So, while SELinux might be a good single layer of security (when it works), it certainly isn't impenetrable and should definitely not be viewed as the most important layer of any multi-layered security strategy. It is naive to assume that an OpenBSD system will necessarily be more or less secure without an SELinux equivalent.
But with SELinux, you can get an even higher level of security. With SELinux, you need not only a local privilege escalation, but a hole in SELinux as well.
It's not like a hole in SELinux is uncommon, unfortunately. Linux and GNU make for a very good base operating system, but so does BSD. Right off the bat, BSD has the advantage of being a coherent system with amazing documentation. Linux seems to be compatible with more hardware, and many people are more comfortable with the GNU userland. BSD arguably has better licensing terms (depending on your perspective). So each has its advantages and disadvantages, but SELinux I would not even bother listing as a significant advantage for Linux, especially when compared against OpenBSD.
3. 60 Hz is smoother then 30 Hz, (yes there are people that can tell)
Indeed, the vast majority of people can tell the difference between 30fps and 60fps, even on a small device. Even the differences between 30fps and 40fps or 50fps and 60fps are quite apparent to many people.
Google is already in our internet search lives, our phones, and email. Google is already plotting to get into our living rooms and kitchens. Where will this stop? Guys, I am getting quite concerned about Google. Who wouldn't be?
I'm not really concerned about Google. I do use Google's search engine (with their analytics servers redirecting to 127.0.0.1). Otherwise, Google is not in my phone or email. They're also not going to get into my living room or kitchen without a drop-dead amazing product, and I'm fairly confident they won't be able to impress me enough with anything they could offer. Probably the fact that they're the second largest ISP is more concerning to me than any of that other stuff, but I also don't have any reason to trust Google any less than any other company. Somebody has to be the second largest ISP. Until Google demonstrates some serious breach of privacy, I guess I don't really mind that it's them.
I keep using Firefox precisely because there are things I can't do as easily with other browsers as I can with Firefox. I yet have to see another browser which will do better than a combination of Adblock, NoScript, Firebug, Greasemonkey, Ghostery, Flagfox and PasswordHasher.
Exactly what I was thinking... As one who has moved away from FF, I must say that a lack of features is one thing I've never heard applied to Firefox. Bloated? Yes. Slow? Sometimes. Outstripped by rivals in terms of features? No. The shear number of features available for Firefox is something we Chromium users are hoping Google can bring to its browser (but only in a way that doesn't actually slow it down).
... nothing that indicates we're dealing with non-blocking I/O...
Because it typically isn't non-blocking IO. The process can obviously request non-blocking, but the default (and most used) is blocking. So the process actually will sleep as it is supposed to if it's written correctly. It would not be the kernel's fault if a process requests a non-blocking fd and enters into a tight loop which spends more time looping than writing.
What you might have missed or are ignoring is that apt allows you to specify the location of ANY and MULTIPLE repositories, so its possible for an individual developer to host their own repository for their own stuff that users can acquire and update their software from, without having to touch the official central repositories.
So? That's only important if software is hard to install in the first place. On the Mac, applications are typically "installed" by dragging the app bundle where you want it, and uninstallation involves dragging the same to the Trash. There is no reason that Apple's "store" should support repositories because each developer already packages their own programs for download and install from their own website. Ubuntu has to have a repository (and by extension support for multiple repositories) to accomplish the same because software is not so trivial to install otherwise. Your error (and one of the errors of the story submitter) is in thinking that Apple's "store" is supposed to be equivalent to a package manager and repository as Linux users understand them. It's not because Mac OS X doesn't need one. It's just one more channel of distribution for apps, and that's it. It's not aiming to be the single or even the most important method of installing programs.
You apparently missed the fact that you also can't include Flash and Java apps in the Mac App Store.
If 90% of Mac users get all their apps from the App Store, then that will quickly kill off Flash and Java on the Mac, even before Apple starts locking down the OS.
That's a pretty pointless hypothetical statement, no? What are the chances that anywhere near 90% of Mac users will get 100% of their apps from Apple's repository? 0%.
As Ron Gilbert just put it
"For you Apple apologists claiming Apple will never lock down the Mac, step one is in place and you all let it happen."
That's not going to happen for a very simple reason. When the iPhone was originally released, it had a lot less than an App Store. It was easy to accept the App Store on the iPhone because it actually made the device more useful and was better than having no apps at all. That situation is not comparable to the Mac which is already as capable as we know a desktop computer to be. Nobody is going to go for a computer marketed as a desktop or laptop that is locked down to a single source of programs because we already have our expectations of what a desktop computer is.
Basically, releasing a Mac locked down to a single source of programs would receive the same backlash as the original iPhone did, because at that point we already had the expectation that you should be able to install apps on your smartphone. We already have the expectation that we should be able to install anything on our desktops and laptops.
Yet it still doesn't have an equivalent to AdBlock Plus.
And for the Chrome-heads who point out AdBlock, it is a good start but still nowhere near as effective. It lets many ads through, it still downloads and just hides a large chunk of ads, and it does not seem to stop flash ads at all.
I acknowledge that the Chrome plug-in has limitations by itself, but I personally find it much more than adequate because I also took a couple of minutes to write a cron script to to download and apply the latest hosts file. I never see ads; I can't remember the last time I saw a Flash ad, and my bandwidth isn't wasted on ads (or worse).
The Chrome plug-in is only good enough for grandma and average users, but the rest of us have a multi-layered strategy anyway. Firefox is a great browser, but I liked it better when it wasn't so slow and bloated. I'm a happy Chromium user now, and there are no FF plug-ins I miss at all.
They're fun (Generally, maybe not this one)
Now someone explain to me the appeal of poems. As far as I can tell they're nothing but crazy poetic crap.
That can't just be because they're not to my taste or I haven't put the time into appreciating them, they're just crap.
tl:dr - Being a good parent does not mean monitoring every little action.
While it's true that you can't (and shouldn't) monitor everything, I think there are instances where text messages are one of those things that should be monitored, only because of the severity of what could result... such as (possibly revealing) pictures of your kid being put on the internet where they will stay forever. But I'm not a parent, so I'm just supposing that if such an event could be prevented that it would be a very good thing.
Either way, I think it's fairly obvious that monitoring everything your child does cannot be an effective replacement for good parenting in other areas.
Nazi Germany was not at all socialist. Today's China is barely socialist.
Education is your friend.
Try some education yourself; many socialist principles were employed by the Nazis during their reign. From Wikipedia (emphasis mine):
To rescue Germany from the effects of the Great Depression, Nazism promoted an economic Third Position; a managed economy that was neither capitalist nor communist. The Nazis accused communism and capitalism of being associated with Jewish influences and interests. They declared support for a nationalist form of socialism that was to provide for the Aryan race and the German nation...
But maybe it's just easier for you to pretend you're knowledgeable by making a completely unsupported statement with a snide remark, hoping that others are as ignorant as you and won't call you out.
Oh my fucking god. I am throwing away 5 mod points posted elsewhere for this. You, sir, are the problem.
It was a contest between two contenders.
No it fucking was not. There were 5, count them, 5 candidates who were registered on sufficient ballots to win the presidency. The fact that you are too fucking ignorant to be even dimly aware of what they show outside of CNN is utterly pathetic.
Stop being part of the problem.
Speaking of ignorance, maybe it's time for a vocabulary lesson. Being a candidate and being an actual contender are not the same thing. There may have been 5 candidates in the presidential race, but there were only two contenders. Voting third party is really the stupid thing to do. Vote for the candidate that you think will do the best job and actually has a chance of winning. Otherwise, you might as well vote for the candidate you least agree with.
Piracy rate is meaningless. You can have a 0% piracy rate easily, just don't release your app. The only thing that matters is revenue. You're better off having 1000 paying customers and 1,000,000,000 pirates than you are having 100 customers and no pirates at all.
Obviously. The real debate is about whether or not and to what degree we should "go after" the pirates in an attempt to turn them into paying customers.
The worst political development in American history was that it gradually became ok to just vote other people's money to yourself.
No, the worst political development in American history was that it suddenly became ok to run the country into the ground so the greedy rich could hold onto a little more of their money, and managed (brilliantly) to convince the gullible poor to support them.
Yes, the poor apparently are quite gullible. They keep voting in these rich snobs who take their money (or rather their children's and grandchildren's money) and spend it on getting more votes. Gullible indeed if they're going to keep letting politicians give them the warm and fuzzies whenever they inevitably start trumpeting hope and change. Things will never change; the poor will keep surviving on whatever bones their representatives decide to throw their way, even though they were promised unicorns and rainbows. If they were smarter, they would vote less on emotion and more on what policies would actually work to improve their lives, rich or poor. Instead they seem to think that their lives will only improve at the expense of the evil rich, so they vote for whoever tells them they're going to take money away from somebody else and give it to them. In that sense, I guess you could say the poor are just as greedy as the rich, just less successful. Gullibility and greed (what a nasty combination) are what's keeping these people poor, not the rich (who would be poor themselves if they were more gullible).
And trickle-down isn't bullshit, when you consider that it's the rich who hire the workers.
That's garbage. The government can take care of us all! We don't need the private sector to create jobs when we could all be government-employed like in Greece. Oh...
From this can we pretty definitively site that the fans of The Daily Show and the Colbert Report are more likely to be knowledgeable about what's going on in the world than Glen Beck;s rally attendees?
Um, probably not since Beck's show isn't listed and there are several relatively high-scoring sources whose audiences might also have attended Beck's rally in high percentages (O'Reilly and Limbaugh). I would guess the difference between those sources and Colbert's show is not outside the margin of error.
So you could try to use this as evidence supporting your claim (thus inferring that people at Beck's rally are morons), but I certainly don't see any "definitive" conclusions that can be drawn from this study. In fact, I was interested to see how high O'Reilly's and Limbaugh's audiences scored.
MSCEs are a dime a dozen, competent ones not much more expensive, whereas good Linux gurus are damned high, if you can even find one.
I'm afraid the point you are trying to make is probably lost on the fact that you seem unable to make valid comparisons. Like here, it should be obvious that incompetent MSCEs or just competent ones are less expensive than good Linux "gurus." A much more interesting comparison would be to pit good Linux gurus against good MSCEs or incompetent ones against the same. In that case, the gap may be less than you're comfortable admitting.
Well, no, that isn't really being fair at all. DRM algorithms and rootkits can take up a significant amount of CPU time, but so can an infinite loop I type in my shell. In practice, the CPU time taken by DRM algorithms and rootkits do not approach significance any faster than software bloat does, and GPL software can be full of that (bash, gcc, emacs).
DRM sucks and there are many reasons to hate it; the very insignificant amount of CPU time it takes to implement DRM is far down that list.
Slashdot Mirror
So, it'll be kind of like running X on my Mac OS X machines. A modern display server, with the ability to run a non-root X on top of it.
About time.
Can you find me an example of a hole in SELinux? Even one? I don't mean a flaw in policy affecting some distros, but an actual flaw in the subsystem?
Yes, I accept your challenge. Here is some light reading for you.
http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=selinux - Obviously not all listed here are flaws in SELinux itself, but there are some.
http://www.zdnet.co.uk/news/security-threats/2009/07/20/linux-exploit-gets-around-security-barrier-39688318/
So, while SELinux might be a good single layer of security (when it works), it certainly isn't impenetrable and should definitely not be viewed as the most important layer of any multi-layered security strategy. It is naive to assume that an OpenBSD system will necessarily be more or less secure without an SELinux equivalent.
But with SELinux, you can get an even higher level of security. With SELinux, you need not only a local privilege escalation, but a hole in SELinux as well.
It's not like a hole in SELinux is uncommon, unfortunately. Linux and GNU make for a very good base operating system, but so does BSD. Right off the bat, BSD has the advantage of being a coherent system with amazing documentation. Linux seems to be compatible with more hardware, and many people are more comfortable with the GNU userland. BSD arguably has better licensing terms (depending on your perspective). So each has its advantages and disadvantages, but SELinux I would not even bother listing as a significant advantage for Linux, especially when compared against OpenBSD.
3. 60 Hz is smoother then 30 Hz, (yes there are people that can tell)
Indeed, the vast majority of people can tell the difference between 30fps and 60fps, even on a small device. Even the differences between 30fps and 40fps or 50fps and 60fps are quite apparent to many people.
And here's why:
Google is already in our internet search lives, our phones, and email. Google is already plotting to get into our living rooms and kitchens. Where will this stop? Guys, I am getting quite concerned about Google. Who wouldn't be?
I'm not really concerned about Google. I do use Google's search engine (with their analytics servers redirecting to 127.0.0.1). Otherwise, Google is not in my phone or email. They're also not going to get into my living room or kitchen without a drop-dead amazing product, and I'm fairly confident they won't be able to impress me enough with anything they could offer. Probably the fact that they're the second largest ISP is more concerning to me than any of that other stuff, but I also don't have any reason to trust Google any less than any other company. Somebody has to be the second largest ISP. Until Google demonstrates some serious breach of privacy, I guess I don't really mind that it's them.
I keep using Firefox precisely because there are things I can't do as easily with other browsers as I can with Firefox. I yet have to see another browser which will do better than a combination of Adblock, NoScript, Firebug, Greasemonkey, Ghostery, Flagfox and PasswordHasher.
Exactly what I was thinking... As one who has moved away from FF, I must say that a lack of features is one thing I've never heard applied to Firefox. Bloated? Yes. Slow? Sometimes. Outstripped by rivals in terms of features? No. The shear number of features available for Firefox is something we Chromium users are hoping Google can bring to its browser (but only in a way that doesn't actually slow it down).
... nothing that indicates we're dealing with non-blocking I/O ...
Because it typically isn't non-blocking IO. The process can obviously request non-blocking, but the default (and most used) is blocking. So the process actually will sleep as it is supposed to if it's written correctly. It would not be the kernel's fault if a process requests a non-blocking fd and enters into a tight loop which spends more time looping than writing.
What you might have missed or are ignoring is that apt allows you to specify the location of ANY and MULTIPLE repositories, so its possible for an individual developer to host their own repository for their own stuff that users can acquire and update their software from, without having to touch the official central repositories.
So? That's only important if software is hard to install in the first place. On the Mac, applications are typically "installed" by dragging the app bundle where you want it, and uninstallation involves dragging the same to the Trash. There is no reason that Apple's "store" should support repositories because each developer already packages their own programs for download and install from their own website. Ubuntu has to have a repository (and by extension support for multiple repositories) to accomplish the same because software is not so trivial to install otherwise. Your error (and one of the errors of the story submitter) is in thinking that Apple's "store" is supposed to be equivalent to a package manager and repository as Linux users understand them. It's not because Mac OS X doesn't need one. It's just one more channel of distribution for apps, and that's it. It's not aiming to be the single or even the most important method of installing programs.
You apparently missed the fact that you also can't include Flash and Java apps in the Mac App Store. If 90% of Mac users get all their apps from the App Store, then that will quickly kill off Flash and Java on the Mac, even before Apple starts locking down the OS.
That's a pretty pointless hypothetical statement, no? What are the chances that anywhere near 90% of Mac users will get 100% of their apps from Apple's repository? 0%.
As Ron Gilbert just put it "For you Apple apologists claiming Apple will never lock down the Mac, step one is in place and you all let it happen."
That's not going to happen for a very simple reason. When the iPhone was originally released, it had a lot less than an App Store. It was easy to accept the App Store on the iPhone because it actually made the device more useful and was better than having no apps at all. That situation is not comparable to the Mac which is already as capable as we know a desktop computer to be. Nobody is going to go for a computer marketed as a desktop or laptop that is locked down to a single source of programs because we already have our expectations of what a desktop computer is.
Basically, releasing a Mac locked down to a single source of programs would receive the same backlash as the original iPhone did, because at that point we already had the expectation that you should be able to install apps on your smartphone. We already have the expectation that we should be able to install anything on our desktops and laptops.
Yet it still doesn't have an equivalent to AdBlock Plus. And for the Chrome-heads who point out AdBlock, it is a good start but still nowhere near as effective. It lets many ads through, it still downloads and just hides a large chunk of ads, and it does not seem to stop flash ads at all.
I acknowledge that the Chrome plug-in has limitations by itself, but I personally find it much more than adequate because I also took a couple of minutes to write a cron script to to download and apply the latest hosts file. I never see ads; I can't remember the last time I saw a Flash ad, and my bandwidth isn't wasted on ads (or worse).
The Chrome plug-in is only good enough for grandma and average users, but the rest of us have a multi-layered strategy anyway. Firefox is a great browser, but I liked it better when it wasn't so slow and bloated. I'm a happy Chromium user now, and there are no FF plug-ins I miss at all.
They're fun (Generally, maybe not this one) Now someone explain to me the appeal of poems. As far as I can tell they're nothing but crazy poetic crap. That can't just be because they're not to my taste or I haven't put the time into appreciating them, they're just crap.
Good point. Poems are stupid...
tl:dr - Being a good parent does not mean monitoring every little action.
While it's true that you can't (and shouldn't) monitor everything, I think there are instances where text messages are one of those things that should be monitored, only because of the severity of what could result... such as (possibly revealing) pictures of your kid being put on the internet where they will stay forever. But I'm not a parent, so I'm just supposing that if such an event could be prevented that it would be a very good thing.
Either way, I think it's fairly obvious that monitoring everything your child does cannot be an effective replacement for good parenting in other areas.
Last I heard (and my own limited experienced confirmed this), Kubuntu was the worst KDE distribution evar. Is that no longer the case?
Nazi Germany was not at all socialist. Today's China is barely socialist. Education is your friend.
Try some education yourself; many socialist principles were employed by the Nazis during their reign. From Wikipedia (emphasis mine):
To rescue Germany from the effects of the Great Depression, Nazism promoted an economic Third Position; a managed economy that was neither capitalist nor communist. The Nazis accused communism and capitalism of being associated with Jewish influences and interests. They declared support for a nationalist form of socialism that was to provide for the Aryan race and the German nation...
But maybe it's just easier for you to pretend you're knowledgeable by making a completely unsupported statement with a snide remark, hoping that others are as ignorant as you and won't call you out.
Oh my fucking god. I am throwing away 5 mod points posted elsewhere for this. You, sir, are the problem.
It was a contest between two contenders.
No it fucking was not. There were 5, count them, 5 candidates who were registered on sufficient ballots to win the presidency. The fact that you are too fucking ignorant to be even dimly aware of what they show outside of CNN is utterly pathetic.
Stop being part of the problem.
Speaking of ignorance, maybe it's time for a vocabulary lesson. Being a candidate and being an actual contender are not the same thing. There may have been 5 candidates in the presidential race, but there were only two contenders. Voting third party is really the stupid thing to do. Vote for the candidate that you think will do the best job and actually has a chance of winning. Otherwise, you might as well vote for the candidate you least agree with.
Piracy rate is meaningless. You can have a 0% piracy rate easily, just don't release your app. The only thing that matters is revenue. You're better off having 1000 paying customers and 1,000,000,000 pirates than you are having 100 customers and no pirates at all.
Obviously. The real debate is about whether or not and to what degree we should "go after" the pirates in an attempt to turn them into paying customers.
Oh don't point out that that could happen, otherwise you get modded as a troll.
Wrong. On the contrary, anti-U.S. government comments usually get some level of Insightful, and this time is no exception.
The worst political development in American history was that it gradually became ok to just vote other people's money to yourself. No, the worst political development in American history was that it suddenly became ok to run the country into the ground so the greedy rich could hold onto a little more of their money, and managed (brilliantly) to convince the gullible poor to support them.
Yes, the poor apparently are quite gullible. They keep voting in these rich snobs who take their money (or rather their children's and grandchildren's money) and spend it on getting more votes. Gullible indeed if they're going to keep letting politicians give them the warm and fuzzies whenever they inevitably start trumpeting hope and change. Things will never change; the poor will keep surviving on whatever bones their representatives decide to throw their way, even though they were promised unicorns and rainbows. If they were smarter, they would vote less on emotion and more on what policies would actually work to improve their lives, rich or poor. Instead they seem to think that their lives will only improve at the expense of the evil rich, so they vote for whoever tells them they're going to take money away from somebody else and give it to them. In that sense, I guess you could say the poor are just as greedy as the rich, just less successful. Gullibility and greed (what a nasty combination) are what's keeping these people poor, not the rich (who would be poor themselves if they were more gullible).
And trickle-down isn't bullshit, when you consider that it's the rich who hire the workers.
That's garbage. The government can take care of us all! We don't need the private sector to create jobs when we could all be government-employed like in Greece. Oh...
From this can we pretty definitively site that the fans of The Daily Show and the Colbert Report are more likely to be knowledgeable about what's going on in the world than Glen Beck;s rally attendees?
Um, probably not since Beck's show isn't listed and there are several relatively high-scoring sources whose audiences might also have attended Beck's rally in high percentages (O'Reilly and Limbaugh). I would guess the difference between those sources and Colbert's show is not outside the margin of error.
So you could try to use this as evidence supporting your claim (thus inferring that people at Beck's rally are morons), but I certainly don't see any "definitive" conclusions that can be drawn from this study. In fact, I was interested to see how high O'Reilly's and Limbaugh's audiences scored.
MSCEs are a dime a dozen, competent ones not much more expensive, whereas good Linux gurus are damned high, if you can even find one.
I'm afraid the point you are trying to make is probably lost on the fact that you seem unable to make valid comparisons. Like here, it should be obvious that incompetent MSCEs or just competent ones are less expensive than good Linux "gurus." A much more interesting comparison would be to pit good Linux gurus against good MSCEs or incompetent ones against the same. In that case, the gap may be less than you're comfortable admitting.
Phew. I was beginning to think there might not be enough Linux distributions.
I can't wait for the day your post would be modded Insightful rather than Funny.
Well, no, that isn't really being fair at all. DRM algorithms and rootkits can take up a significant amount of CPU time, but so can an infinite loop I type in my shell. In practice, the CPU time taken by DRM algorithms and rootkits do not approach significance any faster than software bloat does, and GPL software can be full of that (bash, gcc, emacs).
DRM sucks and there are many reasons to hate it; the very insignificant amount of CPU time it takes to implement DRM is far down that list.