Critical Security Updates Coming To Windows XP, 8, RT & Server

SmartAboutThings writes "On the upcoming Patch Tuesday on July 9, Microsoft is going to bring some notable security updates, that will mostly deal with fixing issues in remote code execution vulnerabilities, which allow attackers to breach in. The security updates will be applied to all Windows versions Microsoft is still supporting (from XP to Windows 8.1)"

Why?

[Corona+Extra]

I haven't noticed any security problems with Windows. Why do they release this?

Re:Why?

[jellomizer]

OSS groups release security fixes, they are applauded for caring about people's safety and security.
Microsoft releases security fixes, they are appaled that they would let such a problem exist.

Re:Why?

I believe that does happen, yes. But you seem to be replying to a post that denies there being a problem in the first place.

Re:Why?

Probably just the zero day vunerabilities that NSA are using, would be such a bitch if Snowden would choose to publish them

Information thats been set free is useful, isn't it ?

Re:Why?

Yes, because OSS groups are entirely volunteer effort, basically by the users for the users.
Microsoft is a paid product, if you buy it, you expect it to work as advertised, any flaw you stumble upon is money you got cheated of.

I'm still waiting to see a Linux distro that works and is advertised as "Android for Desktop".

Re:Why?

[ls671]

all the issues they left open.

Not *all*, just the ones that aren't zero day anymore and that are too well known by script kiddies. I must be kidding of course...

Re:Why?

[Corona+Extra]

people pay a lot of money to Microsoft

$39.99

Re:Why?

But if your system is compromised, the end result is the same, so that doesn't excuse OSS either. If my Linux-based OS gets hacked, my information stolen and my system rendered useless, I'm not going to just handwave it and say "Well, that's ok because I got it free".

Re:Why?

[erroneus]

Perhaps Microsoft would also be applauded if they didn't hold their fixes open for the NSA and FBI to exploit their customers with.

We used to wonder for the longest time why, when we told Microsoft about vilnerabilities they would refuse to acknowledge them and when they finally might acknowledge them, they would take months or even years to fix. Recent news clarifies this nicely.

Now we can't say if this is true of every instance of every bug reporting, but we have proof that the US government has tainted Microsoft and therefore gives good cause to be suspicious of pretty much everything they do now.

Re:Why?

[jones_supa]

The difference is people pay a lot of money to Microsoft to do one thing, make a good operating system. I'm not paying anything for Linux so I don't expect them to be perfect at all.

That's also why I like Win and Mac: when I pay, I get a premium OS, with less bugs, missing features and crashes, than I have with a Linux desktop distro.

Re:Why?

[hairyfeet]

In case you ain't figured it out so far Windows has always run on the "Star Trek Rule" with the first in a transition being shit followed by the next being decent, at least on the home front (personally I found both NT 4 and Win2K to be pretty solid) such as Win95 crap, Win98 great, WinME crap, WinXP great, Vista crap,Win 7 great, and so on.

But the advantage you get with Windows, that really makes a difference if you are using the PC for work and which you just don't get with Linux, is the ability to completely skip one or more releases WITHOUT suddenly being stuck on an OS without updates that can't run the latest software. Heck other than the testbed at the shop I skipped TWO releases, I skipped WinXP for the most part (Finally ended up with an XP netbox at the shop late in the game) and I skipped Vista, going from Win2K to WinXP X64 (which was just 2K3 Workstation with a different skin) and I stayed patched and able to run the latest software the entire time, in fact most software runs on XP and X64 right now without hassle.

So to me THAT right there is one of the big differences that takes Linux out of the running (well that and the piss poor driver model, but that is another rant) because if you don't stay pretty God damned close to the bleeding edge with most mainstream Linux? You are FUCKED with a capital F. You try skipping releases and suddenly the latest software won't run because it requires kernel X+3 and you have kernel X, it makes it a royal PITA and means that even if the devs go some way you don't want to go, like the mess that was Pulse Audio or the shit that was early KDE 4 and Gnome 3? Too bad, fuck you, you update or its shit time for you.

Meanwhile I've avoided Windows "LOL I Iz a Cellphone, Buy my appstorez LOL" 8 and if the fat bastard doesn't change course I'll avoid Win 8.1 just as easily and I will STILL be able to run all the latest software and games without issue, it'll "just work". Oh and in all my years I have NEVER seen Windows shit all over one of my drivers with an update, Linux has shit on the wireless and sound more times than I care to count, if its volunteers doing the QA and QC somebody needs to fire their stoner asses because they royally suck. Anybody who shits all over Realtek sound? Ought to be fucking ashamed of themselves, no excuse on screwing up the most popular sound chip on the planet, no excuses.

Re:Why?

[ttucker]

[...] like the mess that was Pulse Audio or the shit that was early KDE 4 and Gnome 3? Too bad, fuck you, you update or its shit time for you.

I tried Gnome 3 and it was shit time for me.

Re:Why?

Win98 was pretty crap too until Win98 SE.

Also your tirade against Linux is overused and outdated. And especially funny in light of the situation with DirectX over the past few years.

Re:Why?

[devent]

Sorry that is just not true.

First, the kernel developers have a strict policy for not breaking API or ABI with applications.
See for example: Linus Chews Up Kernel Maintainer For Introducing Userspace Bug "Userspace" means applications.
Secondly, the developers of low level stuff like GUI toolkids (Qt, KDE, GDK+, PluseAudio, etc) are also very strict about breaking compatibility.

On the plus side, Linux don't costs you anything. It's not like you have to pay 80 or 100 Euro to update from Debian Lenny to Debian Squeeze. When Debian Squeeze was finished you just download it and update your system. Costs you maybe half a hour time.

Re:Why?

[Brad1138]

You paid for Windows?

Re:Why?

[Billly+Gates]

Unfortunately Hairy I tried Windows 8.1 yesterday. The UI is even worse than 8.0!

I really did try not to be an old man afraid of change and an elistist as I would lvoe applets on my phone and PC all working together in Harmony in HTML 5 glory.

Now it only scrolls left to right making up and down useless on my mouse and while the start button helps clueless users I kept having to hit it. IE 11 disapointed me and misrendered and wouldn't work on many websites. WTF this is 2013 not 2003! As someone who wants to start a web based business I was hoping IE would have gotten its act together but it tells Apache/IIS to render like Gecko and none of my financial sites worked unless I changed it to tell it to food broken IE 8/9 code. Javascript is the culprit assuming css hacks went away.

Anyway. many users say XP was the greatest Windows OS ever and are reluctant to change. You see their posts saying Windows 7 is eyecandy bloated rubbish over the good XP. Windows 7 in my opinion will be the best OS.

I was so hoping MS got its act together and feel sorry for 8.1 users since start8 and other utilities wont work anymore once that update comes in. It will be fun reading the replies on slashdot once this hits news :-)

Re:Why?

[Billly+Gates]

I am shocked a comment like this made it to plus +4?

Premium or not start using Windows 8.1 and your opinion will change quite rapidly of what a premium OS is. A little hint that start8 to emulate Windows 7 wont work anymore.

Man Macs are expensive and so last decade. But shoot when this computer starts to age which it is begining to show already I wont know what to do?

Re:Why?

[Billly+Gates]

Oh and I will have to say CentOS and Ubuntu LTS are the best bets for what you are talking about. AMD hardware sucks with Linux.

I run CentOS in an emulator. It has old 2010 Gnome 2 which is how I like it and will be supported for years. Will I see the latest apps? Nope, but I do not want the headache either of shit breaking. I just use it for web development and my ISPs all use older but patched software anyway. I like newer stuff but many Linux is not hte simple distro it was back in the 1990s where you just manually tar -xpvf into a / and put a path somewhere in /etc and be done. WinSXS does it right but the XP loyalists shit their pants at bloat when they see it cna grow to many gigs.

Re:Why?

[__aaltlg1547]

Because people care if Windows has bugs.

Re:Why?

[sjames]

Debian routinely maintains security patches for oldstable. Ubuntu has it's LTS releases. Centos releases stick around for quite a while. Not bad for something you can install for free. If you'd rather pay the distro provider for support, there's RHEL. There doesn't seem to be much interest in going back further since the upgrades are free and tend not to fail on older machines. If you need to keep an old release around, I'll bet you could pay for that and get it.

I don't like Gnome 3, so I don't use it. There are two perfectly viable ways to go from there that will just work or you can stay with the older version.

If you really need a newer kernel (it really doesn't come up that much these days), you can generally just upgrade the kernel.

I have seen windows updates shit all over printer and other drivers as well as software.

Re:Why?

[the_B0fh]

So to me THAT right there is one of the big differences that takes Linux out of the running (well that and the piss poor driver model, but that is another rant) because if you don't stay pretty God damned close to the bleeding edge with most mainstream Linux? You are FUCKED with a capital F. You try skipping releases and suddenly the latest software won't run because it requires kernel X+3 and you have kernel X, it makes it a royal PITA and means that even if the devs go some way you don't want to go, like the mess that was Pulse Audio or the shit that was early KDE 4 and Gnome 3? Too bad, fuck you, you update or its shit time for you.

You really based your arguments on what you read on blogs rather than personal experience? Plenty of people still run kernel 2.2 which is about 15 years old now, or 2.4 which is about 10 years old now. And if you run something like debian, it's as simple as "apt-get distupgrade" and editing a few config files.

Or... you know, just not upgrade.

Seriously. Get over it.

Re:Why?

[TheQuantumShift]

I'm not concerned that they are releasing updates, my concern is with how long it takes before they acknowledge a bug and release a fix. With OSS, the fix is released ASAP (at least that's the theory), with proprietary software... Well, here's a car analogy that might help:

"A new car built by my company leaves somewhere traveling at 60 mph. The rear differential locks up. The car crashes and burns with everyone trapped inside. Now, should we initiate a recall? Take the number of vehicles in the field, A, multiply by the probable rate of failure, B, multiply by the average out-of-court settlement, C. A times B times C equals X. If X is less than the cost of a recall, we don't do one."

Re:Why?

[Black+LED]

Classic Shell is free and works in Windows 8.1 Preview.

Re:Why?

[fast+turtle]

You've been lucky then as I've had Realtek drivers shit all over themselves in XP/Vista and Win7 and don't forget the Nvidia debacle. It took them almost a full year after Vista was released before they got stable drivers for the fucking video card. Can't use a computer when the fucking video crashes on you and gaming? Forget it. Fastest way to crash the whole fucking system and have to reinstall. Even Intel has screwed up their drivers (security flaws - remote exploits) causing BSOD's the forced a reinstall of the OS and full drive wipe. No driver is perfect and don't even get me started on Lexmark or HP drivers.

Re:Why?

[techno-vampire]

Personally, I run a Linux-only household. If I want, I can check every day for updates and install any that have been accepted since the last time I checked. If there's an important security update, I can get it as soon as it's ready. If I were running Windows, I'd have to wait until the next Patch Tuesday and hope that the black hats don't ream me out too badly before the patch is released. And, since the patch might be ready one day after a Patch Tuesday, that means that all Windows users might have to sit there for almost a full month waiting for an already-accepted patch. There are many reasons that I don't use Windows on my PC. This is one of them, and not the least important.

Re:Why?

[Zero__Kelvin]

I'm still waiting to see a Linux distro that works and is advertised as "Android for Desktop".

If you see it, you won't see it for long*. ;-)

* Though admittedly longer if you use Bing ;-)

Re:Why?

[brickmack]

There's a nice thing about Linux. You don't like a particular program your distro of choice came with? Replace it. There's plenty of alternatives for just about any part of the system, and it's generally not very hard to swap them out. As for drivers, I've never had any major problems on Linux with drivers for my stuff (though Windows 7 did refuse to use the driver for my graphics card for a while). Not sure what to tell you there.

Re:Why?

[mysidia]

OSS groups release security fixes, they are applauded for caring about people's safety and security. Microsoft releases security fixes, they are appaled that they would let such a problem exist.

They often engage the community in totally different ways. The OSS groups often disclose vulnerabilities, workarounds, and print advisories very early --- they are honest and alert about the threat early.

Closed source OS vendors avoid publishing anything until they have a fix.

Closed source OS vendors have been known to refuse to acknowledge a vulnerability or provide a fix, because there's no exploit code, or because it's just a local vulnerability, or just a harmless DoS or resource exhaustion condition that can be caused.

Closed source OS vendors have been known to attempt to "steal credit" for vulnerabilities or mitigations from researchers who discovered them, for example by patenting ICMP mitigations. -- See Fernando Gont/ICMP mitigations article

The open source products often have a smaller "window of vulnerability"; that is, time between reporting of the issue, and time that a patch is available to those who need it.

The OSS groups don't generally give "special heads up" to large corporations and government security agencies and other organizations, including exploit code, with an imposed delay period before announcing to the public.

The OSS groups often have vulnerabilities fixed before there is an exploit in wide circulation.

Closed source vendors often have malware in circulation, long before remote code exec vulns are patched, AND due to the fact that they are lackadaisical about reporting security issues to the public and rapidly providing fixes.

Re:Why?

But you seem to be replying to a post that denies there being a problem in the first place.

That's because the patches are for "fixing issues in remote code execution vulnerabilities, which allow attackers to breach in", and those vulnerabilities weren't a problem until Snowden let everybody know Microsoft was sharing them with a few US government TLAs.

So you're both right - there WAS no problem while the secret was between Microsoft and the NSA, but NOW there is a problem because you and me and the rest of the world know about it.

Microsoft is in damage control mode right now. They'll reinstate the remote taps as soon as the fuss dies down.

Re:Why?

[armanox]

I've had Windows drivers die on update - the best one that comes to mind for me was my Toshiba laptop (2006). Had WiFi issues with XP SP3 when that came out, and WiFi, GPU and Power Managment really hit the fan in Vista for a short while, and then again in Windows 7 (wouldn't work with the Vista drivers, due to some issue with Toshiba's installers. Had to go through some hoops to get everything working).

For long term stability in Linux, I'm using RHEL. RHEL 5 still supports the software I need it to run, RHEL 6 works well too. I'm considering moving some systems to Solaris to avoid some things that are going to be in RHEL 7....

Re:Why?

[McGruber]

Oh and in all my years I have NEVER seen Windows shit all over one of my drivers with an update

I have an indestructable LaserJet 4 that runs fine under XP and the latest version of my preferred linux distribution. That same printer will not work with Windows 7 or 8 because there is no compatible driver for it.

Re:Why?

[andy_t_roo]

phew, for a moment there i thought you were talking about something other than the windows license :

"LIMITATION ON AND EXCLUSION OF DAMAGES. You can recover from Microsoft .. damages up to the amount you paid for the software. You cannot recover any other damages ... It also applies even if ... Microsoft knew or should have known about the possibility of the damages.

LIMITED WARRANTY. If you follow the instructions and the software is properly licensed, the software will perform substantially as described in the Microsoft materials that you receive in or with the software."

It seems to me that this a) you can't claim more than you paid, b) the software does roughly what is documented, is a universal disclaimer; it doesn't matter if you paid for it.

Re:Why?

[KiwiSurfer]

As much as I would much prefer using OSS, I have to concur with the parent. Windows on my laptop just works perfectly. On Linux however I have problems with graphics (ATI's drivers are not that great, resulting in X crapping itself, occasionally requiring a reboot, once a week at least) and problems with suspending randomly not working correctly (requiring a reboot and losing my work in the process. Even when ATI drivers crap itself in Windows, Windows does a good job of isolating the problem and reintializing the driver. Suspend/hibernate/etc works 100% perfectly under Windows (I can't recall an occassion where it has failed to work). Add in the fact that all the software I use have Windows ports, it's a no-brainer to use Windows (even though I actually use a lot of OSS on top of that). Don't judge people for using Windows -- for many of us it is the only OS that works reliably with the hardware we have on hand.

Re:Why?

[ulatekh]

Are you suggesting that MS Windows comes with a warranty? I'm pretty sure MS Windows is provided "as is".

Re:Why?

[ulatekh]

The difference is, you have a choice! Don't like Gnome 3? (Me either.) There are a plethora of other desktop managers out there. I'm using XFCE right now. MS Windows doesn't give you a choice.

Re:Why?

Jesus fucking christ. A LaserJet 4 is about as close to a "generic" PCL or PostScript printer as you can find.

If you want to run fifteen year old shit, stop being such a whiney little pisser and learn how to fucking configure your computer. Fucking pathetic slashdot psuedo-nerds.

Re:Why?

I have NEVER seen Windows shit all over one of my drivers with an update,

What a load of bullshit!

Windows ALWAYS shits over drivers. I first got burned with the Matrox Marvel G400 TV - worked fine capturing video on W98, but was next to useless on FAT32 because of filesize limitations. Upgraded to XP in the hope of having that resolved on NTFS, and no, it wasn't supported at all. Would have been a big waste of money if it hadn't been for V4L getting it working on Linux.

XP to Vista was worse - I have boxes of gear that didn't have drivers. I haven't bothered with Windows since, apart from work boxes provided and managed by someone else.

Re:Why?

[hairyfeet]

Yeah windows 8.1 sucks ass because Ballmer has a giant boner for cellphones but ya know what? You take a lousy $30 over to Aston Shell and tada! You now have an OS that will look and act just like windows 7 (Or OSX, or XP, hell you can even go Win9X if that turns your butter) that will be updated for TEN YEARS without having the drivers shit all over!

And the FOSSie faction better not feed us the stable kernel ABI nonsense koolaid slurping or "works for me" horseshit or I WILL wallpaper this page with everything from major OEMs like Dell to user after user finding the same thing,Torvalds and crew shitting all over the drivers.

Riddle me this FOSSie faction, if Torvalds is such a fucking genius when it comes to drivers how come NOBODY uses his design? I mean fucking NOBODY,Not BSD,Solaris, OSX,iOS,Android, fuck even OS/2 Warp had a stable ABI, you know the ONLY person who doesn't use one? The same one who is doing the same jerking off bullshit he's been doing since 1993,Linus "I'm too full of myself" Torvalds. well I'll say the same thing about him that RMS said about Jobs, I won't be glad when he's dead but I'll be DAMN glad when he's gone. Mark my words not a month after Torvalds gets his ancient smug ass out of the driver seat the next guy will bring an ABI and tada! Shit will "just work" and he'll be hailed as a fucking genius!

In a way Linux and windows have more in common now than ever, because its NOT the software that is holding it back, its the assholes running the show that screw everything up for the rest! funny that MSFT puts out the most hated OS since WinME and Linux has gained NO SHARE,not a fucking inch, hell there are more people stealing the other guy's product than will take yours for free....how much of a fucking cluebat do you gotta get hit upside the head with? if you give your product away for free and people would rather risk thousands in fines and even possible jail time to steal the other guy's wares than take yours? Then YOU SUCK and should listen to the damned people and fix that shit!

Re:Why?

[JediJorgie]

You are forgetting that 'urgent' critical & security patches don't wait for patch Tuesday. If a vulnerability is really needed, they will release it as soon as it passes regression testing.

Jorgie

Re:Why?

[hairyfeet]

Uhhh I take it you missed the memo where Ubuntu said they are going rolling release across the board so there IS NO LTS, there is just unstable and slightly LESS unstable. Second of all debian is primarily a server OS, that is where the money is spent. Finally that misses the big fucking GOTCHA when it comes to old kernels which is "Won't run shit" when it comes to new software because of the royally fucked up way software will require kernel Y and depend on framework Z and you have kernel R and framework W so you are in a world of shit.

Like it or not there is a REASON why none of the major OEMs will touch Linux anywhere except online sales and even then have 40 warnings like you are about to buy toxic waste,why even though MSFT has put out the most reviled OS since Bob that Linux hasn't gained even a half a percent, and that is because as long as the top of the org is controlled by the "FOSSie faction" that treat it NOT as an OS but a RELIGION, with one kernel dev even writing "I hope we break non free drivers constantly" it'll stay FULL OF FAIL because most folks want a system that "just works" and don't give a shit about your religious beliefs.

Personally I wish they'd do like debian and give up all pretense of giving a shit and just go "racially pure" across the board, then everyone can see just how little hardware actually runs or will stay running without flaming hoops and quit trying to push that horseshit as a viable alternative because its not. Apple is a viable alternative if you buy an all Apple ecosystem but you buy supposedly "Linux friendly" hardware and it'll get shit on just like everything else, see how everyone told you to "just buy Aetheros" for wireless only now you can't, because you see only SOME of it works and then only some of the time with certain kernels until Torvalds craps on it or the network subsystem gets tweaked for no damned good reason...fuck that noise, most of us have been things to do than keep a Windows machine just so we'll have the ability to Google WTF broke in our Linux machine with the last update.

I gave the "Hairyfeet challenge" which frankly was already tilted in Linux' favor (NO exotic hardware, only HALF the support cycle of Windows) and after a dozen different distros INCLUDING debian I gave up, I'm not wasting anymore bandwidth on what is obviously a broken design and until they fix that bullasscrap driver model there is no longer a point of even talking about it, hence why I have been blocking more and more articles than have anything to do with Linux. Funny that while we Windows users wouldn't give a shit if the FOSSies fell off the face of the earth the FOSSies sure as fuck can't let a single Windows article go without trying to push their insanity. Well go sell crazy somewhere else, we aren't buying FOSSies.

Re:Why?

[csirac]

I always do a little research before buying my next computer, to see if there are any Linux compatibility issues. My last few laptops have been Lenovos, they seem to have pretty vanilla intel-centric hardware that works well for me with Debian.

On my recent x230 install I stumbled a bit as it was my first install on a UEFI boot machine, and KDE never remembers that I want the touchpad disabled at all times (it also never remembers how to configure my external display when I dock at my desk) - but meh. Other things which used to be a monumental pain in the arse, Eg. bluetooth tethering, printing, suspend/resume - "just works" now, so I'm probably a little more forgiving than the average windows user for any rough edges (multi-monitor support in windows is definitely superior, especially if you're spanning across different video adapters).

Re:Why?

[kthreadd]

It's not free, unless you're a student and has access to MSDNAA or something.

Re:Why?

[kthreadd]

That's also why I like Win and Mac: when I pay, I get a premium OS, with less bugs, missing features and crashes, than I have with a Linux desktop distro.

Red Hat Enterprise Linux costs money; and that's even a subscription, not just pay once. That must be good then.

Re:Why?

[jawtheshark]

Well, if the OpenBSD project releases patches like this, there is a huge cryout. Of course, it doesn't happen all that much.

Re:Why?

[SgtChaireBourne]

Read that article all the way to the end, they are not going rolling release. That was just is just a proposal for discussion. Later articles show that it got shot down, though this new 9 months of support for the non-LTS versions is almost the same. In practice was probably just trolling from your M$ buddy Rick Spencer who somehow got inside Ubuntu and has been starting to work his toxic magic on it.

Re:Why?

[VGPowerlord]

But RHEL is pretty good.

Unless you want to use something that uses GLIBC features added in the last two and half year... RHEL is stuck on 2.12 released in December 2010.

Which, incidentally, includes Valve's Steam games (and possible Steam itself) which are compiled against GLIBC 2.15.

And since this is primarly a server OS, I'll also note that Valve's game servers have been compiled against newer GLIBCs as well, including the ones for older games like Counter-Strike 1.6.

There's something wrong when another distribution* makes Debian Stable look modern... although Debian Stable is still stuck at GLIBC 2.13 itself. Clearly RHEL can change GLIBC versions between minor versions because when 6.0 released, GLIBC 2.11 was the latest GLIBC version... and 6.4 is using GLBIC 2.12.

Incidentally, Fedora doesn't have this problem.

* Two distributions actually, since CentOS is a clone of RHEL.

Re:Why?

Another nice trick that does not work.
I have my software running on any win32 version a single installer required.
On Linux, I need a DEB installer, an RPM installer, a TGZ for slackies, to not mention arcane pm formats like SLP, and it is just the beginning, as I need a i386 (in some cases called 586...) and an AMD-64 package, and no, it is not enough, I have to tweak desktop integration for KDE, and Gnome, and Unity, and XFCE, and Mate, and etc etc... but wait, it is not even finished here, still each f** distro requires specific tweaks to run properly on it, and each new version comes with new issues to solve installer side before a package can be considered optimal.
Sorry, compatibility is why Linux is not relevant and will never be: Dalvik is relevant, Linux is fungible.

Re:Why?

[jones_supa]

Here's a sampler of my typical issues with desktop Linux.

- some button does not work on an GUI
- ACPI keys don't work properly
- audio pin mapping is wrong
- graphical glitches
- programs failing with obscure error messages
- poor hardware performance
- devices in confused state after suspend
- WiFi getting stuck
- failing DVD burning

I'm sure someone now cherry-picks an item from that list and says "Seriously? I've never had a problem in that area." But I still think the general idea gets through.

Next time when you do a Linux install, do this test: grab a little notebook, observe carefully what is happening and write down all these little things that come up. I think you get a nice list there and discover how the quality assurance department of current Linux distributions is not strong enough.

Re:Why?

[sa1lnr]

Yes there is, when you get to select printer window click on the windows update button that will update the
HP printers. iirc there will now be two HP categories in the manufacturer window. Laserjet 4 will be in there now. Got a LJ 4L working fine on windows 7 64bit here. :)

Re:Why?

[RaceProUK]

There's a fair few third-party replacement Windows shells out there too.

Re:Why?

[ILongForDarkness]

Yeah where as flaws in OSS is just time you are cheated out of.

My phliosophy, your mileage might very, is that for boring stuff I get the paid solution for interesting stuff I look for a OSS (torrent clients, media players, games etc). My thinking: a boring project will only get updates while there is a reason for the developer to be interested in it. Once a boring project becomes "close enough" contributors tend to go away. But with paid software they have an incentive to do the dull bugfix workflow optimization part of the thing.

Conversely, interesting projects will have oddles of people wanting to contribute and can pick and chose the best contributors, probably won't die out any time soon etc. vs a paid for solution which will generally suffer from limited staff, other reasons why a rockstar might not want to work there (can't get the proper work visa, doesn't want to live in a dull town, company is known for dictatorship style management, unwilling to try new technologies etc). Generally once something is good enough to attract a lot of attention it all becomes milking it for revenue: new features will get added only if they add to the bottom line and integration with others almost always will not be something that is thought to add to the bottom line so you'll end up with lots of little islands of fuctionality.

Re:Why?

[Eythian]

One of the things that your link quotes Shuttleworth as saying is "Strengthening the LTS point releases".

That would seem to be the opposite of not having them.

Perhaps also have a look at the bit where he says he's not going to have rolling releases.

Re:Why?

[ILongForDarkness]

Bad admins will be bad admins. In my experience it cuts both ways. Linux is considered rock solid so only touched when a functionality needs to be added to the server or a major update of a package (say apache or samba) comes out. The rest of the time the server is left alone so "we don't break anything". Windows admins in my experience at least are much more tolerant of taking systems down for maintenance. Everyone might be at the same patch level post patch Tuesday but the patches in my experience actually happen. They just send emails out saying something will be unavailable for a couple hours in an evening and life goes on. In my *nix admin days it was much more important to see that the 393 day up time of server X make it to 400 then to worry about silly things like upgrades or patches: the firewall was allknowing and wise and will protect us from everything after all.

Re:Why?

[jellomizer]

The thing is Windows actually runs better than Linux, for a lot of systems. Linux is good on servers, however for the desktop environment Windows actually runs quite well especially for the Moderate-Moderately Advanced users. Basic Users are fine with Linux. Click the button you open you app. Advanced Users are fine, being able to tweak every little detail. But the middle ground is where Windows Shine. Able to add new hardware that works without hours of googling to find you well recognized brand isn't fully supported so you try some Beta stuff and get the additional hardware to barely work. Having your system perform moderate server tasks, File Sharing, Print Sharing. Is fairly easy in windows. As well there is still a bunch of software that you can buy for windows that isn't avaialbable for Linux. However most GNU apps do have a windows port.

Ever sense XP Windows hasn't been a big crashing systems, I have actually seen Linux Crash more times than Windows over the course of 10 years, but that goes back to the issue of drivers.

Re:Why?

[Kjella]

The kernel is a bad example but I remember I wanted one feature in the new KDevelop, that required a new version of some KDE libraries, that pulled in the rest of KDE and that again pulled in everything including the kitchen sink. Maybe I could have gotten around it by compiling things manually or the packages were too uptight about their dependencies but at least in practice Linux distros don't like you mixing and matching. Of course the distro upgrades are free and shouldn't cause problems, but if you just want to keep what works and snipe a few new things it's hard.

Re:Why?

[Princeofcups]

You really based your arguments on what you read on blogs rather than personal experience? Plenty of people still run kernel 2.2 which is about 15 years old now, or 2.4 which is about 10 years old now. And if you run something like debian, it's as simple as "apt-get distupgrade" and editing a few config files.

Or... you know, just not upgrade.

Seriously. Get over it.

Just try that in the enterprise. I have Linux servers in our DMZ at work that are constantly raising red flags to our PCI auditors. I am constantly patching those things, asking for security exceptions, etc. And this is with RHEL support, not a roll your own. Try running a mission critical application on such a box. Luckily they are just minor services like FTP.

I'm supporting Windows here. I'd rather have a Solaris or AIX server any day.

Re:Why?

[sjames]

I'm using Debian on my desktop right now to reply to this. If that doesn't float your boat, try CentOS or RHEL.

I haven't seen any of this mythical software that requires the latest and greatest KERNEL to work.

Re:Why?

[LoRdTAW]

"(well that and the piss poor driver model, but that is another rant)"

Riiiiiiight. So when you take a windows 2k/XP hard disk from one PC and install it in a PC with different hardware it will boot without problems? At best Windows will BSOD in a reboot loop as it is dependent on the IDE/ATA driver it is initially installed on. Safe mode doesn't work either. Then there was the fun problem of moving from a uni-core (P3/Celeron) machine to a multicore, hyper threaded or dual socket machine because of the HAL. Moving windows after a hardware failure was a fucking nightmare if the hardware was obsolete and no replacements (maybe ebay). If you couldn't reset the drivers by deleting them in the control panel before shutting down and moving the disk to a new machine then you were in for a fun day. Usually the only way to do it was to perform a repair which simply restores the windows files. Then you have to spend a day re-installing the damn service pack and 100 or so updates. Admittedly Windows 7 and even Vista were a lot better. Don't know about 8 because I have only used it at a friends house and I have no need to upgrade.

Linux? Just move the disk to the new machine. Linux happily will auto detect the hardware and load appropriate drivers. You may need to do some tweaks, mainly with the video drivers and MAYBE the xorg config but that is because of the closed source nature of said drivers. Never had a sound issue since PCI devices became the norm. But I will admit that some games, mainly Doom 3 didn't like Pulse audio on Ubuntu 8.04 but a simple command line switch fixed that (pulse audio + ubuntu at that point was a mess). Using Linux circa 1999/2000 when I first started working with it was somewhat difficult to install and configure (Redhat 6). I had a lot of trouble trying to configure my ISA modem and sound card to work, there was something else too, I forget. I gave up on Linux for a few years because of ISA cards. Around 2004/2005 I discovered Knoppix and it turned me on to Debian and then Ubuntu. By then I had better hardware which had all PCI devices. Since then It has been a pleasure to work with. I had far fewer hardware problems in Linux than I did on XP. If there was a hardware problem it was simply because a driver did not yet exist. Older software which might not work is due to linking against obsolete/old 32 bit libs or libs that have since deprecated certain calls. Most of that is probably because of poor development and I have rarely come across it.

Be happy that GNU/Linux is always in a state of flux as it allows more bugs to be squashed as it evolves. Most of the security nightmares that Microsoft has dealt with are because of the constant need for backwards compatibility.

Re:Why?

[colablizzard]

You are forgetting that 'urgent' critical & security patches don't wait for patch Tuesday. If a vulnerability is really needed, they will release it as soon as it passes regression testing.

This is fine. Sometimes holding back on an update means that Administrators can plan for an update and be prepared to install it as soon as it is disclosed. Unlike OSS that just plonks it out. You cannot plan for their releases.

Re:Why?

[sl4shd0rk]

Microsoft releases security fixes, they are appaled that they would let such a problem exist.

MS has this large, complex codebase which they let nobody see. They have assumed the position of sole maintainer with the understanding that they will maintain a secure and stable platform for their user base and their users need to ask no questions. This is simply not the case. Time-and-again MS has released patches to fix patches which were supposed to patch application "blah". They've created nothing more than a shell game for the exploit community where they only need to find where the bean was moved this week. Oftentimes, the patches have unmentioned side-effects which end up being a week or month long "Where's Waldo" bug hunt while production systems are hobbling along in the mean time. This is what becomes scary and frustrating about MS with their patches.

In contrast, OSS allows for anyone to download and fix problems they find with the codebase. No, not everyone does. In fact, hardly anyone does but the point is this mechanism *is* there. It also allows for a project to fork (given the appropriate license) if it become insanely popular and consequently swallowed up by a large competing corporate entity (MySQL, Drizzle, MariaDB). Also, the communities formed around an OSS applications often help when patches break things. There is much more transparency so a problem you may be having most likely affects someone else too and you will be able to find out about it without having to worry that postings have been hidden or removed because the Marketing dept. said it was bad PR.

The reasons people are angered with MS goes beyond just patches. The OSS world has it's frustrations too but given the choice, I would much rather work on a broken OSS package than a proprietary one.

Re:Why?

[McGruber]

If you want to run fifteen year old shit, stop being such a whiney little pisser and learn how to fucking configure your computer. Fucking pathetic slashdot psuedo-nerds.

Good to see an Epson employee posting --- the more time you spend on slashdot the less time you have to spend on figuring out how to put even less ink into your "full" cartridges.

Re:Why?

[hairyfeet]

You REALLY should have posted that as non AC as it REALLY deserves to be modded up! The only thing I would add is on the system builders side you also get "Hardware roulette" where you will ALWAYS lose, because no matter what hardware they tell you to get today Linus and Co WILL shit all over it in the future.

Intel? Well you can have SOME Intel but not ALL Intel because some GPUs were made by a third party that isn't "racially pure" and therefor won't work, hope you like memorizing names and numbers, most of which won't even be on the box. AMD? Well SOME chips work but not ALL chips and some of the AMD drivers get shit on quicker than other and the FOSS drivers, despite being handed the specs on a silver platter, pretty much work well only on shit you can't buy at retail any more so good luck with that. Aetheros, which for me was the final straw where I told the FOSSies to go fuck themselves, was CONSTANTLY touted as the "must have" wireless chips for Linux...until a kernel update shit all over about 25% of the Aetheros chips and now some of the work with WPA 2, some work with WPA, some will only work with WEP (fucking worthless) and others? Well if you want a connection that lasts more than 3 minutes at a time you better just open that router to the world pal, otherwise driver fall down and go boom!

Offer a product that WORKS Fossies and we system builders would be HAPPY, fucking joyful even, and would switch teams in a fucking heartbeat without a second thought. Think we LIKE MSFT? Think they treat us well? They squeeze us for every Shekel they can, nearly 40% of the cost of a low end build is fucking Windows licenses! Where the fuck do you think the "Hairyfeet Challenge" came from? Even tilting the test in FAVOR of Linux, with NO exotic hardware (hell I didn't even hook up a printer) and only HALF the support cycle of Windows and Linux still fall down and go BOOM!

We can not and WILL NOT hand out systems that will break on first update and tell our customers "Google for fixes Noob LOL!" and the simple fact is your shit IS BROKEN, the fundamental design just doesn't fucking work.

Re:Why?

[jp10558]

We have Lenovo Thinkstation and Thinkcentre desktops all up and down the line, and some Ideastation USFFs that all run Scientific Linux 6 out of the box. We've done updates through SL6.0, 6.1, 6.2, 6.3 and 6.4 and all work. SL6 is supported for 10 years. The hardware will be recycled before SL6 is unusable, though we'll likely look at SL7 when released for new features.

I suppose if you buy random e-machines and want to use a random assortment of distros you might have issues, but heck, if you wanted to use every version of "supported" Windows, from XP x32 to 8.1 on a random e-machine, it might not work well either (I haven't seen hardware with drivers recently for XP, Vista, 7 and 8... many drop Vista for instance)...

Re: Why?

And, don't forget to multiply the number of releases for possible widgetsets/version, as it may bind gtk.x or qt.y libraries... multiple choice is so nice!
Plus, spare the package count for Code Purists, they will ignore anything in binary form, asking loudly for source code, save not being able to compile other than plain c code requiring standard gcc compiler options... until gcc updates and changes things around. And you should better don't even expect them being able to compile another language or framework!

Re:Why?

[hairyfeet]

Built hundreds of systems, supported even more, never seen that happen with Realtek, hell never saw anything more than their stupid "HD Deck" app not run with Via, only problem I've seen on sound is some of the old Sigmatels are badly supported but that is Sigmatel, they have ALWAYS had piss poor support when it comes to their stuff.

As for Nvidia I take it you missed the behind the scenes drama? Since you did I'll fill you in, less than 4 months before the Vista RTM was to happen MSFT basically gutted a good chunk of the video subsystem so that they could come up with "Vista capable" to make Intel happy who had an assload of really shitty 9xx chips in the warehouse and knew that if none of those chips could not run on Vista they would get stuck with that shit so they pushed and MSFT caved. this of course pissed off Nvidia who already had great running drivers in Vista beta 1 and had to throw out ALL the work done and had to start from square one (because the Intel 9xx chips did a LOT of their "GPU" work in software on the CPU such as T&L which wouldn't run under the Vista driver model, hell even with the MSFT hack they couldn't run Aero on the things because it was too slow) which naturally pissed them the fuck off so they delayed releasing new drivers to give MSFT a nice support nightmare as a middle finger for changing the model less than 6 months before release.

I'm sorry if you were one of the unlucky that got burned by that but thankfully that kind of behind the scenes drama is VERY rare, in fact the only other major driver drama I can think of involves the card somebody down the thread is complaining about which is the Matrox GPUs. Did you ever see that video where Bill Gates plugs in a USB printer and Win98 gets a BSOD? Well now you know why Matrox was persona non grata at MSFT, it turned out the Matrox driver was basically hijacking a chunk of the video subsystem (against the design guidelines natch) and if anything tried to access that system in a way it didn't like, like say a wizard trying to pop up when you plugged in a printer? Crash goes the system.

Re:Why?

[jp10558]

Or, you know, buy some software (the proprietary method) that makes that work for you. Acronis B&R11 or O&O DriveImage6 will let you boot their device, do an in-place machine independent driver "fix" (you just need the "F6" driver accessible to the boot CD) and boot the device with HAL and mass storage (and sometimes network) drivers all fixed for you. Install other drivers (often video) and you're golden. All for $80 or so.

Re:Why?

[jp10558]

I find it's more about mainstream appeal. If there's something that a large percentage of computer users might use, such as a web browser or a file editor, there will be several very good proprietary and OSS solutions to choose from, all kept up to date, and at least a couple very good at what they do.

The more niche you get, the more you tend to find one or may two half baked solutions, whether it's proprietary or OSS.

Re:Why?

[LifesABeach]

Oh gooddy, something new for my bot farm before I start my junior year in high school. Thank you.

Re:Why?

[LifesABeach]

No, "as is" is the warning label.

Re:Why?

[hairyfeet]

Riiiight, so if you ONLY buy high end workstations that are ONLY gonna run a niche Linux that is ONLY designed for laboratory work then and ONLY then it will work great....now explain how in the fuck is that supposed to have a damned thing to do with consumer desktops, which was what the whole damned thread was about?

You see THIS is what i hate about geeks in general and FOSSies in particular, they think that just because they run some ultra niche OS designed for some job that less than 3% of the people on the planet EVER do, that means their experience applies to all. Well i have been working computer retail for nearly a quarter century pal and I can tell you that 99.995% of the people are never gonna be running CERN applications so Sci-Linux is worthless to them. Hell you might as well talk about how great eComstation works in high freq trading apps for as much as it has to do with normal folks.

Re:Why?

[jp10558]

Well, to feed the troll:
SL happens to be RHEL / CENTOS - so I imagine, as it is, free - anyone who wants to download SL or CENTOS could use it. It's got very little to do with scientific stuff any more than Windows (which we also use, but generally have so many problems with - though that may be more Labview) other than the name. I wouldn't go off saying who uses an OS made for looking outside through (snarking on the name or manufacturer) - it has little to do with CERN, and actually, CERN has a different OS SLC, not the one I'm talking about which is built at Fermilab. But whatever.

And I said that the Thinkcenters are up and down the line, and mentioned Ideacenters - way to miss what I was saying. The Ideacenter Q150 retailed @ $350. If your getting them cheaper or more consumer focused, you're getting a deal I've never seen. The Thinkstation I'm thinking of is all of $600 with a Core i3 when it came out. Again, very consumer pricerange - even offered with a Windows License, so you could use Win 7 Pro - just because retail workers know jack about what is offered from reputable manufacturers doesn't invalidate the actually knowledgeable IT workers positions.

Now for a great car analogy in the slashdot meme - just because you may think you can only get a Chrysler 200 in a low end car doesn't mean you couldn't have picked up a Nissian Sentra for the same money with far less chance of issues down the road.

So yea, forgive me if I suggest you not spend money on crap hardware at rip-off Worst Try. Forgive me if I suggest you consult professionals rather than salesmen if you want to get quality equipment. And forgive me if I like to use what works well instead of whats popular.

Re:Why?

[hairyfeet]

How is it a "troll" to show you are saying "My boat gets great gas mileage" when the topic is trucks? because that is EXACTLY what you did friend.,/p>

First of all, from the Sci-Linux page...SL is a Linux release put together by Fermilab, CERN, and various other labs and universities around the world. Its primary purpose is to reduce duplicated effort of the labs, and to have a common install base for the various experimenters.....Now WTF does that have to do with consumer desktops? i really wanna know how something designed for HPC particle work is relevant to this conversation.

As for CENTOS, first of all its a RIPOFF made by a company that USED to buy RHEL and then decided to rip out the trademarks and sell it on their hardware, feel free to look it up, and have you already forgotten how the entire project shut down for nearly 2 months like a year and a half a ago because ONE GUY bailed? Have you already forgotten the mad scramble as those cheapskates that had been using CENT over RHEL had to make a mad run looking for a replacement? yeah THAT is whom I wanna trust, a ripoff company that is run so shitty a single guy bails and it nearly goes tits up...nice.

And again i want to hear WTF has ANY of that got to do with consumer desktops? Last I checked RHEL was a SERVER and WORKSTATION OS, with a VERY limited focus on...surprise! Server and workstation applications, which FYI that NONE of the consumers are gonna be fucking using! Consumers DON'T BUY $1000 workstations, they DON'T USE workstation or server applications, you might as well have said "here replace that laptop with this router" for all the good that suggestion is!

At LEAST try to stay on the topic which is "consumer desktops" which HAS TO run on consumer hardware, HAS TO run programs geared towards the consumer and HAS TO be solid and reliable enough that it will last the user without needing CLI bullshit or Googling for fixes for the average life of a system, which is now 5-7 years depending on the hardware. at the end of the day your "solution" simply doesn't do the job required, no different than that guy that told me with a straight face and with all sincerity that I should move consumers onto RHEL and have them pay $300 a year support contracts so they can have the 'freedom" of running Linux...LOL.

Re:Why?

[jp10558]

You keep moving the goalposts. What OS do you know that works like that?

It's certainly not Windows. If you think the average user can get a Windows install to last 5 years without hiring "expert" help to deal with on of a myriad of issues, and without *ever* googling how to do something, you have a very select group of users.

Maybe you're thinking of MacOS, which I could believe, but then I realize most mac's except the mini cost over $1k, so it's not that.

I think you're imagining an OS, which explains much of your responses.

Re:Why?

[RobertM1968]

OSS groups release security fixes, they are applauded for caring about people's safety and security. Microsoft releases security fixes, they are appaled that they would let such a problem exist.

No, some of us are appalled that they have the balls to tell us "Oh, it's really fixed this time" and then still have to patch a vulnerability that's a decade or two old. How many "it's really fixed this time!!!" patches are there for .NET? And gee, looks like they missed what's being deemed as a major vulnerability in *XP* - if memory serves, XP is getting kinda old.

It's not that there are vulnerabilities... it's (a) the quantity, (b) the amount of effort they put into hiding them, (c) the "ooh, it's fixed" stuff they post on crap-ass hack job patches and (d) the length of time it's taken to fix various major vulnerabilities - even often after they've been found and announced by others.

Re:Why?

[LoRdTAW]

Or, you know, not having to spend $80+ for a utility that fixes a shit design.

Re:Why?

[the_B0fh]

You said RedHat. Even redhat should have long term support where they backport security fixes. I know they do.

Or go with something like Debian. Far better. But I understand - "we need support".

Re:Why?

[jp10558]

My point is it's well known that in the Windows world, you're expected to buy software add ons to increase functionality. In the Linux world you're not. Don't confuse how the ecosystem works between OSs. Hell, don't use a paid OS and then complain that utilities aren't free!

Re:Why?

[hairyfeet]

The ONLY person moving the goalposts IS YOU. I have been posting here for ages, everyone here knows I run a RETAIL shop, and I sell to Joe and Jane Average, your Brian the backhoe operater, Bill the Bank teller, Mary the checkout girl, the people YOU HAVE TO SUPPORT if you expect Linux to EVER become more than a hobbyist niche OS like Haiku.

And what do Linux advocates call "solutions"? Sci-Linux, RHEL with its minimum $300 a year for updates, the mess and drama that is CENTOS, ironically they have NO choice but to move the goalposts because the ones that are supposedly aimed at consumers is laughably terrible, like Ubuntu whom Dell, one of the largest OEMs on the planet, couldn't keep working on a single netbook without paying a team of devs to run their own fork. Now Dell can call Shuttleworth at home if they wanted, if THEY can't get drivers that will stay working thanks to the fucked up design who in the hell can?

In case you missed the memo its consumer consumer consumer now, with everyone focusing on the consumer, yet all i get told is that your "solutions" are either targeted at niches so small that you could fit every user in your average HS gym and have seats left over, cost waaaaay more than Windows (as I said $300 a years just to get updates with RHEL which again is targeted at workstations NOT consumers) and told this is viable. Bullshit, its not, and its the reason why Walmart, Staples, Best Buy, Asus,MSI, I'll be happy to wallpaper the page with citations if you wish, they ALL tried Linux and ALL found it wanting.

Re:Why?

[jp10558]

Did you even read the comments on your link?

Quote
[
I don't think Ubuntu is the problem, my girlfriend and I just bought 2 inspiron mini laptops with XP on them and hers blue screens every 15 minutes or so. I haven't even turned mine on. With hers being so screwed up I don't even care if I ever turn mine on.
]
[
Oh, and maybe the reviewer didn't notice people in the Dell forum complaining that the machine drops it's wireless connection under XP too....
]

I'm not sure what your point is then. Dell makes crap netbooks? Well, hell, I wouldn't buy Dell at all because all their computers seem to be shitty. You buy crap, you get crap? Is that supposed to be news?

Anyway, if you buy hardware that works, Linux and updates to Linux work - at least WFM. I can't say any more than that.

A side effect of code reuse??

[haruchai]

  If so, I guess this is one of the downsides.

Re:A side effect of code reuse??

[NoNonAlphaCharsHere]

That can't be, since Windows has been "completely rewritten" twice between XP and 8.1.

Re:A side effect of code reuse??

Fantastic example. Guess that's why DEC and Ultrix are doing so well these days.

It has been a busy month

[gmuslera]

A lot of systems that had to be compromised by the NSA and associates before this patch could finally be released.

Re:It has been a busy month

[cold+fjord]

What's the matter bubba? Windows got you down? Then check out OpenBSD!

OpenBSD: "Only two remote holes in the default install, in a heck of a long time!"

The OpenBSD project produces a FREE, multi-platform 4.4BSD-based UNIX-like operating system. Our efforts emphasize portability, standardization, correctness, proactive security and integrated cryptography. ...and more!

Offer maybe be invalid in Soviet Russia, Cuba, Brigadoon, Shangri-La, Lands End, and certain other localities.

And now, back to our regularly scheduled post-a-grams, after this message ...

Issues in remote code execution vulnerabilities

What? NSA lost their key? Install a new one?

So...

[SCPRedMage]

...it's a normal Patch Tuesday? How the hell is this news?

Re:So...

[jones_supa]

Was thinking the same.

Re:So...

[iggymanz]

windows slashdot users were feeling left out with all the stories of linux kernel minor version releases and linus' random brain farts in forums.

Re:So...

[danomac]

Microsoft patches flaws on regularly scheduled patch day. News at 11.

Re:So...

[jones_supa]

It's still sad that there is actually a lot of cool stuff (Azure, Visual Studio, PowerShell...) happening in the Windows world too, but it never shows up here due to the heavy OSS slant. I'm more of a platform-agnostic myself.

Re:So...

Actually, yes. That happens pretty regularly on Patch Tuesday.

Re:So...

[Rob+Bos]

I like and occasionally use Powershell, but it's hard to get excited about it, knowing that it'd probably sink with Microsoft. I'd be happier if the source were published, like other shell languages. I don't want to waste time on a skillset that's tied to a single company.

A request...

[Anachragnome]

I do not have the ability to do so, but could someone that is able to do so please make a close comparison before/after changes?

They might be trying to cover their tracks in terms NSA backdoors--hide the evidence to minimize the coverage--and the changes they make with updates might shed some light on those backdoors.

Re:A request...

[lxs]

Either it's a big conspiracy or someone modded five people up and then decided to post in the thread thereby undoing their mods.
The NSA is too busy tapping your phone to bother with slashdot posts.

Re:A request...

I've been paying CLOSE attention to the moderation in this thread.

Consider getting a life.

At one point, there had been 7 posts that were modded UP. That number is now 2 posts. All five of the posts subsequently modded downwards relate to the NSA and back-doors in MS products (including registers users that start with a 1 point advantage--all sitting a zero points now).

The only posts modded up, as I write this, are the joke/sarcasm first post, and a post that questions why this is even news.

What's your point? The only evidence you've demonstrated is that you are a loser conspiracy theorist.

Re:A request...

[Teun]

So the NSA has a back door to get /. mod points, you surprised?

Re:A request...

[Anachragnome]

"Either it's a big conspiracy or someone modded five people up and then decided to post in the thread thereby undoing their mods."

While that may be, there are many here on Slashdot that have long been accused of being "Conspiracy Theorists"--myself included--that have been vindicated by the "conspiracy" exposed by Edward Snowden.

All I am asking is that people here be aware that there are many methods to stifle dissent, and that social media (Slashdot included) is now a powerful tool to both monitor and shape public opinion. And lets be serious about the readership of Slashdot--there are many great minds sharing ideas here on Slashdot (I really don't include myself in this category)--and some of those great minds don't necessarily agree with our government. I'd really like to hear NewYorkCountryLawyer's opinions on all of this.

Isn't this the entire purpose of the Prism program, to monitor and minimize the actions of those that don't agree with our government? Hasn't there been enough proof that that program has been turned inwards, targeting US Citizens? Why wouldn't they attempt to manipulate public opinion at this juncture? Why would they ignore any potential means of doing so?

I stand by my previous statements and allusions--Slashdot is being manipulated to both sway public opinion against Edward Snowden and to minimize the damage to the security apparatus.

"The NSA is too busy tapping your phone to bother with slashdot posts."

30000 to 40000 employees.

"In 2012 John C. Inglis, the deputy director, said that the total number of NSA employees is "somewhere between 37,000 and one billion" as a joke." Wikipedia

Re:A request...

http://pastebin.com/irj4Fyd5

Re:A request...

[Corona+Extra]

The question is, why did CmdrTaco give that ability to them?

Re:A request...

[xiando]

All I am asking is that people here be aware that there are many methods to stifle dissent, and that social media (Slashdot included) is now a powerful tool to both monitor and shape public opinion.

I first noticed that some subjects and opinions are silently removed from Slashdot back in 2004. Glad you're finally catching on. Using a site with a high number of visitors? Expect this sort of thing.

Re:A request...

[Mondor]

ISO of the original setup is always available, so you can install the system fresh, install updates and compare if you like. Anyway, I think that if there are backdoors, we'll learn about them from insiders like Snowden, not from security analysts. However, there is a good chance that such backdoors would finish the Microsoft.

Re:A request...

[lxs]

Slashdot is being manipulated to both sway public opinion against Edward Snowden and to minimize the damage to the security apparatus.

I've been here for over a decade and have found precious little overlap between Slashdot and public opinion. Spying on civilians and companies has been common knowledge around here since the early days of ECHELON and it didn't make one bit of difference in the real world. I dont see why anyone would start to listen to us now.

This whole business has already turned into the Edward Snowden Show for the general public. Reality TV is something that smoothly fits into people's lives. Data security isn't. The general attitude of the tech community of condemning ordinary folks as N00Bs lusers and sheeple instead of trying to connect with them on their level and explaining the situation in a way that is relevant to them has probably done more damage that any NSA propaganda offensive could achieve.

Re:A request...

[jp10558]

I have tried to connect with "regular people" on this for years. I've been either dismissed as overly paranoid or way too distrustful of the government or way too caring about if someone else knows {insert supposedly trivial information here}.

Even if someone *does* "get" what I'm talking about, they much prefer texting to meeting in person. Even at the digital security level, they want it invisible to them when it's done - but then it's a waste of effort because if "someone else" does the "security" for you, you have to assume it's not actually secure at all and backdoored for the govt *and worse* for profit to anyone who will pay for details.

I'm guilty of this also - at the level we're talking about I don't have the resources or desire to review code and review open source compiler code, to analyze hardware for built in back doors and firmware for back doors and then to compile a vetted OS, and then all my apps etc. Who *besides* the NSA or foreign governments could do that?

I'm basically resigned that we're screwed from a technical perspective, and don't hold out much hope from a political perspective - if that even could have any real effects with the secret programs like PRISM.

Updates will open more NSA holes

Microsoft riddles its products with backdoors for use by the NSA. Gradually many of these exploits are discovered by 'tame' security researchers and sold to agencies of friendly nations. Then, of course, the highly organised criminal gangs that operate out of Israel and East Europe start to use the backdoors for cruder illicit gain. Eventually the knowledge of the exploits becomes far too widespread, so...

Everytime MS updates, it is closing old holes and opening new ones. Microsoft loves the process, for it breeds into the tiny brains of betas that all operating systems suffer 'bit rot', and therefore MUST be periodically updated (to Microsoft's great profit).

Day 16 in Linux Mint

[SuperCharlie]

While I know it wont make me invisible, I voted with my OS and have taken the Linux plunge. I am quite happy and comfortable in Mint. I have found all the tools I need and if nothing else, maybe it will take a few more cycles to keep me under the NSA thumb.

Re:Day 16 in Linux Mint

I did the exact same just recently with Linux Mint 15 x64 and I have to say that it's been working pretty nicely without error. The modified version of Gnome 3 looks and functions pretty well compared to what's out there. Just my opinion.

-- stoops

Re:Day 16 in Linux Mint

[spire3661]

Try to make it so your screen wont blank using GUI tools.....go on, ill wait. Simple shit like that is what prevents me from using Linux as a desktop. The control panel is missing well over 50 elements compared to win or mac.

Re:Day 16 in Linux Mint

[JDG1980]

How is Wine compatibility on newer versions of MS Office, Adobe Photoshop, and Lightroom these days? It's been a couple months since I checked, but last time I looked it was pretty lackluster.

Re:Day 16 in Linux Mint

[devent]

> Try to make it so your screen wont blank using GUI tools

What that even suppose to mean?

> The control panel is missing well over 50 elements compared to win or mac.

Like what?

PS: I'm a full time Linux user, Fedora with KDE4.

Re:Day 16 in Linux Mint

Hate to mention this to you, but might want to read up on the backdoor that the FBI paid a company years back to put a backdoor in OpenBSD. The project leader, Theo de Radtt, admitted that allegations were true, but after an audit of all the code, he didn't think there was a backdoor present. But it's not like the FBI, or NSA would give up after one try right? Anyways, if the US government was willing to compromise one of the most reputably secure OS's out there, what makes you think they wouldn't try to do the same for Linux. Despite what Red Hat says about its security, I really don't consider SELinux to be secure against NSA hacking. And since the SELinux stuff is built into the kernel, that means kernels are suspect too.

The point of this message? Don't get too comfortable thinking your secure from intrusions just because you switch to Linux.

Re:Day 16 in Linux Mint

[spire3661]

I cant prevent Mint or Ubuntu from blanking the screen (shutting off the monitor) using the GUI. It requires several commands at the CLI for several programs and still doesn't work right. There is no way to change the behavior of the power button in GUI as well. These are just the roadblocks I ran into recently.

Re:Day 16 in Linux Mint

[0123456]

I cant prevent Mint or Ubuntu from blanking the screen (shutting off the monitor) using the GUI. It requires several commands at the CLI for several programs and still doesn't work right.

How very odd. I just went to System/Preferences/Power Management and the monitor setting is right there.

Re:Day 16 in Linux Mint

[Grishnakh]

The SELinux stuff is open-source, just like the rest of the kernel, so it's available for anyone to do a security audit on.

I don't know if anyone's actually bothered, of course, but the code is there in the open.

Re:Day 16 in Linux Mint

[Nerdfest]

In Gnome 2 there were several widgets like Caffeine that would also let you disable it via the tool bar. Not sure if there's anything available since the unity/Gnome3 insanity.

Re:Day 16 in Linux Mint

[spire3661]

Yes, now actually engage it and see if it works.

Re:Day 16 in Linux Mint

[SuperCharlie]

This has been my limited experience as well. I havent run into any major stoppers, found all the tools I need to do my little web dev biz, and the forums, although maybe not real pretty and sometimes grind a little, are well stocked with helpful folks. All the hardware on my laptop came right up, even my wireless mouse and speaker/usb lapdesk deal. Its been a real positive experience. I particularly enjoy just installing apps right from the software manager.. its a nice change from the windows world..

Re:Day 16 in Linux Mint

[SuperCharlie]

First thing I did was install Opera.. Since Google has been basically up FF rear from square one I figured Opera would be an easy choice to get out of the Googlopoly.. I went Opera before I even jumped to Linux.. also fwiw.. Ive been DDG for a while too.. cant blame them for tryin to make money.. even so.. its been a worthwhile learning experience and i am enjoying it..

Re:Day 16 in Linux Mint

[perryizgr8]

there's a couple of problems that i've not yet figured out how to solve. one, it can't hibernate. i think its a consequence of using wubi/mubi to install mint and it can't be helped. two, it can't sleep/wake as well! earlier builds used to be able to sleep. not this one. it sleeps ok, but can't wake. three, the bluetooth works sometimes, and doesn't work on other times. i haven't been able to figure out a pattern so haven't been able to solve this.

Re:Day 16 in Linux Mint

[perryizgr8]

its pretty simple to do in linux mint.
ps: i'm assuming you meant set the 'turn off display time' to 'never'

Re:Day 16 in Linux Mint

[readingaccount]

Mostly shithouse. The older the version of Office/Photoshop/Lightroom, the better the chances of it working without much tweaking. But even then, WINE has a reputation for regressions between versions, such that a new update might improve one program but screw up another. WINE is no way to run a computer if you insist on reliability. Better to just use a VM like VirtualBox or give up on Linux entirely and run everything you want on Windows. They are Windows programs in the end - what better place to run them.

Re:Day 16 in Linux Mint

[devent]

In KDE4 I just go "Menu Button" -> "Computer" -> "System Settings" -> "Power Management" -> and there is "Button events handling: When laptop lid is closed / When power button pressed".
There I can set up anything I like. For "On AC Power" "On Battery" "On Low Power".

Re:Day 16 in Linux Mint

[devent]

The command "poweroff" will shutdown the computer and kill all applications without any further confirmations. Now you only need to bind the command to the poweroff button.

In KDE4 you can also just set "Shutdown" to the event "When power button pressed" in the "Energy Savings" settings panel.

Re:Day 16 in Linux Mint

[VGPowerlord]

First thing I did was install Opera.. Since Google has been basically up FF rear from square one I figured Opera would be an easy choice to get out of the Googlopoly.. I went Opera before I even jumped to Linux.. also fwiw.. Ive been DDG for a while too.. cant blame them for tryin to make money.. even so.. its been a worthwhile learning experience and i am enjoying it..

We're talking about the same Opera that recently switched its rendering engine to Google Blink... even ahead of Google Chrome doing so?

Re:Well

[AbrasiveCat]

Deleting all those NSA backdoors is a helluva job.

No, No, you don't get it. These are installing the new backdoors.

Coming To Windows XP, 8, RT & Server

[Tarlus]

...but if you're running Vista or 7, you're on your own. At least, according to Slashdot's headline...

Re:Coming To Windows XP, 8, RT & Server

[grcumb]

...but if you're running Vista or 7, you're on your own.

If you're running Vista, you've been on your own for a while now.... :-)

This is news?

[JDG1980]

Doesn't Microsoft patch these kind of security holes every Patch Tuesday? How is this one special?

Re:This is news?

[hobarrera]

Next on slashdot: After the current sunday we'll have a Monday!

More Crashes on Microsoft

[tuppe666]

That's also why I like Win and Mac: when I pay, I get a premium OS, with less bugs, missing features and crashes, than I have with a Linux desktop distro.

A quick look at my computer uptime 21:45:37 up 4 days, 22:40, 2 users, load average: 0.66, 0.60, 0.58

The fact that you are marked informative is quite scary...the fact that that you did so using the word "premium" shows how far we have fallen in terms of real measures, and how much we live with unsubstantiated bullshit terms.

From a study http://www.theregister.co.uk/2013/05/03/macbook_pro_most_reliable_windows_pc/ On 37,000 Apple and Windows computers still on sale(new) it recorded 224,144 crashes, 250,791 non-responsive events (in which an app hangs for five seconds or longer) and 84,251 blue screen of death incidents in three months.

A Linux user would not call that a "Premium" they would call it "Trash"

Re:More Crashes on Microsoft

[fast+turtle]

uptime=15:13:32 up 27 days, 18:44, 2 users, load average: 0.16, 0.16, 0.

Got you beat and Firefox hasn't needed a restart for 7 days. Plus I'm running Guild Wars on Wine 1.4 for that load average.

On the informative mod, I have to agree. If this is the quality of education (always knew it stank in the States) then I feel very sorry that the formerly great country is going down the tubes and becoming a 3rd world country as quick as can be.

Re:More Crashes on Microsoft

[perryizgr8]

4 days uptime is nothing. my win7 laptop regularly stays up for about a month, until the next huge patch tuesday which forces a restart.

their patches can no longer be trusted

[0111+1110]

All joking aside, can any of us trust their patches now that it has been comfirmed that Microsoft is effectively a branch of the NSA? What percentage of these updates were sponsored and ordered by the NSA? Are only 30% of the changes for the benefit of the NSA? 70%? There is no way to know.

Re:their patches can no longer be trusted

[Anachragnome]

"All joking aside, can any of us trust their patches now that it has been comfirmed that Microsoft is effectively a branch of the NSA?"

All joking aside. Excellent idea.

How many of you folks are squirming right now, wondering if any of your code managed to end up inadvertently being used in the Prism program? How many of you are wondering how this will impact your job? How many of you are wondering what you might have said in the past, things that you are afraid might be exposed by this? How many Microsoft employees are now worrying about their social life, now that everyone knows Microsoft is neck-deep in NSA spying? Will they be ostracized? What about Google employees? Might they become targets for recriminations? Have you been hiding your affiliations with implicated companies? Will that one friend you confided in turn on you, out you to others that they know will shun you as a result? How much more do we NOT know about? What will the next leaked document reveal? How many of you even care (or dare to care openly)?

See where I am going with this?

Fear. I see it between the lines in forum posts (not just here on Slashdot), I see it in the public pronouncements from public officials around the world, I see it amongst the world's journalists (some fear not the personal costs, but the costs to the entire idea of journalism). I see it coming from the NSA themselves.

This is East Germany, all over again--the NSA literally has us spying on each other, inadvertently or not. Secrecy=Fear=the need for secrecy. Both sides of the equation are feeling it. Did you just hesitate before you sent that email? Have you resigned yourself to the fact that privacy is now dead? Do you fear the repercussions of standing up for your rights?

Do you fear doing nothing?

Re:their patches can no longer be trusted

[Nerdfest]

No, but all are excellent reasons to switch to an open-source OS.

Re:their patches can no longer be trusted

[mysidia]

All joking aside, can any of us trust their patches now that it has been comfirmed that Microsoft is effectively a branch of the NSA?

No you cannot; HOWEVER, you can trust not patching even less. Because Microsoft have been known to share vulnerabilities with the NSA, before they even share the fact of their existence to the public.

The NSA has loads of cash available, and all the research and engineering resources required to work on developing reported vulnerabilities into exploits, to add to "surveillance malware deployment packages".

Re:their patches can no longer be trusted

[cold+fjord]

30% - 70% Windows patches might be NSA directed? Well, Heaven knows Windows has no legitimate bugs to fix . But that does help me understand something. I've been puzzled by your sig for some time since I can't say I know anyone that actually lives in fear. Now it is clearer. You probably bitch when Microsoft doesn't fix something, but are too terrified to use it when they do. That explains a lot. Especially if you aren't applying patches and get pwned.

Your views are simple: It's all a plot. Windows is complex. Complex software has bugs: The danger of complexity: More code, more bugs

I'm reasonably certain that NSA isn't behind all the bugs and all the fixes.

Windows 2000 was released with 20,000 bugs

PS - I hope you do read the response I made to your post, and watch at least the first video. You will be better informed.

Re:their patches can no longer be trusted

[AHuxley]

Laws and requirements like the The Communications Assistance for Law Enforcement Act (CALEA) gave the USA all the hardware and software help they needed.
What any domestic US agency can get, any other US agency can get.
All the fear of encryption exports seemed to stop and the US tech press got lost in nice new toys.
Now we know why, the change over from setting encryption standards to just having a legal entry into domestic and export hardware and software.
Its never the patches, it was always the OS.

Re:their patches can no longer be trusted

[AHuxley]

You would need a new filesystem too. Mac, Windows, Linux seems to be well understood for in the wild issues or ongoing 'ready for' software key logging efforts.

Re:their patches can no longer be trusted

[0111+1110]

You could have just googled my sig. Have you never watched Blade Runner? If you live in the US you are a slave for at least a third of your life, and if you are not afraid of the power of the regime it is either because you are part of the repression machine or are just ignorant and whistling in the dark.

As for responding to the post you mention. I did read it. I'm still not convinced that you have mind reading abiliities. And I am well aware that Stalin was not a nice guy and that the USSR was not a nice place to live. I don't need to watch those videos. Speaking of videos, have you seen the BBC documentary, The Power of Nightmares, by Adam Curtis? It seems the evidence that Al Qaeda ever existed except as an invention of the US is rather limited. I'm certainly not denying 9/11 or that some Saudis were responsible for it, but after having watched that documentary the official US story of Al Qaeda seems highly questionable.

Re:their patches can no longer be trusted

[AHuxley]

Do you fear doing nothing?
US data collection was all in the open over years of CS/telco history:
http://en.wikipedia.org/wiki/Operation_CHAOS
http://en.wikipedia.org/wiki/Project_MERRIMAC
http://en.wikipedia.org/wiki/Project_RESISTANCE
http://en.wikipedia.org/wiki/COINTELPRO
http://en.wikipedia.org/wiki/Main_Core
http://www.foreignpolicy.com/articles/2012/04/18/patriot_games
http://en.wikipedia.org/wiki/Project_SHAMROCK (just an exercise ;) )
later http://en.wikipedia.org/wiki/Project_MINARET
http://en.wikipedia.org/wiki/Martin_and_Mitchell_defection
1960: "As we know from our previous experience working at N.S.A., the United States successfully reads the secure communications of more than forty nations, including its own allies."
ie tame US based OS makers, cell phone hardware as you enter your message before it hits any encryption efforts.
Some journalism is really turning up to an invite only event, getting the press kit, photo work and making sure the print/website and blog are pretty. As for the US brands, they know what they did and now the world knows to be careful about what OS or apps they use.
People will explore their hosting, server options and software with more care, buying local.

Re:their patches can no longer be trusted

[cavebison]

All joking aside, can any of us trust their patches

So just install a firewall you trust? Perhaps an old, pre-crazy version? Personally I use an old version of Kerio Firewall. Does the job, and the UI for managing exceptions is great.

Windows 8 Pro Upgrade $280

[tuppe666]

people pay a lot of money to Microsoft

$39.99

http://windows.microsoft.com/en-gb/windows/buy?ocid=GA8_O_WOL_Hero_ShopHP_FPP_Null from the Windows sales page the cheapest...read crippled (Windows 8 upgrade) its $150 for the less crippled version (Windows 8 Pro)$280. They do not offer a retail version...the price must be horrendous.

Liar :)

[tuppe666]

I'm more of a platform-agnostic myself.

No your not your consistently anti-oss and there is nothing wrong with that, hell whatever floats your boat, but platform-agnostic you are not.

Re:Liar :)

[jones_supa]

I do not oppose OSS in any way but you are correct that usually it just isn't that important for me that the source code is available. I will use the software which makes the computer most enjoyable to use.

I died laughing

[tuppe666]

AMD hardware sucks with Linux.

I run CentOS in an emulator.

Ironically Linux KVM(amongst Others) supports AMD-V http://searchservervirtualization.techtarget.com/definition/AMD-V .

Perhaps if you spent less time making random allegations against hardware you would understand the technology a little better.

Re:I died laughing

[Billly+Gates]

Right because AMD chipsets with other hardware such as gpus, ethernet, and wifi are never needed in a desktop system.

At least intel ones have drivers for wifi, ethernet, and its crappy gpus, all covered by the same manufacturer.

Something seriously wrong ..

[dgharmon]

There's something seriously wrong with the present-day computing that such vulnerabilities are continually being discovered. The only solution being an endless patch cycle. Why isn't it possible to make a compiler that produces enduser safe software?

Re:Something seriously wrong ..

[mysidia]

There's something seriously wrong with the present-day computing that such vulnerabilities are continually being discovered.

It's not very surprising. It takes less than a minute of programming to accidentally make a mistake --- millions of vulnerabilities can be crafted in an hour by pure accident, or by incompetence.

It takes months or years to discover the vulnerabilities, and longer to prove to people's satisfaction, that yes, they are indeed exploitable.

As long as such disparity exists; vulnerabilities that have been around and about for a long time will continuously be discovered at a low rate --- far lower than the rate that new vulnerabilities are accidentally created.

Re:Something seriously wrong ..

[smash]

Because memory management in a muli-tasking, multi-threaded operating system and associated support libraries is hard, and end users are not willing to pay for the additional development time. Free software writers are mostly not willing to spend the development time on the boring security stuff either (the OpenBSD team being a notable exception, and even they are only human).

It's simply human nature to solve a problem (i.e., get an application or OS to "work") and then move onto the next problem. Very few people are willing to spend a heap of time attempt to break their own software, and every programmer believes he writes better code than he probably does.

There are more vulnerabilities discovered now than in previous decades simply because the software is a lot more complex and programmers, and programming techniques have not caught up.

Making a "safe" compiler is, in theory quite possible, however you won't get the power required to write a full operating system, and the platform your runtime is running on will still, at some point need to be written in a low level language (with all of the potential programming pitfalls that entails). I.e., even if YOUR program is secure, the platform may well still have issues.

Cheap, shiny, secure. Pick 2. OK, maybe 1 and 1/2.

Re:Something seriously wrong ..

[WD]

You're implying that the problems are in the compiler, which clearly indicates your lack of knowledge of software and vulnerabilities.

Re:Something seriously wrong ..

[ulatekh]

It's not the compiler, it's the programmers. Most programmers are Mort, unfortunately. Personally, I consider security in all of the code I write, but when I try to recommend that course of action to my fellow programmers, I mostly just get sullen glares.

For commercial software, there's the additional problem that 70% of employees are not actively engaged in their work.

Re:Something seriously wrong ..

[dgharmon]

You're implying that the problems are in the compiler, which clearly indicates your lack of knowledge of software and vulnerabilities.

Stack exploits, heap exploits and buffer overflows are clearly defects in the software, exploitable by defects in the memory management unit. If you know different then please do enlighten us with your knowledge.

Re:Something seriously wrong ..

[brunnegd]

How tasty is the MS Kool-Aid?

Re:Something seriously wrong ..

[smash]

Seriously? MS is as bad as anyone if not worse, as they are commercially motivated and security isn't "sexy". Try again, asshat.

CPU support vs. GPU support

[tepples]

Even if Linux supports AMD CPUs better than Windows does, Windows might still support AMD GPUs better.

Re:CPU support vs. GPU support

[hairyfeet]

All that misses the point which is UNLIKE LINUX with windows....drumroll...the old drivers fucking work! ZOMFG its a miracle,Ballmer must be related to jeebus because i can take this circa 2004 AMD driver disc and IT STILL WORKS even in XP Sp3 with the latest patches! You try getting a nine year old driver, fuck you try getting a 4 year old driver to work in Linux and smell the fail!

That is the ABI difference, and why all OEMs treat Linux like ass cancer, because Windows only changes the driver model when there is a DAMNED good reason to and they try their damnedest NOT to break drivers, the polar opposite of Linux. In windows there is only 2 current driver models, the 2K/XP driver model and the Vista/7/8/8.x driver model...notice something there? Like how 2k and XP (and often even later as i have run XP drivers in Vista/7 for old hardware and had them run fine) can use the SAME DRIVERS and how the same goes for Vista on up?

At the end of the day that is why people would rather steal windows than take Linux for free,because once you get a Windows system running barring user stupidity (why yes i want to win a free iPod, I'll just run Iz_Not_Viruz_is_Entry.exe) or hardware failure that windows system will run, fully supported mind you, for a solid decade without a single driver problem. So AMD dropped support,who gives a fuck? Who is gonna be stupid enough to buy a $400+ card and stick it into an old Pentium 4 running Windows XP? Meanwhile any card that even had just a Vista driver will keep running past the 2020 EOL for Win 7, the 2022 for Win 8, the 2023 for 8.1, so who gives a rat's ass if it ever gets another driver when they have already squeezed as much performance as they can from the hardware?

You see the batshit Linux logic simply doesn't apply to Windows, all Windows users need is a single solid driver and it'll work for the life of the OS, hell just ask my GF, she is running an HD2400XT in windows 7 right now and that is...what? Something like a 6 or 7 year old card? Purrs like a kitten.

Re:CPU support vs. GPU support

[silviuc]

The correct way to say the above is: AMD GPUs are better supported by AMD on Windows than on Linux. It's the manufacturer that usually provides the support and writes the drivers. If Intel integrated graphics were any good I would dump nvidia in a second.

Re:CPU support vs. GPU support

[tepples]

Ivy Bridge already plays PS3-class games, and I'm told Haswell with Iris finally won't suck.

Re:CPU support vs. GPU support

[tepples]

Seriously, if you don't want anything to do with FOSS

The problem is that GPU manufacturers "don't want anything to do with FOSS" and FOSS users lose out.

Re:CPU support vs. GPU support

[hairyfeet]

Nooo...the problem is the GPU manufacturers TRIED to work with Linux and got in return rants from kernel devs like the one that is always posted here when you point out lack of ABIs are retarded that says,and I quote, "And I hope we break non free drivers constantly!". This of course shows that FOSS is NOT a philosophy BUT A RELIGION and like religion dogma takes over and removes any chance for common sense.

In reality GPUs have many proprietary pieces that are NOT owned by the GPU manufacturers themselves, such as HDCP (owned by Intel which means AMD and Nvidia have to sign an NDA to use) and support for DVD and H.26x decoding (owned by MPEG-LA) so if you want a 100% functional GPU driver guess what? You can NOT MAKE IT FOSS because you have NO right to give away other people's property!

As for the coward who wants to know why the FOSSies piss me off? I'll tell ya why, because I have blocked ALL Linux articles so those nutballs can have all the circle jerks they want. they want to sit around and whine how nobody will jump through their hoops for their religion? Fine you have your own section, go circle jerk all you want. But that isn't good enough for the FOSSies, they have to come over to the Windows section and whine and try to sell their crazy over here and as a public service I will ALWAYS counter total bullshit with the TRUTH, and the truth is their stupid braindead retarded lack of an ABI driver design DOESN'T FUCKING WORK, it has NEVER FUCKING WORKED and it will NEVER FUCKING WORK, which is why everybody avoids that pile of asscrap!

All you have to do is see where Linux HAS made inroads to see how much their current driver design cripples them. Servers? Companies like HP pay entire dev teams millions of dollars to constantly replace the drivers Linus shits on, embedded? you only need ONE driver because embedded is designed not to be updated...hmmm, neither of those are anything at all like consumer products,are they? hell even Android, current FOSSie darling, imposes VERY strict controls from on high when it comes to drivers and wadda ya know, the fucking drivers work! Praise Jeebus its a miracle!

I am just God damned sick of FOSSies having 20+ years of reality bitchslapping them in the face but like the WBC they hang onto their little Linux bibles and say "La la la, Linus is a God, everyone just can't see his genius, you are all heathens!". That is why I call them FOSSies, because like Moonies they are religious nutballs that hang onto shit that anybody with a functioning brain could tell them will NOT work but because their "dear leader" says it does then it must, because dear leader couldn't possibly be wrong, could he?

sudo apt-get install xubuntu-desktop

[tepples]

You try skipping releases and suddenly the latest software won't run because it requires kernel X+3 and you have kernel X, it makes it a royal PITA

But there's one big difference. Unlike new major versions of Windows, new versions of Linux, glibc, etc. are available without charge. I didn't have to pay a dime to upgrade Ubuntu from 8.04 through 12.04, apart from the Internet access that I was paying for anyway.

and even if the devs go some way you don't want to go, like the mess that was Pulse Audio or the shit that was early KDE 4 and Gnome 3? Too bad, fuck you

No, fuck Unity. After I failed to get the hang of the Un(usabil)ity that is 11.10's default GUI, I installed Xfce (sudo apt-get install xubuntu-desktop) and was able to make it mine again.

CPU support vs. GPU support

[tuppe666]

Even if Linux supports AMD CPUs better than Windows does, Windows might still support AMD GPUs better.

Hold it there cowboy :) http://tech.slashdot.org/story/13/06/29/2235257/amdati-drops-windows-xp-support AMD/ATI Drops Windows XP Support so no.

These come out every month

[mysidia]

Remember Google recently added Malware to Google transparency report Take a look at the major uptick in malware warnings in 2013..... perhaps a sign that more and more popular destinations are getting compromised and actually leveraging remote code execution exploits, or other trickery, that may be among that covered in the patches.

There's this thing called Patch Tuesday; first Tuesday every month. There are almost always plenty of remote security vulns, with patches. If there aren't -- then there are plenty in the pipeline that they have just delayed another month (in most cases), OR that they put off patch development for.

There are no shortage of windows vulnerabilities.

If you want to get out of the patch grind... I would strongly suggest switching to Chrome on Linux or MacOS :)

Re:These come out every month

[DigiShaman]

Correction: Patch Tuesday is the 2nd Tuesday of every month, not the first. As a sysadmin, it's in my Outlook calendar as a reoccurring scheduled event.

Windows 8 Pro Upgrade

[tuppe666]

Most users will not need or ever use the additional advanced features in Windows 8 Pro.

From http://windows.microsoft.com/en-ca/windows/compare from the Website
1) Provides enhanced data protection with BitLocker and BitLocker To Go to help keep your information secure.
2) Enables you to host a Remote Desktop Connection on your own PC so you can connect to it when you're using a different PC.
3) Connects to your corporate or school network with Domain join.

Linux Users are offered these features in *every* version without the $130 markup.

Uptime isn't important, lack of downtime is

[dutchwhizzman]

.How long your computer hasn't rebooted isn't the important bit. What is important, that it will be available when you need it to be and that it won't reboot or crash without your explicit permission. Even though I have set my permissions such that MicroSoft should never ever update without my consent, let alone reboot my machines, it has happened on several occasions that they pushed an update without prior warning and rebooted XP computers.

On any critical infrastructure I'd want to have total control over when something happens and what happens then. Some vendor autonomously deciding to reboot my heart/lung controller during a heart transplant will not do. The same applies to (air) traffic control (ILS in San Francisco anyone?), hight voltage control, nuclear power plants and whatnot. Hell, I don't even want them to reboot my music player if I'm listening to it.

I don't mind having to do regular scheduled maintenance in maintenance windows if I know in advance, during the design phase of the platform. That way, I can decide which exact OS will be the most useful and beneficial for the exact purpose I intend it to have. Any rogue OS that decides to reboot "on it's own" will never ever get a place in any important infrastructure I have, no matter how long uptime some dude on a forum achieves on it.

Any down time outside of service windows is a major issue, regular windows are not only a minor nuisance compared to an incident during production hours, they are also "job security" if you look at it. I don't care how long uptime you get. I just don't want any downtime for myself.

Re:Uptime isn't important, lack of downtime is

[Spad]

If your "critical infrastructure" isn't hooked up to a WSUS (Free) or SCCM (Not) server for updates then you're asking for trouble; you're saying to Microsoft "I don't want to manage my own update deployment, please do it for me".

That said, I've never had a machine set not to use Automatic Updates reboot itself for an update without my intervention.

Re:Uptime isn't important, lack of downtime is

[colablizzard]

That said, I've never had a machine set not to use Automatic Updates reboot itself for an update without my intervention.

This is +1

Re:news announcement

> M$ is now patching security vulnerabilities after the NSA claims they are no longer useful.

I assume nsa could continuously tell which vulnerabilities that is OK to close.... :-D
"close that one, and that one, we still use these three so wait with them, close that one,
and we also need a new vulnerability in this part of the os"

(since the poster of #44211687 like reading dollar signs, I guess I have to write one for him: U$A)

The verification image was "giggled" heh...

"which allow attackers to breach in." Huh?

What's that in English?

Breach into? Breach into something?

You don't "breach in", there is no such phrase. Idiots.

Android Phones and Tablets

[tuppe666]

Install Linux on random hardware with the same (lack of) quality assurance PC manufacturers do, and put the result in the hands of average users, and we'll se how reliable that will be.

They do already...on Phones, and tablets, and the results are spectacular.

Re:Android Phones and Tablets

[MiSaunaSnob]

my sons Nabi2 crashes several times a week, I wouldn't call that spectacular.

Re:Well

[phantomfive]

Sad thing is, that's probably true, even if not on purpose......

Think of the Children

[tuppe666]

And as I stated, most users don't care about or even know what those things are.

You don't think users want to BYOD...or not have strangers looking through photos of their children...or help a family member with a technical problem in another state.

I think that covers *all* users. Perhaps instead of stating things you should think them through. these things are available at no cost on linux, and out of the box. Its a shame windows is so far behind.

So...

[smash]

... patch tuesday is news now? If this was an out-of-band, critical update then maybe this would be newsworthy. What next? News items for every time Adobe release a flash security update?

Re:extrapolating

[smash]

Performance can be impacted by "safe" programming, but these days mostly it's just laziness or incompetence (along with perhaps using the wrong tool for the job). And I say that without intending disrespect. It's human nature to try and do the bare minimum in terms of boring drudge work. Security is boring and hard.

Re:Subjective Phrasing

[GigaplexNZ]

Except Windows is not *enjoyable*; its universally hated.

Speak for yourself, it's not universally hated. I doubt even the majority hates it, since people keep using it.

My solution to boring drudge work

[ulatekh]

It's human nature to try and do the bare minimum in terms of boring drudge work.

Most of my career has been spent doing boring drudge work. That's why it's called "work". If it was fun, they'd call it "fun", and you wouldn't get paid for it.

Years ago, I discovered the secret to dealing with boring drudge work -- recreational levels of caffeine. No workplace I've ever been in has monitored my coffee consumption. HELL yeah!

Re:Subjective Phrasing

Speak for yourself, it's not universally hated. I doubt even the majority hates it, since people keep using it.

Well many people commute for hours every day in heavy traffic just to get to and from work - doesn't mean they enjoy it.

NSA

[beefoot]

NSA knows about the security holes years ago. Do we need to bother with these security patches?

MS Can't Get Anything Right

[brunnegd]

How old is XP? 12 years? And MS is still patching bugs. Incredible! Imagine flying on a commercial aircraft with software by MS. There would be crashes everyday. MS does only enough testing to make the product run, then relies on consumers to find the bugs. They should b sued.

the security updates for XP

[Michaeljunior]

i have a curiosity about this article... as far as i know, windows has already stopped issues of security updates for XP and that is to say XP is disappearing little by little... well i found this article from a blog on facebook just in case someone will be interested www.facebook.com/softdownfast personally i am a big fan of XP. greetings to all

Re:the security updates for XP

[Michaeljunior]

by the way i still found XP software updates from the same page of www.softdownfast.com....it's ....weird...or interesting