Discussion:
best language for 3D manipulation over web ?
(too old to reply)
Jeff Sandys
2001-05-31 16:00:45 UTC
Permalink
Alice is a 3d navigator, don't know if it will work for your app though.
http://www.alice.org
Hi All,
I will be writing a program that needs to be accessible over the web that
will seek to manipulate objects in three dimensions through the access of an
oracle database. I could be manipulating as much as 32 MB of memory (with
respect to data only) in space. I would also need to slice and
interpolate information on the fly. I am a Java programmer, but my fear is
that Java is not as fast as it should be in order to handle such
manipulation (assume users have at least a T1/cable modem connection, and
are not going in by 56K modem)
What is the best language for this ( I will need to do GUI programming as
well).
Although I am really comfortable with Java and prefer to go this route, I am
wondering if there is a better and faster way (I feel that Java is slow in
general, even for 2D). If you recommend another language, can you please
recommend which 3D library and GUI library that I would use, as well as
explaining how I (or the language's API) connects to the web browser ? I
am not experienced with "Applet" creation outside of the Java language.
You attention is greatly appreciated with regard to this matter.
CC-ing email to jackie at popmail.med.nyu.edu, would also
be greatly appreciated.
Jacqueline
Bart Kowalski
2001-05-31 18:14:43 UTC
Permalink
Please do not cross-post "which language is better" messages to different
language newsgroups. Especially not comp.lang.java and comp.lang.c++. You risk
being hanged for that.

To all other people who are reading *please* don't start another flame war. It
gets extremely annoying.

<snip>


Bart.
Jacqueline L. Spiegel
2001-05-31 16:25:38 UTC
Permalink
Hi All,

I will be writing a program that needs to be accessible over the web that
will seek to manipulate objects in three dimensions through the access of an
oracle database. I could be manipulating as much as 32 MB of memory (with
respect to data only) in space. I would also need to slice and
interpolate information on the fly. I am a Java programmer, but my fear is
that Java is not as fast as it should be in order to handle such
manipulation (assume users have at least a T1/cable modem connection, and
are not going in by 56K modem)

What is the best language for this ( I will need to do GUI programming as
well).

Although I am really comfortable with Java and prefer to go this route, I am
wondering if there is a better and faster way (I feel that Java is slow in
general, even for 2D). If you recommend another language, can you please
recommend which 3D library and GUI library that I would use, as well as
explaining how I (or the language's API) connects to the web browser ? I
am not experienced with "Applet" creation outside of the Java language.

You attention is greatly appreciated with regard to this matter.

CC-ing email to jackie at popmail.med.nyu.edu, would also
be greatly appreciated.

Jacqueline
Nick Perkins
2001-05-31 19:40:14 UTC
Permalink
Keep in mind that you can write Java Applets in Python,
specifically, the version known as Jython.
( It is quite easy, and gives you the benefits of a better language )

..Manipulating 32MB of 3D data sounds like a job for C,
or even better, an existing 3D C library which has
a Python interface.
Polterguy
2001-06-02 20:31:50 UTC
Permalink
[...snip...]
I agree totally, but fact is 99.99999% of the commersial world uses win32.
So why go through the extra trouble adding cross OS programming when it's
going to increase the cost of releasing a product with a factor of 50?!?

All game companies founded on cross OS releases have either gone broke or
are soon to become so!
How much I may hate Bill Gates and that stupid CEO of him who doesn't even
know what HAL means, there's still the facts.
If you want to be successfule and reach 99.9999% of the world use technology
built on win32, DirectX, C++, hell fucking ay, if you can get away with it
use VB!!. Use OBJECT tags in your HTML, use ASP (especially the new ASPX and
the webforms i find XTREMELY interresting...).

This is my opinion and I realize this will probably become my own social
suicide, but fact is that every successfule software dealer don't give a
shit about anything but windows...

...all though it's really sad, and I wish the world was different...
Boyd Roberts
2001-06-07 17:46:28 UTC
Permalink
Now you can get Sendmail executing a command for you, like "bash" and this bash
is then a root shell, because it was invoked by a root process.
in your dreams. modern sendmails are very resistant to attack.

it doesn't need to run as root, except to bind to port 25 and
then it can setuid to some 'mail' user.

not that i ever thought sendmail was a good idea.
TGOS
2001-06-07 19:21:10 UTC
Permalink
Post by Boyd Roberts
Now you can get Sendmail executing a command for you, like "bash" and this bash
is then a root shell, because it was invoked by a root process.
in your dreams. modern sendmails are very resistant to attack.
I didn't say that this will still work today, I was just repeating what I found
a page with a collection of (meanwhile fixed) Sendmail bugs.
Post by Boyd Roberts
it doesn't need to run as root, except to bind to port 25 and
then it can setuid to some 'mail' user.
The fact that it doesn't have to root as root process is something I mentioned
as well (actually I found a whole webpage about this topic).
--
TGOS
Attila Feher
2001-06-07 08:09:54 UTC
Permalink
Now that was true in Hungary! Maybe not today, but I doubt that big cos
changed a lot. I said I want it w/o OS they said: no way. MS
_forces_them_ to sell Windoze with every PC. I said then I don't want a
HDD in it. They say OK, then it costs +100USD. I say: so long
suckers... and bought a PC from a "garage company". The ridicul is that
I had highest possible MSDN and I was buying this SMP stuff for
development... I already bought the OS for a lot of money from MS.
Actually _all_ OSs including the traditional Chinese versions... And
now comes: the garage PC needed me to install a new vent into it for the
HDD was too hot... So at least where I am you don't get a PC w/o MS OS.
:-(((
A
This is also true for Norway!!
So we can state it is true for at least 2 countries that "ignorant"
users do have MS opsys and some of them might have Mac, because this is
what they get ready-preinstalled and everywhere. Of course: it may not
be true for everybody's target group but game manufacturers are very
unlikely to fail to work for Windows only in their 1st release. BTW of
course this is not true for _any_ internet client application since
there the client can be literally anything - including really weird
devices... And then most probably the only way is to go Java and even
there there will be the problem of which version of Java you can use...

A
goose
2001-06-05 13:43:19 UTC
Permalink
Attila Feher <Attila.Feher at lmf.ericsson.se> merely scratched his head and went:
<snipped...>
I'd like to see you to make a full featured GUI which runs on Windows
(all the 5+1 versions in use plus CEs) _and_ all Unices with all Window
Managers with no incompatibilities (clipboard etc.). They are simply
this can be done as long as cross-platform means that actuall PC's will
be used, if u tell me make my sw run on ce, then u might as well ask me to run
it on toasters ...

tcl/tk, i have found, works quite well on all the PC's i have had occasion
to use (not including the palm devices, ce, and various personal organisers -
those are not PC's) - will not work on win3.1, though, as someone has yet
to port it (correct me if i am wrong)

regards,
--
goose
-----
<this space for rent - contact me for reasonable rates, p/d>
goose
2001-06-05 14:16:02 UTC
Permalink
Post by Attila Feher
[SNIP]
Post by goose
this can be done as long as cross-platform means that actuall PC's will
be used, if u tell me make my sw run on ce, then u might as well ask me to run
it on toasters ...
[SNIP]
U C people with Windows CE stuff might not agree with you. They don't
care if the SW runs on toasters or not, but they want it to run on CE -
that is the reason they bought it. :-))) CE is unline toasters: it has
a GUI in 99% of the cases, and of course an interactive SW will support
only the GUI. BTW it is unicode and Win32 so what runs on NT as UNICODE
(and carefully written) will run on this one, too. Let's suppose it
does not need 1/2G RAM :-))
sorry ... temporary brain-fade induced by getting into an argument concerning
"everybody uses windows, so u should only develop for microsoft" ...
terribly sorry
:-)

bye
--
goose
-----
<this space for rent - contact me for reasonable rates, p/d>
Attila Feher
2001-06-05 14:36:15 UTC
Permalink
goose wrote:
[SNIP]
Post by goose
sorry ... temporary brain-fade induced by getting into an argument concerning
"everybody uses windows, so u should only develop for microsoft" ...
terribly sorry
:-)
:-)))

A
Attila Feher
2001-06-05 13:55:31 UTC
Permalink
goose wrote:
[SNIP]
Post by goose
this can be done as long as cross-platform means that actuall PC's will
be used, if u tell me make my sw run on ce, then u might as well ask me to run
it on toasters ...
[SNIP]

U C people with Windows CE stuff might not agree with you. They don't
care if the SW runs on toasters or not, but they want it to run on CE -
that is the reason they bought it. :-))) CE is unline toasters: it has
a GUI in 99% of the cases, and of course an interactive SW will support
only the GUI. BTW it is unicode and Win32 so what runs on NT as UNICODE
(and carefully written) will run on this one, too. Let's suppose it
does not need 1/2G RAM :-))

A
Rainer Deyke
2001-06-06 16:48:50 UTC
Permalink
"Attila Feher" <Attila.Feher at lmf.ericsson.se> wrote in message
SDL: Game API wrapper. LGPL, so it can be (and has been) used in
closed-source commercial software.
wxWindows: GUI API wrapper. LGPL with additional permission to
redistribute
in binary form without restriction, so it can be (and has been) used in
closed-source commercial software.
Thanx! I have never payed enough attention than... So you use
wxWindows?
Not yet, but I'm planning to.
Last time I saw some important stuff was missing. I don't
do games (YET) but could you post me (Email) a URL to this SDL?
http://www.libsdl.org
Who
knows :-))) Do U think I could write a UML thing based on wxWindows?
I'm not really qualified to comment on that.
What OSs does it support? Is Apple in it? As far as I remember it
supported X only, which is a trouble if you want to write sthg you whish
to be used in high security places... (like Pentagon :-)))
What platforms are supported by wxWindows 2?
* Windows 3.1, Windows 95/98, Windows NT;
* Linux and other Unix platforms with GTK+;
* Unix with Motif or the free Motif clone Lesstif;
* Mac OS; A Mac OS X port is in progress.
* A BeOS port is being investigated.
* A Windows CE port is being investigated.
* An OS/2 port is in progress, and you can also compile wxWindows for GTK+
or Motif on OS/2.


--
Rainer Deyke (root at rainerdeyke.com)
Shareware computer games - http://rainerdeyke.com
"In ihren Reihen zu stehen heisst unter Feinden zu kaempfen" - Abigor
Attila Feher
2001-06-06 16:52:16 UTC
Permalink
Rainer Deyke wrote:
[SNIP]
Post by Rainer Deyke
What platforms are supported by wxWindows 2?
* Windows 3.1, Windows 95/98, Windows NT;
* Linux and other Unix platforms with GTK+;
* Unix with Motif or the free Motif clone Lesstif;
* Mac OS; A Mac OS X port is in progress.
* A BeOS port is being investigated.
* A Windows CE port is being investigated.
* An OS/2 port is in progress, and you can also compile wxWindows for GTK+
or Motif on OS/2.
Thank you very much for your time! I think it is worth to look at it.
If it progresses I can probably really make this UML tool I wanted. :-))

A
Attila Feher
2001-06-06 16:45:41 UTC
Permalink
Erik Max Francis wrote:
[SNIP]
If you know that your friends are an extremely atypical set, why did you
mention it at all, except as an attempt to generalize?
I don't know and never said they are atypical!!! All I have said that
they most probably don't form a large enough set to be representative
for statistical purposes. Do you have a habbit to put words to other
people's mouth they have never said???
I'm "evil" because you made a blatantly sweeping overgeneralization and
I called it out? Yeah, that makes sense.
No, I have not made _ANY_ generalization!!!! I wrote down:

---
BTW some competents I know play games... really... although I have never
seen an original box of any game they play :-))) So OK they do play.
But do they buy?
---


Where do you see here I say _everyone_ does it? Where do you see here
that I state they don't buy? Do you know the meaning of this sign: '?'
It means _I_have_asked_. No to make out from this words that I have
meant that every programmers steals the gamkes they play is plain evil.

A
Thomas Hansen
2001-06-06 14:34:50 UTC
Permalink
[...snip...]
I am not going to comment on all since it was very long and I don't have
time...
But fact is :
-If you have a computer and you play games, you probably (80% or
something) have bought it as a "package" from some kind of
hoover-salesman...
-If you buy from a hoover-salesman you WILL have windows installed
default...
-If you play alot of games, you're probably having a lot of spare time.
-If you have alot of spare time you probably don't know much computer.
-If you don't know much computer, STAY AWAY FROM *nix...
I have a friend of me which has been spending 3 weeks on getting X to
work on Linux since he's got a PS/2 mouse it's conflicting with some other
hardware (very common in the latest core), and since he "doesn't have a
mouse" he can't start X...
And my friend has got a Masters Degree in Programming!!!

That would NEVER happen on a preinstalled hoover delivered version of
windows as long as you don't press delete on you windows/system directory,
or open a mail named "I am a virus and I'll crash your BIOS, CMOS, OS,
HARDDISC and nerval-system"!!
Boyd Roberts
2001-06-06 21:48:01 UTC
Permalink
You need French cuisine knowledge. Quiche is "egg pie"...
peut ?tre pas.
TGOS
2001-06-07 03:57:04 UTC
Permalink
On Wed, 06 Jun 2001 19:20:06 +0300, Attila Feher <Attila.Feher at lmf.ericsson.se>
And they don't program in Pascal! :-)))
Why not?
--
TGOS
Attila Feher
2001-06-07 07:37:15 UTC
Permalink
Post by TGOS
On Wed, 06 Jun 2001 19:20:06 +0300, Attila Feher <Attila.Feher at lmf.ericsson.se>
And they don't program in Pascal! :-)))
Why not?
http://www.pbm.com/~lindahl/real.programmers.html

Worth reading. The one I've read originally was translated to
Hungarian, where "quiche eaters" made no sense so it was simply cut out
and changed to the term something like greenhorn, but... it is a term
from those clotches weared by children usually having the buttons on the
back. So the term "quiche eater" was there "backbuttoned" (direct
translation from Hungarian) - so that is one reason why I had no idea
about quiche - the other is that all I know from France is the world
most expensive highway tools of the world... on the Hungarian highways
run by French companies... :-)))

A
goose
2001-06-06 16:54:38 UTC
Permalink
LOL - neither do they eat quiche ...
Opps. Here is one of the many points my English knowledge ends. What
is quiche?
if you do a search on the net for "real programmers don't use pascal", u'll
find out ... it's very funny ...
--
goose
-----
" as a matter of fact, I don't find it very funny that this guy has
posted the same joke twice in 2 days...... it's bad enough when other
people steal jokes off each other but when you rip off your own jokes
there's something wrong with you "
--atj, cillian on about BretMS
goose
2001-06-06 15:40:37 UTC
Permalink
Post by Polterguy
[...snip...]
I am not going to comment on all since it was very long and I don't have
time...
-If you have a computer and you play games, you probably (80% or
something) have bought it as a "package" from some kind of
hoover-salesman...
-If you buy from a hoover-salesman you WILL have windows installed
default...
IIRC, the original post said 99.99% of computers run windows ...
I would like to see the source for this info ...maybe a web-page link ?
Post by Polterguy
-If you play alot of games, you're probably having a lot of spare time.
-If you have alot of spare time you probably don't know much computer.
-If you don't know much computer, STAY AWAY FROM *nix...
I have a friend of me which has been spending 3 weeks on getting X to
work on Linux since he's got a PS/2 mouse it's conflicting with some other
hardware (very common in the latest core), and since he "doesn't have a
mouse" he can't start X...
And my friend has got a Masters Degree in Programming!!!
That would NEVER happen on a preinstalled hoover delivered version of
windows as long as you don't press delete on you windows/system directory,
or open a mail named "I am a virus and I'll crash your BIOS, CMOS, OS,
HARDDISC and nerval-system"!!
i seem to be missing your argument, maybe i'm just a little dense
today...

what is your point ?
that 99.99% of computers run windows ?
that 80% of home computers run windows ?
that a pre-installed computer *always* comes with windows ?
that i cannot order a 'blank' computer from a hoover-salesman ?

regards,
--
goose
-----
" as a matter of fact, I don't find it very funny that this guy has
posted the same joke twice in 2 days...... it's bad enough when other
people steal jokes off each other but when you rip off your own jokes
there's something wrong with you "
--atj, cillian on about BretMS
Attila Feher
2001-06-06 15:58:39 UTC
Permalink
Post by goose
IIRC, the original post said 99.99% of computers run windows ...
I would like to see the source for this info ...maybe a web-page link ?
http://www.m$marketingbullshitandlies.neverbelieveit.ohboy.lie :-))))
Post by goose
i seem to be missing your argument, maybe i'm just a little dense
today...
I can send over some migren if you need a cause :-))) It is a real A
class one! :-)
Post by goose
what is your point ?
that 99.99% of computers run windows ?
I don't think so.
Post by goose
that 80% of home computers run windows ?
That may not be true in the US (Apple has a much higher % there than eg.
in Hungary) but it is really true that games manufacturers can still get
a very big market with MS only SW. Even MS Win9x/ME only.
Post by goose
that a pre-installed computer *always* comes with windows ?
This might have changed lately but it _was_ true. Places where you can
get it w/o Windows are not well know by the "simple" public. Really. I
live in Finland now. All PC ads have Windows whatever preinstalled. No
choice, only between a Win9x/ME or NT (4/2K/XP will be now). :-((( This
is the country of Linux!
Post by goose
that i cannot order a 'blank' computer from a hoover-salesman ?
Now that was true in Hungary! Maybe not today, but I doubt that big cos
changed a lot. I said I want it w/o OS they said: no way. MS
_forces_them_ to sell Windoze with every PC. I said then I don't want a
HDD in it. They say OK, then it costs +100USD. I say: so long
suckers... and bought a PC from a "garage company". The ridicul is that
I had highest possible MSDN and I was buying this SMP stuff for
development... I already bought the OS for a lot of money from MS.
Actually _all_ OSs including the traditional Chinese versions... And
now comes: the garage PC needed me to install a new vent into it for the
HDD was too hot... So at least where I am you don't get a PC w/o MS OS.
:-(((

A
Thomas Hansen
2001-06-07 07:57:39 UTC
Permalink
Now that was true in Hungary! Maybe not today, but I doubt that big cos
changed a lot. I said I want it w/o OS they said: no way. MS
_forces_them_ to sell Windoze with every PC. I said then I don't want a
HDD in it. They say OK, then it costs +100USD. I say: so long
suckers... and bought a PC from a "garage company". The ridicul is that
I had highest possible MSDN and I was buying this SMP stuff for
development... I already bought the OS for a lot of money from MS.
Actually _all_ OSs including the traditional Chinese versions... And
now comes: the garage PC needed me to install a new vent into it for the
HDD was too hot... So at least where I am you don't get a PC w/o MS OS.
:-(((
A
This is also true for Norway!!
Erik Max Francis
2001-06-06 15:57:14 UTC
Permalink
Post by Attila Feher
BTW some competents I know play games... really... although I have
never
seen an original box of any game they play :-))) So OK they do play.
But do they buy?
That competent computer users play games but never buy them is also
ridiculous.
--
Erik Max Francis / max at alcyone.com / http://www.alcyone.com/max/
__ San Jose, CA, US / 37 20 N 121 53 W / ICQ16063900 / &tSftDotIotE
/ \ The purpose of man's life is not happiness but worthiness.
\__/ Felix Adler
Maths reference / http://www.alcyone.com/max/reference/maths/
A mathematics reference.
Attila Feher
2001-06-06 16:42:04 UTC
Permalink
LOL - neither do they eat quiche ...
Opps. Here is one of the many points my English knowledge ends. What
is quiche?

A
Mike Tietel
2001-06-06 17:40:24 UTC
Permalink
In article <3B1E5D5C.7878FC9E at lmf.ericsson.se>,
LOL - neither do they eat quiche ...
Opps. Here is one of the many points my English knowledge ends. What
is quiche?
You need French cuisine knowledge. Quiche is "egg pie"...
--
mjt
Erik Max Francis
2001-06-06 16:27:24 UTC
Permalink
Having a bad day? Where did you see me writing this??? I _do_ buy
the
games (and then my GF plays them :-((( ), what I have told is that
those
guys I have seen _rarely_ buy the games. Very rarely. Now U can also
pay attention to little nuances like this :-))), which is meant
no attack etc. BTW the chances that I know enough programmers to make
a
representative selection is very low. So undertstanding what I write
the way you did is plain evil.
If you know that your friends are an extremely atypical set, why did you
mention it at all, except as an attempt to generalize?

I'm "evil" because you made a blatantly sweeping overgeneralization and
I called it out? Yeah, that makes sense.
--
Erik Max Francis / max at alcyone.com / http://www.alcyone.com/max/
__ San Jose, CA, US / 37 20 N 121 53 W / ICQ16063900 / &tSftDotIotE
/ \ We're the stars on Earth
\__/ Des'ree
Alcyone Systems' Daily Planet / http://www.alcyone.com/planet.html
A new, virtual planet, every day.
goose
2001-06-06 16:10:41 UTC
Permalink
Post by Erik Max Francis
Post by Attila Feher
BTW some competents I know play games... really... although I have never
seen an original box of any game they play :-))) So OK they do play.
But do they buy?
That competent computer users play games but never buy them is also
ridiculous.
<sense of humour>
*REAL* computer users don't buy games ... they write their own
</sense of humour>
--
goose
-----
" as a matter of fact, I don't find it very funny that this guy has
posted the same joke twice in 2 days...... it's bad enough when other
people steal jokes off each other but when you rip off your own jokes
there's something wrong with you "
--atj, cillian on about BretMS
Attila Feher
2001-06-06 16:20:06 UTC
Permalink
goose wrote:
[SNIP]
Post by goose
<sense of humour>
*REAL* computer users don't buy games ... they write their own
</sense of humour>
And they don't program in Pascal! :-)))

A
goose
2001-06-06 16:33:20 UTC
Permalink
Post by Attila Feher
[SNIP]
Post by goose
<sense of humour>
*REAL* computer users don't buy games ... they write their own
</sense of humour>
And they don't program in Pascal! :-)))
LOL - neither do they eat quiche ...
hehe
--
goose
-----
" as a matter of fact, I don't find it very funny that this guy has
posted the same joke twice in 2 days...... it's bad enough when other
people steal jokes off each other but when you rip off your own jokes
there's something wrong with you "
--atj, cillian on about BretMS
Attila Feher
2001-06-06 16:19:26 UTC
Permalink
Erik Max Francis wrote:
[SNIP]
Post by Erik Max Francis
That competent computer users play games but never buy them is also
ridiculous.
Having a bad day? Where did you see me writing this??? I _do_ buy the
games (and then my GF plays them :-((( ), what I have told is that those
guys I have seen _rarely_ buy the games. Very rarely. Now U can also
pay attention to little nuances like this :-))), which is meant showing:
no attack etc. BTW the chances that I know enough programmers to make a
representative selection is very low. So undertstanding what I write
the way you did is plain evil.

A
TGOS
2001-06-07 03:57:02 UTC
Permalink
On Wed, 06 Jun 2001 18:48:49 +0300, Attila Feher <Attila.Feher at lmf.ericsson.se>
Post by Attila Feher
[SNIP]
Either that or you like playing games. Competent computers users and
programmers play games too, you know.
If they have time and no headache :-(((
BTW some competents I know play games... really... although I have never
seen an original box of any game they play :-))) So OK they do play.
But do they buy?
Oh, I like playing games, especially Java multiplayer games that I can play
directly from within my browser on all the different UNIX system we have at
university. ^__^
--
TGOS
Erik Max Francis
2001-06-06 15:16:33 UTC
Permalink
For some peculiar meaning of "fact."
Post by Thomas Hansen
-If you have a computer and you play games, you probably (80% or
something) have bought it as a "package" from some kind of
hoover-salesman...
-If you buy from a hoover-salesman you WILL have windows installed
default...
-If you play alot of games, you're probably having a lot of spare time.
-If you have alot of spare time you probably don't know much computer.
Either that or you like playing games. Competent computers users and
programmers play games too, you know.
--
Erik Max Francis / max at alcyone.com / http://www.alcyone.com/max/
__ San Jose, CA, US / 37 20 N 121 53 W / ICQ16063900 / &tSftDotIotE
/ \ Experience is the name everyone gives to their mistakes.
\__/ Oscar Wilde
The laws list / http://www.alcyone.com/max/physics/laws/
Laws, rules, principles, effects, paradoxes, etc. in physics.
Attila Feher
2001-06-06 15:48:49 UTC
Permalink
Erik Max Francis wrote:
[SNIP]
Either that or you like playing games. Competent computers users and
programmers play games too, you know.
If they have time and no headache :-(((

BTW some competents I know play games... really... although I have never
seen an original box of any game they play :-))) So OK they do play.
But do they buy?

A
goose
2001-06-05 13:33:08 UTC
Permalink
Attila Feher <Attila.Feher at lmf.ericsson.se> merely scratched his head and went:
<<snipped..>
Post by Attila Feher
[SNIP]
In some countries there are even more Unix/Linux PCs than Windows PCs. Please
never assume that what is valid in your country is valid for the rest of the
world as well. You are not living alone on that planet and your country isn't
the only one that exists or that is important.
[SNIP]
Just to inform you: the worlds easiest to hack and crack systems are the
UNIX systems.
this is an opinion ... not a fact ... www.hackinthebox.org was once
giving out a top 20 list of sites which were most orginally hacked ...
not a single unix machine on their list ... www.attrition.org has more info
on what systems get hacked, and nt leads the pack, even though it is the
least used of the lot as http servers.

does this mean that the unicode bug is, finally, fixed ... 'cos i've seen
script kiddies who don't know what a nybble is hack IIS, but get totally
lost on UNIX systems ... sure bind has it's share of problems, but subscribe
to the mailing lists www.securityfocus.com ... a real eyeopener if you
think that unix is easier to crack than nt.
Post by Attila Feher
Due to the fact that they have been designed for
university (friendly) environment.
serious multi-user environments, unlike windows which evolved from a single-user
single-tasking os with no security at all ...
Post by Attila Feher
Serious users (security, incl. but
not limited to NATO, banks etc.) use VMS. Some smaller banks use(d)
i agree
Post by Attila Feher
OS/2. But what is sure: Linux (UNIX) with sources is ony used (at
serious places) as firewall (where the actuall OS is inspected and
corrected line by line) and as a Web Server with no online connection to
the real internal network. So don't take UNIX to any higher level than
it is.
i'm sorry - openbsd is probably *THE* most secure os on the planet ...
go to the website and read up about it (not too sure what it is, but should be
easy to find, considering it's popularity) ... be prepared to be impressed ...

regards,
--
goose
-----
<this space for rent - contact me for reasonable rates, p/d>
Andrea Griffini
2001-06-06 05:52:55 UTC
Permalink
On Tue, 5 Jun 2001 16:35:35 +0200, "Alex Martelli" <aleaxit at yahoo.com>
Windows/NT didn't -- it's a completely different system, and its
chief architect was the same guy who had chief-architected VMS for
DEC. In fact I find in it many of the things I disliked in VMS,
although at least it's simpler:-). But, like VMS (and Unix of
all sorts, and the IBM OS's, ...), it IS a real operating system.
I don't know about the system internals... those may be OK; but
from some level UP even Windows NT seems to me to some degree
thought to be surely multiprocess but not multiuser (at least
not with the same meaning as with unix).
I remember for example the funky case of a WEB server (an NT
service running in background) that istantly changed the locale
used to format and read dates/numbers in ASP scripting just
because a user with a different locale logged in (!!!!).

Even the missing of a user home directory is quite shining;
not to mention that until last releases there was no support
for having several users interactively connected to the system.

So may be that internally NT was built with the right low-level
mindset for getting a secure multiuser system... (nothing near
DOS and Win9x/ME) but surely it didn't grow up that way.

Also in NT its extremely simple to make the system crawl and die
if you get to execute "malicious" code even with simple user
privileges. Sometimes just executing unintentionally bad written
code. I know many ISPs that use *x that will allow customers to
compile and run their C/C++ programs on the system... but no one
using that policy with NT.

Andrea
--
Andrea Griffini, Programmer
http://www.netservers.com/~agriff
Attila Feher
2001-06-05 13:40:15 UTC
Permalink
goose wrote:
[SNIP]
Post by goose
serious multi-user environments, unlike windows which evolved from a single-user
single-tasking os with no security at all ...
I am not talking about Windows, I talk about NT where it is not true at
all. NT was never a single user OS.

A
Alex Martelli
2001-06-05 14:35:35 UTC
Permalink
"goose" <spam_kill.guse at hobbiton.org> wrote in message
news:3b1cdf94.55bd at bolder.com.co.za...
...
Post by goose
Post by Attila Feher
Due to the fact that they have been designed for
university (friendly) environment.
serious multi-user environments, unlike windows which evolved from a single-user
single-tasking os with no security at all ...
Windows/95 did (and its direct successors, /98 and /ME).

Windows/NT didn't -- it's a completely different system, and its
chief architect was the same guy who had chief-architected VMS for
DEC. In fact I find in it many of the things I disliked in VMS,
although at least it's simpler:-). But, like VMS (and Unix of
all sorts, and the IBM OS's, ...), it IS a real operating system.

/2000 uses NT technology, too. *In theory* the coming Windows/XP
is going to rely on /NT-/2000 technologies too, finally putting
to rest forever the last traces of the Quick & Dirty OS (QDOS),
which Gates bought & relabeled "DOS 1.0" in 1984 because he had
to have something to sell to IBM _fast_ and MS had zero skill
or experience in doing operating system software (QDOS, if I get
it right, was in turn basically a disassembly-hack a bit-reassembly
of CP/M to move it from 8080 to 8086 -- sorry, I just LOVE
rambling about such irrelevant stuff:-).
Post by goose
i'm sorry - openbsd is probably *THE* most secure os on the planet ...
go to the website and read up about it (not too sure what it is, but should be
http://www.openbsd.org/
Post by goose
easy to find, considering it's popularity) ... be prepared to be impressed ...
I love their approach to security, yes. If I ever were
responsible for choosing or suggesting a top-security OS,
with security being the overriding concern, I don't think
I would look further than OpenBSD.


Alex
Thomas Hansen
2001-06-08 13:05:10 UTC
Permalink
"Attila Feher" <Attila.Feher at lmf.ericsson.se> wrote in message
Every user should have his/her own registry (and not just a
sub-tree)
TOTALLY agreed.
See, we can agree to many different things ^__^
Not possible unless you want to install a billion ActiveX/COM components
x
times where x is the number of users on that computer...
Due to bad design...
A
Might be, but if every user were supposed to have a completely custom
registry, and info about COM servers were supposed to be stuffed in that
registry, it wouldn't be possible to have their own version of the registry
without multiple install of COM servers...
Attila Feher
2001-06-08 14:24:55 UTC
Permalink
Post by Rainer Deyke
"Attila Feher" <Attila.Feher at lmf.ericsson.se> wrote in message
Every user should have his/her own registry (and not just a
sub-tree)
TOTALLY agreed.
See, we can agree to many different things ^__^
Not possible unless you want to install a billion ActiveX/COM components
x
times where x is the number of users on that computer...
Due to bad design...
A
Might be, but if every user were supposed to have a completely custom
registry, and info about COM servers were supposed to be stuffed in that
registry, it wouldn't be possible to have their own version of the registry
without multiple install of COM servers...
I don't think so :-))) _If_ they guy has his own key, that is used.
Otherwise the main key is used. That simple - but of course for that
the OS has to be real multiuser :-)))

A
Randal Johnson
2001-07-09 03:31:49 UTC
Permalink
The problem with any real time programming over the web is not the language
you program in but the protocol you use.
Whether you are talking about real time video or games real time is a
hassle with TCP/IP.

Read the article on gamasutra by Bruce Holland on X Wing Vs Tie Fighter
and what they ran into trying to create a real time space combat internet
game.


"Thomas Hansen" <thomas.hansenNOSPAMORILLSUEYOURASS at entermatch.com> wrote in
Post by Rainer Deyke
"Attila Feher" <Attila.Feher at lmf.ericsson.se> wrote in message
Every user should have his/her own registry (and not just a
sub-tree)
TOTALLY agreed.
See, we can agree to many different things ^__^
Not possible unless you want to install a billion ActiveX/COM components
x
times where x is the number of users on that computer...
Due to bad design...
A
Might be, but if every user were supposed to have a completely custom
registry, and info about COM servers were supposed to be stuffed in that
registry, it wouldn't be possible to have their own version of the registry
without multiple install of COM servers...
Rainer Deyke
2001-06-06 16:06:57 UTC
Permalink
"Attila Feher" <Attila.Feher at lmf.ericsson.se> wrote in message
Yep. But let's say I want to make a non-open-source stuff. Wrappers
are either GNU licenced or damn expensive to buy/make...
SDL: Game API wrapper. LGPL, so it can be (and has been) used in
closed-source commercial software.

wxWindows: GUI API wrapper. LGPL with additional permission to redistribute
in binary form without restriction, so it can be (and has been) used in
closed-source commercial software.


--
Rainer Deyke (root at rainerdeyke.com)
Shareware computer games - http://rainerdeyke.com
"In ihren Reihen zu stehen heisst unter Feinden zu kaempfen" - Abigor
Attila Feher
2001-06-06 16:23:46 UTC
Permalink
Post by Rainer Deyke
"Attila Feher" <Attila.Feher at lmf.ericsson.se> wrote in message
Yep. But let's say I want to make a non-open-source stuff. Wrappers
are either GNU licenced or damn expensive to buy/make...
SDL: Game API wrapper. LGPL, so it can be (and has been) used in
closed-source commercial software.
wxWindows: GUI API wrapper. LGPL with additional permission to redistribute
in binary form without restriction, so it can be (and has been) used in
closed-source commercial software.
Thanx! I have never payed enough attention than... So you use
wxWindows? Last time I saw some important stuff was missing. I don't
do games (YET) but could you post me (Email) a URL to this SDL? Who
knows :-))) Do U think I could write a UML thing based on wxWindows?
What OSs does it support? Is Apple in it? As far as I remember it
supported X only, which is a trouble if you want to write sthg you whish
to be used in high security places... (like Pentagon :-)))

A
Roedy Green
2001-06-04 22:41:08 UTC
Permalink
On Sat, 2 Jun 2001 18:30:47 -0400, "Bart Kowalski" <me at nospam.com>
embedded processors (watches, cell-phones, calculators,
etc)
Most of the dramatic hardware evolution is in GAME machines. There
backward compatibility is not as important.



For more detail, please look up the key words mentioned in this post in
the Java Glossary at: http://mindprod.com/gloss.html
If you don't see what you were looking for, complain!
or send your contribution for the glossary.

--
Roedy Green, Canadian Mind Products
Custom computer programming since 1963. Ready to take on new work.
Attila Feher
2001-06-08 07:49:57 UTC
Permalink
Every user should have his/her own registry (and not just a sub-tree)
TOTALLY agreed.
See, we can agree to many different things ^__^
Not possible unless you want to install a billion ActiveX/COM components x
times where x is the number of users on that computer...
Due to bad design...

A
TGOS
2001-06-03 17:44:05 UTC
Permalink
On Sun, 03 Jun 2001 14:46:42 GMT, "Bruce G. Stewart"
<bruce.g.stewart at worldnet.att.net> wrote:

<snip>
Do you think a nuclear power plant runs with Windows? Or maybe the software of
an airport tower? If that's the case, how many people do you think would die
during a blue screen error?
Most computer systems, even in the nuclear power and air transport
industries, are not in life critical applications.
Interesting, so when the tower control software (that paints those little dots
onto your radar screen, including name and height of the airplane) all of a
sudden crashes and your whole screen is black, it's not life critical?

Oh wait, do you maybe want to tell me that those are no computer systems? There
are little draws behind the screen that pull little paper points over the
screen with their fingers, right?

Why the hell do you think does Micro$oft literally say in their license
agreement that you are not allowed to use their software in the two example
cases I mentioned above? To avoid that people do this as this could kill
people.
Do you think the majority of worldwide banks use Windows? An easy to hack,
insecure and not very stable operating system? A blue screen would mean loosing
millions of dollars a minute and a single hack would make every hacker a rich
man.
Yet most do use it. Not exclusively, but for desktop client machines,
it's very pervasive throughout the financial industry.
Not at the banks where my friend was working (he's system administrator for
bank networks). The majority used OS/2 and Attila just told me about VMS,
something I'll have to ask my friend about next week (maybe he also worked with
that more often).
At my university are over 2,000 PCs and not a single one runs with Windows.
You are perhaps fortunate, but not typical.
Oh, I checked that at other universities and it's not different there.
They usually don't run Windows for lot's of reasons.
Surely some individuals or departments could benefit from some
commercial software that is only available for Windows.
Which kind of software could this be? Provide an example.
(and never forget that there's also commercial software for other platforms.
Why do all people always assume that every non-Windows application is either
for free or open source?)
Are your systems implemented in some proprietary,
non-cross-platform way?
What do you mean by that?
The OSes on those 2,000 PCs are regularly update and they are very up-to-date.
On which planet are you living?
You probably think that 99% of all CPUs currently in use are x86 CPUs, right?
Well, that's damn wrong. Not even 40% of all CPUs are x86 compatible ones.
(Source: Market Research of '99...not quite up-to-date, but there hasn't
changed that much in the last 1 and half years)
And with what OS do you think run the other 60%? Certainly not with Windows.
A large percentage of CPUs aren't in personal computers.
Never said they are.
Many toil away in microwave ovens, cd players, electric toothbrushes, etc.
Don't forget:
Refrigerators, TV set top boxes, web pads, cars, etc.
These aren't particularly relevent to questions about 3D
graphic maniplulation over the www.
Let's assume your refrigerator has a WWW connection, so you could also surf
webpages with it. Why shouldn't you be able to access a 3D data base with it,
just because some shit-heads decided to use a Win32-only solution, instead of
an already existing cross-platform solution (that easily could have been
implemented into your refrigerator as well). Never thought about that?

What if you want to browse with a web pad, your set top box or with the new
mini computer in your new car in 5 years? Why do you want to exclude all those
users right from the start, instead of using a solution that will work for
everyone? Because you say that they won't want to access those 3D database? Who
are you to predict that, how can you really know?

Maybe people from a company want to access this database on their way to work
and now they can't because you said that won't ever happen? And then the whole
system must get rewritten for thousand of dollars, dollars that you can easily
safe by writing a cross-platform solution right now.
[...]
The main point of your post is well taken. A cross-platform interface
standard is preferable to a platform specific one, other things being
equal.
Especially in cases where a cross-platform solution already exists.
--
TGOS
TGOS
2001-06-05 22:51:06 UTC
Permalink
On Tue, 05 Jun 2001 11:55:01 +0300, Attila Feher <Attila.Feher at lmf.ericsson.se>
On a WinNT system of a company (for that I was doing some network
installation is part time job), it took me less than 24h.
No SPs applied...
I can't tell which SPs were applied and which ones not.
It was not even a program of a cracker page, I got it from the webpage of a
computer magazine. That was still some time ago, so maybe the SP was too new at
that time and they had no time to apply it. But I can't remember that such a
big security hole ever existed for any known UNIX system.


But I'm afraid I'm talking about apples here and you about pears. Let's define
what is meant by "OS".

For me an OS is just the basic system, all that is needed to get the system run
and no all that might be installed on a system.

So when I say UNIX is more secure than Windows, I mean UNIX itself, which is
the kernel, hardware driver, software drivers (like file systems) and the
programs that are absolutely necessary.

When installing a UNIX system that shall be secure, you should disable
everything during installation that can be disabled (including server software,
XServer, etc.). A XServer for example is such a big security hole, that you can
push a whole elephant through it and nobody would recognize it ^_^


And exactly that's the problem. Even when you disable everything possible
during Windows installation, you are still forced to install way too many
stuff. Can you install WinNT without GUI? Since every GUI might be a security
hole and every GUI wastes hardware resources (especially on servers that don't
even have a monitor).

I bet the standard settings of Win2000 installs DirectX as well and I was once
told (from a usually very reliable source) that DirectX is allowed to
circumvent many Win2000 security features to achieve higher speed.

Isn't the InternetExplorer integrated into Win2000's system? And certainly also
into WinXP. The InternetExplorer is full of security bugs and when it supports
something like VBS, goodbye system. No browser is integrated into UNIX systems,
every GUI is optional.


Only looking at those facts, it should be clear that Windows is less secure.
And you must be careful when speaking about UNIX security holes. One of the
biggest security holes of all times was (or maybe still is) SENDMAIL. It needs
root rights to run correctly and that is a danger. You can intentionally crash
it (e.g. provoking a stack overflow and that way executing own code) and such a
crash can result in a new shell with root rights. That was one of the easier
ways to get root rights and immediately everyone said:
"Look, UNIX isn't secure at all!"

But those people seem to overlook that SENDMAIL is a program, not part of the
kernel and not part of the UNIX OS. For this security hole are only programmers
of SENDMAIL responsible, not the UNIX programmers. Despite the fact that I've
seen alternatives to the standard SENDMAIL, I'm currently running a LINUX
system without any SENDMAIL application at all. (That way programs can't send
me notifications via mail, but I don't really care)

Looking at a full featured UNIX system, it's of course not more secure than a
Windows system. I'm only comparing two base systems where no third party
software is installed and there, UNIX *is* more secure than Windows.

<snip>
There are VMSes on universities and don't think
people don't try to get into them :-)))
I don't know, but I think most people aren't interested into cracking an
university server. I personally only try to get root access for the fun of it
(I wouldn't even know what do with it).

BTW, looks like today is a "happy day" for you.
( Lot's of ":-)))")
Same with NT. I have seen NT setup taking few thousand steps to make
and which was solid as a rock.
See above, there are too many things you can't remove/exclude of a Windows
installation that provide security holes. You simply can't remove things that
are a permanent part of the system and when you compare Windows to UNIX under
this point of view, a LINUX system can be tiny enough to fit onto a single
floppy disc, a UNIX distribution might as well (when you have 2.88 MB
floppies)...how about WinNT?

So I guess now you understand my point of view and on what base I'm arguing
when claiming that UNIX is more secure than Windows.

<snip>
So the primary decision is: is my target group UNIX or Windows or both.
If you get a UNIX version, you can also make it run on Linux.
And the main difference between UNIX and Windows are the APIs. But for whatever
you have an API call at UNIX, there's also an API call in Windows.

I personally like the system of "wrappers". You neither use UNIX or Windows
APIs directly. You create your own wrapper API, that in once case is wrapped
around the UNIX/Linux APIs and once around the Windows APIs.

That means you don't have to rewrite a single line of C++ code of your
application, you must create wrapper APIs for every system you like to support.

<snip>
Yes and wanna bet that I can find someone who can crack such a terminal in less
than two hours. I bet if this terminal would run with Linux or maybe with
FreeBSD that wouldn't be that easy.
And? You have cracked the terminal.
No, I'm not good enough for that.

But in my subway station is a ticket machine that runs with Windows and I know
how to crash it, so it has to reboot (it's only Win9x and it's very easy to
crash). If I would be a hacker, I'd be able to make use of this fact and print
thousands of free tickets. Despite this machine accepts debit cards, so it must
be connected to some bank ... ^___^

Unfortunately I can only crash it, it will reboot, start an autostart
application and continue to work. Without keyboard I can't manipulate it
(there's only touch screen and a few buttons).
So you can start up the UNIX/VAX
terminal window and try to log in :-)))
I wouldn't be even able to crash it and if this application is running as
single task (with respawn option), what can you do?
Blue Screen cannot come from user SW.
You can produce a blue screen using DirectX for example.
Than you must have a real good luck. I use Solaris here and I know what
I am talking about :-))) Reboot is once per day on a test machine where
"badly behaving" SW can run.
Poor configuration?
Our Solaris machines are UltraSparcs, probably configured by a Sun employee.
I have no problem with the security manager, I have problem with the
Java VM code. It isn't "old enough" and mostly not open source to
convince a security-fanatic.
Windows as a whole ins't open source, nevertheless you trust in its security,
don't you? ^_-
Despite that, some parts are open source.
My post is about the fact that every user should be free to chouse his/her
favorite OS according to his her personal needs and nobody should be forced to
accept the flaws of a certain OS, just because some shit-head programmers left
him/her no other choice.
That is right. And I would say also that no shit-had programmer should
be forced to write cross platform code if he cannot.
Can not or doesn't want to?
The point is that small businesses will never be able to
do the first versions of their product to be fully portable. I am
talking about GUI stuff.
The GUI is actually the easiest part.
There's a GDI wrapper for XServer systems (providing full featured Windows GDI
support for XServer) and there are a XServer wrapper for Windows GDI. I would
rather be worried about processor specific optimizing done in assembler that
you can't port without rewriting them.
The only "good" point which I like in Win and _very_much_ miss in Unix is
the messaging opportunity. Unix has few signals, and that's it. Sad.
And that's good!
More message increase security holes and system compressibility.
:-)))) So Solaris 7 is apparently not UNIX. :-)) It does not crash
usually, simply stops working.
Solaris is not the prototype of UNIX, it's just the UNIX of Sun.
Can you still login via SSH when your Solaris 7 systems hangs?
Yep, Windows, it's registry,
Don't mention it's registry, it's hell.
Every application (including those provided with Windows) support 30% of hidden
features that you can only enable with registry tweaks. No matter what you do,
the registry keeps on growing bigger and bigger, it's full of unecessary
entries and not very well organized.

Despite that, I don't think it's a good idea to make a central registry for all
applications and users. Every user should have his/her own registry (and not
just a sub-tree) and only Windows should be allowed to use it (third party
software shall store their configuration somewhere else).
it's changing (screwed up) APIs,
Is there actually a list of all APIs that are included with Windows (or
multiple list for different versions), as well as an explanation what functions
are actually inside those APIs?
Nope. I did not. Let's say I design a very system specific thing, an
internet dialer for example. :-))) Let's not go into this. Everyone is
on his own to decide whether it is feasible to make 1st release cross
platform or not.
If you don't start with a cross-platform solution, it will get harder and
harder in the future to change that. An internet dialer is a very specific
piece of SW, that can't be cross-platform.

But office software, browsers, multimedia players, multimedia editors,
rendering software, programming IDEs, Usenet clients, e-mail clients, database
software, compilers, interpreters, file managers, picture editors, sound
editors, music composers, Internet clients, encryption software, compressors,
etc.
Max. size still working (talking about normal WS) Java
applet was around 70K. Then performance degraded so much, that is was
useless.
The Java2D demo of sun is larger than 70 KB and not useless.
And it's offering a lot more than you would need for a standard GUI.

http://java.sun.com/products/java-media/2D/samples/java2demo/Java2Demo.html
(You'll need a browser with Java 1.3 support, maybe it will also run on 1.2.
So for most browsers you'll have to install a the Sun JRE)

To compare with native methods in speed, set to "0 ms" and turn of
"Anti-Aliasing" (as your native system doesn't support that).
Also the sound abilities are pretty impressive (the techno tune is very good).

Do you know their PostScript viewer?
http://java.sun.com/products/java-media/2D/samples/postscript/PostscriptViewer.html



For your GUI, look at the swing demo. Since Swing is 100% pure Java (it runs
without any native support), you can also load the Swing classes on Java
versions below 1.2

http://192.9.48.9/products/plugin/1.2.2/demos/jfc/SwingSet/SwingSetApplet2.html
(don't forget to switch "skins" on the fly)
BTW I wanted to use Java, I have even installed it. But with my 64M
PII266 notebook it took 3 minutes to open a source file in the
Forte... Thx.
Forte?
Nah, I don't use Forte, I use JBuilder.

[ QT ]
Tried. They don't have an unlimited trial version for Win and I have no
way now to install a Linux at home. :-(((
Play around with it using Linux.
If you release commercial software, you certain can apply a full version.
Qt is great is what I have heard. I wanted to learn it, but no bonus.
If I get a 30 days trial I may have 2 days when I can really look at it
:-(((
But Qt is the proof that it is possible to create a GUI for various of systems.
You don't have to use Qt, as your apps probably never use more than 10% of it's
functions anyway. And that means you might as well create your own
cross-platform wrapper API.
Yep. And I am also free to see 1 unhandled exception per minute
Well, of course you must handle those, that's part of being a Java programmer.
- at least with the Java apps I have tried to use. :-(((
I use plenty of Java software (because those are the only apps I can run at
university without any problems on any system) and here I never have this
problem. The only Java applet that permanently throws Exceptions is JavaICQ,
but even though it throws exceptions, it runs very well (IOW you may simply
ignore them). Considering that it's still BETA software (hasn't even reached
version 1.0), it's forgivable.
China, one billion people. Computer shops in China sell Linux 200 times more
often than Windows. The Chinese government plans to increase the usage of Linux
even more (they don't trust Micro$oft, open source rules, as they can make sure
there's no spyware inside). BTW downloaded distributions aren't counted here.
Why don't they trust MS? :-))) I cannot imagine...
Must have something to do with being a communistic country.
Windows NT is not limited to x86...
x86 and Alpha, but software must get recompiled to run on Alpha PCs.
About China - you should ask their government. They filter the Web
:-)))
You can't really filter the web. You can try, but it will never be really
effective.

<snip>
Anyway I could
trust Java more if it would be a standard language like C++ and Sun
would have less influence on it...
IBM is also writing JVMs and there machines are usually a lot better than the
ones of Sun.

Despite that Java is already a standard language. I'm studying computer science
and we don't learn C++, we only learn Java and all programming we perform is
done in Java.

We've been told: "we expect you to learn the basics of C++ programming yourself
and before you will leave this institution, we assume that you've seen more
than thousand lines of C++ source code, but we will not teach it or use it for
projects."
Hasn't crashed my PC a single time and I use it daily.
I currently develop exclusively in Java and my programming IDE is written
itself in Java. Everything always runs fine and I have no idea what you mean by
unstable.
How much memory? 512Ms?
Currently 256 MB.
Just curious. What CPU? What speed?
AMD Athlon 1 GHz.


But I already were developing in Java on my old PC, Pentium2 350 MHz, 128 MB
RAM. And I can still run Java applications there, both under Windows and Linux,
with acceptable speed.

Take a lok at this page:
http://www.javalobby.org/fr/html/frm/javalobby/features/jpr/part3.html

Java is not so far away of C++.
Take a look at the first picture and especially at "StrSort" and you'll see
that IBM's JVM is more than 17% faster than Intel's C++ compiled code.

The FpEmul of IBM's JVM is only ~15% slower than with native C++
Comparing IBM's JVM to the two of Sun, you'll see that IBM always wins.

I admit, often Java is slower than C++, but whether your keystroke will get
displayed after 10ms or 20ms within a text editor doesn't play any role, does
it?

| Java is dangerously close to C performance.
| What used to be a dream propagated by Java advocates with blind faith,
| is now a reality. The biggest proof that the Java platform is great (and its
| performance issues have solutions) is to see how Microsoft is smartly
| following the lead, and telling people do do basically the same thing
| (only in a Windows-centric way). I suppose that a successful adoption
| (by Windows app developers) of the Common Language Runtime will
| mean that we won't need to explain to K&R-C dinosaurs that Java is not
| evil thanks to p-code, garbage collector, JIT compilers, safer language rules,
| objects, and so on.
- To quote from this page

He's speaking about C# here, right?

And keep in mind, C++ compilers are very old, while Java compilers are very
young (only 3 years), so there's still potential for improvements. Compare
current Java compilers with the first generation, more than ten times faster.
Think how fast a full featured Java optimizer might be in two years. In theory
a JVM could reach a speed level that isn't possible for C++ code, because a
static compiler will never be able to optimize code beyond a certain level (it
simply can't predict what will go on once the program is running), while a JVM
with dynamic compiler will be able to look at the program during runtime.

Also have an eye on the fact that also Java is so extremely young, there are
already more books about Java programming than about C++ programming. And as I
said before, universities prefer the usage of Java over C++. Mainly for two
reasons:
Cross-platform development and the ability to have a running BETA program
before C++ programmers even have a concept.


Don't get me wrong, I don't say Java is better than C++, just different.
There's the right time and the right place for everything and low level,
highspeed or realtime applications will always depend on a language like C++,
but 90% of all user applications that current exist on the market could as well
be written in Java.


And I know that I repeat myself, but you can always use native code in Java if
you like. In that case you'll have to replace the native code for every
platform you are supporting, but those native code is maybe 5-10% of your
application.

E.g. I've used a Java application that DIRECTLY accesses OpenGL (without
Java3D) and the speed was just like native C++ code . Never forget, there's
JavaQuake. That is not a real Java version of Quake. Just the game is in Java,
the sound, graphic and 3D engine is still in native code and there's no speed
difference to the 100% native version.

The advantage for programmers:
They only need to port the graphic, sound and 3D engine for all system they
want to support. The game behind the engine (which makes Quake what it is) will
run on every system, since it's Java.
--
TGOS
Attila Feher
2001-06-06 09:53:11 UTC
Permalink
TGOS wrote:
[SNIP]
Post by TGOS
I can't tell which SPs were applied and which ones not.
It was not even a program of a cracker page, I got it from the webpage of a
computer magazine. That was still some time ago, so maybe the SP was too new at
that time and they had no time to apply it. But I can't remember that such a
big security hole ever existed for any known UNIX system.
Actually there was a week when many (10+) Linuces has been cracked and
defaced in Hungary - due to a security hole like this. Of course, one
_can_ install (as far as I remember) eg: NT w/o DirectX... Maybe I am
wrong.
Post by TGOS
But I'm afraid I'm talking about apples here and you about pears. Let's define
what is meant by "OS".
For me an OS is just the basic system, all that is needed to get the system run
and no all that might be installed on a system.
Let's pray to god that someone at MS.commmmmmercial will understand this...
Post by TGOS
So when I say UNIX is more secure than Windows, I mean UNIX itself, which is
the kernel, hardware driver, software drivers (like file systems) and the
programs that are absolutely necessary.
And what can you do with it? :-))) Having a UNIX usually means to
people: sendmail, awk, egrep, cat, etc. etc. many-many little utilities:
which are great and which make UNIX tick...
Post by TGOS
When installing a UNIX system that shall be secure, you should disable
everything during installation that can be disabled (including server software,
XServer, etc.). A XServer for example is such a big security hole, that you can
push a whole elephant through it and nobody would recognize it ^_^
Uhhhh. This I did not know. Why is it so?
Post by TGOS
And exactly that's the problem. Even when you disable everything possible
during Windows installation, you are still forced to install way too many
stuff. Can you install WinNT without GUI? Since every GUI might be a security
hole and every GUI wastes hardware resources (especially on servers that don't
even have a monitor).
Actuall Win31/311 Win95/8/me can be installed w/o GUI... I mean not
connected to the NET, install and then do some hack and U can remove the
whole GUI. Of course: good luck with it, since every admin tool is GUI
based :-)))))
Post by TGOS
I bet the standard settings of Win2000 installs DirectX as well and I was once
told (from a usually very reliable source) that DirectX is allowed to
circumvent many Win2000 security features to achieve higher speed.
I guess you can ask it not to install it... I hope :-)))
Post by TGOS
Isn't the InternetExplorer integrated into Win2000's system? And certainly also
into WinXP. The InternetExplorer is full of security bugs and when it supports
something like VBS, goodbye system. No browser is integrated into UNIX systems,
every GUI is optional.
Don't even mention it. When I install a Windows there are certain steps
I make immediately, like enabling of all extensions, showing hidden
files etc. Just to make sure nothing is hidden from me and nothing is
done automatically, w/o asking me (like autorun...)
Post by TGOS
Only looking at those facts, it should be clear that Windows is less secure.
I am not talking about a default install. I guess the default install
for a RedHat has it own nice things, too.
Post by TGOS
And you must be careful when speaking about UNIX security holes. One of the
biggest security holes of all times was (or maybe still is) SENDMAIL. It needs
root rights to run correctly and that is a danger. You can intentionally crash
it (e.g. provoking a stack overflow and that way executing own code) and such a
crash can result in a new shell with root rights. That was one of the easier
"Look, UNIX isn't secure at all!"
How can U get a root shell when you crash sth? (I am not a cracker). I
mean shouldn't the kernel/shell/whatever realize that the setuid stuff
is out and simply return back? Isn't it so that the shell start up and
it exec-s the setuid stuff, so there is no shell at all with root
effective user? Sorry if I am too dumb :-)
Post by TGOS
But those people seem to overlook that SENDMAIL is a program, not part of the
kernel and not part of the UNIX OS. For this security hole are only programmers
of SENDMAIL responsible, not the UNIX programmers. Despite the fact that I've
seen alternatives to the standard SENDMAIL, I'm currently running a LINUX
system without any SENDMAIL application at all. (That way programs can't send
me notifications via mail, but I don't really care)
OK, but we all know that a UNIX system _does_ include sendmail and all
the other stuff in people's mind. I mean having a web server which
cannot notify me of events (alarms) is not that good. :-(
Post by TGOS
Looking at a full featured UNIX system, it's of course not more secure than a
Windows system. I'm only comparing two base systems where no third party
software is installed and there, UNIX *is* more secure than Windows.
OK, it is. :-))) Exclude RedHat? :-))
Post by TGOS
I don't know, but I think most people aren't interested into cracking an
university server. I personally only try to get root access for the fun of it
(I wouldn't even know what do with it).
They do it just for fun, and to test their limits. There is nothing on
that server.
Post by TGOS
BTW, looks like today is a "happy day" for you.
( Lot's of ":-)))")
Yep, I "signal" you that I am not trying to argue, but discuss. As far
as I see we 99% agree and the rest 1% we did not talk about. Wrap up:
there is _no_ world domination of Windows (THX GOD!) and no such thing
for unices either. If your resources let you, you must seriously
consider releasing a multiplatform product. If your target is the Web,
you MUST find the resources for it. (MUST is the same here as in an RFC
:-))) Or you shall work for MS :-)))
Post by TGOS
Same with NT. I have seen NT setup taking few thousand steps to make
and which was solid as a rock.
See above, there are too many things you can't remove/exclude of a Windows
installation that provide security holes. You simply can't remove things that
are a permanent part of the system and when you compare Windows to UNIX under
this point of view, a LINUX system can be tiny enough to fit onto a single
floppy disc, a UNIX distribution might as well (when you have 2.88 MB
floppies)...how about WinNT?
If you have enough floppies :-))) Actually the WinNT base system is
also small. The problem is: it is closed (you cannot say that my UI is
now not GDI(32?) but WGS (made up: White's Graphic System, Feher=White)
etc. Also the whole stuff for use (admin tools etc.) is GUI only. In
NT4 the only one which is not GUI is the one (route table whatever)
which cries out to be at least SAA on CUI or something, because it is
pain in the ass to use it from command line.
Post by TGOS
So I guess now you understand my point of view and on what base I'm arguing
when claiming that UNIX is more secure than Windows.
Yep.
Post by TGOS
So the primary decision is: is my target group UNIX or Windows or both.
If you get a UNIX version, you can also make it run on Linux.
And the main difference between UNIX and Windows are the APIs. But for whatever
you have an API call at UNIX, there's also an API call in Windows.
Sure.
Post by TGOS
I personally like the system of "wrappers". You neither use UNIX or Windows
APIs directly. You create your own wrapper API, that in once case is wrapped
around the UNIX/Linux APIs and once around the Windows APIs.
Yep. But let's say I want to make a non-open-source stuff. Wrappers
are either GNU licenced or damn expensive to buy/make... However
careful C++ (OO) design _can_ provide an initial abstraction layer below
which one can later change the logic to use a wrapper - when he had
enough sales: whether or not the sales are UNIX or Windows. I am
talkign here about a non-Web based game for example. Once one
identified the basic building objects, and designed their interface...
who cares later if MessagingSocket uses BSD or Winsock to implement its
operations?
Post by TGOS
That means you don't have to rewrite a single line of C++ code of your
application, you must create wrapper APIs for every system you like to support.
Yes, I like the idea, I even wanted to start a portable UML design tool
project of mine (of course first some trial'n'error) based on this
idea... but I gave up until now: no time and waaay too many questions.
(Eg: creation of a portable icon format - probably as a sort of portable
metafile. Now I have to do a serious internet search to find if one
already does exist, so I don't reinvent the wheel and create a
propriatery solution...)

[SNIP]
Post by TGOS
Than you must have a real good luck. I use Solaris here and I know what
I am talking about :-))) Reboot is once per day on a test machine where
"badly behaving" SW can run.
Poor configuration?
Our Solaris machines are UltraSparcs, probably configured by a Sun employee.
I doubt it. NIS going down, development SW running there... Anyways
some patches had to be applied for my WS behaves very nicely nowadays.
It is only the ancient X which sometimes decides to give up.
Post by TGOS
I have no problem with the security manager, I have problem with the
Java VM code. It isn't "old enough" and mostly not open source to
convince a security-fanatic.
Windows as a whole ins't open source, nevertheless you trust in its security,
don't you? ^_-
Despite that, some parts are open source.
Yep. And it does has a Java VM(?) installed with IE... :-)))) That's
why you need to know a lot to make the secure install.
Post by TGOS
That is right. And I would say also that no shit-had programmer should
be forced to write cross platform code if he cannot.
Can not or doesn't want to?
Cannot. No money, no time, no experienced designers. Don't want... I
mean it is not the designer/developer/system architects job to have a
whish list - it's the customer's :-)))

[SNIP]
Post by TGOS
The GUI is actually the easiest part.
There's a GDI wrapper for XServer systems (providing full featured Windows GDI
support for XServer) and there are a XServer wrapper for Windows GDI. I would
rather be worried about processor specific optimizing done in assembler that
you can't port without rewriting them.
Anyone making assembly optimizations should be aware of that he creates
_highly_ nonportable code. If one goes with C++ (and C) it is many
times unnecessary, even evil. A well written C/C++ code will provide
the same ASM stuff. And if one has to talk to a HW device or whatever -
on UNIX there are the /dev files, on WinX you have other ways... but
anyways that will be just another "wrapper" or "driver", which is of
course system/platform dependent. One has to be very-very convincing in
a project (part) I am involved in to be allowed to use ASM...
Post by TGOS
The only "good" point which I like in Win and _very_much_ miss in Unix is
the messaging opportunity. Unix has few signals, and that's it. Sad.
And that's good!
More message increase security holes and system compressibility.
Why does it increase security that everyone in need of a protocol should
go for streams, (sockets) make its own protocol stack (and at that point
probably make serious mistakes in something which might run with
"higher" right than the user has) and so on... No scheduler, no
callback point or event loop... Not every program is 2 letters command
line tool :-((( And once you need something seriously event driven you
end up buying ACE for a lot of money or get 5 people to write a
framework. :-(((
Post by TGOS
:-)))) So Solaris 7 is apparently not UNIX. :-)) It does not crash
usually, simply stops working.
Solaris is not the prototype of UNIX, it's just the UNIX of Sun.
Can you still login via SSH when your Solaris 7 systems hangs?
When the X goes home, yes. I did not try the other one though, which
crashes a lot.
Post by TGOS
Yep, Windows, it's registry,
Don't mention it's registry, it's hell.
Nope. Hell is good for something: you can frighten bad people with it.
The concept of the common Windows registry is plain evil.
Post by TGOS
Every application (including those provided with Windows) support 30% of hidden
features that you can only enable with registry tweaks. No matter what you do,
the registry keeps on growing bigger and bigger, it's full of unecessary
entries and not very well organized.
And once it crashes you have to reinstall _everything_, probably
including nice data loss...
Post by TGOS
Despite that, I don't think it's a good idea to make a central registry for all
applications and users. Every user should have his/her own registry (and not
just a sub-tree) and only Windows should be allowed to use it (third party
software shall store their configuration somewhere else).
TOTALLY agreed. This was the WORSE thing MS could make. Not to mention
their "fantastic" idea of installing everything under c:\windows (like
app DLLs), installing every user prog under program files, _and_ give
them this as working dir... Some C++ wanted me to start my projects in
c:\program file\whatever\whatever\projects... Oh my god! And this is
based on MS recommendations...
Post by TGOS
it's changing (screwed up) APIs,
Is there actually a list of all APIs that are included with Windows (or
multiple list for different versions), as well as an explanation what functions
are actually inside those APIs?
Yep and no. There is MSDN, there is Win32, which is a platform with its
APIs, Win16, WinSock (1.1, 2.0), Telephony, IE etc. Millions of APIs.
One API for network drivers, one API for mailing (MAPI, I wonder if it
still exists or renamed), than the OLE, ActiveX stuff etc. Windows has
one bad thing: it is waaay too difficult and complex. Win16 messages
and services one could keep in my - and it was organized. But nowadays
with the new APIs, abandoned but kept-for-compatibility APIs, GUI only
APIs, "copied" (I am trying to get not sued here :-) and changed APIs
(WinSock) etc. There are too many. Of coursem you can learn them and I
am sure that the MSDN is better for learning than the man pages... but
still.

[SNIP]
Post by TGOS
If you don't start with a cross-platform solution, it will get harder and
harder in the future to change that. An internet dialer is a very specific
piece of SW, that can't be cross-platform.
Not necessarily. If the original OO design is good, there _are_
abstraction layers and you don't depend on _anything_ but the
("implementable", or possible to port) functionality/interface of the
abstraction layer (which is not necessarily a platform abstaction layer)
later you can easily add the other layer below it.
Post by TGOS
But office software, browsers, multimedia players, multimedia editors,
rendering software, programming IDEs, Usenet clients, e-mail clients, database
software, compilers, interpreters, file managers, picture editors, sound
editors, music composers, Internet clients, encryption software, compressors,
etc.
Yep :-)))
Post by TGOS
Max. size still working (talking about normal WS) Java
applet was around 70K. Then performance degraded so much, that is was
useless.
The Java2D demo of sun is larger than 70 KB and not useless.
And it's offering a lot more than you would need for a standard GUI.
OK. Will check it out.
Post by TGOS
http://java.sun.com/products/java-media/2D/samples/java2demo/Java2Demo.html
(You'll need a browser with Java 1.3 support, maybe it will also run on 1.2.
So for most browsers you'll have to install a the Sun JRE)
Mine tells it has Java 2 - I suppose this is 1.3...
Post by TGOS
To compare with native methods in speed, set to "0 ms" and turn of
"Anti-Aliasing" (as your native system doesn't support that).
Also the sound abilities are pretty impressive (the techno tune is very good).
Do you know their PostScript viewer?
http://java.sun.com/products/java-media/2D/samples/postscript/PostscriptViewer.html
Nope, will check it out.
Post by TGOS
For your GUI, look at the swing demo. Since Swing is 100% pure Java (it runs
without any native support), you can also load the Swing classes on Java
versions below 1.2
http://192.9.48.9/products/plugin/1.2.2/demos/jfc/SwingSet/SwingSetApplet2.html
(don't forget to switch "skins" on the fly)
THX!
Post by TGOS
BTW I wanted to use Java, I have even installed it. But with my 64M
PII266 notebook it took 3 minutes to open a source file in the
Forte... Thx.
Forte?
Nah, I don't use Forte, I use JBuilder.
Can one get one to learn for free?
Post by TGOS
[ QT ]
Tried. They don't have an unlimited trial version for Win and I have no
way now to install a Linux at home. :-(((
Play around with it using Linux.
If you release commercial software, you certain can apply a full version.
No Linux at home :-((( Desktop is too old, notebook is too notebook :-(((
gcc is too not standard STL :-((

[SNIP]
Post by TGOS
Well, of course you must handle those, that's part of being a Java programmer.
:-))) I guess nowadays some "Java programmer" may not even fit to the
programmer category. They do guesswork... Like those Clipper
programmers who gave a bad name for Clipper years ago.

[SNIP]
Post by TGOS
Must have something to do with being a communistic country.
Or simply knowing them? :-))))
Post by TGOS
Windows NT is not limited to x86...
x86 and Alpha, but software must get recompiled to run on Alpha PCs.
Yep. But as far as I know this is only different with Java and only if
one did not make it machine code...
Post by TGOS
You can't really filter the web. You can try, but it will never be really
effective.
Simple. One allows only few addresses/IPs to be reached :-))) Opposite
filtering :-)))

[SNIP]
Post by TGOS
IBM is also writing JVMs and there machines are usually a lot better than the
ones of Sun.
Despite that Java is already a standard language. I'm studying computer science
and we don't learn C++, we only learn Java and all programming we perform is
done in Java.
We've been told: "we expect you to learn the basics of C++ programming yourself
and before you will leave this institution, we assume that you've seen more
than thousand lines of C++ source code, but we will not teach it or use it for
projects."
Sad.

[SNIP]
Post by TGOS
Currently 256 MB.
[SNIP]
Post by TGOS
AMD Athlon 1 GHz.
Ah yeah. PII-266/64MB :-((( Desktop is P-166 (YES, really) with 80MB.
Post by TGOS
But I already were developing in Java on my old PC, Pentium2 350 MHz, 128 MB
RAM. And I can still run Java applications there, both under Windows and Linux,
with acceptable speed.
Hm. RAM will be the issue here. And Forte :-)))
Post by TGOS
http://www.javalobby.org/fr/html/frm/javalobby/features/jpr/part3.html
Will do.

[SNIP]
Post by TGOS
I admit, often Java is slower than C++, but whether your keystroke will get
displayed after 10ms or 20ms within a text editor doesn't play any role, does
it?
Nope. But in the system I do now there are no keystrokes :-)))
Post by TGOS
He's speaking about C# here, right?
Loox like. I would like to see C# to be an independent std language. I
don't trust MS... They have dropped waaay to many things people invested
into...
Post by TGOS
And keep in mind, C++ compilers are very old, while Java compilers are very
young (only 3 years), so there's still potential for improvements. Compare
current Java compilers with the first generation, more than ten times faster.
Think how fast a full featured Java optimizer might be in two years. In theory
a JVM could reach a speed level that isn't possible for C++ code, because a
static compiler will never be able to optimize code beyond a certain level (it
simply can't predict what will go on once the program is running), while a JVM
with dynamic compiler will be able to look at the program during runtime.
May be so. I know that when I worked with CA-Clipper the actual Clipper
code (thanx to pcode and the very well optimized engine) was usually
faster and smaller than a C code written for the same task. Reason: the
Co code was _bad_ code, many thing repeatedly implemented etc. Since it
was big and complex.
Post by TGOS
Also have an eye on the fact that also Java is so extremely young, there are
already more books about Java programming than about C++ programming. And as I
said before, universities prefer the usage of Java over C++. Mainly for two
Cross-platform development and the ability to have a running BETA program
before C++ programmers even have a concept.
Now if U have a C++ programmer (experienced, with his nice libraries) I
guess he will do a better quality work before the new Java guy learn
what is an array :-))) But yes, for people not knowing enough a very
high level language like Java is very good. Also the concept of the
Java platform is not bad. Altough I am sure that applications, which
receive very different kinds of loads and demands during their runtime
will be better optimized by a compiler which _does_ optimize _everyting_
to full extent...
Post by TGOS
Don't get me wrong, I don't say Java is better than C++, just different.
Yep. C++ is a "low level" programming language (one hairline above
assembly, with OO capabilties) and Java is a programming platform.
Post by TGOS
There's the right time and the right place for everything and low level,
highspeed or realtime applications will always depend on a language like C++,
but 90% of all user applications that current exist on the market could as well
be written in Java.
Actually there is a self optimizing Java esp. for realtime... One
friend of mine loves it.
Post by TGOS
And I know that I repeat myself, but you can always use native code in Java if
you like. In that case you'll have to replace the native code for every
platform you are supporting, but those native code is maybe 5-10% of your
application.
Aha.
Post by TGOS
E.g. I've used a Java application that DIRECTLY accesses OpenGL (without
Java3D) and the speed was just like native C++ code . Never forget, there's
JavaQuake. That is not a real Java version of Quake. Just the game is in Java,
the sound, graphic and 3D engine is still in native code and there's no speed
difference to the 100% native version.
Wow.
Post by TGOS
They only need to port the graphic, sound and 3D engine for all system they
want to support. The game behind the engine (which makes Quake what it is) will
run on every system, since it's Java.
And still on suggestion: before start programming in Java: learn what
goes on behind the scenes! Otherwise you are lost when you encounter a
problem. This is not meant to you, but those who think they became the
ultimate programmer if they can do things in Java.

Attila

Ps: Maybe we should go on in private? I am just waiting in fear for the
first guy from some NG to say: this is not a discussion forum :-((
Thomas Hansen
2001-06-08 06:36:44 UTC
Permalink
Every user should have his/her own registry (and not just a sub-tree)
TOTALLY agreed.
See, we can agree to many different things ^__^
Not possible unless you want to install a billion ActiveX/COM components x
times where x is the number of users on that computer...
Attila Feher
2001-06-07 17:05:18 UTC
Permalink
Let's assume you need a router...all you need for that is a UNIX/Linux kernel
and a boot script...that's it.
Maybe you also install an SSH client (that only allows connection from the
local network) to change configuration, but despite that you don't need
anything. Such a router easily fit onto a floppy disc...even a router with
extra firewall may fit onto a single floppy disc.
Now let's build that system with WinNT...how much useless components do you
have to install, that are never used later on, but might cause security holes?
Exactly ^_^
I would not use NT for that :-)))
Despite that, I doubt that WinNT actually has router/firewall functions
implemented into its kernel, so you are forced to install third party software
for this.
No 3rd party, just the MS Proxy. Been there, done that.

[Huge Snip]
Open system.ini and replace "shell=Explorer.exe" with another GUI.
Try "shell=command.com" and you run Windows in text mode. You can start Windows
apps, that's no problem. E.g. type "start winamp" and then you can listen to
MP3 music. You just don't have a Desktop, a Taskbar or a Startbutton.
Actually you can replace the DGI itself. You can get a command line
only environment and there are little tools one can use to start up new
VMs.

[SNIPPPP]
Well, there are alternatives to Sendmail. Despite that, I found a webpage that
describes how you can install and use Sendmail, WITHOUT assigning root access
to it.
URL? :-)))
Post by Attila Feher
I mean having a web server which
cannot notify me of events (alarms) is not that good. :-(
There certainly other ways to notify you.
Despite that, a Unix system can send mails without Sendmail, e.g. via an
external SMTP server (the one where your mailbox is hosted).
That's right...

[SNIP]
Then use non open source wrappers ^_^
Or even better, write your own wrapper.
To be honest: it would be fun up to 2 OSs but after that... and since I
rarely have time for other things than eat, sleep and work. :-(((


[SNIPP]
Post by Attila Feher
Anyone making assembly optimizations should be aware of that he creates
_highly_ nonportable code.
But also highly speed optimized one.
You _might_ need it for games. But I doubt that they are usually needed
for anything but picture etc. processing. Etc. might be some other huge
data flow, like speech...
Post by Attila Feher
If one goes with C++ (and C) it is many
times unnecessary, even evil. A well written C/C++ code will provide
the same ASM stuff.
That depends.
Most compilers allow you to preview your C++ code in Assembler, the way it is
also translated when getting compiled. If you take a look at that code and
compare it to hand written code, it's quite different.
Yep. And some "clever" guys (w/o know 1% of what the compiler authors)
starts to make it smaller and ends up with a slower stuff :-)))
A tiny C++ program may result in 1,000 lines Assembler code, while when you
write the same thing directly in Assembler, you may only need 400 lines.
And those 400 lines may be way slower! Predictions etc. etc.
Despite that you can make use of processor features like SSE2, which can
perform certain calculations 4 times faster than using classic x86
instructions; very helpful when applying the same function onto an whole array
of numbers. C++ won't use those features, because therefor it would need to
know how the program behaves during runtime.
OK! Correction: well writtenm C++ code awith a well written compiler.
Probably none exists :-)))
Sure, this code will only run on a specific platform, often only on a specific
CPU, but nonetheless it's done pretty often. This doesn't mean that your whole
application can't be cross-platform.
Yep, if it is well documented, small enough part.

[SNIP]

[ Windows Registry ]

DownWithIt=true
; :-))))
Post by Attila Feher
And once it crashes you have to reinstall _everything_, probably
including nice data loss...
Exactly, that's why applications shouldn't store their data there. So I can
reinstall Windows, without being forced to reinstall a single application.
That way I would loose file associations, but that's not such a big deal.
Yep-yep. Same about DLLs in Windows\system[32] etc. BTW I still would
like to see (never tried) that is it actually possible to load 2
different versions of the same DLL (same module name) under windows...
Last time I have tried I simply got back the already loaded version. I
guess it isn't so in UNIX at all. I don't even see the load .so if I am
not in the process started it or in a subprocess...
Post by Attila Feher
Every user should have his/her own registry (and not just a sub-tree)
TOTALLY agreed.
See, we can agree to many different things ^__^
Yep!
Especially if every user had his/her own registry, different users could have
different file associations (one user may like to open DOC files with Word, but
someone else may like to open them with StarWriter) and different hardware
settings (sometimes that's an advantage).
Oh yeah. But I guess you _can_ have this... though never tried it. But
as far as I remember I saw that some SW installed file associations only
for 1 user and then they were at a special place in the user part...
Would not say it under oath :-)))

[SNIP]

Thx for the Java URL, I'll check it out.
Post by Attila Feher
You can't really filter the web. You can try, but it will never be really
effective.
Simple. One allows only few addresses/IPs to be reached :-))) Opposite
filtering :-)))
I don't think they are doing this...actually I know it.
Do you know Audiogalaxy?
Not really.
It's like Napster (sharing MP3 files), but unlike
Napster it's still unfiltered and they even have a client for Linux.
I use it once a while and there you can look who's online at the moment (of
course you don't see the real names of people, just their screen names), sorted
by country. And once a while a few people from China are online ^_^
Ohh. Kids of the Chinese communist party leaders probably :-))) Or the
state security...
And as I know the Chinese government, I doubt that they would allow users to
access Audiogalaxy, because they also have discussion forums there. So Chinese
people can discuss with the rest of the world.
Yeah. Poor them. I mean it.

[SNIP]
Thx for Java+RAM advice.
Post by Attila Feher
Now if U have a C++ programmer (experienced, with his nice libraries) I
guess he will do a better quality work before the new Java guy learn
what is an array :-)))
But the C++ programmer may use direct memory access and the result is something
like Sendmail, which doesn't happen when using an array. ^_-
Oh yeah. When I have said "experienced C++ programmer" I meant that he
is experienced _and_ damn good in C++ programming :-)))
Despite that, C++ programmers don't need to know what an array is?
Sure they do. :-) At least I know. And how many arrays one can have!
Since array is like container, so...

[SNIP]
That's what I'm currently trying. The first thing I did was looking at the
source code of all classes that are shipped with Java and I found out that they
seem to be rather optimized for small size than for high speed.
Good luck.
Post by Attila Feher
Ps: Maybe we should go on in private? I am just waiting in fear for the
first guy from some NG to say: this is not a discussion forum :-((
Really? So what is it?
IMHO a Newsgroup *is* the prototype of a discussion forum and Usenet was
created for discussions.
But the e-mail address in my header is valid, so you can also reply via mail if
you prefer.
OK. So let's hang here until we get a "friendly" warning :-))

A
TGOS
2001-06-07 16:23:11 UTC
Permalink
On Wed, 06 Jun 2001 12:53:11 +0300, Attila Feher <Attila.Feher at lmf.ericsson.se>
Post by Attila Feher
Post by TGOS
So when I say UNIX is more secure than Windows, I mean UNIX itself, which is
the kernel, hardware driver, software drivers (like file systems) and the
programs that are absolutely necessary.
And what can you do with it? :-))) Having a UNIX usually means to
which are great and which make UNIX tick...
Let's assume you need a router...all you need for that is a UNIX/Linux kernel
and a boot script...that's it.
Maybe you also install an SSH client (that only allows connection from the
local network) to change configuration, but despite that you don't need
anything. Such a router easily fit onto a floppy disc...even a router with
extra firewall may fit onto a single floppy disc.

Now let's build that system with WinNT...how much useless components do you
have to install, that are never used later on, but might cause security holes?
Exactly ^_^

Despite that, I doubt that WinNT actually has router/firewall functions
implemented into its kernel, so you are forced to install third party software
for this.


For a webserver you'll only need kernel and webserver application (the OS and
ONE piece of third party software). Sure, depending on what this server shall
be able to do (PHP, Perl, SSI, etc.) you may have to install a lot more than
only those 2, but whatever you need, you always just install the absolute
minimum necessary for your server.
Post by Attila Feher
Post by TGOS
When installing a UNIX system that shall be secure, you should disable
everything during installation that can be disabled (including server software,
XServer, etc.). A XServer for example is such a big security hole, that you can
push a whole elephant through it and nobody would recognize it ^_^
Uhhhh. This I did not know. Why is it so?
XServers usually have permanently opened ports and every open port is a
security risk. Sure, usually you can configure the XServer to disable those
ports within the configuration file, but let's stay realistic: XServers do have
bugs as well.

XServers are often "super applications", IOW they aren't treated like normal
user applications (my one has an own kernel module for speed boost, so it can
directly access hardware) and most admins forget that XServers can be a
security hole (IOW they don't disable the open ports).

Iif you make a SSH login to another PC and then start a XServer application,
the window it creates is then displayed on your desktop, not on the local one.
Now what if you can manipulate a XServer so it always forwards all Window data
to those open ports? Then a hacker/cracker would be able to see what's going on
at your screen for example.

So if you are building a router, firewall or webserver...don't install any
XServer, it's neither necessary nor advisable. Despite that, many crashes on
UNIX/Linux PCs are the fault of the XServer. If it crashes, it pulls all
graphical apps into nirvana.

The IRIX PCs at university are VERY stable, but their XServer crashes twice a
day. If that happens, you can't operate the system anymore from your local
desktop, but if you login from another PC, you'll see that everything is fine
(you can still run whatever you like without problems). So the OS itself didn't
crash, just the XServer. If you kill the XServer and restart it again, the PC
will continue to work.

<snip>
Post by Attila Feher
Actuall Win31/311 Win95/8/me can be installed w/o GUI... I mean not
connected to the NET, install and then do some hack and U can remove the
whole GUI.
Sure:
Open system.ini and replace "shell=Explorer.exe" with another GUI.
Try "shell=command.com" and you run Windows in text mode. You can start Windows
apps, that's no problem. E.g. type "start winamp" and then you can listen to
MP3 music. You just don't have a Desktop, a Taskbar or a Startbutton.

That way you don't get rid of the GDI, but of the Explorer (you can now delete
the EXE file as well as some other files). To get rid of the GDI, you must
download an alternative GDI (those exist) and simply exchange those two.

Thanks to "Rundll" you can create BAT files for shutting down your PC and other
things you are missing now. But I doubt that this all is possible in WinNT.

<snip>
Post by Attila Feher
Post by TGOS
And you must be careful when speaking about UNIX security holes. One of the
biggest security holes of all times was (or maybe still is) SENDMAIL. It needs
root rights to run correctly and that is a danger. You can intentionally crash
it (e.g. provoking a stack overflow and that way executing own code) and such a
crash can result in a new shell with root rights. That was one of the easier
"Look, UNIX isn't secure at all!"
How can U get a root shell when you crash sth? (I am not a cracker).
Don't ask me.
Post by Attila Feher
I mean shouldn't the kernel/shell/whatever realize that the setuid stuff
is out and simply return back?
Sendmail has plenty of buffers and some buffers were way too small.
E.g. if you use a 2000 char long e-mail address, but the buffer is only 50
chars and Sendmail doesn't check this, data will get written beyond the limits
of this buffer (that's a disadvantage of direct memory access instead of using
a char array).

Now you can get Sendmail executing a command for you, like "bash" and this bash
is then a root shell, because it was invoked by a root process.
Post by Attila Feher
Isn't it so that the shell start up and
it exec-s the setuid stuff, so there is no shell at all with root
effective user?
I don't know the details either, sorry.
But some of Sendmails bugs can be found here:
http://www.wwdsi.com/demo/saint_tutorials/Sendmail_vulnerabilities.html

<snip>
Post by Attila Feher
OK, but we all know that a UNIX system _does_ include sendmail and all
the other stuff in people's mind.
Well, there are alternatives to Sendmail. Despite that, I found a webpage that
describes how you can install and use Sendmail, WITHOUT assigning root access
to it.
Post by Attila Feher
I mean having a web server which
cannot notify me of events (alarms) is not that good. :-(
There certainly other ways to notify you.
Despite that, a Unix system can send mails without Sendmail, e.g. via an
external SMTP server (the one where your mailbox is hosted).

<big snip>
Post by Attila Feher
Post by TGOS
I personally like the system of "wrappers". You neither use UNIX or Windows
APIs directly. You create your own wrapper API, that in once case is wrapped
around the UNIX/Linux APIs and once around the Windows APIs.
Yep. But let's say I want to make a non-open-source stuff.
Then use non open source wrappers ^_^
Or even better, write your own wrapper.

Never thought about creating your own GUI library? Where all functions are
named like you want and that is optimized for your needs?

Just create such a library for your favorite system. Every method within your
library will only have a few lines of code and then make use of native OS
libraries for their actual task.

In your application, you just make use of your own GUI library (you'll loose
maybe 1-2% of GUI speed through this wrapping, but usually you won't even
notice).

If you now want to get your application running on a different system, just
pull out your library skeleton, delete all native functions and replace them
with native functions of this OS. Sometimes you will have to alter the
surrounding code a bit, but that's not a lot of work.


That's then _your own_ wrapper library. And even if your application is so
shitty that nobody wants to every buy it...maybe you get rich by selling your
wrapper library ^_-


I once made a game wrapper for Windows and Linux, with enough functions to
create very simple games (puzzle or card games, not Quake3 ^,^) and it was
already running very well (still had some bugs, but I'm sure I had fixed
those)...then I found out that I can write those simple games in Java (where it
also runs on other systems, not just Windows and Linux) and there's no
dramatically speed difference, so I dumped this project as a whole.

My library was too slow and not flexible enough for larger projects anyway, but
it was an interesting experience and up to now my only real experience with C++
(as I told you before, we only learn Java).

<snip>
Post by Attila Feher
Post by TGOS
Windows as a whole ins't open source, nevertheless you trust in its security,
don't you? ^_-
Despite that, some parts are open source.
Yep. And it does has a Java VM(?) installed with IE... :-)))) That's
why you need to know a lot to make the secure install.
Well, in case of Win9x, you can simply delete all Java classes and then Java is
gone. I don't use IE's Java, I surf the web with Opera (I'm proud to say that
I'm registered Opera user ... finally a piece of software I bought instead of
applying a crack ^,^) and Opera has no own Java. You must install a JRE of your
choice (currently using Sun JVM 1.3) and Opera will use it. BTW it will use it
directly, without the plug-ins that are needed for IE and NS. It directly
accesses the DLL where the JVM is inside - the same way the appletviewer is
doing it. Opera is currently the ONLY browser that is able to do this.

<snip>
Post by Attila Feher
Anyone making assembly optimizations should be aware of that he creates
_highly_ nonportable code.
But also highly speed optimized one.
Post by Attila Feher
If one goes with C++ (and C) it is many
times unnecessary, even evil. A well written C/C++ code will provide
the same ASM stuff.
That depends.
Most compilers allow you to preview your C++ code in Assembler, the way it is
also translated when getting compiled. If you take a look at that code and
compare it to hand written code, it's quite different.

A tiny C++ program may result in 1,000 lines Assembler code, while when you
write the same thing directly in Assembler, you may only need 400 lines.
Despite that you can make use of processor features like SSE2, which can
perform certain calculations 4 times faster than using classic x86
instructions; very helpful when applying the same function onto an whole array
of numbers. C++ won't use those features, because therefor it would need to
know how the program behaves during runtime.

Sure, this code will only run on a specific platform, often only on a specific
CPU, but nonetheless it's done pretty often. This doesn't mean that your whole
application can't be cross-platform.

You may write the same function multiple times:
1. Plain C++
2. x86 Assembler (386 or higher)
3. x86 Assembler (Pentium MMX or higher)
4. x86 Assembler (Pentium3 SSE or higher)
5. x86 Assembler (AMD Athlon 3DNow or higher)
6. x86 Assembler (Pentium4 SSE2 or higher)
7. PowerPC Assembler (...sorry, don't know those numbers...)
8. PowerPC Assembler (with 'AltiVec' or whatever their extension is called)
9. some other CPU
10. some other CPU
11. some other CPU
12. some other CPU

Now when your program starts, it detects the CPU of your system and depending
on what it found, 2 - 12 is used. If the CPU type is unknown, there's still 1
that got compiled on that system and that way will certainly run.

I bet optimizations of that kind are done in applications like:
Maya 3.0a http://www.aw.sgi.de
Houdini 4.1 http://www.sidefx.com

Both run on:
WinNT, Win2000, Linux and IRIX.
In case of Maya, a Mac version is currently in development.

<snip>

[ Windows Registry ]
Post by Attila Feher
And once it crashes you have to reinstall _everything_, probably
including nice data loss...
Exactly, that's why applications shouldn't store their data there. So I can
reinstall Windows, without being forced to reinstall a single application.
That way I would loose file associations, but that's not such a big deal.
Post by Attila Feher
Post by TGOS
Every user should have his/her own registry (and not just a sub-tree)
TOTALLY agreed.
See, we can agree to many different things ^__^

Especially if every user had his/her own registry, different users could have
different file associations (one user may like to open DOC files with Word, but
someone else may like to open them with StarWriter) and different hardware
settings (sometimes that's an advantage).

<snip>
Post by Attila Feher
Post by TGOS
Forte?
Nah, I don't use Forte, I use JBuilder.
Can one get one to learn for free?
Sure.
The current version (JBuilder 5) is commercial, but they were kind enough to
give away their older version (JBuilder 4) for free!

Go here:
http://www.inprise.com/jbuilder/foundation/

And download it for free. They support the following platforms:
Windows, Linux and Solaris

JBuilder itself is written in Java, but it comes with an own JDK and an own
setup application (both are native). Once its installed, I was able to delete
its custom JDK (but careful, you can't delete everything of it. If two of the
JAR files are missing, some features don't work anymore!) and to manipulate it,
so that it now runs with the JDK that I installed on my system previous to
JBuilder.

IOW in theory you are even able to run it on other UNIX systems than Solaris.

Before you can use it after install, you must register at the Inprise homepage
to get an activation key. This registration is for free, you just answer a few
questions and they'll send you the key via e-mail.

<snip>
Post by Attila Feher
Post by TGOS
You can't really filter the web. You can try, but it will never be really
effective.
Simple. One allows only few addresses/IPs to be reached :-))) Opposite
filtering :-)))
I don't think they are doing this...actually I know it.
Do you know Audiogalaxy? It's like Napster (sharing MP3 files), but unlike
Napster it's still unfiltered and they even have a client for Linux.

I use it once a while and there you can look who's online at the moment (of
course you don't see the real names of people, just their screen names), sorted
by country. And once a while a few people from China are online ^_^

And as I know the Chinese government, I doubt that they would allow users to
access Audiogalaxy, because they also have discussion forums there. So Chinese
people can discuss with the rest of the world.
Post by Attila Feher
Hm. RAM will be the issue here.
Let's say it that way:
One thing that makes Java slow is the garbage collector and the more RAM you
have, the less often it must start to clean it up.

IBM's JVM is faster than Sun's, but it also uses more RAM (where Sun's uses
16 MB, IBM's may use 22 MB) ...maybe not a coincident.

Java doesn't need a very fast CPU (remember, very simple devices can run Java
like cell phones), but a decent amount or RAM is pretty helpful.

<snip>
Post by Attila Feher
Now if U have a C++ programmer (experienced, with his nice libraries) I
guess he will do a better quality work before the new Java guy learn
what is an array :-)))
But the C++ programmer may use direct memory access and the result is something
like Sendmail, which doesn't happen when using an array. ^_-

Despite that, C++ programmers don't need to know what an array is?

<snip>
Post by Attila Feher
And still on suggestion: before start programming in Java: learn what
goes on behind the scenes! Otherwise you are lost when you encounter a
problem.
That's what I'm currently trying. The first thing I did was looking at the
source code of all classes that are shipped with Java and I found out that they
seem to be rather optimized for small size than for high speed.
Post by Attila Feher
Ps: Maybe we should go on in private? I am just waiting in fear for the
first guy from some NG to say: this is not a discussion forum :-((
Really? So what is it?
IMHO a Newsgroup *is* the prototype of a discussion forum and Usenet was
created for discussions.

But the e-mail address in my header is valid, so you can also reply via mail if
you prefer.
--
TGOS
Paul Winkler
2001-06-05 03:00:09 UTC
Permalink
On Mon, 04 Jun 2001 08:09:57 +0300, Attila Feher <Attila.Feher at lmf.ericsson.se>
You imply that Unices are used in banks and secure places
which is not true either, at least not for most.
Counterexample: a friend of mine worked at a Fleet data center
where they used HP-UX. Fleet is one of the largest banks in the
northeast USA.
I'd say that's a pretty big counterexample.

Now, remind me what any of this has to do with python?

--PW
Pete Shinners
2001-06-03 14:51:00 UTC
Permalink
Post by Polterguy
All game companies founded on cross OS releases have either gone broke or
are soon to become so!
if you can count the console platforms i heavily disagree.
Attila Feher
2001-06-05 08:55:01 UTC
Permalink
Look, I'm no cracker. I have very little knowledge about how to corrupt a
system, but on my university I'm trying to get root rights for two years now,
without anything even close to success. On a WinNT system of a company (for
that I was doing some network installation is part time job), it took me less
than 24h.
No SPs applied... I did the same (not here) when we were supposed to
install a Visual C++ but nobody knew the pwd of admin. BTW that was NT4
with some ancient SP.
Crackers _does_ start on unices, the easiest to crack
systems.
All crackers I know started with Windows, because they say that hacking a
private Windows system is a lot more interesting than getting access to most
UNIX systems. Especially when hacking Win9x, as once you are in, there are no
security mechanisms anymore.
Don't take here win9x. It is another kind of animal: DOS with bells and
whistles. It is not meant to be a secure system (just think about the
filesystem).
If you take a look at hacker-pages on the WEB, you'll get hundreds of tools
that corrupt Windows systems (DoS, Nukers, password file cracker, backdoor
access software, etc.) and not even a handful of those tools for UNIX. IOW
everyone can crack a Windows system (even people who don't have the knowledge),
because there are easy to use tools that will do all the work for you.
Yep, and good NT admins know what to install to disallow the use of
those. Same as with Linux: install right out of the box, connect to the
internet and you get cracked within 2 hours.
If you think they start on VMS, you are alone.
So are you trying to say that VMS is so secure because it's an unknown system?
Could it be the case, that VMS isn't as secure as you (and many other people
believe) and it's just doesn't get hacked because there are way too little
hackers who try it? How secure a system really is will only get proved if there
are thousands of hacker who try to hack it daily. Since that seems not to be
the case for VMS, you can't make any predictions regarding its security
No. It is secure, because it is designed to be secure. There are VMSes
on universities and don't think people don't try to get into them :-)))
Despite that, I certainly won't claim that UNIX is more secure than VMS, since
I don't know enough about this system. If VMS main goal during development was
to make it as secure as possible, it's most likely more secure than UNIX,
Windows, Linux and some other systems. Therefor I'm sure it has other
disadvantages.
Yep. It is as user friendly as a pitbull on his worse day. :-)))
The Unix systems are _designed_ to be wide open.
Usenet was designed for text messages, but it gets used for binary exchange as
well. In reality it plays no role for what something was designed, but rather
for it is used. There are thousands of examples where things are used for
completely different purpose than for what they got designed.
I am not talking about the usenet, but the Unix networking, users etc.
You know the "format string" attacks (don't remember the correct name)
etc. These are possible, because the design had no stress on this kind
of issues - there was no need to. BTW the small number of UNIX like
systems, where designers did take security seriously it is different.
So you _do_ need an expert to close them.
I see, something we can both agree to.
And those experts are named "UNIX system administrator".
Who is hiring a UNIX system admin without the necessary qualification has a
problem, that's no secret.
Same with NT. I have seen NT setup taking few thousand steps to make
and which was solid as a rock. It was directly connected to the
internet and noone has ever cracked into it. Of course: it was a pain
in the ass if you wanted to use for anything else. :-))))
Not such with VMS.
I don't know why you always have to mention VMS (probably you are working for
Compaq), but this discussion isn't about which system is more secure, it's
about cross-platform solutions versus single system solutions. Despite that,
since POSIX was added to VMS, it became a lot similar to UNIX and there's even
a GNU project for VMS.
No I am not, but I am interested :-))))

YES, YOU ARE RIGHT. I never told cross platform development is bad.
:-)) All I have tried to express was: it is not as easy as to say:
Windows is better, UNIX is better etc. There is always a market, a set
of possible users (payers), a required time to get to the market etc.
and that makes it either feasible to be cross platfrom or not. And
unfortunately how it goes today is that the big gap is between UNIX and
Windows. I guess Mac new OS is more UNIX than it was before... So the
primary decision is: is my target group UNIX or Windows or both. How
can I get to the market the fastest, get my share of it etc. It is many
cases Windows. But of course if there is no hurry, (or no GUI :-)) you
_must_ go for corss platform as much as feasible. Different Unices and
Windows (NT usually, since these are usually server processes). And
here we agree, very much so. I just fed up that there is no other easy
cross platform way than Java with its huge (and incompatible) VMs.
:-((((
Creating a perfectly secured Unix system is equally extremely hard.
Never said it is easy, but in case of Windows it's sometimes impossible.
Hm. I have no such deep knowledge but usually the stuff goes anyway by
having a separate FW and then the server... On different machine.
It is not enough on Windows NT to be an ordinary user to do a crack.
I only was an ordinary user, which was enough to run a crack.
Yep, w/o the latest SP (was it 5??) for NT4 it was possible. _If_ you
were sitting next to it. Still, it is _very_ rare that a simple user
can sit next to an NT Domain Controller and start whatever he wants.
And if you can crack into an NT workstation... It is still possible
that the IT guys on the wire get alarm about every admin login :-)))
You don't even seem to know the diff between hack and crack...
| A hacker is a clever programmer. A "good hack" is a clever solution to
| a programming problem and "hacking" is the act of doing it.
- Source: "The New Hacker's Dictionary"
And the best is: Bill Gates is (_was_) a hacker. :-)))
To hack a system means to
| A cracker is someone who breaks into someone else's computer system,
| often on a network; bypasses passwords or licenses in computer programs;
| or in other ways intentionally breaches computer security.
- Source: "Whatis.com"
But in IMHO that's not quite correct. Hackers also break into computer system,
just without malicious intentions and without doing any harm to that system.
Yep, let's take the nice example of the calls I get at least twice each
year: Attila, do you remember the supervisor password of the Novell at
Jaszwhatever? No I say, no. But since the console isn't locked use the
cracker NLM and you will get the password supervisor and can go in.
:-))) Now that is hacking (altough I did not write this NLM). People
lost their password and you still need to open up the system. But the
act of using this NLM is a crack, I even hear the sound as the Novell
nut cracks :-)))
Hackers are often confused with crackers. Uninformed users usually use "hacking
a system" as synonym for breaking into a system from an external source (via
network) and "cracking a system" as synonym for manipulating software on that
system or circumventing security mechanism within the system. But in fact
that's not really correct. Actually both is cracking.
Yep, I agree.
And on (a well secured) NT it is not enough to get in as an
ordinary user to crack it. Same as with Unix. :-)
But the problem is that the majority of WinNT system are a lot less secured
than UNIX system, simply because everyone can administrate a WinNT system (or
at least everyone believes that). And when there's a problem with some software
on your WinNT system (e.g. third party software), you don't have to possibility
to look at the source code, fix it and then recompile it.
Yes, it is the fact. Some crackers in Hungary were fed up with it and
cracked all the major ISPs in one day and placed a deface listing what
SPs and hotfixes they did not install. But... there was Linux included,
too. Plain, outofthebox sth.
Not to mention that the user right settings are very problematic on WinNT. In a
really secure system, users don't have enough rights for most tasks what leads
to problems (as I was once told by a company: "We can't use WinNT, because then
we would have to give all users full access and that would destroy any security
concept. Without that all software would have to get rewritten.").
Aha. I have never met this problem but yes. Windows programming is
like football, raising children and politics. Everyone thinx they know
how to do it... and they do. At least a badly configured NT will not
start to shoot its schoolmates. :-(((
<snip>
Not really. Windows code is seen by thousands before release. The fact
you were not invited to this circle of privileged non-MS people does not
mean it does not exist.
But that's exactly the problem: MS choose a few privileged who can see their
code (and they aren't allowed to edit it, just having a look!). Despite that
this isn't valid for all their code.
Hm. Secrecy can be good or bad.
So the quality of this "code viewing" depends a lot on "who MS chooses" and how
many. I still say that more people see UNIX code than MS code (I won't even
mention LINUX here, what is seen even by normal users). And the people who are
really interesting (hackers and crackers) will not be able to inspect the code
of Micro$oft and point out possible problems.
Maybe, maybe not good that many can see the source. You _never_ know
that a guy seeing it and finding something (which has about 1E-10 chance
w/o the soruces) will turn to you or start dialing and make some
money...

[SNIP]
Yes and wanna bet that I can find someone who can crack such a terminal in less
than two hours. I bet if this terminal would run with Linux or maybe with
FreeBSD that wouldn't be that easy.
And? You have cracked the terminal. So you can start up the UNIX/VAX
terminal window and try to log in :-)))
The terminals at central station also run with Windows and guess how many
pictures I've already seen where those terminals show a "blue screen"?
Blue Screen cannot come from user SW. That NT runs on a faulty or
non-supported HW or uses a badly written driver. Do any of this with a
UNIX and will get the same, but called kernel panic.
One of my friends is working in a computer company, which are offering and they
run a WinNT web server and he told me that it crashes at least once a month,
usually more often. The Solaris server at our university is now running for
years and it never crashed even once. It only was rebooted to add new hardware.
Than you must have a real good luck. I use Solaris here and I know what
I am talking about :-))) Reboot is once per day on a test machine where
"badly behaving" SW can run.
If VMS is really as secure as you always say, it should be no problem to limit
access rights of the JVM via system configuration in such a way that it can't
cause any damage to the system. Despite that you can also write your own
Security Manager for Java and that way further limit access rights.
I have no problem with the security manager, I have problem with the
Java VM code. It isn't "old enough" and mostly not open source to
convince a security-fanatic. There is one guy in Hungary, working for
Westel (mobile operator). There is no Java running on anything what
people can access from the outside world. :-)))
Again, I never said that UNIX is used in all the places you described above.
You implied.
I did not, I just said Windows ins't used there.
Not as server, this is sure. But I also have seen bank which used
CA-Clipper solution and a BBS for credit card handling :-)))
My post is about the fact that every user should be free to chouse his/her
favorite OS according to his her personal needs and nobody should be forced to
accept the flaws of a certain OS, just because some shit-head programmers left
him/her no other choice.
That is right. And I would say also that no shit-had programmer should
be forced to write cross platform code if he cannot. For the Alaska
guys (real good guys) it took years to create the first decent version
of XBase++ for Windows (NT). They were OS/2 programmers mainly. I
would rather use a "Solaris only" thing here working than a "portable"
stuff which in turn bound to 1111 GNU things (gawk etc.). But that is
not the point. The point is that small businesses will never be able to
do the first versions of their product to be fully portable. I am
talking about GUI stuff. Of course if they do Java and their customer
base can support such HW requirements as: min. 1GHz Pentium III and 2
buckets of memory...
And about Windows being a shit: Just try to look around and find a
portable async gethostbyname or a standard gethostbyname_r for
Unices... Good luck. BTW you can find numerous workarounds which fail
in numerous environments.
And the fact that this function (which I personally have never needed up to
now) doesn't exist on UNIX is the proof that Windows isn't shit? Funny, but
that makes no sense to me.
Did I say it exists in Windows?
No. Did I?
No. We did not say anything :-))) BTW it does exist on Windows. The
only "good" point which I like in Win and _very_much_ miss in Unix is
the messaging opportunity. Unix has few signals, and that's it. Sad.
But I know that async gethoutbyname exists in Windows.
(I'm doing my homework before replying to a post)
:-))) Maladyetz
UNIX is very stable (when not using BETA versions). A crashed thread usually
won't take down the whole system, what happens pretty often in Windows
(especially when a hardware driver crashes). Linux is even better here. I can
even intentionally crash hardware drivers and the system survives it (as long
as I don't crash drivers that the system needs to survive.
:-)))) So Solaris 7 is apparently not UNIX. :-)) It does not crash
usually, simply stops working.
And UNIX is very well though out, an easy concept that is strictly upheld. It's
like a house build out of LEGO blocks, with clear data paths. Windows is rather
like throwing all blocks into a back, shaking it twenty times and throwing them
onto a table. Data paths are very unclear to normal users.
Yep, Windows, it's registry, it's changing (screwed up) APIs, renamed
and dumped concepts etc are awful. Still: I very much miss the good
message system under UNIX. :-)))
I admit, you need more knowledge to be a UNIX admin than being a Windows admin
(Windows hides its chaos behind a neat, easy to use GUI), but as UNIX admin you
also have a lot more power over the system. And that makes Windows more
insecure, because users often aren't able to see security holes until it's too
late.
I would say to be a _good_ NT admin is not easier than being a UNIX
one... Only thing is that this kind of guy is rare :-))
There is no absolute security, it's always just relative.
(How was that? "A PC is only secure when you cut all cables, lock it into a
safe and sink it in the middle of the Atlantic.")
Hm. Even than, if you don't have the latest service packs and security
fixes.... :-))
If 20% of your other market is mainly using 4 other platforms and you aren't
able to server all of them, you might have the wrong job.
And your boss might also have the wrong job, because if I were your boss, I'd
look form someone who's able to server 95% of the market.
May be. And maybe you can get the 80% of the market if you are out with
a solution in 2 month. And spend the next 2 for the other platforms...
Why? What are you developing that the Linux, OS/2, MacOS, BeOS, AIX, HP-UX,
Solaris, BSD, FreeBSD and the users of over 50 other OSes aren't interested in?
And how do you know, have you asked every single user on this planet?
Nope. I did not. Let's say I design a very system specific thing, an
internet dialer for example. :-))) Let's not go into this. Everyone is
on his own to decide whether it is feasible to make 1st release cross
platform or not.
Java itself runs on all those systems and it's offering enough elements for
your GUI. Swing is offering enough elements to write your own MS Office.
Only mouse wheel support is currently missing, but Java1.4 will also add mouse
wheel support (right now I'm just playing around with the BETA version).
Yes. Still: I have been working with a guy using Java from it's
birth... and I did not hear many good things about VM portability,
performance etc. Max. size still working (talking about normal WS) Java
applet was around 70K. Then performance degraded so much, that is was
useless.

BTW I wanted to use Java, I have even installed it. But with my 64M
PII266 notebook it took 3 minutes to open a source file in the
Forte... Thx.
Despite that, you can write 90% of your application in Java and then add the
missing 10% via C++ or even native assembler code (for speed reasons or to add
special OS features that Java doesn't support at the moment). That has the
advantage that you always only need to rewrite 10% of your application for
every new platform. And platforms you don't support directly can still use your
application, in that case just without those special features or without the
additional speed boost.
Yep. And have a customer with Crays on every desktop if they want speed
:-(((
For C++, try using Qt.
- AIX
- BSDI/OS
- DG/UX
- HP-UX
- Irix
- Linux
- OS/2 (but only with an installation of XFree86)
- QNX
- SCO UNIX
- Solaris
- Tru64
- Windows 95
- Windows 98
- Windows NT and 2000
Tried. They don't have an unlimited trial version for Win and I have no
way now to install a Linux at home. :-(((
I think there's even a Palmtop version, maybe other embedded systems will
follow. This will make your GUI run-able on quite a lot of platforms in native
speed, with lots of features (like "skin support"). The free version is of
course limited (I think no 3D support, no network and IO libraries), but a
company that plans to increase their market by 15% of users might as well pay
for the commercial version.
Qt is great is what I have heard. I wanted to learn it, but no bonus.
If I get a 30 days trial I may have 2 days when I can really look at it
:-(((

[SNIP]
For what a C++ programmer needs 3 hours is done in one hour by a Java
programmer, not to mention that Java is more than 200% easier to debug in case
of errors. Don't forget you can use Java also server side and there you are
free to use the latest version of it.
Yep. And I am also free to see 1 unhandled exception per minute - at
least with the Java apps I have tried to use. :-(((
You are even allowed to bundle a JRE (Java Runtime Environment) with your Java
application, meaning the target PC doesn't even need to have an installation of
Java.
Yep. First I gave up trying to use Java when I have installed the the
JRE and it crashed my whole Windows 95. I had to reinstall.
And depending on task, other programming languages are even more efficient than
Java. A single line of code in some programming languages will do more than 20
lines of Java, which usually are better than 60 lines of C++.
I know one Online Casino SW and it is written in Clipper with Clip4Win
:-))) They believe they can port it to Java... I still wait to see
the first version which runs in less than 128MBs with acceptable speed.
:-)))
China, one billion people. Computer shops in China sell Linux 200 times more
often than Windows. The Chinese government plans to increase the usage of Linux
even more (they don't trust Micro$oft, open source rules, as they can make sure
there's no spyware inside). BTW downloaded distributions aren't counted here.
Why don't they trust MS? :-))) I cannot imagine...
You must watch beyond your limited horizon or one day this attitude will break
your neck (or the neck of your company). Others will jump into that gap and
then they will have the market you never had as well as parts of the market you
_do_ have.
I program on Solaris and will port to Linux withing few month. :-))) I
am not a "Windows only guy". There are still things which I like (love)
from Windows and hate in UNIX and vice versa.
If you only want to provide your software *locally* you are limited your market
in two ways (only users of a certain OS and only within one area). What's next?
Only users with a specific first name?
:-))) Don't get that far. If one can develop a package for small
businesses using MS SW (Program next to Office?) in few weeks and sell
it, why not??? The same design (I mean the UML or whatever) can then be
used to make the Linux (Unix) version of it, probably based on some
other stuff... There can be many cases in business and I am quite sure
you don't know them all - like me.
Over web means inside a webpage, IOW inside the browser.
So either within a plugin, server-side or Java.
Or ActiveX or C# :-)))) (Just kidding)
Why should 3d access "over web" to a database be limited to x86 or Windows
users? Why can't it be for everyone? Why aren't people in China allowed to use
it? Because you believe that you can save 5 minutes through a win-only solution
(what is not even true)?
Windows NT is not limited to x86...

About China - you should ask their government. They filter the Web
:-)))
Online application is not necessarily "within the browser". "Withing
the browser" is Java, ActiveX or C# or goodbye.
C# ????
My browser doesn't run C#, not even my system as a whole can run C#.
No system which I ever was using during my whole life was able to run C# up to
now.
Yes. And you could say the same when Java was new :-))) Anyway I could
trust Java more if it would be a standard language like C++ and Sun
would have less influence on it...
And ActiveX...come on, ActiveX is the same as installing a browser plug-in,
there's no difference (there is for the programmer, but not for the user). So
you can as well use any other kind of plug-in.
Yeppp.
Java is still a very unstable
Hasn't crashed my PC a single time and I use it daily.
I currently develop exclusively in Java and my programming IDE is written
itself in Java. Everything always runs fine and I have no idea what you mean by
unstable.
How much memory? 512Ms? Just curious. What CPU? What speed?
and unsecure stuff where VMs are incompatible etc.
VMs aren't incompatible in general (leaving bugs aside).
I always test my software on at least 5 different platforms and never ran into
a single problem.
Hm. U R a lucky one or you do totally different task than my friend
was...

[SNIP]
But better supporting only a few platforms (5 to 10) than supporting only a
single platform. You will never be able to support every platform that exists,
but limiting your solution to a single platform right from the start (for
reasons that you weren't even able to make clear up to now) is certainly no
good approach towards a solution.
Yep, U R right. Probaly with right decoupling the client/server tasks
you may support more client OSs with less effort... Of course, you will
have a different GUI for a Java 1.1 only beard-trimmer :-))

A
Attila Feher
2001-06-04 05:09:57 UTC
Permalink
On Sun, 03 Jun 2001 17:21:30 +0300, Attila Feher <Attila.Feher at lmf.ericsson.se>
<snip>
Post by Attila Feher
Just to inform you: the worlds easiest to hack and crack systems are the
UNIX systems.
That's absolutely incorrect.
That is _absolutely_ correct. There is no system like unices, full with
security holes. Crackers _does_ start on unices, the easiest to crack
systems. If you think they start on VMS, you are alone.
It's easily provable by having a look at "how" hackers were entering a Unix
system. Whenever a new hack is made public somewhere on the Internet, I first
have a look at "how it was done" because that's most interesting to me (more
interesting than "who was hacking the system" and "for what reason"). And
"This hack was possible because of a security hole in XYZ, that got fixed in
version 1.234, which was released <long time ago>".
So that is what you find. You don't search hard enough. BTW,
commercial Unices are no better than MS: they _only_ publish holes found
after they have corrected it.
But that's all only valid for maybe 5% of all hacks, 95% of all hacks are only
possible because the hired system admin wasn't qualified for this job. Come on,
if you leave your UNIX server widely open to the public, it's no wonder if you
get hacked.
The Unix systems are _designed_ to be wide open. So you _do_ need an
expert to close them. Not such with VMS.
IOW most UNIX hacks only result of poor administration and hacking a perfectly
secured UNIX system is extremely hard. In most cases it's harder than hacking
Windows, because only a "root-hack" is really useful on UNIX systems, whereby
on Windows systems it's enough to be an ordinary user in many cases.
Creating a perfectly secured Unix system is equally extremely hard.

It is not enough on Windows NT to be an ordinary user to do a crack.
You don't even seem to know the diff between hack and crack...

So if you are going to compare win9x/me to Unix, you are out of your
mind. And on (a well secured) NT it is not enough to get in as an
ordinary user to crack it. Same as with Unix. :-)
Despite that, more people will be able to see UNIX source code before it gets
released than are actually working for Micro$oft as whole, so the chance that
they find hidden bugs in network code (for example) is a lot higher than in
case of Windows.
Not really. Windows code is seen by thousands before release. The fact
you were not invited to this circle of privileged non-MS people does not
mean it does not exist.
*Where* in my post did I say that Unix is extremely secure and hard to hack?
All I said is that Windows isn't secure.
You put it as a favour to UNIX! Implying that UNIX is.
PLEASE, don't put words into my mouth that I never used!
I suggest you read my post a second time.
Don't be a politician!!! You know if I start defend UNIX based on that
Windows _is_not_ secure (WHICH ONE?????) than people automatically think
UNIX is. You imply that Unices are used in banks and secure places
which is not true either, at least not for most. They use VMS.
Post by Attila Feher
Serious users (security, incl. but
not limited to NATO, banks etc.) use VMS. Some smaller banks use(d)
OS/2.
Same situation as above.
I never said that those use UNIX, did I?
(if you disagree, please post the line!)
All I said was that those don't use Windows.
Are you sure you have read my post?
Yes. Your whole post was a defense of Unix (Linux) with comments about
why Windows is bad. BTW I have not seen any airport where the terminals
were non-Windows...
OS/2 is a very good Java platform. I don't know anything about VMS, but it's
certainly not impossible to port a Java Virtual Machine for this system as
well.
No. And I guess it exists. And I guess it is a security risk as all
Java VMs are.
Again, I never said that UNIX is used in all the places you described above.
I get the feeling that you are replying to the wrong post here.
You implied.
Post by Attila Feher
So don't take UNIX to any higher level than it is.
I never did that, you are currently doing that because you assume ... well, I
have no idea what you are assuming.
What your post was about. :-)
Post by Attila Feher
And about Windows being a shit: Just try to look around and find a
portable async gethostbyname or a standard gethostbyname_r for
Unices... Good luck. BTW you can find numerous workarounds which fail
in numerous environments.
And the fact that this function (which I personally have never needed up to
now) doesn't exist on UNIX is the proof that Windows isn't shit? Funny, but
that makes no sense to me.
Did I say it exists in Windows? Did I say that? When? _If_ you never
needed it how do you know by hearth it does exists as a service in
WinSock and does not in Unix???
Post by Attila Feher
Windows is not better than UNIX and UNIX is not better than Windows and
none of those are neither secure nor realtime O/Ss.
1) I never said that UNIX is better than Windows (correct me if you can!), I
only said that Windows is unstable, insecure and not very well thought out.
Just like Unix in general.
2) I never said that UNIX is secure, neither in my last post nor in this post.
You implied
3) There actually is a realtime version of Linux ... just thought I should
mention that.
Which is not "realtime enough".
Post by Attila Feher
Don't make a religious war about this.
It rather looks like /you/ are making a religious war out of that.
I nowhere said "UNIX is better" and that all people shall use UNIX PC instead
of Windows PCs. I use Windows myself (not as only OS, but still more often).
I was only pointing out that not 99.9999% of all PCs run with Win32 (the
reality is not even close to that) and that cross-platform development has no
disadvantages.
Yep, U R right in that. Only disadvantage is if your market size for
Win32 platforms is the 80% of your market and you spend too much time to
serve 15% of the rest (you will never have a fully PI SW) and so you
loose that whole 80%, too.
Post by Attila Feher
Like online casino SW. Would they survive with a Linux only solution?
I don't know and I don't care. I'm a supporter of cross-platform solutions and
a Linux only solution is no cross-platform solution.
All I was pointing out is that a Windows solution might cover 60-90% of
your existing market. Which is usually not true with Unix solutions.
But working on Unices: you are right. There is no such thing as Unix.
You _must_ do cross platform development, know all the non-standard sh*t
and all the errors of all O/Ss you ever want to support. HP-UX fails at
different places than Solaris 2.7 etc.
You seem to misunderstands my motives. Saying how shitty Windows is and only
developing Linux software from this day on isn't making the situation any
better. You exchange one "platform dependent solution" with another "platform
dependent solution". Cross-platform development meaning to not develop for any
specific platform.
I'd like to see you to make a full featured GUI which runs on Windows
(all the 5+1 versions in use plus CEs) _and_ all Unices with all Window
Managers with no incompatibilities (clipboard etc.). They are simply
way too different to be able to use the same code base. If you can, you
end up with: either a Java monster, a ported MFC-crashing monster, or a
SW which supports only unacceptable subset of the GUI capabilities of
the Windows platform.

Business logic can be portable easily. GUI.... maybe if it is HTML
based...
It means developing a base version that can run everywhere and then only
fine-tune this base version for different systems. That's cross-platform
development.
There is no such thing. If you believe in that... Maybe for very
simple applications where it is enough to use what the GUI meant 10
years ago.
To get back to your question: Would the casino SW developers also survive when
creating software that can run on Windows, Linux, Solaris, Irix and OS/2?
Certainly! Maybe even better than they are doing right now.
Certainly not. They would be about to finish the first beta version of
their SW, when the market is already shared between the players. If my
friend would have decided to make a cross platform version he would
certainly loose the game. You know individual users don't care if you
casino SW will not run on the Mac of somebody else. In that sector
cross platform hgas no marketing value in the mass market: the home
Windows user. Not even NT needed to be supported for a looong time.
:-))))
Post by Attila Feher
So there is a huge market for Windows apps.
Just like there's a huge market for other OSes, so why not supplying software
for more than a single market? Because you could gain more customers and earn
more money? Yeah, that would certainly be a big disadvantage.
Why not? Because the market compared to the Windows one (depending on
your area) might be too small or too far to be worth the effort. Same
thing can happen for areas where Windows users have no need but Unix
users/systems.
If you are developing a online application that people shall be able to use
within their browser (and that's what this whole thread is all about...but I
assume you don't know that because you haven't read anything within this thread
up to now, including my post to that you are replying), where is the advantage
of limiting it to a single platform? I don't see any.
Online application is not necessarily "within the browser". "Withing
the browser" is Java, ActiveX or C# or goodbye. Java is still a very
unstable and unsecure stuff where VMs are incompatible etc. No 1.3 for
IE etc. ActiveX is Windows only. C# - I have not heard much good about
it yet.
The cross-platform solution is there, all you need to do is using it!
I have been working together with _the_ Java evangelist of Hungary, who
was been using, promoting, supporting Java, making large systems for all
the years Java existed. If you believe in effortless Java code
portability, you did not work enough with Java... esp. between different
VMs.

A
TGOS
2001-06-05 02:30:04 UTC
Permalink
On Mon, 04 Jun 2001 08:09:57 +0300, Attila Feher <Attila.Feher at lmf.ericsson.se>
<snip>
Post by Attila Feher
Post by Attila Feher
Just to inform you: the worlds easiest to hack and crack systems are the
UNIX systems.
That's absolutely incorrect.
That is _absolutely_ correct. There is no system like unices, full with
security holes.
Look, I'm no cracker. I have very little knowledge about how to corrupt a
system, but on my university I'm trying to get root rights for two years now,
without anything even close to success. On a WinNT system of a company (for
that I was doing some network installation is part time job), it took me less
than 24h.
Post by Attila Feher
Crackers _does_ start on unices, the easiest to crack
systems.
All crackers I know started with Windows, because they say that hacking a
private Windows system is a lot more interesting than getting access to most
UNIX systems. Especially when hacking Win9x, as once you are in, there are no
security mechanisms anymore.

If you take a look at hacker-pages on the WEB, you'll get hundreds of tools
that corrupt Windows systems (DoS, Nukers, password file cracker, backdoor
access software, etc.) and not even a handful of those tools for UNIX. IOW
everyone can crack a Windows system (even people who don't have the knowledge),
because there are easy to use tools that will do all the work for you.
Post by Attila Feher
If you think they start on VMS, you are alone.
So are you trying to say that VMS is so secure because it's an unknown system?
Could it be the case, that VMS isn't as secure as you (and many other people
believe) and it's just doesn't get hacked because there are way too little
hackers who try it? How secure a system really is will only get proved if there
are thousands of hacker who try to hack it daily. Since that seems not to be
the case for VMS, you can't make any predictions regarding its security

Despite that, I certainly won't claim that UNIX is more secure than VMS, since
I don't know enough about this system. If VMS main goal during development was
to make it as secure as possible, it's most likely more secure than UNIX,
Windows, Linux and some other systems. Therefor I'm sure it has other
disadvantages.
Post by Attila Feher
The Unix systems are _designed_ to be wide open.
Usenet was designed for text messages, but it gets used for binary exchange as
well. In reality it plays no role for what something was designed, but rather
for it is used. There are thousands of examples where things are used for
completely different purpose than for what they got designed.
Post by Attila Feher
So you _do_ need an expert to close them.
I see, something we can both agree to.
And those experts are named "UNIX system administrator".
Who is hiring a UNIX system admin without the necessary qualification has a
problem, that's no secret.
Post by Attila Feher
Not such with VMS.
I don't know why you always have to mention VMS (probably you are working for
Compaq), but this discussion isn't about which system is more secure, it's
about cross-platform solutions versus single system solutions. Despite that,
since POSIX was added to VMS, it became a lot similar to UNIX and there's even
a GNU project for VMS.
Post by Attila Feher
Creating a perfectly secured Unix system is equally extremely hard.
Never said it is easy, but in case of Windows it's sometimes impossible.
Post by Attila Feher
It is not enough on Windows NT to be an ordinary user to do a crack.
I only was an ordinary user, which was enough to run a crack.
Post by Attila Feher
You don't even seem to know the diff between hack and crack...
| A hacker is a clever programmer. A "good hack" is a clever solution to
| a programming problem and "hacking" is the act of doing it.
- Source: "The New Hacker's Dictionary"

To hack a system means to

| A cracker is someone who breaks into someone else's computer system,
| often on a network; bypasses passwords or licenses in computer programs;
| or in other ways intentionally breaches computer security.
- Source: "Whatis.com"

But in IMHO that's not quite correct. Hackers also break into computer system,
just without malicious intentions and without doing any harm to that system.

Hackers are often confused with crackers. Uninformed users usually use "hacking
a system" as synonym for breaking into a system from an external source (via
network) and "cracking a system" as synonym for manipulating software on that
system or circumventing security mechanism within the system. But in fact
that's not really correct. Actually both is cracking.
Post by Attila Feher
And on (a well secured) NT it is not enough to get in as an
ordinary user to crack it. Same as with Unix. :-)
But the problem is that the majority of WinNT system are a lot less secured
than UNIX system, simply because everyone can administrate a WinNT system (or
at least everyone believes that). And when there's a problem with some software
on your WinNT system (e.g. third party software), you don't have to possibility
to look at the source code, fix it and then recompile it.

Not to mention that the user right settings are very problematic on WinNT. In a
really secure system, users don't have enough rights for most tasks what leads
to problems (as I was once told by a company: "We can't use WinNT, because then
we would have to give all users full access and that would destroy any security
concept. Without that all software would have to get rewritten.").

<snip>
Post by Attila Feher
Not really. Windows code is seen by thousands before release. The fact
you were not invited to this circle of privileged non-MS people does not
mean it does not exist.
But that's exactly the problem: MS choose a few privileged who can see their
code (and they aren't allowed to edit it, just having a look!). Despite that
this isn't valid for all their code.

So the quality of this "code viewing" depends a lot on "who MS chooses" and how
many. I still say that more people see UNIX code than MS code (I won't even
mention LINUX here, what is seen even by normal users). And the people who are
really interesting (hackers and crackers) will not be able to inspect the code
of Micro$oft and point out possible problems.
Post by Attila Feher
You put it as a favour to UNIX!
I'm not in favor for UNIX.
I say that UNIX is better than Windows in many cases, but I don't say that it's
perfect. I personally am no defender of the idea that the whole word shall
start using UNIX, I only pointed out that a lot of people are using UNIX right
now.
Post by Attila Feher
Implying that UNIX is.
Never argue on the base of what people might imply, you can only argue on the
base of what they are saying.
Post by Attila Feher
PLEASE, don't put words into my mouth that I never used!
I suggest you read my post a second time.
Don't be a politician!!! You know if I start defend UNIX based on that
Windows _is_not_ secure (WHICH ONE?????) than people automatically think
UNIX is.
What people think and what I say are two pair of shoes.
Post by Attila Feher
You imply that Unices are used in banks and secure places
which is not true either, at least not for most.
I never said so. Not in this post and not in my last two posts.
To repeat myself: I only said that Windows is NOT used there.
Post by Attila Feher
Yes. Your whole post was a defense of Unix (Linux) with comments about
why Windows is bad.
My post wasn't a defense of UNIX. My post was just pointing out that plenty of
people don't use Windows and they have good reasons why they don't use it.
Post by Attila Feher
BTW I have not seen any airport where the terminals were non-Windows...
Yes and wanna bet that I can find someone who can crack such a terminal in less
than two hours. I bet if this terminal would run with Linux or maybe with
FreeBSD that wouldn't be that easy.

The terminals at central station also run with Windows and guess how many
pictures I've already seen where those terminals show a "blue screen"?

One of my friends is working in a computer company, which are offering and they
run a WinNT web server and he told me that it crashes at least once a month,
usually more often. The Solaris server at our university is now running for
years and it never crashed even once. It only was rebooted to add new hardware.
Post by Attila Feher
OS/2 is a very good Java platform. I don't know anything about VMS, but it's
certainly not impossible to port a Java Virtual Machine for this system as
well.
No. And I guess it exists. And I guess it is a security risk as all
Java VMs are.
If VMS is really as secure as you always say, it should be no problem to limit
access rights of the JVM via system configuration in such a way that it can't
cause any damage to the system. Despite that you can also write your own
Security Manager for Java and that way further limit access rights.
Post by Attila Feher
Again, I never said that UNIX is used in all the places you described above.
You implied.
I did not, I just said Windows ins't used there.
Post by Attila Feher
I never did that, you are currently doing that because you assume ... well, I
have no idea what you are assuming.
What your post was about. :-)
My post is about the fact that every user should be free to chouse his/her
favorite OS according to his her personal needs and nobody should be forced to
accept the flaws of a certain OS, just because some shit-head programmers left
him/her no other choice.
Post by Attila Feher
Post by Attila Feher
And about Windows being a shit: Just try to look around and find a
portable async gethostbyname or a standard gethostbyname_r for
Unices... Good luck. BTW you can find numerous workarounds which fail
in numerous environments.
And the fact that this function (which I personally have never needed up to
now) doesn't exist on UNIX is the proof that Windows isn't shit? Funny, but
that makes no sense to me.
Did I say it exists in Windows?
No. Did I?

But I know that async gethoutbyname exists in Windows.
(I'm doing my homework before replying to a post)
Post by Attila Feher
_If_ you never needed it how do you know by hearth it does
exists as a service in WinSock and does not in Unix???
You said "find [...] for Unices", so I went to Google and started searching for
it. And I found an async version working with multiple threads for UNIX/Linux
systems. But I'm sorry, I haven't bookmarked the link.
Post by Attila Feher
1) I never said that UNIX is better than Windows (correct me if you can!), I
only said that Windows is unstable, insecure and not very well thought out.
Just like Unix in general.
UNIX is very stable (when not using BETA versions). A crashed thread usually
won't take down the whole system, what happens pretty often in Windows
(especially when a hardware driver crashes). Linux is even better here. I can
even intentionally crash hardware drivers and the system survives it (as long
as I don't crash drivers that the system needs to survive.

And UNIX is very well though out, an easy concept that is strictly upheld. It's
like a house build out of LEGO blocks, with clear data paths. Windows is rather
like throwing all blocks into a back, shaking it twenty times and throwing them
onto a table. Data paths are very unclear to normal users.

I admit, you need more knowledge to be a UNIX admin than being a Windows admin
(Windows hides its chaos behind a neat, easy to use GUI), but as UNIX admin you
also have a lot more power over the system. And that makes Windows more
insecure, because users often aren't able to see security holes until it's too
late.
Post by Attila Feher
2) I never said that UNIX is secure, neither in my last post nor in this post.
You implied
There is no absolute security, it's always just relative.
(How was that? "A PC is only secure when you cut all cables, lock it into a
safe and sink it in the middle of the Atlantic.")

<snip>
Post by Attila Feher
Yep, U R right in that. Only disadvantage is if your market size for
Win32 platforms is the 80% of your market and you spend too much time to
serve 15% of the rest (you will never have a fully PI SW) and so you
loose that whole 80%, too.
If 20% of your other market is mainly using 4 other platforms and you aren't
able to server all of them, you might have the wrong job.
And your boss might also have the wrong job, because if I were your boss, I'd
look form someone who's able to server 95% of the market.
Post by Attila Feher
All I was pointing out is that a Windows solution might cover 60-90% of
your existing market.
Why? What are you developing that the Linux, OS/2, MacOS, BeOS, AIX, HP-UX,
Solaris, BSD, FreeBSD and the users of over 50 other OSes aren't interested in?
And how do you know, have you asked every single user on this planet?

<snip>
Post by Attila Feher
Business logic can be portable easily. GUI.... maybe if it is HTML
based...
Java itself runs on all those systems and it's offering enough elements for
your GUI. Swing is offering enough elements to write your own MS Office.
Only mouse wheel support is currently missing, but Java1.4 will also add mouse
wheel support (right now I'm just playing around with the BETA version).

Despite that, you can write 90% of your application in Java and then add the
missing 10% via C++ or even native assembler code (for speed reasons or to add
special OS features that Java doesn't support at the moment). That has the
advantage that you always only need to rewrite 10% of your application for
every new platform. And platforms you don't support directly can still use your
application, in that case just without those special features or without the
additional speed boost.

For C++, try using Qt.
It exists for:
- AIX
- BSDI/OS
- DG/UX
- HP-UX
- Irix
- Linux
- OS/2 (but only with an installation of XFree86)
- QNX
- SCO UNIX
- Solaris
- Tru64
- Windows 95
- Windows 98
- Windows NT and 2000

I think there's even a Palmtop version, maybe other embedded systems will
follow. This will make your GUI run-able on quite a lot of platforms in native
speed, with lots of features (like "skin support"). The free version is of
course limited (I think no 3D support, no network and IO libraries), but a
company that plans to increase their market by 15% of users might as well pay
for the commercial version.
Post by Attila Feher
It means developing a base version that can run everywhere and then only
fine-tune this base version for different systems. That's cross-platform
development.
There is no such thing. If you believe in that... Maybe for very
simple applications where it is enough to use what the GUI meant 10
years ago.
Nonsense. What kind of GUI element do you intent to use that Java doesn't
support? Java has even build-in anti-aliasing, alpha transparency and texture
support. Also build-in support for common picture formats and HTML rendering.

That's additional to all the GUI elements Swing provides. Those are at least as
many as you will find in Visual C++, if not even more:
- Buttons
- Borders
- Boxes
- CheckBoxes
- ColorChooser
- ComboBoxes
- DialogBoxes
- InternalFrames
- Labels
- Lists
- Menus
- Panels
- PopupMenus
- ProgressBars
- RadioButtons
- ScrollBars
- Seperators
- SlideBars
- Tables
- TextAreas
- TextFields
- TextPanes
- ToolBars
- Trees
- Windows

Also the predefined Windows exist, like FileChooser, as well as some other I
forgot to mention and non-GUI stuff (like Timers). And every element currently
exist in three versions (Windows, Metal and Motif ... others like Macintosh may
follow in future Swing versions) and you can switch between those different
versions on the fly and even implement own versions, e.g. simply use a picture
for every element (so your applet can have a full skin support).
Post by Attila Feher
To get back to your question: Would the casino SW developers also survive when
creating software that can run on Windows, Linux, Solaris, Irix and OS/2?
Certainly! Maybe even better than they are doing right now.
Certainly not. They would be about to finish the first beta version of
their SW, when the market is already shared between the players.
For what a C++ programmer needs 3 hours is done in one hour by a Java
programmer, not to mention that Java is more than 200% easier to debug in case
of errors. Don't forget you can use Java also server side and there you are
free to use the latest version of it.

You are even allowed to bundle a JRE (Java Runtime Environment) with your Java
application, meaning the target PC doesn't even need to have an installation of
Java.

And depending on task, other programming languages are even more efficient than
Java. A single line of code in some programming languages will do more than 20
lines of Java, which usually are better than 60 lines of C++.

<snip>
Post by Attila Feher
Why not? Because the market compared to the Windows one (depending on
your area) might be too small or too far to be worth the effort. Same
thing can happen for areas where Windows users have no need but Unix
users/systems.
Look:

China, one billion people. Computer shops in China sell Linux 200 times more
often than Windows. The Chinese government plans to increase the usage of Linux
even more (they don't trust Micro$oft, open source rules, as they can make sure
there's no spyware inside). BTW downloaded distributions aren't counted here.

You must watch beyond your limited horizon or one day this attitude will break
your neck (or the neck of your company). Others will jump into that gap and
then they will have the market you never had as well as parts of the market you
_do_ have.

If you only want to provide your software *locally* you are limited your market
in two ways (only users of a certain OS and only within one area). What's next?
Only users with a specific first name?

To not loose the topic (as I think you are completely losing the point of this
discussion), take a look at the subject of this post:
"3D manipulation over web"

Over web means inside a webpage, IOW inside the browser.
So either within a plugin, server-side or Java.

Why should 3d access "over web" to a database be limited to x86 or Windows
users? Why can't it be for everyone? Why aren't people in China allowed to use
it? Because you believe that you can save 5 minutes through a win-only solution
(what is not even true)?
Post by Attila Feher
Online application is not necessarily "within the browser". "Withing
the browser" is Java, ActiveX or C# or goodbye.
C# ????
My browser doesn't run C#, not even my system as a whole can run C#.
No system which I ever was using during my whole life was able to run C# up to
now.

And ActiveX...come on, ActiveX is the same as installing a browser plug-in,
there's no difference (there is for the programmer, but not for the user). So
you can as well use any other kind of plug-in.
Post by Attila Feher
Java is still a very unstable
Hasn't crashed my PC a single time and I use it daily.
I currently develop exclusively in Java and my programming IDE is written
itself in Java. Everything always runs fine and I have no idea what you mean by
unstable.
Post by Attila Feher
and unsecure stuff where VMs are incompatible etc.
VMs aren't incompatible in general (leaving bugs aside).
I always test my software on at least 5 different platforms and never ran into
a single problem.
Post by Attila Feher
ActiveX is Windows only.
ActiveX means that the browser downloads and installs a plug-in which then is
controlled by script code within the page. Then you can as well offer a real
plug-in and you can write that for more than one platform (Flash exists for
UNIX, Linux and MacOS for example).

But of course Java will save you a lot of work here.
Post by Attila Feher
The cross-platform solution is there, all you need to do is using it!
I have been working together with _the_ Java evangelist of Hungary, who
was been using, promoting, supporting Java, making large systems for all
the years Java existed. If you believe in effortless Java code
portability, you did not work enough with Java... esp. between different
VMs.
All Java code that I was using up to now did at least run on:
Win98, WinNT, Linux, Solaris and Irix.
(I don't have access to more platforms, otherwise I would test it on those
platforms as well)

If it will work in a cell phone with Java support is questionable, but such
already a way too specific devices. A set top box for your TV will maybe not
have a problem if it supports the correct Java version.

But better supporting only a few platforms (5 to 10) than supporting only a
single platform. You will never be able to support every platform that exists,
but limiting your solution to a single platform right from the start (for
reasons that you weren't even able to make clear up to now) is certainly no
good approach towards a solution.
--
TGOS
TGOS
2001-06-03 13:48:12 UTC
Permalink
On Sat, 2 Jun 2001 22:31:50 +0200, "Polterguy"
Post by Polterguy
[...snip...]
I agree totally, but fact is 99.99999% of the commersial world uses win32.
Are you sure you understand the term "commercial"?
Windows is mainly used by private users and not even there 99% of them use it.

Do you think a nuclear power plant runs with Windows? Or maybe the software of
an airport tower? If that's the case, how many people do you think would die
during a blue screen error?

Do you think the majority of worldwide banks use Windows? An easy to hack,
insecure and not very stable operating system? A blue screen would mean loosing
millions of dollars a minute and a single hack would make every hacker a rich
man.

At my university are over 2,000 PCs and not a single one runs with Windows.

On which planet are you living?
You probably think that 99% of all CPUs currently in use are x86 CPUs, right?
Well, that's damn wrong. Not even 40% of all CPUs are x86 compatible ones.
(Source: Market Research of '99...not quite up-to-date, but there hasn't
changed that much in the last 1 and half years)
And with what OS do you think run the other 60%? Certainly not with Windows.
Post by Polterguy
So why go through the extra trouble adding cross OS programming when it's
going to increase the cost of releasing a product with a factor of 50?!?
Have you actually read the first post within the thread you are replying to?
Where is the difference for a programmer, whether he uses a Windows only
solution or a cross platform solution?

He was told to use a Windows-only version, which is rather stupid considering
that there's already a cross-platform solution, that is as powerful as the
Windows only one.
Post by Polterguy
All game companies founded on cross OS releases have either gone broke or
are soon to become so!
Especially ID Software (creators of Doom1/2 and Quake1/2/3), who only use
OpenGL and all their games exist for a huge range of platforms (including
Linux, Unix and Macintosh). So much to the credibility of your "facts".

Despite that, games are really important for "commercial PC users". I mean
office workers play Quake all day long, that's what they get paid for, right?

How can someone talk about the "commercial world" and then mention games?
The fact that most game companies only develop games for Win32 platforms, has a
simple reason: only private users play games and there the majority has a Win32
platform.

But where is the connection between private users and the "commercial world"?
Post by Polterguy
If you want to be successfule and reach 99.9999% of the world use technology
built on win32, DirectX, C++, hell fucking ay, if you can get away with it
use VB!!.
What you say make no sense. You say people shall use a Win-only solution (what
will run on Windows, but nowhere else), instead using a cross-platform
solution, that will run anywhere, also on Windows.

If really 99% of all PCs run with Windows, it's no problem to use a
cross-platform solution...it will run on Windows, too. By using a
cross-platform solution you *aren't losing* the Windows market, you just add
some additional markets to it. By using a Win-only solution, you lose every
other market right from the start.

IOW throughout your whole post you haven't mentioned a single argument that
would speak against cross-platform development. Not to mention that VB uses a
Virtual Machine working in a similar manner like Java. So when you use VB, you
can also use Java.
Post by Polterguy
Use OBJECT tags in your HTML
Object tags got created by the W3C (World Wide Web Consortium) and have nothing
to do with Micro$oft in any way. They are part of HTML4 standard, which is no
Micro$oft standard, but a cross-platform standard (like all HTML standards).

Actually without cross-platform standards and cross-platform software, the
INTERNET wouldn't even exist, since Micro$oft hasn't created it! Guess with
what software the first Internet servers were running and with what software
they are still running?

All great inventions that you use every day are cross-platform standards. MP3,
MPEG, HTML, EMail, Usenet, etc. If we had waited until MS had created all those
things, we would still be in computer stone age.
Post by Polterguy
use ASP (especially the new ASPX and the webforms
i find XTREMELY interresting...).
You aren't working for Micro$oft, are you?
Why should anyone use ASP?
My webserver doesn't even support that, because it runs on Unix...oh, what a
coincident, must be one of the 0.000001% of servers that don't use Win32, just
like all the other servers I used in past (including the router/file server I'm
running at home right now). If really there are only 0.000001% of non Win32
PCs, I must have used every single one of them up to now.

I use rather PHP, JSP or SSI when I'll need such a technology (all supported by
my webhost).

BTW, isn't it funny that non-Windows PCs always support a wide variation of
different technologies, while Windows PCs usually are limited to a single one,
which always comes from Micro$oft?!?
Post by Polterguy
This is my opinion and I realize this will probably become my own social
suicide, but fact is that every successfule software dealer don't give a
shit about anything but windows...
All the computer stores in my town sell Linux (it's in every shop window), only
very few sell Windows (why should they? Most people got a free copy with their
PC).

In some countries there are even more Unix/Linux PCs than Windows PCs. Please
never assume that what is valid in your country is valid for the rest of the
world as well. You are not living alone on that planet and your country isn't
the only one that exists or that is important.

Finally, all the companies that were using Win-only solutions til today are now
making their solutions cross-platform (as they realized that they are missing
an important market otherwise) and that is costing them million of dollars, not
to mention a huge amount of work. If they had use cross-platform solutions
right from the start, they wouldn't have all those troubles right now.

IOW you suggestion to companies is pretty stupid, since what will save them a
few bucks right now will cost them million of dollars in a few years. And all
the *really* big software companies that exist are all writing cross-platform
applications, the ones that create stuff for Windows only are usually the
smaller, less important software companies.

Even Microsoft is selling their MS Office for Macintosh, just like they have a
Mac version of IE and if Linux's popularity will raise a lot the next two
years, I bet that they will also write IE and MS Office for Linux (of course
not open source ... but not everything that exists for Linux is open source).

BTW cross-platform development has nothing to do with Java you can also develop
cross-platform applications in other languages. There are lot's of C libraries
that exist for more than just a single plattform and it's always a good idea to
use those instead of Win32 libraries that exist for Windows only.


And _THAT'S_ my opinion!
--
TGOS

| We've done so much, with so little, such a long time,
| that we now can achieve everything with nothing.
- RTL2
Attila Feher
2001-06-03 14:21:30 UTC
Permalink
Post by TGOS
On Sat, 2 Jun 2001 22:31:50 +0200, "Polterguy"
Post by Polterguy
[...snip...]
I agree totally, but fact is 99.99999% of the commersial world uses win32.
Are you sure you understand the term "commercial"?
Windows is mainly used by private users and not even there 99% of them use it.
Do you think a nuclear power plant runs with Windows? Or maybe the software of
an airport tower? If that's the case, how many people do you think would die
during a blue screen error?
Do you think the majority of worldwide banks use Windows? An easy to hack,
insecure and not very stable operating system? A blue screen would mean loosing
millions of dollars a minute and a single hack would make every hacker a rich
man.
[SNIP]
Post by TGOS
In some countries there are even more Unix/Linux PCs than Windows PCs. Please
never assume that what is valid in your country is valid for the rest of the
world as well. You are not living alone on that planet and your country isn't
the only one that exists or that is important.
[SNIP]

Just to inform you: the worlds easiest to hack and crack systems are the
UNIX systems. Due to the fact that they have been designed for
university (friendly) environment. Serious users (security, incl. but
not limited to NATO, banks etc.) use VMS. Some smaller banks use(d)
OS/2. But what is sure: Linux (UNIX) with sources is ony used (at
serious places) as firewall (where the actuall OS is inspected and
corrected line by line) and as a Web Server with no online connection to
the real internal network. So don't take UNIX to any higher level than
it is.

And about Windows being a shit: Just try to look around and find a
portable async gethostbyname or a standard gethostbyname_r for
Unices... Good luck. BTW you can find numerous workarounds which fail
in numerous environments.

Windows is not better than UNIX and UNIX is not better than Windows and
none of those are neither secure nor realtime O/Ss. Don't make a
religious war about this.

BTW 1 addition: there are numerous Internet SW which run only on Windows
(some only on win9x series) and they do survive. Like online casino
SW. Would they survive with a Linux only solution? So there is a huge
market for Windows apps. There is also a market for UnIX apps, although
usually different one. Apple is somewhere in the "still present" area
thanx mostly to education facilities having Apple, people buying them
for they look good and CEOs buying them for they look expensive... I am
not saying they are not good.

I am in this business for more than 10 years and as far as I see all
O/Ss suck. You either don't have a market with them or they simply suck
due to bad design or due to being "compatible" to some old stds.

A
TGOS
2001-06-03 17:44:03 UTC
Permalink
On Sun, 03 Jun 2001 17:21:30 +0300, Attila Feher <Attila.Feher at lmf.ericsson.se>
wrote:

<snip>
Post by Attila Feher
Just to inform you: the worlds easiest to hack and crack systems are the
UNIX systems.
That's absolutely incorrect.
It's easily provable by having a look at "how" hackers were entering a Unix
system. Whenever a new hack is made public somewhere on the Internet, I first
have a look at "how it was done" because that's most interesting to me (more
interesting than "who was hacking the system" and "for what reason"). And
usually I'll read the following:
"This hack was possible because of a security hole in XYZ, that got fixed in
version 1.234, which was released <long time ago>".

But that's all only valid for maybe 5% of all hacks, 95% of all hacks are only
possible because the hired system admin wasn't qualified for this job. Come on,
if you leave your UNIX server widely open to the public, it's no wonder if you
get hacked.

IOW most UNIX hacks only result of poor administration and hacking a perfectly
secured UNIX system is extremely hard. In most cases it's harder than hacking
Windows, because only a "root-hack" is really useful on UNIX systems, whereby
on Windows systems it's enough to be an ordinary user in many cases.

Despite that, more people will be able to see UNIX source code before it gets
released than are actually working for Micro$oft as whole, so the chance that
they find hidden bugs in network code (for example) is a lot higher than in
case of Windows.

But leaving this all aside for a second:
*Where* in my post did I say that Unix is extremely secure and hard to hack?
All I said is that Windows isn't secure.

PLEASE, don't put words into my mouth that I never used!
I suggest you read my post a second time.
Post by Attila Feher
Serious users (security, incl. but
not limited to NATO, banks etc.) use VMS. Some smaller banks use(d)
OS/2.
Same situation as above.
I never said that those use UNIX, did I?
(if you disagree, please post the line!)
All I said was that those don't use Windows.
Are you sure you have read my post?

And speaking about cross-platform development:
OS/2 is a very good Java platform. I don't know anything about VMS, but it's
certainly not impossible to port a Java Virtual Machine for this system as
well.
Post by Attila Feher
But what is sure: Linux (UNIX) with sources is ony used (at
serious places) as firewall (where the actuall OS is inspected and
corrected line by line) and as a Web Server with no online connection to
the real internal network.
Again, I never said that UNIX is used in all the places you described above.
I get the feeling that you are replying to the wrong post here.
Post by Attila Feher
So don't take UNIX to any higher level than it is.
I never did that, you are currently doing that because you assume ... well, I
have no idea what you are assuming.
Post by Attila Feher
And about Windows being a shit: Just try to look around and find a
portable async gethostbyname or a standard gethostbyname_r for
Unices... Good luck. BTW you can find numerous workarounds which fail
in numerous environments.
And the fact that this function (which I personally have never needed up to
now) doesn't exist on UNIX is the proof that Windows isn't shit? Funny, but
that makes no sense to me.
Post by Attila Feher
Windows is not better than UNIX and UNIX is not better than Windows and
none of those are neither secure nor realtime O/Ss.
1) I never said that UNIX is better than Windows (correct me if you can!), I
only said that Windows is unstable, insecure and not very well thought out.

2) I never said that UNIX is secure, neither in my last post nor in this post.

3) There actually is a realtime version of Linux ... just thought I should
mention that.
Post by Attila Feher
Don't make a religious war about this.
It rather looks like /you/ are making a religious war out of that.
I nowhere said "UNIX is better" and that all people shall use UNIX PC instead
of Windows PCs. I use Windows myself (not as only OS, but still more often).

I was only pointing out that not 99.9999% of all PCs run with Win32 (the
reality is not even close to that) and that cross-platform development has no
disadvantages.
Post by Attila Feher
BTW 1 addition: there are numerous Internet SW which run only on Windows
(some only on win9x series) and they do survive.
I never said they can't survive, did I?
I only said that all the BIG companies support multiple platforms, that was
all. Hell, to which post are you really replying here? Certainly not to mine.
Post by Attila Feher
Like online casino SW. Would they survive with a Linux only solution?
I don't know and I don't care. I'm a supporter of cross-platform solutions and
a Linux only solution is no cross-platform solution.

You seem to misunderstands my motives. Saying how shitty Windows is and only
developing Linux software from this day on isn't making the situation any
better. You exchange one "platform dependent solution" with another "platform
dependent solution". Cross-platform development meaning to not develop for any
specific platform.

It means developing a base version that can run everywhere and then only
fine-tune this base version for different systems. That's cross-platform
development.

To get back to your question: Would the casino SW developers also survive when
creating software that can run on Windows, Linux, Solaris, Irix and OS/2?
Certainly! Maybe even better than they are doing right now.
Post by Attila Feher
So there is a huge market for Windows apps.
Just like there's a huge market for other OSes, so why not supplying software
for more than a single market? Because you could gain more customers and earn
more money? Yeah, that would certainly be a big disadvantage.

If you are developing a online application that people shall be able to use
within their browser (and that's what this whole thread is all about...but I
assume you don't know that because you haven't read anything within this thread
up to now, including my post to that you are replying), where is the advantage
of limiting it to a single platform? I don't see any.

The cross-platform solution is there, all you need to do is using it!
--
TGOS
Bruce G. Stewart
2001-06-03 14:46:42 UTC
Permalink
Post by TGOS
On Sat, 2 Jun 2001 22:31:50 +0200, "Polterguy"
Post by Polterguy
[...snip...]
I agree totally, but fact is 99.99999% of the commersial world uses win32.
Are you sure you understand the term "commercial"?
Windows is mainly used by private users and not even there 99% of them use it.
Polterguy is unduly pessimistic about the hegemony of Windows, but your
reply is also unrealistic.
Post by TGOS
Do you think a nuclear power plant runs with Windows? Or maybe the software of
an airport tower? If that's the case, how many people do you think would die
during a blue screen error?
Most computer systems, even in the nuclear power and air transport
industries, are not in life critical applications.
Post by TGOS
Do you think the majority of worldwide banks use Windows? An easy to hack,
insecure and not very stable operating system? A blue screen would mean loosing
millions of dollars a minute and a single hack would make every hacker a rich
man.
Yet most do use it. Not exclusively, but for desktop client machines,
it's very pervasive throughout the financial industry.
Post by TGOS
At my university are over 2,000 PCs and not a single one runs with Windows.
You are perhaps fortunate, but not typical. One might wonder why this
is. Surely some individuals or departments could benefit from some
commercial software that is only available for Windows. Are your systems
implemented in some proprietary, non-cross-platform way?
Post by TGOS
On which planet are you living?
You probably think that 99% of all CPUs currently in use are x86 CPUs, right?
Well, that's damn wrong. Not even 40% of all CPUs are x86 compatible ones.
(Source: Market Research of '99...not quite up-to-date, but there hasn't
changed that much in the last 1 and half years)
And with what OS do you think run the other 60%? Certainly not with Windows.
A large percentage of CPUs aren't in personal computers. Many toil away
in microwave ovens, cd players, electric toothbrushes, etc. These aren't
particularly relevent to questions about 3D graphic maniplulation over
the www.

[...]

The main point of your post is well taken. A cross-platform interface
standard is preferable to a platform specific one, other things being
equal. But there's not much point in answering hyperbole with hyperbole.
Roedy Green
2001-06-04 22:38:33 UTC
Permalink
On Sat, 2 Jun 2001 18:30:47 -0400, "Bart Kowalski" <me at nospam.com>
mbedded processors (watches, cell-phones, calculators,
etc),
Last time I looked there were more microprocessors in cars than on
desktops.

For that sort of application, coding cost is spread over more units,
and it not going to change. You have to get it right first time, and
you have to squeeze it into the cheapest possible hardware.

It quite different from writing code to handle business logic where
ease of maintenance is paramount.




For more detail, please look up the key words mentioned in this post in
the Java Glossary at: http://mindprod.com/gloss.html
If you don't see what you were looking for, complain!
or send your contribution for the glossary.

--
Roedy Green, Canadian Mind Products
Custom computer programming since 1963. Ready to take on new work.
Bart Kowalski
2001-06-02 22:30:47 UTC
Permalink
Post by Polterguy
I agree totally, but fact is 99.99999% of the commersial world uses win32.
LOL! This is just ludicrous. It's more like 0.01% yeah.

You are ignoring all the embedded processors (watches, cell-phones, calculators,
etc), all serious research work (supercomputing), most of the internet (servers,
routers), and many other complex systems (nuclear reactor controllers,
spacecraft controllers, flight simulators). Your "commersial world" (sic)
includes but a very insignificant portion of the market which is called "the
home user". This is the low quality part of the software world. The populace.
The part that doesn't require 80 GB/sec bandwidth or microsecond response times.
Many of us couldn't care less about that part of the market and are very happy
providing quality software for the remaining 99%.


Bart.
goose
2001-06-05 13:20:04 UTC
Permalink
Polterguy <idi.amin at nofuckingspamorillsueyourassfrisurf.no> merely scratched his head and went:

my newbie-two-cents-worth opinion ... don't take offence :-)
Post by Polterguy
[...snip...]
I agree totally, but fact is 99.99999% of the commersial world uses win32.
what's your source on this ? *all* the /commercial/ products i've been involved
in developing in my short career has been on *nix systems ... a lot of the
technical managers out there who want a in-house solution prefer to do it
as cheaply as possible ... this means linux/*bsd/etc
Post by Polterguy
So why go through the extra trouble adding cross OS programming when it's
I will ... and anyone who's even remotely involved in the team i am in ..
Post by Polterguy
going to increase the cost of releasing a product with a factor of 50?!?
no it doesn't - if your talking about rewriting everything else to be like
MFC, then it will, but a lean/clean multi-platform lib doesn't need to take
50x longer ...
Post by Polterguy
All game companies founded on cross OS releases have either gone broke or
are soon to become so!
name a few ... and for every one that u name, i'm sure that i can come up with
a company that has gone broke *not* doing cross-platform dev. those stats
only prove that stats lie, nothing else ...
Post by Polterguy
How much I may hate Bill Gates and that stupid CEO of him who doesn't even
know what HAL means, there's still the facts.
If you want to be successfule and reach 99.9999% of the world use technology
built on win32, DirectX, C++, hell fucking ay, if you can get away with it
use VB!!. Use OBJECT tags in your HTML, use ASP (especially the new ASPX and
the webforms i find XTREMELY interresting...).
<rant>
you sound like a windows-weanie i had the displeasure of meeting recently ...
he kept arguing that i was "killing my career by not working on microsoft stuff"
and he refused to believe that there is actually a demand (mayhap, not as large
as for windows-ppl) for unix ppl. he kept saying "no one uses that anymore,
everone uses windows" ... even though i pointed out to him that, two years
ago ppl developing J++ "solutions" were as common as bird droppings, today
no one even puts that on their CV, even if they have used it ... they put
in "java experiance".

2.5/3 years ago, ppl looking for jobs as access "programmers" were in demand,
now ? what happened ?

well, sooner or later someone realized that these ppl were not real "programmers",
just "applications integrators" who charged too much (access was/still is an
expensive product) and moved on to linux/mysql with odbc servers ... much
cheaper, and linux programmers are available at the same rate per/hour
(maybe less) as your avg solution developer ...

going with the flow, and following M$ is a real career limiting move ...
just ask all those MCSE's who decided it was the way to go 3 years ago ...
where do you think the MCSD's are going to be three years from now ?

Microsoft changes the goalposts so often in it's attempt to 'commodotize
protocols' (hope i spelt that right), that you have to constantly try to keep
up with old technology (whatever happened to OLE - spending money learning
that would have been a waste of time - spending the same amount of time and
money learning sockets-programming bsd ala style would still stand you in good
stead now) ...

and before anyone argues about how OLE only underwent a name change, please
consider the sheer *volume* of text those changes generated ...

and, after all they have done trying to push their 'enhancements' ahead,
the linux market is *still* growing (worth, if one believes the redhat
site, approx 24% of server's and 18% of desktops - i'm not too sure tho',
would have another look for stats around the web when i have the time...)
Post by Polterguy
This is my opinion and I realize this will probably become my own social
suicide, but fact is that every successfule software dealer don't give a
shit about anything but windows...
redhat, suse, mandrake - and that's just the linux ones ...
did u ever have a look at lokisoftware ? how about obsidian ?
these companies aren't going under, in fact they are thriving in an
environment where windows 'supposedly' dominates ...
Post by Polterguy
...all though it's really sad, and I wish the world was different...
make your stuff multiplatform ... and not just conformance to 'mfc'
or any other proprietry stuff - chances are you'll have to rewrite
it when the posts are moved again ... learn opengl over activeX, and
java over VB ... build your web-libs with php, not asp, and more ppl
will use them ...

microsoft's dominance has been dropping over the past few years ... and
*may* continue to do so ... *nix has experianced a revival that *no* other
piece of software of OS has *ever* done (well, maybe emacs:-)

if you want to code stuff that only one platform can run, then only one
platform is going to run it ... and we are seeing an explosion in
individuality that i have NEVER seen before ... we currently have more
different types of hardware than ever before ... double goes for software/os,
so don't make the claim that 'everybody' is doing microsoft, 'cos the massive
internet still survives on *nix systems ... and if you'r going to code
games for microsoft ony;, well, y'know it's your career funeral, not mine.

just don't tell me the hogwash that microsoft propogates and expect me
to believe it ...
</rant>
--
goose
-----
<this space for rent - contact me for reasonable rates, p/d>
Bill Darbie
2001-06-02 23:19:46 UTC
Permalink
Post by Polterguy
[...snip...]
I agree totally, but fact is 99.99999% of the commersial world uses win32.
So why go through the extra trouble adding cross OS programming when it's
going to increase the cost of releasing a product with a factor of 50?!?
All game companies founded on cross OS releases have either gone broke or
are soon to become so!
Tell that one to the makers of Quake! I think they will disagree.

Bill
Post by Polterguy
How much I may hate Bill Gates and that stupid CEO of him who doesn't even
know what HAL means, there's still the facts.
If you want to be successfule and reach 99.9999% of the world use technology
built on win32, DirectX, C++, hell fucking ay, if you can get away with it
use VB!!. Use OBJECT tags in your HTML, use ASP (especially the new ASPX and
the webforms i find XTREMELY interresting...).
This is my opinion and I realize this will probably become my own social
suicide, but fact is that every successfule software dealer don't give a
shit about anything but windows...
...all though it's really sad, and I wish the world was different...
Bart Kowalski
2001-06-01 17:46:15 UTC
Permalink
Did the OP mention anything about Windows? Then why the heck are you
suggesting
an extremely platform-dependent solution based on specific technologies from
a
specific vendor?
That's what was surprising me as well. I wonder why nobody seems to know
Java3D, although it's not a new Java extension. Despite great platform support
(please read my other posts), it's easy to use (a high level 3D language).
E.g.: I have a Quake3 Java model editor that uses Java3D.
You only need to download a plugin, which will store a few extra files into
your JVM directory, as well as a JAR file with the classes...that's all. As
long as your PC has OpenGL support (or in case of Windows, both OpenGL and
Direct3D is supported...whereby OpenGL looks better and is faster) nothing
speaks against good looking 3D graphic in Java.
But most people prefer to use poor company solutions over open standards. Most
games use DirectX instead of OpenGL (if they'd use OpenGL, porting them to
other platforms would be a lot easier).
Instead of getting browser companies to finally implement CSS2 (which can be
used together with JavaScript to make incredible text and graphic animations),
they rather force everyone to download a plugin for Flash.
Instead of implementing a full VRML2 support, they will force people to
download a plugin for Shockwave3D. Instead of using PNG (open standard), they
use GIF. The list is endless ...
People always use the first solution they can find, which is usually the one
most propagated. Those are usually commercial solutions, as companies earn
money by propagating them (meaning they make a lot of advertising for their
standard ... something that isn't done enough for open standards). That this
solution may not be the best that exists (there are often a lot better
solutions), that this solution belongs to a single company (and thus only they
have the power to alter or improve it and only they can write viewers for
their
standard) and that this solution might be limited to the platform you are
using
at the moment is simply ignored.
I mean, how many webpages are there that say "You NEED IE 5.5 to watch this
page"? Too many. The fact that this means 50% (or more) of all surfers will
simply skip this page is a risk they are willing to take.
More, actually. By doing such stupid things they are completely ignoring all of
the Unix world and technologies far superior to anything that Windows users
could ever dream of using. It's amazing how some people are so easily influenced
by commercial propaganda.


Bart.
TGOS
2001-06-02 20:34:10 UTC
Permalink
Post by Bart Kowalski
I mean, how many webpages are there that say "You NEED IE 5.5 to watch this
page"? Too many. The fact that this means 50% (or more) of all surfers will
simply skip this page is a risk they are willing to take.
More, actually. By doing such stupid things they are completely ignoring all of
the Unix world
I know. Whenever I surf through the Net at University (Sun Ultra Spars Solaris
PCs, SGI Irix PCs, HP-UX PCs or Intel Linux PCs), I'll have to realize how
little people uphold official standards and how many pages won't work because
of this.

Instead of using lots of JavaScript, people can use simple CGI scripts. Instead
of using most plugins that exist, people could simply use Java (I heard a rumor
that there's even a Java FlashPlayer applet, which will render Flash animations
in your browser without the help of any plugin).
Post by Bart Kowalski
and technologies far superior to anything that Windows users
could ever dream of using.
To quote from my Unix book:
"All operating systems are limited in one way - many even in more than one way
- but Unix is standing above the other systems, since it's a reliably platform
for beginners and experts like no other existing one.
For more than 20 years, Unix got improved by over hundred thousands of people
all over the world [...]"

Often if a new technologies is introduced to Window PCs (either through
Micro$oft or via a private company), it usually was developed and tested on
Unix PCs several for years before.
Post by Bart Kowalski
It's amazing how some people are so easily influenced
by commercial propaganda.
I'm not better than them. I store all my videos in RealVideo format, which is
no open standard either (it belongs to RealNetworks). The problem is: There is
no other video standard that would create decent videos with only 450 KBit/s

ASF is worse in quality (both, picture and sound quality) and it's also a
Micro$oft only standard, meaning it will never exist for other platforms
(RealPlayer also exists for Linux and maybe also for other platforms).

DivX is a hacked ASF version, which is even worse in quality (as it's a hacked
version of an old ASF codec, not of the first one that was officially
released). Despite that, when using DivX, I'll have to use MP3 for audio and
MP3 with 64 KBit/s sounds worse than real audio with 32 KBit/s.

The only open standards are MPEG1 and MPEG2, but both need a lot more bandwidth
than 450 KBit/s to produce decent results. And since I must get 10 videos onto
a single CD, I can't use more than 450 KBit/s for picture and sound together.

MPEG4 will be the first open standard that will produce decent results with
450 KBit/s (DivX isn't really MPEG4, the final MPEG4 standard will not be
compatible with DivX anymore), but right now it only exists in theory.

What's left? Quicktime...but Quicktime is no audio/video codec, it's just a
file/protocol standard like ASF or AVI and you'll still have to use some kind
of codec.
--
TGOS
TGOS
2001-06-01 17:06:25 UTC
Permalink
Did the OP mention anything about Windows? Then why the heck are you suggesting
an extremely platform-dependent solution based on specific technologies from a
specific vendor?
That's what was surprising me as well. I wonder why nobody seems to know
Java3D, although it's not a new Java extension. Despite great platform support
(please read my other posts), it's easy to use (a high level 3D language).

E.g.: I have a Quake3 Java model editor that uses Java3D.
You only need to download a plugin, which will store a few extra files into
your JVM directory, as well as a JAR file with the classes...that's all. As
long as your PC has OpenGL support (or in case of Windows, both OpenGL and
Direct3D is supported...whereby OpenGL looks better and is faster) nothing
speaks against good looking 3D graphic in Java.

But most people prefer to use poor company solutions over open standards. Most
games use DirectX instead of OpenGL (if they'd use OpenGL, porting them to
other platforms would be a lot easier).

Instead of getting browser companies to finally implement CSS2 (which can be
used together with JavaScript to make incredible text and graphic animations),
they rather force everyone to download a plugin for Flash.

Instead of implementing a full VRML2 support, they will force people to
download a plugin for Shockwave3D. Instead of using PNG (open standard), they
use GIF. The list is endless ...


People always use the first solution they can find, which is usually the one
most propagated. Those are usually commercial solutions, as companies earn
money by propagating them (meaning they make a lot of advertising for their
standard ... something that isn't done enough for open standards). That this
solution may not be the best that exists (there are often a lot better
solutions), that this solution belongs to a single company (and thus only they
have the power to alter or improve it and only they can write viewers for their
standard) and that this solution might be limited to the platform you are using
at the moment is simply ignored.

I mean, how many webpages are there that say "You NEED IE 5.5 to watch this
page"? Too many. The fact that this means 50% (or more) of all surfers will
simply skip this page is a risk they are willing to take.
--
TGOS
Habib Ahmed
2001-06-11 14:39:03 UTC
Permalink
AOA n hi ALL (also some silly guy like me, but dont mind)

u want 3d manipulation lang,
the best support is been provided by the OpenGL, it's the industry
standard,
also it is available 4 many platforms, as it is actually depends, on
the hardware graphics card/accelerator present on the client PC(that
supports opengl).
well i also used DirectX 7, its great, but 4 Windows XX platform,
about 50-60 % of ppl use windows, and in WFC, com.ms.* there is a
pakage 4 the implementation of all kinds of win32s win64...... Directx
activex com+.....
u can use that,
While as far as java3D is concerned, i have known it uses the OpenGL
engine,
so get relaxed, its tooooo boooosting, great.
Use it without hasitaion.., Basic optimization in 3d
manipulation(3d-game or any type of 3d App) depends on the coding tech
implemented...
Also C the Anfy Java (search on google.com for Anfy java), i c that
and cant beleive that it can run fast this much, there r various 3d
demos...
all in java, they r nearly running/rendering at the speed that my
Direct3D,
game showed....
So go on Using Java 3D, it best,
Also java in itself is so much optimizing, that if C++ go on
fulfilling the promise of java it could'nt be that much optimized, (i
say this coz basically i am a low-level developer Assembly).
Use it , have a great time,
And also plz inform me about ur app.
feel free 2 contact (any body):
habibcs at hotmail.com and
habib1146 at yahoo.com
CU
waiting 4 ur reply.......
Virtual Viki
2001-06-02 14:02:15 UTC
Permalink
An apllet by itself will render incredibly slow... Anyone who says
differently hasn't really done it. JAVA awt and swing are very slow at
drawing them selves. You best bet is to use the applet with the java 3D
API's to use Open GL. The down side is the client will need some form of
Open GL on the machine. Not usually a problem though. Most new machine
have it.

Oh... and all you anti Cross - Post fanatics out there chill
out!!!!!!!!!!!!! e-commerce/Internet privacy and security is an illusion.
Its all public whether we like it or not.

"Jacqueline L. Spiegel" <jackie at popmail.med.nyu.edu> wrote in message
Hi All,
I will be writing a program that needs to be accessible over the web that
will seek to manipulate objects in three dimensions through the access of an
oracle database. I could be manipulating as much as 32 MB of memory (with
respect to data only) in space. I would also need to slice and
interpolate information on the fly. I am a Java programmer, but my fear is
that Java is not as fast as it should be in order to handle such
manipulation (assume users have at least a T1/cable modem connection, and
are not going in by 56K modem)
What is the best language for this ( I will need to do GUI programming as
well).
Although I am really comfortable with Java and prefer to go this route, I am
wondering if there is a better and faster way (I feel that Java is slow in
general, even for 2D). If you recommend another language, can you please
recommend which 3D library and GUI library that I would use, as well as
explaining how I (or the language's API) connects to the web browser ?
I
am not experienced with "Applet" creation outside of the Java language.
You attention is greatly appreciated with regard to this matter.
CC-ing email to jackie at popmail.med.nyu.edu, would also
be greatly appreciated.
Jacqueline
Bart Kowalski
2001-06-02 16:17:56 UTC
Permalink
Post by Virtual Viki
Oh... and all you anti Cross - Post fanatics out there chill
out!!!!!!!!!!!!! e-commerce/Internet privacy and security is an illusion.
Its all public whether we like it or not.
What the hell are you talking about? It's not about security. It's about not
starting yet another stupid flame war between Java zealots and C++ zealots.


Bart.
Thomas Hansen
2001-06-07 07:51:34 UTC
Permalink
[snip]
I saw the link given further up to the "Burning Metal" game, and it was
quite impressing, but it wasn't even in the nearby of WTGD...
TGOS
2001-06-07 14:02:04 UTC
Permalink
On Thu, 7 Jun 2001 09:51:34 +0200, "Thomas Hansen"
Post by Thomas Hansen
[snip]
I saw the link given further up to the "Burning Metal" game, and it was
quite impressing, but it wasn't even in the nearby of WTGD...
Yeah and I repeat myself when saying:
Burning Metal doesn't use Java3D, it's just software emulation.

If Burning Metal would use Java3D, it had:
- Filtered Textures
- MIP Mapping
- Realistic shading
- Alpha transparency
and other neat features.

The demo racing game of WTGD can use all those features and it hardly looks 10%
better than Burning Metal...that's really a pitiful.
--
TGOS
Thomas Hansen
2001-06-06 14:22:06 UTC
Permalink
[snip]
PS!
It's an ActiveX object,
Ergo it won't work in my browser, nor in any other browser except IE.
Who cares if they're making games since EVERYBODY that play games on
something else then a Sony, GameBoy (or similar) sits in front of a PC...
wraps around DirectX to make scripting 3D games
possible.
Ergo it won't work on any plattforms except Windows.
Same as above, except exchange PC with WIN32 system...
We are talking about Java here, not C++ and the main advantage of Java is
plattform indepency. Why destroying that if it's not necessary?
There's Java3D available for quite some time now. It's a plattform
independend
Java plug-in that makes use of OpenGL for displaying 3D animations with
hardware support. It's support for nearly all propagated PC plattforms
which
one
version running on top of OpenGL and one running on top of Direct3D; I'd
choose
the OpenGL version, because if you have a GeForce or Rendeon graphics
adapter,
you'll have a lot better performance thanks to hardware T&L).
DirectX have had hardware acc. T&L since version 6 or seven I think...
I've seen it with a "need for speed" kind of game and it really works
(on a
PII 300mHz, ATI RAGE PRO 8MB)
I've seen that too and it even works without hardware acceleration.
http://www.minatrix.com/burningmetal2.html
It was very nice, and I was actually very impressed, but it's not even in
the same league as the WTGD...
But with Java3D you'll also have texture filtering and real shading.
http://java.sun.com/products/java-media/3D/index.html
Solaris (Sparc), Windows (x86), Linux (x86), HP-UX, AIX, SGI Irix
--
TGOS
TGOS
2001-06-07 04:11:07 UTC
Permalink
On Wed, 6 Jun 2001 16:22:06 +0200, "Thomas Hansen"
Post by Thomas Hansen
[snip]
PS!
It's an ActiveX object,
Ergo it won't work in my browser, nor in any other browser except IE.
Who cares if they're making games since EVERYBODY that play games on
something else then a Sony, GameBoy (or similar) sits in front of a PC...
Who is talking about games here?
This post is about a person who tries to realize a 3D access interface for a
database from within a browser. Please read a thread carefully before replying
to it.

Despite that, I play games and I also play games within my browser.
And when the game uses Java3D, I can play it on every PC I like. The WT games
don't run on the PCs I usually use, because they either run with Solaris, Irix
or Linux.
Post by Thomas Hansen
wraps around DirectX to make scripting 3D games
possible.
Ergo it won't work on any plattforms except Windows.
Same as above, except exchange PC with WIN32 system...
Why should only Win32 users be allowed to access this database via their
browser? Because some stupid Windows user think that they rule the planet?
Post by Thomas Hansen
DirectX have had hardware acc. T&L since version 6 or seven I think...
No, DirectX7 is the first version with T&L support in hardware.
All older games use software T&L in DirectX (IOW your CPU is doing all the
work) and to make use of the new hardware T&L, programmers have to rewrite
their code, while OpenGL applications automatically make use of this feature,
without altering their code.

(and that also OpenGL is older than DirectX1...so much to Micro$ofts great
libraries)
Post by Thomas Hansen
I've seen that too and it even works without hardware acceleration.
http://www.minatrix.com/burningmetal2.html
It was very nice, and I was actually very impressed, but it's not even in
the same league as the WTGD...
It also doesn't make use of Java3D, IOW that was plain software emulation.
So before you haven't even seen Java3D action, you aren't in the position to
judge about it.
--
TGOS
Bart Kowalski
2001-06-01 01:08:09 UTC
Permalink
The answer to all your prayers is a technology called "WildTangent" (
www.wildtangent.com ) It is a technology that allows websites to embed 3D
applets into the site, using DirectX for hardware rendering. The technology
consists of an API that can be accessed from almost any web-based language,
ie Java, Javascript, Visual Basic and C++, and interfaces with directx to
provide 3D multimedia. To view the final website the user requires a plugin,
which is only 100k i think. I have never actually used it myself, i started
downloading the SDK but never finished it. I have however seen a few demos
of the technology in action, and it is very impressive.
Did the OP mention anything about Windows? Then why the heck are you suggesting
an extremely platform-dependent solution based on specific technologies from a
specific vendor? Has it crossed your mind that perhaps if Java is being used
then portability might be one of the requirements?


Bart.
TGOS
2001-06-01 17:06:25 UTC
Permalink
[Rewritten and shortened because of top-posting]

On Fri, 1 Jun 2001 09:13:16 +0200, "Thomas Hansen"
Hi All,
I will be writing a program that needs to be accessible over the web that
will seek to manipulate objects in three dimensions through the access of
an oracle database.
www.wildtangent.com
Down the Game Driver, start hitting your favourite *JavaScript*!! editor,
off you go...
Thomas
PS!
It's an ActiveX object,
Ergo it won't work in my browser, nor in any other browser except IE.
wraps around DirectX to make scripting 3D games
possible.
Ergo it won't work on any plattforms except Windows.

We are talking about Java here, not C++ and the main advantage of Java is
plattform indepency. Why destroying that if it's not necessary?

There's Java3D available for quite some time now. It's a plattform independend
Java plug-in that makes use of OpenGL for displaying 3D animations with
hardware support. It's support for nearly all propagated PC plattforms which
can also support OpenGL (in case of Windows, there are even two versions: one
version running on top of OpenGL and one running on top of Direct3D; I'd choose
the OpenGL version, because if you have a GeForce or Rendeon graphics adapter,
you'll have a lot better performance thanks to hardware T&L).
I've seen it with a "need for speed" kind of game and it really works (on a
PII 300mHz, ATI RAGE PRO 8MB)
I've seen that too and it even works without hardware acceleration.
http://www.minatrix.com/burningmetal2.html

But with Java3D you'll also have texture filtering and real shading.
http://java.sun.com/products/java-media/3D/index.html

Plattform support:
Solaris (Sparc), Windows (x86), Linux (x86), HP-UX, AIX, SGI Irix
--
TGOS
Randall Hopper
2001-06-01 12:25:49 UTC
Permalink
Jacqueline L. Spiegel:
|
|I will be writing a program that needs to be accessible over the web that
|will seek to manipulate objects in three dimensions through the access of an
|oracle database. I could be manipulating as much as 32 MB of memory (with
|respect to data only) in space. I would also need to slice and
|interpolate information on the fly.

There's not enough detail here about your constraints to get a good feel
for your visualization or operating requirements. From your address, I'm
guessing medical imaging datasets (CT, MR, etc.).

If by "over the web" you mean the web-at-large by DSL, cable modem, and
phone modem users alike who don't necessarily have 3D accelerators, then
pulling 32MB of data over the net for manip on the client end with Java is
probably not realistic. I'm going to guess you want server-side processing.

Consider using the free OpenDX package (formerly IBM Data Explorer):

http://www.opendx.org/
http://www.research.ibm.com/dx/
http://www.freebsd.org/~rhh/py-opendx/

It has a graphical network editor for fast prototyping, and you can code
your network in C or C++ as well. Write a CGI over top and you're set.
I've done exactly this for 3D geodata web server. Much, much less effort
involved than using a general scene graph or bare-metal graphics rendering
library.

There's also JavaDX, an OpenDX back-end that allows you to connect a web
server up more directly to DX, change the values in the network, and feed
images or VRMLs back to the web user.

Randall
--
Randall Hopper
aa8vb at yahoo.com
Gavin Coates
2001-05-31 22:58:27 UTC
Permalink
Ok, two points, many people frown upon people that post to multiple groups,
dont do it. Also why did u post a question on java in a C++ newsgroup?. Well
despite this I will answer your question, but wether you have already
recieved an answer or ever check this forum again I do not know...

The answer to all your prayers is a technology called "WildTangent" (
www.wildtangent.com ) It is a technology that allows websites to embed 3D
applets into the site, using DirectX for hardware rendering. The technology
consists of an API that can be accessed from almost any web-based language,
ie Java, Javascript, Visual Basic and C++, and interfaces with directx to
provide 3D multimedia. To view the final website the user requires a plugin,
which is only 100k i think. I have never actually used it myself, i started
downloading the SDK but never finished it. I have however seen a few demos
of the technology in action, and it is very impressive.

I recommned you check it out..

--
Regards,

Gavin Coates
Co-Founder
www.multiplayercentral.co.uk
"Jacqueline L. Spiegel" <jackie at popmail.med.nyu.edu> wrote in message
Hi All,
I will be writing a program that needs to be accessible over the web that
will seek to manipulate objects in three dimensions through the access of an
oracle database. I could be manipulating as much as 32 MB of memory (with
respect to data only) in space. I would also need to slice and
interpolate information on the fly. I am a Java programmer, but my fear is
that Java is not as fast as it should be in order to handle such
manipulation (assume users have at least a T1/cable modem connection, and
are not going in by 56K modem)
What is the best language for this ( I will need to do GUI programming as
well).
Although I am really comfortable with Java and prefer to go this route, I am
wondering if there is a better and faster way (I feel that Java is slow in
general, even for 2D). If you recommend another language, can you please
recommend which 3D library and GUI library that I would use, as well as
explaining how I (or the language's API) connects to the web browser ?
I
am not experienced with "Applet" creation outside of the Java language.
You attention is greatly appreciated with regard to this matter.
CC-ing email to jackie at popmail.med.nyu.edu, would also
be greatly appreciated.
Jacqueline
Thomas Hansen
2001-06-01 07:13:16 UTC
Permalink
www.wildtangent.com
Down the Game Driver, start hitting your favourite *JavaScript*!! editor,
off you go...

Thomas

PS!
It's an ActiveX object, wraps around DirectX to make scripting 3D games
possible.
I've seen it with a "need for speed" kind of game and it really works (on a
PII 300mHz, ATI RAGE PRO 8MB)


"Jacqueline L. Spiegel" <jackie at popmail.med.nyu.edu> wrote in message
Hi All,
I will be writing a program that needs to be accessible over the web that
will seek to manipulate objects in three dimensions through the access of an
oracle database. I could be manipulating as much as 32 MB of memory (with
respect to data only) in space. I would also need to slice and
interpolate information on the fly. I am a Java programmer, but my fear is
that Java is not as fast as it should be in order to handle such
manipulation (assume users have at least a T1/cable modem connection, and
are not going in by 56K modem)
What is the best language for this ( I will need to do GUI programming as
well).
Although I am really comfortable with Java and prefer to go this route, I am
wondering if there is a better and faster way (I feel that Java is slow in
general, even for 2D). If you recommend another language, can you please
recommend which 3D library and GUI library that I would use, as well as
explaining how I (or the language's API) connects to the web browser ?
I
am not experienced with "Applet" creation outside of the Java language.
You attention is greatly appreciated with regard to this matter.
CC-ing email to jackie at popmail.med.nyu.edu, would also
be greatly appreciated.
Jacqueline
TGOS
2001-05-31 20:35:05 UTC
Permalink
[Post rewritten and shortened, because of top-posting]
Post by Jeff Sandys
I will be writing a program that needs to be accessible over the web that
will seek to manipulate objects in three dimensions through the access of an
oracle database.
<snip>
Post by Jeff Sandys
Although I am really comfortable with Java and prefer to go this route, I am
wondering if there is a better and faster way (I feel that Java is slow in
general, even for 2D).
Alice is a 3d navigator, don't know if it will work for your app though.
http://www.alice.org
That's a Windows only solution for displaying 3D graphics in Java.
http://www.alice.org/about.htm
See what I mean?

Why not using Java3D instead?
Java3D is a java plug-in that exists for Windows, Linux, Solaris and certainly
for other Unix variations as well. It makes use of OpenGL and thus allows you
to render 3D graphics in pretty good quality with acceptable speed.

There's a Java3D demo where you can fly through a city and it's not slow or
anything. It makes use of modern 3D graphic accelerators and thus has bilinear
filtering, decent shading, etc.

Java itself isn't slower than C++, it's more the way how you usually write
programs in Java that make it slow. IOW, if you know how to optimize Java code,
you can gain a lot of speed.


I can only recommend Java3D if you need good looking 3D graphics, that also can
make use of OpenGL hardware accelerators (in case those exist within the PC of
client). Sure, it means that people have to download a JRE from Sun (or IBM)
and then also download the Java3D plugin for this JRE...


Without Java3D, you'll have to write all the 3D code yourself. With Java3D more
stuff is done by the graphics adapter and thus there are more CPU resources
left for your Java code. OTOH, if you're 3D graphics won't be too complex,
Java3D may not lead to any real speed improvident.

3D graphics can be as simple as that:
http://www.beethovan.org/warstorm/Game/view3dwr.htm

Or more like that:
http://www.brackeen.com/home/scared/
(loading might take a while)


Pseudo 3D is fast in Java.
Go here http://www.minatrix.com/servlet/view?file=games.html and choose to play
"Burning Metal 2"...you'll see what I mean.

How fast real 3D can be without hardware acceleration depends a lot on your
coding skills.
--
TGOS
Suchandra Thapa
2001-06-07 13:12:35 UTC
Permalink
the problem with windows is that the original model was totally
flawed and it has inhereted that right down the line. NT is
a ghastly mess. it's security is laughably complex, therefore
unusable.
Window's ACL system is being integrated into Linux systems.
It has several advantages over the traditional unix system since the
it has a finer granularity.
someone should teach those kids at redmond how to do virtual
memory and someone should teach dave cutler that VMS sucked.
Mr. Cutler can be forgiven his VMS leanings since he designed
a large portion of it. Plus, I think VMS systems have amazing
longest uptimes and advanced features. There really isn't much
in the unix world that can give the same features as the VMS
clustering and parallel sysplex. As for uptimes, I've heard of a
VMS system with something like a 19 year uptime.
--
----------------------------------------------------------------------------
|
Suchandra Thapa | "There are only two kinds of math .
s-thapa-11 at NOSPAMalumni.uchicago.edu | books. Those you cannot read beyond
| the first sentence, and those you
| can not read beyond the first page."
| -C.N. Yang
----------------------------------------------------------------------------
Boyd Roberts
2001-06-07 17:42:34 UTC
Permalink
Post by Suchandra Thapa
Window's ACL system is being integrated into Linux systems.
It has several advantages over the traditional unix system since the
it has a finer granularity.
oh great. it still doesn't fix the real problem: root

they plan 9 authentication model is much simpler and cleaner.
Post by Suchandra Thapa
As for uptimes, I've heard of a
VMS system with something like a 19 year uptime.
totally doable with unix systems before the bloat set in the
late '80s and '90s.
Amardeep Singh
1970-01-01 00:00:00 UTC
Permalink
Creating a perfectly secured Unix system is equally extremely hard.
not if you know what you are doing
Yep, w/o the latest SP (was it 5??) for NT4 it was possible. _If_ you
were sitting next to it. Still, it is _very_ rare that a simple user
can sit next to an NT Domain Controller and start whatever he wants.
And if you can crack into an NT workstation... It is still possible
that the IT guys on the wire get alarm about every admin login :-)))
and winnt is the only platform where you can get an alarm
So the quality of this "code viewing" depends a lot on "who MS chooses" and how
many. I still say that more people see UNIX code than MS code (I won't even
mention LINUX here, what is seen even by normal users). And the people who are
really interesting (hackers and crackers) will not be able to inspect the code
of Micro$oft and point out possible problems.
Maybe, maybe not good that many can see the source. You _never_ know
that a guy seeing it and finding something (which has about 1E-10 chance
w/o the soruces) will turn to you or start dialing and make some
money...
http://www.tuxedo.org/~esr/writings/quake-cheats.html
http://www-106.ibm.com/developerworks/linux/library/l-oss.html
http://www.counterpane.com/crypto-gram-9909.html#OpenSourceandSecurity

i cannot convince you otherwise, but perhaps you may rethink

open source is not a guarantee of security, but security through
obscurity idea is dumb in my regard.

"...The reason the closed source model doesn't work is that security -
breakers are a lot more motivated and persistent than good guys (who
have lots of other things to worry about). The bad guys will find the
holes whether source is open or closed.

Closed sources do three bad things. One: they create a false sense of
security. Two: they mean that the good guys will not find holes and fix
them. Three: they make it harder to distribute trustworthy fixes when a
hole is revealed." - Eric Raymond of opensource.org


and quoting from "Unix System Security Tools"
"At best, security through obscurity can provide temporary protection.
But never be lulled by it -- with modest effort and time, secrets can be
discovered. As Deep Throat points out on X-Files: "There's always
someone watching.""
Blue Screen cannot come from user SW. That NT runs on a faulty or
non-supported HW or uses a badly written driver. Do any of this with a
UNIX and will get the same, but called kernel panic.
and also when some part of the kernel code is badly written. and you
seem to be so sure that nt kernel is so good, that it cannot cause these
problems. and i wonder what happened in between, that microsoft promised
that win2000 is going to be much more stable, it it actually turned out
so (for my case, and several others whom i know). hardware and drivers
shipped with them were same. but i admit drivers shipped by microsoft
with their os did change

and strangely enough, i always thought windows has much better hardware
support than linux. but those machines which use to crash a lot with nt
did not give any problems with linux and 2000. (i know 2000 is nt, but
here i am referring to nt4 )
One of my friends is working in a computer company, which are offering and they
run a WinNT web server and he told me that it crashes at least once a month,
usually more often. The Solaris server at our university is now running for
years and it never crashed even once. It only was rebooted to add new hardware.
Than you must have a real good luck. I use Solaris here and I know what
I am talking about :-))) Reboot is once per day on a test machine where
"badly behaving" SW can run.
i would say that you have real bad luck
Yep. First I gave up trying to use Java when I have installed the the
JRE and it crashed my whole Windows 95. I had to reinstall.
interesting. but so sad that such software only exists for windows which
could bring the whole machine down with it.
China, one billion people. Computer shops in China sell Linux 200 times more
often than Windows. The Chinese government plans to increase the usage of Linux
even more (they don't trust Micro$oft, open source rules, as they can make sure
there's no spyware inside). BTW downloaded distributions aren't counted here.
Why don't they trust MS? :-))) I cannot imagine...
Why should i trust M$ :-))) I cannot imagine...
Why should 3d access "over web" to a database be limited to x86 or Windows
users? Why can't it be for everyone? Why aren't people in China allowed to use
it? Because you believe that you can save 5 minutes through a win-only solution
(what is not even true)?
Windows NT is not limited to x86...
and which other platforms are supported?

and finally, is this python-list or what
Boyd Roberts
2001-06-06 10:44:07 UTC
Permalink
Post by Amardeep Singh
Creating a perfectly secured Unix system is equally extremely hard.
not if you know what you are doing
no, it isn't. been there, done that. openbsd seems to be the choice.

i've ignored the 'perfectly' because that is not possible. no usable
system can offer perfect security.

the problem with windows is that the original model was totally
flawed and it has inhereted that right down the line. NT is
a ghastly mess. it's security is laughably complex, therefore
unusable.

someone should teach those kids at redmond how to do virtual
memory and someone should teach dave cutler that VMS sucked.

here is a gem that was fixed by microsoft a while back, but
it demonstrates their basic lack of understanding:

http://www.planete.net/~boyd/fnt.html
Continue reading on narkive:
Loading...