World: r3wp

When did this start?

Almost half a year ago, at least visibly, in hindsight

Other people have the source code don't they?

No, why would they?

Otherwise the community will just rot.

Better pinch your nose

I feel let down. If Carl takes a break he has to entrust the source 
code and development to someone else.

Is there much action on boron?

That makes more of us. The overriding argument for REBOL and its 
closedness was always that Carl was the leader, he always knew best, 
and development always continued

Boron is going steady, but it's an isolated project, much in the 
same style as REBOL. The community is more interested in Red

I heard about it. What's red for?

Programming :-)

haha

How many people are working on it?

Four or five or so

maturity? what can it do atm?

One month :-)

Why is it more popular than boron? Did the boron guy start red?

It can do loops, but not indexing, so you could have called me out 
on claiming it can do programming ;-)

It seems very low level

Yes, so far, but that's only Red/System

What are the plans for it?

Have you read the sites?

Oh, there's a to do list

I was looking for more of a long term outlook

Yes, and an extensive specification for Red/System

The roadmap is in the original announcement

Thanks. How does the community communicate?

google groups or altme?

Here in the Red group, to the chagrin of the creator. :-) Better 
switch to that

:-)

Ladislav, the two most popular desktop OSes in use today are Windows 
XP and 2000. Both will be and have to be supported by R3, and neither 
is secure enough for a regular person to run without antimalware 
software. We don't want R3 flagged as malware *again* (it already 
happened with one of the early alphas). That is why we are putting 
effort into making R3 more secure.

The R3 process needs to be able to save the %user.r file with the 
current user's permissions in order to allow the user to save their 
preferences. And we don't have a safe place to store the checksum 
of that file to compare against, without also making that checksum 
writeable by the user. That means that the checksum security can't 
be used for %user.r.

It makes me a little sad to realize that in order to keep a copy 
of that early alpha I have to keep it in a passworded compressed 
archive, so antimalware software doesn't delete it. I no longer recommend 
AVG because they refused to remove the false positive from their 
list (they refuse all requests from users of their free products, 
regardless of merit, so you have to buy their paid products to appeal).

The R3 process needs to be able to save the %user.r file with the 
current user's permissions in order to allow the user to save their 
preferences.

 - this is the only one I find relevant as far as security concerns 
 are considered. Nevertheless, this does not contradict what I said 
 in any way I can imagine.

How can any program be secure, if it runs in an insecure environment?

 - by adding its own security constraints, beyond those provided by 
 the environment. We have to support running in an insecure environment 
 since WinXP is such an environment. Oh well.

No matter how well you pretend you are able to run securely in a 
compromised environment, it is not true.

Agreed. You can run more or less securely, but it is really a matter 
of degree. We just don't want to make the extremely common bad decision 
to run WinXP any worse, or else they might blame us for their mistake. 
This has already happened once, so we don't want it to happen again.

Do I understand correctly, that there was somebody catching a virus 
and blaming RT for it?

Yup. The last non-public alpha of R3 was flagged as malware. To this 
day, AVG still refuses to remove the (hopefully) false positive from 
its list.

No wait, it was the first public alpha, not the last non-public one.

if r3 is a virus, it's not spreading very effectively!

Agreed :(

I'm really hoping to get the SECURE function working again before 
the current version gets flagged as well. SECURE has been turned 
off since a108.

Unfortunately R3 is not async

Carl's absence continues to block

Are you serious the SECURE function working may be the difference 
between the R3 being flagged or not?

That looks like a joke to me.

Not really, but then I haven't gotten a straight answer about why 
2.99.4 was flagged either. If you still have a copy of 2.99.4, put 
it in a password-protected compressed archive or else many antimalware 
products will delete it without asking you.

I wish I could find more humor in this though. SECURE not working 
really does bother me a lot; even though I joke about it getting 
R3 flagged as malware, if it actually happened for that reason I 
couldn't argue against that.