How would a third party, who doesn't have source code access, write a patch to the software? The entire point of full disclosure is to persuade the developers of the software to patch the bug. If you can't disclose the flaw, convincing them to fix it can be hard, since without very concrete evidence (like working code), it becomes easy for the developers to just laugh you off, and claim that the vulnerability is "only theoretical".
That's the benefit - actually getting the bug fixed, versus waiting forever for the company to admit to the flaw.
Not likely. Do you have a cell phone? You have MUCH more to worry about from your cell phone than from 802.11b wireless - the transmit power on 802.11 gears is in the 50-100 mW (milliwatt) range, whereas the typical cell phone transmits much closer to a half watt, and the signal power when it rings can jump to the 5-6 watt range.
Plus, it's not close to your head!
In short, the odds of health issues (unless you have a pacemaker, but they're touchy to lots of RF sources) cropping up with 802.11 are pretty small.
I think that is an EXCELLENT feature - RADIUS authentication via the LEAP protocol. Yay! But, does the software upgrade for the existing base stations add the LEAP/RADIUS support? I would really LOVE to find out that this is the case, so that we could improve wireless security on my employers' network. Does anyone know? Pleeeeeease tell me that I get my wish...
The WEP "encryption" is no more a roadblock than a sheet of Saran wrap. Since the implementation of WEP (including 128-bit) in 802.11b has been shown to be faulty, it's also been discovered that the keys can be determined, just by sniffing traffic (passive attack). If anything, it's almost worse than no security, since it gives a completely false sense of security.
MAC address limiting is one method. Also, putting your wireless base on a restricted segment might not be a bad idea either, and employing IPsec and authentication, if possible, would be even better.
In short, WEP == crap. It's been sufficiently proven. So no, don't depend on it for any "security".
I don't think the person you're replying to meant that education isn't important, but without at least some raw talent, and an interest in programming, education by itself just isn't going to make a person into a programmer. Just as with anything - most anybody can be taught to do most tasks, but if they don't have an interest in the task at hand, odds are they're not going to do it _well_.
Considering that from what I understand, (a) Darwin CVS isn't even usable without a source patch, and (b) some of the more interesting drivers (for ATI, nVidia, Adaptec, etc. hardware) are closed source, I would hesitate to call it true "open source", and unless they finally fixed the APSL, it doesn't meet any official definition of the term either.
And there was a/. story about the iPod - and it had nothing bad to say about Apple, in fact some people were fairly interested in it, even tho it's not going to be a cheap little toy (from what I gather).
I've tried CVS, and for the demos I've tried (Sam and Max demo, DoTT demo, FoA demo) it works quite well. However, I have the CD full version of Sam and Max - unfortunately, much of it doesn't show up right, no background images hold (during the intro, the mad Doctor is all that shows up, and a lot of the time, parts of his face are disappearing). It's serious progress from the release snap that you have on the sf.net site, and it's certainly impressive work. Can't wait to play the whole game on Linux, maybe even with sound.:)
I noticed that particular detail when reading the article as well. Isn't one of the principles of "secure" authentication systems to NEVER implicitly trust the client? And Microsoft is basically totally ignoring this whole concept of authentication systems.
And to think that some universities point to Microsoft as a good example of software engineering prowess in their CS programs. This is just sad.
Yeah, and then they'll continue to ignore it, drag the case out in court, and eventually get another scary "conduct remedy" - which they'll then happily proceed to... umm, probably ignore, just like always.
Yes, I can see this will be extremely effective. Right...
I could not have said it better. I'm just waiting to see what the states are going to do now. I just hope they're actually going to do _something_, and that all their complaining isn't just in vain. Seeing as the "new" DoJ isn't particularly interested in pursuing this - and gee, I just can't IMAGINE why that'd be!
Microsoft calling up a retailer and asking them their per-unit price is meaningless - they buy from a wholesaler, who buys from someone else, who actually buys from Logitech - that's the way it usually works. And you don't just call up wholesalers and ask them "hey, what's your unit cost on [item X]?" - they'll laugh at you, then proceed to hang up the phone.
So the approach that the post you replied to claimed - Microsoft purporting willingness to cobrand/rebrand, then blow off the "potential" partner, sounds plausible and much more likely than what you're thinking.
And have they actually admitted they were "wrong"? I don't think they ever did - IIRC the claim was they were basically evaluating the importance of the Internet to their business, not that they were just covering their ears and saying "la la la, we can't hear you!" until the train got too close for comfort...
Re:Since when did MS ever set any standards?
on
Microsoft's Future
·
· Score: 1
The optical sensor used in ALL current-gen optical mice (yes, ALL OF THEM) is not even produced by Microsoft. Agilent (a spinoff our good friend, Hewlett-Packard) produces them. Whether you have a Logitech, Microsoft, Apple,... whatever brand. One company makes the optical sensor. So I don't think that can be called a Microsoft innovation - someone else developed the improved optical sensor, they just put it into a mouse. (Did they even do it first? I don't know.)
Are you honestly suggesting that people shopping for a new computer on which they intend to run Linux would seriously consider PPC hardware?
And why not? It's good, stable hardware, better than most of the x86 hardware out there. Oh yeah - and BIOSes suck. Having a real boot ROM is nice.
There are more 'issues' than with x86 linux,
Really? What issues would those be? I can count the issues I have with this iBook on one hand:
DPMS blanking doesn't work (being worked on)
DRI with R128 is unstable and only works with 16bpp (being worked on)
FireWire doesn't work right yet (being worked on)
Other than the lack of FireWire, neither of the other 2 are huge issues to me. And - THE MODEM WORKS. It's not a retarded WinModem/software modem. It 100% works with Linux, no problems.
Why would anyone buy a mac if they don't intent to run MacOS on it? For the same price you could custom build a server with all the trimmings on x86...
Yes, there's LOTS of cheap x86 hardware out there, but to match the quality of the hardware that Apple puts out, you'd have to spend serious green anyway, so to say that x86 hardware is cheaper is a questionable statement at best.
Now tell me - how many Apple systems have you run Linux on? I'm running it on a FireWire iBook, a blue-and-white G3 tower, and a PowerMac 6100. It's stable on all of them, and supports pretty much everything (FireWire being the main lingering issue at this point).
Ahhh. I see. Type 'debian video=ofonly' at the yaboot prompt. That'll tell the kernel to use the OpenFirmware driver for the display device. It's more compatible that way, and that should (hopefully) get you going. Good luck.
What's easier than 'apt-get install [package]'? I can't think of much. And most people, even most Mac users, can't really take care of computer "maintenance" - that usually involves asking a knowledgable neighbor, or wiping out and reinstalling, not all too different from Windows, sad to say.
Sure, OS X is aimed more at those who don't know what UNIX is, or why they would even care about it. Yay for them. However, for those of us who prefer Linux, and want better stuff than Intel hardware, Apple systems make fine Linux boxen. Don't knock it till you've tried it.
Except they run better under Classic than MOL because Apple spent a lot of time optimizing.
People have done performance tests. In the general case, Classic and MoL perform about equally well.
Further, Classic apps share the desktop with other apps. You don't need to house the MacOS desktop inside a giant X window.
I rather prefer it. I happen to think that's what that relic of an OS deserves.:)
Maybe so, I wouldn't know. But in general, OS X supports a lot more Apple hardware than Linux. For example, XFree86 4.1 is still unaccelerated for a lot of video cards in Apple systems,
Anything Rage128 or Radeon-based does 2D accel, and 3D accel is in the works (works on some, not on others - mostly with Rage128s). nVidia isn't very well supported because of their binary drivers. We can't do anything about that.
Firewire device support in Linux is flaky,
FireWire support is still under heavy development, and that doesn't work for me at present.
and sound doesn't work under Linux in many systems (particularly laptops).
Sound support for DACA (on the clamshell iBooks) and Texas/Tumbler (on iBook2), as well as Screamer (on the TiG4) is supported. I don't know about sound support for the Pismo, Lombard and Wallstreet, though. Haven't run Linux on any of them.
BS. I've got an iBook with YDL 2.0 and it doesn't even support suspend/sleep mode, nor does it dim the display. It can spin down the disk and blank the display, but that's it.
I sleep my iBook FireWire ALL THE TIME. It works great. You need a recent kernel, that's all. Display blanking in X doesn't work yet, but I head that's supposed to work by XFree 4.2.0.
You may have to use the Option boot menu (just hold the Option key before it bongs) or drop to OF and type 'boot cd:,\\yaboot'. Try the former first. I've used the Debian ISOs (that's how I installed on this FireWire iBook!), so I know they do work (unless Toast does stupid things that it shouldn't to the ISO - but that would be really bad form).
Don't mess with the firmware if you don't have to. Recently, yaboot and ybin were rolled into one package. The ybin installer knows how to use the nvsetenv utility to set the boot partition, and so you avoid even having to deal with OF. (Not that it's that tough, once you get the hang of it...)
I prefer, on systems that are too old to have the Option boot selector, to _remove_ (yes, remove, as in delete) the Startup Disk control panel in both OS 9 and OS X, and just use the boot selector script generated by ybin to choose the OS at start time. Just make sure your yaboot/ybin bootstrap partition is of type 'Apple_Bootstrap', so that OS 9 won't boot up and then unbless your boot loader.:)
Wrong. Try here - there is support for the old NuBus-based systems to run an actual complete Linux kernel. I have a Workgroup Server 6150/66 (basically the same as the 6100/66, but more RAM out of the box) running Debian with that kernel, and it not only runs, it's quite stable. (The 6100 does, however, require a basic MacOS install to bootstrap from - its MacOS ROM doesn't work with BootX or miBoot, so the MkLinux Booter has to be used.)
Slashdot Mirror
How would a third party, who doesn't have source code access, write a patch to the software? The entire point of full disclosure is to persuade the developers of the software to patch the bug. If you can't disclose the flaw, convincing them to fix it can be hard, since without very concrete evidence (like working code), it becomes easy for the developers to just laugh you off, and claim that the vulnerability is "only theoretical".
That's the benefit - actually getting the bug fixed, versus waiting forever for the company to admit to the flaw.
Not likely. Do you have a cell phone? You have MUCH more to worry about from your cell phone than from 802.11b wireless - the transmit power on 802.11 gears is in the 50-100 mW (milliwatt) range, whereas the typical cell phone transmits much closer to a half watt, and the signal power when it rings can jump to the 5-6 watt range.
Plus, it's not close to your head!
In short, the odds of health issues (unless you have a pacemaker, but they're touchy to lots of RF sources) cropping up with 802.11 are pretty small.
I think that is an EXCELLENT feature - RADIUS authentication via the LEAP protocol. Yay! But, does the software upgrade for the existing base stations add the LEAP/RADIUS support? I would really LOVE to find out that this is the case, so that we could improve wireless security on my employers' network. Does anyone know? Pleeeeeease tell me that I get my wish...
The WEP "encryption" is no more a roadblock than a sheet of Saran wrap. Since the implementation of WEP (including 128-bit) in 802.11b has been shown to be faulty, it's also been discovered that the keys can be determined, just by sniffing traffic (passive attack). If anything, it's almost worse than no security, since it gives a completely false sense of security.
MAC address limiting is one method. Also, putting your wireless base on a restricted segment might not be a bad idea either, and employing IPsec and authentication, if possible, would be even better.
In short, WEP == crap. It's been sufficiently proven. So no, don't depend on it for any "security".
I don't think the person you're replying to meant that education isn't important, but without at least some raw talent, and an interest in programming, education by itself just isn't going to make a person into a programmer. Just as with anything - most anybody can be taught to do most tasks, but if they don't have an interest in the task at hand, odds are they're not going to do it _well_.
Considering that from what I understand, (a) Darwin CVS isn't even usable without a source patch, and (b) some of the more interesting drivers (for ATI, nVidia, Adaptec, etc. hardware) are closed source, I would hesitate to call it true "open source", and unless they finally fixed the APSL, it doesn't meet any official definition of the term either.
/. story about the iPod - and it had nothing bad to say about Apple, in fact some people were fairly interested in it, even tho it's not going to be a cheap little toy (from what I gather).
And there was a
I've tried CVS, and for the demos I've tried (Sam and Max demo, DoTT demo, FoA demo) it works quite well. However, I have the CD full version of Sam and Max - unfortunately, much of it doesn't show up right, no background images hold (during the intro, the mad Doctor is all that shows up, and a lot of the time, parts of his face are disappearing). It's serious progress from the release snap that you have on the sf.net site, and it's certainly impressive work. Can't wait to play the whole game on Linux, maybe even with sound. :)
I noticed that particular detail when reading the article as well. Isn't one of the principles of "secure" authentication systems to NEVER implicitly trust the client? And Microsoft is basically totally ignoring this whole concept of authentication systems.
And to think that some universities point to Microsoft as a good example of software engineering prowess in their CS programs. This is just sad.
Yeah, and then they'll continue to ignore it, drag the case out in court, and eventually get another scary "conduct remedy" - which they'll then happily proceed to... umm, probably ignore, just like always.
Yes, I can see this will be extremely effective. Right...
I could not have said it better. I'm just waiting to see what the states are going to do now. I just hope they're actually going to do _something_, and that all their complaining isn't just in vain. Seeing as the "new" DoJ isn't particularly interested in pursuing this - and gee, I just can't IMAGINE why that'd be!
Microsoft calling up a retailer and asking them their per-unit price is meaningless - they buy from a wholesaler, who buys from someone else, who actually buys from Logitech - that's the way it usually works. And you don't just call up wholesalers and ask them "hey, what's your unit cost on [item X]?" - they'll laugh at you, then proceed to hang up the phone.
So the approach that the post you replied to claimed - Microsoft purporting willingness to cobrand/rebrand, then blow off the "potential" partner, sounds plausible and much more likely than what you're thinking.
Maybe Microsoft now believes they are W3C? Or that W3C is out of date, and Microsoft should replace them? Wouldn't totally surprise me.
Actually, on my Linux box, VMware is quite OK with being suspended - as long as it's not running fullscreen at the time, it doesn't have a problem.
And have they actually admitted they were "wrong"? I don't think they ever did - IIRC the claim was they were basically evaluating the importance of the Internet to their business, not that they were just covering their ears and saying "la la la, we can't hear you!" until the train got too close for comfort...
The optical sensor used in ALL current-gen optical mice (yes, ALL OF THEM) is not even produced by Microsoft. Agilent (a spinoff our good friend, Hewlett-Packard) produces them. Whether you have a Logitech, Microsoft, Apple, ... whatever brand. One company makes the optical sensor. So I don't think that can be called a Microsoft innovation - someone else developed the improved optical sensor, they just put it into a mouse. (Did they even do it first? I don't know.)
And why not? It's good, stable hardware, better than most of the x86 hardware out there. Oh yeah - and BIOSes suck. Having a real boot ROM is nice.
There are more 'issues' than with x86 linux,
Really? What issues would those be? I can count the issues I have with this iBook on one hand:
- DPMS blanking doesn't work (being worked on)
- DRI with R128 is unstable and only works with 16bpp (being worked on)
- FireWire doesn't work right yet (being worked on)
Other than the lack of FireWire, neither of the other 2 are huge issues to me. And - THE MODEM WORKS. It's not a retarded WinModem/software modem. It 100% works with Linux, no problems.Why would anyone buy a mac if they don't intent to run MacOS on it? For the same price you could custom build a server with all the trimmings on x86...
Yes, there's LOTS of cheap x86 hardware out there, but to match the quality of the hardware that Apple puts out, you'd have to spend serious green anyway, so to say that x86 hardware is cheaper is a questionable statement at best.
Now tell me - how many Apple systems have you run Linux on? I'm running it on a FireWire iBook, a blue-and-white G3 tower, and a PowerMac 6100. It's stable on all of them, and supports pretty much everything (FireWire being the main lingering issue at this point).
Ahhh. I see. Type 'debian video=ofonly' at the yaboot prompt. That'll tell the kernel to use the OpenFirmware driver for the display device. It's more compatible that way, and that should (hopefully) get you going. Good luck.
Oh, and didja know - you can put an Airport card in that Pismo, and take advantage of wireless networking without using your PC Card slot? *g*
What's easier than 'apt-get install [package]'? I can't think of much. And most people, even most Mac users, can't really take care of computer "maintenance" - that usually involves asking a knowledgable neighbor, or wiping out and reinstalling, not all too different from Windows, sad to say.
Sure, OS X is aimed more at those who don't know what UNIX is, or why they would even care about it. Yay for them. However, for those of us who prefer Linux, and want better stuff than Intel hardware, Apple systems make fine Linux boxen. Don't knock it till you've tried it.
Except they run better under Classic than MOL because Apple spent a lot of time optimizing.
:)
People have done performance tests. In the general case, Classic and MoL perform about equally well.
Further, Classic apps share the desktop with other apps. You don't need to house the MacOS desktop inside a giant X window.
I rather prefer it. I happen to think that's what that relic of an OS deserves.
Maybe so, I wouldn't know. But in general, OS X supports a lot more Apple hardware than Linux. For example, XFree86 4.1 is still unaccelerated for a lot of video cards in Apple systems,
Anything Rage128 or Radeon-based does 2D accel, and 3D accel is in the works (works on some, not on others - mostly with Rage128s). nVidia isn't very well supported because of their binary drivers. We can't do anything about that.
Firewire device support in Linux is flaky,
FireWire support is still under heavy development, and that doesn't work for me at present.
and sound doesn't work under Linux in many systems (particularly laptops).
Sound support for DACA (on the clamshell iBooks) and Texas/Tumbler (on iBook2), as well as Screamer (on the TiG4) is supported. I don't know about sound support for the Pismo, Lombard and Wallstreet, though. Haven't run Linux on any of them.
BS. I've got an iBook with YDL 2.0 and it doesn't even support suspend/sleep mode, nor does it dim the display. It can spin down the disk and blank the display, but that's it.
I sleep my iBook FireWire ALL THE TIME. It works great. You need a recent kernel, that's all. Display blanking in X doesn't work yet, but I head that's supposed to work by XFree 4.2.0.
You may have to use the Option boot menu (just hold the Option key before it bongs) or drop to OF and type 'boot cd:,\\yaboot'. Try the former first. I've used the Debian ISOs (that's how I installed on this FireWire iBook!), so I know they do work (unless Toast does stupid things that it shouldn't to the ISO - but that would be really bad form).
Don't mess with the firmware if you don't have to. Recently, yaboot and ybin were rolled into one package. The ybin installer knows how to use the nvsetenv utility to set the boot partition, and so you avoid even having to deal with OF. (Not that it's that tough, once you get the hang of it...)
I prefer, on systems that are too old to have the Option boot selector, to _remove_ (yes, remove, as in delete) the Startup Disk control panel in both OS 9 and OS X, and just use the boot selector script generated by ybin to choose the OS at start time. Just make sure your yaboot/ybin bootstrap partition is of type 'Apple_Bootstrap', so that OS 9 won't boot up and then unbless your boot loader. :)
Wrong. Try here - there is support for the old NuBus-based systems to run an actual complete Linux kernel. I have a Workgroup Server 6150/66 (basically the same as the 6100/66, but more RAM out of the box) running Debian with that kernel, and it not only runs, it's quite stable. (The 6100 does, however, require a basic MacOS install to bootstrap from - its MacOS ROM doesn't work with BootX or miBoot, so the MkLinux Booter has to be used.)
Well, you can. There are builds of the Blackdown JDK (not officially branded by Sun, but yes, they work) available for PowerPC Linux systems.