Please read the article. Theo says they've tried, can't really deal with it. But, before you make any comment about the abilities of the OpenBSD programmers, you might want to check if you're using OpenSSH...
Re:All about the benji's
on
Sun vs. OpenBSD?
·
· Score: 3, Insightful
Perhaps read the article. Theo finds is particularly jarring that they claim to be all open and good, yet still play at silly buggers when it comes to proving that.
That's just not true. Are you using any filtering mechanisms? I'm going to assume you are, because otherwise you'd be posting just to hear yourself type.
So which are you using? And what's wrong with them? I've tried both some custom filters using 'Bayesian' categorization and also used SpamAssassin. Both have proved *highly* effective? What is it you're doing wrong?
I think you want the XUL Preference Toolbar... You can turn off popups, javascript, images, all sorts of nastiness as well as change your UA from a small toolbar that sits under the address bar
Seems lots of people answered the non-existant "Why use FreeBSD" question, and not the "Why use Linux" one... I should state now that I run FreeBSD, OpenBSD, and Mac OS X. So why use Linux?
I can think of three reasons:
a) Linux hardware support is often better, and drivers appear more quickly
b) You may prefer a specific Linux package-management system, like apt, or gentoo's thingy
c) There are some applications that don't run, or need a lot of massaging to run under FreeBSD - used to be the case with CrossOver (might still be), and last time I checked Ximian didn't work
I love Perl. I write Perl for a full-time job. I think about Perl on the bus, on dates, all the time. There's no way in hell you can make Perl interesting for a kid.
Get them an old Basic emulator of some form, and get them some of the cool fun books that used to be around for them. Things that go beep, things that change colour, little boxes that hop around the screen - these are the ways to get kids interested in progamming.
Hear hear. I bought myself an extra 512MB of RAM from MacSales.net, which with shipping to the UK cost me about £119 (or about $180 USD). The impact was really noticable, although even now I find myself beginning to run out of RAM.
Interestingly, the only areas where I notice speed issues (and I'm on a G3 700 with Jaguar) are starting Limewire and using MSN Messenger. Messenger and iChat, for that matter, both take a lot of time doing text rendering... Who knows why...
Compiling is the only other issue. At the moment, I don't wish I had a faster machine, except when I'm trying to compile stuff. And boy does it show then.
I would have been very shocked if they picked Perl of PHP, in my experience PHP is faster, more secure, more feature rich, way easier to compile and maintain, and takes far less code to accomplish the same things as Perl.
That's uh, interesting experience. Where have you found Perl to be unsafe where PHP is safe? I'm not sure I remember the last time there was a Perl security hole which would affect any thing you might want to be doing with web stuff.
More feature rich? Which features would those be? Are you aware of CPAN? And how much bigger and more mature it is than PEAR?
Way easier to compile and maintain? Debatable, especially considering people tend to install from binaries for both. Maintain? What do you mean there? The only application of that I can think of is installing third party libraries, where again, the CPAN tools are a very definite step ahead of PEAR.
So please, can you back any of that up? I'd be really interested to learn of any examples, but frankly, at the moment, I think you need to realise false advocacy like that just harms PHP's image.
In truth, it's been a while since I installed OpenBSD (3.0 was the last one I tried), and I found it... easy. I'm certainly not a particularly competent user, and although I'll admit the disk partitioning tripped me up, the rest was really simple.
Additionally, the OpenBSD FAQ sets the standard for docs. Once installed, I had dhcpd/NAT/ipfw and a load of other goodies set up in under half an hour.
I would suggest that people who say installing OpenBSD is hard just haven't tried it. If you have, be more specific: ugh eez too hardt is hardly a good bug report, or the kind of thing that'll get over-worked developers to make changes.
OK, so in fact you're saying hacking is legal where not all the security precautions have been taken. And I'm allowed into your house to browse around if you forget to lock your windows. Get a grip.
No, see, that's just plain wrong. If I used one of numerous IIS exploits to invoke cmd.exe on your Windows machine to send me system files, would that be fair game?
You need to remember that reps aren't *real* people in most cases, and especially in a field like anti-virus, reps are often keen to over-sell products.
Of course, it's worth remembering (going a little off-thread here), that unpatched open-source software isn't any more secure than unpatched Windows software - IIS can be patched and secured too. A good tutorial on hardening IIS can be found here: http://www.virusbtn.com/magazine/archives/200208/i mpossible.xml
And, um, what's your point exactly? Why are Americans taking this so personally? Here look:
This isn't a personal insult to you all. This is a survey based on a number of questions.
You may feel happy with your press not being completely free. That's fine. But it doesn't push you up the index. Talk about having your cake and wanting to eat it too. sheesh.
First, what does that mean? What are 'Linux's roots'? Seriously? Are you going to point to its lack of a flashy setup tool and say that that's Linux's roots? Are you going to say it's because of the community?
Secondly, whatever these roots are, why's it good that a system is stuck in the past? Seriously? There's a reason why modern Linux distributions do have flashy setup tools, and that's because they're convenient and a good idea.
Many people thought prior to Slapper coming out that Linux was somehow impenetrable to malware... VB has a good article (written before Slapper came out, as it happens) on why this is largely untrue:
Which turned the attacks on the kiddies themselves?
Assuming these attacks were sending excessive traffic to the servers, how would the server IP address being changed to localhost make the kiddies attack themselves? Are you trying to say that it's possible to flood yourself off the net by sending packets to your loop back device?
A very nice plan, unless a website is using the Referer field for authentication, and then you're blocked out. Ach-well, if taking control of my browser means being locked out of many of the sites I visit, then I guess I'm happy being exploited by those evil people who *gasp* know which site sent me to them.
I think you misunderstand a few things about the interweb...
Firstly, the referer [sic] field only contains the URL of a *referring* page, not just any page you happened to be on before. Why? Because sending non-referring page URLs is an invasion of privacy. Furthermore, IE and Mozilla both stop you actually retrieving this data from Javascript, even though you can pass it to certain Javascript functions, showing that again this privacy is respected.
May I suggest you find out how your interweb browser works before posting in the future? Oh, and read the RFC: it's Referer field, not Referrer field.
Slashdot Mirror
Please read the article. Theo says they've tried, can't really deal with it. But, before you make any comment about the abilities of the OpenBSD programmers, you might want to check if you're using OpenSSH...
Perhaps read the article. Theo finds is particularly jarring that they claim to be all open and good, yet still play at silly buggers when it comes to proving that.
If you're going to rip off the Simpsons, you might as well credit them.
That's just not true. Are you using any filtering mechanisms? I'm going to assume you are, because otherwise you'd be posting just to hear yourself type.
So which are you using? And what's wrong with them? I've tried both some custom filters using 'Bayesian' categorization and also used SpamAssassin. Both have proved *highly* effective? What is it you're doing wrong?
I think you want the XUL Preference Toolbar... You can turn off popups, javascript, images, all sorts of nastiness as well as change your UA from a small toolbar that sits under the address bar
Why do you people insist on calling them 'virii'? Really? The term is viruses: http://www.perl.com/language/misc/virus.html has a full explanation.
There's actually a little check-box you can click to stop yourself karma whoring: it's called "Post Anonymously"
Seems lots of people answered the non-existant "Why use FreeBSD" question, and not the "Why use Linux" one ... I should state now that I run FreeBSD, OpenBSD, and Mac OS X. So why use Linux?
I can think of three reasons:
a) Linux hardware support is often better, and drivers appear more quickly
b) You may prefer a specific Linux package-management system, like apt, or gentoo's thingy
c) There are some applications that don't run, or need a lot of massaging to run under FreeBSD - used to be the case with CrossOver (might still be), and last time I checked Ximian didn't work
I love Perl. I write Perl for a full-time job. I think about Perl on the bus, on dates, all the time. There's no way in hell you can make Perl interesting for a kid.
Get them an old Basic emulator of some form, and get them some of the cool fun books that used to be around for them. Things that go beep, things that change colour, little boxes that hop around the screen - these are the ways to get kids interested in progamming.
That's why he said "that makes one of us" not "that makes two of us", and was posting as an AC. sheesh.
Turns out with my T68, Bluetooth dongle, and iBook, I already have a tri-band GRPS phone that works with a stable operating system...
Hear hear. I bought myself an extra 512MB of RAM from MacSales.net, which with shipping to the UK cost me about £119 (or about $180 USD). The impact was really noticable, although even now I find myself beginning to run out of RAM.
Interestingly, the only areas where I notice speed issues (and I'm on a G3 700 with Jaguar) are starting Limewire and using MSN Messenger. Messenger and iChat, for that matter, both take a lot of time doing text rendering... Who knows why...
Compiling is the only other issue. At the moment, I don't wish I had a faster machine, except when I'm trying to compile stuff. And boy does it show then.
I would have been very shocked if they picked Perl of PHP, in my experience PHP is faster, more secure, more feature rich, way easier to compile and maintain, and takes far less code to accomplish the same things as Perl.
That's uh, interesting experience. Where have you found Perl to be unsafe where PHP is safe? I'm not sure I remember the last time there was a Perl security hole which would affect any thing you might want to be doing with web stuff.
More feature rich? Which features would those be? Are you aware of CPAN? And how much bigger and more mature it is than PEAR?
Way easier to compile and maintain? Debatable, especially considering people tend to install from binaries for both. Maintain? What do you mean there? The only application of that I can think of is installing third party libraries, where again, the CPAN tools are a very definite step ahead of PEAR.
So please, can you back any of that up? I'd be really interested to learn of any examples, but frankly, at the moment, I think you need to realise false advocacy like that just harms PHP's image.
In truth, it's been a while since I installed OpenBSD (3.0 was the last one I tried), and I found it ... easy. I'm certainly not a particularly competent user, and although I'll admit the disk partitioning tripped me up, the rest was really simple.
Additionally, the OpenBSD FAQ sets the standard for docs. Once installed, I had dhcpd/NAT/ipfw and a load of other goodies set up in under half an hour.
I would suggest that people who say installing OpenBSD is hard just haven't tried it. If you have, be more specific: ugh eez too hardt is hardly a good bug report, or the kind of thing that'll get over-worked developers to make changes.
OK, so in fact you're saying hacking is legal where not all the security precautions have been taken. And I'm allowed into your house to browse around if you forget to lock your windows. Get a grip.
No, see, that's just plain wrong. If I used one of numerous IIS exploits to invoke cmd.exe on your Windows machine to send me system files, would that be fair game?
You need to remember that reps aren't *real* people in most cases, and especially in a field like anti-virus, reps are often keen to over-sell products.
i mpossible.xml
Of course, it's worth remembering (going a little off-thread here), that unpatched open-source software isn't any more secure than unpatched Windows software - IIS can be patched and secured too. A good tutorial on hardening IIS can be found here:
http://www.virusbtn.com/magazine/archives/200208/
If you want to know how exactly klez works, there's a very detailed analysis here:
/ klez.xml
http://www.virusbtn.com/resources/viruses/indepth
WHY DON'T YOU TRY READING THE ARTICLE? No, really, read the article. Mod parent down already.
And, um, what's your point exactly? Why are Americans taking this so personally? Here look:
This isn't a personal insult to you all. This is a survey based on a number of questions.
You may feel happy with your press not being completely free. That's fine. But it doesn't push you up the index. Talk about having your cake and wanting to eat it too. sheesh.
it is the truest to Linux's roots
First, what does that mean? What are 'Linux's roots'? Seriously? Are you going to point to its lack of a flashy setup tool and say that that's Linux's roots? Are you going to say it's because of the community?
Secondly, whatever these roots are, why's it good that a system is stuck in the past? Seriously? There's a reason why modern Linux distributions do have flashy setup tools, and that's because they're convenient and a good idea.
Many people thought prior to Slapper coming out that Linux was somehow impenetrable to malware ... VB has a good article (written before Slapper came out, as it happens) on why this is largely untrue:
l inux_malware.xml
http://www.virusbtn.com/magazine/archives/200209/
Which turned the attacks on the kiddies themselves?
Assuming these attacks were sending excessive traffic to the servers, how would the server IP address being changed to localhost make the kiddies attack themselves? Are you trying to say that it's possible to flood yourself off the net by sending packets to your loop back device?
A very nice plan, unless a website is using the Referer field for authentication, and then you're blocked out. Ach-well, if taking control of my browser means being locked out of many of the sites I visit, then I guess I'm happy being exploited by those evil people who *gasp* know which site sent me to them.
I think you misunderstand a few things about the interweb...
Firstly, the referer [sic] field only contains the URL of a *referring* page, not just any page you happened to be on before. Why? Because sending non-referring page URLs is an invasion of privacy. Furthermore, IE and Mozilla both stop you actually retrieving this data from Javascript, even though you can pass it to certain Javascript functions, showing that again this privacy is respected.
May I suggest you find out how your interweb browser works before posting in the future? Oh, and read the RFC: it's Referer field, not Referrer field.