You're only upset about it because some people keep them as pets and you are culturally conditioned
Actually It's more the killing of a random animal off the street at a party that i find vulgar. I've been hunting and eat meat, but i draw the line at killing domesticated animals (in part because they trust humans).
Why is eating a cat worse than eating a cow, a pig, or a chicken?
Because it was a domesticated animal and this one had rabies, but even if that were not the case I think the idea of killing an innocent animal* at a party is much more vulgar than going down on a girl.
*I'm not a vegetarian or anything, but this cat was neither bread for food nor a pest.
Still on the site is the story of how some guy killed and ate a cat (is that even legal?), but that is ofc fine, however the guy posting an innuendo obviously went too far!
That's the right way to deal with this, technical measures are pointless because the police will always be able to get that info (with current tech 3 40w bulbs give a noticeably different pastern), making it useless without a warrant is what's key, some sort of guaranteed anonymization of the data would be nice too (because while the electricity company need long term statistics so they can shame their supply to demand, they don't need YOUR long term stats).
But you can just run the exploit anyway, if you are on a system and you can run binariers/scripts/python/java that call a privilege escalation bug, you can just download an unisgned version of the pacakge and run in, need your own libraries no problem ldd is here to help
Nobody is suggesting you sign packages with setuid/setgid, so in reality you are no worse in a security perspective than users just installing programs themselves
You don't have to use it, however users can already install and run programs in their/home (noexec can only help so much), making this easier and safer for them (installing trusted packages instead of random ones) is a good idea.
with a secure list of components it is authorised by the user to load, before it loads them
Trying to secure what is on the users disk is hard, the best Mozilla can do is ask the OS to keep the disc in the same state (what they are doing) Alternatively they could sign all the extensions but would make starting up slow. At the end of the day there is nothing they can do that MS can't work around, however with help from MS they can prevent anybody else doing the same.
IMO this is the sort of thing an improved apparmor should handle by only allowing firefox (and basic utilities) access to ~/.Mozilla (but there isn't much demand for securing the Linux desktop as people put all their faith in repos)
FF less than 3.6
1. Right-click -> New -> Boolean
2. Name: extensions.checkCompatibility
3. Value: false
FF more than or equal to 3.6 extensions.checkcompatibility. is used instead (bug 521905). "" is the application version, including alpha and beta releases but excluding minor version updates. For example: Firefox 3.6b2 -> extensions.checkCompatibility.3.6b Firefox 3.6 -> extensions.checkCompatibility.3.6 and Firefox 3.6.1 -> extensions.checkCompatibility.3.6.
it's all here, did you even look before complaining?
Because the awsome bar is effectively free give firefox now uses sqlite to store bookmarks, as it can be disabled easily (or you can have an addin to re-theme it to the oldway, but getting rid of the "bloat" can be done with a gui setting)
To get help all I've ever had to do is run the program in --safe-mode and see if the bug is still there (often it's not), personally i like keeping a blank profile and launching it with --no-remote anyway, but --safe-mode isn't that much to ask, given they are normally caused by addons
Maybe it's just marketing, but isn't the fact that the space shuttle can be reused advantageous? Better pre launch testing can make it safer, but AFAIK nothing can be done to the Soyuz to make it reusable. It seams to me that the space shuttle has more of a future to it than Soyuz, but that's just a fealing i can't really justify 10 more deaths just because the shuttle can land again.
There is however a lot of tech that can't be weaponized, the shuttle for example isn't going to be used as a fighter plane any time soon (in fact most of it's design principles are the opposite of those used when designing fighter planes). Cooperation on non-military parts of the space mission wouldn't be hard, let them put a few scientists on the ISS, etc in exchange for funding and cooperation in other areas, try using the carrot instead of just the stick
Just because they haven't got a modern military doesn't mean they don't already have the plans, there is a big difference between having the designs to a Bugatti Veyron and being able to make one.
That is hardly "Which you could 'install' by just sticking them in ~/.fonts." and while upon closer inspection it turns out i wasn't compiling running rpmbuild, i still think that is far more work than anybody should have to do to get a some essential fonts.
No-one's playing for a share of a dumb customer base, here.
Fair enough but us "dumb users" bring free testing, feedback, advertising, support to a distro and a small proportion of us are likely to turn into developers, so i think you'll find that ubuntu (and to a lesser extent debian) are looking to have us as users.
maybe you should tell people about it, I had to go through this, call me stupid but if i cant run yum install micorosft-fonts (or something similar, maybe microsoft-fonts-installer so it's clear redhat are not hosting the fonts), then something is very wrong. It may be as easy as you claim, but if your method isn't in the first page of google results then it doesn't count for jack.
on ubuntu it's sudo apt-get install msttcorefonts or more likely it comes when your run sudo apt-get install *buntu-restricted-extras
but stick your head in the sand, that's how fedora is going to get market share
I use fedora 11 and i still think yum sucks, while i wouldn't complain about dependency hell, I have been unable to update due to packages not being available yet (i never had this problem on ubuntu or debian), but hey those problems get resolved soon enough, my main beef is speed, yum is sloooow (compared to apt), while it does have some nice features presto/etc i find the speed still leaves me yearning for apt!
I wish it was possible to upgrade to a new major version without upgrading everything else at once. It shouldn't be pushed as an automatic or opt-out update though, only manual or opt-in.
apt-pinning, include a later repo and pin any app you want to upgrade to the new repo, some distros (i.e debian) even support thise, but it **should** work on any that use sane version numbering (i.e you do not release a new version of a package and call it the same as the last).
I mean the sane choice is to use backports to get newer software (or back ports and pinning, if you don't want everything up to date), but to answere exactly what you asked for i would have to say apt-pinning.
-Out-of-the-box media/driver experience: Fedora goes purist and the out-of-the-box experience suffers for it with lack of popular codecs and optimal drivers for nVidia cards. Ubuntu caters to the user experience and takes care of this out of the box. You have to add RPM fusion repositories to make Fedora cope with this, which isn't insurmountable, but isn't out of the box.
Installing microsoft fonts was a real PITA, there might be an easier way to do it but in fedora11 i needed to do it urgently and ended up having to compile, that's not acceptable!
Ubuntu *usually* doesn't jump the gun (GRUB 2 is an example of going before the upstream declares 'ready' though).
what about kde4 and pulseaudio? ubutnu is just as bad it just includes stuff as soon as upstream release it though.
I was going from the screenshots in TFS, (soemthing like this, while the background and panels might be blue, on every default kde install i've done, the theme was oxygen, which leaves grey windows and grey dull grey widgets
While DBUS can be secured that doesn't mean it is, i don't know if the gnome devs pay attention to dbus security (and don't really care), but from what I've played about with kde's dbus binding were not restrictive (makes developing easier, but also means an exploit in a plugin can do stuff like change your network settings).
Also, how do you intend to make this malware and will it be any different from simple shell script / binary malware you can get now?
Nothing but you are not encouraged to run arbitrary scripts/binaries while you are encouraged to download plugins and no matter how careful the guys at kdelook are somebody could always slip some malware into the next stask plugin or plasma-facebook-applet or even just a theme (maybe kde does check themes for code but AFAIK it doesn't)
kross is supposed to present an API for plugins to work with, but because my code is run in the same thread with the same privileges as the app, my bugs can not only crash the program but also remove all of a users files. Users should be able to download a plugin for kmail without worrying that it can 1) crash plasma 2) delete all their files
Also it was mainly a joke, i mean i think there is some truth to it, plugins should be locked down a bit so an exploit/bug in a plasma widget can't compromise all of a users data, but it was mainly a joke that once everything is finished the KDE devs will find an excuse to start over.
I think thats because most of us switched to htop because the kde3 version did a lot and as a result was slow to launch. regarding ctrl+esc, i think it's pretty good however i need keybinding, something like / = move focus to quicksearch (great tool btw) f9 / k = kill f7/f8/r = renice s,h,i,t,c,1,2 = send signals stop, hup, etc (not needed but while your at it why not)
Also nice would be policykit integration to launch the system monitor with a -ve niceness
The system monitor is much more buggy (crashed while i was look at it here, crashes if i change the monitor background color for networking): 1) it seams to take a lot of cpu, is it drawing graphs even if that tab is in the background and can that be avoided? 2) the graphs don't have enough settings (for example opaque fill instead of translucent (or no fill, or no smoothing on the lines) 3) You can't remove the default 2 tabs (if i make a better tab for monitoring my system settings i shouldn't waste resources on yours) 4) ksysguardd seams to run all the time and i can't find out where to disable it (might be a fedora packaging issue) 5) status bar info could contain number of running processes *) no way to hide the menubar (i consider this a bug in any kde program that doesn't implement it)
anyway thanks for ctrl+esc it looks like a good GUI alternative to htop, just add some keybindings and i would use it over htop
Yeah I kept hearding that so i went for a meander around debian and fedora and TBH i'm yet to see what people are talking about, there are differences but KDE in kubuntu is not significantly different from that in debian (kde3 vs kde3) or fedora (kde4 vs kde4).
I haven't run openSuse or mandriva yet so perhaps they are truly better but Debian's KDE is not significantly better and in fact lacked tweaks that had not made it upstream yet, so I'm starting to suspect it's just more generic ubuntu hate or as a result of ubuntu seeing more work on gnome, because I'm at a push to see any real difference.
The 3D stuff could always be turned off. I have no input lag (on QT apps, i have a few lag spikes in firefox, but i don't know who to blame for that) on 1x2Ghz that is usually running at 800mhz, i suspect it's something to do w/ your graphics card, but then again im only running a Radeon Xpress 200M with radeon drivers.
4.2 wasn't bad, and I actually *like* 4.3, I can easily set it up to do what I want/need easily.
My only worry is that... with 4.4 out, are we going to be subjected to KDE5.0 soon?
I called it some time ago 4.4 = all 1st party tools pretty much finished, 3rd party tools there but not polished 4.5 = 3rd party tools good to go
then somebody will release dbus/kross/plasma malware and they will realise that the whole DE has to be redone from a security perspective! 5.0 = an entire re-write with some concept of security and threading (kross for example runs in the same thread as the parent app) 5.1....
Slashdot Mirror
You're only upset about it because some people keep them as pets and you are culturally conditioned
Actually It's more the killing of a random animal off the street at a party that i find vulgar. I've been hunting and eat meat, but i draw the line at killing domesticated animals (in part because they trust humans).
Why is eating a cat worse than eating a cow, a pig, or a chicken?
Because it was a domesticated animal and this one had rabies, but even if that were not the case I think the idea of killing an innocent animal* at a party is much more vulgar than going down on a girl.
*I'm not a vegetarian or anything, but this cat was neither bread for food nor a pest.
Still on the site is the story of how some guy killed and ate a cat (is that even legal?), but that is ofc fine, however the guy posting an innuendo obviously went too far!
That's the right way to deal with this, technical measures are pointless because the police will always be able to get that info (with current tech 3 40w bulbs give a noticeably different pastern), making it useless without a warrant is what's key, some sort of guaranteed anonymization of the data would be nice too (because while the electricity company need long term statistics so they can shame their supply to demand, they don't need YOUR long term stats).
But you can just run the exploit anyway, if you are on a system and you can run binariers/scripts/python/java that call a privilege escalation bug, you can just download an unisgned version of the pacakge and run in,
need your own libraries no problem ldd is here to help
Nobody is suggesting you sign packages with setuid/setgid, so in reality you are no worse in a security perspective than users just installing programs themselves
You don't have to use it, however users can already install and run programs in their /home (noexec can only help so much), making this easier and safer for them (installing trusted packages instead of random ones) is a good idea.
but a requirement for signing them can be no-suid or system daemon, that way all this oers is better control over user programs
with a secure list of components it is authorised by the user to load, before it loads them
Trying to secure what is on the users disk is hard, the best Mozilla can do is ask the OS to keep the disc in the same state (what they are doing)
Alternatively they could sign all the extensions but would make starting up slow. At the end of the day there is nothing they can do that MS can't work around, however with help from MS they can prevent anybody else doing the same.
IMO this is the sort of thing an improved apparmor should handle by only allowing firefox (and basic utilities) access to ~/.Mozilla (but there isn't much demand for securing the Linux desktop as people put all their faith in repos)
FF less than 3.6
1. Right-click -> New -> Boolean
2. Name: extensions.checkCompatibility
3. Value: false
FF more than or equal to 3.6
extensions.checkcompatibility. is used instead (bug 521905). "" is the application version, including alpha and beta releases but excluding minor version updates. For example: Firefox 3.6b2 -> extensions.checkCompatibility.3.6b Firefox 3.6 -> extensions.checkCompatibility.3.6 and Firefox 3.6.1 -> extensions.checkCompatibility.3.6.
it's all here, did you even look before complaining?
Because the awsome bar is effectively free give firefox now uses sqlite to store bookmarks, as it can be disabled easily (or you can have an addin to re-theme it to the oldway, but getting rid of the "bloat" can be done with a gui setting)
Because --safe-mode is too much?
To get help all I've ever had to do is run the program in --safe-mode and see if the bug is still there (often it's not), personally i like keeping a blank profile and launching it with --no-remote anyway, but --safe-mode isn't that much to ask, given they are normally caused by addons
Maybe it's just marketing, but isn't the fact that the space shuttle can be reused advantageous? Better pre launch testing can make it safer, but AFAIK nothing can be done to the Soyuz to make it reusable. It seams to me that the space shuttle has more of a future to it than Soyuz, but that's just a fealing i can't really justify 10 more deaths just because the shuttle can land again.
There is however a lot of tech that can't be weaponized, the shuttle for example isn't going to be used as a fighter plane any time soon (in fact most of it's design principles are the opposite of those used when designing fighter planes). Cooperation on non-military parts of the space mission wouldn't be hard, let them put a few scientists on the ISS, etc in exchange for funding and cooperation in other areas, try using the carrot instead of just the stick
Just because they haven't got a modern military doesn't mean they don't already have the plans, there is a big difference between having the designs to a Bugatti Veyron and being able to make one.
That is hardly "Which you could 'install' by just sticking them in ~/.fonts ." and while upon closer inspection it turns out i wasn't compiling running rpmbuild, i still think that is far more work than anybody should have to do to get a some essential fonts.
No-one's playing for a share of a dumb customer base, here.
Fair enough but us "dumb users" bring free testing, feedback, advertising, support to a distro and a small proportion of us are likely to turn into developers, so i think you'll find that ubuntu (and to a lesser extent debian) are looking to have us as users.
maybe you should tell people about it, I had to go through this, call me stupid but if i cant run yum install micorosft-fonts (or something similar, maybe microsoft-fonts-installer so it's clear redhat are not hosting the fonts), then something is very wrong. It may be as easy as you claim, but if your method isn't in the first page of google results then it doesn't count for jack.
on ubuntu it's
sudo apt-get install msttcorefonts
or more likely it comes when your run sudo apt-get install *buntu-restricted-extras
but stick your head in the sand, that's how fedora is going to get market share
I use fedora 11 and i still think yum sucks, while i wouldn't complain about dependency hell, I have been unable to update due to packages not being available yet (i never had this problem on ubuntu or debian), but hey those problems get resolved soon enough, my main beef is speed, yum is sloooow (compared to apt), while it does have some nice features presto/etc i find the speed still leaves me yearning for apt!
I wish it was possible to upgrade to a new major version without upgrading everything else at once. It shouldn't be pushed as an automatic or opt-out update though, only manual or opt-in.
apt-pinning, include a later repo and pin any app you want to upgrade to the new repo, some distros (i.e debian) even support thise, but it **should** work on any that use sane version numbering (i.e you do not release a new version of a package and call it the same as the last).
I mean the sane choice is to use backports to get newer software (or back ports and pinning, if you don't want everything up to date), but to answere exactly what you asked for i would have to say apt-pinning.
-Out-of-the-box media/driver experience: Fedora goes purist and the out-of-the-box experience suffers for it with lack of popular codecs and optimal drivers for nVidia cards. Ubuntu caters to the user experience and takes care of this out of the box. You have to add RPM fusion repositories to make Fedora cope with this, which isn't insurmountable, but isn't out of the box.
Installing microsoft fonts was a real PITA, there might be an easier way to do it but in fedora11 i needed to do it urgently and ended up having to compile, that's not acceptable!
Ubuntu *usually* doesn't jump the gun (GRUB 2 is an example of going before the upstream declares 'ready' though).
what about kde4 and pulseaudio? ubutnu is just as bad it just includes stuff as soon as upstream release it though.
I was going from the screenshots in TFS, (soemthing like this, while the background and panels might be blue, on every default kde install i've done, the theme was oxygen, which leaves grey windows and grey dull grey widgets
While DBUS can be secured that doesn't mean it is, i don't know if the gnome devs pay attention to dbus security (and don't really care), but from what I've played about with kde's dbus binding were not restrictive (makes developing easier, but also means an exploit in a plugin can do stuff like change your network settings).
Also, how do you intend to make this malware and will it be any different from simple shell script / binary malware you can get now?
Nothing but you are not encouraged to run arbitrary scripts/binaries while you are encouraged to download plugins and no matter how careful the guys at kdelook are somebody could always slip some malware into the next stask plugin or plasma-facebook-applet or even just a theme (maybe kde does check themes for code but AFAIK it doesn't)
kross is supposed to present an API for plugins to work with, but because my code is run in the same thread with the same privileges as the app, my bugs can not only crash the program but also remove all of a users files. Users should be able to download a plugin for kmail without worrying that it can
1) crash plasma
2) delete all their files
Also it was mainly a joke, i mean i think there is some truth to it, plugins should be locked down a bit so an exploit/bug in a plasma widget can't compromise all of a users data, but it was mainly a joke that once everything is finished the KDE devs will find an excuse to start over.
I think thats because most of us switched to htop because the kde3 version did a lot and as a result was slow to launch.
regarding ctrl+esc, i think it's pretty good however i need keybinding, something like
/ = move focus to quicksearch (great tool btw)
f9 / k = kill
f7/f8/r = renice
s,h,i,t,c,1,2 = send signals stop, hup, etc (not needed but while your at it why not)
Also nice would be policykit integration to launch the system monitor with a -ve niceness
The system monitor is much more buggy (crashed while i was look at it here, crashes if i change the monitor background color for networking):
1) it seams to take a lot of cpu, is it drawing graphs even if that tab is in the background and can that be avoided?
2) the graphs don't have enough settings (for example opaque fill instead of translucent (or no fill, or no smoothing on the lines)
3) You can't remove the default 2 tabs (if i make a better tab for monitoring my system settings i shouldn't waste resources on yours)
4) ksysguardd seams to run all the time and i can't find out where to disable it (might be a fedora packaging issue)
5) status bar info could contain number of running processes
*) no way to hide the menubar (i consider this a bug in any kde program that doesn't implement it)
anyway thanks for ctrl+esc it looks like a good GUI alternative to htop, just add some keybindings and i would use it over htop
Yeah I kept hearding that so i went for a meander around debian and fedora and TBH i'm yet to see what people are talking about, there are differences but KDE in kubuntu is not significantly different from that in debian (kde3 vs kde3) or fedora (kde4 vs kde4).
I haven't run openSuse or mandriva yet so perhaps they are truly better but Debian's KDE is not significantly better and in fact lacked tweaks that had not made it upstream yet, so I'm starting to suspect it's just more generic ubuntu hate or as a result of ubuntu seeing more work on gnome, because I'm at a push to see any real difference.
The 3D stuff could always be turned off. I have no input lag (on QT apps, i have a few lag spikes in firefox, but i don't know who to blame for that) on 1x2Ghz that is usually running at 800mhz, i suspect it's something to do w/ your graphics card, but then again im only running a Radeon Xpress 200M with radeon drivers.
4.2 wasn't bad, and I actually *like* 4.3, I can easily set it up to do what I want/need easily.
My only worry is that... with 4.4 out, are we going to be subjected to KDE5.0 soon?
I called it some time ago
4.4 = all 1st party tools pretty much finished, 3rd party tools there but not polished
4.5 = 3rd party tools good to go
then somebody will release dbus/kross/plasma malware and they will realise that the whole DE has to be redone from a security perspective! ....
5.0 = an entire re-write with some concept of security and threading (kross for example runs in the same thread as the parent app)
5.1
6.0 = port to qt 5?