Slashdot Mirror


User: khasim

khasim's activity in the archive.

Stories
0
Comments
5,818
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 5,818

  1. One person is an anecdote, all systems are fact. on Study Finds Windows More Secure Than Linux · · Score: 2
    But heresay and anecdotes aren't supposed to matter in a study. It doesn't matter what the niche audience of Slashdot's experiences are (yes, compared to the rest of the industry, this is but one of many niches with skewed viewpoints).
    You have the terms wrong.

    One person's experience (as in TFA) can be dismissed.

    But the statistics of what systems were infected last year and how they were infected can not be. Yet each of those systems has an admin who's personal report could be dismissed.
    I haven't read about Unix/Linux worms on CNN, but there are plenty of vulnerabilities just the same, and besides, a lot more people use Windows than Linux so of course CNN will report Windows holes and not Linux. If Firefox had the marketshare IE has, you'd see its holes being reported on CNN.
    Ah, the old "marketshare == security" claim.

    No, the reason you don't see reports of Linux worms on CNN is that there aren't any Linux worms that are spreading.

    CNN will report on a new vulnerability, if it is a slow news day. But they will definately report on a new worm spreading.

    Linux is more secure. That's why there aren't any major worm outbreaks.
    Visit LinuxSecurity some time. Linux distros are as full as holes as anything else. Gentoo in particular has almost weekly lists of security announcements for its packages. And let's not forget the recent Linux kernel and Firefox vulnerabilities that have been reported here on Slashdot.
    And I use Debian and update almost every night.

    Most of those "vulnerabilities" are not exploitable remotely. Nor do they give elevated privileges. They are minor "vulnerabilities". Here's an example:
    Date: Wednesday, 16 February 2005
    A vulnerability in rwhod was discovered by "Vlad902" that can be abused to crash the listening process (the broadcasting process is not affected). This vulnerability only affects little endian architectures. The updated packages have been patched to correct the problem.

    and
    Date: Wednesday, 16 February 2005
    wpa_supplicant contains a buffer overflow that could lead to a Denial of Service.

    There are worse ones there, but just counting them shows the individual's cluelessness. The criteria are:

    #1. How widely deployed is the package? A vulnerability in the kernel is far worse than a vulnerability in some app that 10 people run.

    #2. Remote or local? Remote is far worse than local.

    #3. What is the result? A denial of service is annoying. Executing arbitrary code is critical.

    So,

    #1. a remote kernel exploit that executes arbitrary code is VERY VERY VERY BAD.

    But,
    #2. a local exploit in some app that 10 people run that causes that service to crash is not even a threat.

    Yet just counting them treats them as if they were the same.

    So does averaging the days to release a patch. Who really cares if #2 took 200 days to fix? (Aside from the "researchers" doing these "studies").
    All I'm saying is, I'm detecting some prejudgmental bias that stems from a hatred for Microsoft and a need to best them in all ways. That is not the sign of a mature technical community and will only serve to make things even more insecure.
    No. Some of us have a lot more experience with these things.

    There are major fucking flaws with that "study" as it is presented in the article. In fact, it goes beyond "flaws". From their decision to limit the options of the admins, it looks like intentional bias.
    The worst thing to do in a security situation is to ignore criticism. Let's have Linux stand up to all criticism, and any that arise can be addressed quickly. THAT should be the advantage of Linux, because perfect flawlnessness will never be it. It's impossible.
    No one is ignoring any criticism.

    The fact is, there are more infected Windows machines than Linux machines. Both in pure numbers and as a percentage of marketshare.

    THAT fact shows that Microsoft's approach has not been successful and that Linux APPEARS to be doing better.
  2. Look at your firewall logs! on Study Finds Windows More Secure Than Linux · · Score: 1
    Open Source software is not as easy to use as most MS products, and in many cases the documentation isn't very good either.
    If that is so, then why are my firewall logs and email filters filled with bullshit from Microsoft machines but not from Linux boxes?

    Microsoft may make it easier to get a machine up and running. But it will be in an UN-SECURED mode and will quickly be infected.

    Microsoft has had to purchase anti-virus / anti-spyware companies because THEY CANNOT SECURE THEIR OWN SOFTWARE.

    A Linux box is EASIER to secure than a Windows box.
  3. Oh yes it is. on Study Finds Windows More Secure Than Linux · · Score: 2, Insightful
    It said the criteria "included" the number of vulnerabilities. It didn't say that was the whole basis of the study; it was just one factor. Hardly a reason to dismiss the study.
    It is the best reason to dismiss the "study".

    If you want to see which car is safer than another, you would do things like controlled crash tests and use crash test dummies.

    You would NOT factor in how many crashes they had both been in. One moron who keeps hitting telephone poles would alter the stats too much.

    The material in TFA does NOT show them comparing the security models or even the patch severity. One bug in a seldom used perl module that lagged on the fix could result in very bad stats for Red Hat.
  4. It doesn't even come up to that level. on Study Finds Windows More Secure Than Linux · · Score: 2, Interesting
    Funny thing that seems to be missing in the discussion so far: I don't see anyone pointing out that this is a "sample of one" study. So any generalization at all about which system (or admin ;-) is more secure is laughable at best.
    This "study" can't even hit that lofty goal.

    From TFA:
    The setups were hypothetical, however. Both were in the most basic configuration, an approach that some in the audience suggested may tilt the results in favor of Windows, which comes with more features.
    It wasn't even comparing one Linux admin vs one Windows admin.

    They had agreed to run in the "most basic configuration" for their systems.
    Ford said the idea was to represent what an average system administrator may do, as opposed to a "wizard" who could take extra steps to provide plenty of security on a Linux setup, for instance.
    The "study" was setup to limit the options available to the admins.

    The only information that can be gained from this "study" is the identity of two people who are too stupid to be trusted with any actual security study.

    A real study would be having both of them setup their systems, any way they wanted to, and having every step documented and the reason for it given.

    Then put both servers on the Internet and compare the compromise rates.
  5. Once again, RTFA! on Study Finds Windows More Secure Than Linux · · Score: 5, Insightful
    A study comes out saying Windows is better than Linux? Question the results, Impugn the source and dig as deep as it takes to find some political or financial affiliation between them and Microsoft, no matter how assinine or inconsequential.
    You left off the part where comments such as your's are mod'ed up even though they contain zero content.

    From TFA:
    They compared Windows Server 2003 and Red Hat Enterprise Server 3 running databases, scripting engines and Web servers (Microsoft's on one, the open source Apache on the other).
    That sounds good. A real comparision of real services running on real servers.

    But wait!
    The setups were hypothetical, however. Both were in the most basic configuration, an approach that some in the audience suggested may tilt the results in favor of Windows, which comes with more features.

    Ford said the idea was to represent what an average system administrator may do, as opposed to a "wizard" who could take extra steps to provide plenty of security on a Linux setup, for instance.
    They aren't real setups.

    And it gets worse.
    Their criteria included the number of reported vulnerabilities and their severity, as well as the number of patches issued and days of risk -- the period from when a vulnerability is first reported to when a patch is issued.
    Hmmmm, I wonder if they included the info from www.eeye.com http://www.eeye.com/html/research/advisories/AD200 50208.html 190 days is a long time.
    On average, the Windows setup had just over 30 days of risk versus 71 days for the Red Hat setup, their study found.
    That's amazing. Particularly with that single 190 day vulnerability I referenced. And those kinds of "studies" have been completely discredited.

    So, a "study" that doesn't test any real world criteria is somehow valid?

    Oh, it's not that the study is not valid, it's that pointing out the flaws in the study shows the groupthink on /.

    And pointing out that perceived groupthink gets you mod'ed up as "insightful".
  6. Whatever. on Microsoft Anti-Spyware to Be Free of Charge · · Score: 4, Insightful
    Spyware doesn't only infect computers via IE backdoor. I'd venture that most of it comes bundled with other "free" apps that people have to actively download and install.
    Whatever you want to believe. In my experience, it is from holes in IE.
    And keep in mind that the beta of IE7 is due out this summer, so we may get just what you're suggesting.
    Fuck their "betas".

    That's the same bullshit I hear from them with every single problem.

    "Wait until the next version."

    "You should upgrade to the newest version."

    Why is it so fucking hard for them to just issue a patch for their existing versions?

  7. Not with IE. on Microsoft Anti-Spyware to Be Free of Charge · · Score: 2, Insightful

    All it takes is for you to type in the URL incorrectly, one time.

    Microsoft needs to fix IE's security model.

    Instead, they're promising band-aids for removing the crap they allow to be installed in the first place.

  8. No. The "right" thing would be to fix IE. on Microsoft Anti-Spyware to Be Free of Charge · · Score: 1

    IE's default security settings are the problem.

    IE needs to, by default, deny ANY apps, unless specifically added to a white list.

  9. The article says OSS is as good or better. on Open Source Code Maintainability Analyzed · · Score: 1
    From page #2, almost at the end:
    1. Using tools such as MI derived for measuring CSS quality, OSS code quality appears to be at least equal and sometimes better than the quality of CSS code implementing the same functionality.
    The article is rather thickly written so it's difficult to find, I had to read through it twice.

    But, OSS wins.
  10. Actually, most don't include the update. on Ask Microsoft's Martin Taylor About Linux vs. Windows · · Score: 1

    Most of the "TCO" "studies" end after a 3 year cycle so they only charge once for a Microsoft contract instead of every few years as would be the real case.

    If they extended their "studies" out for 5 years, Linux would stomp Microsoft every time.

  11. Why didn't Rob follow up on that? on Ask Microsoft's Martin Taylor About Linux vs. Windows · · Score: 1
    From TFA:
    Roblimo: Next question, from ProteusQ, Slashdot user no. 665382. He's asking about protection against malware and he's asking you Martin Taylor, "What applications do you run to protect your windows license from malware (viruses, trojans, spyware, etc.) and what do you pay for this protection for a year? How does this cost compare to the costs incurred by other Windows users and compared to what you would pay for the equivalent protection offered in Debian?
    And the reply ...
    Martin: Got it. So first of all I actually run, obviously, Windows XP. I run XP SP2. I also have downloaded the beta of the spyware product that we recently, one of our recent acquisitions, into a combination of XP SP2 and spyware product that I downloaded. That's pretty much how I protect in running both my desktop pc or my laptop I use here at Microsoft as well as the 3 PCs that I have in my house - a very similar configuration.
    Both of those are VERY recent developments.

    Why didn't Rob follow up and ask what he was doing BEFORE those?

    Did he not run any anti-spyware software before Microsoft bought it? If not, why not?

    Did he not run any firewall before Microsoft put it in sp2? If not, why not?

    It couldn't be because spyware and such wasn't a problem, otherwise, why would Microsoft have included the firewall in sp2 and picked up anti-virus / anti-spyware companies?
  12. That isn't very useful. on MS Employee Calls for No More Passwords · · Score: 1

    Here's the easy attack for that.

    You compile a "dictonary" of a few thousand quotes, lyrics, etc.

    For each string in the dictionary, you brute force 3 random characters through how many positions are in the string.

    This is better than just having the 3 random characters, but not much better.

    Imagine a password composed of 20 slots, all of them the letter "a" except for 3 random characters in random slots. That wouldn't take much to crack at all.

    Now, instead of just the letter "a", you'd have a dictionary of quotes, which would take X times longer (X being the number of quotes in the dictionary).

    If it takes 5 seconds to run through every possible permutation of 3 random characters in random locations in the example with all "a"s, then it would take about 5,000 seconds to do that with a dictionary of 1,000 quotes.

    5,000 quotes is about 25,000 seconds.

    10,000 quotes is about 50,000 seconds.

    The time is increasing linearly instead of exponentially. This is bad.

    It's even worse if you consider that adding numbers/cApiTalizaTioN is very low in entropy, thus, very easy to crack.

    Passwords/phrases are, by their nature, of extremely limited usefulness.

    He'd have been far better off advocating simple passwords/phrases, BUT having very rigorous, automatic policing and analysis of login attempts / failures / successes and limiting login attempts, alerting people when logins fail / succeed, etc.

    If my passphrase is "cats&dogs", it is easy to crack.

    Unless the cracker only gets 5 attempts before the account is locked for 15 minutes.

    AND an alert is sent to the user and sysadmin.

    AND the user is required to change his password every 4 weeks to a unique one (variants of past ones are not allowed).

  13. I vote "stupid" (with a vengence). on New Orbitz Terms Prohibit Inbound Deep Linking · · Score: 1

    These are the same people who refuse to put un-subscribe info on their mailings AND refuse to remove bounced email addresses from their mailings.

    These people cannot even master technology that has been available to lists for years.

    Even spammers can include a unique link to "unsubscribe" you based upon your address (don't click on it, though).

    But not Orbitz. If I want someone off of their mailing list, I have to call their tech support people and ASK to have them removed OR I have to implement the technology to filter on TO: non-existant-user / FROM: orbitz.com -> reject.

  14. Keep your fantasies to yourself. on Los Angeles to Consider Open Source Software · · Score: 1
    I doubt you can code at all, or you'd understand the issues that all developers face with regards to longevity of data formats.
    Make all the claims you want. You haven't supported a single one. Meanwhile, I've provided support for everything I've said.
    As I said, I haven't touched a Microsoft product in several years. I'm not basing this statement on MS's products.
    Really? Then what are you basing it on?

    Postscript? That's a fairly common dataformat used in non-Microsoft systems. No, it can't be Postscript because that still works, even when versions change. I have old Postscript files that still work 100% perfectly on the newest printers.
    Precisely my point. I'd have to be an idiot to believe that hard drives don't crash because I've never seen it -- and you'd have to be an idiot to believe that software is always perfectly usable because you've never seen an unusable piece of software.
    Let me get this straight ...

    Because you have never seen X happen, but X is easily explained with a basic knowledge of physics...

    That means that Y must happen because you have never seen Y happen just like you have never seen X happen.

    Yeah. Whatever. I take it you failed basic logic, too.
    Because you're trying to convince him to use it? Apparently by calling him an idiot.
    No. I'm tearing apart his arguments like I'm tearing apart your's. I don't care about convincing him or you, but it's fun to show how illogical your arguments are.
    As if I give a fuck. Now get back to work using the software I've written for you.
    You've obviously failed basic logic and have no concept of what data formats are available so why would I ever want to use any crap that you fantasize about writing?

    A good data format is future-proof. Learn that concept. Look at WordPerfect's implementation. Look at Postscript.

    Or, you can continue to show your ignorance here.
  15. Whoops. You're right. on MS Employee Calls for No More Passwords · · Score: 1
    Good catch. Thanks.
    And yes, I would like to see a serious scientific paper about whether common passwords or common pasphrases have higher complexity.
    Either way, they're both far too weak to be used in any secure environment. There are approximately 25,000 words that the average person could use (but they'd really only use about 10,000). So the average, single word could be cracked in about 5,000 attempts (.5*10,000).

    With quotations, there are even fewer items (even including song lyrics), but people tend to get the exact phrasing wrong (not to mention punctuation). So they would be about equal.

    But the only real way to tell would be to deliberately capture the passphrases/passwords of every user in several different companies over a period of about a year.

    I work at an insurance company and the people here mostly use insurance terms for their passwords. So that would be another way to reduce the scope of the search. People use words and phrases that they are most familiar with.
  16. This is supposed to be humour, right? on Random Number Generator That Sees Into the Future · · Score: 1
    Cynics will quite rightly point out that there is always some global event that could be used to 'explain' the times when the Egg machines behaved erratically. After all, our world is full of wars, disasters and terrorist outrages, as well as the occasional global celebration. Are the scientists simply trying too hard to detect patterns in their raw data?

    The team behind the project insist not. They claim that by using rigorous scientific techniques and powerful mathematics it is possible to exclude any such random connections.
    I guess it would take an entirely new branch of science dedicated to determining the "psychic/emotional impact" of events to show that they're wrong.

    So, Di is killed in a car wreck, the boxes deviate from statistical norm.

    Johnny Carson dies, the boxes deviate?
    The Eggs also regularly detect huge global celebrations, such as New Year's Eve.
    What about when the Pope was sick?

    The only proof is prediction. The Pope is old and may die soon. That is a fairly big event. So, predict what your machines will do on that day.
    It was as though Dr Hartwell's case studies were somehow seeing into the future, and detecting when the next shocking image would be shown next.
    More like "timing". The pictures pop up ever x seconds or so. People anticipate that and the reaction shows.

    Get real. Showing pre-cognition should be the easiest thing in the world. Use a variant of the old "Russian Roulette" system. A box that makes a loud noise and sends a shock through the person.

    The person hits a button. Maybe it hits back, maybe it doesn't.

    If a person is pre-cognitive, that person's reactions SHOULD be different immediately before the hit the button depending upon whether it hits back or not.

    Particularly if the hit back likelyhood is very low (1 in 100 hits) and the test runs for a few hours.
  17. Even that doesn't work the way he says. on MS Employee Calls for No More Passwords · · Score: 1

    He's claiming that passphrases have to be cracked the same way that passwords are (brute force / dictonary).

    If the user chooses his own passphrase, he won't be introducing real entropy in the misspelling and "random" character.

    If it's a quote, it will be cracked as a quote with that bit of false "entropy" added. This is a variant of the dictionary attack. Quotes are easy to gather.

    If it's a phrase that he just made up (but none of his examples were), then it is a bit (but only a bit) more complicated, but still subject to the rules of English grammar (this is the flaw in his approach).

    It's all about cracking the largest unit of information in the key. With a quote, the key is a single unit of information.

  18. It's the math. on MS Employee Calls for No More Passwords · · Score: 1
    My example of switching e's for 3's wasn't meant to be taken as the only substitution. There are many different types of substitution, and each one increases the entropy of the password.
    It doesn't increase the entropy. The substitutions are patterns. Patterns are the opposite of entropy.
    I'm not sure that dictionary attacks can be run word-wise on a phrase, since it is the whole phrase that is hashed, and a good hash function will have wildly different output values with similar, but different, input.
    Of course it will work on a phrase. It's just a unit of information that is run through a process.
    That is, you can't hone in on the proper phrase with "These", "These were", "These were the", and so on.
    You don't do that anyway.

    The hash of "b" is not just one byte larger than the hash of "a" (unless you have a broken hash implementation).
    The point is, small changes can be used to increase the size of the dictionary so that a dictionary search becomes no better than a brute force attack.
    Nope. Changing letters increases the number of variants that must be tried, but that increase is insignificant when you look at the whole process.

    Take any single dictionary word (that's about 25,000 options). Even if you have 3 vowels to replace, that's still only 200,000 variants.
    25,000 words, with 2 variants of 3 characters = 200,000 variants.

    Meanwhile, a random 3 character password of only letters and number (26 lower case letters + 26 upper case letters + 10 numbers) gives you a higher level of entropy

    62*62*62 = 238,328 variants.

    Also, the phrases that you'd use follow the rules of grammar. So it wouldn't be like this:
    random word * random word * random word.

    It would be noun * verb * noun.

    Passwords/passphrases are authentication which is a sub-section of cryptography. Any patterns indicate weakness. The more patterns, the weaker the system.

    It wouldn't take that much effort to turn Bartlett's Familiar Quotations into a hash table even with the substitutions. And that would instantly crack the passphrase from your original post (""They were the best of times, they were the worst of times," / "They were the b3st of t1mes, they were the w0rst of tim3s.)

    Authentication is very simple math, based upon the largest unit of information.

    A quote is a very large unit of information so your quote as a passphrase would be attacked in its entirety, not by word or by character.
  19. No, it works fine. on Los Angeles to Consider Open Source Software · · Score: 1
    It gets outdated. Things are always improving, so data formats are always changing to accomodate the improvements. Software that used to work fine becomes useless. Arguing otherwise is just disingenuous.
    You are completely wrong. I can write code on vi that has been around for years and years.

    You only believe formats are changing because Microsoft changes the formats to drive sales of their latest office suite.
    Ahh, the "I haven't seen it so it doesn't exist" fallacy.
    No, that's the "provide substantiation for your claim" argument.
    A few days ago I had my first hard drive crash ever. EVER. In 15 years of using computers, I've never had a drive die on me before I threw it out. So would it have been reasonable for me to assume that hard drives never crash?
    Only if you were an idiot. Hard drives crash. They are mechanical devices and the bearings/motor/etc will, eventually, wear out. This is because of "friction".
    You're assuming that because you've never had problems with the particular software you use, that nobody must have problems. I'm a developer and a daily Linux user (I haven't touched a Windows box at home or at work in years) and even I have trouble making things work sometimes.
    No. I'm saying that he needs to substantiate his claims because they do not sound logical to me.
    You won't get very far convincing somebody to use Linux by telling him he's too stupid to figure it out.
    Why do you assume that one of my life goals is convincing him to use Linux?

    He's posting and reading /. and there is a definate segment here that is pro-Linux.
    I could continue on, but I think I've said what I wanted to say... As a hardcore Linux user myself, even I think your attitude is caustic.
    Well it's a good thing that my life goals also don't include impressing you. I hope your goals don't include impressing me because you're off to a really bad start.
  20. Not random. on MS Employee Calls for No More Passwords · · Score: 1

    Because your example follows the same pattern as standard English grammar.

    First letter capitalized.
    Ends in punctuation.
    It will be mostly lower case letters.
    S will appear frequently, Q, V, X and Z will not.
    I will usually be capitalized.

    Plus, it isn't very easy for most people to come up with sentences that have that many words and still be able to remember them. So most people will resort to popular quotations, song lyrics, etc.

  21. There is the alert to consider, also. on MS Employee Calls for No More Passwords · · Score: 1
    I was with you right until this point. Some sort of backoff maybe, but it's generally foolish to make it this easy to DoS someone's account.
    Good point. But if the account locks, then it is possible to determine that someone was trying to access your account (and the time should be recorded).

    That allows you to take other precautions to find out who.

    If there is a backoff, the attacker can play that to get more attempts.

    Maybe a good alternative would be to send the user and admin an alert (email?) when the backoff was triggered, then backoff for 15 minutes. And each time that is triggered, add another until you're backing off for an hour between attempts.

    Over a long weekend (72 hours), that can add up to a lot of attempts. It would defeat an automatic process, but maybe not a human with some knowledge of that person's life (children's names, pets, etc).

    Part of security is also knowing that you may have been cracked.

    User X - backoff triggered 21:00 2005-02-12
    User X - backoff triggered 21:15 2005-02-12
    User X - backoff triggered 21:30 2005-02-12
    User X - backoff triggered 21:45 2005-02-12
    User X - backoff triggered 22:00 2005-02-12
    User X - access granted 22:15 2005-02-12
  22. Thesis? I can do it right now, right here. on MS Employee Calls for No More Passwords · · Score: 4, Insightful
    But, suddenly, we're open to language-based attacks -- there's probably thesis project in here for someone to come up with good algorithms to narrow down the required attack dictionary.
    I'll give you one right now.

    subject - verb - object
    (I like pizza).

    Here's another:
    adverb/adjective - object - verb
    (Mean people suck).

    The trick is finding the most common 3 word phrases (in English) and applying the basic grammatical rules you learned in school.

    That guy didn't understand that passphrases/passwords are covered in cryptology under "authentication".

    And any student of cryptology can tell you that PATTERNS are the problem.

    With passphrases, there are too many GRAMMATICAL RULES and PATTERNS that make it simple to crack.

    He focuses solely on the number of characters and never looks at how someone else would approach this to crack it.
  23. It doesn't matter. on MS Employee Calls for No More Passwords · · Score: 1, Interesting
    The mathematics just don't support it.

    From TFA:
    So here's the deal - I don't want you to use passwords, I want you to use pass-PHRASES. What is a pass-phrase you ask?
    Let's take a look at some of my recent pass-phrases that I've used inside Microsoft for my 'password'.
    "If we weren't all crazy we would go insane" (Jimmy Buffet rules)
    "Send the pain below!" (I like Chevell too)
    "Mean people suck!" (it's true)
    I'll use his last one ("Mean people suck!").

    Given a vocab of 25,000 words, that gives us ...
    25,000*25,000*25000=15,625,000,000,000 ...or...
    Roughly the same security as provided by a 9 letter password using only lower case letters.
    26*26*26*26*26*26*26*26*26=5,429,503,678 ,976

    Swapping 3's for e's and so forth will only mean that a couple different versions of each word would have to be searched. Each such variant (e-3, a-4, i-1) doubles the number of passwords. But it ONLY doubles them. Just adding an additional lower case letter to the end would make it 26 TIMES more complex.

    He makes the mistake of assuming that each word would have to be cracked character by character. That isn't the case.

    You only have to crack the largest unit of information. That's why dictionary attacks are so effective. They can crack the entire password as a single unit because it is a single unit (word or name).

    Passwords/passphrases both share the same limitations. They can be cracked fairly easily (unless they're too complex in which case they get written down and completely defeated).

    The simplest solution is to tie each user to a single computer and limit the password attempts to 5 or so before that user is locked out.

    Or, have a physical device that plugs into the computer that allows that person to use his password on that box (with the same 5 shot limit).
  24. Then why the fan-boy routine? on Los Angeles to Consider Open Source Software · · Score: 1

    I run Windows for the following reasons:
    I'm used to it. I know the interface, and I know where all the crap is and how to turn it off.
    Games are written for it. Good games.
    My programs (ProTools, SoundForge, Finale, others) that don't run on Linux run on it. I've paid lots of money for them, and alternatives of equal quality either do not exist or I haven't bothered trying to learn them.
    I prefer to only have to maintain one operating system.
    Consistency of user experience.
    It feels fast.

    Then why go on about how you think Bill Gates is a "turd sandwich"? Why didn't you like Microsoft?

    For their monopolistic, anticompetitive behavior and overpriced software. I use it because, weighing the tradeoffs between quality, learning curve, maintenance, familiarity, and compatibility, it works for me at the present.

    That makes no sense what-so-ever. Do you also complain that luxury cars cost more than other cars?

    You seem to believe that Microsoft (run by Bill Gates) has produced a higher quality product and you complain because it costs more money. Do you think that those features you've quoted (quality, learning curve, maintenance and compatibility) just magically happen? They require thought, skill and testing.

    You don't like the monopoly, but you think it produces the best software ... therefore, Bill Gates is a "turd sandwich". Again, that makes no sense.

    For $15, I get complete compatibility with everyone I exchange documents with. I kick myself for supporting MS in this way, but them's the breaks. I haven't checked out OpenOffice in a few years, perhaps I'll give it another go in the summer when I have time for such luxuries.

    MSOffice for $15 and Windows is usually wrapped up in the price of the PC.

    Where is the "overpriced" software you were complaining about?

    You hate Bill Gates because Microsoft ruthlessly crushes all competition so it can sell a high quality OS and office suite for pocket change.

    Indeed. It's probably time for me to try another install, but system-tinkering-and-experimentation ceased to be one of my hobbies a few years ago.

    Why would you want to?

    Really. I'm not seeing your motivation for even bothering with Linux. You have high quality software that you're familiar with that costs you less than I spend on coffee in a week.

    "You know, I really like my Lexus that I picked up for $100, but I might try one of those free cars they're giving away, even though I tried one several years ago and it sucked and broke down all the time."

    That makes no sense.

    When someone tells me honestly that it will be easier for me to learn, set up, and maintain a linux box than to keep doing what I'm doing, I'm game.

    It will NEVER be easier to learn a new system than to stick with the system you already know. NEVER. Why do you think it would?

    Finding and downloading AdAware takes 3 minutes. I can grab lunch while it runs. Linux takes longer than 3 minutes to maintain.

    Did you just wake up one day and know that there was a product called AdAware and that you should install it?

    Or did you hear about it while reading about Windows vulnerabilities?

    But why would you read something like that when you're never affected by them?

    I know people who excel at acquiring viruses. My system does not perform like theirs.

    Yet another statement that makes no sense.

    Of course your system "perform[s] like theirs". You both run Windows.

    When "stuff goes wrong," I've got one. I back up important documents and don't keep anything sensitive on my machine. Yes, I'm living dangerously.

    What is with all of these statements? They make no sense what-so-ever.

    Do you

  25. apt-get install on Los Angeles to Consider Open Source Software · · Score: 1
    It deteriorates and dies quite easily. First a little thing goes wrong that I don't fix, then another.
    It's software. It doesn't decay. It doesn't wear out.
    I botch a couple installations of things because I don't bother reading the immense tomes.
    apt-get install foo

    Where are the "immense tomes" you're refering to?
    Pretty soon I have trouble booting. All the while, I'm using it less often, because I already spend ENOUGH time coding things I consider productive. It dies when I need the disk space to install Knights of the Old Republic II.
    Okayyyyyyyy....... I can do a complete distribution upgrade and still not have troubles booting.

    Did you ever think that the problem might be with you and not with Linux?
    A few years ago, I was very big into the "Linux shall overthrow Microsoft" crowd (running Linux, Mozilla, and OpenOffice, very unstably), and would still quite like to see it happen, and I do indeed consider Bill Gates to be a turd sandwich. I just feel that a switch to Linux at the moment involves a lot of work and research on my part, time I'd rather spend elsewhere.
    Yeah, whatever.

    If Windows works so well for you and Linux sucks so badly, then WHY were you ever against Microsoft? Why don't you respect Bill's achievement instead of regarding him as "a turd sandwich"?

    After all, you now have (so you claim) experience seeing how bad the alternatives are.
    Granted, money talks, I'm a big hypocrite, and if I wasn't getting academic pricing on Office, I'd probably have ditched it years ago.
    But OpenOffice.org is free (like beer). So it shouldn't be the price.

    And if, as you claim, you were "running Linux, Mozilla, and OpenOffice, very unstably", then why do you talk about dumping MSOffice?

    Is MSOffice also unstable for you?

    If so, then why are you paying to run it when OpenOffice.org is free (as in beer)?
    My 2001 Mandrake (the "friendly" one?) install sure didn't have an obvious link to it, and if I'm going to read 200 pages to find such things I'll much sooner pick up some good fiction.
    Ah, the old "I used Linux x years ago and it sucked".

    It's strange how you don't view finding AdAware, downloading it and running it to be too burdensome (no, it did NOT come with Windows), but Linux takes too much of your time.

    And without running anti-virus software, how will you know if you don't have a virus?

    Given how susceptible Windows is to viruses, isn't that a rather dumb thing to be doing? All it takes is one failure and you're infected.