Loading User Information from Channel 9

Something went wrong getting user information from Channel 9

Latest Achievement:

Loading User Information from MSDN

Something went wrong getting user information from MSDN

Visual Studio Achievements

Latest Achievement:

Loading Visual Studio Achievements

Something went wrong getting the Visual Studio Achievements


Ray7 Ray7
  • Heartbleed

    , fanbaby wrote

    *facepalm* not again..

    Anecdotes, like heartbleed, mean nothing. Open source is more secure for the reasons mentioned above.



    Or we could simply ignore the problem, yes.

  • Heartbleed

    , bondsbw wrote


    I think this is the takeaway.  As I understand, there was a formal review and the reviewer didn't catch it.  But then again, why should your company trust an unpaid external reviewer when it comes to critical software like this?

    The unfortunate reality is that while open source is a great way to standardize and share code, it really isn't some panacea where the company can get code completely for free.  The company either needs to hire reviewers for mission-critical open source software, or (more realistically) they need to hire an outside firm that does this and provides a certain level of guarantee/insurance.

    The one thing they don't need to do is assume anything mission-critical they find on Github is "good enough as-is".



  • Heartbleed

    , KirbyFC wrote

    *snip*This is one of the big myths surrounding open source.

    The concept of open source began many years ago when some programmers got together and said "Hey, wouldn't it be great if everyone made their source available to look at, modify, etc...."    And it's a great idea -- IF you are a programmer. But that's the problem.  The vast majority of people in the world are not programmers.

    In *THEORY* anyone can look at the source code.  In *REALITY* the number of people looking at the source code is very small.  Other than the people actually working on the code, very few people are looking at the source closely enough to find a serious problem. This is not meant as a criticism of open source, it is simply reality.

    This is precisely my point. I think the problem is this notion of 'more eyes on code' when what we really should be concerned with is 'what eyes and if they're any good.'

    Now the past few outfits I've worked for have employed third parties to look for vulnerabilities, and I think that perhaps the OS community should look into setting up some sort of body of experts who can advise on this sort of thing. A well-maintained site so that volunteers know what's expected of them, can get advice on how to test for known vulnerabilities, how to avoid script injection etc.


  • Heartbleed

    I always thought that one of the advantages of open source code is that bugs are picked up more quickly because there are more eyes on the code.

    Is this simply a case of 'not all OS projects are created equal' or do we need some sort of formal review process for critical stuff like this to actually prove it was written and tested by people who know what they're doing?

  • Office for iPad

    , Bass wrote

    Why would you pay a yearly subscription for this when iWork is free and Apple puts serious effort into making it run well on iPad.

    Because you've got an enterprise vault full of Word documents that you still need to update.

  • Office for iPad

    , Sven Groot wrote


     And as far as I can tell, it's only for the actual in-app payment of the first year. After that, MS gets 100%.

    Nope, the in-app purchase is made through your iCloud account, so every time it is renewed, Apple gets 30%. 

    This is why Amazon doesn't support purchases through the Kindle app on iOS. If you start your subscription on iOS then switch to Android, Apple will still get a cut, unless you stop the subscription and renew it on Android.

  • Office for iPad

    , cbae wrote

     Edit: I just read Apple is getting 30% of the Office 365 subscription.


    I can't believe they agreed to that.

    Well they didn't really have a choice, did they?

    The Surface hasn't turned out to be as much as a draw as Microsoft had hoped, and the lack of Office on the iPad hasn't really put a dent in Apple's sales. 

    Besides, if Apple had given Microsoft a free ride then their developers would have been, quite rightly, up in arms. 

    Still, as someone has already pointed out, consumers are not going to sign up for an Office subscription, so most of the sales are going to be for enterprise users who still want to stick with Office (though from what I've seen, most outfits are happy with earlier versions that they don't have to shell out yearly for), and the enterprise customers are not going to be buying this through the app store.

    Apple's ongoing developers are more important to Apple than Microsoft, so the 30% is no surprise; there was no way Apple could afford to p*** off its developers by giving MS a free ride on the app store. 

    It's very telling that on the day of the launch, Tim Cook greets the new addition to the iPad and then goes on to tout their  iWork, Evernote (a competitor to OneNote) and Paper (has not comparison). 


    Nope, the 30% cut is no surprise. The only surprise is how long it took MS to cave in and agree to it.

  • How can you not like google

    How much you spend is probably less important than what you spend it on. 

  • How can you not like google

    , Bass wrote


    You forgot the slides and ball pits. :) But it's more because they are a GNU/Linux shop, and that they are especially focused on machine learning and AI (ie. it's core to their main revenue sources). But I'd even work on boring CRUD/business apps just to be around the kind of people that work at Google.

    You mean the kind of people who try to strangle innovation by sueing the competition using FRAND patents?

  • Red Star OS

    Good luck with that lawsuit, Tim.