Businesses certainly do see the value in having access to source code and being able to modify it to add necessary features or fix bugs quickly, but that interest does not extend to the sort of "everything is free to pass around like friendship bread" concept people have about free software. Most people simply don't care about the freedom to modify software and redistribute it for free, because most users can't even read code in the first place.
"no Linus user will be held accountable for Novell's mistakes"
Please stop using Linus (srsly, he's gotta be tired already), and consider using Linux instead. It won't complain about your choice of filesystem, nor will it go behind your back and rant on mailing lists.
At one point there was a list of known objectionable material that one could use to purge their local store, so that people who don't want to participate in things they don't agree with can simply not host it.
This is obviously cat and mouse to some extent but at least it isn't a step back from anonymity, more of a way for people to opt out of hosting stuff they don't want to.
In any case i quit running mine for the same reason, for me its not worth it.
Good point, I hope the software world can get away from the idea that all software should be free of all cost and free to pass out like friendship bread. Open source is good enough for me, transparency is more important than freedom to me.
On systems that do use SELinux, the NSA isn't the one who compiled it in, the distribution did. I fail to see what avoiding SELinux like the plague accomplishes anyway, its just a mandatory access control system. It's also typically disabled at boot time anyway.
SElinux is also a part of the mainstream kernel, so perhaps you don't trust those people either? Perhaps you should review the source line by line, because how do you know that unchecking SELinux in the config REALLY removed it from the final binary? Maybe they are tricking you!
Your compiler was also compiled from source by your distribution, and you think the binary compiler that came with your distribution is subverting all code you compile?
Sudo runs things as the super user, hence the name......this is not what you want if you are going for higher security.
I think you are advocating mandatory access control, not separate user logins or separate browsers. Running a program under a separate user helps nothing if that 2nd user has the exact same access to the system as your own user. There is no difference. Even a less privileged user isn't a good security method. In Vista there is some protection for IE7 because the browser runs in the low integrity level (vista has "integrity levels", medium is the default).
I'm also not quite sure what you mean by a 2nd browser, you mean one specifically for visiting sites you don't trust? Care to explain how you have condensed every site on the internet into a list of sites you trust and sites you don't? Or perhaps how you intend to limit the contact this ultra secure browser has to any location on the internet but what you intended?
Thats the thing, i see lots of commercial software and products doing quite well (Apple in particular), while "free software" lags significantly behind, and i blame financial incentive in part for the distance between them.
People want usable, finished products, and with a few exceptions "free software" does not provide them right now.
luvy duvy stuff aside, software doesn't appear out of thin air, it gets financed somehow. "Free software" simply removes a lot of the direct financial incentive to develop that software, which forces developers to look to other business models.
It's almost like some people have a 35 year old grudge against bill gates and are forever doomed to reject the idea of monetizing software development.
Any good flash stick should be doing wear leveling in the controller chip so the filesystem you use shouldn't matter as much as it would with directly connected flash chips.
If it became part of the browser, 3 things would happen: Idiots would scream and cry about being forced to use it, it would integrate better making it more effective, and vulnerabilities like the one referenced here would be a non-issue for a much larger percentage of the user base.
Seriously, running every script a page stuffs into a browser should not be the default, and it should not take an extension to fix it.
Slashdot Mirror
Netcraftsayswhat?
get off my lawn and i'll get a job
I heard britneys sister throttles too :(
Picking your home based on future internet pipe options...thats some serious geek you have going on there.
Businesses certainly do see the value in having access to source code and being able to modify it to add necessary features or fix bugs quickly, but that interest does not extend to the sort of "everything is free to pass around like friendship bread" concept people have about free software. Most people simply don't care about the freedom to modify software and redistribute it for free, because most users can't even read code in the first place.
"no Linus user will be held accountable for Novell's mistakes"
Please stop using Linus (srsly, he's gotta be tired already), and consider using Linux instead. It won't complain about your choice of filesystem, nor will it go behind your back and rant on mailing lists.
What exactly does Novell have that you actually want to run on Ubuntu?
Yast2 has been GPL'd, same for the Apparmor stuff which Ubuntu now USES in fact.
I'm not entirely sure what your point is, most of the stuff Novell releases is GPL'd or otherwise open sourced.
April fools day is confusing me.... are you pretending the Creative drivers for XP don't suck?
At one point there was a list of known objectionable material that one could use to purge their local store, so that people who don't want to participate in things they don't agree with can simply not host it.
This is obviously cat and mouse to some extent but at least it isn't a step back from anonymity, more of a way for people to opt out of hosting stuff they don't want to.
In any case i quit running mine for the same reason, for me its not worth it.
Good point, I hope the software world can get away from the idea that all software should be free of all cost and free to pass out like friendship bread. Open source is good enough for me, transparency is more important than freedom to me.
If by "open" you really mean "Free as in freedom" then yes you are right.
But something can be open without being free of all cost or restriction.
Ahh but then you've got a split between "Open source" and "Free software", something many people get all pissy about.
How is legal to freely license patents to one party while charging for those patents when licensed to another party?
Yea, but changing the user doesn't gain you much security, probably none at all. Presumably you weren't running as root anyway, so what changes?
So, Sparky the poodle starts chewing on a Macbook, and meanwhile, in a remote location, seismologists freak out that Indiana is falling into the sea
On systems that do use SELinux, the NSA isn't the one who compiled it in, the distribution did. I fail to see what avoiding SELinux like the plague accomplishes anyway, its just a mandatory access control system. It's also typically disabled at boot time anyway.
SElinux is also a part of the mainstream kernel, so perhaps you don't trust those people either? Perhaps you should review the source line by line, because how do you know that unchecking SELinux in the config REALLY removed it from the final binary? Maybe they are tricking you!
Your compiler was also compiled from source by your distribution, and you think the binary compiler that came with your distribution is subverting all code you compile?
Yes, tinfoil indeed.
You aren't familiar with MCraps? It's totally an SI unit now man.....
Sudo runs things as the super user, hence the name......this is not what you want if you are going for higher security.
I think you are advocating mandatory access control, not separate user logins or separate browsers. Running a program under a separate user helps nothing if that 2nd user has the exact same access to the system as your own user. There is no difference. Even a less privileged user isn't a good security method. In Vista there is some protection for IE7 because the browser runs in the low integrity level (vista has "integrity levels", medium is the default).
I'm also not quite sure what you mean by a 2nd browser, you mean one specifically for visiting sites you don't trust? Care to explain how you have condensed every site on the internet into a list of sites you trust and sites you don't? Or perhaps how you intend to limit the contact this ultra secure browser has to any location on the internet but what you intended?
Thats the thing, i see lots of commercial software and products doing quite well (Apple in particular), while "free software" lags significantly behind, and i blame financial incentive in part for the distance between them.
People want usable, finished products, and with a few exceptions "free software" does not provide them right now.
luvy duvy stuff aside, software doesn't appear out of thin air, it gets financed somehow. "Free software" simply removes a lot of the direct financial incentive to develop that software, which forces developers to look to other business models.
It's almost like some people have a 35 year old grudge against bill gates and are forever doomed to reject the idea of monetizing software development.
Well there's yer problem! Yer not supposed to be having sex with it!
KDE3 is cluttered because it's unorganized, not because it has features similar to Windows.
I'm not saying this is you in particular, but people spend far too much time trying to NOT be like Windows instead of just trying to do things well.
Any good flash stick should be doing wear leveling in the controller chip so the filesystem you use shouldn't matter as much as it would with directly connected flash chips.
Chrysler is just a subset of Toyota
oh wait, is it still 2008? nm
If it became part of the browser, 3 things would happen: Idiots would scream and cry about being forced to use it, it would integrate better making it more effective, and vulnerabilities like the one referenced here would be a non-issue for a much larger percentage of the user base.
Seriously, running every script a page stuffs into a browser should not be the default, and it should not take an extension to fix it.