Well, the shot I saw DEFINITELY looked like an optimistically-done artist's rendering, but keep in mind that MacOS X won't natively be using X - it'll be using the Quartz display layer (somewhat similar to DPS, but based more on PDF technology). So who knows what's in store there? (I'm not saying the translucent menu thing IS there - I don't know, but I don't suppose it's beyond the realm of possibility, just takes a lot of CPU to do the alpha work...)
That's xanim, not the QuickTime for Linux project. Also, Podlipec can't get access to stuff like the Sorenson codec, because according to Sorensen, Apple won't allow them to license the codec to ANYONE else, even under NDA. Pretty sucky.
Almost lauded? I've noticed many of the luser-types patting one another on the back for their stupidity, practically reveling in it. Just plain pitiful, if you ask me.
And to Scott Kurtz - if you read this comment, I just want you to know, I looked at Player vs Player for today and yesterday - I think UF is funny (and After Y2K and Sluggy Freelance as well), but in my opinion, PvP is just weak. The "humor" completely eludes me. Maybe the latest 2 aren't representative of the entire strip (damn, I'd hope not) - but what I saw didn't bode well to me. I am NOT impressed.
At least stuff like Space Moose, while beyond being scathing, can at least make me laugh at times.
Quite right. I find that's one problem with Linux newbies, and one thing I don't like about 'em - I've had to learn a lot of stuff on my own, not having it regurgitated to me in easily-digested tidbits, but just by sitting down and starting to read the provided docs. But they think that they should be spoonfed the knowledge that we've worked to gain.
Yes, I'm ranting, maybe whining. But if you think about it, you'll probably agree that what I'm saying is true.
1) AGP has been in the kernel for quite some time.
As I said in another post, AGP is not explicitly supported in the current stable kernels, it's just used as another PCI bus (which is largely how the system treats/sees it). 2.3.x includes developing support for the special features of AGP (texture data in system RAM and (maybe?) DMA support).
No. It works as another PCI bus (which it really is - AGP is just a modified PCI bus), so AGP cards work fine, you just can't use the GART (graphics address remapping table), which is used for 3D texturing using texture data from system RAM. Support for this is in the 2.3.x kernel, but it doesn't seem to be very well-supported as yet...
I actually made this work on the "old" (old? it's not even a year old!) dual PII-450 server at work. iirc, it's a matter of adding the 'apm=smp-power-off' option - use a line like:
(Note: Below is the contents of a response I sent to abcnews.com this evening. I thought you folks might like to see it.)
The story you have posted is, if anything, bordering on being plainly false. The EFF (who provided one of the lawyers for the defense in the Dec. 29th case in Santa Monica County court) have stated, quite simply, that the encryption technology that DVD employs not only is an attempt to prevent "illegal copying" (which is ridiculous, but I'll get there in a moment), but in turn, prevent "fair use" of a purchased product under U.S. law.
Also, the theory that DVD encryption will prevent "piracy" is quite ridiculous - the kind of piracy that actually affects movie production houses and studios is the mass piracy that occurs in markets such as Hong Kong. Just copying the encrypted DVD disc image and duplicating it to other DVD discs makes perfect digital copies, _completely_ bypassing the issue of encryption.
The problem with static data encryption (like on DVDs) is that to make use of the data on the disc, it must be decrypted, and the decryption keys (which there are several of) are in the equipment and/or software for playback. Since that data must be decrypted to be used at all, and the keys are there for the finding, data encryption in this situation is actually quite pointless.
The DVD CCA is trying to prevent one thing through this court case - fair use under law, by those who have paid good money for DVD playback equipment (such as myself).
Much of the U.S. public takes serious stock in what you (as an organization) say about current events. I ask that you tell them the truth about this situation.
I am also a proud owner of one of the first boxed Debian distributions
I want to buy a boxed Debian distro, but I'm holding out for potato to go final before I do. Then, I'll buy one for myself, and I'll recommend to everyone I know who uses Debian that they do the same! (I'll also recommoend that my work buy a copy or 2 - it's for a good cause after all.)
2. A freshly installed Debian system in not as secure as it could be. Lots of open ports, named running as root and not chroot'ed, no wheel group, etc... This isn't really a problem for me since I know how to fix these problems, but leaves newbies wide open. I think Debian could learn a lot from the OpenBSD project...
This is true, but a fair amount of that can be taken care of pretty quickly - any time I setup Debian on a server, I immediately go through and disable unnecessary services in inetd.conf, and I add rules in hosts.deny/hosts.allow so that outside systems can't hit the RPC portmapper, and a wheel group isn't hard to set up.
You're quite right in saying that the newbie won't recognize this stuff, and it would certainly be nice to have all this stuff done by default, or have some sort of option during install to lock down stuff like that. Of course, someone could write a Securing a Debian Install walkthrough, too. Anyone up for it?
(Oh, and chroot'ing named/running it as root? It needs to run as root to bind port 53, and have there been 'sploits on it where chroot'ing it would be useful? I haven't heard of such things, but I'd like to know more...)
Ok, you obviously don't know the origin of the Debian distro names. Each of them has been named for a character from the original Toy Story. This practice began with our own Bruce Perens, who worked for some time on the Debian project, and who previously had worked at Pixar on the production of Toy Story. That's why they have had (and will have) names like:
Bo (Bo-Peep)
Hamm (the pig bank)
Slink (Slinky Dog)
Potato (Mr. Potato Head)
Woody
And of course, that's why their development stuff is in a directory named after Sid (the boy next door who tore apart the toys and cruelly jammed them back together into horrendous contraptions)...
PowerPCs are at the heart of (all?) IBM RS/6000s and SP (super^H^H^H^H^Hbig computers).
Not quite - the lower-end RS/6000 systems are built around PPC processors, but the mid-to-high-end RS6k's are built around IBM's POWER-series processors (with which, I believe, the PPC shares some features and lineage). The POWER CPUs are significantly meatier than the PPC.
Is Microsoft responsible because some guy wrote a little macro virus and loosed it upon the unsuspecting world by mistake?
I could almost agree with you on that one. Almost. Except, why would you allow code to be executed automatically when an e-mail is read from ANY unknown source? And provide no way to either say "Ok, I don't want these auto-execute macros to EVER be run" or "Only run auto-execute macros if the messages are from one of THESE addresses" or similar. It's really an invitation for stupid things like the Melissa worm (worm, not virus) - it facilitates such stupidity so as to make it ridiculously easy to do. Isn't this a poor design choice?
A certain percentage of computer users will never truly understand computers. Why try to force them to learn?
Well, wouldn't it be nice if things were so simple. Unfortunately, to ever be able to make real use of a tool like a general-purpose computer, you must have some understanding of what it does, and how it does it. (IMHO.) There are those who skate by without it, but they can never really master any skills. They'll always be at the mercy of the software vendors. Linux is about (IMO) getting away from being at the mercy of the vendors. Not catering to the lowest common denominator of the computer-using world - those are the kind of people who need to be spoonfed information, and who'd be better off using a Mac. (Once again, IMHO.)
You may think I'm being too hard on the general public - but the general public needs to wake up and learn to be independent again. People are getting too dependent on businesses and other people to take care of everything for them. Many of them couldn't use Linux - because they'd never take the time to read the directions and understand what they're doing, they'd much rather have everything spoonfed to them. And as I said above, for those kind of people, the Macintosh is perfect. You lose flexibility and some stability, but you get a pretty GUI that does all the "hard" stuff for you.
But you miss my point - NT 4 was evaluated (just in the past month or 2) for C2 Orange Book - it was NOT certified, only evaluated. And really, NT itself wasn't what was being evaluated - it was a _particular_ installation, on a particular system, and a certification would ONLY apply to that configuration, not any other(s). Also, in the US, C2 Orange Book is the bottom rung for security evaluation/certification. It's not exactly "high-security" stuff.
So as I said before, don't get the wrong impression of what a C2 certification (or even the UK's equivalent) really means.
Yes, because of the way the Linux camp fixed the problem versus how Microsoft did - the Linux people actually fixed the handling of the overlapping IP fragment problem. OTOH, Microsoft just tossed in some code to look for the _exact_ signature produced by teardrop and just ignore said packets - leaving it open to further similar exploits.
See, the problem isn't JUST that Microsoft is slow to fix problems like that (they are), but that in all too many instances, the "fixes" are totally half-assed - they don't actually fix the root problem, they just band-aid it. If Microsoft would learn to fix their bugs the RIGHT way, i.e. to fix the CAUSE of the problem, not the symptom, and be more prompt with their fixes, that'd give their customers one less complaint. (Okay, this particular complaint is just a proverbial drop in the bucket...)
Uhh. First of all, a C2 certification is only for one configuration - and C2 is (pretty much) the lowest security rating that the government can/will bestow. Also, NT only fits into C2 orange book (i.e., no network, no removable media) standards.
But I'll agree, it's pretty ridiculous that NT even made C2 security. (NT 4.0 with all the patches still hasn't been C2 certified - just tested.) Just don't get the wrong idea of what a C2 rating entails...
Umm. I have never had that much trouble with X and modelines. Besides, I think AccelX is crappy (crashes more than a self proclaimed better piece of software should, methinks). But hey, if you're happy, that's all that matters - I just wouldn't go recommend to everyone that they spend $100 for an X server. If you must buy an X server, at least try MetroX... (it is a whole lot less expensive)
NTFS is actually originally based on HPFS. NT used to include an IFS (installable filesystem) driver to support OS/2's HPFS partitions, IIRC. Doesn't it anymore?
Well, if you have a good understanding of these certifications, you'd realize they have a strong point - since this certification only applies to a single configuration running an install of NT 4 with SP6a, with no removable media or network devices, it doesn't mean much to the average NT admin schmuck. Even if a Linux install was C2 certified (hey, maybe VA should build a Linux system, configure it, and get it C2 certified - I bet it could make Red Book), it wouldn't mean much to ME - my Linux install isn't certified. The only thing it proves is that the OS has the potential for certification.
Remember that a C2 cert doesn't apply only to the OS - it covers the specific system, configuration and all, that the OS is installed on as well. Even if they managed to get it C2 certified on a system with no removable media and no network connection, that doesn't mean much to the average NT admincritter - Microsoft's not gonna certify their install...
Slashdot Mirror
Well, the shot I saw DEFINITELY looked like an optimistically-done artist's rendering, but keep in mind that MacOS X won't natively be using X - it'll be using the Quartz display layer (somewhat similar to DPS, but based more on PDF technology). So who knows what's in store there? (I'm not saying the translucent menu thing IS there - I don't know, but I don't suppose it's beyond the realm of possibility, just takes a lot of CPU to do the alpha work...)
That's xanim, not the QuickTime for Linux project. Also, Podlipec can't get access to stuff like the Sorenson codec, because according to Sorensen, Apple won't allow them to license the codec to ANYONE else, even under NDA. Pretty sucky.
Almost lauded? I've noticed many of the luser-types patting one another on the back for their stupidity, practically reveling in it. Just plain pitiful, if you ask me.
And to Scott Kurtz - if you read this comment, I just want you to know, I looked at Player vs Player for today and yesterday - I think UF is funny (and After Y2K and Sluggy Freelance as well), but in my opinion, PvP is just weak. The "humor" completely eludes me. Maybe the latest 2 aren't representative of the entire strip (damn, I'd hope not) - but what I saw didn't bode well to me. I am NOT impressed.
At least stuff like Space Moose, while beyond being scathing, can at least make me laugh at times.
belittling them for a lack of knowledge which is not something you are born with.
;)
I'll have you know my Unix/Linux knowledge was implanted directly in my brain shortly after my birth. So speak for yourself.
Quite right. I find that's one problem with Linux newbies, and one thing I don't like about 'em - I've had to learn a lot of stuff on my own, not having it regurgitated to me in easily-digested tidbits, but just by sitting down and starting to read the provided docs. But they think that they should be spoonfed the knowledge that we've worked to gain.
Yes, I'm ranting, maybe whining. But if you think about it, you'll probably agree that what I'm saying is true.
1) AGP has been in the kernel for quite some time.
As I said in another post, AGP is not explicitly supported in the current stable kernels, it's just used as another PCI bus (which is largely how the system treats/sees it). 2.3.x includes developing support for the special features of AGP (texture data in system RAM and (maybe?) DMA support).
No. It works as another PCI bus (which it really is - AGP is just a modified PCI bus), so AGP cards work fine, you just can't use the GART (graphics address remapping table), which is used for 3D texturing using texture data from system RAM. Support for this is in the 2.3.x kernel, but it doesn't seem to be very well-supported as yet...
I actually made this work on the "old" (old? it's not even a year old!) dual PII-450 server at work. iirc, it's a matter of adding the 'apm=smp-power-off' option - use a line like:
append = "apm=smp-power-off"
in your lilo.conf to enable it.
(Note: Below is the contents of a response I sent to abcnews.com this evening. I thought you folks might like to see it.)
The story you have posted is, if anything, bordering on being plainly false. The EFF (who provided one of the lawyers for the defense in the Dec. 29th case in Santa Monica County court) have stated, quite simply, that the encryption technology that DVD employs not only is an attempt to prevent "illegal copying" (which is ridiculous, but I'll get there in a moment), but in turn, prevent "fair use" of a purchased product under U.S. law.
Also, the theory that DVD encryption will prevent "piracy" is quite ridiculous - the kind of piracy that actually affects movie production houses and studios is the mass piracy that occurs in markets such as Hong Kong. Just copying the encrypted DVD disc image and duplicating it to other DVD discs makes perfect digital copies, _completely_ bypassing the issue of encryption.
The problem with static data encryption (like on DVDs) is that to make use of the data on the disc, it must be decrypted, and the decryption keys (which there are several of) are in the equipment and/or software for playback. Since that data must be decrypted to be used at all, and the keys are there for the finding, data encryption in this situation is actually quite pointless.
The DVD CCA is trying to prevent one thing through this court case - fair use under law, by those who have paid good money for DVD playback equipment (such as myself).
Much of the U.S. public takes serious stock in what you (as an organization) say about current events. I ask that you tell them the truth about this situation.
I am also a proud owner of one of the first boxed Debian distributions
I want to buy a boxed Debian distro, but I'm holding out for potato to go final before I do. Then, I'll buy one for myself, and I'll recommend to everyone I know who uses Debian that they do the same! (I'll also recommoend that my work buy a copy or 2 - it's for a good cause after all.)
2. A freshly installed Debian system in not as secure as it could be. Lots of open ports, named running as root and not chroot'ed, no wheel group, etc... This isn't really a problem for me since I know how to fix these problems, but leaves newbies wide open. I think Debian could learn a lot from the OpenBSD project...
This is true, but a fair amount of that can be taken care of pretty quickly - any time I setup Debian on a server, I immediately go through and disable unnecessary services in inetd.conf, and I add rules in hosts.deny/hosts.allow so that outside systems can't hit the RPC portmapper, and a wheel group isn't hard to set up.
You're quite right in saying that the newbie won't recognize this stuff, and it would certainly be nice to have all this stuff done by default, or have some sort of option during install to lock down stuff like that. Of course, someone could write a Securing a Debian Install walkthrough, too. Anyone up for it?
(Oh, and chroot'ing named/running it as root? It needs to run as root to bind port 53, and have there been 'sploits on it where chroot'ing it would be useful? I haven't heard of such things, but I'd like to know more...)
- Bo (Bo-Peep)
- Hamm (the pig bank)
- Slink (Slinky Dog)
- Potato (Mr. Potato Head)
- Woody
And of course, that's why their development stuff is in a directory named after Sid (the boy next door who tore apart the toys and cruelly jammed them back together into horrendous contraptions)...PowerPCs are at the heart of (all?) IBM RS/6000s and SP (super^H^H^H^H^Hbig computers).
Not quite - the lower-end RS/6000 systems are built around PPC processors, but the mid-to-high-end RS6k's are built around IBM's POWER-series processors (with which, I believe, the PPC shares some features and lineage). The POWER CPUs are significantly meatier than the PPC.
It means "denial of service"...
Err. Yeah. What you said. (Though I've always heard it referred to as the lowest common denominator... but hey, whatever...)
Is Microsoft responsible because some guy wrote a little macro virus and loosed it upon the unsuspecting world by mistake?
I could almost agree with you on that one. Almost. Except, why would you allow code to be executed automatically when an e-mail is read from ANY unknown source? And provide no way to either say "Ok, I don't want these auto-execute macros to EVER be run" or "Only run auto-execute macros if the messages are from one of THESE addresses" or similar. It's really an invitation for stupid things like the Melissa worm (worm, not virus) - it facilitates such stupidity so as to make it ridiculously easy to do. Isn't this a poor design choice?
A certain percentage of computer users will never truly understand computers. Why try to force them to learn?
Well, wouldn't it be nice if things were so simple. Unfortunately, to ever be able to make real use of a tool like a general-purpose computer, you must have some understanding of what it does, and how it does it. (IMHO.) There are those who skate by without it, but they can never really master any skills. They'll always be at the mercy of the software vendors. Linux is about (IMO) getting away from being at the mercy of the vendors. Not catering to the lowest common denominator of the computer-using world - those are the kind of people who need to be spoonfed information, and who'd be better off using a Mac. (Once again, IMHO.)
You may think I'm being too hard on the general public - but the general public needs to wake up and learn to be independent again. People are getting too dependent on businesses and other people to take care of everything for them. Many of them couldn't use Linux - because they'd never take the time to read the directions and understand what they're doing, they'd much rather have everything spoonfed to them. And as I said above, for those kind of people, the Macintosh is perfect. You lose flexibility and some stability, but you get a pretty GUI that does all the "hard" stuff for you.
For me, however, I'll stick with Linux.
</SOAPBOX>
But you miss my point - NT 4 was evaluated (just in the past month or 2) for C2 Orange Book - it was NOT certified, only evaluated. And really, NT itself wasn't what was being evaluated - it was a _particular_ installation, on a particular system, and a certification would ONLY apply to that configuration, not any other(s). Also, in the US, C2 Orange Book is the bottom rung for security evaluation/certification. It's not exactly "high-security" stuff.
So as I said before, don't get the wrong impression of what a C2 certification (or even the UK's equivalent) really means.
Yes, because of the way the Linux camp fixed the problem versus how Microsoft did - the Linux people actually fixed the handling of the overlapping IP fragment problem. OTOH, Microsoft just tossed in some code to look for the _exact_ signature produced by teardrop and just ignore said packets - leaving it open to further similar exploits.
See, the problem isn't JUST that Microsoft is slow to fix problems like that (they are), but that in all too many instances, the "fixes" are totally half-assed - they don't actually fix the root problem, they just band-aid it. If Microsoft would learn to fix their bugs the RIGHT way, i.e. to fix the CAUSE of the problem, not the symptom, and be more prompt with their fixes, that'd give their customers one less complaint. (Okay, this particular complaint is just a proverbial drop in the bucket...)
Uhh. First of all, a C2 certification is only for one configuration - and C2 is (pretty much) the lowest security rating that the government can/will bestow. Also, NT only fits into C2 orange book (i.e., no network, no removable media) standards.
But I'll agree, it's pretty ridiculous that NT even made C2 security. (NT 4.0 with all the patches still hasn't been C2 certified - just tested.) Just don't get the wrong idea of what a C2 rating entails...
Umm. I have never had that much trouble with X and modelines. Besides, I think AccelX is crappy (crashes more than a self proclaimed better piece of software should, methinks). But hey, if you're happy, that's all that matters - I just wouldn't go recommend to everyone that they spend $100 for an X server. If you must buy an X server, at least try MetroX... (it is a whole lot less expensive)
I don't know that Roblimo was pointing so much at the APSL or MPL/NPL, but probably (especially) as the SCSL. I think we all know why, don't we, kids?
Okay, but if the GPL gets the 1.0 rating, does that make 1.0 on that scale the "g-spot"???
Yes. I HAD to ask...
NTFS is actually originally based on HPFS. NT used to include an IFS (installable filesystem) driver to support OS/2's HPFS partitions, IIRC. Doesn't it anymore?
Well, if you have a good understanding of these certifications, you'd realize they have a strong point - since this certification only applies to a single configuration running an install of NT 4 with SP6a, with no removable media or network devices, it doesn't mean much to the average NT admin schmuck. Even if a Linux install was C2 certified (hey, maybe VA should build a Linux system, configure it, and get it C2 certified - I bet it could make Red Book), it wouldn't mean much to ME - my Linux install isn't certified. The only thing it proves is that the OS has the potential for certification.
Remember that a C2 cert doesn't apply only to the OS - it covers the specific system, configuration and all, that the OS is installed on as well. Even if they managed to get it C2 certified on a system with no removable media and no network connection, that doesn't mean much to the average NT admincritter - Microsoft's not gonna certify their install...