Slashdot Mirror

It's drastic, but coreboot with a FILO payload and console on serial port.

May also have a USB EHCI Debug Port option

It also provides debugging output to the serial port eg

LinuxBIOS can report all errors and hardware failures over the serial console. A normal BIOS, even with serial console extensions, will initialize the serial port too late in the game for some failures to be detected, and it will usually fail if the CMOS is cleared.

Industrial Light & Magic (ILM) been using Linux for workstations and rendering farms for years. They said running the apps on linux ran 5 times faster than SGI workstation with the same spec'd hardware! The computer generated special effects on Pirates of the Caribbean were done almost entirely in linux.

Here is a nice write up article about it... http://www.linuxjournal.com/article/6011

If the disk is powered off for many minutes (for example ten minutes) then the savings compared to the cost of spin up will be substantial (it looks like the pay off starts at around 10 seconds after the hard disk has been put to sleep if you read what is written in Extending Battery Life with Laptop Mode). It may even be possible to sleep the disk for longer if everything the user needs is cached (e.g. listening to music sequentially with a big buffer). The killer is that all all those spin ups and spin downs cause increased wear and tear. As such the problem is knowing when it is safe to spin the disk down such that it won't be immediately spun back up again (this may be solvable by forcing a long writeback time at the risk of bigger data loss). See laptop-mode.txt for some examples.

• Linux does much more in the way of disk IO than Windows due to how data is written out of the page cache using pdflush
• Those of us who run journaling file systems will have more disk IO than those who don't
• Memory management has generally done little to no prioritization of which pages are written to disk

This is, of course a vast simplification, but it gets the point across. The linked to article also shows how to use laptop mode to address these issues and extend batterly life (although, it seems to me that there is a trade off in the ability of journaled file systems to perform correctly).

I suspect that this is one of those "side effect of standardization" things: "SSDs", in this context, are quantities of flash with an embedded controller that pretends to be an ordinary magnetic drive(and, even there, most magnetic drives have been lying about their internal workings since shortly after MRL went out of style).

If you want the OS to handle it, the option already exists. MTD, on the linux side(I assume WinCE has an equivalent, I've no idea what; the NT series OSes don't) is a mechanism for doing exactly that. The OS sees the "raw" flash chip directly, and you then run JFFs or another flash-optimized filesystem on top of it.

On the plus side, this skips the cost, and power drain, of the dedicated controller(great for embedded systems), and allows these sorts of fiddly revisions to be made in software. On the minus side, you lose compatibility. Pretty much every motherboard ever knows how to talk to something that looks like a hard drive, and OSes are equally compliant. Not so much with raw flash chips... This is already common, if not dominant, on the embedded side; but I suspect that it is a fair ways off, if ever, on the normalish X86 side(though, curiously, the OLPC actually works this way).

It happens all the time, or so it seems.

If you want to use iTunes you have to get Windows or OS X. It's called minimum requires of their software. If you don't like it, you are free to write an open source equivalent. Or do you think that every MP3 manufacturer should make software that maybe 1% of computer users will use. If you want to sync your iPod with Linux there are options.

Fail.

1. Not available on the majority of Linux installations

Something similar seems to be available in APT:
http://www.debian.org/doc/manuals/apt-howto/ch-apt-get.en.html
Check section 3.10.
And here's the rough equivalent for RPM:
http://www.linuxjournal.com/article/7034

So, what distro is no longer covered?

2. Removing a package is not the same as reverting to an earlier version of the same package.

I guess that you missed the latter half of the last command that I posted:

# emerge -C =package-cat/package-offending-version && emerge package-cat/package

An English translation of that command is

Remove the offending package and install the latest available that's not masked if the removal was successful.

I could have written that command as:

# emerge package-cat/package

and -as I had previously masked the offending package version- Portage would have done the right thing.

So, in summary:

No, you're a towel.

:D

Except this is completely retarded for government computers running linux and downloading new image ISOs via bittorrent.

That's the sexiest thing to come from the Linux community in forever.

In fairness, the previous competition wasn't exactly intense.

They started using it 12 years ago for scanning destination addresses with OCR software. http://www.linuxjournal.com/article/2985 I already know someone is going to say something about that is why their mail got lost, got redirected to /dev/null, etc...

Here:

http://www.linuxjournal.com/article/10257

Does anyone remember it? The author screwed up and coded parts of it on university time so had to revoke the GPL license since they could not prove which parts were or were not university property.

I spent a month compressing a highly scaled video clip and was able to put about 20 seconds on a floppy. I could compress a complex jpeg with the static compressor into 4 - 20k.

http://www.linuxjournal.com/article/4367

Bandwidth wise it's marvelous, it's the number crunching to compress it that's the killer. I'm not a coder and his paper is marginally comprehensible but there is no way I could recreate the codec.

Does "zzzz" get you sex?

Microsoft Spell Check Easter Eggs.

I would not use the cellular to phone socket device:
i.e. Dock-N-Talk, Cell Socket, Hellodirect Cell Docking Station, MyXLink, etc.
Air time is expensive.

If you have the time, build a Skype server for your home phone system.
http://www.linuxjournal.com/article/8592/

It's cheap (under $200) and you get to pay Skype rates instead
of your cellular telco.

Unmanaged code might very well utilize garbage collection through compiler or library support.

That leaves the advantage of providing selective garbage collection in languages supporting manual memory allocation, which can leverage software architecture and performance.

Your statement, as well as the general notion of this thread, that writing code in languages enforcing global garbage collection, is faster or cheaper, is false. Given the situation of enforced vs selective garbage collection, I might even argue to the contrary.

I'm not sure if you noticed, but the Palm Pre is a cellphone. It is not "based" in a fashion on iTunes sync capabilities. It's just another nice feature to have. If apple breaks it, it will be fixed again. If Apple continues to break it, I'm sure there will likely be a lawsuit... because, as has been quoted many times before, that sort of thing is frowned upon by the courts per the Clatyon act.

http://www.linuxjournal.com/article/6538

Apple can't do so or it would've a long time ago.

http://www.linuxjournal.com/article/6538

It's the same reason Dell was forced to give refunds on laptops sold with Windows pre-installed.

Found this article a while ago after having bought a Skype-to-phone adapter (This thing, I forget the exact model number). It basically describes a method of creating a "Skype server" that will provide skype service through the regular phone lines in your house.

Having abandoned the adapter in question as being a bit pointless, I would be ASTOUNDED if the above solution actually worked reliably, but, hey, certainly looks like he put a lot of effort into creating it.

Found this article a while ago after having bought a Skype-to-phone adapter (This thing, I forget the exact model number). It basically describes a method of creating a "Skype server" that will provide skype service through the regular phone lines in your house.

Having abandoned the adapter in question as being a bit pointless, I would be ASTOUNDED if the above solution actually worked reliably, but, hey, certainly looks like he put a lot of effort into creating it.

The last two Linux Journal magazines had articles on disaster recovery: Hack and / - When Disaster Strikes: Attack of the rm Command and Hack and / - When Disaster Strikes: Restoring a Master Boot Record.
Good luck

The last two Linux Journal magazines had articles on disaster recovery: Hack and / - When Disaster Strikes: Attack of the rm Command and Hack and / - When Disaster Strikes: Restoring a Master Boot Record.
Good luck

The idea of making Microsoft pay for the billions of dollars of damage caused by flaws in its products is certainly attractive, but where would this idea leave free software coders?

Probably the same place as always, ie, "you get what you pay for". If the users don't pay you, they can't reasonably expect anything from you. Well, maybe they could if you were to tell them that it would work (but who does that anyway), IIRC there tend to be rules about when people are harmed by relying on something you told them?

First: bravo. You have a wonderful voice and this will certainly open the door for a future in broadcasting. (Though you should invest in a spit-guard or whatever its' called so that your lip-smacking isn't as audible.)

Second: that's too much data at too high a frequency for me ... how about a weekly podcast summing the week's activity (highlights only) in five minutes for an average activity week and ten minutes for a busy one? ("Busy" being relative not to traffic but rather notable insight.) Yes, this will require more editorial work (sorry, and no, I'm not volunteering).

This would be similar to Linux Journal's diff -u, a 3/4-page article within their UpFront section, summing the kernel development news of the past month.

Sorry, should have posted this with the original. Instructions for Linux 2 factor authentication

Look into GOCR or Tesseract if this is the case.

Unless you're really lucky with the images, OCR requires a lot of work correcting errors. It would probably be less work to just be able to add searchable tags to whatever system is used to store the PDFs and leave them as images.

... where he could archive the PDFs and scanned documents and be able to search by keywords?

So, my big concern is the part where you said he scans things from books and articles and so some of the PDFs might just be massive images, right? I don't think you're going to find systems with OCR built in so you might have quite the chore on your hands. If you don't have it electronically or if it's just an image electronically, you may have to implement some sort of process for getting a doc into this system so it can be searched, right? Look into GOCR or Tesseract if this is the case.

Also, judging by your nickname ("Sooner Boomer"), you're at the University of Oklahoma. Why in the world would you name yourself after a group of people who not only disobeyed the Indian Appropriation Act but also moved out onto Native American territory before it was officially declared property of the United States? And then you also chose "Boomer" which refers to "white settlers who believed the Unassigned Lands were public property and open to anyone for settlement, not just Indian tribes. Their reasoning came from a clause in the Homestead Act of 1862, which said that any settler could claim 160 acres of public land. Some boomers entered and were removed more than once by the United States Army." If you are a descendant of either a Sooner or a Boomer, I respectfully do not agree with their actions.

Microsoft delivers what businesses want: Reliability. Long. Term.

I'm sorry, and I honestly am not trying to troll here, but are you fucking kidding me???

Long term? Linux supports pretty much the whole POSIX API and, for graphics, X11. Those were mature before Steve Ballmer threw his first chair. Many serious, graphical programs written 20 years ago for Unix still build and run no problem on Linux. And it's a pretty damn good bet that it I write clean Linux code today, it will build in 2019 version of Linux or its successor. Tried running a Win16 program lately? Or tried lately accessing a web page written in their proprietary dialects of HTML from back in the browser war days? Good luck being able to use those web applications with the browsers that are available in 20 years.

Reliability? Windows servers have historically needed a period reboot, just because. The DoD recently disallowed USB thumbdrives on any of their computers. Hint: it wasn't because of the Linux computers. And what would you rather hook up to the open internet for 24 hours after installing the operating system: Windows XP, or Linux?

Or maybe you're referring to their steadfast trustworthiness as a company. Surely we can trust their products because as a company they're so wise, right? Like their decision to encourage web page designers to include ActiveX controls on the web pages? Or how many apps broke when Vista was rolled out?

I must concede, though, that Linux might just not be ready for mission critical deployments.

But you go with Apple, or Linux and what do you get? Every five years, maybe ten if you're lucky, you have to rebuild and redesign everything to make it work with the latest and greatest.

I can't speak about Apple stuff, but for Linux, who cares if the people shipping a distribution needed to re-compile 50% of the apps when preparing a release, because of some library ABI change? When you have the source code to the apps, and someone else (the distro maintainers) recompile everything for you anyway, it. just. doesn't. matter.

Take a look at this article in the Linux Journal

Linux Terminal Server Project

LTSP

K-12 LTSP

K-12 Linux in Oregon

Linux Journal

'Microsoft leaned on EC to spike open source report'

'One might ask, "Who are these lobbyists?", so let's take a closer look'

That's a common misconception but malloc is not a kernel call but a user land function.

Malloc is implemented in the libc by managing a since large area of memory (the heap). When the heap is full, malloc() increases the heap size by a system call such as sbrk(). On my system (64bit), the heap is increased by blocks of 128KB.

For large data sizes (>128KB) malloc does not use the heap and directly allocates the memory using the system call mmap().

For example, for an application allocation up 100MB the overall number of calls to sbrk() is no more than 100MB/128KB = 800 regardless of the number of calls to malloc()/free() which can be millions. The kernel calls are totally negligible.

There is a nice article here: http://www.linuxjournal.com/article/6390

I suspect many of the people "in the audio visual fields" will have a similar problem when considering Linux.

I'm not sure about this. A few big movies ( Shrek 3, The Day The World Stood Still) have been using linux for their visual effects and there is a whole distro geared towards this. I understand these are big things and big companies, but still, it's major.

No, this is quite mistaken. There are three possibilities here, not two.

First, you buy the copyright. This is what authors sell and publishers buy.

Second, you license the use of something. This is what happens if I license the use of a trademark, if I rent a machine, if I lease a software service which allows me to use a particular program to access it.

Third, I buy a copy. BUY A COPY!! Yes, this is different. There is such a thing as buying a copy, and this is what happens when I buy a book or CD. I then have various rights to do things with this copy which I do not have had I licensed something. Like, to resell it, to burn or destroy it, and so on.

Now, although people keep saying over and over again in regards to Apple that when I buy a copy at retail, I have not bought but licensed. this is NOT WHAT THE COURTS HAVE SAID. What the courts said, in the Softman case, is that they understand why software makers WANT to construe their retail sales as licenses and not as sales, but in fact, they really are sales and not licenses.

"The Court agrees that a single payment for a perpetual transfer of possession is, in reality, a sale of personal proper and therefore transfers ownership of that property, the copy of the software."

"The Court understands fully why licensing has many advantages for software publishers. However, this preference does not alter the Court's analysis that the substance of the transaction at issue here is a sale and not a license."

There's no ifs ands or buts about this. Just read the case, its here:

http://www.linuxjournal.com/xstatic/articles/056/5628/softman-v-adobe.html

People really need to get their heads around this in regard to Apple. There is absolutely no doubt that when you buy a copy of the software, you really do buy a copy in law, you don't license it.

You then go on, when you install it, to click through and enter into another contract, the EULA. But that is another story....

The Mars rovers run Linux.

http://www.linuxjournal.com/article/7570

FWIW, I don't take this as a troll, but anecdotal. If you've held the same position twice, then you're not in a strong position to speak outside of that experience.

http://www.internetnews.com/bus-news/article.php/2244391
http://www.cio.com.au/article/68397/munich_government_chooses_linux_over_microsoft
http://www.linuxjournal.com/article/7008
http://linuxscorecard.blogspot.com/2007/09/this-blog-will-spring-back-to-life.html

Although I'm not citing "privately-owned" businesses, and I'm not sure how many of those there are that are multi-billion dollar concerns, I am suggesting that there are those with more than 10+ years experience making the Linux over Windows call - and leaving it as a exercise to uncover more.

As for number of attack vectors being wider for FOSS than Windows - please, try beer, it's better than the Kool-Aide - really.

It reeks of FUD.

Absolutely.

And all the security articles online have a dog in the fight, from Semantic's report earlier this year to the January edition of Linux Journal. It's all opinion or studies by partisans.

In debate, the reasons why FOSS projects should be secure -- many eyes, many hands, short development cycle, etc. -- they convincing. Something firmer than theory would be nice, though. More positive data, standards to help analyze and compare, would be good and healthy. We all know that bugs and design flaws can persist in open source.

Maybe the security criticism is an opportunity to examine more closely.

-whew first post out of the way-

http://www.linuxjournal.com/content/open-source-force-behind-obama-campaign

My take is that the whitehouse.gov servers are run by the government and have to conform to DoD security guidelines, which have only relatively recently included Linux configurations for certain commercial distributions such as Redhat. So they probably don't have the freedom to redo the servers with whatever they could cobble together with talented volunteers for the campaign.

Anyway, we'll eventually see whether all this talk of change only runs skin deep.

What was this tool you created called, is there a copy online anywhere? What's difficult about a Unix admin setting up a script. And you don't have to use the CLI for everything, you put it in a script and let the machine do it.

It doesn't matter because I didn't release my tool. It is functional and works for multiple directories but I never put enoug features into it though to be comfortable with releasing it. I've used it at work a few times though. The problem with the CLI is that someone must know LDAP in and out in order to write scripts and LDIF files when GUI tools are not available. I find it quicker to use the GUI even though I know LDAP pretty well. Unless I'm doing batch operations the GUI is better.

'These problems have been solved by using OpenLDAP and Samba TNG software'

I didn't see anywhere in that article how to setup the Windows clients to communicate with Samba as the provider of domain services. Since it was left out I assume it is as simple as adding the clients to the Samba domain just as if it were a DC and the Windows clients don't know any better?

"ADS hides replication from you (accessible through Sites and Services snap-in though)"

It really amazes me how MS releases a utility with most of the core components missing and then charges you more for the 'snapins'.

MS doesn't charge for the Sites and Services snap-in. In fact, the 3 snap-ins needed for ADS administration are available as soon as ADS is installed. They are also available in the Admin Tools Pack MSI so you can install them on workstations so you don't have to login to a server everytime to make changes. So I'm not sure what you are talking about. Many diagnostic tools are available as separate downloads in resource kits as well.

"OpenLDAP is too plain and simple .. There are no GUI tools .. I even created one"

What was this tool you created called, is there a copy online anywhere? What's difficult about a Unix admin setting up a script. And you don't have to use the CLI for everything, you put it in a script and let the machine do it.

"you'll need to investigate how to continue making Windows clients authenticate to a non-MS directory"

'These problems have been solved by using OpenLDAP and Samba TNG software'

"ADS hides replication from you (accessible through Sites and Services snap-in though)"

It really amazes me how MS releases a utility with most of the core components missing and then charges you more for the 'snapins'.

It may not be opensourced yet, but Sun has released almost their entire enterprise stack for free for anyone to use, including their DSEE, with unlimited entries. It can synchronize with AD, and they have a good deployment planning guide for synchronizing with AD and there are guides all over the place regarding authenticating Windows off of LDAP servers.

> Do you really expect us to believe that the only secure way of accessing an Office Doc is to quarantine it.
> I thought you had the system totally locked down and AV on all desktops?

As far as I'm concerned, yes. There are far too many vulnerabilities in office docs, and no way for me to lock those programs down. The primary aim of our security practices is to stop malware coming into the building, once it's in we're pretty much screwed. AV is the last line of defence, and one I don't particularly trust these days.

Blocking executable viruses and securing the web browser is easy. Securing Outlook and Office programs is a pain, but fortunately it's not proving too much hassle to manually vet these and we catch 5-6 documents a week that aren't caught by the AV scanning on our email gateway.

I just don't trust AV scanning these days, there's always a window of opportunity for any new virus, and too many viruses are sneaking in under the radar. In the last 18 months I've submitted four previously unknown viruses to the AV companies, two of which weren't detected at all by either Sophos, Symantec or AVG after booting from recovery CD's.

> What are those specialist apps. Do you mind telling me what sector your business is in?

Our sector - structural steelwork, and off the top of my head a quick list of some of our specialist software would be: AutoCAD, Design Review, Strucad, Xsteel, GoData, Farm Design, Multisuite, Procad, Fabtrol, Dema, Union2, Fastrak, Tedds.

None of these are minor, most are absolutely core programs that are vital to our business. To the best of my knowledge, *none* are available under Linux, and at least 4 require some serious graphics capabilities that rule out virtual machines or wine.

> http://www.linuxjournal.com/article/6266 [linuxjournal.com]
> http://en.wikipedia.org/wiki/OpenLDAP [wikipedia.org]
> http://www.bayour.com/LDAPv3-HOWTO.html [bayour.com]

Ok, you've got open LDAP authentication. Now make it as easy to use as Active Directory Users & Computers, with all the functionality (we use a *lot* of it - have you got support for Microsofts IAS there?). You're also missing Group Policy. That sets all our security policies, it configures our computers, and installs all our software.

> http://www.howtogeek.com/howto/ubuntu/configure-how-often-ubuntu-checks-for-automatic-updates/ [howtogeek.com]

Ok, you can do security updates. How about deploying software? What about configuring policies for things like disabling CD-ROM drives, enforcing screensaver timeouts, etc.

> I am surprised as my personal experience is a bit different

I've been doing this a while :) Most of this lot is second nature to me.

> What else do you do apart from locking down and patching?

Everything :-) I'm your proverbial jack of all trades, responsible for:
Servers, Databases, Intranet, Security, Backups, Software Development, Helpdesk, Software Installation, Printers (up to A0), Fax machines, Scanners

We have 13 servers and over 100 individual pieces of software on this network. There are also a further 20+ legacy in house applications in use (mainly visual C++ v5, with the odd visual basic v5 one), and about half a dozen modern ones (developed with visual studio .net or 2005). We have five database servers, a wiki, an intranet, an email server, two firewalls. We run Windows (NT - 2003), Linux, OpenSolaris and ESX, with the Citrix server having been retired.

And believe me, I've simplified things wherever possible. This network is horribly, horribly complex. It took me nearly two years to familiarise myself with it, and we really do use everything I've

'all Office Documents are quarantined before manual release'

Do you really expect us to believe that the only secure way of accessing an Office Doc is to quarantine it. I thought you had the system totally locked down and AV on all desktops?

"it would take a lot longer to get this network working under linux than windows"

I thought Linux did networking as well as Unix, what do your servers/routers/switches/firewall run on?

"the couple of dozen specialist apps that simply don't exist in Linux"

What are those specialist apps. Do you mind telling me what sector your business is in?

"I'm not aware of anything that as easy to use and effective as group policy for securing computers and deploying software"

http://www.linuxjournal.com/article/6266
http://en.wikipedia.org/wiki/OpenLDAP
http://www.bayour.com/LDAPv3-HOWTO.html

http://www.howtogeek.com/howto/ubuntu/configure-how-often-ubuntu-checks-for-automatic-updates/

"I think you'd be surprised just how low maintenance this lot is"

I am surprised as my personal experience is a bit different

"patching software is something we can do in our own sweet time"

What else do you do apart from locking down and patching?

If I understand correctly, the GPL license of the QT toolkit requires all derivative works to be distributed under the same terms, i.e. the GPL.

You understand wrong. Qt is released with several exceptions to the GPL, allowing you to use any Free Software license, not just the GPL. No, you can't write a proprietary app without buying a license, but you are not limited to just the GPL.

http://www.linuxjournal.com/article/6366

"So what you're saying then, if I got this right, is that the best audio system on the planet is the one that you have to write yourself? Awesome."

Yep. That's about right - I want a no-nonsense small and fast system on top of which additional layers can be built.

"Didn't say it was hard. Said no other OS is doing it. Your argument seems to be that it's possible to do something, therefore it's already been done."

ALL OTHER OSes DO THIS ALREADY!!!

In XP you either needed driver support (like in Creative drivers) or a special DirectShow filter.

On Linux you can use ALSA "delay line" plugin: http://www.linuxjournal.com/node/7391/print . Or you can use one of these plugins: http://plugin.org.uk/ladspa-swh/docs/ladspa-swh.html

Vista only adds a nice GUI for these settings. In fact, I'll probably add a GUI editor for delay lines to PulseAudio when I'll have some spare time.

"Show me another OS that, out of the box, has the same feature set that Vista has. Any linux distro. Any kernel. And I'll concede that Vista doesn't have the most advanced audio system. Until them blather on, but you're still wrong."

Well, show me at least one OS apart from Linux with PulseAudio which allows me to broadcast hi-def 24-bit music over the LAN with autodetection based on ZeroConf and I'll concede that Linux doesn't have the most advanced audio system. Until them blather on, but you're still wrong.

Hi

We moved our project from 2.4 to 2.6 during development, because the maximum interrupt latency of 2.6 is so much better. We needed to handle UDP packets within 20 ms. max and occasionally on 2.4 we would have a 60 or more. Going to 2.6 solved our problems immediately, even with early versions.

See this Linux Journal article for more details on our project http://m.linuxjournal.com/article/7190

Bart van Deenen

So buy it with Windows and get your refund.

Consider the refund as a payment by Microsoft for you installing Linux.

Nice. But many times the OEM will try to badger you into signing an NDA, which is one reason you don't see any magazine columns dedicated to getting Windows Refunds. Another thing is that MS has adapted.

Earlier Windows Refunds were possible, because the end-user got a screen with the choice to reject or accept the bend-you-over-the-desk EULA. From there it was a simple, though tedious, matter of documenting the rejection and following all the steps. Now, the OEMs often start up the computer and 'accept' all the licensing conditions in advance, eliminating specifically that path.

So, what now is the correct procedure for getting a Windows refund where the OEM has pre-installed and pre-accepted MS Vista?

"How can this be exploited" when some subtree memeber of a domain can read credentials that should only be given to the top level member, read http://www.linuxjournal.com/content/understanding-kaminskys-dns-bug.

To save the others the hassle, allow me to sketch something. It's trivial to get the domain a000001.amazon.com under your control. It is, believe me, if you don't, just read it up. Well, maybe not exactly a0000001... but something to the quality of $foo.amazon.com can easily be made to point back to a webpage you control.

Next, create a page for the internets most sought after resource: pr0n. Do like the missionaries, spread the word, unlike them you have ICQ and spam at your disposal to get people to visit your page. On this page, refer to $foo.amazon.com

Then have $foo.amazon.com ask for the credentials.

It's not so much that the threat of hijacking a "real" domain name (i.e. amazon.com itself) is too big after a few ISPs toughened their DNS lookups when the patches didn't come quickly. Few ISPs are left that are actually vulnerable to having their caches completely rewritten. Subdomains can still be hijacked (even after the half-assed patch we got lately), and in combination with browsers that send credentials to whatever subdomain, it's a serious security problem.

So buy it with Windows and get your refund.

Consider the refund as a payment by Microsoft for you installing Linux.

Those companies render the output on Linux. The creation takes place on a Mac.

Not strictly true. Mac hardware perhaps. If you just do a name check for the apps used, you will go away with the wrong impression. Many CGI companies used Unix based systems extensively from the start. The old SGI workstations were usually running Unux, and then Linux was brought in to run on cheaper commodity hardware, and reduce the rewrites needed to do the changeover. Basic good business case scenario. Linux was a smaller move and a cheaper option than the expensive workstation grade systems they were using. Which is why Nvidia has been supporting Linux for so long. Cinepaint was a fork of an early Gimp version that was heavily customised for the movie industry. ILM even created EXR, which was open sourced so other apps could use it. It is commonly used for retouching jobs instead of Photoshop. Practically a custom app for hteis very job. Massive, the crowd control software used in movies such as Lord of the Rings and others for animating large numbers of figures also works on Linux, and according to one article I read, works better on Linux than on Windows. Ever wonder why Maya is available on Linux? could it be that the top CGI studios who have been using Unix for years, and are Maya's main user base, and have been changing to Linux wanted it. And if you read up a bit, there are plenty of articles about Linux being used in the production side. Sometimes even on Apple hardware running Linux. http://www.linuxjournal.com/article/9951 An interview with the makers of the Spiderwick chronicles. Not a great movie, but some very nice effects. Linux software for content creation running in Apple hardware. http://digitalcontentproducer.com/dcc/revfeat/video_linux_hollywood/ Basically a rundown of Linux in the high end CGI field. Particularly interesting, and shows how wrong you are. There is way more than you think happening with Linux in the CGI world. Off the shelf apps are not enough by a long shot for the movie industry. They have the money and the technical resources to make custom apps that are strictly in house, and will likely never be released to the wider world. For them, Linux works, and works well. And allows them to use the millions of lines of old code from the Unix days that they still need. So basically.. the movie industry uses whatever works, and some of the really big studios have the resources to overcome any limitations of existing software where required. It is a pity they don't release more of their code, but such is life. They don't have to. And much of it would no doubt be useless without the other tools they use for various things. Although the thought of ILM contributing code to Blender and Gimp is quite a nice one.