It's something which is keeping people like Ian Murdoch, Bruce Perens and Joel 'Espy' Klecker up late at night talking with their lawyers just in case the worst does happen.
I can categorically state that this is not the case.
Ian Murdoch is no longer involved with Debian, and has not been for some time
Bruce Perens quit the Debian project many years ago, with the immortal words "Fuck you all"
Joel 'Espy' Klecker died on July 11, 2000
The rest of the parent is pretty bogus, I'm not going to do a point-for-point rebuttal. It's probably a troll.
FreeBSD jails are just a highly limited variation on POSIX.1e capabilities, which Linux has had for years (since the 2.2 kernel series, approximately).
Unlike FreeBSD, Linux can revoke specific, individual permissions from uid 0, instead of just revoking them all. libcap provides the interface to userland.
The only reason why they aren't in common use is because, well, FreeBSD jails are all hype. It's not "root" access to a "logical partition", it's a chroot where uid 0 is no longer really root. There isn't a huge difference between that and a chroot without any uid 0 users or setuid-0 binaries in it - you just have to know how to use chown and chmod.
Of course, you then have things like filesystem ACLs, or SELinux, which the BSDs have no competition for.
I'm afraid that's another bubble that has to burst. SSL encryption does precisely nothing to stop people who can intercept your connection unless you verify the server certificate.
When was the last time you verified the server certificate while purchasing something online?
Would you actually stop if the certificate was self-signed?
SSL is a comfort blanket. It very rarely adds real security.
All you need is a burner. The rest is free. Apple are just using mass-market drives anyway.
So, let's see what that sort of hardware normally retails for...
Five minutes with google located this review, of a similar PC available for $3300... in 2001. So Apple are selling kit at the prices the rest of the world were using two years ago.
Applying Moore's law (combined with the knowledge that in the hardware industry, prices stay fairly constant while performance increases), we can conclude that this is a little over twice a suitable price for equivalent value. Somebody with more time than me is invited to track down a current workstation price.
And that jives with my experience of Apple, too. Equivalent (often identical, once you remove the ugly translucent plastic cover) hardware to what everybody else is selling, at approximately twice the price.
If everyone just assembled components and sold them as dirt cheap boxes, the industry would be even more stagnant than it already is. Fortunately, we have Apple.
...who just assemble components and sell them as expensive boxes. How does that benefit us, exactly? It's not like they invented most of the hardware in those things. A significant chunk of it came from IBM, and most of the rest is just normal retail hardware (hard drives, dvd drives, network chips, usb controllers, graphics chips...).
I used to work for a guy who had a saying on this subject: "Locks are to keep your friends out." That is to say, security measures impose barriers to unauthorized access, but these barriers are only so high -- if you have enemies willing to break down your door, locking it will not help you; if you don't, what function does locking serve?
It gives the burglar a reason to break a window. That's probably not the purpose that was intended. A pretty decent example, really.
Here's a hole: if I knew a way to make more money out of filesharing than the RIAA do out of CD sales, I'd implement it myself and put them out of business (and get extremely rich in the process) - not hand it over to them.
> But software patents are an insidious practice, meant to stifle market competition and innovation.
They weren't necessarily meant to do that, it's just that the people who meant them to encourage innovation turned out to be wrong.
Re:Bounds Checking
on
GCC 3.3 Released
·
· Score: 5, Informative
I hear they have added in some more advanced, and aggressive bounds checking. Now when i screw up something i wont have to wait for a seg-v to tell me that pointer moved a little too far.
Indeed, that SIGSEGV becomes a SIGABRT instead. This is dynamic bounds checking; it won't find anything until the bounds error occurs at runtime, so you won't find it any earlier. All it does is make sure that no bounds errors escape *without* crashing the process.
Although it dosnt seem to work with glibc....this is quite annyoing, although it probably will be fixed and re-released in a few days
I guess you didn't read the documentation. This is a "feature". It breaks the C ABI, forcing you to recompile all libraries used in the program, including glibc.
3. Prevent people from modifying my political statements or personal views which I included with the text. The DFSG does not allow this.
It is clear that while the GFDL is not up to par with the "Free" philosophy, the DFSG prohibits authors from exercising their right to protect their personal views and speech from modification. This right--to protect your personal views and expression (which source code is not, by the way)--is just as important to free speech as the freedoms outlined in the GPL.
Debian is not a platform for distributing your personal and political opinions inscribed as text.
There are occasions when it makes sense to create non-free software or documentation. They simply won't be included in Debian. Free software or documentation will probably be created to replace them. I don't see any problems here.
Anything which reduces the number of people posting to usenet is probably good. Anything which lets you track down and hurt people being morons on usenet is *definitely* good.
The issue is that the mplayer developers were distributing other people's GPLed code as part of their own. Their own code wasn't under the GPL at all (it was under "GPL+you can't distribute binaries").
> Distributing license-incompatible source together isn't illegal because it's not "linking". License > incompatibilities don't come into effect until you link them together.
Where did you get this "linking" thing from? The GPL makes no mention of it. "Distributing license-incompatible source together" when one of the sources is licensed under the GPL and when they are designed to be compiled into a single program is illegal because clause 2b requires that any derivative work of GPLed code be licensed wholly and entirely under the GPL.
'What is the difference between "mere aggregation" 'nd "combining two modules into one program"?' is a good place to start, but I recommend reading the whole thing.
> (This is about older versions of mplayer anyway.. the current versions of mplayer can and do have binaries being distributed)
This probably isn't true. There have been numerous attempts by various Debian developers to carefully analyse mplayer (since the mplayer developers have demonstrated before that their word cannot be trusted on this issue) with a view to packaging it, and they have all found license issues which prevent its inclusion. The latest one was fairly recent.
Amusingly enough, the thread in question started because some mplayer developers didn't like Marillat and decided to flame him in public, and people told them to go shove it.
Yes, heaven forbid that anybody use a bug tracker worse than the over-engineered, virtually unusable bugzilla. I still haven't found anybody who can explain the query form, nor have I been able to get it to yield a list of all open bugs against a specific component. This is a simple task; it should be simple.
Bugzilla makes simple things hard, and hard things harder. At most, it's harder in different ways than GNATS. I can't think of any reasons why it would be significantly better.
If bugzilla is ever to become a realistic issue tracking system, it needs to have most of the features taken out and replaced with simple, generic systems.
To stave off the stock responses, yes, mozilla uses it. That doesn't mean it's successful. I'm continually amazed at how they can afford to spend as much time as they do working with bugzilla. There really is no excuse for spending more than a few minutes a day working with the bug tracker: look at list of things to do, reply to relevant mail, and then get on with fixing the bugs.
Interesting notion, but I think it works quite well. Effective, flexible, and a good filter for the sort of people that I pray never get as far as installing any of my packages (the sort that don't read the four screens of key binding documentation that it shoves in your face every time you do anything, until you read the documentation and turn them off).
3. It's impossible to mix+match packages.
And why, exactly, do you think that this should be possible? Library dependencies are not flexible things, and they are invariably the reason for this. You simply cannot install a package linked against a newer libc6 on an older system and expect it to work. Library ABIs are forwards-compatible until the SONAME changes, but they aren't backwards-compatible.
4. The package system is not flexible.
Actually, the answer is to create your own perl package containing a copy of perl. equivs is generally the wrong answer to almost any question; it is there for the few scenarios where it is the right one.
As for the CPAN module, it (like CPAN itself) doesn't let you download and install binary packages - you have to waste time compiling stuff locally. And it generally installs things in the wrong place, because CPAN authors don't put the same degree of care into package maintainance.
dh_make_perl is a better solution; it creates a real package from the CPAN module, so upgrades and removals can be handled cleanly. Plus, like any package, you get to see what it is going to install before you let it change your system.
Of course, the best solution is to package it for Debian, or to file an RFP for whatever needed it in the first place so that somebody else might package it.
5. No support for chkconfig. Managing services in Debian means manipulating stupid symbolic links. This should be centralized.
The day I can't manage runlevels by manipulating symlinks in the filesystem, but instead have to use some wretched special-purpose utility, is the day I find out who is responsible for enforcing their ideas on me and rip out their lungs.
If people just want *alternatives*, then there are at least five or six different systems packaged for Debian that manage this stuff.
I have never understood why people think that Debian developers give a damn about market share. I certainly don't. I'd be much happier if the number of stupid people using Debian would continue decrease; this would reduce the quantity of stupid mail that I get.
Gentoo has made great progress at this, having attracted most of that irritating crowd who think that compiling software locally somehow makes it better. I hope that they will continue to attract the moronic users away from Debian.
Slashdot Mirror
I can already predict what the effect of this will be. The logo will be used by the halfwits and groupies; serious people will avoid it.
As such, it makes a good filter - anybody who uses this logo is clearly a moron, and therefore you know to avoid them and ignore whatever they say.
I can categorically state that this is not the case.
The rest of the parent is pretty bogus, I'm not going to do a point-for-point rebuttal. It's probably a troll.
FreeBSD jails are just a highly limited variation on POSIX.1e capabilities, which Linux has had for years (since the 2.2 kernel series, approximately).
Unlike FreeBSD, Linux can revoke specific, individual permissions from uid 0, instead of just revoking them all. libcap provides the interface to userland.
The only reason why they aren't in common use is because, well, FreeBSD jails are all hype. It's not "root" access to a "logical partition", it's a chroot where uid 0 is no longer really root. There isn't a huge difference between that and a chroot without any uid 0 users or setuid-0 binaries in it - you just have to know how to use chown and chmod.
Of course, you then have things like filesystem ACLs, or SELinux, which the BSDs have no competition for.
I'm afraid that's another bubble that has to burst. SSL encryption does precisely nothing to stop people who can intercept your connection unless you verify the server certificate.
When was the last time you verified the server certificate while purchasing something online?
Would you actually stop if the certificate was self-signed?
SSL is a comfort blanket. It very rarely adds real security.
The sight of ATMs showing an NT4 kernel crash dump isn't uncommon, either. It's really annoying, though.
Why are you looking at Opteron kit? You should be looking at Athlons.
And don't even think about comparing MHz across architectures. Compare real performance instead - there isn't much difference then.
Ideology.
Why do you need more than 4Gb of memory, today?
2GHzIt's been done
dual processorGetting increasingly common, and doesn't really push the price up that much
unix
Free
workstation that runs consumer appsAlso been done
has a great Java development environmentAlso Free
and burns DVDsAll you need is a burner. The rest is free. Apple are just using mass-market drives anyway.
So, let's see what that sort of hardware normally retails for...
Five minutes with google located this review, of a similar PC available for $3300... in 2001. So Apple are selling kit at the prices the rest of the world were using two years ago.
Applying Moore's law (combined with the knowledge that in the hardware industry, prices stay fairly constant while performance increases), we can conclude that this is a little over twice a suitable price for equivalent value. Somebody with more time than me is invited to track down a current workstation price.
And that jives with my experience of Apple, too. Equivalent (often identical, once you remove the ugly translucent plastic cover) hardware to what everybody else is selling, at approximately twice the price.
If everyone just assembled components and sold them as dirt cheap boxes, the industry would be even more stagnant than it already is. Fortunately, we have Apple....who just assemble components and sell them as expensive boxes. How does that benefit us, exactly? It's not like they invented most of the hardware in those things. A significant chunk of it came from IBM, and most of the rest is just normal retail hardware (hard drives, dvd drives, network chips, usb controllers, graphics chips...).
Non-free drivers don't count. ATI provide drivers complete with source code. Support them instead.
It gives the burglar a reason to break a window. That's probably not the purpose that was intended. A pretty decent example, really.
Here's a hole: if I knew a way to make more money out of filesharing than the RIAA do out of CD sales, I'd implement it myself and put them out of business (and get extremely rich in the process) - not hand it over to them.
Twist, don't pull. Never failed me yet.
> But software patents are an insidious practice, meant to stifle market competition and innovation.
They weren't necessarily meant to do that, it's just that the people who meant them to encourage innovation turned out to be wrong.
Indeed, that SIGSEGV becomes a SIGABRT instead. This is dynamic bounds checking; it won't find anything until the bounds error occurs at runtime, so you won't find it any earlier. All it does is make sure that no bounds errors escape *without* crashing the process.
Although it dosnt seem to work with glibc....this is quite annyoing, although it probably will be fixed and re-released in a few days
I guess you didn't read the documentation. This is a "feature". It breaks the C ABI, forcing you to recompile all libraries used in the program, including glibc.
It is clear that while the GFDL is not up to par with the "Free" philosophy, the DFSG prohibits authors from exercising their right to protect their personal views and speech from modification. This right--to protect your personal views and expression (which source code is not, by the way)--is just as important to free speech as the freedoms outlined in the GPL.
Debian is not a platform for distributing your personal and political opinions inscribed as text.
There are occasions when it makes sense to create non-free software or documentation. They simply won't be included in Debian. Free software or documentation will probably be created to replace them. I don't see any problems here.
What were you expecting from somebody calling themselves "Tsu Dho Nimh"? (If you don't get it, say it out loud)
Anything which reduces the number of people posting to usenet is probably good. Anything which lets you track down and hurt people being morons on usenet is *definitely* good.
The issue is that the mplayer developers were distributing other people's GPLed code as part of their own. Their own code wasn't under the GPL at all (it was under "GPL+you can't distribute binaries").
> Distributing license-incompatible source together isn't illegal because it's not "linking". License
> incompatibilities don't come into effect until you link them together.
Where did you get this "linking" thing from? The GPL makes no mention of it. "Distributing license-incompatible source together" when one of the sources is licensed under the GPL and when they are designed to be compiled into a single program is illegal because clause 2b requires that any derivative work of GPLed code be licensed wholly and entirely under the GPL.
This is covered in the GPL FAQ.
'What is the difference between "mere aggregation" 'nd "combining two modules into one program"?' is a good place to start, but I recommend reading the whole thing.
> (This is about older versions of mplayer anyway.. the current versions of mplayer can and do have binaries being distributed)
This probably isn't true. There have been numerous attempts by various Debian developers to carefully analyse mplayer (since the mplayer developers have demonstrated before that their word cannot be trusted on this issue) with a view to packaging it, and they have all found license issues which prevent its inclusion. The latest one was fairly recent.
Amusingly enough, the thread in question started because some mplayer developers didn't like Marillat and decided to flame him in public, and people told them to go shove it.
> If we let "p2p file sharing" become synonomous with "p2p file sharing of stolen intelectual property" we've lost half the battle.
I'd say we lost half the battle when people started accepting "stolen intellectual property" as a meaningful term.
Yes, heaven forbid that anybody use a bug tracker worse than the over-engineered, virtually unusable bugzilla. I still haven't found anybody who can explain the query form, nor have I been able to get it to yield a list of all open bugs against a specific component. This is a simple task; it should be simple.
Bugzilla makes simple things hard, and hard things harder. At most, it's harder in different ways than GNATS. I can't think of any reasons why it would be significantly better.
If bugzilla is ever to become a realistic issue tracking system, it needs to have most of the features taken out and replaced with simple, generic systems.
To stave off the stock responses, yes, mozilla uses it. That doesn't mean it's successful. I'm continually amazed at how they can afford to spend as much time as they do working with bugzilla. There really is no excuse for spending more than a few minutes a day working with the bug tracker: look at list of things to do, reply to relevant mail, and then get on with fixing the bugs.
Nope, this simply isn't news. The Hurd has been grossly incomplete and not ready for release for years, and it still is now.
Why on earth does this merit a slashdot headline?
dh_make_perl is a better solution; it creates a real package from the CPAN module, so upgrades and removals can be handled cleanly. Plus, like any package, you get to see what it is going to install before you let it change your system.
Of course, the best solution is to package it for Debian, or to file an RFP for whatever needed it in the first place so that somebody else might package it.
The day I can't manage runlevels by manipulating symlinks in the filesystem, but instead have to use some wretched special-purpose utility, is the day I find out who is responsible for enforcing their ideas on me and rip out their lungs.If people just want *alternatives*, then there are at least five or six different systems packaged for Debian that manage this stuff.
I have never understood why people think that Debian developers give a damn about market share. I certainly don't. I'd be much happier if the number of stupid people using Debian would continue decrease; this would reduce the quantity of stupid mail that I get.
Gentoo has made great progress at this, having attracted most of that irritating crowd who think that compiling software locally somehow makes it better. I hope that they will continue to attract the moronic users away from Debian.