5 posts • joined Sunday 28th January 2007 17:52 GMT
I'm not sure I want a "rushed" patch....
Yes, 2 months is a long time to wait for a patch. But I'm willing to wait.
Oracle has a much higher stability requirement than, say, Microsoft OS patches, or various web browsers. They have rigid patch release cycles because there are lots of steps involved in coding, checking, testing, etc. patches before they can make a release. They simply cannot hack a quick fix together in a day or two and throw it out there.
And frankly, how big of a risk is this? The Oracle database servers on projects that I've run would never be exposed to external access. And to EXPLOIT this vulnerability (to install malware on the server) the attacker must already be signed into the database... aren't you basically screwed anyway if you're letting unknown users get that far?
Deprecation is still useful
...because developers generally steer clear in ongoing development. You get compiler warnings otherwise (or your IDE will flag the deprecated usage), so you'll stop and find the better approach. Deprecation is just a simple way for Sun to say, "there's a better way now."
I also understand why deprecated features aren't actually removed for a long, long time (if ever: last I checked, at least some 1.0.2 features that were deprecated with Java 1.1 are still around).... Many applets and applications are not developed "in-house". So perhaps your company has a custom graphic applet on your website (or something like that) that you paid quite a lot for back in 1997, OR they paid for any of the many libraries, APIs, applet collections, etc. that can be pretty pricey for specialized niches.. but the provider may not even be in business anymore. It's all okay, as long as it still fills your needs there's no reason to lay down the cash to change it or replace it... unless Sun starts removing deprecated features.
The number of applets and apps like this is surprisingly high, and Sun doesn't want to make their users suffer unless there's a good reason -- and so far at least, "just to tidy up a bit" doesn't count as a good reason.
As a developer, yes, I'm all for removing the deprecated stuff. Give me a leaner, cleaner Java to work with! But there are lots of businesses with a very different point of view.
But... was it worth it?
Seems like an obvious question, but... was the information gathered by the project useful to scientists?
These projects are *not* free -- people running these programs (and particularly people watching their stats...) tend to leave computers running overnight, during lunch breaks, and other times when they would otherwise shut down or hibernate. The electricity costs are spread out among a lot of people, but in the end the juice is consumed... and it'd be awfully nice to hear that some scientific progress was actually made (not just that it met its goal to "demonstrate the viability and benefits of large-scale internet-based grid computing").
7 *years* on all those computers adds up to a lot. Are we closer to finding a cure for cancer?
About that question, now...
This was an interesting read, but I'm still hoping for an answer to the original question: How much damage does a tapeworm do to the human body?
You only touched on *possible* effects, and that only briefly. Death is a possible result of jogging and lack of vitamin C, but that doesn't tell us much about those two things. Tapeworms *might* block up the digestive system, but what are the chances? What happens to *most* people with tapeworms? What happens in the average case, with vs. without treatment?
If you want to get even more interesting... could a carefully-managed tapeworm be an effective weight-loss tool (or, why not, other than the creepyness)?