As a developer, linux is sooooooooo much nicer in terms of development environment than windows or macos or (...). Well, I should say unix in general is this way. Part of it is having a very efficient CLI shell, part is the toolset that is available to make programmer's lives easier, part is I think due to the simple underlying philosophy of not getting in your way.
And I never said that server programs are evil, just insecurely installed server programs.;-) I have all kinds of shit hanging off my workstation, but a) it's all pretty much locked down in service-specific ways to be reasonably secure, and b) I have a fairly tight firewall in between my internal LAN and the net (gotta love openBSD, IPF kicks the ass out of IPCHAINS).
Re:Question from a total newbie
on
New Linux Worm
·
· Score: 2
See my "bastille" comment a few posts up. If you're using a redhat-derivative (RH, Mandrake, etc.), look in/etc/init.d or/etc/rc/init.d for the shell scripts that turn things on and off (e.g./etc/init.d/named stop). Editing/etc/inetd.conf or/etc/xinetd.conf to comment out or remove the ability of the inetd-superserver to start up a connection to service X is another approach. Also see the program "ntsysv" on RH derivatives that gives you easy access to the "what starts on boot" list (hint: you can safely uncomment most of that list:) ). Note that some services (e.g. bind) run on their own continuously and some run on an as-needed, connection-oriented basis from (x)inetd (e.g. telnet, ftp) and some can run either way (ftp, ssh), the exact methods for disabling them depend...
If you have an always on connection, consider getting a personal firewall (there are bazillions of them, I've had good luck with the Linksys (linksys.com) series of products, buy.com has good (sub $100 for some models) prices on them). Even if you end up ditching linux it'll make your windows/whatever boxen on the home lan more secure.
Long term, get yourself a good book on unix administration (the armadillo book from o'reilly is a good bet (author = aeleen frisch iirc)). Read the docs on the Linux Documentation Project, particularly the book-length opus on security and system performance tuning. (www.redhat.com/mirrors/LDP is usually the mirror I use, I _think_ the home url is www.linuxdoc.org). I know it seems like a mountain of information but give yourself 6 months or so and it'll all seem clear. (plus you can get a stable, reasonbly lucrative job doing it if you devote enough time to becoming an admin to do it well).
I don't recall where I saw this but it makes sense: don't use the "*-line" down the left side of the comment, just the "/*" and "*/" parts on lines by themselves. Makes editing easier, perhaps at the price of some visual distinction.
(vaguely related: damn I wish somebody would "back port" the "//" comment notation from C++ to C. So much quicker to type for those quick one-liners to explain a small point...)
Re:Use DJBDNS instead of BIND.
on
New Linux Worm
·
· Score: 1
I'd say the fault lies with whoever wrote the inscrutable documentation for svscan, whoever decided svscan was a good idea in the first place (I can start my own daemons, thank you very much), and whoever decided that changing the naming convention for svscan directories between releases and not updating the svscan directories created by install scripts for djbdns/qmail was a good idea... Due diligence only goes so far in protecting the author of crummy code from liability. Don't get me wrong, I like qmail, and to a lesser extent I like djbdns. But I think svscan is a piece of shit.
... like the one that's always advertised in LJ. Of course I don't know how easy it would be to hack a ps/2 port onto the watch or if it already has some form of KB adaptor...
I think I found the web site for it here (1/2 way down the page). Phoenix Group International is the manufacturer's name.
Wrong. There is already a version with an OpenBSD rootkit.
Version of the worm? Version of BIND vulnerable to the worm? Version of OpenBSD with a vulnerable version of BIND?
Anyway, I'm not suprised OpenBSD can get rooted by a vulnerable service. Once you get inside OpenBSD's (admittedly very hard) shell, it's about as easy to get root as with any other unix-derivitive (i.e. not trivial usually but not impossible either).
These "people" are you and me, the admins. This problem is clearly the admin's fault.
Note that I was talking about newbies in the majority of my post. Newbie admins are still newbies. And yes, I still think the distro makers are partly to blame, in that even the slickest installer isn't going to protect you from your own ignorance (e.g. "workstation" installations that install BIND, "server" installations that install basically every service, etc.). No distro maker can prevent newbie admins from shooting themselves in the foot, but at least they can try to make sure the newbies aren't covered in gasoline and handed a cigarette to smoke...
Not trying to flame here, but your ranting sounds like the parents who blame high-school shootings on video games
and movies, when they should be pointing in the mirror.
Professionalism is an inherent requirement to do well as an admin. My post however was directed at the person who just picked "everything" on a RH install whilst trying linux for the first time with their cable-modem-connected-and-no-firewall machine... For that person the distro makers do need to be very conservative with what they install by default and/or configure to be open to the world by default. Linux companies could definitely take a page from OpenBSD in this regard.
Re:Not an option for some of us
on
New Linux Worm
·
· Score: 1
Well, just make sure a) SSH is something recent (recent openssh, or the "commercial" ssh which is free to edu users), and b) ftp is recent and/or a version intended to be secure (wuftpd has problems, and is one of the more common daemons; also look into scp and/or sftp with SSH).
I've heard of problems with portmap, but I don't have to admin it (no NFS/NIS in the last few environments where I've worked). This is something I'd track down an expert at your university to ask about...
Look into the Bastille project (search freshmeat). It's intended to run on a virgin install IIRC, fixes security holes and tells you what it's doing and why.
Re:Use DJBDNS instead of BIND.
on
New Linux Worm
·
· Score: 2
This implies that the small utilities do that one thing really well. Well, I suppose svscan does one thing really well: generate MB/sec of error messages when it sees something it doesn't like, something trivial like a wrongly-named directory or a rightly-named directory in the wrong place. Seriously, it's like it was coded to stress-test syslog so it has zero error checking...
Re:Use DJBDNS instead of BIND.
on
New Linux Worm
·
· Score: 1
DJBDNS is ok, but I found it somewhat balky to install. This seems to be a frequent DJB-derived-software complaint of mine, I don't like having to install two or three or more packages to get one simple thing like mini-dns to work (I _really_ don't like svscan, for example).
You probably shouldn't be running bind (or anything else). Linux's security problems are almost always created by people leaving stuff up/on/open when they don't need to.
If you're a newbie, here's a partial list of things you don't need to install or have running on your new workstation: bind/named, any form of mail server (esp. sendmail), atd, smbd/nmbd (samba), inetd, any form of ftp daemon (wuftpd, et al.), NFS/NIS/portmap, basically anything that provides a service to the outside world. Machines on "always-on" connections and not behind firewalls are of course the most vulnerable...
The best policy is offering nothing, and only selectively opening up services as you need to. If you do have a machine that needs to provide a service, try to understand the service and the idiosyncracies of the server program before you offer it, and keep tabs on updates...
Insert standard "wish-the-distros-would-wise-up-and-ship-closed-by -default-installations" thought here...
Or if you don't mind a minimal window manager just use a 486 (80+ MHz is probably best). Most 486en don't need cpu fans, a good heatsink will do. Heck, I've run a p150 without a fan on it's (quite large) heatsink and it was ok (note that it was originally designed this way, that MB and cpu came out of a name-brand PC).
I swear it seems they've spun off or canceled everything they once made (palm pilots, modems, IAs, etc. didn't they spin off or cancel their network infrastructure stuff too (switches et al.)?). What do they still sell?!;-)
Is it on a disk? What format? Did they print it out? Is it on acid free paper? etc. etc.
WRT the freedom of information act and the bill of rights protections against self incrimination or unreasonable searches and seizures, the impression I've gotten in the law class I'm taking (in theory business law but the prof is really cool so we end up debating all sorts of legal topics, you gotta love arguing the validity of things like the DMCA in a class situation[1]) is that as a _person_ you have those protections, as an _institution_ you do not. So Bush's love letter to his wife or birthday card to his daughter are not FOIA fair game, but his email _as the incarnation of the institution of the American presidency_ is. (Leaving aside my personal views regarding his _extreme_ lack of aptitude for the office, unfortunately we're stuck with that cromag for the next few years...)
[1]I'm a computational chem major, but I'm eclectic. eh, you have to have some way to squander your youth, I picked college...
I'd say the Spanish-American war was pretty outwardly directed foreign policy.;-) Not that I'm saying it was right, but it was outward...
Sweetie, you're living in a city that is in no way cosmopolitan. Not even close. Live in LA or NYC or Houston before you decide all of america is comprised of close-minded, mom-and-apple-pie hicks. There are places in Houston where the street signs are in 3 languages, and english is last on the list...
As far as american culture as a whole, well I agree most of it is pretty homogenized. Why most people here like that pap (*NSUCK, BACKDOOR BOYS, McFuckingDonalds, or any of the 1,001 romantic comedies (all of which are as funny as a root canal and about as romantic as a sandpaper dildo), etc. ad nauseum) is beyond me. Why the rest of the world is so enamored of that crap is even further beyond me. I think that basically, most people are stupid. The genius of american mainstream culture is that they learned how to sell stuff to idiots, cretins, and slack-jawed droolers of all stripes as efficiently as possible, and this works as well with Scottish retards as it does American or Japanese or ($COUNTRY) ones... Why bother being creative when you can capture 90% of the global market with cheap, tawdry, talentless crap?
Oh well, at least for every ten (thousand) boy bands we have a Hemingway or Poe.
In case you were thinking that this is somehow a "win" (whatever that is) for Linux, think again: They are going to
home-grow their secure solutions using a German software company.
Hmmm, ever heard of SuSE? Nothing stops them from making a DGSE-linux in cooperation with SuSE, sort of analogous to the NSA's security enhanced linux... (Was DGSE the german foreign intelligence agency or do I even have the right country? oh well, what ever acronym is right the point is the same) Now does this mean that they'll release a new linux binary called/usr/local/bin/sniffgermansecrets? doubt it. but if they find and release fixes for kernel bugs and whatnot, hey, that's a win...
Seriously, as long as software companies emphasize release date and features over correctness and user testing, bugginess will be the norm. Financial penalties are warranted and effective for some industries (e.g. automotive, where bugs in the system cause fatalities), but unless the software you're making has life-or-death failure consequences it probably doesn't warrant that level of intervention (and nobody ever died becuase Windows crashed while they were playing Quake).
I think more accurate would be to say that the emphasis on monetization is what slows down innovation. Money itself is a neccessary prerequisite to innovation in many fields (just as one example, organic chemistry labs are incredibly expensive in terms of reagent costs and instrumentation (figure USD500K+ for a good NMR alone)). CS is one of a very few fields where fundamental revolutions can take place with just one person's thoughts in their head and minimal bucks for some computer hardware to realize the implementation (c.f. Berners-Lee and the web), mathematics would be another (there all you need is one brilliant person and some paper and pencils;-) ).
Each congresscritter gets some set amount of funding per year to maintain his or her office staff. Last year I have information on (1989, came across it by random chance, haven't been curious enough to find out more recently), the total staff salary was on the order of $400K, which sounds like a lot but a small congressperson's office probably employs 8-12 people (head AA, 2 or 3 other office people that handle mundanities and snail mail, staff in the home district, etc.). Simply put, they may not have the budget to dedicate 2+ more people to something as ephemeral as email.
Of course, they could get interns, but a) there are only so many unpaid interns available, and b) unpaid interns and politicians are a potentially unstable mix...;-)
or movie places (the art houses and dinner theaters) or libraries or college classes or... basically any place where the intellectual pursuits in life are being practiced.
Keep in mind that your potential SO may not be a "geek" in the stringing-cat5-and-playing-quake sense, but if they are intellectual people then at least you have something to build a relationship on (that being good conversations and other intellectual stimulation; my fiancee has taught me all sorts of cool language and culture and history things, and in turn she's learned stuff from me like regular expressions, the foundation of a relationship is not what you get from it but what you give, but that's another topic). Remember to be yourself, don't do something "just becuase chicks dig it". That way when you do meet the person of your dreams, you'll genuinely have something in common.
But mainly, dude, make more than an hour a day into free time. No person is really going to fit into that sort of schedule, and no job is worth that much time.
(All these comments to be taken with a grain of salt, I'd be the last person to claim perfection in heart-related matters.)
if the savings is a few hundred million pesos how much is that in dollars? Maybe 50 bucks?
Well, the peso isn't that bad.;-) Here's a link to a universal currency converter I found via google (I don't know how up-to-the-second the rates are): www.xe.net/ucc/ . According to it 100,000,000 pesos is 10,449,320.79 USD, which is a non-trivial amount.
One question that springs to mind is what distro they're planning on using. Connectiva seems likely becuase of it's internationalization for Spanish-speaking countries, but hey, maybe the head techie dude likes Slack...:-)
Slashdot Mirror
As a developer, linux is sooooooooo much nicer in terms of development environment than windows or macos or (...). Well, I should say unix in general is this way. Part of it is having a very efficient CLI shell, part is the toolset that is available to make programmer's lives easier, part is I think due to the simple underlying philosophy of not getting in your way.
And I never said that server programs are evil, just insecurely installed server programs. ;-) I have all kinds of shit hanging off my workstation, but a) it's all pretty much locked down in service-specific ways to be reasonably secure, and b) I have a fairly tight firewall in between my internal LAN and the net (gotta love openBSD, IPF kicks the ass out of IPCHAINS).
--
News for geeks in Austin: www.geekaustin.org
See my "bastille" comment a few posts up. If you're using a redhat-derivative (RH, Mandrake, etc.), look in /etc/init.d or /etc/rc/init.d for the shell scripts that turn things on and off (e.g. /etc/init.d/named stop). Editing /etc/inetd.conf or /etc/xinetd.conf to comment out or remove the ability of the inetd-superserver to start up a connection to service X is another approach. Also see the program "ntsysv" on RH derivatives that gives you easy access to the "what starts on boot" list (hint: you can safely uncomment most of that list :) ). Note that some services (e.g. bind) run on their own continuously and some run on an as-needed, connection-oriented basis from (x)inetd (e.g. telnet, ftp) and some can run either way (ftp, ssh), the exact methods for disabling them depend...
If you have an always on connection, consider getting a personal firewall (there are bazillions of them, I've had good luck with the Linksys (linksys.com) series of products, buy.com has good (sub $100 for some models) prices on them). Even if you end up ditching linux it'll make your windows/whatever boxen on the home lan more secure.
Long term, get yourself a good book on unix administration (the armadillo book from o'reilly is a good bet (author = aeleen frisch iirc)). Read the docs on the Linux Documentation Project, particularly the book-length opus on security and system performance tuning. (www.redhat.com/mirrors/LDP is usually the mirror I use, I _think_ the home url is www.linuxdoc.org). I know it seems like a mountain of information but give yourself 6 months or so and it'll all seem clear. (plus you can get a stable, reasonbly lucrative job doing it if you devote enough time to becoming an admin to do it well).
--
News for geeks in Austin: www.geekaustin.org
I don't recall where I saw this but it makes sense: don't use the "*-line" down the left side of the comment, just the "/*" and "*/" parts on lines by themselves. Makes editing easier, perhaps at the price of some visual distinction.
(vaguely related: damn I wish somebody would "back port" the "//" comment notation from C++ to C. So much quicker to type for those quick one-liners to explain a small point...)
--
News for geeks in Austin: www.geekaustin.org
I'd say the fault lies with whoever wrote the inscrutable documentation for svscan, whoever decided svscan was a good idea in the first place (I can start my own daemons, thank you very much), and whoever decided that changing the naming convention for svscan directories between releases and not updating the svscan directories created by install scripts for djbdns/qmail was a good idea... Due diligence only goes so far in protecting the author of crummy code from liability. Don't get me wrong, I like qmail, and to a lesser extent I like djbdns. But I think svscan is a piece of shit.
--
News for geeks in Austin: www.geekaustin.org
... like the one that's always advertised in LJ. Of course I don't know how easy it would be to hack a ps/2 port onto the watch or if it already has some form of KB adaptor...
I think I found the web site for it here (1/2 way down the page). Phoenix Group International is the manufacturer's name.
--
News for geeks in Austin: www.geekaustin.org
yah, but hopefully your wristwatch is a single-user system... ;-)
--
News for geeks in Austin: www.geekaustin.org
Version of the worm? Version of BIND vulnerable to the worm? Version of OpenBSD with a vulnerable version of BIND?
Anyway, I'm not suprised OpenBSD can get rooted by a vulnerable service. Once you get inside OpenBSD's (admittedly very hard) shell, it's about as easy to get root as with any other unix-derivitive (i.e. not trivial usually but not impossible either).
--
News for geeks in Austin: www.geekaustin.org
Note that I was talking about newbies in the majority of my post. Newbie admins are still newbies. And yes, I still think the distro makers are partly to blame, in that even the slickest installer isn't going to protect you from your own ignorance (e.g. "workstation" installations that install BIND, "server" installations that install basically every service, etc.). No distro maker can prevent newbie admins from shooting themselves in the foot, but at least they can try to make sure the newbies aren't covered in gasoline and handed a cigarette to smoke...
Professionalism is an inherent requirement to do well as an admin. My post however was directed at the person who just picked "everything" on a RH install whilst trying linux for the first time with their cable-modem-connected-and-no-firewall machine... For that person the distro makers do need to be very conservative with what they install by default and/or configure to be open to the world by default. Linux companies could definitely take a page from OpenBSD in this regard.
--
News for geeks in Austin: www.geekaustin.org
Well, just make sure a) SSH is something recent (recent openssh, or the "commercial" ssh which is free to edu users), and b) ftp is recent and/or a version intended to be secure (wuftpd has problems, and is one of the more common daemons; also look into scp and/or sftp with SSH).
I've heard of problems with portmap, but I don't have to admin it (no NFS/NIS in the last few environments where I've worked). This is something I'd track down an expert at your university to ask about...
--
News for geeks in Austin: www.geekaustin.org
Look into the Bastille project (search freshmeat). It's intended to run on a virgin install IIRC, fixes security holes and tells you what it's doing and why.
--
News for geeks in Austin: www.geekaustin.org
This implies that the small utilities do that one thing really well. Well, I suppose svscan does one thing really well: generate MB/sec of error messages when it sees something it doesn't like, something trivial like a wrongly-named directory or a rightly-named directory in the wrong place. Seriously, it's like it was coded to stress-test syslog so it has zero error checking...
--
News for geeks in Austin: www.geekaustin.org
DJBDNS is ok, but I found it somewhat balky to install. This seems to be a frequent DJB-derived-software complaint of mine, I don't like having to install two or three or more packages to get one simple thing like mini-dns to work (I _really_ don't like svscan, for example).
--
News for geeks in Austin: www.geekaustin.org
You probably shouldn't be running bind (or anything else). Linux's security problems are almost always created by people leaving stuff up/on/open when they don't need to.
If you're a newbie, here's a partial list of things you don't need to install or have running on your new workstation: bind/named, any form of mail server (esp. sendmail), atd, smbd/nmbd (samba), inetd, any form of ftp daemon (wuftpd, et al.), NFS/NIS/portmap, basically anything that provides a service to the outside world. Machines on "always-on" connections and not behind firewalls are of course the most vulnerable...
The best policy is offering nothing, and only selectively opening up services as you need to. If you do have a machine that needs to provide a service, try to understand the service and the idiosyncracies of the server program before you offer it, and keep tabs on updates...
Insert standard "wish-the-distros-would-wise-up-and-ship-closed-by -default-installations" thought here...
--
News for geeks in Austin: www.geekaustin.org
Or if you don't mind a minimal window manager just use a 486 (80+ MHz is probably best). Most 486en don't need cpu fans, a good heatsink will do. Heck, I've run a p150 without a fan on it's (quite large) heatsink and it was ok (note that it was originally designed this way, that MB and cpu came out of a name-brand PC).
--
News for geeks in Austin: www.geekaustin.org
I swear it seems they've spun off or canceled everything they once made (palm pilots, modems, IAs, etc. didn't they spin off or cancel their network infrastructure stuff too (switches et al.)?). What do they still sell?! ;-)
--
News for geeks in Austin: www.geekaustin.org
Is it on a disk? What format? Did they print it out? Is it on acid free paper? etc. etc.
WRT the freedom of information act and the bill of rights protections against self incrimination or unreasonable searches and seizures, the impression I've gotten in the law class I'm taking (in theory business law but the prof is really cool so we end up debating all sorts of legal topics, you gotta love arguing the validity of things like the DMCA in a class situation[1]) is that as a _person_ you have those protections, as an _institution_ you do not. So Bush's love letter to his wife or birthday card to his daughter are not FOIA fair game, but his email _as the incarnation of the institution of the American presidency_ is. (Leaving aside my personal views regarding his _extreme_ lack of aptitude for the office, unfortunately we're stuck with that cromag for the next few years...)
[1]I'm a computational chem major, but I'm eclectic. eh, you have to have some way to squander your youth, I picked college...
--
News for geeks in Austin: www.geekaustin.org
I'd say the Spanish-American war was pretty outwardly directed foreign policy. ;-) Not that I'm saying it was right, but it was outward...
Sweetie, you're living in a city that is in no way cosmopolitan. Not even close. Live in LA or NYC or Houston before you decide all of america is comprised of close-minded, mom-and-apple-pie hicks. There are places in Houston where the street signs are in 3 languages, and english is last on the list...
As far as american culture as a whole, well I agree most of it is pretty homogenized. Why most people here like that pap (*NSUCK, BACKDOOR BOYS, McFuckingDonalds, or any of the 1,001 romantic comedies (all of which are as funny as a root canal and about as romantic as a sandpaper dildo), etc. ad nauseum) is beyond me. Why the rest of the world is so enamored of that crap is even further beyond me. I think that basically, most people are stupid. The genius of american mainstream culture is that they learned how to sell stuff to idiots, cretins, and slack-jawed droolers of all stripes as efficiently as possible, and this works as well with Scottish retards as it does American or Japanese or ($COUNTRY) ones... Why bother being creative when you can capture 90% of the global market with cheap, tawdry, talentless crap?
Oh well, at least for every ten (thousand) boy bands we have a Hemingway or Poe.
--
News for geeks in Austin: www.geekaustin.org
Hmmm, ever heard of SuSE? Nothing stops them from making a DGSE-linux in cooperation with SuSE, sort of analogous to the NSA's security enhanced linux... (Was DGSE the german foreign intelligence agency or do I even have the right country? oh well, what ever acronym is right the point is the same) Now does this mean that they'll release a new linux binary called /usr/local/bin/sniffgermansecrets? doubt it. but if they find and release fixes for kernel bugs and whatnot, hey, that's a win...
--
News for geeks in Austin: www.geekaustin.org
involving the government. riiiiiiight....
Seriously, as long as software companies emphasize release date and features over correctness and user testing, bugginess will be the norm. Financial penalties are warranted and effective for some industries (e.g. automotive, where bugs in the system cause fatalities), but unless the software you're making has life-or-death failure consequences it probably doesn't warrant that level of intervention (and nobody ever died becuase Windows crashed while they were playing Quake).
--
News for geeks in Austin: www.geekaustin.org
I think more accurate would be to say that the emphasis on monetization is what slows down innovation. Money itself is a neccessary prerequisite to innovation in many fields (just as one example, organic chemistry labs are incredibly expensive in terms of reagent costs and instrumentation (figure USD500K+ for a good NMR alone)). CS is one of a very few fields where fundamental revolutions can take place with just one person's thoughts in their head and minimal bucks for some computer hardware to realize the implementation (c.f. Berners-Lee and the web), mathematics would be another (there all you need is one brilliant person and some paper and pencils ;-) ).
--
News for geeks in Austin: www.geekaustin.org
Each congresscritter gets some set amount of funding per year to maintain his or her office staff. Last year I have information on (1989, came across it by random chance, haven't been curious enough to find out more recently), the total staff salary was on the order of $400K, which sounds like a lot but a small congressperson's office probably employs 8-12 people (head AA, 2 or 3 other office people that handle mundanities and snail mail, staff in the home district, etc.). Simply put, they may not have the budget to dedicate 2+ more people to something as ephemeral as email.
Of course, they could get interns, but a) there are only so many unpaid interns available, and b) unpaid interns and politicians are a potentially unstable mix... ;-)
--
News for geeks in Austin: www.geekaustin.org
or movie places (the art houses and dinner theaters) or libraries or college classes or ... basically any place where the intellectual pursuits in life are being practiced.
Keep in mind that your potential SO may not be a "geek" in the stringing-cat5-and-playing-quake sense, but if they are intellectual people then at least you have something to build a relationship on (that being good conversations and other intellectual stimulation; my fiancee has taught me all sorts of cool language and culture and history things, and in turn she's learned stuff from me like regular expressions, the foundation of a relationship is not what you get from it but what you give, but that's another topic). Remember to be yourself, don't do something "just becuase chicks dig it". That way when you do meet the person of your dreams, you'll genuinely have something in common.
But mainly, dude, make more than an hour a day into free time. No person is really going to fit into that sort of schedule, and no job is worth that much time.
(All these comments to be taken with a grain of salt, I'd be the last person to claim perfection in heart-related matters.)
--
News for geeks in Austin: www.geekaustin.org
I thought that the 1,993 revision number jump was pretty impressive... (7 -> 2000) ;-)
--
News for geeks in Austin: www.geekaustin.org
well, you know us scientists and engineers, as soon as we hear a unit we look for a conversion factor or two... ;-)
(you are absolutely right though about the exchange rate not meaning anything)
--
News for geeks in Austin: www.geekaustin.org
Well, the peso isn't that bad. ;-) Here's a link to a universal currency converter I found via google (I don't know how up-to-the-second the rates are): www.xe.net/ucc/ . According to it 100,000,000 pesos is 10,449,320.79 USD, which is a non-trivial amount.
One question that springs to mind is what distro they're planning on using. Connectiva seems likely becuase of it's internationalization for Spanish-speaking countries, but hey, maybe the head techie dude likes Slack... :-)
--
News for geeks in Austin: www.geekaustin.org