Kuro5hin.org: technology and culture, from the trenches
create account | help/FAQ | contact | links | search | IRC | site news
[ Everything | Diaries | Technology | Science | Culture | Politics | Media | News | Internet | Op-Ed | Fiction | Meta | MLP ]
We need your support: buy an ad | premium membership

[P]
A Kinder, Gentler Web

By 0xA in Technology
Fri Nov 22, 2002 at 07:57:21 AM EST
Tags: Internet (all tags)
Internet

Microsoft announced a really nasty bug in their Data Access Components (MDAC) yesterday. Microsoft Security Bulletin MS02-065 has the details.

I'm a sysadmin, I'm going to have to do something about this and I'm going to have to do it tonight. I work for a small company, not only do a lot of our applications use MDAC, I don't have enough budget room to build a testing environment for our application servers. I figure I'll do the patch and test starting at 1:00 AM, should be done by 4:00 AM. Our Ontario warehouse starts at about 6:00 AM my time so I'll be able to bring a pillow and grab a couple hours snooze under the rack or something.

I can't help asking myself, why are you doing this?


Feature Creep

The reason I'm doing this is Feature Creep. A web browser is a complicated thing these days, all this fancy "Active" stuff built right in there. Every programmer knows, the more stuff you pile into a program, the more stuff there is to break. This is why control systems for medical or industrial equipment are generally small efficient programs, no more features than they absolutely must have. Active Content bugs don't just happen to Microsoft either, both Mozilla and Opera have had their own issues with Active Scripting lately.

To be fair it must be noted that the Bugtraq post concerning Opera is about a Beta release.

But this stuff is cool!

It sure is, useful too. I have some really great things I've done with Java Script. I've seen wonderful things done with Active X, Java Applets, Flash and J Script as well. But how many really, really nasty things have been done with all of these technologies. I can't think of a single one of these that hasn't had some exploitable problems at one point or another. Is it worth it? I'm not convinced it is.

So Disable it!

Oh I do, believe me I do. I have content zones setup in IE, I have Outlook disable access to certain MIME types, I discard 100 email executable attachments a week. As a matter of fact, everything I install has half of it's features disabled. Quite the complicated little mess in fact, I get requests to turn stuff on every once in a while. The bank has a new site we can use to manage our corporate cards, needs Active X though. I want to turn it on but I'm a little afraid of it. I could set up a zone for those users that need it. Afterwards I'll have to add it to my 4 page "How IE is setup on the Terminal Servers" document. That one is catching up to the "1001 filters on the email server" document length wise. I hope I never loose those things.

Where's the Value?

This is my question to all of you. We keep coming up with new ways to extend the Web. Each one brings new and exciting things for sysadmins to loose sleep over. Would we have all been better off with Netscape 2.0? Who really, really needs Flash?

Who exactly was the jackass that decided emails needed to be able to execute scripts automatically? Could he meet me in the alley for five minutes?

What of the future?

In two years am I going to be losing sleep over buffer overflows in XML parsers? I think I will and I'm not looking forward to it.

Sponsors

Voxel dot net
o Managed Hosting
o VoxCAST Content Delivery
o Raw Infrastructure

Login

Poll
Do you disable Active Content?
o Naw, I like life on the edge. 13%
o I setup "Zones" and "Domains", they don't work though. 6%
o Yes, all of it is shut off. 31%
o I don't belive this is available in Lynx 47%

Votes: 132
Results | Other Polls

Related Links
o Microsoft Security Bulletin MS02-065
o Mozilla
o Opera
o Also by 0xA


Display: Sort:
A Kinder, Gentler Web | 103 comments (96 topical, 7 editorial, 0 hidden)
3270 (4.40 / 10) (#2)
by kb5 on Thu Nov 21, 2002 at 10:29:05 PM EST

I think everybody should have just a 3270 terminal. Anything over that is totally redundant.

As a fellow... (4.00 / 6) (#5)
by Gawyn on Thu Nov 21, 2002 at 10:53:56 PM EST

As a fellow system administrator, I feel your pain. Our scheduled downtime must be done at 2AM, as we have people around the world that rely on our system, and must last no longer than an hour at the absolute most. Otherwise, heads roll. It's going to be a long night.
-- Error: .sig not found. Replace user and try again.
Clusters (5.00 / 2) (#46)
by curien on Fri Nov 22, 2002 at 10:35:21 AM EST

That's why we have clusters. We patch anytime we want. So long as we aren't rebooting all the systems at the same time, everything's cool. There's maybe half a second of downtime while one server forfeits control of a particular resource and the other one takes over.

--
Murder your babies. -- R Mutt
[ Parent ]
JWZ agrees with some of your remarks (5.00 / 5) (#6)
by HidingMyName on Thu Nov 21, 2002 at 11:00:43 PM EST

Jamie Zawinski's thoughts on good web design agree with yours in many ways. He was responsible for the original Unix versions of Mosaic and Netscape, and helped start the Mozilla project, so I respect his opinion on these matters.

Great Link (none / 0) (#18)
by 0xA on Fri Nov 22, 2002 at 02:05:34 AM EST

I've read big chunks of jwz.org before but I miseed that one somehow.

Thanks

[ Parent ]

Netsacpe yes, Mosaic no? (none / 0) (#62)
by jzawodn on Fri Nov 22, 2002 at 03:36:04 PM EST

It's a stretch to say he's responsible for large parts of Mosaic. Netscape, sure. He was part of the original team. But not Mosaic.

[ Parent ]
Perhaps there was some confusion (none / 0) (#75)
by HidingMyName on Fri Nov 22, 2002 at 06:17:30 PM EST

JWZ did work for Netscape back when they were still called Mosaic. I can't say for sure if he was involved in the formative stages of Mosaic, but that seems unlikely since I think Mosaic came from network software group at NCSA (which is at UIUC), and I don't think he was at NCSA.

[ Parent ]
JWZ is schizophrenic (5.00 / 1) (#63)
by frawaradaR on Fri Nov 22, 2002 at 03:41:24 PM EST

He helped starting the Mozilla project but surfs the web with Netscape 3?

He doesn't want the "bells and whistles", but just the text? I kinda understand where he's coming from, but raw text certainly isn't all. A good text is also presented well, with accurate leading and so on. This, in turn, is accomplished with CSS, which his browser doesn't understand.

His featherweight browser doesn't understand Unicode either, so good for him that he only speaks English and doesn't need "internationalization". But many of us do.

Many sites do need scripting functionality. You can't play spades or chess on the web without some kind of scripting or Java (at least not in a user-friendly way).

It's too bad that so many people abuse these technologies, but that's how it is with most stuff.

Finally, good design is not about flashy colors and "cool stuff", but about structuring the text well with layout elements (mostly typographically invisible but also some highly visible, such as drop caps).

frawaradaR anahaha islaginaR!
[ Parent ]

Agreed (none / 0) (#67)
by DJBongHit on Fri Nov 22, 2002 at 04:16:09 PM EST

CSS support in today's browsers is finally getting to the point where the web can be treated as it was originally intended. It lets designers keep the layout and appearance information out of the HTML, leaving only structural information, and style the document with an external stylesheet (which can be easily overridden by the user agent, or even disabled completely, leaving a completely functional, if somewhat bland, site).

As for jwz's design page, take a look at the HTML source for a moment. Not only is it blatantly invalid HTML (no <head> block, not even a fucking <html> block!), but it uses tables for layout and is littered with <font> tags. I mean, come on, Jamie! Practice what you preach, if only on the page you're preaching it on! And including a flippant remark in the comments at the bottom of the source doesn't excuse the fact that you're using Javascript on a page bitching about Javascript.

XHTML and CSS are technologies whose time has come. And as someone who, in between real programming jobs, does web design from time to time, I say, "It's about fucking time." The fact that you can design a site which looks beautiful in the newest, most standards-compliant browsers around while degrading gracefully to the point of being completely readable and functional in cheeseball browsers like Netscape 3 and Lynx makes me very happy.

Now if only OmniWeb 5 would hurry up and be finished.

~DJBongHit

--
GNU GPL: Free as in herpes.

[ Parent ]
Chess. (5.00 / 2) (#76)
by cdyer on Fri Nov 22, 2002 at 06:40:22 PM EST

While it's true that you can't really play chess in a browser without java, I have to wonder, should web browsers be the client we use for networked chess? I mean, they are designed to render hypertext. Beyond that, you are getting into feature bloat, and would probably be better served by a specialized network chess client. I've been starting to get into online go, and rather than sending huge image files over the web, you just send the moves in text format and let a client like Panda Egg handle the rendering client-side. Saves tons of bandwidth. Renders faster. Keeps the browsers from having to use those ugly, exploitable features.

Though it seems to be falling out of fashion, even in the Linux world, I still think there's something to be said for the Unix philosophy of making each program do one thing and do it well. I'd be thrilled if browsers stuck to browsing, and specialized clients were used more widely.

But then, I suppose there are other security risks involved when you proliferate client programs. Just a thought

Cheers,
Cliff



[ Parent ]
Email apps and scripts (3.75 / 4) (#7)
by izogi on Thu Nov 21, 2002 at 11:12:42 PM EST

Who exactly was the jackass that decided emails needed to be able to execute scripts automatically? Could he meet me in the alley for five minutes?

I don't think that's the correct question to ask. I know lots of people including students, commercial designers and developers, who would bundle more and more features into something if they could. It might be because it makes something more marketable to the uneducated masses, or just that it's more interesting to write.

IMHO, nobody decided that emails needed to be able to execute scripts automatically. It just happened naturally. Unfortunately though, nobody with enough influence went out of their way when it mattered to decide that they shouldn't be able to execute scripts automatically.


- izogi


Bullshit (3.75 / 4) (#8)
by localroger on Thu Nov 21, 2002 at 11:23:40 PM EST

Hey, the Republicans are in control now. The party of "responsibility." So let's have a little responsibility.

Somewhere, there are actual human beings who decided that (1) it would be a really neato keen kewl thing for emails to be able to automatically pop up "services" (who woulda thunk they would mostly be ads and viruses) and (2) made the final decision to include this dubious "feature" in the default client that will be used by most of the clueless newbies who buy a computer while barely knowing how to plug it in.

Both of these people need to be tied to an anthill. Whatever supervisors were above them and allowed these disastrous ideas to go out into the world should be tied to anthills too. To argue otherwise is to argue that you should be tied to an anthill alongside them.

If this were done, the manufacture of fire ant plush toys would become a profitable venture.

I can haz blog!
[ Parent ]

No... (4.00 / 1) (#40)
by jmzero on Fri Nov 22, 2002 at 09:57:45 AM EST

(1) it would be a really neato keen kewl thing for emails to be able to automatically pop up "services" (who woulda thunk they would mostly be ads and viruses)

No, they thought "Hey, it would be cool if we could reuse our web page rendering engine to render HTML e-mails" and "the security issues should all be taken care of, as this is the same engine used to view the wild wild web".

Dumb?  Yes.  Actively incompetent in the way you're thinking?  No.  Like the earlier guy said, this is an example of poor design and not thinking through consequences like "what if browser security isn't that perfect?"
.
"Let's not stir that bag of worms." - my lovely wife
[ Parent ]

Dumb? Hardly. (none / 0) (#73)
by tzanger on Fri Nov 22, 2002 at 06:02:25 PM EST

Dumb? Yes.

No, it wasn't dumb. Not by a long shot. What was dumb was not putting in some kind of capabilities bitmap or structure which the renderer checked against before doing things like parsing JavaScript or CraptiveX or calling the cookie functions. It would have been trivial to do, but it wasn't done. That was dumb.



[ Parent ]
Hmmm. (none / 0) (#77)
by jmzero on Fri Nov 22, 2002 at 07:22:48 PM EST

Security certainly should have been better across the board.  You're right, scripting and ActiveX should have been safe to begin with.  However, I think it was also a bad design choice to not implement a separate regime in e-mail as:  
  1.  Even behaviors that could make sense security-wise (like popping up a window or initiating some interactive control or media) should be restricted in e-mail as unacceptable behavior.  
  2.  E-mail represents a much more dangerous medium for viruses - as viewing the page is essentially involuntary.  
In short, even if the browser security was better than it was/is - MS should have realized that e-mail had a different set of requirements, acceptible behaviors, and reasonable security precautions.
.
"Let's not stir that bag of worms." - my lovely wife
[ Parent ]
I think you misunderstood my idea (4.50 / 2) (#80)
by tzanger on Fri Nov 22, 2002 at 09:08:25 PM EST

In short, even if the browser security was better than it was/is - MS should have realized that e-mail had a different set of requirements, acceptible behaviors, and reasonable security precautions.

That is precisely the function of the capabilities bitmap: take 64 bits (for example). Each bit represents a capability that that instance of the render object supports. Things like

  • Basic HTML
  • CSS
  • JavaScript
  • Cookies
  • ActiveScript
  • Java
  • Load external references
  • HTTP authentication
  • https
and so on. And perhaps the JavaScript object would have capabilties like "allow popups", "allow file access" and so on -- just think, by patching ie.exe you could have popups a thing of the past! (I say patch because it's doubtful that MS would allow such a setting in the configuration.)

With that kind of a security checklist you could easily use a very powerful, robust HTML library across all kinds of applications. OE would just have "basic HTML" and "basic CSS" set -- no email bugs, no JS, AX or external references... just pure HTML and CSS. Secure. Reused code. Excellent.



[ Parent ]
Code Reuse (4.83 / 6) (#17)
by 0xA on Fri Nov 22, 2002 at 01:52:22 AM EST

This is about not having 2 html parser librares to write and maintain. Both IE and Outlook (and 3rd party stuff) use mshtml.dll.

Somebody decided that there was no point in writing the html rederer twice and becuase we want Outlook to do HTML we'll just use IE's. Of course all the scripting will come along with but oh well what's the worst that can happen?

We all know the result of that. I've spent time writing code, I know and love code reuse but it isn't always appropriate. This was a very short sighted decison.

Any one else remeber the Goodtimes virus hoax? About 1995 someone sent a hoax mail about a virus that executed when you recived the email. I actually thought it was pretty funny, why would an email client execute code it got from a message? That would be increadibly dangerous.....

[ Parent ]

Code reuse, not code ABuse (5.00 / 3) (#44)
by tzanger on Fri Nov 22, 2002 at 10:28:57 AM EST

We all know the result of that. I've spent time writing code, I know and love code reuse but it isn't always appropriate. This was a very short sighted decison.

Don't eat that Johnny, that's poop.

You could have trivially written an HTML DLL which takes a capabilities structure or bitmap and allows/disallows things based on it. IE would have all capabilities enabled, except for those whcih change for the various security zones, and OE would have "basic HTML and CSS only" set -- no cookies, no CraptiveX, no Java, no JavaScript, no nuthin'.

Code reuse is appropriate in practically every example you could throw at me -- it's proper reuse desgin that was skimped on with the HTML shared lib. That was where the shortsightedness was, not in the thought of having a shared HTML renderer.



[ Parent ]
Well.... (none / 0) (#95)
by 0xA on Mon Nov 25, 2002 at 06:29:28 PM EST

I agree with your comment in principle, this is a good way to do it.

So we have an interface to our library that allows certain methods to be called based on what application is calling them. Much like IE curently allows certain methods to be envoked by the renderer so all this Active crap works. You can even setup IE so things that will work in a "trusted" zone won't work in an "untrusted" zone.

Of course there has been a series of fuckups with this, check out this post on bugtraq from Dave Ahmad. Turns out there is currently serveral ways to get a script to execute code in the "My Computer" zone. Scary.

Now I think there are really two ways of looking at this. The way you describe is the solution I like and the way Microsoft went. But, even without the idea of a "My Computer" Context for script execution (which is just silly IMO) you still have the potential for bugs to allow all sorts of exploits accross zones. More Code == More Mistakes.

The other way would have been to give Outlook (aka LookOut!) it's own HTML renderer. Something that talks HTML and CSS period. Not elegant, not simple, not extensible, two branches to maintain, etc. But probably safe, or at least less dangerous.

[ Parent ]

Security verses usability (4.00 / 1) (#87)
by izogi on Sat Nov 23, 2002 at 02:39:52 AM EST

Somebody decided that there was no point in writing the html rederer twice and becuase we want Outlook to do HTML we'll just use IE's.

Given that it should have been quite easy to design the rendering code to allow and disallow things based on the context it was being used in, I don't think this was really the reason.

Personally I think it was just that Microsoft wanted to allow scripts in email partly to wow customers, but also so they could write their own scripts and make snazzy setup routines that were launched from emails. Despite the obvious security issues, this was an attempt at improved usability, and one of the central Microsoft goals at the time was to make things comfortable for the user, even if they've been very unsuccessfull on many occasions.

Also remember that this was first introduced before it became painfully obvious to absolutely everyone that it was a huge security hole. It was also introduced before the Internet was such an integral part of Microsoft's strategy.

As far as Microsoft was concerned, it was the next "thing to do". Until then, a program running another program was no huge thing, and besides, users are obviously too smart to open an attachment from someone they don't know. By all accounts at the time, that would have been an insane thing to do.

I still think that it was more a factor of people not deciding to keep it out than deciding to put it in.


- izogi


[ Parent ]
See my reply to tzanger (none / 0) (#96)
by 0xA on Mon Nov 25, 2002 at 06:31:59 PM EST

Given that it should have been quite easy to design the rendering code to allow and disallow things based on the context it was being used in, I don't think this was really the reason.

It should have been. They tried. They fucked it up.

[ Parent ]

well... (none / 0) (#9)
by mhtawfiq on Thu Nov 21, 2002 at 11:45:25 PM EST

i feel your pain, but if we didnt have flash and java i wouldnt be able to waste time playing an online snooker game every once in awhile. so i think its worth it. :) ahhh i love snooker...

Part of the solution (4.83 / 6) (#11)
by Holloway on Fri Nov 22, 2002 at 12:07:13 AM EST

While it doesn't work so well in older browsers, there are ways of using CSS to do JavaScript mouseovers, popout menus, and (although not a good example as it's got such poor support) using XForms instead of Javascript validation.

Rather than reverting to primordial ooze (Netscape 2) wouldn't it be better to support something that is growing?

(yes yes, I'm well aware that new software will have yet unknown bugs. But CSS isn't a general purpose scripting language, nor is XForms, and so I believe the implementations are less likely to have security holes than the alternative)


== Human's wear pants, if they don't wear pants they stand out in a crowd. But if a monkey didn't wear pants it would be anonymous

I am trying to do an end-run around all this shit (5.00 / 6) (#12)
by tzanger on Fri Nov 22, 2002 at 12:07:35 AM EST

With this. It's basically a UI-projection system. Any browser (or no browser), (practically) any OS, and straightforward design with security in mind.

We're doing our entire intranet in it, and I'm quoting a largish financial client tracking system around it too.

As the designer of the software says: "The web is dead. Long live the internet."



You know what.... (none / 0) (#15)
by xriso on Fri Nov 22, 2002 at 01:19:11 AM EST

X Windows is kind of like that. Fully able to run an app over a network. Though, once you look at the details these two things are very different.
--
*** Quits: xriso:#kuro5hin (Forever)
[ Parent ]
Yes, it is X11 inspired... (3.00 / 1) (#16)
by tzanger on Fri Nov 22, 2002 at 01:38:45 AM EST

X Windows is kind of like that. Fully able to run an app over a network. Though, once you look at the details these two things are very different.

Yup. It's X11 inspired but the biggest difference between the two is that in X11, a (potentially) remote X server is handling every mouse move and click, whereas in XWT that is all handled locally and only "business logic-y" things are handled by the servers.

I suppose another huge difference would be that with XWT, the application carries all of its own widgets (which come from the widget libraries that you get and write in the XWT mostly-javascript language) -- each widget is themeable, so apps look "native" no matter what the OS.



[ Parent ]
Nice (none / 0) (#19)
by 0xA on Fri Nov 22, 2002 at 02:13:54 AM EST

I have to start playing with this. Thank you

[ Parent ]
Awesome (none / 0) (#32)
by vile on Fri Nov 22, 2002 at 07:25:09 AM EST

Great Idea.

~
The money is in the treatment, not the cure.
[ Parent ]
Not quite universal... (none / 0) (#69)
by scruffyMark on Fri Nov 22, 2002 at 05:01:58 PM EST

I tried it in OS X using Chimera, granted a somewhat immature Mozilla-based browser. All that happened was that all my window controls stopped working - no toolbar, no min/max/close buttons, and no right click for tabbed browsing. Oh, and the Navigator process was using about 280 MB of VM space.

Still an interesting idea...

[ Parent ]

Ugh (none / 0) (#74)
by tzanger on Fri Nov 22, 2002 at 06:13:36 PM EST

Adam has a habit of using newer (lightly tested) engine code for the demos. I have heard that he was having some issues with OSX too. Dammit.

If you're still interested, you might want to download the jar and try invoking it with java -cp xwt.jar org.xwt.Main http://www.xwt.org/demo.xwar. If you click on the various demos on the site you can see where I'm getting the URLs from.



[ Parent ]
what happens. (4.00 / 6) (#13)
by /dev/trash on Fri Nov 22, 2002 at 12:31:31 AM EST

What happens when you can't keep up and you NEED a testing box or two?  Certainly somebody in the company is making too much money if all your machines are production.  I feel for ya.  As you are fucked if you don't fix the issue and fucked if you do fix it and it breaks your apps.

---
Updated 02/20/2004
New Site
catch 22 / hogwash... (none / 0) (#27)
by mreardon on Fri Nov 22, 2002 at 06:24:08 AM EST

A nice little utility/program called hogwash might help you out of this catch 22.

[ Parent ]
Wouldn't it just be nice... (4.00 / 4) (#14)
by xriso on Fri Nov 22, 2002 at 12:46:30 AM EST

If we could throw out all the crap and start over, hopefully learning from our mistakes? Naah, that's not gonna happen.
--
*** Quits: xriso:#kuro5hin (Forever)
Mozilla (5.00 / 3) (#34)
by rdskutter on Fri Nov 22, 2002 at 08:15:49 AM EST

I believe that's what the Mozilla team did. So why are you all still using IE and Netscape 4.72?


Yanks are like ICBMs: Good to have on your side, but dangerous to have nearby. - OzJuggler
History will be kind to me for I intend to write it.[ Parent ]

I'm not (none / 0) (#35)
by starsky on Fri Nov 22, 2002 at 08:23:48 AM EST

Phoenix is the bollocks.

[ Parent ]
Gecko then (none / 0) (#39)
by rdskutter on Fri Nov 22, 2002 at 09:52:42 AM EST

Its the part of Moziila that Phoenix uses.


Yanks are like ICBMs: Good to have on your side, but dangerous to have nearby. - OzJuggler
History will be kind to me for I intend to write it.[ Parent ]

Fill me in, Cowboy (4.16 / 6) (#20)
by DominantParadigm on Fri Nov 22, 2002 at 03:02:51 AM EST

I've seen wonderful things done with ... Java Applets ... as well how many really, really nasty things have been done with all of these technologies.

I'm dying from the suspense, dude.



Caller:So you're advocating bombing innocent children? Howard Stern:Yes, of course!


If 0xA is Cowboy... (3.50 / 4) (#26)
by CheeseburgerBrown on Fri Nov 22, 2002 at 06:23:17 AM EST

...Which does that make you, DominantParadigm? Chief, Champ, Chum or Ace?

[ Tossles DominantParadigm's hair affectionately. ]

Eh? Ya l'l whipper-snapper.


The opinions expressed in the comments above are not those of the author; they have been rented for the occasion of this writing from a neutral third party.<
[ Parent ]
What in gods name does... (none / 0) (#29)
by DominantParadigm on Fri Nov 22, 2002 at 06:46:25 AM EST

Your words have to do with the topic, or my question?

Caller:So you're advocating bombing innocent children? Howard Stern:Yes, of course!


[ Parent ]
YHWH (none / 0) (#30)
by CheeseburgerBrown on Fri Nov 22, 2002 at 06:54:17 AM EST

What in gods name does [y]our words have to do with the topic, or my question?

The subject of my post was the style of your question.


The opinions expressed in the comments above are not those of the author; they have been rented for the occasion of this writing from a neutral third party.<
[ Parent ]
Actually (none / 0) (#36)
by CaptainSuperBoy on Fri Nov 22, 2002 at 09:20:26 AM EST

My favorite is tiger. "How's it going tiger?" Who the hell came up with that one?

--
jimmysquid.com - I take pictures.
[ Parent ]
Possible example (none / 0) (#38)
by LukeyBoy on Fri Nov 22, 2002 at 09:46:48 AM EST

Didn't Hushmail use a client-side Java program for encrypting e-mail?

[ Parent ]
Heh (none / 0) (#41)
by DominantParadigm on Fri Nov 22, 2002 at 09:58:05 AM EST

I like Java Applets, but have never seen neither remarkably useful or remarkably dangerous applets ; my emphasis was on the security problems with Java. The supposed security problems, that is. To my knowledge, you can get an applet to crash a browser with an old VM with a bit of work, but that's about it.

Caller:So you're advocating bombing innocent children? Howard Stern:Yes, of course!


[ Parent ]
I mentioned it before (none / 0) (#47)
by tzanger on Fri Nov 22, 2002 at 10:39:46 AM EST

    I've seen wonderful things done with ... Java Applets ... as well how many really, really nasty things have been done with all of these technologies.
I'm dying from the suspense, dude.

XWT uses pure JavaScript (minus the OO bits) -- it is the first real use for JavaScript I've ever run across, outside of currency converters. Pretty much every other use of JavaScript I've ever run in to was used to hamper my browsing: blocking rightclicks or back buttons, throw scrollies across the bottom, pop up windows, play music, tell me my browser wasn't acceptable, etc..

I used to loathe javascript programmers, and now I are one.



[ Parent ]
Question: (none / 0) (#48)
by DominantParadigm on Fri Nov 22, 2002 at 10:48:38 AM EST

...Java Applets ...

... (no mention of Javascript)..

... (still no mention of Javascript)..

I used to loathe javascript programmers, and now I are one.

How can you be a "javascript programmer" if you don't even know what Javascript is?



Caller:So you're advocating bombing innocent children? Howard Stern:Yes, of course!


[ Parent ]
Ironically (none / 0) (#52)
by greenrd on Fri Nov 22, 2002 at 11:20:08 AM EST

Ironically XWT does use Java for a cross-platform execution environment. It seems to run an interpreter written in Java to execute Javascript, from what I can gather. Which is perfectly valid, because Javascript doesn't need to be particularly fast, and anyway Java is compiled JIT by most desktop JVMs.


"Capitalism is the absurd belief that the worst of men, for the worst of reasons, will somehow work for the benefit of us all." -- John Maynard Keynes
[ Parent ]

I'm so embarassed (none / 0) (#59)
by tzanger on Fri Nov 22, 2002 at 02:29:50 PM EST

How can you be a "javascript programmer" if you don't even know what Javascript is?

Auuughh! I've fallen to their level! Or... something. :-)

XWT's engine is prefably invoked from a web browser as a signed java applet... so it's a bit of a stretch but I got it. :-)

I do apologize... I wrote before I read.



[ Parent ]
Ah (none / 0) (#60)
by DominantParadigm on Fri Nov 22, 2002 at 02:57:48 PM EST

Sounds nasty, actually. Using Javascript via Java.. why not just use Java. Some Prima Dona manager set you up to this, I hope.

Caller:So you're advocating bombing innocent children? Howard Stern:Yes, of course!


[ Parent ]
Not at all (none / 0) (#65)
by tzanger on Fri Nov 22, 2002 at 03:44:09 PM EST

Sounds nasty, actually. Using Javascript via Java.. why not just use Java. Some Prima Dona manager set you up to this, I hope.

Nope, I found it and am pushing it myself. The Java engine ensures portability (there are faster native win32 and linux engines too), and the JavaScript/XML widget language means web monkeys can build very complex widgets without having to know Java or without having to really work too awfully hard at it.

I know... Java, JavaScript, XML... sounds like a dog's breakfast of technobabble. It is really nice, though. I'm not a fan of Java or JavaScript, and think that XML and "web services" are overused buzzwords that have almost no meaning anymore, but Adam's really created something great here, and there are a number of others working hard at making it exceptionally good.

I personally hate web-based shit and forms, which is why I am so keen on XWT. It's not a web form running in a browser. It's a local app that is physically and logically separate from the "real work" -- and either end can change without mangling the other.



[ Parent ]
who really really needs flash (4.33 / 3) (#24)
by mreardon on Fri Nov 22, 2002 at 05:42:00 AM EST

People studying for cisco exams can sure use it. The flash cisco IOS simulator is sure a lot cheaper than buying a router/switch for home use. It is also used in the exams, I believe.

It is the first time I have seen flash do something useful.

Flash Bloat (Semi-offtopic) (4.80 / 20) (#25)
by CheeseburgerBrown on Fri Nov 22, 2002 at 06:13:45 AM EST

I have been hating Flash for a long time now, though for reasons unrelated to security and bugs. I simply find the idea that I require something beyond a functional web browser to basically navigate a site repulsive and inelegant.

I can understand requiring Flash, QuickTime or an equivalent plug-in to view specific multimedia data, sure. But when an entire site is swathed in opaque layers of non-W3C code (rendering basic functionality like the Back button in my browser kaput) simply in order to create a sparklier and glossier user interface, I become convinced that web-design should be a licenced trade.

RANT: The world wide web is not TV. Web Design is not Broadcast Design. If your visual gimmick or slick interface trick cannot be done with the broad array of tools available within the standard, think of something else you allegedly-creative black-turtleneck fuck./RANT

...The people who Flash-bloat their sites clearly have no appreciation for the elegance of being able to SSH in to your web server with a hand-held device and edit your pages. They obviously have no clue how cool it is that HTML is so much like natural language that my grandmother could learn to hand-code it in a pinch. It has never occurred to them that a page well-designed within the standard can hold plenty of visual appeal yet still be parsed intelligibly by a browser for the blind.

I am not a web designer. I just think the idea of the web's universality is nifty. It offends my sensibilities when people fuck it up for no good reason (I'm looking at you, Bill.).


The opinions expressed in the comments above are not those of the author; they have been rented for the occasion of this writing from a neutral third party.<
Tell them about it.... (4.00 / 1) (#37)
by Elkor on Fri Nov 22, 2002 at 09:36:13 AM EST

Stick around the site long enough to find the "Sales" e-mail address and send them an e-mail from a garbage account letting them know that you were interested in their product, unfortunately the unusability of their site deterred you from considering them as a viable source.

Lay out your criticism of the site in clear terms (that marketters can understand) and walk away.

I say use a garbage account as you don't want to be subscribed to mailing lists, or if you do decide to buy something from your regular account you still get the message across.

Regards,
Elkor


"I won't tell you how to love God if you don't tell me how to love myself."
-Margo Eve
[ Parent ]
Here Here! (4.66 / 3) (#43)
by ph317 on Fri Nov 22, 2002 at 10:16:37 AM EST


I've recently been involved onthe side in a startup web-based company.  I really lucked out in that I have pretty much total control over the computer-related stuff.  They wanted a web-based application to let their paying users log into the system, that does workflow-like things passing files around to various users (but it's problem-domain specific enough that no standard ticket system or anythign will suffice).  Of course they initially wanted something really Flashy, then they kinda settled for JSPs and JBoss, etc, etc.

I came on board and wrote what they needed in Perl, outputting only simple XHTML 1.0 Strict and DOM-compliant Javascript, backending to PostgreSQL.  It's rock solid and immensely secure.  Their previous JSP-based app crashes all the time and is full of holes, but it had a slightly better looking layout.  But I've turned them against Java now.  They love the simplicity and stability of the new app.  It's the way Things Should Be.

It's correct, it's simple, it's to the point, it doesn't use bullshit plugins or browser extensions, and it's secure.  What the hell else does one need?  The clean User Interface is made with a simple tables-based xhtml layout and CSS1 for coloring and fonts. (originally I was going to use CSS2, but IE does't support it, go figure).

So here's to all you black turtle neck internet nightmares out there: Fsck you and the collective lame horses you rode in on, good software engineering will win in the end.

[ Parent ]

Bad language or bad coders? (4.00 / 1) (#50)
by greenrd on Fri Nov 22, 2002 at 11:12:32 AM EST

Their previous JSP-based app crashes all the time and is full of holes, but it had a slightly better looking layout. But I've turned them against Java now.

Yeah, but was it a problem with Java, a problem with JSP, or a problem with bad coders?

Also, you didn't say anything about the maintainability of your code. ;)


"Capitalism is the absurd belief that the worst of men, for the worst of reasons, will somehow work for the benefit of us all." -- John Maynard Keynes
[ Parent ]

Java versus Perl/PHP/C cgi et. al. (none / 0) (#58)
by Scott Marlowe on Fri Nov 22, 2002 at 02:26:18 PM EST

My experience has been that it's hard to write reliable Java web sites.  It's not uncommon for the main JSP container in Tomcat and other java setups to just stop processing pages for no apparent reason.  The backend process is still up and running, it just refuses to process pages.  No entry in the logs can tell you why, it's not dependant on which piece of code you were running, it just stops.

So, someone has to babysit the machine or write a script to do it.  Stop the JSP server and restart it and it starts working.

While Perl, PHP, and C cgis may not be as rip roaring fast as java can be, their running in isolation makes them much more fault tolerant, in that a single error just results in a single bad page request.

Java just isn't reliable enough, at least it hasn't been every time I've tried to implement it.

[ Parent ]

Possible causes (none / 0) (#79)
by greenrd on Fri Nov 22, 2002 at 08:46:23 PM EST

Yeah, I've had reliability problems with server-side Java too, but I traced most of them to something which should eventually be fixed. IBM's JDK for Linux had a major bug in it which would sometimes cause it to crash when loading classes from multiple threads at the same time, IIRC. This was because of a buggy "optimisation" they added which was not present in the Sun JDK. You could very easily and reproducibly crash a webserver running Tomcat and Cocoon on the IBM JDK because of this. (Cocoon is a good test because it's more complex than the average servlet!)

IBM didn't even have a public bug database or any real indication that they even cared about bugs when I last checked - so that bug and their lack of information about it really turned me off using IBM JDK's.

I've also seen a weird bug in the Tomcat connector for Apache (written in C), and out of memory conditions that would induce fairly regular JVM crashes. Memory management is definitely one of Java's weakest points, I think (one of the highest-rated RFEs is related to it). Now that the network connection scalability problems are being sorted out with JDK 1.4, I hope they decide to seriously address memory management, so that caches and other such structures can be programmed sanely in Java.


"Capitalism is the absurd belief that the worst of men, for the worst of reasons, will somehow work for the benefit of us all." -- John Maynard Keynes
[ Parent ]

javac bug (4.00 / 1) (#82)
by ttfkam on Fri Nov 22, 2002 at 09:17:17 PM EST

There is a bug in some versions of javac that leak memory.  After a while, memory is exhausted and the process hangs.  JSP uses javac extensively by default.

Solution: Use alternate compilers such as Pizza or Jikes.  No more memory leaks and no more JSP server restarts (assuming you haven't programmed something stupid which can happen in any language/environment).

The javac bug is annoying and lame, yes.  But it is not a showstopper.  If you used Apache Tomcat, you'd see mention of the bug in the release notes of every version for the last year or so.  It's not like anyone hid this information.

If I'm made in God's image then God needs to lay off the corn chips and onion dip. Get some exercise, God! - Tatarigami
[ Parent ]

non-JSP systems (none / 0) (#85)
by cam on Fri Nov 22, 2002 at 10:09:46 PM EST

My experience has been that it's hard to write reliable Java web sites.

My experience has been opposite, however we dont use JSP as part of the framework, instead using opensource frameworks.

It's not uncommon for the main JSP container in Tomcat and other java setups to just stop processing pages for no apparent reason. The backend process is still up and running, it just refuses to process pages.

The only time I have seen the web server seem to lock up was when a large select wasnt handled correctly with a limit and the JVM was expanding it's memory allocation to accomodate it. It didnt crash, it was just spooling memory. I would consider that a software engineering problem in our application rather than the platform. It is not reasonable to expect a browser client to wait for a 50,000 recordset be rendered on screen through the templating system.

cam
Freedom, Liberty, Equity and an Australian Republic
[ Parent ]

Hrmm... (none / 0) (#94)
by Kintanon on Mon Nov 25, 2002 at 03:31:32 PM EST

You'd think I would have noticed something like that what with over a dozen tomcat/apache servers running a few hundred thousand requests per hour...
I wonder if it's just a version problem for you guys or something?

Kintanon

[ Parent ]

What else does one need? (none / 0) (#81)
by ttfkam on Fri Nov 22, 2002 at 09:10:08 PM EST

How about not using tables for layout.  If you're going for XHTML Strict and CSS, why not go all the way and make the page semantically clean: removing layout tables.

IE 5+ may not support all of CSS2, but it supports enough in terms of positioning, margins, and padding to do away with tables.  It's a lot easier to generate markup without tables and a lot easier to update the look of the site when tastes change (they always do).

-----------

Also, you need to blame the programmer and not the tool.  There is nothing inherent in Java or Perl that makes one better or more reliable than the other.  You wrote a webapp from scratch with Perl while the others were using a product on top of Java.  This is like me blaming Perl because the Apache 2.0's mod_perl had bugs.

JBoss+JSP does things that Perl (or Java) alone cannot do.  More specifically, JBoss does things that have no equivalent in plain Perl: distributed apps, distributed transactions, easy to use clustering, etc.

If your company didn't need all that JBoss could offer, that's fine; It was obviously overkill for the problem at hand -- the wrong tool for the job.  It sounds like Perl worked out well for you.  It also sounds like you knew Perl well and the other guys had only passing knowledge of JBoss/JSP.  Not exactly fair to compare.

Blame the carpenter, not his tools.

If I'm made in God's image then God needs to lay off the corn chips and onion dip. Get some exercise, God! - Tatarigami
[ Parent ]

Yes (none / 0) (#88)
by kholmes on Sat Nov 23, 2002 at 03:35:47 AM EST

You can always blame a carpenter for using the wrong tools.

If you treat people as most people treat things and treat things as most people treat people, you might be a Randian.
[ Parent ]
Flash option is good (none / 0) (#102)
by dzelenka on Fri Nov 29, 2002 at 09:58:25 PM EST

Flash does some cool stuff. As long as the site offers a non-flash option then everyone should be happy.
"Are you talkin' to me?"
[ Parent ]
Flash MX has a pretty cool feature (none / 0) (#103)
by code shady on Mon Dec 30, 2002 at 06:51:58 PM EST

Called Flash Remoting. And its exaclty what it sounds like. Much like .net remoting, except you build your interface in flash, and can run it from a web site or as a stand alone flash file. It hits a flash mx gateway, and you can use it to hit pages written in CF, PHP, et cetera to run your application logic, which can then pass back query results, variables and data structres to the flash program, all via the gateway. Its really pretty nifty.
--- Shut your noise tube, taco human!
[ Parent ]
Where's the Value? (4.50 / 2) (#28)
by chbm on Fri Nov 22, 2002 at 06:27:56 AM EST

Paid overtime budgeted to "Microsoft Platform TCO" obviously.

-- if you don't agree reply don't moderate --
With all due respect.. (4.33 / 6) (#31)
by vile on Fri Nov 22, 2002 at 07:23:04 AM EST

Definitely look forward to it. It's these things that keep many of us with jobs. In fact, the entire security industry thrives when security issues rise.

These features provide jobs. The problems with these features provide jobs. The security issues with these features provide jobs. In the end, it is totally worth it.

Even if you have to sleep under a rack, at least you get to sleep on a pillow, under a rack. :)

~
The money is in the treatment, not the cure.
Heh, I've been looking for a place to post this (4.66 / 3) (#33)
by wiredog on Fri Nov 22, 2002 at 07:56:47 AM EST

From Bob Cringely
tiny Eolas Technology Inc., which controls a patent that covers embedding plug-ins, applets, scriptlets, or ActiveX Controls into Web pages -- the use of any algorithm that implements dynamic, bi-directional communications between an app embedded in a Web page and external applications. That more or less defines how the World Wide Web is used today. As I have written before, Eolas is suing Microsoft for patent infringement, and has been generally wiping the floor with Redmond.

...

a highly likely outcome is that it will actually go to trial, and, once it does, that a jury will award ... both damages and an injunction. Injunction is the key word here. That is what patent rights provide: the power to exclude. ... What if only one .. browser could run embedded plug-ins, applets, ActiveX controls, or anything like them, and it wasn't IE?



More Math! Less Pr0n! K5 For K5ers!
--Rusty

Bad patent vs. Bad company (5.00 / 3) (#42)
by jmzero on Fri Nov 22, 2002 at 10:05:53 AM EST

I'm just hoping we're not suspending our usual "this is a really stupid patent" logic just because MS is a potential loser here.  This is an dumb patent, and I honestly hope MS crushes them on this issue.  The alternative is that MS ends up owning this patent - no matter what you think, this company will sell if Microsoft gets backed into a corner and tacks on a few more 9's.
.
"Let's not stir that bag of worms." - my lovely wife
[ Parent ]
Hey, I like your sig (ot) (mt) (none / 0) (#56)
by fullcity on Fri Nov 22, 2002 at 01:04:25 PM EST


There's one fly in the ointment that we've swept under the rug.
[ Parent ]
The solution's not on the desktop (4.33 / 3) (#45)
by ennui on Fri Nov 22, 2002 at 10:31:45 AM EST

The future came months ago. Latest moz/IE both do client-side XSL-T, and both in various iterations have had Serious Issues.

Besides that, the web is not the web. The web is the user agent. As long as I can remember user agents have done things that are sort of outside the scope of "web browser," and if I remember aright Netscape way back in the day started the breaking standards/scope creeping that lead to the bloated browsers we have today.

Unfortunately, IT's solution hasn't been to put pressure on user agent vendors to deliver manageable clients. Rather, IT has become an accomplice after the fact. Many B2C sites rely on "active" content and scripting, and most if not all of the "intranet" or "extranet" web application's I've run across have required at least scripting, if not bizarre activex controls that work with "IE 5.5 ONLY!" for such lofty goals as unified logins that nobody's seemed to nail for the past 15 years.

The solution? Control the pipe, not the user agent. Stripping down and crippling browsers appears not to be a great solution. However, a decent proxy between the worker bees and the Outside can fix a myriad of issues. There's several commercial proxies that can chop out known malware and/or "active" content, and Proximitron can do most of what the commercial ones can for naught.

What if something gets past? The pipe, again. It's a lazy admin who allows their users access to the Outside World they don't absolutely, positively need. Most of the mal-est of malware does stuff (like start its own SMTP server, or connect to an IRC server in Russia) that generally shouldn't be allowed anyway.

Summary: No NAT or similar, proxies. Filter content you don't want to deal with at the proxy with Webshield or Proximitron or whatever. Don't allow access to outside mail servers, run your own and scrub email before it gets to users. Finally, set up monitoring to detect obvious problems (portscans, attempted SMTP connections to the Outside, backdoor/IRC ports) so problems can be corrected in a timely manner and the cause eliminated.

"You can get a lot more done with a kind word and a gun, than with a kind word alone." -- Al Capone

XSLT vulnerabilities? (none / 0) (#83)
by ttfkam on Fri Nov 22, 2002 at 09:24:56 PM EST

Could you please point me to these serious issues?  XSLT was written to be a side-effect free language and doesn't have any real abilities outside of the XML document passed to it unless you are using non-standard extensions (In IE only -- I don't think Moz supports any non-standard extensions in their XSLT implementation).

I haven't seen any crashes due to bad XSLT or XML input to XSLT either.  It validates or it doesn't.  It provides the correct output or it doesn't.  There isn't any real wiggle room as far as I'm aware to break security models.

Care to share?  Are you referring to the lack of standards-compliance in IE 5.x?  You must remember that IE 5.0 came out before the XSLT spec was finalized and was compatible with the working draft at the time it was released.

If I'm made in God's image then God needs to lay off the corn chips and onion dip. Get some exercise, God! - Tatarigami
[ Parent ]

Disabling active content is not a solution (3.25 / 8) (#49)
by Silent Chris on Fri Nov 22, 2002 at 11:09:37 AM EST

Educating the users is.  There are a lot of sites that legitimately use ActiveX controls, Javascript, Java, etc. to do things that can't be done (and need to be done) with normal web pages.  There's no way you're going to be able to turn it off for ever.

If you educate the users to not blindly click OK every time they see a security box, you're not only helping them on the web, you're helping them anytime they have to deal with an inquiring computer (e.g. "would you like me to delete this critical system file").  It costs more time/money up front, but the dividend is worth it.

I call bulls*t (3.66 / 3) (#54)
by Scott Marlowe on Fri Nov 22, 2002 at 12:51:45 PM EST

Sorry, but the simple act of browsing the web should not be riddled with danger.

Only in the Microsoft Windows Universe is this so.  Ever heard of a user of a Solaris or Linux box, who doesn't have the admin password, having to be careful what they clicked on?  

Hell no.  Even though NT/2K/XP have security, of a sort, built in, the sad fact is that Windows and all it's components are so riddled with security holes that the user has to be damned careful what he does.

My computer at home dual boots Windows and Linux.  In Windows I just set the NIC to not configure on boot up, and my kids know that to browse the web they have to be in Linux.  Windows for games, Linux for everything else.  

No one should have to worry about whether the next link they click on is a chocolate covered spikey ball from a Monty Python skit.  And only with MS running the show and providing you with your OS / Browser is this the case.

[ Parent ]

Actually (2.50 / 4) (#64)
by Silent Chris on Fri Nov 22, 2002 at 03:42:31 PM EST

I've worked in a few circumstances where someone with basic permissions (UNIX, in this example) hosed their home directory and a few rogue files.  To them (and to us) this was just as bad as hosing the system entirely.  All of their work was gone, and restoring a backup was the only solution.

Can a web page fry a Windows box?  Absolutely.  (More so with the 9x series -- if you set decent permissions on 2000/XP you rarely have to worry).  However, the fundamental solutions are basically the same: recover what's missing and get the user back up and running.

[ Parent ]

Not really the same (4.33 / 6) (#70)
by Scott Marlowe on Fri Nov 22, 2002 at 05:13:29 PM EST

But that's not really the same thing.  While it's impossible to keep people from doing something really stupid (hey, what's this big red switch do?) no one should have to live with a computer and OS that are like walking through a minefield.

The problem with Windows/IE/OutLook is that there are so many glaring holes in the OS that can let a malicious program "get root" so to speak, that just clicking on a web page is a truly dangerous thing.

It's the combination of several exploits that are usually present on Windows systems that make them truly dangerous.  One exploit lets them read where your files are, the next one lets them run code on your box as you, the next exploit lets that code get promoted to "administrator" and then they fry your box.

While these kinds of exploits are found in Unix as well, they are usually patched quicker, and tend to not be found as often, so it's far less likely that a chain of exploits exists on a given platform to make it so dangerous to use.

On Windows, it's like Microsoft created the exploitable frame work on purpose, and when people complained (remember when Active X was first introduced and MS poopooed all the detractors saying it was just as safe to run signed binaries with no sandbox as it was to run Java in a sandbox?) MS just shrugged and said it was what users wanted.

I doubt that what my mom wanted when she bought her computer from Dell was an OS that could self-immoliate should she click on the wrong link.  She just wanted to be able to send email, write letters, and see online pictures of her grandkids, and she can do that with almost any OS extant today.  But on only one OS does she have to be "trained" not to click on a link because thay might be dangerous.

[ Parent ]

Assumption (1.00 / 1) (#92)
by Silent Chris on Sun Nov 24, 2002 at 10:49:04 AM EST

Of course, there's a tacit assumption that Unix code would stand up to millions of prying gradmothers.  That isn't necessarily true.  I always said if Unix had the same market share, more holes would be discovered.  More user level programs would be written incorrectly.  

Additionally, I don't know if I like the idea of a web browser without ActiveX, or an email program that wouldn't preview HTML mail correctly.  It may not be important to you or I, but it can be important to granny.

[ Parent ]

Nice theory, little support (4.00 / 1) (#93)
by Scott Marlowe on Mon Nov 25, 2002 at 01:53:04 PM EST

It's nice that you believe that a lot of people using Unix would find as many problems as the many people using Windows have found problems.

It is, however, unsupportable.  The reason there are so many problems like this in Windows lie wholly on the doorstep of Microsoft, not the users, and not the other programmers who write software for Windows.  The entire OS is full of security holes so big you could drive a MAC truck through them.  

Yes, there are holes in Unix.  But they are smaller and tend to be self containing.

You don't like the idea of no Active X?  Then you don't understand computer security, even a little bit.  ActiveX is quite possible the stupidest thing to ever be foisted on the computer using public by MS.  The idea that a piece of code, running with no "sand box" around it, and having all the same access and power as the user is a little scary.  The idea that said code can simply be launched by clicking on a link is doubly so.  That the only mechanism to decide if that code is good or bad is who signed the certificate for it is trebly so.

Granny's don't need active X.

As for html displayed in a mail client, it wouldn't be a problem if the html parser used weren't IE.  I read my email in mozilla all the time.  It displays the html just fine.  I don't have to worry about my machine trying to sprout legs and head out the door either, because it's not running IE.

Your arguments are weak.  The initial premise was that the problem wasn't code, but that users need training, mine was that you shouldn't have to teach granny to NOT click on certain things or not read email from certain people, because the machine should be reasonable safe from such things.  You have NOT convinced me in any way your original argument holds water, but have drifted away from it to justifying keeping activeX around to make granny happy.

I submit that what would make granny happiest would be an email client / web browser that can't cause her machine to self destruct should click on the wrong link.

[ Parent ]

Granny doesn't want anything different (none / 0) (#99)
by Silent Chris on Mon Nov 25, 2002 at 07:18:54 PM EST

"I submit that what would make granny happiest would be an email client / web browser that can't cause her machine to self destruct should click on the wrong link."

And yet Granny continues to buy Windows machines.  Granny is told about Macs but doesn't bother.  I've offered to install Linux on Granny's machine (well, my Granny anyway), and she was aghast when she found out she couldn't hear her children speak in emails (some weird AOL-type thing).  I offered an alternative to the weird AOL-type thing, and Granny would have nothing of it.  I offered Granny a single machine that would do just email and browse the web, and even she knows it's "a bad deal" ("I can get a computer for that money!")

You may think the arguments are weak and invalid, which is fine -- from a computer scientist viewpoint.  Comp sci was my B.A.  It's nice in theory, but holds little weight in Granny's world.  I do believe my argument continues to stand: if Unix-style systems were under the same weight as Windows desktops, they would collapse equally as bad.  

XFree86 has already shown that no matter how well you design an underlying OS, for the desktop, the GUI is critical for the average person.  If the GUI goes down (which happens to me equally as much in Unix as it does in Windows), Granny has no clue of bringing it up.  If Unix had that kind of weight on it, where everyone who used it had no clue about it's underpinnings, it would collapse just like Windows.

[ Parent ]

Granny's addicted (4.00 / 1) (#100)
by Scott Marlowe on Mon Nov 25, 2002 at 08:14:41 PM EST

to windows.  Like crack.  

As long as someone is willing to support her habit, she'll keep right on using it too.  The problem right now is that most of the people she calls can and will support her.  If everyone in her family used a Mac then she would too.  Same goes for Linux or BSD.

As for xfree86 going down, I haven't had Xfree86 crash more than once in the last two years on the three machines I use regularly, and all I had to do to get it back up was CTRL-ALT-BACKSPACE.  I think granny can handle a vulcan nerve pinch once every 5 or 6 years...

Unix/Linux would NOT collapse under the load if everone used it.  It's so much more stable I could support 10 or 20 times the number of grannies running it as Windows, and when something did go wrong, I could log in remotely and fix it pretty easily.

You keep saying that with more users unix would collapse, but you offer no proof, or even a good theory as to why this self-evident prophecy would be true.  In fact, I would offer that the overall greater stability of unix and it's better design would mean it would handle the load of thousands of granny's with no problem.

There's plenty of folks using Unix who have no clue how complex it's underpinnings are.  They're called Mac OSX users.  And so far, it looks like OSX is MUCH easier to support than OS9 was.

[ Parent ]

Browsing shouldn't be an OS endangering exercise. (3.50 / 2) (#86)
by static on Fri Nov 22, 2002 at 11:09:44 PM EST

One of my employers clients is seriously looking at installing an X terminal network with 2 or 3 large Unix boxes, at least one of which is Linux. The X terminals will be not very powerful (but new) PCs with network boot. They will also have no HDD, no CD-ROM, no FDD and will boot a Linux image. The administrator likes the idea of Linux desktops because a) they can't download and run Windows programs and b) the X terminal hardware is really not worth stealing.

Wade.


[ Parent ]

Not entirely true (2.00 / 1) (#98)
by 0xA on Mon Nov 25, 2002 at 06:45:23 PM EST

Microsoft is by FAR the worst offender but not the only one. If you look at the links in the article both Mozilla and Opera have had issues lately.

Hell even the first few versions of Netscape that had a JVM in them had exploits, on all platforms.

An yes a non root user on a Unix machine can't wipe out /usr, but losing /home/me could be just as bad.

[ Parent ]

Poll: Other - Mozilla (5.00 / 5) (#51)
by nstenz on Fri Nov 22, 2002 at 11:13:34 AM EST

I run Mozilla and Sun's Java VM and hope I don't have to worry too much about gaping security holes and active content bullshit anymore.

bingo (none / 0) (#53)
by El Hober on Fri Nov 22, 2002 at 12:18:12 PM EST


---
"Painting is an infinitely minute part of my personality."
-Salvadore Dali
[ Parent ]
How to get your test machines. (4.60 / 5) (#55)
by Scott Marlowe on Fri Nov 22, 2002 at 12:56:32 PM EST

Simple.  Go in at 1:00am.  Do the upgrade.  Test it, make sure it works.  Wail until 6:05am.

Down the servers.  Up the servers.  Repeat every 5 minutes.

At 7:30, up the servers and leave them there.  At 9:00, down them, then bring them back up at 10:00.

Repeat until the boss lets you buy said test servers.  It'll work, trust me, it'll work.

How to get fired (none / 0) (#61)
by frawaradaR on Fri Nov 22, 2002 at 03:13:11 PM EST

Boss will just get someone who knows his stuff.
frawaradaR anahaha islaginaR!
[ Parent ]
puhleaze... (5.00 / 5) (#71)
by Scott Marlowe on Fri Nov 22, 2002 at 05:20:07 PM EST

With a MS server?  It's not like they aren't used to some downtime already, right?

Seriously, if their boss wants him to upgrade a live site with no test servers, the person who doesn't know how to do their job is his boss.

I still remember way back when, I was SA on an ancient Burroughs machine running CTOS.  It ate hard drives (corruption, not physical destruction) at the rate of about once every three months.  Once, when a drive started corrupting, I told everyone to log off, as I needed to down the system and switch hard drives, and we'd be offline for about 30 minutes.

Everyone logged off except the technical writers, who kept telling me they needed just 10 more minutes.  I told them to make sure and save as often as they could, as the system was becoming unstable (which it was, processes were aborting left and right.)  After nearly an hour of their telling me they needed ten more minutes, I went into the server room, and switched off the server, and switched it right back on, bringing it up to maintenance mode.

They came running up stairs as I was leaving the server room.  My god, my machine crashed, I lost almost an hours worth of work.  Ahh.  What happened?  

I reminded them I'd told them to backup, the machine was getting cranky, etc...  I told them it had spontaneously rebooted when it ran out of resources.

6 months later, one of the drives started acting up, and I went around to tell folks to log off.  When I got to the technical writers and told them, they all, as one, logged off immediately.

Sometimes the best thing you can do for someone is spank them

[ Parent ]

What a fine troll (1.40 / 5) (#57)
by Swoko on Fri Nov 22, 2002 at 01:41:04 PM EST

Since I agree with most of your points, Java Applet do not have these security problems

What about the cost? (3.00 / 1) (#66)
by marktaw on Fri Nov 22, 2002 at 04:08:32 PM EST

The bottom line: If you can't pay for the test server with your overtime pay, it's not worth it to your employer to buy one... It's cheaper to pay you to work overtime.

KIBO KNOWS THE ANSWER (2.40 / 5) (#68)
by Basalisk on Fri Nov 22, 2002 at 04:29:00 PM EST

WE MUST BEABLISE HAPPYNET

Unfortunately not many people will get this joke.

--
SIGILL, took two, doctor will see it in the morning.

DOIDY DOIDY DOIDY (n/t) (2.50 / 2) (#72)
by ninja on Fri Nov 22, 2002 at 05:22:12 PM EST



[ Parent ]
Humm??? (3.00 / 2) (#78)
by levesque on Fri Nov 22, 2002 at 08:18:07 PM EST

Kibo

[ Parent ]
HappyWeb (3.00 / 2) (#90)
by jeduthun on Sat Nov 23, 2002 at 03:55:19 PM EST

For those of you who want to get the joke:

HappyWeb

[ Parent ]
lalala (2.50 / 2) (#91)
by inspire on Sun Nov 24, 2002 at 08:39:55 AM EST

Poor Spot!
--
What is the helix?
[ Parent ]
By your reasoning (4.25 / 4) (#84)
by ttfkam on Fri Nov 22, 2002 at 10:00:35 PM EST

why would any business ever stop using that software?  You have patches available, you watch the buglists for vulnerabilities, and apparently you can get the problem solved before anyone else notices (if ever).  You are doing your job.

Why would your company ever stop doing something that totally fits into your job description?  They obviously take advantage of the data access objects.  They obviously find it to be more useful and profitable over the method they used before.  They like that their sysadmin fixes problems quickly and before they become problems for the rest of the company;  That's why they hired you.

Don't get me wrong.  I am a firm believer in security through design and not through production patches and service packs.  But from everything you've described, your company has exactly zero incentive to change their behavior, and Microsoft has little incentive to change their practices because your company is ostensibly a satisfied customer.

At the moment, your company probably finds that it is cheaper to pay your salary and maintain the status quo rather than spend the money to re-tool everything to take advantage of a more secure platform.  The latter would probably cost more than your annual salary in downtime, retraining, debugging, etc.

Want things to change?  Quit your job, rewrite their infrastructure, and sell them the replacement for a reasonable cost.  Not cost effective for you to do that?  It isn't for your company either.  Maybe you can find an easier and more convenient way of doing it.  By all means, let your company (and the rest of us) know about it so that things can get better.  Companies don't care about standards; They care about the bottom line.  They don't care about security unless it starts to affect their bottom line.  They don't care that you're overworked unless it affects the bottom line.

Your loss of a good night's sleep does not affect the bottom line.

It sucks.  Corporations suck.  They're paying you to do it.  The choice is yours.  I appreciate your comments as a rant that we all identify with sometimes.  But unless you can propose a viable alternative instead of just pointing out where things are suboptimal, it will always be just another idle job gripe and nothing changes.

If I'm made in God's image then God needs to lay off the corn chips and onion dip. Get some exercise, God! - Tatarigami

Not an uncommon problem (5.00 / 4) (#89)
by jefu on Sat Nov 23, 2002 at 11:26:36 AM EST

Not entirely on topic.

I hope you're at least getting paid overtime (you've gotta love those jobs where overtime is considered normal and unpaid, but undertime is penalized).

I'd suggest something like this :

  • Write an official memo detailing the problems and several possible solutions.down, This should include (at least) :
    • Point out that you are there to provide services to the user community and that this is essential and that you want to make things usable and convenient as this is the best thing in the long run.
    • Point out too that this usability has potential risks and that those need to be considered.
    • Be professional, present as many alternatives as you can and give budget estimates
    • Be sure to detail costs including lost work and the like if a disaster occurs. There's lots of info on the web about costs for security intrusions - use it. Include your overtime. If you don't get paid overtime, make sure that they understand that you'll be taking comp days off as needed, in which case they may need someone to cover your responsibilities. Guess if necessary - better to overestimate than underestimate. Remember Murphy's Law.
    • One alternative is to close everything down completely - no Flash, no unfiltered email, no java, no javascript, no ActiveX. Web access only through caching/screening proxy, or even no web access at all. Point out the usability costs - but the security advantages.
    • Another possibility might be to open up just a couple of machines so that people who want to use the spiffy extras need to leave their desks and go use them. (See below, XTerms would make this feasible - but without requiring people to leave their desks - the risky stuff can be run on a protected machine (more or less).)
    • Or you might suggest opening everything up and backing things up automatically to non-volatile media every couple hours. Estimate media costs. Every couple days you'll need a second copy of the whole system and these need to be stored off-site in a secure location. (I know, I know, you know this already. But I"m always amazed at how many companies claim to know this but don't do it.)
    • You can also suggest migrating to another machine/os (Macs with MacOS X has some interesting advantages) as it runs IE, MS Office and so on but has standard unix under the hood so lots of standard unix tools work - and there are lots of unix tools. (Warning - I'm a unix geek and likely to be biased.)
    • Another alternative might be straight unix with thin clients (xterms essentially) - you can use your current hardware as an xterm until it dies. As a unix geek I'd favor this stuff, but it does incur substantial training costs, software costs and the like.
    • One recommendation should be to hire a consultant or outside group to audit these and related problems on a continuing basis - include costs.
    • Pick one or two alternatives as favored and one as your choice.
    • Pick another as the route you'll take if none of the others are approved. Given the way business works this is likely to be the best free alternative, but may be potentially risky. This is probably what you're doing now. Point out its problems. Don't point out how much it might cost for someone else to have to come in and take over with a hodgepodge setup - thats usually taken as extortion - it may be the truth, but managers don't give a shit about truth.
    • stress legal liability and cost estimates for fixing serious problems.
    • Be sure to suggest that there is always the option to hire a consultant to study this problem and propose solutions.
  • Wait a week.
  • If your manager has not approved one of the alternatives, send another memo detailing your use of the default policy you'll be using. Copy all the plusses and minusses of that policy into this memo and include a copy of the first one.
  • Get your manager to sign off on whatever alternative is chosen. this is important so I'll repeat it: Get Your Manager's Signature
  • If your manager does not sign the memo, send another memo the next step up the food chain. Repeat till you have a signature.
  • With luck someone will have figured out that your Number One choice is a Good Thing.

Sadly enough, due to the Peter Principle, you're likely to have a small minded manager who will want to fire you for having done this. But remember, if something happens its not unlikely that that same manager will blame you if something goes wrong. And while its always possible that the manager will be fired for it, its far more likely that you'll be the one to suffer. Worse yet, I've heard stories (possibly folklore) of people getting sued for messing up when it was really managment's fault. Unemployed and spending all your time in court - what a way to live.

If you're an ACM or IEEE member, you might want to take a look at their codes of ethics.

In all likelihood your job is not to set policy (although your job probably does implicitely include recommending policy). It sounds like you're already setting policy, but that is a risky place to be without the support of management.

Not really an issue (none / 0) (#97)
by 0xA on Mon Nov 25, 2002 at 06:39:00 PM EST

I report directly to the owner of the company, he's a very tech friendly kind of boos. I explain stuff and he listens well, he's not afraid to ask questions or call me on stuff either.

I do set policy in this area, it's just a bit of a minefield. The more special cases I have the more of a hassle configuration management is. So there more chances for mistakes or overlooking something.

[ Parent ]

My Meta Point (none / 0) (#101)
by jefu on Tue Nov 26, 2002 at 07:28:55 PM EST

It is good that you have a good listener for a manager - and the fact that he owns the company does help.

But part of the point I was trying to make is really a kind of meta-point (and I'd like to point out that I didn't make the point that the meta-point was a big part of the point because I was hoping the interested reader would get the point without it being pointed out - so to speak).   Which is that someone who needs to make the kind of decision you need to make should think not just about the decision itself, but about the way its made.  

An evaluation of some of the alternatives with review by users, another technical person and management would be a Good Thing.  

[ Parent ]

A Kinder, Gentler Web | 103 comments (96 topical, 7 editorial, 0 hidden)
Display: Sort:

kuro5hin.org

[XML]
All trademarks and copyrights on this page are owned by their respective companies. The Rest 2000 - Present Kuro5hin.org Inc.
See our legalese page for copyright policies. Please also read our Privacy Policy.
Kuro5hin.org is powered by Free Software, including Apache, Perl, and Linux, The Scoop Engine that runs this site is freely available, under the terms of the GPL.
Need some help? Email help@kuro5hin.org.
My heart's the long stairs.

Powered by Scoop create account | help/FAQ | mission | links | search | IRC | YOU choose the stories!