Troubles... yes... Switching back to Windows.. Hell no!
You sound like there's no alternative to Windows & Ubuntu. Hell, there's a lot of alternatives, and you don't have only these 2 to choose from!
Being the most popular doesn't prove anything. Otherwise, we'd all be replying to you using some products from MS. What is the point you are trying to make here, I don't get it. Ubuntu is not more or less representative of Linux distributions in general, it's just one distribution and there are many more with various quality...
Or keep track of projects that release safe code and give them 2 weeks to make sure there's no horrible bugs, and then update
Nice post, until this sentence. Do you have any idea how packages are going from SID (Debian Unstable) to Testing? Well, exactly the way you say. It stays in SID for 10 days, and if no bug reports have been sent, then it's migrated to Testing. That being said, some packages are still going to Testing with bugs included. Why? Simply because people DO NOT test things until they are released as "stable". That sounds like the snake biting its tail, AND IT IS. So, all your post is valid, except your solution...
Seems to me, after reading this, that you never used Git. It's all but a toy. In fact, after using it for 2 years, I think that CVS and SVN are the toys here. Just think about the fact that both CVS and SVN are unable to manage properly such a simple thing as a Unix right, and you get the whole picture. Even if there was only the command line tool for Git, it would still be light-years ahead of SVN. The only SVC that you can compare it (in the free software world) is mercurial. I would NEVER return back to CVS. Are you still using RCS or what???
What do you mean here exactly? That there's no windows-like click-click type of GUI for Git? Well, do you really need that? For what reason exactly? Also, ever thought about the fact that only an ssh account is enough to manage a Git repo?
I was surprised when I googled for it. It seems to me that 'viewgit' is the same as 'gitweb' that we use. Is it that the project got renamed? Is it a fork? Please let me know.
The almost completely guided setup process means that people can set up relatively sophisticated services without the assistance of someone who actually knows what they are doing.
The question is, would you host any content at a company that has this kind of "policy" (eg: to not know what they do...)? Also, what is the need of some graphical point and click desktop interface in a server?
In my country there's no student loan, we beleive that a free education is part of equality of chances, so nobody has to pay for getting graduated. If you can't afford a place to live, then the gov. provides it for free as weel a small student room on the campus, plus some money each month so you can eat. Yes, I'm French... And proud that we have this system!
You are right, I never used Tor. However, consider that I do live in China (it's been more than 3 years now), and that my company offers hosting services in 10 locations in the world, then you will understand why I don't use Tor...
You might then be the only person that have lived in China, and regularly used internet, without knowing how to go around the GFW. Also, the PRC doesn't need to do any censorship of TV, because all is government owned, if you didn't know. Yes, no private channels in China (unless you are using Satellite, which is forbidden, or if you have cable TV with a special authorization).
Who's the dumb/. admin that allowed this "news" to be published exactly 15 days after the national day? Hey, hello, Mao declared the new china on the 1st of October 1949... Also, the "news" that China is targeting Tor is quite old too...
Please tell this to my bank. The ONLY reason why I still have Windows running on my laptop is because this stupid bank needs me to use a USB device (from Gemplus) that is, by the way, recognized by Linux. The issue is that the site uses a stupid ActiveX to check for the internet token. What is my alternative here? Change bank? Thanks, but no thanks...
That's a totally wrong calculation. Amazon is more expensive than any other hosting service.
For 2000 USD/year, we provide a full core i7, RAID and 8GB only for yourself. And we are far from being the cheapest. Now, about scalability, this doesn't work either. If your service is succesful, explain to me why exacly your will need to add another instance in the minute? That's not needed in 99.9% of the cases. In reality, even waiting for a week or 2 for adding a new server is acceptable for most. And exactly why would you need to add or remove servers every day, or be billed by the hour? That doesn't make sense either for most, unless you are doing event based hosted content, and have enough engineering to deploy fast. The later is far from trivial and will make it costly to use such per-hour service.
I just wanted you to take care that, with the PCI standard, the average slot (AGP, PCI, etc.) is designed to withstand only 15 insertions minimym. That means that if you constantly plug and unplug your video board to save a bit of power, sooner or later, your connector will die.
As for the USB, there are very inexpensive USB to serial adapters. As much as I know, these are in the very standard that was out when the first USB 1 went out, and almost (if not all) USB serial adapter will work smoothly in Linux. The only issue is that, to run this, you will need a kernel driver. So I don't think you will be able to actually see anything with it when at the grub prompt. Your only hope here might be a modified BIOS. Maybe you could look at open source BIOS replacement to do this trick, I don't know if there's even a solution here. What I know is that getty (or mingetty, depending on your distribution) WILL work with any serial adapter, including USB ones, by simply tweaking/etc/inittab. Just make sure that the USB to serial adapter module is loaded BEFORE init runs. The most easy way could be to have the driver included NOT as a module, but directly in the kernel.
When you go to a fast-food shop in the USA, you get a so called "unlimited soda" thing in most of them. It never pops into ones mind that he can come with a truck, and fill it fully with that unlimited soda. Why what applies to McDo doesn't work for web hosting is a mystery!
Is it that people think that, with technology, things can really go unlimited? Wake-up buddies, there's no such thing as unlimited speed fiber optic network wires, or unlimited space hard drives, which makes the unlimited plans simply as invalid as the unlimited soda offers at fast food shops...
Besides that, the comparison is very valid, because hosts with unlimited plans are as un-tasty and as aggressively sold as the worst hamburger. It's simply bad quality, bad service and you only get what you pay for.
I've been trying and trying to activate hardware virtualization on my laptop, but when I start a VM, it always says in the window "qemu" and not "kvm qemu". My laptop is rather new, it has VMx and all the new features activated in the BIOS, and the kvm_intel kernel module is activated. What did I miss here? Help would be much appreciated.
No, it's bloated. It's not easy at all, and this poor organization makes it impossible to work for big sites. I'm not even talking about security issues, and the fact that Joomla is so slow to deliver the content.
I agree with the above post. Joomla is terrible. It's not only that it has been full of security issues, but also it's very difficult to use, and slow. Here's what I think in more details.
The goal of a CMS is to make it easy to edit a website. Truth is, it's more easy to learn HTML than to learn Joomla itself. Joomla hides what is behind it and especially HTML which is very hard to edit, makes it very easy to loose track of the hierarchy of the site by spreading the content across 100s of articles. It's totally stupid that you need a book to be able to learn such a crappy software, and even more that you need to read a full chapter to understand how to install. So it fails in it's goal which was to simplify the administration of the content of a site: it makes it worth.
When you see huge holes like spam gateway by techniques as simple as header insertion in the contact form, you can really ask yourself about what the authors are thinking about, and if it's really worth using it. So it fails on security for something that is really trivial to do.
Like so many CMS, it also fails to understand one very important thing. While it's nice to have the content stored in a database, there is no point in generating them each time someone is visiting the Joomla powered site. Why spending time and effort on optimization, caching mechanisms, and stuffs like that, when it's so easy to only generate HTML files once and for all. That would not only make things safer, but also much much faster to serve the content with any kind of web server, that wouldn't even have to make a single SQL query for contents that are, by the way, most of the time completely static. Here, it fails on delivery of the content.
All together, there's absolutely no reasons to use Joomla, stay away from it, and you wont regret it.
Some suggested Drupal. In it's version 6, it's not so bad. Some big sites like www.mediapart.fr which is an alternative general information site in French, is using it with quite some success, and here, it's fast enough. While drupal is far from perfect, at least it does it's job of delivering content and easiness (but not sure about security, maybe some here can tell...).
I fully agree with that. Having to "upgrade" a software to run ipv6 is annoying already. Now, the fact that we have to have BOTH compability, and manage it, is just plain stupid. The adoption rate would have been much much bigger if it was just a mater of using ipv6, then it would have also support ipv4 and that was it.
I also always trough the DJB's URL to show how stupid the implementation was thought. Why wasn't it that simply, an IPv4 would have "contained" N amount of ipv6 addresses? That would have been so much more easy to understand.
I can't let people here that Paypal always takes the side of the seller. This is simply NOT TRUTH.
We had many experiences as sellers (selling hosting), and not even ONCE, paypal took our side, even in very doughty cases..
A transaction processor would allow funds to go in ONE WAY only, and going directly to your bank account. Clearly, with paypal, you can STORE funds, and exchange currencies between paypal account, which makes it a bank.
Federico Muttis discovered that libpurple, the shared library that adds
support for various instant messaging networks to the pidgin IM client, is
vulnerable to a heap-based buffer overflow. This issue exists because of
an incomplete fix for CVE-2008-2927 and CVE-2009-1376. An attacker can
exploit this by sending two consecutive SLP packets to a victim via MSN.
The first packet is used to create an SLP message object with an offset of
zero, the second packet then contains a crafted offset which hits the
vulnerable code originally fixed in CVE-2008-2927 and CVE-2009-1376 and
allows an attacker to execute arbitrary code.
Note: Users with the "Allow only the users below" setting are not vulnerable
to this attack. If you can't install the below updates you may want to
set this via Tools->Privacy.
For the stable distribution (lenny), this problem has been fixed in
version 2.4.3-4lenny3.
For the testing distribution (squeeze), this problem will be fixed soon.
For the unstable distribution (sid), this problem has been fixed in
version 2.5.9-1.
Slashdot Mirror
Troubles... yes... Switching back to Windows.. Hell no!
You sound like there's no alternative to Windows & Ubuntu. Hell, there's a lot of alternatives, and you don't have only these 2 to choose from!
Being the most popular doesn't prove anything. Otherwise, we'd all be replying to you using some products from MS. What is the point you are trying to make here, I don't get it. Ubuntu is not more or less representative of Linux distributions in general, it's just one distribution and there are many more with various quality...
Or keep track of projects that release safe code and give them 2 weeks to make sure there's no horrible bugs, and then update
Nice post, until this sentence. Do you have any idea how packages are going from SID (Debian Unstable) to Testing? Well, exactly the way you say. It stays in SID for 10 days, and if no bug reports have been sent, then it's migrated to Testing. That being said, some packages are still going to Testing with bugs included. Why? Simply because people DO NOT test things until they are released as "stable". That sounds like the snake biting its tail, AND IT IS. So, all your post is valid, except your solution...
Is there still some people using VNC in 2009, when windows has remote desktop, and Linux has FreeNX? What's the point to even MENTION vnc???
Seems to me, after reading this, that you never used Git. It's all but a toy. In fact, after using it for 2 years, I think that CVS and SVN are the toys here. Just think about the fact that both CVS and SVN are unable to manage properly such a simple thing as a Unix right, and you get the whole picture. Even if there was only the command line tool for Git, it would still be light-years ahead of SVN. The only SVC that you can compare it (in the free software world) is mercurial. I would NEVER return back to CVS. Are you still using RCS or what???
What do you mean here exactly? That there's no windows-like click-click type of GUI for Git? Well, do you really need that? For what reason exactly? Also, ever thought about the fact that only an ssh account is enough to manage a Git repo?
I was surprised when I googled for it. It seems to me that 'viewgit' is the same as 'gitweb' that we use. Is it that the project got renamed? Is it a fork? Please let me know.
The almost completely guided setup process means that people can set up relatively sophisticated services without the assistance of someone who actually knows what they are doing.
The question is, would you host any content at a company that has this kind of "policy" (eg: to not know what they do...)? Also, what is the need of some graphical point and click desktop interface in a server?
In my country there's no student loan, we beleive that a free education is part of equality of chances, so nobody has to pay for getting graduated. If you can't afford a place to live, then the gov. provides it for free as weel a small student room on the campus, plus some money each month so you can eat. Yes, I'm French... And proud that we have this system!
You are right, I never used Tor. However, consider that I do live in China (it's been more than 3 years now), and that my company offers hosting services in 10 locations in the world, then you will understand why I don't use Tor...
You might then be the only person that have lived in China, and regularly used internet, without knowing how to go around the GFW. Also, the PRC doesn't need to do any censorship of TV, because all is government owned, if you didn't know. Yes, no private channels in China (unless you are using Satellite, which is forbidden, or if you have cable TV with a special authorization).
Who's the dumb /. admin that allowed this "news" to be published exactly 15 days after the national day? Hey, hello, Mao declared the new china on the 1st of October 1949 ... Also, the "news" that China is targeting Tor is quite old too...
Please tell this to my bank. The ONLY reason why I still have Windows running on my laptop is because this stupid bank needs me to use a USB device (from Gemplus) that is, by the way, recognized by Linux. The issue is that the site uses a stupid ActiveX to check for the internet token. What is my alternative here? Change bank? Thanks, but no thanks ...
That's a totally wrong calculation. Amazon is more expensive than any other hosting service.
For 2000 USD/year, we provide a full core i7, RAID and 8GB only for yourself. And we are far from being the cheapest. Now, about scalability, this doesn't work either. If your service is succesful, explain to me why exacly your will need to add another instance in the minute? That's not needed in 99.9% of the cases. In reality, even waiting for a week or 2 for adding a new server is acceptable for most. And exactly why would you need to add or remove servers every day, or be billed by the hour? That doesn't make sense either for most, unless you are doing event based hosted content, and have enough engineering to deploy fast. The later is far from trivial and will make it costly to use such per-hour service.
Hi,
/etc/inittab. Just make sure that the USB to serial adapter module is loaded BEFORE init runs. The most easy way could be to have the driver included NOT as a module, but directly in the kernel.
I just wanted you to take care that, with the PCI standard, the average slot (AGP, PCI, etc.) is designed to withstand only 15 insertions minimym. That means that if you constantly plug and unplug your video board to save a bit of power, sooner or later, your connector will die.
As for the USB, there are very inexpensive USB to serial adapters. As much as I know, these are in the very standard that was out when the first USB 1 went out, and almost (if not all) USB serial adapter will work smoothly in Linux. The only issue is that, to run this, you will need a kernel driver. So I don't think you will be able to actually see anything with it when at the grub prompt. Your only hope here might be a modified BIOS. Maybe you could look at open source BIOS replacement to do this trick, I don't know if there's even a solution here. What I know is that getty (or mingetty, depending on your distribution) WILL work with any serial adapter, including USB ones, by simply tweaking
I hope that helps.
When you go to a fast-food shop in the USA, you get a so called "unlimited soda" thing in most of them. It never pops into ones mind that he can come with a truck, and fill it fully with that unlimited soda. Why what applies to McDo doesn't work for web hosting is a mystery!
Is it that people think that, with technology, things can really go unlimited? Wake-up buddies, there's no such thing as unlimited speed fiber optic network wires, or unlimited space hard drives, which makes the unlimited plans simply as invalid as the unlimited soda offers at fast food shops...
Besides that, the comparison is very valid, because hosts with unlimited plans are as un-tasty and as aggressively sold as the worst hamburger. It's simply bad quality, bad service and you only get what you pay for.
Who cares about this bad offer with no SLA, bad delays, no support, and poor hardware?
I've been trying and trying to activate hardware virtualization on my laptop, but when I start a VM, it always says in the window "qemu" and not "kvm qemu". My laptop is rather new, it has VMx and all the new features activated in the BIOS, and the kvm_intel kernel module is activated. What did I miss here? Help would be much appreciated.
Thomas
No, it's bloated. It's not easy at all, and this poor organization makes it impossible to work for big sites. I'm not even talking about security issues, and the fact that Joomla is so slow to deliver the content.
I agree with the above post. Joomla is terrible. It's not only that it has been full of security issues, but also it's very difficult to use, and slow. Here's what I think in more details.
...).
The goal of a CMS is to make it easy to edit a website. Truth is, it's more easy to learn HTML than to learn Joomla itself. Joomla hides what is behind it and especially HTML which is very hard to edit, makes it very easy to loose track of the hierarchy of the site by spreading the content across 100s of articles. It's totally stupid that you need a book to be able to learn such a crappy software, and even more that you need to read a full chapter to understand how to install. So it fails in it's goal which was to simplify the administration of the content of a site: it makes it worth.
When you see huge holes like spam gateway by techniques as simple as header insertion in the contact form, you can really ask yourself about what the authors are thinking about, and if it's really worth using it. So it fails on security for something that is really trivial to do.
Like so many CMS, it also fails to understand one very important thing. While it's nice to have the content stored in a database, there is no point in generating them each time someone is visiting the Joomla powered site. Why spending time and effort on optimization, caching mechanisms, and stuffs like that, when it's so easy to only generate HTML files once and for all. That would not only make things safer, but also much much faster to serve the content with any kind of web server, that wouldn't even have to make a single SQL query for contents that are, by the way, most of the time completely static. Here, it fails on delivery of the content.
All together, there's absolutely no reasons to use Joomla, stay away from it, and you wont regret it.
Some suggested Drupal. In it's version 6, it's not so bad. Some big sites like www.mediapart.fr which is an alternative general information site in French, is using it with quite some success, and here, it's fast enough. While drupal is far from perfect, at least it does it's job of delivering content and easiness (but not sure about security, maybe some here can tell
I fully agree with that. Having to "upgrade" a software to run ipv6 is annoying already. Now, the fact that we have to have BOTH compability, and manage it, is just plain stupid. The adoption rate would have been much much bigger if it was just a mater of using ipv6, then it would have also support ipv4 and that was it.
I also always trough the DJB's URL to show how stupid the implementation was thought. Why wasn't it that simply, an IPv4 would have "contained" N amount of ipv6 addresses? That would have been so much more easy to understand.
Thomas
I can't let people here that Paypal always takes the side of the seller. This is simply NOT TRUTH.
We had many experiences as sellers (selling hosting), and not even ONCE, paypal took our side, even in very doughty cases..
A transaction processor would allow funds to go in ONE WAY only, and going directly to your bank account. Clearly, with paypal, you can STORE funds, and exchange currencies between paypal account, which makes it a bank.
Got it: dget http://archive.getdeb.net/getdeb/ubuntu/jaunty/pi/pidgin_2.6.1-1~getdeb1.dsc Cheers!
Federico Muttis discovered that libpurple, the shared library that adds support for various instant messaging networks to the pidgin IM client, is vulnerable to a heap-based buffer overflow. This issue exists because of an incomplete fix for CVE-2008-2927 and CVE-2009-1376. An attacker can exploit this by sending two consecutive SLP packets to a victim via MSN.
The first packet is used to create an SLP message object with an offset of zero, the second packet then contains a crafted offset which hits the vulnerable code originally fixed in CVE-2008-2927 and CVE-2009-1376 and allows an attacker to execute arbitrary code.
Note: Users with the "Allow only the users below" setting are not vulnerable to this attack. If you can't install the below updates you may want to set this via Tools->Privacy.
For the stable distribution (lenny), this problem has been fixed in version 2.4.3-4lenny3.
For the testing distribution (squeeze), this problem will be fixed soon.
For the unstable distribution (sid), this problem has been fixed in version 2.5.9-1.