I've been investigating this in our company as a replacement for our MS Proxy server, producing documentation and working with the test server. So we've lost a few manhours on freeswan. We'll not quit freeswan because the main developers are leaving it. We're dropping it because KAME will be standardized and we'll look at OpenBSD much more closely.
The actual move will depend entirely on whether the VPN server can authenticate against Active Directory LDAP entries. That should allow windows2000's VPN system and decrease the number of logins, else there will be too many protests on too many logins: dialup, vpn, terminal serv, erp system, reports..
Has anyone used OpenBSD or linux to auth against AD on win2k successfully on a 30-user scale??
...that they released the company name which contributed to the assaults on Linux's name. I know now which hosting company not to choose.
In fact they should release all names of companies licensing Linux from SCO. Better yet, the names of their CEOs, their email addresses and business types. It will show the quality of business decisions going on within those places and will decrease certainity of investors who know about the whole SCO fiasco.
Here are some ideas I'm sure have been considered:
(1) Vibration.... the panels are lifted sideways and a motor at the top vibrates them for a few minutes. This will cost(1) the vibration motor (2) the lifting motor (3) lifting arm and hinges.
(2) Clapping two solar panels together.
(3) Compressed air. This is my fav. A small cylinder onboard could blow air across the panels about 10 times... increasing the life of the rovers 10 times. If theres enough gas in the atmosphere, replace the cylinder with a compressor. Its mechanically easy, less risk, and with a tiny compressor will add just a tiny bit of weight.
(4) Wiper blades. The blades will have feathers on them like a feather duster.
(5) Rotating panels. The panels would be disc-shaped and are rotated real fast like a CD to shake off the dust.
(6) Flippin panels. Turn the panels upside down for a little while. Optionally, jerk them.
(7) Roller film. Unlike camera film, one loop of film covers the panel and two axels at the panel ends loops the film around. Small brushes at one end will keep cleaning the film.
(8) Driving into rocks. The rover can tilt its panel forward facing and drive into a large rock with a bumper. That way the martians wouldnt think much of our intelligence and cancel the invasion.
(9) Tiny micro-rovers built by MIT undergrads to wander over the panels cleaning it. The micro-rovers will themselves have connectors to recharge. I'm thinking 2mm^2. Tricycle-shaped with a trailing brush.
(10) Drive over a high dune just before losing power. That way when theres a wind storm, enough dust will be blown away to allow the rover to communicate with the satellite. Hopefully, most of the dust will be blown away.
Some of the above ideas were taken from other posters. I believe they could have been used to build a rover that could in theory work forever.
I guess we should stick to improving debian as the defacto standard of Linux instead of building competition for it. Distros like KNOPPIX have shown how a good lowlevel distro can be used for higher level distros, keeping the base (debian) same allows for much more compatibility (dpkg).
I agree. Theres a lack of Linux users in Pakistan for the same reason. Every curious kid has oracle, SAP, netware, windowsxp and office on his computer. Sure theres the odd geek there, but the percentage of OSS users is grim.
For that reason, I'd like to see software piracy laws implemented in Pakistan. Theres no WAY the average joe can pay for even the special pricing for microsoft, linux will boom.
One of the biggest advantages of USB is the power that flows through it. I just plug in my mouse, webcam etc and no bulky adapters required. Theyve also been around since the days of the Pentium1, and you can be sure a USB drive will work many places.
Now wireless.... you'll need batteries or adapters, wont work just everywhere and you'll have to pay motherboard makers to build it in.
Not too many people need short-range wireless interfaces outside of the 802.11a/b/g, which is different
We setup two firewalls facing the Internet, a MS Proxy server and a redhat9.0 as a test server. The redhat was compromised using sendmail and samba exploits and it was used as a staging area for further attacks before we knew. Thank god the admin password was different on the servers else we would have lost quite a bit of the company.
But I dont think Linux is at fault. I did not use iptables to block unneeded ports on the outside and I did not patch sendmail ( I shouldve used qmail). I shouldve taken close care of suid files, used ssh instead of telnet, jailed most servers, never used root and generally kept checksums of the important binaries. Thats what real security takes, thats whats easily possible on Linux, thats what Windows lacks and THATS what I didnt do.
Altho our firewall now is a single openbsd (which does most of the above by default), I still recommend Linux, but with patches applied, services disabled, ports blocked and servers run in jails. If they compare default installs, Windows isnt running much, older redhats are running too much with no patching of daemons whose sources are available online, and the results are biased. Just give me a server to secure, give the same to a Microsoft representative, some time for us and then attack the two servers all you want.
Just as tomshardware maxes out their test PC's specs to compare video cards properly(radeon and geforcefx will both be about the same on a pentium2 with 64mb ram, 4gb hdd), OS security tests should rule out technician incompetency.
I'm not saying the windows code itself should be copied and compiled in WINE. Tannenbaum looked at UNIX code and coded himself minix. Linus took a good look at both UNIX and minix, then started fresh on Linux using what he 'learned'. Thats not illegal.
If we had a Microsoft employee leave and join the WINE team but not COPY and DUPLICATE anything, thats not illegal.
Sames true with Windows. One guy could do openwinkernel, another can do opencoff, another opendllinterface, and how would that be illegal?
I would even imagine open versions of windows projects will be more robust, less prone to mem leaks and enhanced and optimised, so we could eventually build win32 binary support on FreeBSD and totally rely on it to be more robust than a win2k server.
With legal protection and WINE development, linux will have an EASY time overtaking windows. IMHO win32 binary compatibility is the ONLY reason linux does not have desktop market share lead.
Trying to stop the source code is like throwing $20 bills from a manhattan balconey, and going down and trying to collect them all back.
Theres a great deal of ill feeling towards Microsoft, thanks to their annoying crashing OS, and anyone threatened with a lawsuit will be actually determined to send out the source code anonymously.
What I'm extremely interested in, is if someone has successfully compiled the code and tested it. I'm interested in knowing what parts of windows the code is from. Hopefully we get the kernel + binary execution segments so WINE is developed as well as SAMBA. I think as soon as we can run win32 binaries properly on Linux, along with at least directx8, linux will be a MUCH bigger competitor of both Microsoft and Apple.
Why dont they build the screen in like the GBA and use sony flashsticks to transfer binaries they can sell online?
If such devices could have good mileage, everyone on public transportation will be playing Sonic, Mortal Kombat, Street Fighter, Bare Knuckles and Rock n Roll Racing.
The SiS550 is an x86 SoC like the geode, elan. Theyre getting faster and smaller and more ready for embedded markets. 256MB flashes are cheap, and can carry full distros of WinCE, QNX Linux, BSD or anything you want.
Theyre still a far cry from ARM cores though, and I'd only use x86 where win32 binary compatibility is absolutely required. Things can and do get complex on x86 SoCs, and ARM cores will give you that 'simple and efficient' feel nothing else will.
My current boss is someone with 30 years experience, lotsof mainframe and VAX, and was in one company for over 11 years. Hardly ever worked with PCs. The company took him only because of the time he stayed with one company, and I'm the one doing all the work on PCs, xSeries servers, windows, linux and openbsd servers.
Our HR is getting a kick in the butt, they will definitely look for specific skills next time. Here was a classic case of relying too much on 'experience' alone. There should be a good balance of experience, qualifications, certifications and interests.
"highly disruptive to the US position as a technological leader"
A UN body should sit together and make sure the US remains the global technology leader. So 100+ countries should make sure Germany, Japan, India, China, UK etc could not overtake the US in technology. Why?
"and controlling force on third-world technological innovation"
Two words in that sentence show how unfair that position is. "Controlling" and "force". The third world cant produce their software and need a foreign power to sell them the same at say $100 per OS. Again why?
"Open Source would drastically lower the barrier to entry for pretty much any country looking to develop an information technology regime, which puts countries on a much more even footing to do things the US doesn't like"
So the US should make sure no other country can be technologically advanced enough to, what, attack the US? IIRC, Osama didnt need to break Blowfish. Keeping the world economically repressed is the single biggest reason for many countries to hate the US. So because I think you hate me and will harm me, I think I'll lock you up in a cell??
If you believe the US should try to keep its position good and worry about the people who pay the governments taxes, I can understand that position. But this was a UN meeting, not a US. I really hope you were speaking sarcastically.
"other countries having strong, independent governments is not in the US' interests, because such governments and countries (and ultimately, populations) are much harder to manipulate"
Why would the US want to manipulate the whole world? Most democratic countries elected their leaders not to be ruled by America. The nondemocratic ones would much rather have a ruthless dictator of their own than a ruthless superpower making it a colony. Get out there and ask Iraqis, Iranians, N Koreans, Afghans, Libyans etc. Talk to people, dont assume.
The other types are pptp, ssh-based and cipe. IPSec has become a standard between cisco, openbsd, win32, linux and devices like netscreen and solaris.
So why fragment the VPN scene further, and what do you mean no client installation is required. Does it come prebuilt in linux, openbsd, windows 98, qnx, beos?
If clients and servers are available, from how many different vendors, based on which RFCs?
I am curious be cause I never heard of SSL-based VPNs, but I wont contribute to further fragmentation; IPSec has been good to me.
Whats wrong with good ol underground?
on
Space Burial
·
· Score: 2, Interesting
So everyone will want to send the whole of themselves (not just the egocentric parts), yet cut costs so embalming, clothing will be out of question.
Maybe the geosync orbit will be a belt of zombies visible from the ground, from which dead bodies will occasionally whack the windows of the next space station.
I'd much rather be thrown into the atmosphere, on the night side so people would see a shooting star and make a wish. Hopefully the shooting star will not reach the ground, now that would be messy.
Why not just pour the effort into openoffice? Using MS Office will just be a licensing mess later down the line. I'm sure MS will love to have parts of its codebase used in Linux so they can cause trouble like SCO is right now. Uptill now, Linux has been going much cleaner than BSD and has had few issues in the court, and noone could touch it legally.
openoffice can open Word Excel etc docs just fine, and if its streamlined further, optimised, ported everywhere etc, its already better than MS Office with about the same interface.
Indeed. While in slashdot, a windows cd might be flamebait, I've seen how truly useful knoppix is (fresh windows install, no NIC driver, need knoppix to download it), and I know such a CD will be useful with veritas, antivirus, networking tools, ad-aware, bunch a nic drivers etc. Our company uses common software across all computers, and everyones personal files reside on a common shared folder. So to keep someone running with a crashed harddisk, a customized version of such a CD can be useful (what if some virus crashes ALL workstations?, we can keep running temporarily on these CDs).
My only rant is it doesnt seem to work with windows 2000.
There are two major problems blocking Linux uptake on the desktop. The windows binary pool is huge, and the lack of standards of packages, menus, interface etc on Linux.
Now if the WINE project can be merged with this source code, or if the raw hardware interfaces of Windows is translated to linux APIs to make it something like usermode linux only windows binary emulation in windows using windows source code, that will fix one part of the problem. I believe the other part, standardizing packages and the GUI will eventually happen...
With these two problems fixed, theres no reason Dell and HP wouldnt sell and promote Linux on laptops and desktops as the standard.
He mentioned trivial package installations like Gator.
Linux does have some pretty advanced packaging system, generally standardized on.deb and.rpm nowadays. The new issue is having graphical standards. There are tonnes of different window managers in use, and KDE and GNOME still dont play quite well. Not to mention their menu systems are located at crazy locations across distros.
So whats a new package to do right after install to become a small icon in the desktop menu? It has to discover what window manager is installed and used, find the menu system and append its icon to it with the proper links. It should also be able to remove the icons after uninstall.
Linux has come a long way but its graphic system from X upwards is a mess with KDE GNOME other smaller window managers and console-alone developers have made enclaves around themselves. KDE on gentoo works GREAT, but the severe lack of standards forces people to get back to the command line once in a while.
NASA should build another rocket to carry this as a patch to Spirit and Opportunity, and load QNX instead of VxWorks on it (better yet, uCLinux, now that space isnt an issue).
Of course this will really happen if Microsoft was incharge of the mission. Now have you patched your Windows against the recent bug???
I see a great push everywhere for everyone to start using 2.6. Why, if youre successfully using 2.4 or 2.2 in your current installation. I remember 2.4 took a LITTLE while to iron out.
Slashdot Mirror
I've been investigating this in our company as a replacement for our MS Proxy server, producing documentation and working with the test server. So we've lost a few manhours on freeswan. We'll not quit freeswan because the main developers are leaving it. We're dropping it because KAME will be standardized and we'll look at OpenBSD much more closely.
The actual move will depend entirely on whether the VPN server can authenticate against Active Directory LDAP entries. That should allow windows2000's VPN system and decrease the number of logins, else there will be too many protests on too many logins: dialup, vpn, terminal serv, erp system, reports..
Has anyone used OpenBSD or linux to auth against AD on win2k successfully on a 30-user scale??
...that they released the company name which contributed to the assaults on Linux's name. I know now which hosting company not to choose.
In fact they should release all names of companies licensing Linux from SCO. Better yet, the names of their CEOs, their email addresses and business types. It will show the quality of business decisions going on within those places and will decrease certainity of investors who know about the whole SCO fiasco.
Here are some ideas I'm sure have been considered:
(1) Vibration.... the panels are lifted sideways and a motor at the top vibrates them for a few minutes. This will cost(1) the vibration motor (2) the lifting motor (3) lifting arm and hinges.
(2) Clapping two solar panels together.
(3) Compressed air. This is my fav. A small cylinder onboard could blow air across the panels about 10 times... increasing the life of the rovers 10 times. If theres enough gas in the atmosphere, replace the cylinder with a compressor. Its mechanically easy, less risk, and with a tiny compressor will add just a tiny bit of weight.
(4) Wiper blades. The blades will have feathers on them like a feather duster.
(5) Rotating panels. The panels would be disc-shaped and are rotated real fast like a CD to shake off the dust.
(6) Flippin panels. Turn the panels upside down for a little while. Optionally, jerk them.
(7) Roller film. Unlike camera film, one loop of film covers the panel and two axels at the panel ends loops the film around. Small brushes at one end will keep cleaning the film.
(8) Driving into rocks. The rover can tilt its panel forward facing and drive into a large rock with a bumper. That way the martians wouldnt think much of our intelligence and cancel the invasion.
(9) Tiny micro-rovers built by MIT undergrads to wander over the panels cleaning it. The micro-rovers will themselves have connectors to recharge. I'm thinking 2mm^2. Tricycle-shaped with a trailing brush.
(10) Drive over a high dune just before losing power. That way when theres a wind storm, enough dust will be blown away to allow the rover to communicate with the satellite. Hopefully, most of the dust will be blown away.
Some of the above ideas were taken from other posters. I believe they could have been used to build a rover that could in theory work forever.
I guess we should stick to improving debian as the defacto standard of Linux instead of building competition for it. Distros like KNOPPIX have shown how a good lowlevel distro can be used for higher level distros, keeping the base (debian) same allows for much more compatibility (dpkg).
Now if only SuSE and Redhat pays attention.
is to have one pen have a keyboard, projector, 802.11b, running Linux or BSD, and running off one AAA battery for at least a few hours.
So in the meetings I'd say 'lemme jot that down' pull out the pen, start it up and type it up. That pen will accompany me to all exams.
Heck the Japanese might even put ink in it.
I agree. Theres a lack of Linux users in Pakistan for the same reason. Every curious kid has oracle, SAP, netware, windowsxp and office on his computer. Sure theres the odd geek there, but the percentage of OSS users is grim.
For that reason, I'd like to see software piracy laws implemented in Pakistan. Theres no WAY the average joe can pay for even the special pricing for microsoft, linux will boom.
One of the biggest advantages of USB is the power that flows through it. I just plug in my mouse, webcam etc and no bulky adapters required. Theyve also been around since the days of the Pentium1, and you can be sure a USB drive will work many places.
Now wireless.... you'll need batteries or adapters, wont work just everywhere and you'll have to pay motherboard makers to build it in.
Not too many people need short-range wireless interfaces outside of the 802.11a/b/g, which is different
We setup two firewalls facing the Internet, a MS Proxy server and a redhat9.0 as a test server. The redhat was compromised using sendmail and samba exploits and it was used as a staging area for further attacks before we knew. Thank god the admin password was different on the servers else we would have lost quite a bit of the company.
But I dont think Linux is at fault. I did not use iptables to block unneeded ports on the outside and I did not patch sendmail ( I shouldve used qmail). I shouldve taken close care of suid files, used ssh instead of telnet, jailed most servers, never used root and generally kept checksums of the important binaries. Thats what real security takes, thats whats easily possible on Linux, thats what Windows lacks and THATS what I didnt do.
Altho our firewall now is a single openbsd (which does most of the above by default), I still recommend Linux, but with patches applied, services disabled, ports blocked and servers run in jails. If they compare default installs, Windows isnt running much, older redhats are running too much with no patching of daemons whose sources are available online, and the results are biased. Just give me a server to secure, give the same to a Microsoft representative, some time for us and then attack the two servers all you want.
Just as tomshardware maxes out their test PC's specs to compare video cards properly(radeon and geforcefx will both be about the same on a pentium2 with 64mb ram, 4gb hdd), OS security tests should rule out technician incompetency.
Theres plenty of magnetic field in computer monitors, especially the larger, no-brand types that does the degauss 'ting' thingy.
All the more reason to use shaving sticks, lower power cellphones, smaller speakers and keep away from the north and south poles.
If people are smart enough to spend 16 hours a day smack in front of monitors and still develop the Linux kernel, it cant be too bad.
I'm not saying the windows code itself should be copied and compiled in WINE. Tannenbaum looked at UNIX code and coded himself minix. Linus took a good look at both UNIX and minix, then started fresh on Linux using what he 'learned'. Thats not illegal.
If we had a Microsoft employee leave and join the WINE team but not COPY and DUPLICATE anything, thats not illegal.
Sames true with Windows. One guy could do openwinkernel, another can do opencoff, another opendllinterface, and how would that be illegal?
I would even imagine open versions of windows projects will be more robust, less prone to mem leaks and enhanced and optimised, so we could eventually build win32 binary support on FreeBSD and totally rely on it to be more robust than a win2k server.
With legal protection and WINE development, linux will have an EASY time overtaking windows. IMHO win32 binary compatibility is the ONLY reason linux does not have desktop market share lead.
Trying to stop the source code is like throwing $20 bills from a manhattan balconey, and going down and trying to collect them all back.
Theres a great deal of ill feeling towards Microsoft, thanks to their annoying crashing OS, and anyone threatened with a lawsuit will be actually determined to send out the source code anonymously.
What I'm extremely interested in, is if someone has successfully compiled the code and tested it. I'm interested in knowing what parts of windows the code is from. Hopefully we get the kernel + binary execution segments so WINE is developed as well as SAMBA. I think as soon as we can run win32 binaries properly on Linux, along with at least directx8, linux will be a MUCH bigger competitor of both Microsoft and Apple.
"a majority of the American people have granted them that trust"
49.99% is not a majority.
Why dont they build the screen in like the GBA and use sony flashsticks to transfer binaries they can sell online?
If such devices could have good mileage, everyone on public transportation will be playing Sonic, Mortal Kombat, Street Fighter, Bare Knuckles and Rock n Roll Racing.
I better get soldering...
The SiS550 is an x86 SoC like the geode, elan. Theyre getting faster and smaller and more ready for embedded markets. 256MB flashes are cheap, and can carry full distros of WinCE, QNX Linux, BSD or anything you want.
Theyre still a far cry from ARM cores though, and I'd only use x86 where win32 binary compatibility is absolutely required. Things can and do get complex on x86 SoCs, and ARM cores will give you that 'simple and efficient' feel nothing else will.
My current boss is someone with 30 years experience, lotsof mainframe and VAX, and was in one company for over 11 years. Hardly ever worked with PCs. The company took him only because of the time he stayed with one company, and I'm the one doing all the work on PCs, xSeries servers, windows, linux and openbsd servers.
Our HR is getting a kick in the butt, they will definitely look for specific skills next time. Here was a classic case of relying too much on 'experience' alone. There should be a good balance of experience, qualifications, certifications and interests.
"highly disruptive to the US position as a technological leader"
A UN body should sit together and make sure the US remains the global technology leader. So 100+ countries should make sure Germany, Japan, India, China, UK etc could not overtake the US in technology. Why?
"and controlling force on third-world technological innovation"
Two words in that sentence show how unfair that position is. "Controlling" and "force". The third world cant produce their software and need a foreign power to sell them the same at say $100 per OS. Again why?
"Open Source would drastically lower the barrier to entry for pretty much any country looking to develop an information technology regime, which puts countries on a much more even footing to do things the US doesn't like"
So the US should make sure no other country can be technologically advanced enough to, what, attack the US? IIRC, Osama didnt need to break Blowfish. Keeping the world economically repressed is the single biggest reason for many countries to hate the US. So because I think you hate me and will harm me, I think I'll lock you up in a cell??
If you believe the US should try to keep its position good and worry about the people who pay the governments taxes, I can understand that position. But this was a UN meeting, not a US. I really hope you were speaking sarcastically.
"other countries having strong, independent governments is not in the US' interests, because such governments and countries (and ultimately, populations) are much harder to manipulate"
Why would the US want to manipulate the whole world? Most democratic countries elected their leaders not to be ruled by America. The nondemocratic ones would much rather have a ruthless dictator of their own than a ruthless superpower making it a colony. Get out there and ask Iraqis, Iranians, N Koreans, Afghans, Libyans etc. Talk to people, dont assume.
The other types are pptp, ssh-based and cipe. IPSec has become a standard between cisco, openbsd, win32, linux and devices like netscreen and solaris.
So why fragment the VPN scene further, and what do you mean no client installation is required. Does it come prebuilt in linux, openbsd, windows 98, qnx, beos?
If clients and servers are available, from how many different vendors, based on which RFCs?
I am curious be cause I never heard of SSL-based VPNs, but I wont contribute to further fragmentation; IPSec has been good to me.
So everyone will want to send the whole of themselves (not just the egocentric parts), yet cut costs so embalming, clothing will be out of question.
Maybe the geosync orbit will be a belt of zombies visible from the ground, from which dead bodies will occasionally whack the windows of the next space station.
I'd much rather be thrown into the atmosphere, on the night side so people would see a shooting star and make a wish. Hopefully the shooting star will not reach the ground, now that would be messy.
Why not just pour the effort into openoffice? Using MS Office will just be a licensing mess later down the line. I'm sure MS will love to have parts of its codebase used in Linux so they can cause trouble like SCO is right now. Uptill now, Linux has been going much cleaner than BSD and has had few issues in the court, and noone could touch it legally.
openoffice can open Word Excel etc docs just fine, and if its streamlined further, optimised, ported everywhere etc, its already better than MS Office with about the same interface.
Indeed. While in slashdot, a windows cd might be flamebait, I've seen how truly useful knoppix is (fresh windows install, no NIC driver, need knoppix to download it), and I know such a CD will be useful with veritas, antivirus, networking tools, ad-aware, bunch a nic drivers etc. Our company uses common software across all computers, and everyones personal files reside on a common shared folder. So to keep someone running with a crashed harddisk, a customized version of such a CD can be useful (what if some virus crashes ALL workstations?, we can keep running temporarily on these CDs).
My only rant is it doesnt seem to work with windows 2000.
I have NO idea why that was marked funny.
There are two major problems blocking Linux uptake on the desktop. The windows binary pool is huge, and the lack of standards of packages, menus, interface etc on Linux.
Now if the WINE project can be merged with this source code, or if the raw hardware interfaces of Windows is translated to linux APIs to make it something like usermode linux only windows binary emulation in windows using windows source code, that will fix one part of the problem. I believe the other part, standardizing packages and the GUI will eventually happen...
With these two problems fixed, theres no reason Dell and HP wouldnt sell and promote Linux on laptops and desktops as the standard.
He mentioned trivial package installations like Gator.
.deb and .rpm nowadays. The new issue is having graphical standards. There are tonnes of different window managers in use, and KDE and GNOME still dont play quite well. Not to mention their menu systems are located at crazy locations across distros.
Linux does have some pretty advanced packaging system, generally standardized on
So whats a new package to do right after install to become a small icon in the desktop menu? It has to discover what window manager is installed and used, find the menu system and append its icon to it with the proper links. It should also be able to remove the icons after uninstall.
Linux has come a long way but its graphic system from X upwards is a mess with KDE GNOME other smaller window managers and console-alone developers have made enclaves around themselves. KDE on gentoo works GREAT, but the severe lack of standards forces people to get back to the command line once in a while.
NASA should build another rocket to carry this as a patch to Spirit and Opportunity, and load QNX instead of VxWorks on it (better yet, uCLinux, now that space isnt an issue).
Of course this will really happen if Microsoft was incharge of the mission. Now have you patched your Windows against the recent bug???
I see a great push everywhere for everyone to start using 2.6. Why, if youre successfully using 2.4 or 2.2 in your current installation. I remember 2.4 took a LITTLE while to iron out.