xdissent[1], the author of this package, is a HN user, but he has negative karma because his fourth comment was snarky and got heavily downvoted. Even though he's aware of the ban he clings to this handle and continues to post messages seen by almost no one (he posted twice on this comment page [2,3]). The rest of the messages eversince the incident have been fine (enable "showdead" in the user control pannel if you want to read them).
Since he seems attached to the handle, it would be nice if he could be upvoted back to the positive side so that he can once again participate.
He's got three upvotable posts in history (before the ban). His karma is currently at -32. This means that he needs 11 brave souls to break even. You know what to do :).
xdissent: you appear to be still banned (at least, 4 hours after my post, you still were). Since you now have a positive karma, could you answer this post as a test?
You may want to repost your earlier answers in this thread.
2011/9/3 Paul Graham <pg@ycombinator.com>
>
> fixed
>
> 2011/9/3 Pierre-Yves Gérardy <pygy79@gmail.com>:
> > Hello,
> > would it be possible to unban xdissent?
> > See http://news.ycombinator.com/item?id=2955023 for the details.
> > Kind regards,
> > -- Pierre-Yves
I don't seem to see his posts unless I enable "showdead".
I didn't even know karma worked this way on HN. Quite ridiculous, IMHO, to completely hide someone if their karma runs too low. Especially if it can happen by unfortunate accident and ends up hiding a positive contributor completely from view--basically means the system is broken.
The dead-ban system makes the life of the moderators much easier by starving trolls who would otherwise create a new account as soon as they got banned. At HN's scale, it is necessary.
This case is unfortunate, though, but I guess that's why the showdead option exists.
I don't know if a negative karma turns on an irreversible ban flag, or if going back to positive will alleviate the ban. If not, I'll write a mail to pg.
Bad trend in the open-source community. Please don't ask your users to install stuff this way. Not that you can't be trusted, it leads to people dropping their guard.
I kind of view bash piping as the worlds easiest install package.
Unequivocally, it is dangerous to run random pieces of code from the internet, it just seems odd to me that if this same code was in a nice packaged install wizard nobody would say anything about it.
This comes up every time an install script like that is used, and in a lot of cases, it's a warrantless criticism.
Projects like this are obviously targeted towards developers as they're hosted on github. If you really want to check out what the script is doing, just look at the file. Or better yet, clone the repo and use it/install however you want.
> Bad trend in the open-source community. Please don't ask your users to install stuff this way. Not that you can't be trusted, it leads to people dropping their guard.
And what will be the right way to do it? The way people don't drop their guard? `./configure && make && sudo make install`? Or `sudo apt-get install`? How are any of these or many other options seemingly better than this?
You probably mean 'add-apt-repository foorepo && apt-get update && apt-get install foopkg' or 'dpkg -i foopkg' (as root) because as is, 'apt-get install' is innocuous given one uses the default trusted, signed and whatnot repos.
Is it particularly worse than downloading and blindly running the code in separate steps? I don't think the majority of users have ever extensively audited the software they run, so it's not exactly a new trend. If you are capable of evaluating this script, you already know how to do it.
If you install a package via the package managers on debian, ubuntu, fedora, and other major distros you can be reasonably sure that the packages aren't malicious because they've been security reviewed before they made it into APT/YUM/etc. Downloading some shell script off the internet and running it without even reading it first is a really bad idea by comparison.
So, you mean like everything on OSX and Windows, where you don't have such package management systems with (long-standing, trustable) benevolent hosts? Yeah, downloading some application off the internet and running them is a really bad idea - how is this worse?
edit: how about iOS? There have been news entries about them sending data where they shouldn't - that's a curated host. iOS is a lot more sandboxed, but that doesn't make the danger nonexistent.
> If you install a package via the package managers on debian, ubuntu, fedora, and other major distros you can be reasonably sure that the packages aren't malicious because they've been security reviewed before they made it into APT/YUM/etc
When people are delivering software that isn't in the official repository, downloading a script and running it is no less secure than the alternatives.
I'd support this more if they weren't using https - since the user's going to run it anyway, there's no real advantage over any other means of getting this file onto their system. Well-known http:// urls are worse since they allow interesting spoofing attacks if they become popular.
IE7: 13GB
IE8: 8.4GB
IE9: 13GB
Currently, the script will leave the compressed RAR files in place, which means you're looking at something like 45 freaking GB if you don't prune them manually (in ~/.ievms/vhd/). This wasn't a big deal for me on my company workstation, but kinda sucks on my Macbook Air, so I'll be adding a cleanup option shortly. You probably don't need to keep the compressed files around anyway since we take a snapshot like you mentioned.
DLL hell solved indeed. How many versions do you keep?
For what it's worth, the DLLs in System32 are projected out of WinSxS with hardlinks, so they should not take up extra space. You still have the multiple version thing, however that can be somewhat mitigated by making service packs permanent[1].
I have, on occasion, wanted to write almost exactly this script - but the thing that stopped me was that VirtualPC apparently emulates a slightly different IDE controller than VirtualBox, and so when Windows XP starts up in the new VM, it doesn't have a driver installed for the IDE controller, can't find its own hard-drive, and blue-screens. It's possible to edit the registry to install the required driver, but that requires booting into Windows... a Catch-22 if ever there was one.
I was eager to see how the problem had been solved... but apparently Windows Vista and Windows 7 don't have that particular problem, and the IE6 VM (with Windows XP) just says "IE6 support is currently disabled".
That's kind of sad; at least for the light web-development I've done, IE7 and IE8 aren't nearly as fussy and hair-pulling as IE6.
You can't get the VMs to pass WGA so they are only good for 30 days before they have to be reset; which pretty much makes them only good for testing / qa purposes.
This seems like a very reasonable decision on Microsoft's part: they make it easier / legal / quick to test on their platform and more people will support and develop on it.
I dunno, it could be useful for a number of things.
For example, I know a few online banking solutions that are IE-only. The most you need there might be a certificate, so resetting the vm every 30 days isn't such a big deal.
I try to keep the VMs as small as possible anyhow and if you need data, you keep it in a VM shared folder that you map in the Windows guest.
Don't worry I'm sure some bean counter crunched the numbers and they decided it was an acceptable risk.
I mean, if you want a fully functional pirated version that doesn't expire every 30 days and you never have to activate you don't exactly have to look very hard, or far.
I've found IEtester to be really keen to cache code, to the point of having to clear cache's in settings sometimes - clearly not great for development.
Only last week I downloaded the IE9 VM's mentioned here, but got the never ending BSOD-reboot loop when trying to use them in VirtualBox. This is going to make my day when I get back in the office next week!
Personally speaking, I would love to see Google release an offical, downloadable ChromeOS images that could be used with VMWare or Virtualbox. Something like that could be a real boon for some users.
FWIW, my copy of Parallels 6 has a "Download Chrome OS" in its File menu. Last time I tried it, after some delay I was met with a functional copy of Chrome OS (I don't even recall having to answer any questions).
The magic in ChromeOS is the hardware Google uses from the Chromebooks. There is an unofficial site with images for Chromium(?)OS but it doesn't look pretty.
Beyond that I hope they have some better fonts on the Chromebooks.
I can't imagine what would one do with a ChromeOS VM when you have native Chrome builds available. Once the novelty factor wears out (and it does, pretty quickly), there is nothing to be done except delete the vm.
Otoh, I see the value in a secure device like the Chromebook and I think this is what ChromeOS is selling, not just the actual OS.
How do you get away with saying: "With a single command, you can have IE6, IE7, IE8 and IE9 running in separate virtual machines." - when in the first paragraph it says IE6 is not supported.
xdissent[1], the author of this package, is a HN user, but he has negative karma because his fourth comment was snarky and got heavily downvoted. Even though he's aware of the ban he clings to this handle and continues to post messages seen by almost no one (he posted twice on this comment page [2,3]). The rest of the messages eversince the incident have been fine (enable "showdead" in the user control pannel if you want to read them).
Since he seems attached to the handle, it would be nice if he could be upvoted back to the positive side so that he can once again participate.
He's got three upvotable posts in history (before the ban). His karma is currently at -32. This means that he needs 11 brave souls to break even. You know what to do :).
1. http://news.ycombinator.com/user?id=xdissent, comments: http://news.ycombinator.com/threads?id=xdissent
2. http://news.ycombinator.com/item?id=2955430
3. http://news.ycombinator.com/item?id=2955411
.
Edit: 58 minutes later: -10. Thanks to the upvoters.