Overall it seems somewhat strange to be building in indemnification for something that is still, essentially, theoretical. Isn't that like taking out insurance against alien attack?
Salesman: According to my uncle who is a real whiz with aliens, an alien attack is coming this way.
Peter Griffin: *thinking to himself* Hmmmm, I too have an uncle. Come in.
Perhaps not many companies will [switch away from Windows], but I do think that it's commonly because of fear and ignorance. Likewise, it took America a long time and alot of money to switch from using asbestos insulation to alternatives, but it's paid off in the long run.
What we need are some big dollar lawsuits over cases of "MSothelioma", then people will start switching in droves.;)
Yeah, I'm not an expert on patent law either, but I'm sure Red Hat *did* have experts investigate this issue and it didn't stop them from adding SELinux to RHEL.
Re:Secure Computing Corporation
on
Hardening Linux
·
· Score: 1
Yeah I did some googling after I posted, and the patent issue is pretty old. This LWN article is interesting on the subject, and apparently if the commenter ejhuff is correct the first two patents are already expired and the final patent expires in June 2006. It hasn't scared Red Hat away from implementing SELinux.
Either way, it hasn't stopped my employer from implementing SELinux in our product, either. Blatant plug: download our LiveCD if you'd like to check out our SELinux implementation.
You know, SELinux has some IP issues that I just became aware of this week. For many this is probably old news. It seems some aspects of SELinux are patented and the patent holder allows distribution, but once $$ or something that competes with their product is involved, there's a license fee.
Do you have a link for this SELinux patent issue? I've been developing SELinux policy for a while now and read the SELinux mailing lists daily and I've never heard such a thing. SELinux was originally developed by the NSA and is fully GPLed.
Anyway, beyond the IP issues, just because the kernel has SElinux enabled doesn't mean the applications on top of the kernel have SELinux functionality.
The applications running on top of the kernel don't need to have any SELinux functionality. As long as SELinux policy exists for those applications, the application will only be allowed to perform the actions allowed by policy, and nothing else. Whether the application is SELinux aware or not is a complete non-issue. Your reference to this makes me wonder how much you actually know about SELinux.
I think it's reasonable to say that SELinux does not solve many security problems related to implementation and definitely doesn't magically fix security holes in applications.
Of course, SELinux won't magically fix security holes, nothing will. SELinux can certainly mitigate the harmful effects of many holes in applications that have been confined by SELinux policy, however. It does a hacker no good to penetrate a hole and escalate the privilege to root if he's still stuck in your SELinux httpd_t domain which allows no access beyond reading web content.
Especially since Open Source companies have an additional financial leg kicked out from under them... sales of the product itself.
This is made up for by not having to sink the development costs to create the product from scratch in the first place. If you want to sell a product, you have to build it first, and if no one buys it you're still out all the money it cost to develop.
Open source businesses make their money from support and customization. It's certainly not as possible to hit a home run that way, but it's certainly possible to build a successful business around that and it entails less risk than creating a product from scratch and attempting to sell it.
Hitchens made many substantive statements between his insults of Galloway. Galloway was pure invective and spent all his time dodging Hitchens' point while throwing mud.
A hypothetical situation : Your neighbor is a drunken, violent man who you regularly overhear beating his wife and children in a most extreme fashion. They are regularly covered in bruises, and you suspect the man may even be raping his own daughters. The police are contacted, but the man is in business with the police chief and mayor and corruption has made them unwilling to prevent any of this. You are the biggest man on the block, and could easily prevent the man from harming his family any further with little risk to yourself.
Do you have a moral duty to stop him? If you choose not to prevent his actions despite your ability to do so, does it mean you are partially responsible for the continued abuse?
If you consider that a bitch-slapping, you should watch the debate on the Iraq war between Christopher Hitchens and Galloway. Hitchens not only bitchslapped Galloway, he completely took him apart. All Galloway could respond with were ad hominem personal attacks having nothing to do with the substance of Hitchens' statements.. It was the most one-sided bitchslapping I've ever seen.
My assertion wasn't "we have more free speech than the others combined", and I never claimed the US has no restrictions on freedom of speech. I asked a question: "What country has a more concrete right to freedom of speech than the US?"
I'll take the EU as an example. Is speech praising the Nazis legal there? It is here in the US, even though we find it reprehensible, we don't outlaw it since we believe freedom of speech includes speech we disagree with. In many parts of the EU, any speech denigrating a racial or religious group is considered a crime. An Italian author has been charged with what amounts to blasphemy.
Mr. Marxist Economic Genius, what do you think banks do with the money that rich people deposit? They use it to make loans to those who don't have money in exchange for interest, and people use those loans to buy houses and start businesses providing jobs.
Actually I think I'm expecting too much from you. Of course a guy whose nick is "Marxist Hacker 42" is a) not going to know the first thing about how capitalism works, and b) going to mindlessly bash the "rich" at every opportunity.
My favorite part of your post though, was the sheer comedy of a Marxist trying to tell everyone else what he considers a good use of their money. It'd be great satire if you weren't serious.
I seem to recall that GPS was switched off one day every year on its anniversary just to remind everyone it was American
This reeks of urban legend to me. Link please. Really, would the US Military agree to their GPS targeting systems being switched off for one day a year just to remind everyone it was American?? It makes no logical sense.
..and strongly DISCOURAGE large personal fortunes that just sit in vaults going to waste.
If you actually honestly believe that rich people keep their money in a vault going to waste, I'm greatly relieved that you have nothing to do with formulating economic policy. Where did you learn about economics, from watching cartoons starring Uncle Scrooge McDuck? It'd be laughable if it wasn't so sad.
Reg: The only people we hate more than the Romans are the flippin Judean People's Front. Stan: Yeah the Judean People's Front. Reg: Yeah. Stan: And the Popular Front of Judea. Reg: Yeah. Stan: And the People's Front of Judea. Reg: Yea...what? Stan: The People's Front of Judea. Reg: We're the People's Front of Judea! Stan: I thought we were the Popular Front. Reg: People's Front! Francis: What ever happened to the Popular Front? Reg: He's over there. (points to a lone man) Reg, Stan, Francis, and Judith: SPLITTER!
"Under threat" doesn't equal "Forbidden". What country would you say has a more concrete right to freedom of speech than the US, since you're throwing stones? The US Supreme Court has consistently held that pornography is protected speech, despite Congress periodically threatening to "protect the children" in order to pander for votes.
It's intuitively obvious to even the most casual observer that the reason behind this EU and UN grab for internet power is in order to suppress speech they disagree with. If not that, then why bother?
Or could they just be attempting to drive the price up to screw Microsoft? Or hell, even just to distract Microsoft into thinking AOL is worth something, and that they should buy it before Google does.
It's a chess match, but only the players involved can see the whole board. We're just speculating wildly here, but then that is the purpose of Slashdot.;)
Journalists carry a moral responsability to be impartial
What planet are YOU from?? Everyone has biases, and it's absolutely impossible to be completely impartial. Journalists aren't some higher species who can observe without judging, they're people like everyone else, and they all have their own opinions which color their reporting whether they intend it or not.
The only honest path is to admit their inherent biases so that they can be taken into account, not pretend they don't exist. Journalism as a profession is frankly bullshit, journalism is something someone DOES, not something someone IS.
If we'd been interested in going to the moon for the sake of exploration and science instead of just getting there before the Russians did, we'd probably still be there.
Or maybe we'd never have gotten there at all. Politicians aren't known for spending money for the sake of exploration and science, but since it was billed as a must to beat the damn dirty Reds to the moon, no cost was considered too high.
Personally I think it also had a lot to do with the fact of JFK being assassinated. Going to the moon was a pet project of his, and his popularity after his assassination was so high that killing the project became unthinkable.
You humanitarians should thank your lucky stars that the country that will have that power is a generally benevolent one. If we lived in a different world and it was the Soviet Union or Nazi Germany who had an unstoppable robot army things would be much, much worse.
Cue replies about US "imperialism", noting the irony that if the US was actually interested in an empire, no one would be permitted to complain about it.
Slashdot Mirror
Overall it seems somewhat strange to be building in indemnification for something that is still, essentially, theoretical. Isn't that like taking out insurance against alien attack?
Salesman: According to my uncle who is a real whiz with aliens, an alien attack is coming this way.
Peter Griffin: *thinking to himself* Hmmmm, I too have an uncle. Come in.
Perhaps not many companies will [switch away from Windows], but I do think that it's commonly because of fear and ignorance. Likewise, it took America a long time and alot of money to switch from using asbestos insulation to alternatives, but it's paid off in the long run.
;)
What we need are some big dollar lawsuits over cases of "MSothelioma", then people will start switching in droves.
Larry Dallas could not be reached for comment.
It was all the idea of their law firm, Dewey Cheatem & Howe.
I think if I had a t-shirt with "$sys$" on the front I could become invisible. Hello, ThinkGeek?
Yeah, I'm not an expert on patent law either, but I'm sure Red Hat *did* have experts investigate this issue and it didn't stop them from adding SELinux to RHEL.
Yeah I did some googling after I posted, and the patent issue is pretty old. This LWN article is interesting on the subject, and apparently if the commenter ejhuff is correct the first two patents are already expired and the final patent expires in June 2006. It hasn't scared Red Hat away from implementing SELinux.
Either way, it hasn't stopped my employer from implementing SELinux in our product, either. Blatant plug: download our LiveCD if you'd like to check out our SELinux implementation.
You know, SELinux has some IP issues that I just became aware of this week. For many this is probably old news. It seems some aspects of SELinux are patented and the patent holder allows distribution, but once $$ or something that competes with their product is involved, there's a license fee.
Do you have a link for this SELinux patent issue? I've been developing SELinux policy for a while now and read the SELinux mailing lists daily and I've never heard such a thing. SELinux was originally developed by the NSA and is fully GPLed.
Anyway, beyond the IP issues, just because the kernel has SElinux enabled doesn't mean the applications on top of the kernel have SELinux functionality.
The applications running on top of the kernel don't need to have any SELinux functionality. As long as SELinux policy exists for those applications, the application will only be allowed to perform the actions allowed by policy, and nothing else. Whether the application is SELinux aware or not is a complete non-issue. Your reference to this makes me wonder how much you actually know about SELinux.
I think it's reasonable to say that SELinux does not solve many security problems related to implementation and definitely doesn't magically fix security holes in applications.
Of course, SELinux won't magically fix security holes, nothing will. SELinux can certainly mitigate the harmful effects of many holes in applications that have been confined by SELinux policy, however. It does a hacker no good to penetrate a hole and escalate the privilege to root if he's still stuck in your SELinux httpd_t domain which allows no access beyond reading web content.
We simply cannot afford to kill any pirates, since the worldwide decline in the number of pirates is clearly responsible for global warming.
Especially since Open Source companies have an additional financial leg kicked out from under them... sales of the product itself.
This is made up for by not having to sink the development costs to create the product from scratch in the first place. If you want to sell a product, you have to build it first, and if no one buys it you're still out all the money it cost to develop.
Open source businesses make their money from support and customization. It's certainly not as possible to hit a home run that way, but it's certainly possible to build a successful business around that and it entails less risk than creating a product from scratch and attempting to sell it.
Hitchens made many substantive statements between his insults of Galloway. Galloway was pure invective and spent all his time dodging Hitchens' point while throwing mud.
A hypothetical situation : Your neighbor is a drunken, violent man who you regularly overhear beating his wife and children in a most extreme fashion. They are regularly covered in bruises, and you suspect the man may even be raping his own daughters. The police are contacted, but the man is in business with the police chief and mayor and corruption has made them unwilling to prevent any of this. You are the biggest man on the block, and could easily prevent the man from harming his family any further with little risk to yourself.
Do you have a moral duty to stop him? If you choose not to prevent his actions despite your ability to do so, does it mean you are partially responsible for the continued abuse?
If you consider that a bitch-slapping, you should watch the debate on the Iraq war between Christopher Hitchens and Galloway. Hitchens not only bitchslapped Galloway, he completely took him apart. All Galloway could respond with were ad hominem personal attacks having nothing to do with the substance of Hitchens' statements.. It was the most one-sided bitchslapping I've ever seen.
My assertion wasn't "we have more free speech than the others combined", and I never claimed the US has no restrictions on freedom of speech. I asked a question: "What country has a more concrete right to freedom of speech than the US?"
I'll take the EU as an example. Is speech praising the Nazis legal there? It is here in the US, even though we find it reprehensible, we don't outlaw it since we believe freedom of speech includes speech we disagree with. In many parts of the EU, any speech denigrating a racial or religious group is considered a crime. An Italian author has been charged with what amounts to blasphemy.
Mr. Marxist Economic Genius, what do you think banks do with the money that rich people deposit? They use it to make loans to those who don't have money in exchange for interest, and people use those loans to buy houses and start businesses providing jobs.
Actually I think I'm expecting too much from you. Of course a guy whose nick is "Marxist Hacker 42" is a) not going to know the first thing about how capitalism works, and b) going to mindlessly bash the "rich" at every opportunity.
My favorite part of your post though, was the sheer comedy of a Marxist trying to tell everyone else what he considers a good use of their money. It'd be great satire if you weren't serious.
I seem to recall that GPS was switched off one day every year on its anniversary just to remind everyone it was American
This reeks of urban legend to me. Link please. Really, would the US Military agree to their GPS targeting systems being switched off for one day a year just to remind everyone it was American?? It makes no logical sense.
..and strongly DISCOURAGE large personal fortunes that just sit in vaults going to waste.
If you actually honestly believe that rich people keep their money in a vault going to waste, I'm greatly relieved that you have nothing to do with formulating economic policy. Where did you learn about economics, from watching cartoons starring Uncle Scrooge McDuck? It'd be laughable if it wasn't so sad.
Reg: The only people we hate more than the Romans are the flippin Judean People's Front.
Stan: Yeah the Judean People's Front.
Reg: Yeah.
Stan: And the Popular Front of Judea.
Reg: Yeah.
Stan: And the People's Front of Judea.
Reg: Yea...what?
Stan: The People's Front of Judea.
Reg: We're the People's Front of Judea!
Stan: I thought we were the Popular Front.
Reg: People's Front!
Francis: What ever happened to the Popular Front?
Reg: He's over there. (points to a lone man)
Reg, Stan, Francis, and Judith: SPLITTER!
"Under threat" doesn't equal "Forbidden". What country would you say has a more concrete right to freedom of speech than the US, since you're throwing stones? The US Supreme Court has consistently held that pornography is protected speech, despite Congress periodically threatening to "protect the children" in order to pander for votes.
It's intuitively obvious to even the most casual observer that the reason behind this EU and UN grab for internet power is in order to suppress speech they disagree with. If not that, then why bother?
Or could they just be attempting to drive the price up to screw Microsoft? Or hell, even just to distract Microsoft into thinking AOL is worth something, and that they should buy it before Google does.
;)
It's a chess match, but only the players involved can see the whole board. We're just speculating wildly here, but then that is the purpose of Slashdot.
Journalists carry a moral responsability to be impartial
What planet are YOU from?? Everyone has biases, and it's absolutely impossible to be completely impartial. Journalists aren't some higher species who can observe without judging, they're people like everyone else, and they all have their own opinions which color their reporting whether they intend it or not.
The only honest path is to admit their inherent biases so that they can be taken into account, not pretend they don't exist. Journalism as a profession is frankly bullshit, journalism is something someone DOES, not something someone IS.
If we'd been interested in going to the moon for the sake of exploration and science instead of just getting there before the Russians did, we'd probably still be there.
Or maybe we'd never have gotten there at all. Politicians aren't known for spending money for the sake of exploration and science, but since it was billed as a must to beat the damn dirty Reds to the moon, no cost was considered too high.
Personally I think it also had a lot to do with the fact of JFK being assassinated. Going to the moon was a pet project of his, and his popularity after his assassination was so high that killing the project became unthinkable.
Where are all the Bush bashers now?
;)
They moved north to get away from Bush's AmeriKKKa, little knowing they were moving to KKKanada.
You humanitarians should thank your lucky stars that the country that will have that power is a generally benevolent one. If we lived in a different world and it was the Soviet Union or Nazi Germany who had an unstoppable robot army things would be much, much worse.
Cue replies about US "imperialism", noting the irony that if the US was actually interested in an empire, no one would be permitted to complain about it.
In Soviet Russia, BSD posts that YOU are dying!