I really don't get why people consider Android to be Linux.... You aren't writing POSIX-style applications
DING DING DING
You've stumbled upon the very reason for the name GNU/Linux: That platform implements (with a few modifications) the POSIX specification. Linux, by itself, does not. Linux implements no specification other than its own proprietary API.
Linux is an OS whose target audience is primarily system developers. Thus, Android is Linux. WebOS is Linux. Tizen is Linux. Your WiFi AP's OS is probably Linux.
GNU/Linux is an OS whose target audience is slightly different. Typically the people who choose a GNU/Linux OS will be server admins and application developers, and desktop users.
We shouldn't consider Android to be an example of Linux being popular.
Yes, we should. We should see it as an example of Linux being popular with its target audience: system developers. New platforms are mostly built on Linux, because it's a decent OS for the development of new platforms.
I'm currently debugging an i915 driver issue on Linux that appears to cause a fairly wide variety of Skylake laptops to freeze after their screens blank for some period of time.
I've heard a lot of complaints about power management under Skylake, including from Matthew Garrett:
"According to Microsoft's SMB supremo Ned Pyle, SMBLoris affects all versions of SMB â" not v1 as first thought"
Though it's not clear who "first thought" that. The authors were pretty clear that "it can lead to DoS attacks affecting every version of the SMB protocol." That's quoted from the slashdot summary, which is what makes it so very odd that the editors or the submitter spent most of the text of the summary talking about disabling SMBv1, which is in no way a mitigation for this attack.
It's as if "disable SMBv1" has simply become a knee-jerk reaction to SMB bugs, and people are no longer listening to the details of new attacks.
By "the service" do you mean SMB? The threat is descirbed as affecting all versions of SMB, but nearly all of the tech writers describing the bug are suggesting turning off SMBv1. Is no one actually paying attention to what the authors are saying, or am I missing something?
Chrome's JS memory improvements landed in 55. The current version of Electron is build on 56, so they're probably included.
Electron apps are a resource nightmare, as is Chrome itself. My wife is in a school for (mostly web) development. Her system tends to run 3 apps: Chrome, Atom, and Slack, so essentially three copies of Chrome. 8GB of RAM is simply not enough to run a text editor, a chat client, and a web browser. That's insane.
Well, you could click the link in the article that says "Read more about our method and sources," or you could choose a custom ranking and not only see the sources listed but adjust how influential you think they should be in the combined ranking.
Or you could complain on a forum because you're not really interested in the answer, you're just unhappy that your language of choice isn't the one everyone else likes.:)
This is a silly write up. There are three times more malware programs targeting Linux systems. That tells us nothing about the number of Linux vulnerabilities, or the number of vulnerable systems, or the general security of the system.
Yes, Kaspersky should show its source code to the US Government. They should show their source code to all of their users. All software should come with its source code. If you weren't convinced of that before, you should have been by the audit of Toyota's source code.
I hate to interrupt a good blame fest, but every Windows computer comes with a program that downloads updates (fixes) from Microsoft and approximately zero Windows computers come with a program that downloads updates from the NSA. So how would the NSA distribute fixes, if they wanted to?
Microsoft already released fixes, so what makes you think the NSA didn't provide the information needed to the people who are in a position to distribute fixes?
I remember when Chrome used less memory than Firefox, and people blamed Firefox. Now Chrome uses lots of memory and people blame the user.
All those complaints about Firefox got Mozilla's attention. They worked hard on addressing those issues. Google doesn't seem to have been as careful. My wife uses three applications on her Mac: Chrome, Slack, and Atom. The latter two are based on Electron, so the core of all three applications is essentially the same. And all three consume more memory the longer they run. Without actually running a profiler on it to verify, I am confident that they're leaking memory. The thing about memory leaks is, it doesn't matter how much memory you have in your computer. No amount will ever be enough. Memory is nothing more than the fuse in a time bomb that ends with your computer swapping until it halts.
Quit blaming the user. Chrome shows all the signs of being a leaky application, and that problem is inherited by all of the other applications that use it as a base. Google needs to fix this. It's their problem.
Who rated this insightful? Humorous, maybe, but insightful? No. Come on, moderators. Unless AC is a Red Hat employee and knows what caused the outage, that's not what "insightful" means.
The original post notes that "In Chrome and Firefox, the Unicode form will be hidden if a domain label contains characters from multiple different languages."
It seems to me that a better solution would be to simply display the unicode version only if it contains only characters in the language that the browser is running in (such as the LANG setting on POSIX systems)... especially if the purpose of punycode is to allow domains that "render in their local language."
Admittedly, that fails to protect Cyrillic systems from the domain used as an example, but it does limit the scope of the problem.
> by simply doing a *pull* on Github, you're giving up patent rights
I'm not sure what you mean by that. GPL only applies to distribution. You're not distributing code by downloading code from github (clone), and a contributor cannot change the license of your project by sending you a pull request.
Maybe you mean forking? That would kind of amount to distributing code, but I think that would be a really hard case to make in court.
Which? doesn't say much about their methodology in their article, and their reviews of individual laptops are members-only. Does anyone know if their methods are sound? Are screens set to a specific brightness for these tests? How is that measured, etc?
Many of the distros you mention (SUSE, Red Hat, etc.) tried pursuing the ease of use and "just works" philosophy starting a couple decades ago, but Ubuntu really pushed that forward significantly
I hate this piece of Ubuntu lore, especially.
Yes, Red Hat pursued ease of use. Ubuntu was released just as those efforts were coming to fruition, and to great fanfare, they introduced a GNU/Linux distribution that included Red Hat's ease-of-use work on top of a Debian base. Those same efforts were featured in Fedora releases at the time.
Early releases of Ubuntu were easier to use than a lot of distributions that had been released in the years prior, but they weren't easier to use than the Fedora releases that came out around the same time, with one exception: they made it easy to install binary drivers. Especially the NVidia drivers.
Literally the only thing that was easier on Ubuntu than on Fedora was installing the NVidia drivers. In lots of other tiny ways, Fedora worked better. And that remains true, today. I work at a university where we manage a lot of CentOS systems, and a handful of Ubuntu systems for special purposes. The CentOS systems are much easier to manage and to use.
For example, one lab uses embedded devices that present themselves as a USB network interface when connected to a workstation. On Ubuntu, the default route is assigned to the new USB interface. On CentOS, it is not. That means that we can't use NFS on the Ubuntu systems because when the default route changes, the system no longer has access to the NFS home directories, and the UI stops responding. Or, there's a GPU computing system on which students ran "apt-get update" and for some reason, apt removed gnome-shell. That meant that gdm couldn't run, and users couldn't log in. Or, we have one Ubuntu system with an NFS mounted home directory that works just fine if you log in to a local console or to GDM, but logging in over SSH prints MOTD and then hangs forever.
Certainly, some of those problems can be fixed (I haven't figured out the ssh login hang problem), but the fact remains that out of the box, Ubuntu has been FAR more problematic than any release of CentOS or Fedora that I've used any time since Ubuntu's earliest releases.
The CIA doesn't have a responsibility to Russia. If their officials have personal vulnerabilities, those vulnerabilities are exclusively Russian. Software vulnerabilities aren't exclusively Russian. These vulnerabilities affect American citizens. They affect American troops and officials. They affect American government agencies. The risk is not simply that the vulnerabilities will be discovered by foreign intelligence, but that any one of thousands of employees and contractors could sell the entire archive, instantly giving the buyer capabilities equal to or greater than the CIA itself.
Complaining that the fully upgraded, top-of-the-line model is expensive seems a liiiiiittle disingenuous, man. They start out a *lot* less expensive than that.
Slashdot Mirror
I really don't get why people consider Android to be Linux. ... You aren't writing POSIX-style applications
DING DING DING
You've stumbled upon the very reason for the name GNU/Linux: That platform implements (with a few modifications) the POSIX specification. Linux, by itself, does not. Linux implements no specification other than its own proprietary API.
Linux is an OS whose target audience is primarily system developers. Thus, Android is Linux. WebOS is Linux. Tizen is Linux. Your WiFi AP's OS is probably Linux.
GNU/Linux is an OS whose target audience is slightly different. Typically the people who choose a GNU/Linux OS will be server admins and application developers, and desktop users.
We shouldn't consider Android to be an example of Linux being popular.
Yes, we should. We should see it as an example of Linux being popular with its target audience: system developers. New platforms are mostly built on Linux, because it's a decent OS for the development of new platforms.
I'm currently debugging an i915 driver issue on Linux that appears to cause a fairly wide variety of Skylake laptops to freeze after their screens blank for some period of time.
I've heard a lot of complaints about power management under Skylake, including from Matthew Garrett:
https://mjg59.dreamwidth.org/4...
Until they make something faster and less bloated I'm staying with Chrome
The good news is that Firefox has been faster and less bloated than Chrome for quite a while, now.
(It's a smaller download, smaller install, uses less RAM, etc)
...and also:
https://www.theregister.co.uk/...
"According to Microsoft's SMB supremo Ned Pyle, SMBLoris affects all versions of SMB â" not v1 as first thought"
Though it's not clear who "first thought" that. The authors were pretty clear that "it can lead to DoS attacks affecting every version of the SMB protocol." That's quoted from the slashdot summary, which is what makes it so very odd that the editors or the submitter spent most of the text of the summary talking about disabling SMBv1, which is in no way a mitigation for this attack.
It's as if "disable SMBv1" has simply become a knee-jerk reaction to SMB bugs, and people are no longer listening to the details of new attacks.
https://threatpost.com/windows...
"The vulnerability affects every version of the SMB protocol and every Windows version dating back to Windows 2000."
By "the service" do you mean SMB? The threat is descirbed as affecting all versions of SMB, but nearly all of the tech writers describing the bug are suggesting turning off SMBv1. Is no one actually paying attention to what the authors are saying, or am I missing something?
Chrome's JS memory improvements landed in 55. The current version of Electron is build on 56, so they're probably included.
Electron apps are a resource nightmare, as is Chrome itself. My wife is in a school for (mostly web) development. Her system tends to run 3 apps: Chrome, Atom, and Slack, so essentially three copies of Chrome. 8GB of RAM is simply not enough to run a text editor, a chat client, and a web browser. That's insane.
Well, you could click the link in the article that says "Read more about our method and sources," or you could choose a custom ranking and not only see the sources listed but adjust how influential you think they should be in the combined ranking.
Or you could complain on a forum because you're not really interested in the answer, you're just unhappy that your language of choice isn't the one everyone else likes. :)
You visited Seattle Congratulations. I live here. The city you're describing is nothing like Seattle.
This is a silly write up. There are three times more malware programs targeting Linux systems. That tells us nothing about the number of Linux vulnerabilities, or the number of vulnerable systems, or the general security of the system.
None, of course.
For once, the answer to the headline is "yes."
Yes, Kaspersky should show its source code to the US Government. They should show their source code to all of their users. All software should come with its source code. If you weren't convinced of that before, you should have been by the audit of Toyota's source code.
http://www.safetyresearch.net/...
I hate to interrupt a good blame fest, but every Windows computer comes with a program that downloads updates (fixes) from Microsoft and approximately zero Windows computers come with a program that downloads updates from the NSA. So how would the NSA distribute fixes, if they wanted to?
Microsoft already released fixes, so what makes you think the NSA didn't provide the information needed to the people who are in a position to distribute fixes?
I remember when Chrome used less memory than Firefox, and people blamed Firefox. Now Chrome uses lots of memory and people blame the user.
All those complaints about Firefox got Mozilla's attention. They worked hard on addressing those issues. Google doesn't seem to have been as careful. My wife uses three applications on her Mac: Chrome, Slack, and Atom. The latter two are based on Electron, so the core of all three applications is essentially the same. And all three consume more memory the longer they run. Without actually running a profiler on it to verify, I am confident that they're leaking memory. The thing about memory leaks is, it doesn't matter how much memory you have in your computer. No amount will ever be enough. Memory is nothing more than the fuse in a time bomb that ends with your computer swapping until it halts.
Quit blaming the user. Chrome shows all the signs of being a leaky application, and that problem is inherited by all of the other applications that use it as a base. Google needs to fix this. It's their problem.
GNU/Linux systems are migrating to systemd. Embedded systems and Android probably won't. There's really no connection to make here.
Who rated this insightful? Humorous, maybe, but insightful? No. Come on, moderators. Unless AC is a Red Hat employee and knows what caused the outage, that's not what "insightful" means.
The original post notes that "In Chrome and Firefox, the Unicode form will be hidden if a domain label contains characters from multiple different languages."
It seems to me that a better solution would be to simply display the unicode version only if it contains only characters in the language that the browser is running in (such as the LANG setting on POSIX systems)... especially if the purpose of punycode is to allow domains that "render in their local language."
Admittedly, that fails to protect Cyrillic systems from the domain used as an example, but it does limit the scope of the problem.
> by simply doing a *pull* on Github, you're giving up patent rights
I'm not sure what you mean by that. GPL only applies to distribution. You're not distributing code by downloading code from github (clone), and a contributor cannot change the license of your project by sending you a pull request.
Maybe you mean forking? That would kind of amount to distributing code, but I think that would be a really hard case to make in court.
MacRumors' buyers guide rates everything but the MacBook Pro as "Don't buy" right now...
https://buyersguide.macrumors....
Which? doesn't say much about their methodology in their article, and their reviews of individual laptops are members-only. Does anyone know if their methods are sound? Are screens set to a specific brightness for these tests? How is that measured, etc?
The URL above is incorrect. Buytaert's response is here:
http://buytaert.net/living-our...
Many of the distros you mention (SUSE, Red Hat, etc.) tried pursuing the ease of use and "just works" philosophy starting a couple decades ago, but Ubuntu really pushed that forward significantly
I hate this piece of Ubuntu lore, especially.
Yes, Red Hat pursued ease of use. Ubuntu was released just as those efforts were coming to fruition, and to great fanfare, they introduced a GNU/Linux distribution that included Red Hat's ease-of-use work on top of a Debian base. Those same efforts were featured in Fedora releases at the time.
Early releases of Ubuntu were easier to use than a lot of distributions that had been released in the years prior, but they weren't easier to use than the Fedora releases that came out around the same time, with one exception: they made it easy to install binary drivers. Especially the NVidia drivers.
Literally the only thing that was easier on Ubuntu than on Fedora was installing the NVidia drivers. In lots of other tiny ways, Fedora worked better. And that remains true, today. I work at a university where we manage a lot of CentOS systems, and a handful of Ubuntu systems for special purposes. The CentOS systems are much easier to manage and to use.
For example, one lab uses embedded devices that present themselves as a USB network interface when connected to a workstation. On Ubuntu, the default route is assigned to the new USB interface. On CentOS, it is not. That means that we can't use NFS on the Ubuntu systems because when the default route changes, the system no longer has access to the NFS home directories, and the UI stops responding. Or, there's a GPU computing system on which students ran "apt-get update" and for some reason, apt removed gnome-shell. That meant that gdm couldn't run, and users couldn't log in. Or, we have one Ubuntu system with an NFS mounted home directory that works just fine if you log in to a local console or to GDM, but logging in over SSH prints MOTD and then hangs forever.
Certainly, some of those problems can be fixed (I haven't figured out the ssh login hang problem), but the fact remains that out of the box, Ubuntu has been FAR more problematic than any release of CentOS or Fedora that I've used any time since Ubuntu's earliest releases.
The CIA doesn't have a responsibility to Russia. If their officials have personal vulnerabilities, those vulnerabilities are exclusively Russian. Software vulnerabilities aren't exclusively Russian. These vulnerabilities affect American citizens. They affect American troops and officials. They affect American government agencies. The risk is not simply that the vulnerabilities will be discovered by foreign intelligence, but that any one of thousands of employees and contractors could sell the entire archive, instantly giving the buyer capabilities equal to or greater than the CIA itself.
There's one 13" model, three 15" models, and two 17" models. You've got options.
http://www.dell.com/developers
Complaining that the fully upgraded, top-of-the-line model is expensive seems a liiiiiittle disingenuous, man. They start out a *lot* less expensive than that.