I am not, and have never been, a tart. But enough about me.
Doesn't Vista provide encryption services for user data (and, if it doesn't, how in blazes will it sell into SOX compliant shops)? And, will that be done with a standard (has Microsoft revealed the details of NTFS yet)? If the data has been so encrypted, which is needed for many applications (and, indeed, is required), and the OS is then deactivated, what happens? Is the data recoverable? Will backups be usable after all organizations Vista are deactivated? Isn't Iron Mountain recommending encryption on backup tapes?
Just wondering. I wonder how much a guarantee on keeping a Vista installation alive will cost. Its probably just cheaper to replace the hardware, and OS... but the track record there isn't very good either. I stil use QIC tapes for backup (my old stuff, data retension is quite good). And I can't even find an XP driver.
And maybe I should consider tarting up my posts.
Notice though, that I am POSITIVE that Vista will have a good take-up. People and organizations will find ways around these problems (although I am getting paranoid, one too many stories of leaked/stolen/lost data for my liking). I just don't like my PERSONAL costs for compliance using this technology. But I am still buying MSFT!
Like I said, I am a cynic. Obviously a tarted up cynic! Thanks.
Ratboy.
PS. I may not look like a fool, but I am one anyway. So, take this post with a grain of salt, YMMV.
"Linux is harder to set up, thus it will be more expensive for governments to switch over to linux because it takes more time to set it up. Whereas with Windows, after being in the market for so long and having a lot of people at least be exposed to it once or twice in their lifetime, will not require as much time compared to linux. Therefore it is cheaper to use Windows both in the long term and short term.
Once linux has the same support, features, ease-of-use as Windows has then it has a chance of succeeding and taking a good chunk of market share. But as linux continues to be protrayed as the geekdom of software, it will not be a cheaper solution to Windows."
1 - Linux is harder to set up. No. Since there isn't a registry, or machine locking, it is very easy to create a single bootable image and deploy. Indeed, only a bootloader need be present on the client machines.
2 - Windows has been in the market longer. No, Unix has. And Linux is a reimplementation of Unix.
3 - You conclusion based on these two facts. Neither of the facts holds up.
4 - Once linux has the same support, features, ease-of-use as Windows has then it has a chance of succeeding... "Linux" has arguably BETTER support, more features, and (because of lock-down), better "ease of use" (in a library environment). Linux is in quotes, because we must talk about a particular distribution -- Linux is just a kernel.
5 - linux continues to be protrayed as the geekdom of software. This may be true. But, you will find Linux in your router, in your TV, etc. more often than Windows. And, it has nothing to do with your conclusion (being a "cheaper" solution than Windows). Linux *is* cheaper because there don't have to be license fees (all other things being equal).
Personally, I don't care if Birmingham uses Microsoft Windows, Suse Linux, or IBM OS/2. But, of those, the ONLY choice that may be benefical to me is Suse. The reason? Birmingham may have been in the position to contribute back to the pool (with code, documentation, artwork, or something else). Since they have elected to REMOVE themselves from the pool, they cannot participate; will not receive the benefit, and (worse); I will not receive the reciprocal benefit.
This saddens me -- I would like to see the feedback of a few large public installations.
The one thing YOU should learn is: Linux does not compete with Windows. Asserting that is ludicrous. Suse or Redhat (etc) may compete with Microsoft, though. "Linux" and "OSS" welcomes participation -- without which it couldn't survive. OSS here is deeper than money; we will mourn the lost contribution of Birmingham; its too bad that they aren't going to make the next vital contributions in "library and government usability in OSS". But someone else will take up the gauntlet. That's the beauty of OSS.
Yes, the US *could* either try (1) to make imports from Antigua illegal, or (2) to try to impose tariffs on such goods.
In any case, Antigua can still sell to other countries. Also, the law or the tariff can come under judgement from the WTO again -- and, again, the US would lose.
And continue to ignore the WTO (Canada and the softwood lumber dispute -- its happened before)
Yes, the WTO may be seen as "toothless" by the US, but understand that Europe and China could simply aquire Microsoft/Disney/... goods through Antigua. These companies would be hurthing bad... and the hurting will be put back into policy. Soften up on the gambling; that's Antigua's livelyhood. Or, eliminate on-line gambling. Take your pick, US, you can't have both.
No. I worked in the group at SUN that offered the "application guarantee". As an ISP, run your application through a standard tool -- if it passes the ABI, then its SUNs problem if it doesn't work on future OS releases.
Solaris wins. As a server OS, you arguably can't get better.
And when it's GPL'd, *and* still SUN supported, it'll be better. POSIX and other standards are not to be trifled with...
A log of people are going to jump on you about needing to accept the GPL.
Copyright doesn't give "fair use rights". Copyright grants NOTHING of the sort to the "user". At least not in my jurisdiction (Canada) and I really don't think so in the USA either.
Copyright RESERVES the right to copy to the copyright holder. And (very important) produce derivative works.
You can use the thing in whatever way you want, as long as that doesn't involve copying. That would include the ability to sell the thing, etc.
Some copyright holders have been working to get "rent" out of the things you can do.
"I'm no fan of EULAs or any software licensing (not even the GPL) because I feel they don't really give you much room to negotiate a contract to your terms."
Please. You don't have to accept the GPL to use the software. Hows that for a negotiation? Let me give you the text of the negotiation, and its outcome.
dada21: I like this software. Can I have it? GPL: Certainly. Free to use. Only it comes with the "GPL". dada21: I don't like EULAs and licenses. I won't accept the license! GPL: Ok, use the program.
The other negotiation is:
dada21: I like this software. Can I have it? GPL: Certainly. Free to use. Only it comes with the "GPL". dada21: I don't like EULAs and licenses. But I will accept the license! GPL: Ok, use the program. And you can publish it too -- as long as you pass on the "GPL"!
How much more room do you need? You can use the software WHETHER OR NOT you accept the GPL!
The other point is: 100 USD is worth a few hours. Figuring that its after expenses and taxes, the gross needed to clear 100 USD is 200 USD (around). It takes me a few hours to make that! I'm going for the refund next time I buy name-brand!
I don't know. This argument keeps getting floated. (and it always seems to be the programmers fault -- figure that).
Let's go to the car analogy. Just because I feel like it.
Your wife decides to purchase aftermarket transmission. Does she now install this herself? I presume she knows all about the mechanisms in the transmission (presuming your wife is not an auto mechanic).
Play around in the GUI, hoping to fix a problem. Without really understanding the problem, I presume.
I presume a lot, I guess. I KNOW that I wouldn't touch my transmission. Even though I KNOW what makes it tick. Mostly because I am not an experienced mechanic. And if I WERE to try to install it, and it DIDN'T WORK, I would... obviously (back to the computer thing)... blame the card manufacturer or the transmission manufacturer... for not making it easier to install.
And if I were actually able to get the thing in, AND the car still worked, but it dropped onto the highway at speed, obviously I would blame... well, everyone else again.
Just sayin'
Since we are not trying to sell "Linux" to anyone (Novell, Redhat, etc are, but its not "Linux" they are selling, simply an OS based on the Linux kernel) -- we can take the correct path. Setting up a binary only driver is tough? You betcha. And it stays that way, until the vendors cooperate more fully. Note with your money (for instance, buy Intel graphics).
First, we are going to freeze (when I was younger, THAT was the rage). Now, we are going to cook. I guess we solved the freezing thing... that's good isn't it?
First, we have overpopulation, now, I read about underpopulation (in the country I live in).
Its one swing and another.
Now, I am old and jaded. "Go study that" I say. Hubris, I think.
Many companies feel secure after installing Symantec, or subscribing. "It is now secure..."
In a way, Symantec is trying to provide "good enough" security, without providing security at all in a real sense.
An example (real, but the names have been changed to protect the not-so-innocent), A governemnt organization keeps donor records for transplants. The information is promised to be "completely confidential". And yet, I receive a letter that the information has been leaked. They are not sure if it is a specific leak, or a byproduct. Someone simply broke a window of a building at night, and took a computer. Physically. The reactive measures? (1) inform everyone who is on that list, or has a relative on the list that this has happened, (2) put bars on the windows, and take other measures to increase physical security.
I am sure that the agency emplyed Symantec (or equivalent, I don't know which AV solution), but it didn't really help with data loss, did it? If this WERE a directed attack on data assets (and it may have been -- security was so lax that it was impossible to even know); against "completely confidential" information... And this is the "low hanging fruit".
And there is the weakness: "If an admin knows", Deepsite "Enabling proactive protection through the rapid delivery of actionable Early Warning security information".
An interesting use of the word "proactive" in computer security. In my books, that is STILL reactive to threats. The reaction is to send out "early" warnings. Again, useless against a directed attack.
And what would such an attack look like? Comission a scan of a binary (say), fuzzing it. Not reporting the results, but using this as an attack vector against a SINGLE company, with the objective being specific (money, disruption, whatever).
And how does Symantec guard against this? The only solution is a truly proactive security policy (security is not a product, it is a process). The organization needs to have its methods surveyed, looking for potential problems -- if a breakin occurs, how much damage could it do? Assume that XYZ software is flawed, and assess the impact. Build an architecture that will withstand this attack.
AFAIK, Symantec does not offer this service (it would be expensive). Maybe they plan to; "Deepsite" isn't it.
The Internet is merely one of the threat vectors in an organization. Others, in the "directed" sense, are still more deadly. "Social Engineering", disaster response, etc. are still valid vectors.
For example, if I wanted data from your organization, what would happen if I staged a fire alarm, or fire? Would that unlock areas, or remove key people? During a fire, would people have the sense of mind to log out workstations, or could I sneak in and install keyloggers then?
Remember, the Symantec CEO was talking about specific directed attacks with purpose. The good news? Maybe the nuisance "psuedo-attacks" I suffer from may finally go away. They just waste bandwidth (unless that is the purpose).
Symantec security is reactive, not proactive. Which means its quite useless against specific directed attacks.
After all, AV signature is only generated AFTER the V is seen in the wild.
What we are talking about here would be very directed V (and other attack vectors). There are solutions, but the only way the Symantec can offer them is by converting to a service (not product) model.
That's putting your foot in your mouth, CEO...
Unless, of course, Symantec comes up with a proactive product solution (as much as I would wish for this, I am not holding my breath).
I don't use knoppix, but I have the CD here. I am willing to help you resolve this.
I don't have an HP OfficeJet -- just laser, but I do have one attached to a Linux box w/ USB for data.
For a number of reasons, I use Windows to drive the printer:
Fedora Core 5 running VMware Server, running Windows XP SP2, running HP printer/scanner/fax driver. The printer is then shared out (via SMB) to another Fedora Core 5 box, which then re-exports the printer queue as CUPS and LPD queues (for Linux/Solaris x86/Sparc).
When the printer is plugged in, VMware (under Linux) detects it, and offers to publish the USB device to the contained XP instance.
I will bring down the server box, and boot Knppix 4 on it, and install the USB printer -- and send you the results.
Email me -- my email address is fred_weigel (at) hotmail (dot) com
"The ultimate test for me, and one that I ask people going into linux is: "yeah ok, but just try to print a file." I gave up on this more than once due to time constraints, but I'm sure it can be done."
Print a file -- Fedora Core 5 (no particular reason, I am sitting at a Fedora Core 5 workstation now). And, I don't think you mean "print a file"; I have translated to "set up a printer".
Goal: Print to a Windows XP shared HP 3015 printer, from Fedora Core 5 Steps: (Click or enter data) -- annotated here
Click: System/Administration/Printing -- Printer Administration Enter: Enter root password to dialog -- This is priviledged Click: New -- Want a new printer Click: Forward -- Wizard dialog Enter: Name: printer -- Name the new printer Click: Select Queue Type: Networked Windows -- Its networked, on the XP box Click: WORKGROUP -- Workgroup name Click: TRITON -- XP machine name Click: lj-pcl5e -- name of printer on XP box Click: Generic -- general driver class Click: PCL 5e -- specific driver Click: Finish -- We are done Click: Print Test Page: Yes -- generally, good to test it Click: Default -- This is the default printer Click: X (Close) -- Done Click: Save (changes) -- Yes, save the changes
Print in OpenOffice, Firefox, etc. will work.
And how is this the acid test of Linux? The only thing that is different from XP is that the printer driver itself isn't downloaded automagically.
I was intending to moderate here, but have been insired to rant instead.
RANT...
What do you think "Linux" is? What I don't understand is why article writers tread over the same ground again and again and again...
I do know - its got to be cheap copy.
To answer the question I asked above - Linux is a free Unix style kernel, developed co-operatively. It does not "compete" with Microsoft Windows. Because of its licensing, companies can take this kernel, and sell it, either alone, or combined with other products.
If "Linux" actually competes with Microsoft, I would be very worried about Microsoft. Redhat, Novell, etc. can compete with Microsoft. Which makes the events of earlier in the week (Microsoft supporting Novell) interesting.
Is the "average end user" concerned with Linux? Why would she be?
I typically tell people - You will know both when and why, if you are interested in using Linux. If you don't know, then it really doesn't matter; if Windows works for you, use it (after all, you paid for it).
As to "hardware support" -- the Linux kernel supports MUCH more hardware than the Windows kernel. Do you want to put it to the test? Linux supports most network, sound, USB, etc. SATA, IDE, etc. adaptors, Without a single external driver needed. No "binary downloads", no "driver building", no hassles. My classic example is the QIC Travan 1 drive I use for "permanent" backup. I don't trust most CD or DVD writable media, and prefer to use QIC tapes for project backup. Supported "out of the box" by the Linux kernel. Windows XP support? I have yet to find it. Even though the drives were orginally sold as "DOS/Windows ONLY".
And, I DON'T trust a binary-only USB 2 driver that comes with a mainboard from a no-name manufacturer in Taiwan. I much prefer to have a source reviewed driver in the kernel.
I think that "Linux users" break into several camps -- (1) those that know why they have chosen Linux, (2) those that just want to "play", (3) those that are "forced" to use it.
Camp (3) includes embedded applications (ATI chip based TVs, TiVOs, etc.), and locked down desktops, and servers.
People who just want to "play" are going to be fickle anyway, by definition. Encourage them to use Windows; unlike the first camp, they are unlikely to contribute to the commons, and giving them "free support" drains valuable resources.
But, I still prefer "open source". Profit is not the issue. If someone I trust has a look, its good enough. And I don't trust most vendors.
I personally don't read all the code; not enough time, but I do prefer if it is possible, and if I can get a proxy to do it. I don't run "binary only" software, unless it is in a sandbox (and not directly connected to the internet or internal network).
FYI: Anything published is pretty much under copyright.
Sure, distribute the codecs (or whatever) in binary form -- but I assert it is negligent to run a binary only program, unless you trust the vendor/supplier (if you are connected via high-speed link to the internet).
I don't care if is a codec, or a major application. Its just wrong.
Again, FYI: As long as this is the custom, you will see malware of various sorts.
When you buy a new computer, it comes with XP. On the hard disk. Without a manual. Really.
My nanny just bought an Acer laptop. It did come with a "quick start guide".
Nothing about security. Although XP does pop up a dialog asking you to install anti-something-ware software. And natters about using unencrypted wireless links.
So for you points 2 and 3, the vendors are to blame. For point 1? I believe that the warning that you are using an unsecured wireless connection is probably just fine.
Generally, I'll blaim the vendors. Not only are MANUALS not packed, but even CDs are omitted on shipping. How is the "average user" supposed to know? Intuition? I guess they are supposed to read the fine dialogs, and resolve these issues at that time. I guess the vendors take the easy road and throw in "Norton Antivirus" to get rid of the nagging.
It won't work. A "web of trust" model is good -- within a small group.
However, people should NOT rate trust relationships for businesses. And why should we? Indeed, the correct trust relationship is "I can't/don't trust you". Any company that has let unencrypted backup data out the door, that has sold customer information, etc. would be "don't trust". How are the other companies (could trust) enter a trust relationship? Their process in handling information would need to be audited. By the person contemplating the trust relationship. Which won't happen (or shouldn't happen).
For business I have to use the "military" meaning of trust -- I can't avoid giving trust to the business. They *could* fuck me over; the only choice I have is not to do business with them.
My mentioning of Apple was an analogy. Yes, "Second Life" has an Apple client.
Now, I went to "secondlife.com". From there, I went to "system requirements". I wish to quote:
"PC Minimum System Requirements:
* Internet Connection*: Cable or DSL
* Operating System: Windows XP (Service Pack 2)
o OR Windows 2000 (Service Pack 4)
* Computer Processor: 800MHz Pentium III or Athlon, or better
* Computer Memory: 256MB or better
* Video/Graphics Card**:
o nVidia GeForce 2, GeForce 4mx, or better
o OR ATI Radeon 8500, 9250, or better"
Does that mention Linux? BSD? Solaris perhaps? I'll make it simple. It doesn't.
Now, YOU may have time to explore the Second Life website, search Google, etc. looking for alternate clients. I don't. Nor do many other developers and admins. We will go to secondlife.com, have a look, and leave. I am still not going to try the linux client on Solaris. Or on Linux -- its closed source; I don't trust "Linden"; its alpha level. Nor is there a description of what the software actually does, or what security risks it entails. Not even enough information to make an educated guess.
Some marketing persons "wet dream". And, yes, I am a server wonk.
I still do a lot of SUN engagements. A lot of SUN code. Even Java.
I don't really do Windows (I have one copy of XP running in a VMware container). I can't do "Second Life" -- went to their website, and discovered that it's Windows or Mac only. No Solaris, no Java, not even "Mono". No Sparc. Not even Linux.
Sure, they may get people into the conference; but they have lost the platform COMPLETELY. I guess that buying a computer, OS, and Second Life is probably cheaper than the conference. For additional training? I don't know. I just don't know this technology at all.
Imagine if Apple forces ALL their loyal users to buy another computer AND Windows to participate in Apple training...
Slashdot Mirror
avxo
I am not, and have never been, a tart. But enough about me.
Doesn't Vista provide encryption services for user data (and, if it doesn't, how in blazes will it sell into SOX compliant shops)? And, will that be done with a standard (has Microsoft revealed the details of NTFS yet)? If the data has been so encrypted, which is needed for many applications (and, indeed, is required), and the OS is then deactivated, what happens? Is the data recoverable? Will backups be usable after all organizations Vista are deactivated? Isn't Iron Mountain recommending encryption on backup tapes?
Just wondering. I wonder how much a guarantee on keeping a Vista installation alive will cost. Its probably just cheaper to replace the hardware, and OS... but the track record there isn't very good either. I stil use QIC tapes for backup (my old stuff, data retension is quite good). And I can't even find an XP driver.
And maybe I should consider tarting up my posts.
Notice though, that I am POSITIVE that Vista will have a good take-up. People and organizations will find ways around these problems (although I am getting paranoid, one too many stories of leaked/stolen/lost data for my liking). I just don't like my PERSONAL costs for compliance using this technology. But I am still buying MSFT!
Like I said, I am a cynic. Obviously a tarted up cynic! Thanks.
Ratboy.
PS. I may not look like a fool, but I am one anyway. So, take this post with a grain of salt, YMMV.
Bottom line... Microsoft is doing "on the fly encryption". That is what signing of kernel modules is all about.
Bottom line... Microsoft will not be selling Vista, simply licensing its use. The ability to disable Vista will be there.
Bottom line... I hope that this does help stem unlicensed Windows installations, and makes Microsoft more profitable. After all, I am a shareholder.
Bottom line... I won't trust any of my data to Vista. Indeed, I only have a single instance of XP firewalled and secured for some specific purposes.
You may trust your data to Vista -- that is your decision. I believe that many will, which is why I am bullish on Microsoft stock.
Why YES, I AM a cynic!
Ratboy
in your statement:
"Linux is harder to set up, thus it will be more expensive for governments to switch over to linux because it takes more time to set it up. Whereas with Windows, after being in the market for so long and having a lot of people at least be exposed to it once or twice in their lifetime, will not require as much time compared to linux. Therefore it is cheaper to use Windows both in the long term and short term.
Once linux has the same support, features, ease-of-use as Windows has then it has a chance of succeeding and taking a good chunk of market share. But as linux continues to be protrayed as the geekdom of software, it will not be a cheaper solution to Windows."
1 - Linux is harder to set up. No. Since there isn't a registry, or machine locking, it is very easy to create a single bootable image and deploy. Indeed, only a bootloader need be present on the client machines.
2 - Windows has been in the market longer. No, Unix has. And Linux is a reimplementation of Unix.
3 - You conclusion based on these two facts. Neither of the facts holds up.
4 - Once linux has the same support, features, ease-of-use as Windows has then it has a chance of succeeding... "Linux" has arguably BETTER support, more features, and (because of lock-down), better "ease of use" (in a library environment). Linux is in quotes, because we must talk about a particular distribution -- Linux is just a kernel.
5 - linux continues to be protrayed as the geekdom of software. This may be true. But, you will find Linux in your router, in your TV, etc. more often than Windows. And, it has nothing to do with your conclusion (being a "cheaper" solution than Windows). Linux *is* cheaper because there don't have to be license fees (all other things being equal).
Personally, I don't care if Birmingham uses Microsoft Windows, Suse Linux, or IBM OS/2. But, of those, the ONLY choice that may be benefical to me is Suse. The reason? Birmingham may have been in the position to contribute back to the pool (with code, documentation, artwork, or something else). Since they have elected to REMOVE themselves from the pool, they cannot participate; will not receive the benefit, and (worse); I will not receive the reciprocal benefit.
This saddens me -- I would like to see the feedback of a few large public installations.
The one thing YOU should learn is: Linux does not compete with Windows. Asserting that is ludicrous. Suse or Redhat (etc) may compete with Microsoft, though. "Linux" and "OSS" welcomes participation -- without which it couldn't survive. OSS here is deeper than money; we will mourn the lost contribution of Birmingham; its too bad that they aren't going to make the next vital contributions in "library and government usability in OSS". But someone else will take up the gauntlet. That's the beauty of OSS.
Ratboy.
FYI
A lot of "server" grade hardware supports multiple PCI busses to eliminate this problem.
Not quite.
Yes, the US *could* either try (1) to make imports from Antigua illegal, or (2) to try to impose tariffs on such goods.
In any case, Antigua can still sell to other countries. Also, the law or the tariff can come under judgement from the WTO again -- and, again, the US would lose.
And continue to ignore the WTO (Canada and the softwood lumber dispute -- its happened before)
Yes, the WTO may be seen as "toothless" by the US, but understand that Europe and China could simply aquire Microsoft/Disney/... goods through Antigua. These companies would be hurthing bad... and the hurting will be put back into policy. Soften up on the gambling; that's Antigua's livelyhood. Or, eliminate on-line gambling. Take your pick, US, you can't have both.
Ratboy
Best in the business?
No. I worked in the group at SUN that offered the "application guarantee". As an ISP, run your application through a standard tool -- if it passes the ABI, then its SUNs problem if it doesn't work on future OS releases.
Solaris wins. As a server OS, you arguably can't get better.
And when it's GPL'd, *and* still SUN supported, it'll be better. POSIX and other standards are not to be trifled with...
Ratboy.
A log of people are going to jump on you about needing to accept the GPL.
Copyright doesn't give "fair use rights". Copyright grants NOTHING of the sort to the "user". At least not in my jurisdiction (Canada) and I really don't think so in the USA either.
Copyright RESERVES the right to copy to the copyright holder. And (very important) produce derivative works.
You can use the thing in whatever way you want, as long as that doesn't involve copying. That would include the ability to sell the thing, etc.
Some copyright holders have been working to get "rent" out of the things you can do.
Ratboy
"I'm no fan of EULAs or any software licensing (not even the GPL) because I feel they don't really give you much room to negotiate a contract to your terms."
Please. You don't have to accept the GPL to use the software. Hows that for a negotiation? Let me give you the text of the negotiation, and its outcome.
dada21: I like this software. Can I have it?
GPL: Certainly. Free to use. Only it comes with the "GPL".
dada21: I don't like EULAs and licenses. I won't accept the license!
GPL: Ok, use the program.
The other negotiation is:
dada21: I like this software. Can I have it?
GPL: Certainly. Free to use. Only it comes with the "GPL".
dada21: I don't like EULAs and licenses. But I will accept the license!
GPL: Ok, use the program. And you can publish it too -- as long as you pass on the "GPL"!
How much more room do you need? You can use the software WHETHER OR NOT you accept the GPL!
The other point is: 100 USD is worth a few hours. Figuring that its after expenses and taxes, the gross needed to clear 100 USD is 200 USD (around). It takes me a few hours to make that! I'm going for the refund next time I buy name-brand!
Ratboy
I don't know. This argument keeps getting floated. (and it always seems to be the programmers fault -- figure that).
Let's go to the car analogy. Just because I feel like it.
Your wife decides to purchase aftermarket transmission. Does she now install this herself? I presume she knows all about the mechanisms in the transmission (presuming your wife is not an auto mechanic).
Play around in the GUI, hoping to fix a problem. Without really understanding the problem, I presume.
I presume a lot, I guess. I KNOW that I wouldn't touch my transmission. Even though I KNOW what makes it tick. Mostly because I am not an experienced mechanic. And if I WERE to try to install it, and it DIDN'T WORK, I would... obviously (back to the computer thing)... blame the card manufacturer or the transmission manufacturer... for not making it easier to install.
And if I were actually able to get the thing in, AND the car still worked, but it dropped onto the highway at speed, obviously I would blame... well, everyone else again.
Just sayin'
Since we are not trying to sell "Linux" to anyone (Novell, Redhat, etc are, but its not "Linux" they are selling, simply an OS based on the Linux kernel) -- we can take the correct path. Setting up a binary only driver is tough? You betcha. And it stays that way, until the vendors cooperate more fully. Note with your money (for instance, buy Intel graphics).
YMMV
Ratboy
But its always something.
First, we are going to freeze (when I was younger, THAT was the rage). Now, we are going to cook. I guess we solved the freezing thing... that's good isn't it?
First, we have overpopulation, now, I read about underpopulation (in the country I live in).
Its one swing and another.
Now, I am old and jaded. "Go study that" I say. Hubris, I think.
Ratboy
And why I want Symantec to go this route...
Many companies feel secure after installing Symantec, or subscribing. "It is now secure..."
In a way, Symantec is trying to provide "good enough" security, without providing security at all in a real sense.
An example (real, but the names have been changed to protect the not-so-innocent), A governemnt organization keeps donor records for transplants. The information is promised to be "completely confidential". And yet, I receive a letter that the information has been leaked. They are not sure if it is a specific leak, or a byproduct. Someone simply broke a window of a building at night, and took a computer. Physically. The reactive measures? (1) inform everyone who is on that list, or has a relative on the list that this has happened, (2) put bars on the windows, and take other measures to increase physical security.
I am sure that the agency emplyed Symantec (or equivalent, I don't know which AV solution), but it didn't really help with data loss, did it? If this WERE a directed attack on data assets (and it may have been -- security was so lax that it was impossible to even know); against "completely confidential" information... And this is the "low hanging fruit".
Which Symantec service helps with this?
YMMV
Ratboy.
And there is the weakness: "If an admin knows", Deepsite "Enabling proactive protection through the rapid delivery of actionable Early Warning security information".
An interesting use of the word "proactive" in computer security. In my books, that is STILL reactive to threats. The reaction is to send out "early" warnings. Again, useless against a directed attack.
And what would such an attack look like? Comission a scan of a binary (say), fuzzing it. Not reporting the results, but using this as an attack vector against a SINGLE company, with the objective being specific (money, disruption, whatever).
And how does Symantec guard against this? The only solution is a truly proactive security policy (security is not a product, it is a process). The organization needs to have its methods surveyed, looking for potential problems -- if a breakin occurs, how much damage could it do? Assume that XYZ software is flawed, and assess the impact. Build an architecture that will withstand this attack.
AFAIK, Symantec does not offer this service (it would be expensive). Maybe they plan to; "Deepsite" isn't it.
The Internet is merely one of the threat vectors in an organization. Others, in the "directed" sense, are still more deadly. "Social Engineering", disaster response, etc. are still valid vectors.
For example, if I wanted data from your organization, what would happen if I staged a fire alarm, or fire? Would that unlock areas, or remove key people? During a fire, would people have the sense of mind to log out workstations, or could I sneak in and install keyloggers then?
Remember, the Symantec CEO was talking about specific directed attacks with purpose. The good news? Maybe the nuisance "psuedo-attacks" I suffer from may finally go away. They just waste bandwidth (unless that is the purpose).
YMMV
Ratboy
Symantec security is reactive, not proactive. Which means its quite useless against specific directed attacks.
After all, AV signature is only generated AFTER the V is seen in the wild.
What we are talking about here would be very directed V (and other attack vectors). There are solutions, but the only way the Symantec can offer them is by converting to a service (not product) model.
That's putting your foot in your mouth, CEO...
Unless, of course, Symantec comes up with a proactive product solution (as much as I would wish for this, I am not holding my breath).
Ratboy.
Ok
I don't use knoppix, but I have the CD here. I am willing to help you resolve this.
I don't have an HP OfficeJet -- just laser, but I do have one attached to a Linux box w/ USB for data.
For a number of reasons, I use Windows to drive the printer:
Fedora Core 5 running VMware Server, running Windows XP SP2, running HP printer/scanner/fax driver. The printer is then shared out (via SMB) to another Fedora Core 5 box, which then re-exports the printer queue as CUPS and LPD queues (for Linux/Solaris x86/Sparc).
When the printer is plugged in, VMware (under Linux) detects it, and offers to publish the USB device to the contained XP instance.
I will bring down the server box, and boot Knppix 4 on it, and install the USB printer -- and send you the results.
Email me -- my email address is fred_weigel (at) hotmail (dot) com
Ratboy
"The ultimate test for me, and one that I ask people going into linux is: "yeah ok, but just try to print a file." I gave up on this more than once due to time constraints, but I'm sure it can be done."
Print a file -- Fedora Core 5 (no particular reason, I am sitting at a Fedora Core 5 workstation now). And, I don't think you mean "print a file"; I have translated to "set up a printer".
Goal: Print to a Windows XP shared HP 3015 printer, from Fedora Core 5
Steps: (Click or enter data) -- annotated here
Click: System/Administration/Printing -- Printer Administration
Enter: Enter root password to dialog -- This is priviledged
Click: New -- Want a new printer
Click: Forward -- Wizard dialog
Enter: Name: printer -- Name the new printer
Click: Select Queue Type: Networked Windows -- Its networked, on the XP box
Click: WORKGROUP -- Workgroup name
Click: TRITON -- XP machine name
Click: lj-pcl5e -- name of printer on XP box
Click: Generic -- general driver class
Click: PCL 5e -- specific driver
Click: Finish -- We are done
Click: Print Test Page: Yes -- generally, good to test it
Click: Default -- This is the default printer
Click: X (Close) -- Done
Click: Save (changes) -- Yes, save the changes
Print in OpenOffice, Firefox, etc. will work.
And how is this the acid test of Linux? The only thing that is different from XP is that the printer driver itself isn't downloaded automagically.
Ratboy
How do you figure that?
I was intending to moderate here, but have been insired to rant instead.
RANT...
What do you think "Linux" is? What I don't understand is why article writers tread over the same ground again and again and again...
I do know - its got to be cheap copy.
To answer the question I asked above - Linux is a free Unix style kernel, developed co-operatively. It does not "compete" with Microsoft Windows. Because of its licensing, companies can take this kernel, and sell it, either alone, or combined with other products.
If "Linux" actually competes with Microsoft, I would be very worried about Microsoft. Redhat, Novell, etc. can compete with Microsoft. Which makes the events of earlier in the week (Microsoft supporting Novell) interesting.
Is the "average end user" concerned with Linux? Why would she be?
I typically tell people - You will know both when and why, if you are interested in using Linux. If you don't know, then it really doesn't matter; if Windows works for you, use it (after all, you paid for it).
As to "hardware support" -- the Linux kernel supports MUCH more hardware than the Windows kernel. Do you want to put it to the test? Linux supports most network, sound, USB, etc. SATA, IDE, etc. adaptors, Without a single external driver needed. No "binary downloads", no "driver building", no hassles. My classic example is the QIC Travan 1 drive I use for "permanent" backup. I don't trust most CD or DVD writable media, and prefer to use QIC tapes for project backup. Supported "out of the box" by the Linux kernel. Windows XP support? I have yet to find it. Even though the drives were orginally sold as "DOS/Windows ONLY".
And, I DON'T trust a binary-only USB 2 driver that comes with a mainboard from a no-name manufacturer in Taiwan. I much prefer to have a source reviewed driver in the kernel.
I think that "Linux users" break into several camps -- (1) those that know why they have chosen Linux, (2) those that just want to "play", (3) those that are "forced" to use it.
Camp (3) includes embedded applications (ATI chip based TVs, TiVOs, etc.), and locked down desktops, and servers.
People who just want to "play" are going to be fickle anyway, by definition. Encourage them to use Windows; unlike the first camp, they are unlikely to contribute to the commons, and giving them "free support" drains valuable resources.
Ratboy
"Open firmware" - if its available. If not, I need to have the interfaces suitably 'vetted.
Examples: x86 instruction set. Interfaces to BIOS, monitor, network switch. Interface to keyboard.
As long as I am reasonably happy that the possibility of malware vector is low, I'll use it.
YMMV
Ratboy
Trade Secret -- sure, that's a reason.
But, I still prefer "open source". Profit is not the issue. If someone I trust has a look, its good enough. And I don't trust most vendors.
I personally don't read all the code; not enough time, but I do prefer if it is possible, and if I can get a proxy to do it. I don't run "binary only" software, unless it is in a sandbox (and not directly connected to the internet or internal network).
FYI: Anything published is pretty much under copyright.
Sure, distribute the codecs (or whatever) in binary form -- but I assert it is negligent to run a binary only program, unless you trust the vendor/supplier (if you are connected via high-speed link to the internet).
I don't care if is a codec, or a major application. Its just wrong.
Again, FYI: As long as this is the custom, you will see malware of various sorts.
Raboy
Under copyright law, I have first buyer rights.
I will not enter into a contract negotiation, leaving just copyright. It's my copy. It is NO LONGER the vendors copy. They sold it to me.
Apple never refused to sell me OS X. Since I never entered into a contract with them, I am bound only by copyright.
Ratboy
And, laying blame properly.
When you buy a new computer, it comes with XP. On the hard disk. Without a manual. Really.
My nanny just bought an Acer laptop. It did come with a "quick start guide".
Nothing about security. Although XP does pop up a dialog asking you to install anti-something-ware software. And natters about using unencrypted wireless links.
So for you points 2 and 3, the vendors are to blame. For point 1? I believe that the warning that you are using an unsecured wireless connection is probably just fine.
Generally, I'll blaim the vendors. Not only are MANUALS not packed, but even CDs are omitted on shipping. How is the "average user" supposed to know? Intuition? I guess they are supposed to read the fine dialogs, and resolve these issues at that time. I guess the vendors take the easy road and throw in "Norton Antivirus" to get rid of the nagging.
Ratboy
After erasing files, we want to destroy them -- at least make it very difficult and expensive to recover.
/WASTE
So what I do is run a cron job: dd if=/dev/random of=/WASTE; rm
This is run until it errors, on a weekly basis. Generally, 90%+ of all clues as to data contents are going to be destroyed by this.
Going further, inodes can be easily destroyed as well: say by creating new filenames until the system fails, then erasing them.
Ratboy
Try to get the credit charge reversed. And go fight for it!
Best of luck.
Ratboy
It won't work. A "web of trust" model is good -- within a small group.
However, people should NOT rate trust relationships for businesses. And why should we? Indeed, the correct trust relationship is "I can't/don't trust you". Any company that has let unencrypted backup data out the door, that has sold customer information, etc. would be "don't trust". How are the other companies (could trust) enter a trust relationship? Their process in handling information would need to be audited. By the person contemplating the trust relationship. Which won't happen (or shouldn't happen).
For business I have to use the "military" meaning of trust -- I can't avoid giving trust to the business. They *could* fuck me over; the only choice I have is not to do business with them.
YMMV
Ratboy
My mentioning of Apple was an analogy. Yes, "Second Life" has an Apple client.
Now, I went to "secondlife.com". From there, I went to "system requirements". I wish to quote:
"PC Minimum System Requirements:
* Internet Connection*: Cable or DSL
* Operating System: Windows XP (Service Pack 2)
o OR Windows 2000 (Service Pack 4)
* Computer Processor: 800MHz Pentium III or Athlon, or better
* Computer Memory: 256MB or better
* Video/Graphics Card**:
o nVidia GeForce 2, GeForce 4mx, or better
o OR ATI Radeon 8500, 9250, or better"
Does that mention Linux? BSD? Solaris perhaps? I'll make it simple. It doesn't.
Now, YOU may have time to explore the Second Life website, search Google, etc. looking for alternate clients. I don't. Nor do many other developers and admins. We will go to secondlife.com, have a look, and leave. I am still not going to try the linux client on Solaris. Or on Linux -- its closed source; I don't trust "Linden"; its alpha level. Nor is there a description of what the software actually does, or what security risks it entails. Not even enough information to make an educated guess.
Some marketing persons "wet dream". And, yes, I am a server wonk.
Ratboy
I am an ex-staff engineer from SUN.
I still do a lot of SUN engagements. A lot of SUN code. Even Java.
I don't really do Windows (I have one copy of XP running in a VMware container). I can't do "Second Life" -- went to their website, and discovered that it's Windows or Mac only. No Solaris, no Java, not even "Mono". No Sparc. Not even Linux.
Sure, they may get people into the conference; but they have lost the platform COMPLETELY. I guess that buying a computer, OS, and Second Life is probably cheaper than the conference. For additional training? I don't know. I just don't know this technology at all.
Imagine if Apple forces ALL their loyal users to buy another computer AND Windows to participate in Apple training...
Ratboy