You're sleeping. I sneak in your room, get your HDD, put it on MY computer, replace your bootloader with one with a key logger, which will later on send your dm-crypt password to me the next time you get online. Then, I put back the HDD on your computer while you're still asleep. A physical jumper doesn't prevent THAT. UEFI secure boot does.
You're sleeping. I sneak in your room, get your HDD, put it on MY computer, replace your bootloader with one with a key logger, which will later on send your dm-crypt password to me the next time you get online. Then, I put back the HDD on your computer while you're still asleep. A sector locking in the BIOS doesn't prevent THAT. UEFI secure boot does.
It's quite difficult to design a system for adding keys manually.
Is this a joke? COME ON, it's not!!!
MS could argue that an attacker with physical access to the device would have a much easier time installing some snooper tool to pick up the encryption keys
That's exactly what UEFI secure boots prevent! If there wasn't that issue, then we wouldn't need secure boot, especially on the Linux platforms.
In a perfect world, you would be able to run Windows without problems [...] You would also be able to run for example Redhat Linux without problems
Let me rephrase: in a normal world where the UEFI specs would written correctly and respected, the user would be able to enter the bootloader signature if he wants to boot something he wants.
Did you read TFA? Secure boot is an improvement in terms of security, which for example prevents someone from sneaking into your computer, grabbing the HDD, putting a keylogger on the bootloader, and put back the HDD in place, waiting for you to type your dm-crypt passphrase. With a BIOS password, and a secure boot signature check, that'd be impossible to do.
Let's say I encrypt all my linux partitions, then somebody sneaks into my laptop, replaces the bootloader by something he created (or that his best buddy gave to him), which prints the exact same things as I'm used to on the screen, but instead of asking me the passphrase for my dm-crypt partitions, it's just a keylogger thing... I'd have no way to see the difference... UNLESS there's UEFI, which would see that the bootloader has been replaced. Please don't tell that bootloader signing isn't important, that's simply not truth.
That's NOT the point. The point is the UEFI specs should have IMPOSED to OEM makers that the users can enter the bootloader signature if they feel like it. Now, Microsoft forbids it, in the name of security. So the flowchart is more:
1. It can be done in an open way and still be an improvement in terms of security, without even needing features to disable bootloader signature checking.
2. Is MS abusing his business power here, by compromising the UEFI specs which are already broken in many ways, and not followed by OEMs.
3. OEMs will most likely follow MS "recommendations", because they do want the stupid "Windows 8 ready" logo.
4. Somebody has to stand (the EFF? the FSF?) and make this kind of anti-competition behavior stop.
If you didn't get it, the bootloader, in a fully encrypted HDD, is the only piece of software that can be hijacked. WE DO need the bootloader signature checks if we want to have a fully secured system. But of course, not this way. In a way were we can manually enter ANY signature by ourselves if we want to.
The funny thing is that this is exactly what Linux users have been asking for.
Yeah, right... We all have been asking not to be able to boot our favorite operating system. Do you have some more jokes of the like?
And why not bitch at Apple for locking down OS X
Not to worry here: we do! I will never buy an Apple product.
The most important thing is - Microsoft's OS's have minimal market share on ARM-based device.
NO! We're talking about laptops/netbooks here, running ARM, not just phones and tablets, and it's about (U)EFI booting. This is something new. How many models exactly have you seen around? When I go to computer shops, I can't see any right now, simply because... windows 8 with ARM support isn't out yet!
But you know, all this finally, may be a good news. Microsoft has been ignoring, then laughing about Linux. Now it's really clear that they FEAR it, and it shows (this is a good example).
Not only you don't understand even a tiny bit about the topic, but you're also very disrespectful about millions of Linux users. If you don't want to be too stupid on your next post about UEFI, then here's some readings: http://lists.debian.org/debian-devel/2012/01/msg00168.html
And the impact is very visible to me as I'm from Minnesota, and I can see that our winters have gotten progressively milder over my lifetime.
NO! First, that's not a scientific way of studying things, and it's charged with emotions from a very long time ago, which (sorry, but that's truth) your human brain can't deal with. Second, even if we could take into account your personal experience (I don't think it's valid, but let's admit so), then it doesn't tell you if it is caused by CO2 or if it's a natural process, let's say as an effect from the sun activity.
The ice caps are shrinking rapidly, according to people who measure such things, and satellite photos make such information visible to anyone.
There's a huge controversy about that. There's no doubts that it got hotter in the north, but also no doubts that during the last period, it got cooler in the south. And then, scientists are fighting with numbers, each saying that their numbers are more accurate.
And those are big disasters: increases in typhoons, sea level changes, tornadoes, alterations in the monsoon seasons, among many other scary situations.
Sea levels are something that we really know. We have real data from the last 2 centuries because, for navigation, we need to know what happens with tides. These numbers are very accurate, and not subject to controversy of any kind. The data are showing a very constant increase of 20 cm per year (about 7 inches, if you like this unit better). That's absolutely nothing to worry about, don't believe the bullshit al-gore-like scams were we see rise of 20m (which equals to the melting of absolutely all ice on earth according to models).
As for typhoons and tornadoes, it's very hard to demonstrate that there is any correlations with the global temperatures. Data over the last 1 or 2 decades can't show any evidence of that. However, it seems it might well be possible, yes, but we aren't really sure of that just yet.
While I'm about as land-locked as a person can be, and have little to fear from sea level changes, the impact to the large percentage of humanity living on the coasts of the oceans could be staggering.
Most of the issues observed for those living in such very low land aren't due to sea level rise, but the fact that the coral barrier is often destroyed by humans.
As far as "who's funding which studies", that pattern is much clearer: as expected, studies funded by industries show low impacts, and studies funded by environmental groups show high impacts. In almost every other case industrial studies downplaying environmental impacts have eventually been proven to be lies. I have no reason to think otherwise here.
Thanks for taking the time to make yourself clear. I agree with the first part, but really, I'm not sure with the 2nd one.
While I'm 100% sure about toxins, as you said only "most climatologists" agree, but many who don't aren't climatologists which research would be funded to search a global disaster. This thing seem to be full of lobbying and it scares the hell out of me that each time I read a scientific paper about global warming, I also have to research who's writing it, as it's very often biased views that we are given as facts. To the question "how many more degrees for a doubling of CO2 emissions", we have still so many answers to choose from, from 1 or 2 degree (in which case we shouldn't care) to many more (in which case, it's gona be ugly), and unfortunately, that's the key question.
And while CO2 may not be the best number to measure for human health problems, it's an important measure with respect to global climate change.
That's the problem! We aren't sure of the scale of the effect of CO2. But we are 100% sure for the rest of. Like I'm 100% sure that I've been sick after going in the city center of Shanghai because of pollution.
Chinese particulates are regional, and precipitate out long before they get across the Pacific. Remember, as long as we get cheap consumer goods from them we don't care how much China pollutes their own sky, their own dirt[...]
So basically, even if it kills Chinese, you don't care, if at least it doesn't arm US citizen? What a selfish jerk! Or maybe that's "humor"? If so, that's not funny.
We only want to worry about their contribution to CO2 around the globe
This is why the CO2 scam is extremely dangerous. We're focusing on the wrong thing. Also, if it's down to pollution per hab, US is the clear winner.
It's not like the average Chinese citizen is gonna be charged $100,000 for a single hospital visit.
What do you mean here? You think health care in China is for free, like in France, or in UK? That's simply not the case, and a visit to the hospital can be really expensive. Also, there's all sorts of corruption there (like, you'd have to give a "red bag" to be able to choose which doctor you'd have and not get a just-graduated student). Let me tell you: you'd better not get sick in China!
According to this report, China now produces 6,832 m tons of CO2, a 754% increase since 1971.
Why not going back to numbers of middle age? That should be a quite impressive increase then. For anyone who knows Chinese history, it's obvious that activity in 1971 wasn't high, so it really doesn't make sense at all. And by the way, since when CO2 is one of the worth polluting component? Judging by the short version, it doesn't at all make me want to read TFA. Then I still did, and TFA is crap. Come to Shanghai, and I'll show you that the biggest issue isn't CO2!!!
But any decent editor lets you indent or unindent blocks as a whole, so it not really a problem.
It is, because there's no way to really SEE what's going on, you're just betting that it will be ok. Just saying that your editor can fix it is just wrong. An error in the indentation can cost really a lot of wasted time, and that is a big issue.
But any decent editor lets you indent or unindent blocks as a whole, so it not really a problem. Especially because Python does not enforce a particular indentation, as long as you are consistent within blocks.
The issue is the "as long as". When you work in teams, people have different coding habits, some using spaces, some using tabs. I know, they shouldn't, and in any given project, people should use the same standard. But that is the reality you always face. So this consistency is often not there, and often, you run into issues.
php-fpm doesn't scale if you have too many vhosts (it takes too much RAM for each site, with processes that will wait doing nothing). A cgi wrapper like sbox has my preference for shared hosting, with the added bonus that it also works for Ruby, Perl and Python (yes, the same wrapper...).
Does PHP have that kind of analysis (compilers or some kind of code analysis) to detect errors during design time or do you still have to wait until run time? Last time I was into PHP had to have been 5 years so I'd hope improvements have been made.
If you're searching for some kind of "lint for php", then yes, such thing does exist.
The side effect is that the fcgi-served PHP is actually faster, because it is served faster to the client.
fcgi aren't usable when you have hundreds of hosts in a shared environment: it uses too much memory. Which is why I use AddHandler and Action directives, with our custom cgi wrapper.
I agree that nginx might be a good choice when you do ONE custom application, and can decide for everything. But when you're running a generic hosting thing, you need mod_cband, mod_security, (and mod_log_sql in our case), and so on, which nginx doesn't have.
Anyway, performance wise, most of the time is spent on serving small images, not big PHP scripts. Adding a reverse proxy solves most of the load issues on busy sites because of this (varnish is a nice choice for this, btw).
I personally think of it as a feature, it prevents you from blindly copy pasting code.
Saying "copy/pasting" is totally missing the point. Most of the time, you'd be refactoring, so you'd be CUT/pasting, when moving things to a new function, which of course, require re-indenting. And that's when it becomes so annoying: you have to completely rework the indentation and make sure that you didn't miss even ONE space/tab. That's totally stupid and time consuming for no valid reason.
Whitespace is something the human eye is VERY good at seeing, a missing curly-brace on the other hand is NOT.
No. Human are good at seeing whitespaces (with an S), but it's very easy to miss just one single missing space. Also, please explain to me how you make the difference between spaces and tabs. Simple: you DON'T see it.
but honestly, code indenting in python is usually not a problem after a couple weeks at the most.
I don't agree with that. Code indenting in python is the most annoying thing of that language, and even after years, you might run into issues because of it.
Come on! OF COURSE, this alone, can be a blocker. Especially when there's stupid people that advise you to use spaces instead of tabs. That becomes a real mess, and having to fight with spaces and tabs on top of the real code itself is really stupid. I do like python to some degree, but I hate that "feature".
Firstly, there's a question of which version they are running
Most of the time, you don't care that. Your scripts MUST be able to run on any decent PHP (that is, >= 5.2). If not, then it's entirely your fault.
there are tons of components available, some host support a lot, others support only a few
If you need some of the components and your host refuses to install them, then choose a better host! Most will have lots of them anyway.
Documentation is lacking, and is only sufficient with the user comments, many times I don't want to have to read through pages of user comments to find something that should have been in the docs in the first place.
Strange that you think this way. I always have found the php.net website a very good reference, and very few times, I need to look at users comments (which you should take care a lot when reading, some have very poor level, and even sometimes, you see security issues in the code).
Also, it's interpreted at runtime, which means that it's about 10x slower than other options like.Net and Java.
That one is plain BULLSHIT. First, Yahoo made some benchmarks, and PHP is faster than Java in many cases (and that's why they use it). Second, if you use things like php-apc (available in main in Debian 6.0), then there's very efficient caching mechanisms.
Facebook compiles all their PHP to C to get the needed performance out of it.
But that doesn't at all mean PHP is slower than.NET or Java!!! It just mean that Facebook is huge, and that when you have thousands of servers to run a website, it might be cheaper to invest in a PHP to C compiler than buying more servers.
Slashdot Mirror
You're sleeping. I sneak in your room, get your HDD, put it on MY computer, replace your bootloader with one with a key logger, which will later on send your dm-crypt password to me the next time you get online. Then, I put back the HDD on your computer while you're still asleep. A physical jumper doesn't prevent THAT. UEFI secure boot does.
You're sleeping. I sneak in your room, get your HDD, put it on MY computer, replace your bootloader with one with a key logger, which will later on send your dm-crypt password to me the next time you get online. Then, I put back the HDD on your computer while you're still asleep. A sector locking in the BIOS doesn't prevent THAT. UEFI secure boot does.
It's quite difficult to design a system for adding keys manually.
Is this a joke? COME ON, it's not!!!
MS could argue that an attacker with physical access to the device would have a much easier time installing some snooper tool to pick up the encryption keys
That's exactly what UEFI secure boots prevent! If there wasn't that issue, then we wouldn't need secure boot, especially on the Linux platforms.
In a perfect world, you would be able to run Windows without problems [...] You would also be able to run for example Redhat Linux without problems
Let me rephrase: in a normal world where the UEFI specs would written correctly and respected, the user would be able to enter the bootloader signature if he wants to boot something he wants.
Did you read TFA? Secure boot is an improvement in terms of security, which for example prevents someone from sneaking into your computer, grabbing the HDD, putting a keylogger on the bootloader, and put back the HDD in place, waiting for you to type your dm-crypt passphrase. With a BIOS password, and a secure boot signature check, that'd be impossible to do.
Let's say I encrypt all my linux partitions, then somebody sneaks into my laptop, replaces the bootloader by something he created (or that his best buddy gave to him), which prints the exact same things as I'm used to on the screen, but instead of asking me the passphrase for my dm-crypt partitions, it's just a keylogger thing... I'd have no way to see the difference ... UNLESS there's UEFI, which would see that the bootloader has been replaced. Please don't tell that bootloader signing isn't important, that's simply not truth.
Why the fuck are you talking about Android? Have you ever seen an Android device using UEFI?
That's NOT the point. The point is the UEFI specs should have IMPOSED to OEM makers that the users can enter the bootloader signature if they feel like it. Now, Microsoft forbids it, in the name of security. So the flowchart is more:
1. It can be done in an open way and still be an improvement in terms of security, without even needing features to disable bootloader signature checking.
2. Is MS abusing his business power here, by compromising the UEFI specs which are already broken in many ways, and not followed by OEMs.
3. OEMs will most likely follow MS "recommendations", because they do want the stupid "Windows 8 ready" logo.
4. Somebody has to stand (the EFF? the FSF?) and make this kind of anti-competition behavior stop.
If you didn't get it, the bootloader, in a fully encrypted HDD, is the only piece of software that can be hijacked. WE DO need the bootloader signature checks if we want to have a fully secured system. But of course, not this way. In a way were we can manually enter ANY signature by ourselves if we want to.
Microsoft doesn't have monopoly on ARM-based devices. On top of that, even Android[...]
YOU DON'T GET IT!!! We're not talking about PHONES here, but about real computers, with UEFI instead of the BIOS!
The funny thing is that this is exactly what Linux users have been asking for.
Yeah, right... We all have been asking not to be able to boot our favorite operating system. Do you have some more jokes of the like?
And why not bitch at Apple for locking down OS X
Not to worry here: we do! I will never buy an Apple product.
The most important thing is - Microsoft's OS's have minimal market share on ARM-based device.
NO! We're talking about laptops/netbooks here, running ARM, not just phones and tablets, and it's about (U)EFI booting. This is something new. How many models exactly have you seen around? When I go to computer shops, I can't see any right now, simply because ... windows 8 with ARM support isn't out yet!
But you know, all this finally, may be a good news. Microsoft has been ignoring, then laughing about Linux. Now it's really clear that they FEAR it, and it shows (this is a good example).
Not only you don't understand even a tiny bit about the topic, but you're also very disrespectful about millions of Linux users. If you don't want to be too stupid on your next post about UEFI, then here's some readings: http://lists.debian.org/debian-devel/2012/01/msg00168.html
And the impact is very visible to me as I'm from Minnesota, and I can see that our winters have gotten progressively milder over my lifetime.
NO! First, that's not a scientific way of studying things, and it's charged with emotions from a very long time ago, which (sorry, but that's truth) your human brain can't deal with. Second, even if we could take into account your personal experience (I don't think it's valid, but let's admit so), then it doesn't tell you if it is caused by CO2 or if it's a natural process, let's say as an effect from the sun activity.
The ice caps are shrinking rapidly, according to people who measure such things, and satellite photos make such information visible to anyone.
There's a huge controversy about that. There's no doubts that it got hotter in the north, but also no doubts that during the last period, it got cooler in the south. And then, scientists are fighting with numbers, each saying that their numbers are more accurate.
And those are big disasters: increases in typhoons, sea level changes, tornadoes, alterations in the monsoon seasons, among many other scary situations.
Sea levels are something that we really know. We have real data from the last 2 centuries because, for navigation, we need to know what happens with tides. These numbers are very accurate, and not subject to controversy of any kind. The data are showing a very constant increase of 20 cm per year (about 7 inches, if you like this unit better). That's absolutely nothing to worry about, don't believe the bullshit al-gore-like scams were we see rise of 20m (which equals to the melting of absolutely all ice on earth according to models).
As for typhoons and tornadoes, it's very hard to demonstrate that there is any correlations with the global temperatures. Data over the last 1 or 2 decades can't show any evidence of that. However, it seems it might well be possible, yes, but we aren't really sure of that just yet.
While I'm about as land-locked as a person can be, and have little to fear from sea level changes, the impact to the large percentage of humanity living on the coasts of the oceans could be staggering.
Most of the issues observed for those living in such very low land aren't due to sea level rise, but the fact that the coral barrier is often destroyed by humans.
As far as "who's funding which studies", that pattern is much clearer: as expected, studies funded by industries show low impacts, and studies funded by environmental groups show high impacts. In almost every other case industrial studies downplaying environmental impacts have eventually been proven to be lies. I have no reason to think otherwise here.
I agree.
Thanks for taking the time to make yourself clear. I agree with the first part, but really, I'm not sure with the 2nd one.
While I'm 100% sure about toxins, as you said only "most climatologists" agree, but many who don't aren't climatologists which research would be funded to search a global disaster. This thing seem to be full of lobbying and it scares the hell out of me that each time I read a scientific paper about global warming, I also have to research who's writing it, as it's very often biased views that we are given as facts. To the question "how many more degrees for a doubling of CO2 emissions", we have still so many answers to choose from, from 1 or 2 degree (in which case we shouldn't care) to many more (in which case, it's gona be ugly), and unfortunately, that's the key question.
And while CO2 may not be the best number to measure for human health problems, it's an important measure with respect to global climate change.
That's the problem! We aren't sure of the scale of the effect of CO2. But we are 100% sure for the rest of. Like I'm 100% sure that I've been sick after going in the city center of Shanghai because of pollution.
Chinese particulates are regional, and precipitate out long before they get across the Pacific. Remember, as long as we get cheap consumer goods from them we don't care how much China pollutes their own sky, their own dirt[...]
So basically, even if it kills Chinese, you don't care, if at least it doesn't arm US citizen? What a selfish jerk! Or maybe that's "humor"? If so, that's not funny.
We only want to worry about their contribution to CO2 around the globe
This is why the CO2 scam is extremely dangerous. We're focusing on the wrong thing. Also, if it's down to pollution per hab, US is the clear winner.
It's not like the average Chinese citizen is gonna be charged $100,000 for a single hospital visit.
What do you mean here? You think health care in China is for free, like in France, or in UK? That's simply not the case, and a visit to the hospital can be really expensive. Also, there's all sorts of corruption there (like, you'd have to give a "red bag" to be able to choose which doctor you'd have and not get a just-graduated student). Let me tell you: you'd better not get sick in China!
According to this report, China now produces 6,832 m tons of CO2, a 754% increase since 1971.
Why not going back to numbers of middle age? That should be a quite impressive increase then. For anyone who knows Chinese history, it's obvious that activity in 1971 wasn't high, so it really doesn't make sense at all. And by the way, since when CO2 is one of the worth polluting component? Judging by the short version, it doesn't at all make me want to read TFA. Then I still did, and TFA is crap. Come to Shanghai, and I'll show you that the biggest issue isn't CO2!!!
Debian was first released in late 1995, please check here: http://timeline.debian.net/
But any decent editor lets you indent or unindent blocks as a whole, so it not really a problem.
It is, because there's no way to really SEE what's going on, you're just betting that it will be ok. Just saying that your editor can fix it is just wrong. An error in the indentation can cost really a lot of wasted time, and that is a big issue.
But any decent editor lets you indent or unindent blocks as a whole, so it not really a problem. Especially because Python does not enforce a particular indentation, as long as you are consistent within blocks.
The issue is the "as long as". When you work in teams, people have different coding habits, some using spaces, some using tabs. I know, they shouldn't, and in any given project, people should use the same standard. But that is the reality you always face. So this consistency is often not there, and often, you run into issues.
php-fpm doesn't scale if you have too many vhosts (it takes too much RAM for each site, with processes that will wait doing nothing). A cgi wrapper like sbox has my preference for shared hosting, with the added bonus that it also works for Ruby, Perl and Python (yes, the same wrapper...).
Does PHP have that kind of analysis (compilers or some kind of code analysis) to detect errors during design time or do you still have to wait until run time? Last time I was into PHP had to have been 5 years so I'd hope improvements have been made.
If you're searching for some kind of "lint for php", then yes, such thing does exist.
Modern Perl
There's no such thing in this world. :)
The side effect is that the fcgi-served PHP is actually faster, because it is served faster to the client.
fcgi aren't usable when you have hundreds of hosts in a shared environment: it uses too much memory. Which is why I use AddHandler and Action directives, with our custom cgi wrapper.
I agree that nginx might be a good choice when you do ONE custom application, and can decide for everything. But when you're running a generic hosting thing, you need mod_cband, mod_security, (and mod_log_sql in our case), and so on, which nginx doesn't have.
Anyway, performance wise, most of the time is spent on serving small images, not big PHP scripts. Adding a reverse proxy solves most of the load issues on busy sites because of this (varnish is a nice choice for this, btw).
I personally think of it as a feature, it prevents you from blindly copy pasting code.
Saying "copy/pasting" is totally missing the point. Most of the time, you'd be refactoring, so you'd be CUT/pasting, when moving things to a new function, which of course, require re-indenting. And that's when it becomes so annoying: you have to completely rework the indentation and make sure that you didn't miss even ONE space/tab. That's totally stupid and time consuming for no valid reason.
Whitespace is something the human eye is VERY good at seeing, a missing curly-brace on the other hand is NOT.
No. Human are good at seeing whitespaces (with an S), but it's very easy to miss just one single missing space. Also, please explain to me how you make the difference between spaces and tabs. Simple: you DON'T see it.
but honestly, code indenting in python is usually not a problem after a couple weeks at the most.
I don't agree with that. Code indenting in python is the most annoying thing of that language, and even after years, you might run into issues because of it.
Come on! OF COURSE, this alone, can be a blocker. Especially when there's stupid people that advise you to use spaces instead of tabs. That becomes a real mess, and having to fight with spaces and tabs on top of the real code itself is really stupid. I do like python to some degree, but I hate that "feature".
Firstly, there's a question of which version they are running
Most of the time, you don't care that. Your scripts MUST be able to run on any decent PHP (that is, >= 5.2). If not, then it's entirely your fault.
there are tons of components available, some host support a lot, others support only a few
If you need some of the components and your host refuses to install them, then choose a better host! Most will have lots of them anyway.
Documentation is lacking, and is only sufficient with the user comments, many times I don't want to have to read through pages of user comments to find something that should have been in the docs in the first place.
Strange that you think this way. I always have found the php.net website a very good reference, and very few times, I need to look at users comments (which you should take care a lot when reading, some have very poor level, and even sometimes, you see security issues in the code).
Also, it's interpreted at runtime, which means that it's about 10x slower than other options like .Net and Java.
That one is plain BULLSHIT. First, Yahoo made some benchmarks, and PHP is faster than Java in many cases (and that's why they use it). Second, if you use things like php-apc (available in main in Debian 6.0), then there's very efficient caching mechanisms.
Facebook compiles all their PHP to C to get the needed performance out of it.
But that doesn't at all mean PHP is slower than .NET or Java!!! It just mean that Facebook is huge, and that when you have thousands of servers to run a website, it might be cheaper to invest in a PHP to C compiler than buying more servers.