problem was that this patching of his inserted a major exploitable security flaw on each and every key made by this release of OpenSSL. To make matters worse: Debian knows a lot of forks, including an at that time highly popular distribution called Ubuntu.
Well; as a result all keys between January 2006 and May 2008 were affected.
That's 2 years of misery on a program which is heavily used, and not only that; also specifically used for security purposes.
You were saying ?
"How do you (generally) speaking get updates on Linux systems?"
People downvoting you for asking questions, doh.
Others have already explained some of the technical aspects; you get them either through the software repositories of the OS (distribution) itself or you start patching manually (whenever you installed something manually).
But here's another very important aspect: generally speaking you're basically installing a new version, not an update perse. It wouldn't be the first time where a program had some specific changes in the way it worked or behaved. Sometimes for the good, but also sometimes for the worst.
The main problem is basically that a lot of people maintain a lot of products and they all apply their own policies. Sure; to some end the same applies to Windows; you have your core OS and several programs you use on top of it. But the core environment will remain the same while still getting updates, and that's what I personally like.
Microsoft should change their policies a little bit IMO...
"More than eight million Windows-powered computers have been attacked by Bamital over the last two years, according to security researchers at Microsoft and Symantec."
What is the first thing someone who uses an illegal (unlicensed) version of Windows will do? Turn off the automatic updates because there's (usually) nothing coming in and when it does (and the illegal copy is identified) an update will quite likely render the box unusable. Thus; turn it off.
Now, I can understand that Microsoft wants to target piracy, after all, it's basically going after extra money like any company would try to do. However; the downside to all of that is that a lot of PC's out there will remain unpatched and thus form potential targets for people trying to abuse those boxes. And with abuse I'm of course talking about (more) real abuse; the likes which hinders quite a lot of people.
To that end I think Microsoft should consider pushing out security updates no matter what kind of OS is getting them, then perhaps try to get the "baddies" by luring them into downloading "free" software which then ends up only usable on a genuine copy of Windows.
Of course there are also plenty of downsides to that scenario as well, sure, but IMO the whole issue of unlicensed Window copies where the owner stops updating his PC is a huge problem on its own. In fact; its the kind of problem which basically causes raids like this to happen.
So why not try and take this somewhat higher in the food chain ?
That was a tad obvious, no ?
"“The days of being sent on training courses is gone,” he told the user groups. “The burden is now on you to get the skills and knowledge you need. It is assumed you will learn as you go."
Talk about open doors. I mean this has been an issue forever already which is also heavily depending on the company you work for and/or are involved with. The reason I consider this an open door is simple; most of the more skilled people I either know or have met have mostly gained their experience on their own. Sure; sometimes a training course can give you a good foundation to work on, but to really get into the subject you'll want to dive in on your own.
Hmm, could this be the reason why schools in the old days used to give us these tasks to do called "homework" ?
"What I found with IIS and Apache running on a fairly dated home PC was that they were both pretty poor to respond. I admit a lot of this was from connecting via my homoe network. but it was taking a few seconds to load each webpage. and these were pretty basic."
Which raises the question how you used them? Did you install them and used them "as is" or did you tune the critters? Because speaking from personal experience I can say that both server can easily run on older hardware (depending on the version) where obviously Apache tends to be lighter by default because it doesn't have appserver functionality embedded.
I've been running both on a 2k3 server, 2Gh AMD Athlon with 1Gb memory and it pretty much works as expected. No noticeable issues wrt. response time (IF you tune them).
Open source would be dangerous
Because then you'd risk that everyone could find out about the exposed exhaust pipe.
"Our networking people basically told him to go up to the roof deck, and jump off (for being that fucking stupid).
WTF are the schools teaching these ID10Ts?????"
How best to deal with people who tell you that you don't know sh!t, you know; anger management, social training, gymnastics and when time permits they also try to include a bit of PFY study. Priorities, priorities...
Its just a cert; wise up!
People really should get over their fascination (or is it ignorance?) when it comes to certificates. A "real" certificate means absolutely nothing more than that it'll be easier to recognize by other parties. Yet that won't make it any safer or more insecure.
In fact; I can come up with scenario's where you might actually benefit a whole lot more from picking up & setting up OpenSSL yourself and then simply using your own SSL hierarchy. And yes; OpenSSL can easily run on Windows as well (and does a fine job too!).
Sure; it may take you some RTFM before you setup a whole CA structure, but I speak from personal experience when I say that OpenSSL can cope. It supports Root (CA), EmailCerts, AuthCerts, CodeSigning and ServerCerts with ease. An sometimes such a setup may even be much more beneficial too. You can be pretty sure that 'bad guys' won't really care much about your little 'CA enterprise', thus minimizing risks.
But most of all you'll get the exact same results, but IMO better: On a very select amount of PC's (which is entirely to your discretion) you can deploy (test?) code where it'll run without warnings or such. And if you're working with computer illiterates it could even help prevent them grabbing your code to try it out somewhere else; because that's bound to generate errors, errors which may very well intimidate those people.
And if you plan this right you'll even know that you can simply setup a structure which will only be valid during the course of the project. The moment $date passes all certs can simply be rendered useless; and all without having to do anything special but some proper planning.
No, BPC's certificate was signed by DigiCert so that it became valid (recognizable) by the rest of the world.
But whatever you sign with a CodeSign certificate will bear your name (CN), not that of the CA.
"Erm, isn't that what they had been doing for the last 10 years with Mono?"
Well spotted. I wrote that with .NET in mind but the same applies to Mono as well. Although basically Mono seems to mainly focus itself on C#, afaik there aren't any other compilers available as of yet.
Even so; if Canonical really wants to follow the Microsoft example as they claim then Mono would have made a lot more sense to me. Not too sure how good of a choice that would be though.
It's critical that everyone understands this decision as a plan to elevate the language, bindings, tools, and documentation to a level of quality we have not yet achieved.
Looks a lot more rational than it's being made out to be.
Quite the contrary IMO. Because what he's saying there is that choosing a specific programming language will allow them to "elevate the language, bindings, tools and documentation". How on earth would the choice for a programming language effect your documentation for example ?
That makes absolutely 0 sense to me.
Also; a language alone doesn't bring in better tools; that's the programmers job. So if they feel their current batch of programmers isn't up to making tools of their desired quality (IMO that is what he's saying there) then how would changing the language effect this?
So I don't quite agree with you; all I'm reading is a lot of talk without any meaning.
Another doo-doo ?
Lets look at some of the highlights of what a Windows Store App is all about (as can be read on the MSDN page here):
- They run in a single window that fills the entire screen by default.
- They automatically work with a variety of input sources, including touch, pen, mouse, and keyboard.
- They install easily and uninstall cleanly.
- Instead of static icons, they use live tiles that can display notifications.
I wouldn't quite compare that to the default programs which you normally get on a desktop-like environment such as Gnome (or KDE). These programs are meant to be light weight (sort of) because they run in a closed and locked down environment (the void we once knew as Metro).
Another thing which the "Gnome Guys" seem to completely ignore is while Microsoft may have been comfortable with this; hundreds if not thousands of Window-based programmers weren't so enthusiast about the idea (in all fairness; that was also fuelled by the rumours that MS would drop .NET).
If you want to use Microsoft as an example; then why not use their .NET framework model as well? You know: a common runtime combined with a specific language specification and then stack several languages on top of that so that the programmers can choose what they like best while still complying to whatever standards you want to use, no matter what language they prefer ?
Interesting development, however...
"that allows browser-to-browser chat without the need for plugins but with permission required to activate cameras and microphones."
Maybe I'm a bit too cynical here, but I can't help wonder how long it'll take before this development gets teens and other computer illiterates into problems because 3rd parties were spying on them without their knowledge or permission ?
The reason for my cynicism should be obvious: quite some people already had to get used to Messenger(-like) programs which didn't fully close down after you clicked the X button. So imagine their approach to a common browser...
I think the damage has already been done
First the most obvious part; reputation. Back in the Sun days Java had a reputation of being secure, you could also see some "proof" of this due to several banks and financial institutions building their solutions based on Java SE and EE. Deserved or not is something I can't tell, it does strike me as odd that some current exploits also manage to target SE5 and the likes (which, in all honesty, was EOL'd before the Oracle invasion) but the fanboy in me (I'll be honest here) can't help wonder; most of those SE5 exploits target the latest 5u22 update. Is that still a pristine Sun release or has Oracle added some of their "cosmetic only" changes into it ?
I'd check this for myself weren't it for the fact that you can't download these versions any longer without an Oracle account. Needless to say; I don't have one, even demanded that they'd remove it (I did used to have a Sun / SunSolve account).
Now that reputation took a blow, which shouldn't be underestimated IMO. For many people in my surroundings Java used to be somewhat of a "vague environment" which "obviously was robust". Those opinions will clearly have shifted with Java exploits hitting global media.
But the second part could be much more dire: competition.
When taking a look at some of the competitors in the field you'll quickly notice that in some cases competitors provide solutions which can do the same by using far less code. Less code by definition also means quicker results, whether for good or worse. But which could very well make it suddenly much more appealing to jump ships.
Sure; this development has been going on for quite some time now, people even used to criticize Sun because they were very reluctant with adding specific new developments to the Java core engines.
But back then Java wasn't openly criticized in the media for being insecure and something people should be careful with. Would you tell your customers that "Our website was build on Java, robust as it can get!" in these days ? Not sure, but I don't think it'll have the positive effects you may have hoped for.
Most likely not. Which is why I ended my response with the warning that all things aside we should never forget that in the end Microsoft is still a company. And hopefully we all know what those want first...