Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

Comment: Re:It's quite simple really... (Score 1) 158 158

It's not always developers, but browser manufacturers, laws/mandates, and application vendors. Governments often have a policy to support as many clients as possibles, so they may have to support IE6, but also have requirements that IE6 does not support well, such as accessibility issues. Sometimes the decisions comes from someone in management that only makes a narrow decision, such as one I remember hearing about, just about 5 years ago. The original standard and mandate was to support IE6, then someone decided to add to the mandate and to make all websites "XHTML 2.0 strict" compliant, and at the time no browser supported XHTML 2.0 as strict. This leads into issues where legally you must support both, and to add to this there was other rules at the time such as "No Javascript", "No Cookies".

Javascript, Java and Flash are not set it stone as languages are but dynamic growing languages, some things in these become deprecated and removed, and new things are added to the languages as well. Even CSS changes on browser releases.

Vendors are also a problem because they don't often develop for a wide browser market, but often will support what makes it visually appealing to people who are in the power to make the purchasing decision.

Comment: Issues. (Score 1) 203 203

One problem with ssh-key client authentication, is the trust of the public key, now both there is x509 and openssh's certificate based authentication systems, but neither are globally adopted by all clients and servers. This leads to the "how do you absolutely know that the key listed in authorized_keys is a valid ssh key or if someone has added one to it. But you without widescale support of SSHFP, there's no method of really trusting the servers keys either, if you are connecting to a server for the first time, can you actually trust the fingerprint, and if the fingerprint changes how do you know if it's a valid change or not.

A second problem is that with key-agents, allows for the key to be used to connect to other systems, so if someone obtains your "insecure" private key, they could have access to each server that trusts that key, directly or indirectly.

A third, which isn't a problem but somewhat of missing documentation, is that of the Sub Services, So many more features could be generated with better documentation available, an example could be to provide a replacement for the time services (not ntp), and I have used it in the past to output stats from various services, but the documentation is missing.

The last thing I will say, on the server side not only deprecate ssh v1, but it's time to completely obsolete and remove it.

Comment: something to be aware of (Score 1) 74 74

Legacy systems have a few pros and cons, the ideal response is to evaluate the cost/benefit review, and availability for changes

Issues to evaluate
- Is this a specialized 3rd party product/hardware (may be restricted to vendor eg. ATM's were for a long time OS/2 well after IBM ceased producing OS/2).
- If it is 3rd party, do they still exist, or is there a similar product available.
- Is there specialized hardware requirements. (you may have no problem with a video card, but you might have a problem finding hardware for Wind tunnel Data collection)
- Has the amount of data processing increased/decreased.
- Is the service being utilized less and less.
- Do you have the manpower to handle the existing infrastructure for the proposed life expectancy of the product (if there are 3 people in the world that knows the system, and they all disappear, you may have a problem maintaining the system.
- Will a prolonged outage caused by system being unavailable due to the age, cause a serious impact.
- Is there a good justification that the changes will out weight the current value.

- business logic have been captured, and generated
- system has been optimized for the task
- known output

- Skilled labour, the languages, or hardware may not have limited and aging employee pools. (FORTRAN and COBOL are good examples)
- Increasing costs, technical people and/or parts become more difficult and costly to obtain. Some replacements may have to be custom made even
- Existing hardware could be slower
- Unsupportable protocols (eg SNA or Banyan Vines)
- Security, system may not have been patched for weeks, months or even years.

Comment: My Opinion (Score 1) 555 555

First off many things betray the "Unix Philosophy", Bash, ZSH, Busybox, Apache, sendmail, exim, postfix, it could go on from there, because most of these programs do more then one function, such as bash, zsh, and busybox all include their own versions of system applications or once were. The mail servers, do not do a single function, they send and receive, filter, authenticate and many other mixed services, if they were to the "Unix Philosophy" then it should be more like qmail. Apache version 2.0 allows for a great deal more function, including proxy support, other protocol support, and many other things. SystemD though not perfect, makes changes, and encourages the discussion to make changes. Without some of the past changes, that go against the "Unix Philosophy" we wouldn't be here today, but with an abacus, and someone singing the news of the decade as they walked into the village this week.

Comment: Other reasons for NASA's slow build time (Score 1) 211 211

One thing people forget, is that the Private sector, can often do things a great deal faster as there is way less red tape. In the Public Sector, you have to have more justification on who you buy everything from, to contractors, everything. The public sector is greatly hindered by this in so many ways, to make sure everything is above board, and fully transparent, and it only gets worse as the economy gets worse, as the government wants an accounting for every last penny, because they believe the public really will care on which toilet paper is being used by government officials. Also if something is not on a standing offer for the government, it must go to be bid on by businesses.

Comment: One mistake Sony Made (Score 1) 172 172

The biggest mistakes Sony made, was not to take advantage of the educational market. There are many places that are moving from physical text books to electronic versions, Sony should have gotten in early with places like California to provide equipment for the students to access their books, but with the encumbrance created by Sony, and no large retailers in place they lost market share.

Comment: Re:What could possibly go wrong? (Score 1) 192 192

You could easily get rid of physical keys, their isn't that many variants of keys out there. Just go into some Home Depot one day and look through a box of locks, you'll see paired locks with the same key beside each other, as they are meant to be sold as pairs. And often there's only a few different keys in the box. To make it more interesting if you go through a few boxes you won't see many more keys in the boxes.

Comment: Crackberry (Score 1) 349 349

There are a few issues I can see for Blackberry
  - Smaller Company with too many models for a company that is only in a single area (17 phones in 5 models currently on their website). This should have been reduced to a handful, in various price brackets.

- Not innovating as much as they use to. I don't recall many big news innovations or changes from RIM for awhile.

- Increased competition, more companies making phones.

One of the biggest pro's, over all of their competition is the fact that the phone can be centrally managed, though at an increased cost, with BES, it's $55/user at 500 users, and 2000 users/server. The Server price alone is $3000. They have added a product line to manage android and iOS devices as well, This looks like it's an additional cost as well, ontop of the cost for the BES server, the fuctionality should be part of BES not as a seperate server.

But the price is way high, and they would make a great deal more money, with a lower server price, with an option for licenses that must be renewed at a lower cost per year (or 3 years etc) to perpetual licenses at an increased cost.

Comment: My 2 cents (Score 1) 342 342

Things that people forget to look at

  1 - What does the employer/client want you to use? The company may have a method they want you to use, for various reasons that you must adapt to. Or a client may want to have it in a method that they can modify later, with some tool. There may be standards or policies guiding the development process as well.

2 - The site may have special requirements, eg. database driven, etc.

3 - Legal Liabilities, have you made sure not to weaken the security of the site, through bad coding practices. Also if you copy code from another site, is there any copyright claims attached to it.

I know I am forgetting a great deal more, but the biggest thing for me is to gather requirements, what do they need, and want, and what is the end user suppose to see and get from their experience. Once you have enough information, you will know if you need to use something like dreamweaver, or you can code it yourself, or you should use some off the shelf software to provide the user experience.

Comment: Laws to be used against spammers in Canada (Score 1) 333 333

These are the laws that can be used currently in Canada.

Theft of a Telecommunication Service (Section 326)
    (1) Every one commits theft who fraudulently, maliciously, or without colour of right,
        (a) abstracts, consumes or uses electricity or gas or causes it to be wasted or diverted; or
        (b) uses any telecommunication facility or obtains any telecommunication service.
    Definition of “telecommunication”
    (2) In this section and section 327, “telecommunication” means any transmission, emission or reception of signs, signals, writing, images or sounds or intelligence
              of any nature by wire, radio, visual or other electromagnetic system.

Mischief (Section 430 (1)(c) and Section 430(1)(d))
    (1) Every one commits mischief who wilfully
        (c) obstructs, interrupts or interferes with the lawful use, enjoyment or operation of property; or
        (d) obstructs, interrupts or interferes with any person in the lawful use, enjoyment or operation of property.

Mischief in relation to data (Section 430 (1.1)(c))
    (1.1) Every one commits mischief who wilfully
        (c) obstructs, interrupts or interferes with the lawful use of data; or
        (d) obstructs, interrupts or interferes with any person in the lawful use of data or denies access to data to any person who is entitled to access thereto.

Comment: Re:wi-fi needs an evolutionary upgrade (Score 1) 165 165

In the case of WIFI it is an advantage. In CSMA/CD you attempt to send your frame after waiting for the line to be free, and if a collision occurs, everyone on the network backs off, and you must resend the complete frame over again. With CSMA/CA, you send a smaller packet stating your intention to send, if there is a collision there, then you back off, and try again. When a shared access network becomes heavily loaded, with collisions in CD, it almost always causes no end of problems.

This is generally not an issue with switched Ethernet, unless there is a speed and duplex misconfiguration, which will happen either if one side of a link is forced and the other isn't, or some network cards and switch combinations can have problems negotiating on occassion, but it's becoming less and less common. (unless you are using the old Baystack 450's)

Machines have less problems. I'd like to be a machine. -- Andy Warhol