I'm responsible for a large university learning management system (Sakai). The daabase is completely CPU limited. I assume that's because the working set of data fits in memory. I would think lots of university and enterprise applications would be similar. Another data point is the experiments done on a no-SQL interface to innodb. That shows very large speedups. Surely some of this is due to the CPU overhead in processing SQL.

No, but there's no reason to think that Linux is worse than anything else, and it's probably easier to fix.

If I were Linus I'd be putting together a small team of people who have been with Linux for years to begin assessing things. From Gilmour's posting it seems clear that IPsec and VPN functionality will need major change. Other things to audit include crypto libraries, both in Linux and the browsers, and the random number generators.

But certainly some examination of SELinux and other portions are also needed.

I don't see how anyone can answer the original question without doing some serious assessment. However I'm a bit skpetical whether this problem can actually be fixed at all. We don't know what things have been subverted, and what level of access the NSA and their equivalents in other countries have had to be code and algorithm design. They probably have access to more resources than the Linux community does.

I taught stat to a business school audience, too many years ago to think about. One thing you have to figure out is what to cover and from what viewpoint. Math students might be interested in the math behind some of the statistical methods. Social science students probably aren't. To be honest, they're just going to use canned packages, so details of the math are not the most important thing to teach them. What you really have to teach them is what all the math means. What assumptions are the methods based on? What do they do? When do you use them?. How do you formulate problems? What are the most important ways that people can unintentionally (or intentionally for that matter) get completely meaningless results out of statistics? E.g. what does it mean when you try 20 different models, and one of them is statistically significant at the .05 level? Answer: it means nothing at all. But those kinds of results get reported all the time. Have then read some of the articles on why so many drug studies are turning out not to be meaningful.

I agree with the FB position. I do work with youth at Church. Several of them are my friends on FB, although these days more of my friends are professional colleagues. Their parents know that. My privacy is set somewhat tighter than the default, to minimize their exposure to others.

While I am not silly enough to put anything that matters on FB, some of the kids have said things that, while actually not very serious, they might not want other people to see. The difficulty with letting third parties use my account is that most of what's there isn't my postings, but postings of my friends. And they might well not want my potential employer to see them.

I don't know what kind of suit FB has in mind, but if I were going to make up a case I'd make it up based on compromising the privacy of minors without the consent of their parents.

OK, I resist change just like everyone else. But that's not what is going on here.

Monitors are getting bigger. I'm doing more things at once. I want better ways of managing that. But Metro just gives me one thing at a time. Sorry, that's not a solution to the problem. That's going back to the original Macintosh.

Apple isn't perfect, but at least they've been trying some new ideas. I don't think the new ideas on screen management have been all that successful, but at least they're attacking the right problem.

At the moment, nobody has a better idea for a smart phone or a tablet than to show one app at a time. The only way W8 makes sense is if they're adding a piece for portable devices, and said "while we're at it, let's let desktop guys use it too." Fine. But only if they realize that the desktop systems still need new ideas as well. And if I were doing a ground-up redesign, I'd consider whether we might be ready for a better approach with tablets as well. The new iPad has more pixels than many monitors. I'm not sure one app at a time should be the only way to use it.

The skeptics I've read agree that temperatures have gone up. The questions are about models showing continuing rises, and what approach to take in dealing with it.

My concern is that we not exhaust the public's willingness to do something with approaches that will have almost negligible impact.

I would love to use Linux. But first and foremost the OS has to be able to do everything Mac OS or Windows can do. That includes licensed content. Currently iTunes won't run on Linux in any realistic way, and there's no real alternative. I doubt that I'm alone. I'm glad someone in the Linux community is working on things like this. I'm also going to need MS Office, as I have to be able to exchange documents with administrators and OpenOffice's compatibility isn't really good enough for that.

The Linux community has slowly understood that if you want to be a mainstream OS real people have to be able to install it. But once they've installed it, it's got to do what they need to do.

Has anyone participating in this discussion actually done web design for accessibility? I've been looking at it for our course management system. It's not trivial, but it's also not difficult. In increases development time / cost, but probably not more than 10%. It's perfectly possible to design reasonable visual interfaces that work fine with common screen readers. A sighted user won't even be aware that it's been done. It's a combination of avoiding some standard pitfalls that a screen reader can't reasonably work around, and putting appropriate labels and tags on everything. A lot of tools are accessible. jQuery has been doing an increasingly good job. The CK editor has as well.

The issue isn't just blind people. Older people (like me, to be honest) sometimes need to increase font size, and would really like it if the web page design doesn't fall apart.

There's no way you're going to get away with saying "sorry, they should know they're handicapped." The law won't allow it, and in my opinion shouldn't. I might feel differently if there weren't reasonable approaches to dealing with it. The big problem is getting web developers to think about it, and to try their software with a screen reader now and then.

I believe their routers run a version of BSD. They've had IPv6 support for years. Apple is an interesting mix of flashy products that tend to be on the expensive side with fairly decent underlying technology. It's a mistake for techies to become fans and enemies of particular vendors. That approach to the world is fine for football fans, but not so useful for people making technology decisions.

I have little sympathy for the ISPs. No devices support IPv6 because there's no evidence that any of the networks for which they are intended has any plan for implementing IPv6 within the lifetime of the products. There are enough Apple routers out there to run a trial. What we need is the ISPs to turn on support, and a couple of intrepid web sites to put up attractive content. (An IPv6-only free porn site would be ideal.) Final debugging is going to occur only with real use, and you can't get real use if the pipes don't support IPv6. If the major ISPs even supported decent IPv6/v4 gateways in the right part of their architecture one could turn on tunneling, which seems to be supported by all real IPv6 implementations.

You might want to spend some time on jQuery and other tools for building more interactive web UI's. While there are promising newer languages for the backend, it's not yet clear that they're going to take over from Java, PHP, and .NET. But the Javascript, client-based side of things is definitely growing and new tools are being developed.

IANAL, but I believe that in exercising editorial control over what applications to accept, Apple can't claim to be a hosting company or the mailman. I am not yet sure, however, that they are violating v2 of the GPL, since the terms seem to say that if there is a license specific to the product, it supersedes the generic iTunes one.

It's not so obvious to me that the Apple Store is *not* a noncommercial distribution. Normally commercial means that it's charging. iTunes doesn't charge for free software. They offer other products that are commercial, but is the VLC distriibution?

These protocols were designed for a different world:

1) They were experiments with new technology. They had lots of options because no one was sure what would be useful. Newer protocols are simpler because we now know what turned out to be the most useful combination. And the ssh startup isn't that much better than telnet. Do a verbose connection sometime.

2) In those days the world was pretty evenly split between 7-bit ASCII, 8-bit ASCII and EBCDIC, with some even odder stuff thrown in. They naturally wanted to exchange data. These days protocols can assume that the world is all ASCII (or Unicode embedded in ASCII, more or less) full duplex. It's up to the system to convert if it has to. They also didn't have to worry about NAT or firewalls. Everyone sane believed that security was the responsibility of end systems, and firewalls provide only the illusion of security (something that is still true), and that address space issues would be fixed by reving the underlying protocol to have large addresses (which should have been finished 10 years ago).

3) A combination of patents and US export controls prevented using encryption and encryption-based signing right at the point where the key protocols were being designed. The US has ultimately paid a very high price for its patent and export control policies. When you're designing an international network, you can't use protocols that depend upon technologies with the restrictions we had on encryption at that time. It's not like protocol designers didn't realize the problem. There were requirements that all protocols had to implement encryption. But none of them actually did, because no one could come up with approaches that would work in the open-source, international environment of the Internet design process. So the base protocols don't include any authentication. That is bolted on at the application layer, and to this day the only really interoperable approach is passwords in the clear. The one major exception is SSL, and the SSL certificate process is broken*. Fortunately, these days passwords in the clear are normally on top of either SSL or SSH. We're only now starting to secure DNS, and we haven't even started SMTP.

---------------

*How is it broken? Let me count the ways. To start, there are enough sleazy certificate vendors that you don't get any real trust from the scheme. But setting up enterprise cert management is clumsy enough that few people really do it, hence client certs aren't use very often. And because of the combination of cost and clumsiness of issuing real certs, there are so many self-signed certs around the users are used to clicking through cert warnings anyway. Yuck.