> It's just a waste of effort to use crypto, as this story supports. > It's all one big waste of time, effort, and manpower.
Crypto is like a lock (not by coincidence the symbol frequently used to indicate use of crypto IS a lock). A lock is not a once-and-forever solution, but defined in physical security circles correctly as a "time-delay device". With other words, given enough time any lock will be circumvented...broken if you want. Likewise with crypto.
BUT, with a human lifespan somewhere around 80 years (YMMV), a lock that protects your secrets/valuables long enough for it not to matter anymore to you or even your next couple offspring-generations has, IMHO, more than fulfilled its purpose. Even governments likely would have little need for protecting secrets longer than that.
This story is also IMHO a great example, just why any kind of centralized databases filled with info about people is a BAD idea, regardless of how official and sensible it might seem at first.
> Moving online isn't going to help unless they use OSS textbooks.
How about tax money being spent to pay researchers, educators etc.pp. to write and compile the various school text (e)books, which then would be made available with an Open-Source license to all students and teachers alike? Imagine the synergy of every state doing such a thing, nevermind different countries.
As far as I am concerned, this is pretty much a non-issue. If the EU intends to on creating a true-choice landscape (which wouldn't be a bad thing) they'd go for the OEM's by requiring them to have blank computers as default. If Windows is desired by the customer, they should ship an extra-cost retail copy of it (which would also take care of the recovery disk BS). Likewise for any other OS (Linux could be shipped on a simple CD if no retail box exists). This would offer true choices as well in regards to wants and needs of the customer, capabilities of the OS and the true cost associated with said choice.
Further a compatibility test suite should be developed, by which all OS' and their preinstalled applications should be subjected to. For example, the installed browsers (I really don't care which one) need to comply in full to a set of published web standards. The current test result status of the various offerings can easily be displayed on some web site for reference. Office Suites need to be *fully* compatible in regards to some base formats (OpenDocument lends itself nicely, as well as PDF) and rigorous testing needs to take place. If they fail to read/write/import a document from another standards-compliant suite without farking everything up, it should be tossed out as a possible default installation for OEM's and if installed anyway, the OEM sanctioned. Ditto for e-mail etc.
Only such enforced base-line measures could possibly make a real difference by requiring inter-operability standards regardless of OS and application and get rid of the mess we're in with monopoly abuses and vendor-lock-in etc..
> Or do you have a list of where and what OSS is used in the canton? > Would be interesting to see, as I've been trying to network with > the responsible people for years
> Switzerland states that only MS will do, but how can you > truly know what's available without a public bid?
By having very vocal worker bees, who want their MS & Office. And the fact, that nobody so far got fired for buying Microsoft, even if they got pulled over the table in the process.
> Windows can be, and often is, just as bad and sometimes worse. > I don't think your GF would be able to burn a CD with a fresh > install of XP, either.
I know that but the truth is, it doesn't matter. If her car breaks down I am not gonna score points either by saying, well manufacturer's car XYZ is even worse than yours. XP is certainly far less productive out of the box (as in install from CD) as any recent Linux distro and that's assuming, you can even get the hardware detected (don't get me started on SATA controllers). But Linux as an alternative is supposed to do things better and with less headaches. And while things have come a long, long way over the years, there's still a long way to go as well. Usability studies are an absolute must. Give someone an installer CD and a desktop (with supported hardware) and then give them targets for basic tasks: sending/receiving e-mail, creating/printing documents, listening/burning music, watching DVD's etc.. Any point where they can't get it to work needs to be addressed, despite the fact that a fix usually already exists. If that fix is not apparent to a user, it's NOT A FIX! Linux distros in general, and program developers in particular need to adopt the mindset, that if something is too obscure or hard to use for a reasonably motivated and intelligent potential user, then that software is BROKEN by definition.
> precisely what Ubuntu is trying to do. It is a matter of opinion > as the whether they are succeeding, but I believe that they are.
At the latest when my GF wanted to burn a simple mp3 file and Brasero mumbled something about an "missing gstreamer plugin" she said, that (Ubuntu) Linux is still too complicated for normal users. I couldn't really argue with her, just explain the Why's and How's of proprietary stuff and the legal issues of their use. Installed the restricted stuff (which she'd have had no idea to even look for!) and she was set and likes it.
Another point in the slides of TFA was, that just because Linux is free it's not inexpensive. True that. Just spoke to the director of IT for a large/well-known european city and he too said, he doesn't see a business point for Linux (and he likes it personally). Basically the Unix side is taken by AIX (license costs per WS/Server are negligible, especially for a rich town) and the Windows side is, well, gonna stay that way (all city desktops are going Vista). So Linux, despite the fact that the official city site runs on it is basically kept on board just to have the know-how around. That, however, costs salaries and if several admin's pull 100k/y each then I can see, how from a business point of view Linux doesn't make sense atm.. Rock and a hard place for adoption and likely in other locations you'll find similar situations.
Perhaps they have a point: Can't Fukem Forever. What they'll get though is questionable. At best the current code which might open up the possibility of continuation of development.
> AdBlock is the next killer app waiting in the wings
Color me ignorant, but what exactly does Adblock do that Noscript doesn't (honest question...only using NS so far). It seems, Noscript blocks a bunch of ads too. Should they perhaps run in conjunction for best results?
> NoScript is the only way I can browse Slashdot without slowing my browser to a crawl.
Slashdot is indeed one of the slowest sites. Liked the old interface a lot more...speedier. What settings did you choose and what domains allowed?
Offtopic: Anyone know, how to read/. offline as in downloading or at least browser-loading the *entire* discussion thread on a given story? Would like to use my time on the train commute.
> Honestly, how many man-hours and equipment do you really want to commit to backup? > Do you really think it's worthwhile to get a tape system and regularly move tapes > off-site for some community mods? Anyone can envision a system that is far more secure > than this, but paying for it is another thing.
Actually all that was needed was a $100 hard drive, that could have been rsync'ed to automatically even over DSL.
> I just bought a ASUS 1000HA. Guess what- a sale chocked up for Windows despite the fact > that I'd just going to rm -rf * it as soon as the netbook arrives.
So do not comply with the EULA and submit a refund request (for Windows) to the vendor.
Do you pine for the nice days of minix-1.1, when men were men and wrote their own device drivers? Are you without a nice project and just dying to cut your teeth on a OS you can try to modify for your needs? Are you finding it frustrating when everything works on Linux? No more all- nighters to get a nifty program working? Then this post might be just for you:-)
As I mentioned a month(?) ago, I'm working on a free version of a Linux-lookalike for AT-386 computers. It has finally reached the stage where it's even usable (though may not be depending on what you want), and I am willing to put out the sources for wider distribution. It is just version 0.02 (+1 (very small) patch already), but I've successfully run bash/gcc/gnu-make/gnu-sed/compress etc under it.
Sources for this pet project of mine can be found at nic.funet.fi (128.214.6.100) in the directory/pub/OS/minix. The directory also contains some README-file and a couple of binaries to work under Minix (bash, update and gcc, what more can you ask for:-). Full kernel source is provided, as no Linux code has been used. Library sources are only partially free, so that cannot be distributed currently. The system is able to compile "as-is" and has been known to work. Heh. Sources to the binaries (bash and gcc) can be found at the same place in/pub/gnu.
ALERT! WARNING! NOTE! These sources still need Linux-386 to be compiled (and gcc-1.40, possibly 1.37.1, haven't tested), and you need Linux to set it up if you want to run it, so it is not yet a standalone system for those of you without Linux. I'm working on it. You also need to be something of a hacker to set it up (?), so for those hoping for an alternative to Linux-386, please ignore me. It is currently meant for hackers interested in operating systems and 386's with access to Linux.
The system needs an AT-compatible harddisk (IDE is fine) and EGA/VGA. If you are still interested, please ftp the README/RELNOTES, and/or mail me for additional info.
I can (well, almost) hear you asking yourselves "why?". Hurd will be out in a year (or two, or next month, who knows), and I've already got Linux. This is a program for hackers by a hacker. I've enjouyed doing it, and somebody might enjoy looking at it and even modifying it for their own needs. It is still small enough to understand, use and modify, and I'm looking forward to any comments you might have.
I'm also interested in hearing from anybody who has written any of the utilities/library functions for Linux. If your efforts are freely distributable (under copyright or even public domain), I'd like to hear from you, so I can add them to the system. I'm using Earl Chews estdio right now (thanks for a nice and working system Earl), and similar works will be very wellcome. Your (C)'s will of course be left intact. Drop me a line if you are willing to let me use your code.
Andrew
PS. to PHIL NELSON! I'm unable to get through to you, and keep getting "forward error - strawberry unknown domain" or something.
Don't risk your job over a friggin' cable that your boss pays for anyway. He will hold it against you big time if you don't "value" his 'sage' opinion about the virtues of commercially-made cables.
Haven't tried it yet. Is the login pass phrase also unlocking your encrypted home dir? If so, isn't it annoying to type the 128-bit pass phrase in every ten minutes your desktop screen saver lock kicks in? Any workarounds (separate pass phrases for home dir and login/desktop lock)?
> The community (even most people in this crowd) totally grokked the idea of "4.0-as-API-freeze" > but the distros throught 4.0 meant time to upgrade, and frankly they should have kept 3.5 as > the default until the 4 series was truly ready.
You could always use Slackware, which did it right (KDE 4.x to be released with the next Slackware version sometime this year. Slackware 12.2 still shipped with KDE 3.x).
> In particular, AV to protect a Linux system (as opposed to scanning stuff before it's passed on > to help protect downline Windows systems) isn't likely to catch any Linux targeted malware that > does exist, at least not right away, because the AV vendors simply aren't particularly checking > for Linux malware at this point, because even if there were malware to check for, they simply > don't have the customers in that market to support it.
Well, I have found numerous malware, flooder scripts etc. (mostly on servers) with use of anti-virus programs (am talking about Linux FS level here, not mail and its attachments). So I believe, your conclusion is wrong. Scanning is easy and as much as we'd like to think we don't need it on Linux, you do miss out on several thousand potential threats if you don't on occasions.
Slashdot Mirror
> It's just a waste of effort to use crypto, as this story supports.
> It's all one big waste of time, effort, and manpower.
Crypto is like a lock (not by coincidence the symbol frequently used to indicate use of crypto IS a lock). A lock is not a once-and-forever solution, but defined in physical security circles correctly as a "time-delay device". With other words, given enough time any lock will be circumvented...broken if you want. Likewise with crypto.
BUT, with a human lifespan somewhere around 80 years (YMMV), a lock that protects your secrets/valuables long enough for it not to matter anymore to you or even your next couple offspring-generations has, IMHO, more than fulfilled its purpose. Even governments likely would have little need for protecting secrets longer than that.
This story is also IMHO a great example, just why any kind of centralized databases filled with info about people is a BAD idea, regardless of how official and sensible it might seem at first.
> Video, on the other hand, is already good enough to have online lectures.
Are there overview sites that list or link to available videos of lectures from different schools etc.?
> Moving online isn't going to help unless they use OSS textbooks.
How about tax money being spent to pay researchers, educators etc.pp. to write and compile the various school text (e)books, which then would be made available with an Open-Source license to all students and teachers alike? Imagine the synergy of every state doing such a thing, nevermind different countries.
As far as I am concerned, this is pretty much a non-issue. If the EU intends to on creating a true-choice landscape (which wouldn't be a bad thing) they'd go for the OEM's by requiring them to have blank computers as default. If Windows is desired by the customer, they should ship an extra-cost retail copy of it (which would also take care of the recovery disk BS). Likewise for any other OS (Linux could be shipped on a simple CD if no retail box exists). This would offer true choices as well in regards to wants and needs of the customer, capabilities of the OS and the true cost associated with said choice.
Further a compatibility test suite should be developed, by which all OS' and their preinstalled applications should be subjected to. For example, the installed browsers (I really don't care which one) need to comply in full to a set of published web standards. The current test result status of the various offerings can easily be displayed on some web site for reference. Office Suites need to be *fully* compatible in regards to some base formats (OpenDocument lends itself nicely, as well as PDF) and rigorous testing needs to take place. If they fail to read/write/import a document from another standards-compliant suite without farking everything up, it should be tossed out as a possible default installation for OEM's and if installed anyway, the OEM sanctioned. Ditto for e-mail etc.
Only such enforced base-line measures could possibly make a real difference by requiring inter-operability standards regardless of OS and application and get rid of the mess we're in with monopoly abuses and vendor-lock-in etc..
> Old sysadmin here left us a wiki which, while sparsely populated was a great starting point.
Is it easily doable (how) to pull out just certain information out of a Wiki if, for example, pointy-hair dude wants a monthly server/specs inventory?
> Or do you have a list of where and what OSS is used in the canton?
> Would be interesting to see, as I've been trying to network with
> the responsible people for years
Any way to contact u?
> Switzerland states that only MS will do, but how can you
> truly know what's available without a public bid?
By having very vocal worker bees, who want their MS & Office. And the fact, that nobody so far got fired for buying Microsoft, even if they got pulled over the table in the process.
> Windows can be, and often is, just as bad and sometimes worse.
> I don't think your GF would be able to burn a CD with a fresh
> install of XP, either.
I know that but the truth is, it doesn't matter. If her car breaks down I am not gonna score points either by saying, well manufacturer's car XYZ is even worse than yours. XP is certainly far less productive out of the box (as in install from CD) as any recent Linux distro and that's assuming, you can even get the hardware detected (don't get me started on SATA controllers).
But Linux as an alternative is supposed to do things better and with less headaches. And while things have come a long, long way over the years, there's still a long way to go as well. Usability studies are an absolute must. Give someone an installer CD and a desktop (with supported hardware) and then give them targets for basic tasks: sending/receiving e-mail, creating/printing documents, listening/burning music, watching DVD's etc.. Any point where they can't get it to work needs to be addressed, despite the fact that a fix usually already exists. If that fix is not apparent to a user, it's NOT A FIX! Linux distros in general, and program developers in particular need to adopt the mindset, that if something is too obscure or hard to use for a reasonably motivated and intelligent potential user, then that software is BROKEN by definition.
> precisely what Ubuntu is trying to do. It is a matter of opinion
> as the whether they are succeeding, but I believe that they are.
At the latest when my GF wanted to burn a simple mp3 file and Brasero mumbled something about an "missing gstreamer plugin" she said, that (Ubuntu) Linux is still too complicated for normal users. I couldn't really argue with her, just explain the Why's and How's of proprietary stuff and the legal issues of their use. Installed the restricted stuff (which she'd have had no idea to even look for!) and she was set and likes it.
Another point in the slides of TFA was, that just because Linux is free it's not inexpensive. True that. Just spoke to the director of IT for a large/well-known european city and he too said, he doesn't see a business point for Linux (and he likes it personally). Basically the Unix side is taken by AIX (license costs per WS/Server are negligible, especially for a rich town) and the Windows side is, well, gonna stay that way (all city desktops are going Vista).
So Linux, despite the fact that the official city site runs on it is basically kept on board just to have the know-how around. That, however, costs salaries and if several admin's pull 100k/y each then I can see, how from a business point of view Linux doesn't make sense atm.. Rock and a hard place for adoption and likely in other locations you'll find similar situations.
Perhaps they have a point: Can't Fukem Forever. What they'll get though is questionable. At best the current code which might open up the possibility of continuation of development.
> AdBlock is the next killer app waiting in the wings
Color me ignorant, but what exactly does Adblock do that Noscript doesn't (honest question...only using NS so far). It seems, Noscript blocks a bunch of ads too. Should they perhaps run in conjunction for best results?
> NoScript is the only way I can browse Slashdot without slowing my browser to a crawl.
Slashdot is indeed one of the slowest sites. Liked the old interface a lot more...speedier. What settings did you choose and what domains allowed?
Offtopic: Anyone know, how to read /. offline as in downloading or at least browser-loading the *entire* discussion thread on a given story? Would like to use my time on the train commute.
> It(along with flashblock) kills off 99% of the intrusive advertising
Used to have Flashblock (great extension). But Noscript also blocks Flash, so there's no need for a separate Flashblock'er.
> Honestly, how many man-hours and equipment do you really want to commit to backup?
> Do you really think it's worthwhile to get a tape system and regularly move tapes
> off-site for some community mods? Anyone can envision a system that is far more secure
> than this, but paying for it is another thing.
Actually all that was needed was a $100 hard drive, that could have been rsync'ed to automatically even over DSL.
> a couple of eSata enclosures which offer tool-less installation
> - just a thumb-latch, and slide the drive in/out (about $50USD)
Which model did you get? Am looking myself for assembly-less (as i screws etc.) external USB and/or SATA enclosures...
> I just bought a ASUS 1000HA. Guess what- a sale chocked up for Windows despite the fact
> that I'd just going to rm -rf * it as soon as the netbook arrives.
So do not comply with the EULA and submit a refund request (for Windows) to the vendor.
I'd use it but I heard, it's not compatible with the OpenDocument 1.1 standard... :-P
So what happens, if you install SP2 and have the Sun ODF Plugin for MS-Office already installed? Clash of the Titans?
Do you pine for the nice days of minix-1.1, when men were men and wrote :-)
their own device drivers? Are you without a nice project and just dying
to cut your teeth on a OS you can try to modify for your needs? Are you
finding it frustrating when everything works on Linux? No more all-
nighters to get a nifty program working? Then this post might be just
for you
As I mentioned a month(?) ago, I'm working on a free version of a
Linux-lookalike for AT-386 computers. It has finally reached the stage
where it's even usable (though may not be depending on what you want),
and I am willing to put out the sources for wider distribution. It is
just version 0.02 (+1 (very small) patch already), but I've successfully
run bash/gcc/gnu-make/gnu-sed/compress etc under it.
Sources for this pet project of mine can be found at nic.funet.fi /pub/OS/minix. The directory also :-). Full kernel /pub/gnu.
(128.214.6.100) in the directory
contains some README-file and a couple of binaries to work under Minix
(bash, update and gcc, what more can you ask for
source is provided, as no Linux code has been used. Library sources are
only partially free, so that cannot be distributed currently. The
system is able to compile "as-is" and has been known to work. Heh.
Sources to the binaries (bash and gcc) can be found at the same place in
ALERT! WARNING! NOTE! These sources still need Linux-386 to be compiled
(and gcc-1.40, possibly 1.37.1, haven't tested), and you need Linux to
set it up if you want to run it, so it is not yet a standalone system
for those of you without Linux. I'm working on it. You also need to be
something of a hacker to set it up (?), so for those hoping for an
alternative to Linux-386, please ignore me. It is currently meant for
hackers interested in operating systems and 386's with access to Linux.
The system needs an AT-compatible harddisk (IDE is fine) and EGA/VGA. If
you are still interested, please ftp the README/RELNOTES, and/or mail me
for additional info.
I can (well, almost) hear you asking yourselves "why?". Hurd will be
out in a year (or two, or next month, who knows), and I've already got
Linux. This is a program for hackers by a hacker. I've enjouyed doing
it, and somebody might enjoy looking at it and even modifying it for
their own needs. It is still small enough to understand, use and
modify, and I'm looking forward to any comments you might have.
I'm also interested in hearing from anybody who has written any of the
utilities/library functions for Linux. If your efforts are freely
distributable (under copyright or even public domain), I'd like to hear
from you, so I can add them to the system. I'm using Earl Chews estdio
right now (thanks for a nice and working system Earl), and similar works
will be very wellcome. Your (C)'s will of course be left intact. Drop me
a line if you are willing to let me use your code.
Andrew
PS. to PHIL NELSON! I'm unable to get through to you, and keep getting
"forward error - strawberry unknown domain" or something.
Don't risk your job over a friggin' cable that your boss pays for anyway. He will hold it against you big time if you don't "value" his 'sage' opinion about the virtues of commercially-made cables.
> Love the encrypted home folder option.
Haven't tried it yet. Is the login pass phrase also unlocking your encrypted home dir? If so, isn't it annoying to type the 128-bit pass phrase in every ten minutes your desktop screen saver lock kicks in? Any workarounds (separate pass phrases for home dir and login/desktop lock)?
> The community (even most people in this crowd) totally grokked the idea of "4.0-as-API-freeze"
> but the distros throught 4.0 meant time to upgrade, and frankly they should have kept 3.5 as
> the default until the 4 series was truly ready.
You could always use Slackware, which did it right (KDE 4.x to be released with the next Slackware version sometime this year. Slackware 12.2 still shipped with KDE 3.x).
Since in the past it was not possible, just wondering, if hibernation can work with your swap partition encrypted with LUKS/dm-crypt.
Aside from that, does swap size have to match physical RAM for hibernation, even if the machine has copious and largely unused amounts of it?
> In particular, AV to protect a Linux system (as opposed to scanning stuff before it's passed on
> to help protect downline Windows systems) isn't likely to catch any Linux targeted malware that
> does exist, at least not right away, because the AV vendors simply aren't particularly checking
> for Linux malware at this point, because even if there were malware to check for, they simply
> don't have the customers in that market to support it.
Well, I have found numerous malware, flooder scripts etc. (mostly on servers) with use of anti-virus programs (am talking about Linux FS level here, not mail and its attachments).
So I believe, your conclusion is wrong. Scanning is easy and as much as we'd like to think we don't need it on Linux, you do miss out on several thousand potential threats if you don't on occasions.