If 3.3.3.1 is working fine, maybe it's best to stick with what you've got. Otherwise, or if you just feel the need, jump up to 3.3.5 - I've been reasonably happy with it, although 3.9.16 definitely has that faster feel to it. Also, XFree 4 is redoing the was XFree has been doing things, not X in general - commercial X server packages (AccelX and MetroX) have been modular for awhile. It's definitely a lot cleaner way to deal with drivers.
And you can definitely do multihead with XFree 4... that'll be nice, to not have to PAY for an X server to do multihead.
Hooray! XFree 4 is on the way! It's coming slowly... but it is on the way. Look out world.
IT IS NOT X WINDOWS! It is X, or the X Window System. Not "X Windows".
You don't have to have a really expensive video card to make it seem fast - the main problem in the past that it uses a lot of RAM. XFree 4 should (by having all the major components as loadable modules) decrease its memory usage significantly. Also, XFree 4 will be a whole lot faster (3.9.16 feels much faster than 3.3.5), with the newly rearchitected XAA 2.0 layer. GL support is being integrated in the right way, as is multihead support. X makes a fine base for a GUI.
Yes, I know it doesn't support antialiased fonts... antialiasing, though pretty, is considered hackish, and I can understand why trying to implement it would be less than fun.
XFree 4 will have much better detection of devices, for basic configs (i.e., single display configurations) - especially PCI and AGP devices, which are so proliferant now. Anyone still using an ISA or VLB video card is living in the dark ages. Decent PCI video cards can be had for a song. (It's not easy to detect ISA devices, including video cards, in a sane manner...)
X can be good as a gaming platform - once DGA keyboard handling in XF 4.0-pre is cleaned up, it should be much easier, esp. considering that DGA 2.0 will allow X drawing ops to be used in a DGA context, so it would be helpful for menu UIs for games. Also, DRI for GL will allow for fast OpenGL graphics for games that use 3D rendering (this is already usable - Q3test works quite well).
A final note - X != XFree86. X is developed and maintained via The Open Group, and XFree86 is based on The Open Group's X reference codebase.
I haven't heard much noise from the Berlin Consortium in awhile now - do they actually have anything that does anything useful yet? Or are they still in the formative stages?
Oh yes. These kinds of things are always lovely ideas. They look great on paper. But you have other considerations:
Encrypted on the server, huh? If it can be encrypted, it can be decrypted too - and if it HAS to be decrypted to be used, the key has to be SOMEWHERE, SOMETIME. If someone managed to crack the central server, they could easily harvest (theoretically) MASSIVE amounts of personal information about a lot of people.
Now instead of having to have separate user ID/password or similar combinations, you only have one for everything - oh yes, that's SO much better. And users are going to magically start picking really good passwords too - yea right. Lovely idea, but if someone gets that one user ID/password pair, they can traipse about, pretending to be that person, buying goods/services in their name, not at just ONE place, but ANYWHERE that uses this service!
Like I said - looks good on paper, but in practice, it just makes it easier for those who would misuse networked systems and electronic commerce to do so.
That's the trouble with convenience - makes things more convenient for the good guys AND the bad guys!
No, you don't understand - SSL is simply an encryption layer for running data through a socket. HTTP tunnelled through an encryption layer. It has nothing to do with session management - AT ALL. Cookies are fine for storing a limited-lifetime unique identifier to temporarily associate several HTTP requests as part of a single session. It just has to be done correctly.
Bone up on how HTTP and SSL work and are connected together - then come back and we'll talk.
The only reason cookies are coming into it is because (a) the CEO of Novell is claiming someone was using his credit card number due to the number being stored in a cookie by his web browser on the disk of his machine (not likely - no reputable site, or sane webmaster, would do such a thing), and (b) because Novell has a centralized-storage system that they are hawking as a replacement for cookies (great - move any personal information from my machine, where I can make sure it's secure, or remove it if I like, to their system, where if someone cracks the centralized server, they have access to information for a LOT of people - and I have no way to verify that they're keeping up on security issues).
This is simply an advertisement for Novell's "new" technology, assisted by Ziff/Davis. I don't trust this technology - it makes me nervous. And frankly, I hope it makes EVERY DAMNED ONE of you nervous too!
No, it's a little different than that. Basically, for each processor group (Pentium, Pentium/MMX, PPro, PII, PIII, K6 and friends, K7) you'd hafta do a different build of EVERY package. That's a lot of wasted space just to support one platform. I'll agree with Wichert, and say it's pretty wasteful - may as well use the space that'd otherwise be wasted on variation-specific binary packages for x86 systems for supporting the different platforms.
IIRC, Japan also has crypto export restrictions. This puts companies like Sony and Matsushita up against a wall.
Also, since the vast majority of movies on DVD (and likely DVD-Audio discs as well) are exported from the US, I think that the cryptography restrictions may also apply to them.
Some of those [CDs] probably would have been paid for had CD-R's not been so easily accessible.
This sounds familiar. Sounds like the software industry's excuse for why every pirated copy of software counts as a "lost sale".
Listen buddy - if I get an MP3 of something, it's usually because (a) I want to hear the music before I lay down my money, because you don't get a good sampling of most CDs from radio stations (though I hate having to give my money to the RIAA - if I could just get the MP3s, and mail the $20 DIRECTLY to the band, I'd do that...), or (b) because I wouldn't have bought the CD anyway, but instead I just wanted the one track. (This doesn't count MP3s of tracks from CDs which I own.)
Please, don't apologize for the RIAA's greedy practices. They're making life hard for EVERYONE, and they don't have to - the encryption schemes aren't gonna help against the real pirates (like the guy who thought it'd be a good investment to acquire a CD/DVD duplicator, and recoups his spending by duplicating music/movies and selling the copies). MP3s aren't the real problem - but in their blind rage, the RIAA seems to be forgetting that the average customer isn't taking profits away from them.
Not like they have anything to worry about - the RIAA member companies' employees certainly aren't going without, I'd bet... and you thought your whole $20 for each CD goes to the band who put it together? Get real.
Remember who we're talking about here - this isn't the movie industry anymore, this is the MUSIC industry (headed by out friends, the RIAA). Profit? Too much is plenty! Screw the customer? Why not?
The industry is under the naive assumption that encrypting the digital data will stop anyone from ever being able to directly pull it out and manipulate it. Of course, because of the nature of a system that uses static keys, and since the data HAS to be decrypted at some point to be useful, this isn't that secure. Also, the real threat, as others have mentioned, is someone getting duplication equipment (by some unknown means) and just duplicating direct from disc - all that encryption can't stop this.
Also, strong encryption technology can't be exported (at least not without a fair amount of difficulty, AFAIK) from the US and (from what I understand) Japan as well. With the US and Japan being the primary distributing nations of said equipment and media, "munitions-grade" (hah) encryption is pretty hard to swing. Of course, since the data has to be encrypted at some time for playback, this is all immaterial - someone will figure out how to make it work, and they'll rip the digital audio stream directly from these discs. The DVD-video crack pretty much proves that. (No, Xing's error didn't CAUSE that - just sped it up.)
Even (shock horror) linux systems tend to degrade over time.
Umm. Are you kidding? I've not had this problem with Linux. I don't know anyone who can say (with a straight face, anyhow) that they have.
And if you can say that with a straight face, you don't understand the reasons WHY this happens with Windows - (a) registry corruption and (b) DLL incompatibilities (due to lack of versioning, which causes new versions to constantly be installed over other versions). In my experience, I can't help but agree with the experience reported earlier - Windows' stability goes downhill the longer it's installed.
And to the person who says that Windows' stability is influenced by the "quality" of the install, (a) it's not like you have that much control over the install process and (b) as someone else said, a perfectly stable Linux box, when booted into Windows, is not necessarily stable - I don't know that you can blame that on bad hardware...
... maybe they'll think twice before being so gullible again.
heh. We always think people will learn from their mistakes - unfortunately, it seems most people take a few rounds of getting smacked upside the head before they remember this stuff... As others have said, I expect most of the REAL Y2k problems to be strictly in the ol' wetware.
Just because you say it should be so doesn't make it so. By accepted principles of the Gregorian/Julian calendars, January 1, 2001 should be the first year of the new millennium.
I repeat - you can say what you want, but saying it doesn't make it so.
Because to the layman the big significance lies in the rollover of all the numbers, not the fact that THERE IS NO YEAR 0 - therefore 2001 is the first year of the new millennium, not 2000.
you can't make false statements about Power plants that are not true
Well, they can... but for those of us who are clued in, it certainly makes them look like morons, and misrepresenting such things to the general public is a pretty poor and unprofessional thing to do.
Show me "ClosedSSH" - you won't find it. The SSH 2.x package is under a more restrictive license, for sure (I haven't paid much attention to the original SSH 1.x license, but it must have been liberal enough for the OpenBSD folk to adopt - good thing).
just because of all the superior algorithms and stuff
Umm. only the patent-encumbered algorithms (nee IDEA and the like) were removed. Blowfish, however, is NOT encumbered (Thank you Bruce Schneier!), and is one of the encryption methods still included in OpenSSH. I think 256-bit Blowfish encryption should be strong enough for most people's purposes... don't you think???
I recommend Tera Term Pro and the TTSSH extension if you must use Windows. Or use MindTerm, which is a Java-based SSH client. I've used both, and they both work well with any SSH 1.x server. (Including OpenSSH.)
XFree is not unstable. At least, not on MY system. (Debian potato, running XFree 3.3.5, with a 3Dfx V3-2000 PCI) Also, have you ever USED XiG's X server? It's not as stable (in my experience, and from what I've heard from some others) as XiG likes to claim. At least MetroX doesn't charge as much for their X server, and they don't go out of their way to bash their competition (free or commercial). (Also, MetroX contributes to the XFree86 Project - I think that's important. Maybe you don't. XInside certainly doesn't seem to.)
If XiG would just stick to promoting THEIR product, instead of bitching about XFree, a lot of people wouldn't complain about them.
It may give them someone to bitch at, but it doesn't mean the company is listening. At least you didn't say "someone to sue if it fails"... I've heard that one before - most licenses specifically disallow legal recourse. Besides, with open-source code, if it's not doing what you want (or what it should), you can always (a) write the code yourself to make it do what you want, or (b) contract out to have the feature you need/want coded for you. (not an option for the home user, but for businesses...)
Slashdot Mirror
Well, DGA on XFree has worked fairly well, but the API was pretty minimal. DGA 2.0 (part of XFree 4) will seek to remedy that.
I've never needed a patch for my X servers to enable DGA - where did you get that idea?
If 3.3.3.1 is working fine, maybe it's best to stick with what you've got. Otherwise, or if you just feel the need, jump up to 3.3.5 - I've been reasonably happy with it, although 3.9.16 definitely has that faster feel to it. Also, XFree 4 is redoing the was XFree has been doing things, not X in general - commercial X server packages (AccelX and MetroX) have been modular for awhile. It's definitely a lot cleaner way to deal with drivers.
And you can definitely do multihead with XFree 4... that'll be nice, to not have to PAY for an X server to do multihead.
Hooray! XFree 4 is on the way! It's coming slowly... but it is on the way. Look out world.
Let me begin by saying this:
IT IS NOT X WINDOWS! It is X, or the X Window System. Not "X Windows".
You don't have to have a really expensive video card to make it seem fast - the main problem in the past that it uses a lot of RAM. XFree 4 should (by having all the major components as loadable modules) decrease its memory usage significantly. Also, XFree 4 will be a whole lot faster (3.9.16 feels much faster than 3.3.5), with the newly rearchitected XAA 2.0 layer. GL support is being integrated in the right way, as is multihead support. X makes a fine base for a GUI.
Yes, I know it doesn't support antialiased fonts... antialiasing, though pretty, is considered hackish, and I can understand why trying to implement it would be less than fun.
XFree 4 will have much better detection of devices, for basic configs (i.e., single display configurations) - especially PCI and AGP devices, which are so proliferant now. Anyone still using an ISA or VLB video card is living in the dark ages. Decent PCI video cards can be had for a song. (It's not easy to detect ISA devices, including video cards, in a sane manner...)
X can be good as a gaming platform - once DGA keyboard handling in XF 4.0-pre is cleaned up, it should be much easier, esp. considering that DGA 2.0 will allow X drawing ops to be used in a DGA context, so it would be helpful for menu UIs for games. Also, DRI for GL will allow for fast OpenGL graphics for games that use 3D rendering (this is already usable - Q3test works quite well).
A final note - X != XFree86. X is developed and maintained via The Open Group, and XFree86 is based on The Open Group's X reference codebase.
I haven't heard much noise from the Berlin Consortium in awhile now - do they actually have anything that does anything useful yet? Or are they still in the formative stages?
Like I said - looks good on paper, but in practice, it just makes it easier for those who would misuse networked systems and electronic commerce to do so.
That's the trouble with convenience - makes things more convenient for the good guys AND the bad guys!
Well, it would certainly seem so. At least, it smells that way to ME.
No, you don't understand - SSL is simply an encryption layer for running data through a socket. HTTP tunnelled through an encryption layer. It has nothing to do with session management - AT ALL. Cookies are fine for storing a limited-lifetime unique identifier to temporarily associate several HTTP requests as part of a single session. It just has to be done correctly.
Bone up on how HTTP and SSL work and are connected together - then come back and we'll talk.
The only reason cookies are coming into it is because (a) the CEO of Novell is claiming someone was using his credit card number due to the number being stored in a cookie by his web browser on the disk of his machine (not likely - no reputable site, or sane webmaster, would do such a thing), and (b) because Novell has a centralized-storage system that they are hawking as a replacement for cookies (great - move any personal information from my machine, where I can make sure it's secure, or remove it if I like, to their system, where if someone cracks the centralized server, they have access to information for a LOT of people - and I have no way to verify that they're keeping up on security issues).
This is simply an advertisement for Novell's "new" technology, assisted by Ziff/Davis. I don't trust this technology - it makes me nervous. And frankly, I hope it makes EVERY DAMNED ONE of you nervous too!
No, it's a little different than that. Basically, for each processor group (Pentium, Pentium/MMX, PPro, PII, PIII, K6 and friends, K7) you'd hafta do a different build of EVERY package. That's a lot of wasted space just to support one platform. I'll agree with Wichert, and say it's pretty wasteful - may as well use the space that'd otherwise be wasted on variation-specific binary packages for x86 systems for supporting the different platforms.
Correct me if I'm wrong, though...
Some of those [CDs] probably would have been paid for had CD-R's not been so easily accessible.
This sounds familiar. Sounds like the software industry's excuse for why every pirated copy of software counts as a "lost sale".
Listen buddy - if I get an MP3 of something, it's usually because (a) I want to hear the music before I lay down my money, because you don't get a good sampling of most CDs from radio stations (though I hate having to give my money to the RIAA - if I could just get the MP3s, and mail the $20 DIRECTLY to the band, I'd do that...), or (b) because I wouldn't have bought the CD anyway, but instead I just wanted the one track. (This doesn't count MP3s of tracks from CDs which I own.)
Please, don't apologize for the RIAA's greedy practices. They're making life hard for EVERYONE, and they don't have to - the encryption schemes aren't gonna help against the real pirates (like the guy who thought it'd be a good investment to acquire a CD/DVD duplicator, and recoups his spending by duplicating music/movies and selling the copies). MP3s aren't the real problem - but in their blind rage, the RIAA seems to be forgetting that the average customer isn't taking profits away from them.
Not like they have anything to worry about - the RIAA member companies' employees certainly aren't going without, I'd bet... and you thought your whole $20 for each CD goes to the band who put it together? Get real.
Remember who we're talking about here - this isn't the movie industry anymore, this is the MUSIC industry (headed by out friends, the RIAA). Profit? Too much is plenty! Screw the customer? Why not?
The industry is under the naive assumption that encrypting the digital data will stop anyone from ever being able to directly pull it out and manipulate it. Of course, because of the nature of a system that uses static keys, and since the data HAS to be decrypted at some point to be useful, this isn't that secure. Also, the real threat, as others have mentioned, is someone getting duplication equipment (by some unknown means) and just duplicating direct from disc - all that encryption can't stop this.
Also, strong encryption technology can't be exported (at least not without a fair amount of difficulty, AFAIK) from the US and (from what I understand) Japan as well. With the US and Japan being the primary distributing nations of said equipment and media, "munitions-grade" (hah) encryption is pretty hard to swing. Of course, since the data has to be encrypted at some time for playback, this is all immaterial - someone will figure out how to make it work, and they'll rip the digital audio stream directly from these discs. The DVD-video crack pretty much proves that. (No, Xing's error didn't CAUSE that - just sped it up.)
I hadn't noticed till you mentioned it... but now that I look at it again, you're right. It certainly does look that way. An intentional jab? :)
Even (shock horror) linux systems tend to degrade over time.
Umm. Are you kidding? I've not had this problem with Linux. I don't know anyone who can say (with a straight face, anyhow) that they have.
And if you can say that with a straight face, you don't understand the reasons WHY this happens with Windows - (a) registry corruption and (b) DLL incompatibilities (due to lack of versioning, which causes new versions to constantly be installed over other versions). In my experience, I can't help but agree with the experience reported earlier - Windows' stability goes downhill the longer it's installed.
And to the person who says that Windows' stability is influenced by the "quality" of the install, (a) it's not like you have that much control over the install process and (b) as someone else said, a perfectly stable Linux box, when booted into Windows, is not necessarily stable - I don't know that you can blame that on bad hardware...
... maybe they'll think twice before being so gullible again.
heh. We always think people will learn from their mistakes - unfortunately, it seems most people take a few rounds of getting smacked upside the head before they remember this stuff... As others have said, I expect most of the REAL Y2k problems to be strictly in the ol' wetware.
2000 should be the start of the 21st century.
Just because you say it should be so doesn't make it so. By accepted principles of the Gregorian/Julian calendars, January 1, 2001 should be the first year of the new millennium.
I repeat - you can say what you want, but saying it doesn't make it so.
Because to the layman the big significance lies in the rollover of all the numbers, not the fact that THERE IS NO YEAR 0 - therefore 2001 is the first year of the new millennium, not 2000.
I think Kaa's Law applies here. (don't you?)
you can't make false statements about Power plants that are not true
Well, they can... but for those of us who are clued in, it certainly makes them look like morons, and misrepresenting such things to the general public is a pretty poor and unprofessional thing to do.
Seriously, why does the US even bother with cryptographic export laws
:)
I think we Americans ask ourselves that regularly.
I'll continue to use ClosedSSH
Show me "ClosedSSH" - you won't find it. The SSH 2.x package is under a more restrictive license, for sure (I haven't paid much attention to the original SSH 1.x license, but it must have been liberal enough for the OpenBSD folk to adopt - good thing).
just because of all the superior algorithms and stuff
Umm. only the patent-encumbered algorithms (nee IDEA and the like) were removed. Blowfish, however, is NOT encumbered (Thank you Bruce Schneier!), and is one of the encryption methods still included in OpenSSH. I think 256-bit Blowfish encryption should be strong enough for most people's purposes... don't you think???
I recommend Tera Term Pro and the TTSSH extension if you must use Windows. Or use MindTerm, which is a Java-based SSH client. I've used both, and they both work well with any SSH 1.x server. (Including OpenSSH.)
Umm. I like Linux just fine... but are you mental? Linux still has a ways to go before it's the 3D platform of choice.
Uhh. Nope. Are you thinking or Precision Insight?
XFree is not unstable. At least, not on MY system. (Debian potato, running XFree 3.3.5, with a 3Dfx V3-2000 PCI) Also, have you ever USED XiG's X server? It's not as stable (in my experience, and from what I've heard from some others) as XiG likes to claim. At least MetroX doesn't charge as much for their X server, and they don't go out of their way to bash their competition (free or commercial). (Also, MetroX contributes to the XFree86 Project - I think that's important. Maybe you don't. XInside certainly doesn't seem to.)
If XiG would just stick to promoting THEIR product, instead of bitching about XFree, a lot of people wouldn't complain about them.
It may give them someone to bitch at, but it doesn't mean the company is listening. At least you didn't say "someone to sue if it fails"... I've heard that one before - most licenses specifically disallow legal recourse. Besides, with open-source code, if it's not doing what you want (or what it should), you can always (a) write the code yourself to make it do what you want, or (b) contract out to have the feature you need/want coded for you. (not an option for the home user, but for businesses...)