Slashdot Mirror

Here

And some generic laptops here

Seriously. Did you even try?

For example I think the Linux (POSIX?) file system was written before they invented autocomplete, it's all TLAs like /var/usr/bin/lib/wtf.

In this case it's the file system hierarchy, not the file system. Personally, I think the argument for longer filenames is bogus. Using longer filenames isn't necessarily going to make their purpose any more clear, and for everything outside of the home folder, the novice user should probably not be touching that stuff, any more than they should be poking around in C:\Windows. Being user friendly is not a feature for things that are not intended for casual use. Autocomplete is an even worse argument: I'm not saving any keystrokes by typing /bi[TAB] versus /bin.

However, your example was somewhat poorly chosen in another sense, because while there is no call to make the names longer, at least one major distribution got rid of some of those top-level folders. Fedora likes to move fast and break things anyway, but in this case the historical justification for splitting up the binaries was, well, kind of ridiculous. Thompson and Ritchie created that particular issue a couple years before CP/M inflicted drive letters on us, but forty years later it's still a bug worth fixing. Most of today's code and systems will be pretty hoary in forty years, and I'm not sure I would consider it a virtue if it ran unmodified on my...hmm, well, whatever system exists at that time. One can always use emulation to provide old features, but most of the time I'd rather that not be happening at the OS level.

Given that Windows inherited both 8.3 filenames and drive letters from CP/M, it makes sense to talk about them in the same context. Drive letters are pretty harmless, but having "secret" 8.3 filenames and unremovable folders is probably something that needs to go. Linux definitely doesn't have those kind of problems.

Let me Google that for you: http://www.cyberciti.biz/hardware/laptop-computers-with-linux-installed-or-preloaded/

Without knowing the a actual mechanics of the process (see my post above), I am assuming there is a simplification of the creation and mount/umount process bypassing the LUKS wrapping commands and possibly simplifying the actual creation of an encrypted partition such as the dancesteps documented here:
http://www.cyberciti.biz/hardw...

Replying to myself, but I figured someone reading this might be interested. Linux does support CPU hotplug where you disable the CPU before removing it. Your motherboard might get mad about it if it's not supported by the board, though.

http://www.cyberciti.biz/faq/d...

Rename /bin/bash to /bin/bash.bak then create a link from /bin/dash to /bin/bash ..

Why on earth do you want to do that? If you are running a Rehat distribution on a production machine that is a great way to get fired unless you have the appropriate change requests filled out and even then you would have to install dash which adds an extra level of complexity.

On Fedora 20 as per two days ago:

> env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
this is a test

This is with "bash-4.2.48-2.fc20.x86_64" which does not require a reboot, although if you are like me the latest updates did contain a kernel update as well which does require a reboot.

So at least the latest release of Fedora is patched. As is Redhat 4 thorough 7 see here.

Rename /bin/bash to /bin/bash.bak then create a link from /bin/dash to /bin/bash ..

I know you've said you're trying to avoid screwing it up, but if you want, the CentOS wiki is pretty good for explaining what and why, and since it's a kernel firewall, it applies to Ubuntu too. In fact, I suspect all other "firewall tools" are basic GUI frontends to iptables. If you are indeed concerned about firewalling (though not quite as concerned as crypto-specialists), you probably at least want to have a go at it manually with some easy to understand notes

When in doubt, try it on a virtual machine of course.

I put together a general, documented, script that I run on all my new installs; comment out any lines you don't need. nixCraft has some notes on restarting the Ubuntu iptables/firewall under what I assume is upstart.

That's a great way to lose your ACLs and xattrs including SELinux contexts and exe capabilities. The strings "attr" and "selinux" are not present in "man cpio" in RHEL6.

I used cpio on advice to move my installation from an HD to an SSD in Arch and it tossed all my capabilities attributes. Suddenly, ping would only work for root. It also reset the mod times on all my directories (files were preserved).

tar and rsync will do it right, though. In the version of tar from RHEL6, creating an archive:
        --selinux save the SElinux context
        --acl save the ACLs
        --xattrs saves all user/root extended attributes including ACLs and SELinux context
You can output the data from tar to stdout, piping it into another tar command to extract it to a different desitnation. For the extraction, no special switches are necessary to include the extra stuff archived.

In the version of rsync included with RHEL6:
        -A preserves ACLs
        -X preserves extended attributes including SELinux context

Note: I haven't personally verified the results in detail, but I sure as hell know from experience that cpio sucks donkey balls at this point.

Back in ancient history, cpio could copy stuff nothing else could (notably "special" files such as device nodes), but now the opposite is the case. The special files don't really matter any more, with udev and the like building them on demand.

Reference

Bug report for longstanding brain dead state of cpio, completely languishing unacted upon

Use iptables rules in the router to allow/disallow traffic at some hours of day, see this. You can totally block the traffic, or QoS it to oblivion on hot hours and increase it traffic later (join the iptables rules by hours to set the classid and then apply different QoS to then)

Finally, a caching transparent proxy might help, specially if everyone uses the same sites... it helps the normal browsing (by caching images, css, js, etc) and the updates (local copy if already downloaded). You just need a old computer with some HD and you are done.

For harder to filter services, you can usually block DNS for then... but if you allow it for some time, it might be cached by the clients on peak hours and still work.

Of course, if you control the clients, you can also configure most of then to only download off hours

Finally, you can be a BOFH, permit only allowed traffic and block the rest... or redirect it to some backdoor installer and enjoy the chaos generated

Based on this first Google result for mysql quota I gather that MySQL quotas per database are easy to enforce using an external tool because of how MySQL storage engines map databases to files.

$ curl http://www.cyberciti.biz/deep/link/path/yourimage.jpg -o yourimage.jpg

There is no real video editor on Linux.

A five second Google search proves you wrong.

And what do you have on Windows then? Movie Maker? The program that has repeatedly eaten my friends video projects, and whenever I mention it they react the same way as if I'd mentioned a powerful vampire like count Dracula?

Blender is a great video editor for advanced stuff, and has been used to successfully create atleast three short movies with a very professional look, which isn't bad at all. And you can use it for special effects too! And there is also Cinelerra. For easy-to-use, there's Kino and there is Avidemux.

Now, if we're talking Creative Suite-level, where you get an entire pipeline, then you do have a point. There is nothing like it on Linux - but then again there is no competition on Windows either. So...

Site like howtoforge nixcraft and Linux foundation (official site of Linux) and others have done a great job. On other hand Q and A site like serverfault is a great for *nix problem. Why bother about linux.org? Just go to google and search..

I actually find www.cyberciti.biz to be quite handy if I need to look something up that is Ubuntu related. I do admit though, that this is I think the first .biz site that have ever found that is useful - I guess that makes it the exception that proves the rule right?

if users were to abandon Windows in droves for Linux, Linux would quickly be the target of virus writers

true, but it doesn't mean they would get anywhere

isn't actually inherently more secure than Windows

if microsoft actually used filesystem permissions to protect system files rather than including it as an optional gimmick, and got rid of their stupid click-through privilege escalation dialogs, then maybe, but without those changes, i disagree, and majority of fortune 500 companies would too. there may be millions more windows machines but majority aren't of any value to malware developers for anything other than building botnets for targeting the much more worthy linux targets. history kind of speaks for itself here; windows has an atrocious track record for viruses, and its primary market is consumer and workstations. if a workstation bombs, it can be easily replaced. i think its generally accepted that linux is trusted for servers for good reason.

There is no video editing software for Linux (outside of specialty software)

...that you've heard of. i'm sure if you went digging deep enough you would find something that could do what you needed. of course you won't find any reference to it splashed all over billboards or on tv, and if you already have vested interest (financial, time, effort, etc) in proprietary equivalents there of course isn't much incentive for you to go looking for such free alternative.

top result for google search of "linux video editing" are:
http://www.cyberciti.biz/faq/top5-linux-video-editing-system-software/
you'll also find linux featured prevalently on the wikipedia page for video editing software
http://en.wikipedia.org/wiki/List_of_video_editing_software

i doubt that you would consider putting as much time and effort into learning a free alternative than you already have learning a proprietary product, because spending money on something offers a fairly good incentive to make the most of it. most people don't appreciate something they get for free as much.

If we don't "understand" the ribbon it is simply because we are obstinate

actually the ribbon is merely for the benefit of new office users. if office is seen as easier to learn than free alternatives, then they will be happier to part with their money for it. users who dispise the ribbon are existing customers who have already paid their money and are stuck with vested interest in microsoft products (having spent years learning microsoft ways). it is also a cash cow for training organisations. many users of microsoft office aren't even aware of the existence of openoffice, but if they were they might find that openoffice suited their needs just fine.

Linux users thinks that users who are unwilling to put up with badly designed user interfaces are "lazy"

this was the funniest part of your reply, because you seem to imply that proprietary windows software interfaces are better designed than those developed by "lazy" linux developers. i actually think that many people (yourself included) have been brainwashed into using poorly developed interfaces for so long that you are simply accustomed to them, and anything different is alien and uncomfortable. linux programs are often used by the people that develop them, and as a software developer who uses his own programs i can assure you that it is very much in my interest to make sure the interface is designed as cleanly and ergonomically as possible for my needs. the big difference is that my needs are of a proficient user, rather than a noob. it would seem that you are an expert in the use of software designed for noobs, and a noob in the use of software designed for experts. how do it

http://www.cyberciti.biz/faq/linux-random-password-generator/

This might work nicely for those with access to a UNIX/Linux machine...

For the past 12 years, without using any software (except for what's in my mind--whatever that might be) I've been using two algorithms to mentally generate a unique password for each site that requires logging into an account--now at several hundred and counting, memorization isn't a problem, since the two rules are based on the domain name and how I decided to elaborately positions itself to an American/English keyboard--the passwords easily replaceable, if updating is required. The reason for two instead of just one has to do with the additional security requirements some organisations want to control in how my password is constructed.

Although both rules are general enough to account for any variation and complicated enough in its variety of characters with a decent length to be secure in the classical sense (a random looking long mix of letters, caps, numbers and symbols--improbably hard to remember), there are a few very rare exceptions. For instance, my cell phone account demands, as unbelievable as it may seem, the password's length to be eight, with only letters and digits. When this situation occurs and a couple of slight variations with other clueless Companies, they end up getting that third slacker-catchall algorithm.

So what happens if a site not used in ages has changed their domain and no longer says or knows the original name; or the keyboard is formatted differently? Those 3 forgetful times (out of the 5 times the name changed during the last decade) were simply reset with the email address I always use; the keyboard in another format hasn't happened, but my memory about the character's positions are extremely good--resetting may be option, if I do forget. It's not perfect. Although no one is presently interested in my passwords--there might be a day, for one example, when I discover some new disruptive paradigm shifting technology. When that day happens, the interested parties will, with little effort I might add, be able to hammer it out of me.

http://www.cyberciti.biz/faq/linux-random-password-generator/

This might work nicely for those with access to a UNIX/Linux machine...

Have you ever heard of the Underhanded C Contest. You get points for making the code exhibit some kind of backdoor, extra points for the more it looks like it could've been an innocent mistake (for instance, code where using a less-than-or-equal-to operator instead of less-than operator actually opens up an obscure security hole, and it's a mistake programmers make all the time).

I recommend you look at some of the examples of winning entries. It's amazing what these people have come up with. No number of eyes will find it. Simply put, even if it's a popular open-source project, thousands of eyes are likely to miss a well-placed backdoor like these. And if anyone is capable of doing it, the NSA certainly is.

Still don't believe me? How about the OpenSSH PRNG flaw that went unnoticed for two years, despite being used in servers all over the world. It was due to someone removing what appeared to be a useless line of code, but that code was actually adding some necessary extra entropy to the random number generator. It might've been an accident, or malicious. But the point is it happened, and on a high-profile project.

You may also find an inventory or asset management system useful to make sense of what you have, if its relevant in your circumstances. There is web based or software like http://www.ocsinventory-ng.org/ http://www.tracmor.com/ http://www.pukkapanel.com/ and others mentioned here.. http://www.cyberciti.biz/tips/open-source-it-inventory-control-systems.html or if you use RT there is http://requesttracker.wikia.com/wiki/AssetTracker

There's also a previous /. discussion on asset tracking stuff although perhaps a bit outdated now.. http://slashdot.org/story/06/08/20/0214256/it-asset-tracking-and-helpdesk-software

You ean you can't do this, or this? Interesting.

I know what you're trying to get at - doing those things in PowerShell is possibly more convenient if it's been designed from the ground up for a networked environment - but you shouldn't make the mistake of assuming that you can't do something in Linux just because you yourself do not know how. That's rather hypocritical after what you just said about Slashdotters not knowing how to use Windows.

Not exactly what you are looking for, but shows a neat timeline: Linux distros timeline.

One of the important things to remember is that Bridge is case sensitive. There are lots of guides on the topic, here's one I found quickly that looked OK as I skimmed through it. It works very well once setup. http://www.cyberciti.biz/faq/rhel-linux-kvm-virtualization-bridged-networking-with-libvirt/

would be great if Linux had something as good as this

of course it has. just look at http://www.cyberciti.biz/tips/top-linux-monitoring-tools.html

I think that by now we've accumulated enough Real World evidence about how the GPL has utterly failed in its lofty goals of virally forcing everyone to merge code with the FSF and other projects.

I don't see that. I see steady progress for the GPL. When the GPL came out in 1984 virtually all free software was under MIT/BSD style licenses. It wasn't until 1990 that there was a core of support around the GPL at all. Linus was part of that core and his Minix replacement kernel was a definite second fiddle to the Free386 BSD kernel. There were a few tools available in 1990.

By 1995 you had the LAMP stack and that was GPLed. GCC was GPLed.
By 2000 you had the creation of a GPLed desktop environment (KDE).
Today you have JBOSS, MySQL, and many of the crucial components of operating systems under the GPL.

Where do you see failure. As for Linux not in other areas your first example was financial: http://www.cyberciti.biz/tips/new-york-stock-exchange-moves-to-linux.html

This post is some half day old and nobody here's actually posted about smart host in Sendmail? Guys, you are losing your edge!

It's made for exactly this situation and is jaw-droppingly simple, little more than edit a config file and restart sendmail and away you go. Other mail server softwares should offer similar functionality.

This solves OP's problem completely, is invisible, and makes the mail delivery problem the ISP's problem. (which, presumably, they've worked out since you're paying them to)

How can you claim to be a population of techies and not know this?

So install rssh and restrict that account to pure scp transfer, that is probably all they are using it for anyways. http://www.cyberciti.biz/tips/rhel-centos-linux-install-configure-rssh-shell.html

Nothing of that should be illegal. Come on, you can set up basic authentication in Apache in five lines in .htaccess.

Any URL that doesn't require authentication should be fair game, imho. Anything less than that and we start going on a grey area and the 'net turns into a unsafe place where you can be illegal just by clicking a link.

Beware! The parent's code is the well-known Bash fork bomb.

Ipconfig /all

which outputs the DNS server addresses actually being used.

There are instructions for Linux, also.

If you're familiar with Dig - you can use the commands found on this great article: http://www.cyberciti.biz/faq/dns-cache-poisoning-test/

Why would you not want to use APT on a server? What part of [...], easy security update application [...] do you not want on your servers?

APT has a security update application?

Doing a search the only things I found were like: this, which is from 2006 and just talks about the "special" security repo. Debian.org/security doesn't point to anything like a security update application either.

May be this will help Top 20 OpenSSH Server Best Security Practices

Actually, FreeBSD DOES run on some microwaves. There is a list of compatible hardware.

It is the OS of choice for odd appliances.

Is this type of attack only limited to trucrypt or can it affect other product?

From what I understand it could potentially affect other products unless they (properly) use TPM to avoid this kind of attack by checking MBR against a checksum.

is there a way to prevent it?

Get a mac! Not trolling, from TFA: "The attack is unsuccessful when the BIOS successor the Extensible Firmware Interface (EFI) is at work on the motherboard." AFAIK Apple are the only vendor using EFI on their entire range at the moment. I guess mounting everything read-only, or using a BSD with the file immutable bit set on all system files would work too.

I've been using 64-bit Linux since 2006, and it's exactly like running 32-bit Linux, except you can use more RAM.

You can use more than 4gb of RAM on 32-bit Linux, too. All you have to do is install a Physical Address Extension (PAE) aware kernel:

sudo sudo apt-get install linux-headers-server linux-image-server linux-server
sudo shutdown -r now

"Fuck you." - by RyuuzakiTetsuya (195424) on Friday June 19, @02:16AM (#28385949)

There you go again: When out-thought, you resort to profanity (again, proving my point about you, once more)... predictable!

Face it: All anyone would have to do, is have something along the lines of the code noted (and a bit more to "mess you up", be it blowing some critical file that your system needs to scanning your system & sending back some sort of sought after info. to they) that uses a CHROOT JAILBREAK & bang: It'd do the job... so, again - so much for "your methods of security"... & again, YOU KNOW IT.

----

"The challenge is I have for you is put up some sort of proof of concept" - by RyuuzakiTetsuya (195424) on Friday June 19, @02:16AM (#28385949)

I did: A CHROOT JAIL BREAK is entirely possible & more than just proof of concept, they actually exist!

Ok, here you are, for more evidence thereof -> http://www.google.com/search?hl=en&q=%22Chroot+Jailbreak%22&btnG=Google+Search and here too -> http://www.google.com/search?hl=en&ei=a2c7So6NH4OMtgeF8-n7Dw&sa=X&oi=spell&resnum=1&ct=result&cd=1&q=%22Chroot+Jail+Break%22&spell=1

(PLENTY OF IT EXISTS)

----

"I'm not claiming OS X is anyway invincible, but, what I am saying is that when you consider the typical system usage, OSX, *NIX, BSD, etc. all employ sane enough and safe enough security considerations for the average user and that by telling a user that if they don't follow your guides that you're going to risk your entire machine is pretty bogus. If the OS wasn't shit in the first place, then you wouldn't need to fill in the gaps" - by RyuuzakiTetsuya (195424) on Friday June 19, @02:16AM (#28385949)

The results on malware infestations show QUITE otherwise due to trojans ( and yes, I spent a year fixing what level I & II techs could not a couple years back as part of my job duties, when they failed to do so) says otherwise... & for they? Fighting malware infestations were a GOOD 95% of their days! So, so much for YOUR statements.

I've actually BEEN THERE & DONE IT, professionally. It's part of what made me write up the guide I did for Windows folks, the most used OS there is, & thus the most victimzed because it's the most used, on the most used hardware platform for PC users, in x86... period (& I even put up quotes of other pros in this field agreeing with me)...

-----

"If the OS wasn't shit in the first place, then you wouldn't need to fill in the gaps" - by RyuuzakiTetsuya (195424) on Friday June 19, @02:16AM (#28385949)

That "sheet" as you call it, keeps NASDAQ up & running 24x7, 365 days a year, into the "fabled '5-9's'" of uptime... so much for YOUR opinion (and skills, since you abandoned it, because you did not have the know-how on how to secure it properly)...

Again also: Then, WHY ARE THEIR MacOS X SECURITY GUIDES (from Apple no less, like this one -> http://www.cyberciti.biz/tips/securing-hardening-macintosh-computer-system.html ) that exist for the Apple MacOS X, that are an AWFUL LOT LIKE MINE THEN on MANY POINTS?

Answer that... along with how you'd secure MacOS X vs. the single KNOWN exploit that still exists for it??

(Perhaps because you'd then have to admit that the methods I extoll also extend to YOUR OS PLATFORM OF CHOICE? The one you overspent on, when you could have saved a lot of money by just spending 1-2 hours of time securing Windows, which you us

well lets see

1 salting: a number is added into the mix to jig the results (and this may not be a known number for a particular setup)

2 the password function itself is designed to be slow and the encoder works one way (no decode)

3 anybody that is running with passwords in the /etc/security/passwd is a complete moron (hint shadow is the correct name of the file) http://www.cyberciti.biz/faq/understanding-etcshadow-file/

Okay, I'll play. let us say we set up your "magix low cost dream Linux box" okay? And I just sold it to Joe Bob, who thinks it is pretty and fast. Do you know what happens now? I'll tell you what happens now. he goes to Walmart to get a printer for his pretty new box but oops! Nothing under $200 at the local Walmart works on Linux! But Joe Bob don't know that and picks up a Lexmark.

Now you tell me, oh wise one, how do I magically "correct" that problem? Do I go "LOL Winprinterz!" because nobody in the Linux world has bothered to write an Ndiswrapper for printers? And don't you dare say bundle, because the cost of bundling an all in one that supports Linux just blew your "lost cost" to shit and suddenly he is paying MORE than if he just got a Windows box. The cheapest all in one that I could find that had rock solid linux support was a $120 HP model. XP Home costs $89. So I can give him XP Home and an extra RAM stick and still have a couple of bucks in my pocket. Remember, the user don't give a rat's ass about the "evil" M$ monopoly, they are just shopping on price.

But hey, don't take MY word for it, with my 15 years in PC work, try it yourself. Go online and find the parts for a dual core rig. Now spend God knows how many hours trawling forums to find out if the Mobo hardware is supported. And you have to be exact you know, as chips can change between revs. I have seen a Rev1 with a Broadcom and a Rev2 with a Realtek. Remember if you can't get it to work you are stuck with it, so do your research! And now that you've done that, go and find an all in one printer. Now go and trawl the forums of whichever distro you've done all that research on and make DAMNED sure that it is supported! Remember, you are stuck with it if it don't work! Research! Now figure in the hours that you have put in on research, lets be easy and say $7 an hour. Add in the cost of the printer, all the parts, shipping, and lets say 2 hours to put the thing together and another hour or two to do the updates and tweaks.

You know what I bet you'll find? You just spent MORE cash than you would have simply clicking the "add to cart" button on XP Home. And for what? Do you think the users are gonna bow at your feet because you have "freed" them from teh evil M$FT monster? Nope, as a matter of fact your support is gonna go through the roof as they constantly bring the thing back because this or that doesn't work like their old one did. And remember you don't get to charge them for all these extra hours of support or they will just go down the street to Jim who will happily wipe that box and put Windows on it and make their headaches go away!

Well my dear grasshopper, I hope you enjoyed your reality check and can see now why Linux has a 4 times higher return on Netbooks, which were practically designed around Linux's strengths, compared to a decade old MSFT OS. It ain't your fault, Linux isn't made for home users. it ain't made for home users because all the big bucks are being spent by Red Hat and Novell on server hardware driver support. Which is why I kinda feel sorry for those Linux fans that try to push it for the home. It is like watching a preacher trying to build a congregation while the repo man is taking the pews and the choir books. You see Red Hat says there ain't no money in the desktop. And where Red Hat goes the other follow. Hell even Ubuntu now has a server edition because that's where the money is at.

So don't feel bad. Your own developers are hamstringing you by not bothering to support consumer hardware. But please don't blame MSFT when your own team is stabbing you in the back. The fact that you got this far with zero budget is commendable. But without some serious money put into it Linux will still be a teeny tiny niche on the desktop.

I suspect many of the people "in the audio visual fields" will have a similar problem when considering Linux.

I'm not sure about this. A few big movies ( Shrek 3, The Day The World Stood Still) have been using linux for their visual effects and there is a whole distro geared towards this. I understand these are big things and big companies, but still, it's major.

Can you not dump the output to a serial console or even UDP?

On top of that, passwords are apparently specific to a certain host string. Bizarre. Do I need to use localhost for the actual machine name for local users? What about remote machine without a reverse DNS entry? What's the order of precedence for '%' vs a more specific name?

The manual seems to describe this in the connection access and request access sections. It answers your question on precedence (most specific to least specific, first match wins), but not the others. You would assume that localhost or 127.0.0.1 would work for connections initiated over the loopback interface (i.e. where the client application connects to localhost or 127.0.0.1), but that you would need to use the real public host name if the application is connecting via that. That's how networking works. Interesting point about reverse name lookups not working. Hopefully it's getting the name from there, and not just using whatever hostname the client asserts when it connects. You'd want to use IP addresses rather than host names to be safer. They mention that wildcard and host/subnet notation is supported.

Okay, so to change [the root password] do I use root@% or root@computer? How do I know I changed the right one and there isn't still some root@something entry? SHOW TABLES is easy enough, how about SHOW USERS? Nope, that's not it.

Well, you now know the precedence. The pages I linked to before also tell you that MySQL determines these based on the values in the user table (i.e. mysql.user), so you could just do a SELECT * FROM user WHERE User = 'root' to see what entries exist. From there, you would either have noticed that the passwords were hashed, and so found the password hashing section and executed an UPDATE user SET PASSWORD = PASSWORD(password) WHERE..., or you would have found the SET PASSWORD documentation, or a quick Google search would likely have yielded the more common advice to just do mysqladmin -u root password NEWPASSWORD.

How so? What I said is exactly that. On an unformatted disk you get three options, 1- use the whole disk, 2- custom partiton, and.. wait. there's only two.

I can't figure out what I mean by me over simplifying it because that's what it is, simple.

You word it so that the Windows partitioning step looks like it involves more steps than the Ubuntu stage, when both systems have a partition stage. You even have the user create a new partition for some reason when their disk is most likely already partitioned, and all they have to do is press Enter.

I did that because Ubuntu comes with Office software already on the disk.

You do realise that people use office software don't you?

Again (since you're being purposely obtuse), you cite Ubuntu's inclusion of OpenOffice as an advantage while pretending that versions of Office don't already come preinstalled on PCs or even on the OEM Windows recovery install disc included with the PC. Dell even has a CD with an app that lists all the bundled applications available, and you can just click their names. OpenOffice is also a free download for Windows.

This is nonsense, how can you do a fair comparrison of installing the operating system on a custom pc and come up with "the vendor disk".

Why wouldn't I? What is unfair about pointing out that Windows almost always comes with Office as well? And if it doesn't, OpenOffice is a free download for Windows too. I really don't see the point is of even bringing it up as an advantage.

It's totally irrelevant anyway because it's still not a click install even with the vendor disk. Which was my whole point in the first place.

There's no such thing as a "click install," especially with Linux.

Yes because it would be irresponsible not to download updates for Windows. It's so important that your box can get owned in less then 4 minutes.

Ubuntu never has security problems. Ever.

Get 4 x 1TB disk and minimum RAID 6. Install Linux. Install rsnapshot, which offers:

* Filesystem snapshot - for local or remote systems.

* Database backup - MySQL backup

* Secure - Traffic between remote backup server is always encrypted using openssh

* Full backup - plus incrementals

* Easy to restore - Files can restored by the users who own them, without the root user getting involved.

* Automated backup - Runs in background via cron.

* Bandwidth friendly - rsync used to save bandwidth

You may also find CentOS or Debian tutorial useful.

Good luck!

Get 4 x 1TB disk and minimum RAID 6. Install Linux. Install rsnapshot, which offers:

* Filesystem snapshot - for local or remote systems.

* Database backup - MySQL backup

* Secure - Traffic between remote backup server is always encrypted using openssh

* Full backup - plus incrementals

* Easy to restore - Files can restored by the users who own them, without the root user getting involved.

* Automated backup - Runs in background via cron.

* Bandwidth friendly - rsync used to save bandwidth

You may also find CentOS or Debian tutorial useful.

Good luck!

Fortunately, The Internet has a solution to your problem already.

http://www.cyberciti.biz/tips/linux-limiting-user-process.html

Tells you how to use limits.conf on your system to prevent other developers from doing what I did >_>

I have recently looked into this for a project and here is some information I found.

http://www.cyberciti.biz/howto/question/static/linux-ethernet-bonding-driver-howto.php
http://linux-ip.net/html/ether-bonding.html
http://www.automatedhome.co.uk/Internet/ADSL-Bonding-How-To-and-Review.html

If you want to use two DSL modems, the best option for this is to use actual PCI ADSL modems, such as the Sangoma S518. If you are using a stand-alone DSL modem/router you will be limited greatly by the hardware whithin it. Using an internal DSL card you will be able to directly connect to the ATM network without using multiple bridges between multiple technologies. This allows layer 2 bonding (if your ISP supports MLPPP) instead of just layer 3 bonding. This means you can load balance each alternating bit (much like RAID striping), instead of just by connection (as in the case of server load balancing).

In the US you can find a CLEC (Competetive Local Exchange Carier) in your area. The Public Utilities Commision in your state should provide a list of registered CLECs. Call them all and ask if they provide Bonded ADSL links, and how much they charge. Ask them if they are just a Reseller CLEC or if they are actually a Facilities-Based Colocation CLEC.

CLECs are smaller phone companies. In almost all cases they are much more flexible and customer-oriented. Their support staff are usually the same guys that actually go out in the field and hook people up, not just some outsourced company in India or Pakistan.

CLECs come in two flavors, Reseller and Facilities-Based. Reseller CLECS are just marketing companies, they don't provide any services and will not be able to provide anything beyond that which your ILEC provides. Facilities-Based CLECs actually have facilities and rely on the ILEC as little as possible for providing services. In many cases the copper lines going to your house are all owned by the ILEC so they will need to lease the last leg of the circuit from the ILEC, or your location may be outside of the area they provide service so they will lease a digital circuit to your location and provide the ISP portion of the Internet connection.

On the Colorado Public Utilities Commision website they provide a PDF document of all CLECs in Colorado:
http://www.dora.state.co.us/PUC/telecom/TelcomProviders.htm
Your state should provide a list as well in some form.

If you are using Cable Internet and ADSL to provide even greater redundancy (I would strongly suggest this if reliability is more important that speed) the cable modems out there usually are just a bridge device and therefore you can use one ethernet port for the Cable modem and one ADSL card (or use an ethernet port for the dsl modem, but make sure to turn off NAT on the DSL modem/router and _route_ [not DMZ] all trafic to the real gateway/router/firewall box... don't ever double-NAT as it is hard to troubleshoot and causes all sorts of problems). When using two different providers you will only be able to do Layer 3 connection-based bonding.

Another method is to use a consumer router designed to provide layer 3 bonding and failover. The Linksys RV042 router supports these features, as well as QoS, VPN, etc.

Basically, there isn't a huge difference between how Mac OS X handles log files (apart from Leopard using bzip2 for compression, instead of the gzip that Hardy Heron uses). Logs are in /var/log on both operating systems, and provided that you're using the default Gnome UI on Ubuntu, you can use the Gnome System Log viewer to view them.

You can pull this up by going to System > Administration > System Log, or by typing gnome-system-log into Terminal.

For more information on logging in Ubuntu (with pictures, no less), you might take a look at either this random Google search result or this one. The first has more screen grabs for illustration. ;)

On Mac OS X, you'd use Console, which can be found in Applications > Utilities.

If the German authorities know how to use Skype as a trojan, then I'll bet that others do too.
I'm not too familiar with skype and its relation to firewalls but wasn't there an article or two(and this) about Skype's ability to use voodoo to penetrate firewalls? Any alternative clients? I'm not by any means an expert, by the way :)

Strange that they disable the VMX extensions in their laptops and refuse to allow the owners to re-enable it but then add more functionality to the machine. I'd be happy if they would just let me take advantage of what I thought I was buying. It would also be nice if they would fix the ACPI incompatibilities with nVidia graphics so I don't have to rewrite asm files to get the gpu cooling fan to work properly. I'd go into the whole list of things that helped me to decide to never buy anything with the Toshiba name on it but there isn't enough space or time. This link, however, says it all.

http://www.cyberciti.biz/tips/phoenix-bios-only-works-with-vista.html