Are you really that naive that you think that the economic impact to companies only affects a CEO or shareholder?
I said nothing about who is affected. I was talking about how people react. And that is what terrorism is about... the reaction. For as much of a pain in the ass as economic damage can be to your average person, it just doesn't generate the kind of emotional response as does "shit blowing up and people dying."
Maybe you weren't around during the immense number of layoffs surrounding 9/11 but it was pretty nasty. I am not trying to be harsh, but you really need to understand the way business works. If a company is hurt economically, it causes scale-backs, lower cost solutions (read as L2/H1B visas) and loss of benefits.
Gee, thanks for the business lession, but what you need to understand is that terrorism aims at something much more primal than economics and job benefits.
I hire a lot of developers, and I am amazed at the view of the world that says, "well, only the rich guys at the top get affected." Hate to tell you this sparky, but the fact remains: crap rolls downhill.
Heh, "crap rolls down hill." Sounds like Reaganomics.
You would feel differently if a company you worked for were hacked and could not afford to pay you.
And you would feel differently if a terrorist blew up your office or the building next door.
I am not saying it is the same as a person dying, but realize the incredible suffering these "criminal mischief" causes to the families of those laid off, or to those who lose medical benefits. Really this kind of view is immature and kind of ridiculous.
Well, don't act like it is MY view. I'm just saying that there is a difference between criminal mischief and terrorism... no matter how many people the criminal mischief affects. If an act isn't intended to induce terror for political or military ends, it isn't terrorism. It is that simple. I don't care how many people are affected or to what degree.
First, let's define what a terrorist is. Where do you draw the line? 3000 people dead? 300? 30? 3? I say that someone who deliberately sets out to cause havoc, knowing that their actions will cost jobs, induce fear, require cleanup, new security measures, etc.... that person is terrorizing their audience/victims, and is a terrorist.
That definition is far too inclusive to be useful. I'd limit it to something like "intentionally inducing fear and awe on a large scale through violent means with the purpose of furthering a political agenda."
Is the 14 year old kid that's deliberately looking for malware to kiddie-script into his own flavor and set loose in an attempt to be cool or flail against "corporations" (while using corporately made computer parts, listening to his decidedly not made-by-old-world-artisans iPod, wearing his corporately made clothing, and still alive past childbirth and unafflicted by polio and other nasties because of corporately made medical supplies) the same? No. He's intent on damage, and on making the news. He's a terrorist, just a lame one. But he's in the same camp as the guys who would blow up bridges or poison wells: chaos, fear, damage - all in the name of recognition.
That is criminal mischief. Not terrorism. Sorry, I don't see the comparison to real terrorism. Economic damage, while potentially serious, is not terrifying. It doesn't matter how you word it, "such and such act caused American businesses 10 billion dollars" is only terrifying to stock brokers and CEO's. Shit blowing up and people dying is terrifying to most anyone.
Where do the folks with an axe to grind get the chops for that stuff? From young, net-savvy kids with, as you put it, "too much time on their hands" who are disaffected, susceptible to bent ideolgies because of the feeling of inclusion, and easily intimidated. Whether young people like that are tools, or have it in them to dream up and execute stuff like this on their own, for their own Columbine-like revenge fantasy reasons, don't dismiss it as just kids' stuff. The consequences for millions of lives, jobs, and for history could be huge.
Just because I am reluctant to label every deliberate criminal act as "terrorism" doesn't mean I think the acts aren't potentially very serious.
Lastly, if you (as you do seem to) consider the 9/11 attacks as terrorism - what would you have been willing to tolerate, law-enforcement-wise, intelligence-gathering-wise, to prevent them?
I don't see how this is at all relevant.
What should the people in Spain have been willing to put up with at their train stations before 3/11?
I am not in a position to be telling other people what they should be willing to put up with.
Would any of us have tolerated the preventative measures before that stuff happened? Will we have the same conversation after a large municipal drinking water supply gets raw sewage pumped into it by a cranky ex-employee who knows that the SCADA system controlling the treatment plant still has the factory default password set? Or, posts that info on some forum where a 13-year-old kid with "too much time on his hands" decides to try his hand at it?
I get my slaves for 6 million credits on the Martian black market. They don't have to pass all the pesky health tests. I figure I make more profit per unit (of slave) in the short run even if they are spreading disease amongst themselves and not living as long. Even the healthy slaves on the regular market don't live very long.
Obvious critical systems such as nuclear reactor controls should be on isolated networks and deserve special security considerations. The issue is IT security in general. The major threat is not terrorists. The major threat is what we currently experience. That is, spammers, kids with too much time on their hands, con artists, and black hat hackers. The usual fare.
But one thing is true: our computers are horribly insecure and are at risk not ONLY from terrorists, but from pimply-faced teenagers that live down the street. And it doesn't matter what license your software uses or what OS it runs. The fact is that there aren't many programmers out there who bother writing secure software, and even fewer customers who demand it.
To be fair to customers and programmers, you should consider that security often means inconvenience and lost functionality for users. For similar reasons, most people don't have more than a generic deadbolt on their home. They don't demand their their home be an impenetrable fortress. Why would you expect them to demand it from their software?
There's no reason to think that Islamic terrorists would be any more competent virus writers than those that currently plague us.
One has to wonder why a real terrorist would even bother inflicting damage through the Internet. Yeah, it sucks to have systems shut down and whatnot, and it can hurt the economy if done on a wide enough scale, but if nobody dies, and nothing is blowing up, how is it terrifying? There have been several worms in the last few years that have shut down significant portions of the Internet and cost businesses billions, but I bet you most people didn't even know what happened. All they knew is that they couldn't get to hotmail for a few hours or whatever.
Furthermore, there is every reason to believe that terorists would want a functioning Internet for their own communications. They don't have fancy private satelite networks and whatnot, but they can send GPG encrypted emails.
When an Internet worm destroys two buildings in New York City and kills thousands of people, THEN maybe you can compare 13 year old boys with too much time on their hands with terrorists. Until then, lets leave terrorism out of this. Ok? There is no comparison. I dont' care how much money Internet worm X costs companies, it doesn't compare to shit blowing up and people dying.
Sorry sir, your logic does not follow. Just because the winners were risk-takers, it does not necessarilly follow that risk-takers are winners. The risk-takers are winners because they took the right risk at the (right) time. That said, I do not think Linux is a "risk" these days.
I think he made it clear (in th epart you didn't quote) that not all risk takers are winners. He was merely saying that big winners tend to be risk takers. And this is true. Whether it is gambling, investing, new technologies, or new paradigms. This is actually pretty obvious. That said, I agree with you. Using Linux or opensource software in general is not a risk. It may not be the easiest to deploy at times and it isn't necessarily the best tool for every job, but it isn't like there is some Linux, Inc. that is just going to fold up one day and leave all users high and dry. On the contrary, opensource software has the interesting quality of being nearly impossible to destroy.
You're obviously someone who just lets it install whatever and do its thing.
I install whatever basedebs.tar puts on my system which is well over 20MB (including the kernel and all). THere are even more in Sarge. I do understand that not all of them are "required." Do you go back and remove many of these packages? If so, that would be rather strange, IMO.
Regardless, the fact that you could concievably install a very minimal and small Debian system is irrelevent. It is not a very useful system. There are much better options for small systems. Debian proper is not designed to be very useful in a minimal. Also, just because Debian proper drops support for different archs doesn't mean that all Debian derived dists for those archs are dead in teh water. It isn't like those developers are just going to pack up and go home.
"Debian based" is not the same thing as "Debian proper." Debian dropping support for a given arch would not significantly affect Debian derived dists with their own installers and customizations. The only thing that makes Debian Debian is the installer. Otherwise it is just a bunch of deb packages that can be recompiled for most any arch supported by gcc and the Linux kernel.
I agree on the RPM thing, but Ubuntu upgrading from Warty to Hoary worked as I had hoped.
Sure, that is because Ubuntu is essentially Debian. Ubuntu is a great example of what people can do with Debian. I mean, just because Debian officially drops support for certain archs doesn't mean someone won't be able to pull an "Ubuntu" on another arch. It is just a matter of maintaining an installer/booter and recompiling the packages.
How exactly do you get a "base install?" Before I run dselect or any APT sources (or the CDs) are referenced, my new Debian systems are WAY over 20MB. The basedebs.tar file in Woody is 27MB... and that is compressed (individually inside the tar). Sarge is a little more complicated though, maybe you can get it down to 20MB with an expert install, i've never really tried.
In my experience, apt is not the same when implemented on other dists. One the surface the commands are the same, but the integration isn't there. Neither are the normal debian repositories. Like you can't upgrade the whole system with apt-get dist-upgrade.
I mean, debian is the only distro that supports all the exotic architectures. If debian only supports the main architectures in futre, what then will the difference be between them and SuSE, Mandrake, Ubuntu and Gentoo for that matter?
I'm sure there will be branches of Debian for the other archs. It isn't like the individuals working on the dropped archs would just give up and go home. They just won't be officially "Debian" and they won't follow the normal release cycle. It isn't really THAT big of a deal.
... [Linux] zealots are gonna console themselves on this.
If it significantly improves the Debian release cycle, yes.
If it were the other way round, you'd hear them praising themselves on how Linux is great as it's available on all platforms.
Umm, it still would be avaiable on so many platforms. Debian is just one distribution. I'm sure there will be people who will maintain a Debian-like system for all the existing archs.
All they have to do is rebuild the packages and maintain an installer for the architecture in question. They just won't be officially "Debian." But thanks for Trolling.
Slashdot Mirror
I seriously doubt that a company the size of Novell is going to take people off the support lines to be sysadmin for a day. ;-)
-matthew
They might be their own service facility, but they still have to pay someone to do the work, just like anyone else.
-matthew
I said nothing about who is affected. I was talking about how people react. And that is what terrorism is about... the reaction. For as much of a pain in the ass as economic damage can be to your average person, it just doesn't generate the kind of emotional response as does "shit blowing up and people dying."
Maybe you weren't around during the immense number of layoffs surrounding 9/11 but it was pretty nasty. I am not trying to be harsh, but you really need to understand the way business works. If a company is hurt economically, it causes scale-backs, lower cost solutions (read as L2/H1B visas) and loss of benefits.
Gee, thanks for the business lession, but what you need to understand is that terrorism aims at something much more primal than economics and job benefits.
I hire a lot of developers, and I am amazed at the view of the world that says, "well, only the rich guys at the top get affected." Hate to tell you this sparky, but the fact remains: crap rolls downhill.
Heh, "crap rolls down hill." Sounds like Reaganomics.
You would feel differently if a company you worked for were hacked and could not afford to pay you.
And you would feel differently if a terrorist blew up your office or the building next door.
I am not saying it is the same as a person dying, but realize the incredible suffering these "criminal mischief" causes to the families of those laid off, or to those who lose medical benefits. Really this kind of view is immature and kind of ridiculous.
Well, don't act like it is MY view. I'm just saying that there is a difference between criminal mischief and terrorism... no matter how many people the criminal mischief affects. If an act isn't intended to induce terror for political or military ends, it isn't terrorism. It is that simple. I don't care how many people are affected or to what degree.
-matthew
What "facts," exactly, have I expressed ignorance of?
-matthew
That definition is far too inclusive to be useful. I'd limit it to something like "intentionally inducing fear and awe on a large scale through violent means with the purpose of furthering a political agenda."
Is the 14 year old kid that's deliberately looking for malware to kiddie-script into his own flavor and set loose in an attempt to be cool or flail against "corporations" (while using corporately made computer parts, listening to his decidedly not made-by-old-world-artisans iPod, wearing his corporately made clothing, and still alive past childbirth and unafflicted by polio and other nasties because of corporately made medical supplies) the same? No. He's intent on damage, and on making the news. He's a terrorist, just a lame one. But he's in the same camp as the guys who would blow up bridges or poison wells: chaos, fear, damage - all in the name of recognition.
That is criminal mischief. Not terrorism. Sorry, I don't see the comparison to real terrorism. Economic damage, while potentially serious, is not terrifying. It doesn't matter how you word it, "such and such act caused American businesses 10 billion dollars" is only terrifying to stock brokers and CEO's. Shit blowing up and people dying is terrifying to most anyone.
Where do the folks with an axe to grind get the chops for that stuff? From young, net-savvy kids with, as you put it, "too much time on their hands" who are disaffected, susceptible to bent ideolgies because of the feeling of inclusion, and easily intimidated. Whether young people like that are tools, or have it in them to dream up and execute stuff like this on their own, for their own Columbine-like revenge fantasy reasons, don't dismiss it as just kids' stuff. The consequences for millions of lives, jobs, and for history could be huge.
Just because I am reluctant to label every deliberate criminal act as "terrorism" doesn't mean I think the acts aren't potentially very serious.
Lastly, if you (as you do seem to) consider the 9/11 attacks as terrorism - what would you have been willing to tolerate, law-enforcement-wise, intelligence-gathering-wise, to prevent them?
I don't see how this is at all relevant.
What should the people in Spain have been willing to put up with at their train stations before 3/11?
I am not in a position to be telling other people what they should be willing to put up with.
Would any of us have tolerated the preventative measures before that stuff happened? Will we have the same conversation after a large municipal drinking water supply gets raw sewage pumped into it by a cranky ex-employee who knows that the SCADA system controlling the treatment plant still has the factory default password set? Or, posts that info on some forum where a 13-year-old kid with "too much time on his hands" decides to try his hand at it?
What does this have to do with terrorism?
-matthew
I get my slaves for 6 million credits on the Martian black market. They don't have to pass all the pesky health tests. I figure I make more profit per unit (of slave) in the short run even if they are spreading disease amongst themselves and not living as long. Even the healthy slaves on the regular market don't live very long.
"Cold" doesn't even begin to describe how that sounds.
THESE are the major damage caused by the attacks on 9/11. I'm not dismissing the lives of the dead,
That is exactly what you are doing.
Imagine someone compromises Visa in a major way. Or Bank of America. Ya still think the impact is small?
I didn't say the potential impact of computer crime was small. I said there is no reasonable comparison to terrorism.
-matthew
Obvious critical systems such as nuclear reactor controls should be on isolated networks and deserve special security considerations. The issue is IT security in general. The major threat is not terrorists. The major threat is what we currently experience. That is, spammers, kids with too much time on their hands, con artists, and black hat hackers. The usual fare.
-matthew
To be fair to customers and programmers, you should consider that security often means inconvenience and lost functionality for users. For similar reasons, most people don't have more than a generic deadbolt on their home. They don't demand their their home be an impenetrable fortress. Why would you expect them to demand it from their software?
-matthew
One has to wonder why a real terrorist would even bother inflicting damage through the Internet. Yeah, it sucks to have systems shut down and whatnot, and it can hurt the economy if done on a wide enough scale, but if nobody dies, and nothing is blowing up, how is it terrifying? There have been several worms in the last few years that have shut down significant portions of the Internet and cost businesses billions, but I bet you most people didn't even know what happened. All they knew is that they couldn't get to hotmail for a few hours or whatever.
Furthermore, there is every reason to believe that terorists would want a functioning Internet for their own communications. They don't have fancy private satelite networks and whatnot, but they can send GPG encrypted emails.
-matthew
Just because you "can be" doesn't mean you "should be."
-matthew
When an Internet worm destroys two buildings in New York City and kills thousands of people, THEN maybe you can compare 13 year old boys with too much time on their hands with terrorists. Until then, lets leave terrorism out of this. Ok? There is no comparison. I dont' care how much money Internet worm X costs companies, it doesn't compare to shit blowing up and people dying.
-matthew
Well, you did take it out of context.
-matthew
I think he made it clear (in th epart you didn't quote) that not all risk takers are winners. He was merely saying that big winners tend to be risk takers. And this is true. Whether it is gambling, investing, new technologies, or new paradigms. This is actually pretty obvious. That said, I agree with you. Using Linux or opensource software in general is not a risk. It may not be the easiest to deploy at times and it isn't necessarily the best tool for every job, but it isn't like there is some Linux, Inc. that is just going to fold up one day and leave all users high and dry. On the contrary, opensource software has the interesting quality of being nearly impossible to destroy.
-matthew
I install whatever basedebs.tar puts on my system which is well over 20MB (including the kernel and all). THere are even more in Sarge. I do understand that not all of them are "required." Do you go back and remove many of these packages? If so, that would be rather strange, IMO.
Regardless, the fact that you could concievably install a very minimal and small Debian system is irrelevent. It is not a very useful system. There are much better options for small systems. Debian proper is not designed to be very useful in a minimal. Also, just because Debian proper drops support for different archs doesn't mean that all Debian derived dists for those archs are dead in teh water. It isn't like those developers are just going to pack up and go home.
-matthew
Still, most embedded develpers would be better off using a more specialized distribution (even if Debian derived) or a completly custom setup.
-matthew
"Debian based" is not the same thing as "Debian proper." Debian dropping support for a given arch would not significantly affect Debian derived dists with their own installers and customizations. The only thing that makes Debian Debian is the installer. Otherwise it is just a bunch of deb packages that can be recompiled for most any arch supported by gcc and the Linux kernel.
-matthew
Sure, that is because Ubuntu is essentially Debian. Ubuntu is a great example of what people can do with Debian. I mean, just because Debian officially drops support for certain archs doesn't mean someone won't be able to pull an "Ubuntu" on another arch. It is just a matter of maintaining an installer/booter and recompiling the packages.
-matthew
How exactly do you get a "base install?" Before I run dselect or any APT sources (or the CDs) are referenced, my new Debian systems are WAY over 20MB. The basedebs.tar file in Woody is 27MB... and that is compressed (individually inside the tar). Sarge is a little more complicated though, maybe you can get it down to 20MB with an expert install, i've never really tried.
-matthew
I'm sure there will remain a fork of Debian for ARM. It just won't be officially "debian" and it won't follow the normal release cycles. -matthew
In my experience, apt is not the same when implemented on other dists. One the surface the commands are the same, but the integration isn't there. Neither are the normal debian repositories. Like you can't upgrade the whole system with apt-get dist-upgrade.
-matthew
I'm sure there will be branches of Debian for the other archs. It isn't like the individuals working on the dropped archs would just give up and go home. They just won't be officially "Debian" and they won't follow the normal release cycle. It isn't really THAT big of a deal.
-matthew
Umm, no. Debian is not at all appropriate for embedded systems.
-matthew
Consider that a minimum Debian installation is over 100MB. Debian is definitly not aimed at embedded systems. Never was.
-matthew
If it significantly improves the Debian release cycle, yes.
If it were the other way round, you'd hear them praising themselves on how Linux is great as it's available on all platforms.
Umm, it still would be avaiable on so many platforms. Debian is just one distribution. I'm sure there will be people who will maintain a Debian-like system for all the existing archs. All they have to do is rebuild the packages and maintain an installer for the architecture in question. They just won't be officially "Debian." But thanks for Trolling.
-matthew