You make the amusing (and often wrong) assumptions that (1) laptops have anti-virus software installed and (2) it is updated frequently with the latest signatures. Some roaming users cannot or do not connect to the Internet or to the LAN for months at a time, so if they pick up something nasty in transit, there is no opportunity for their machine to be automatically disinfected.
Mr. Lyons attempts to comment on a simple dispute over intellectual property licensing. While I agree the current legal formulations of copyrights, trade secret protections, patents, etc. leave much to be desired, I would prefer erudite discussions of the intellectual property law to poorly-constructed logical fallacies posing as insightful commentary. Prejudicial language (the phrases "happy software proles" and "burn down your house", use of the word "comrade"), appeals to popularity (the aforementioned language implying that agreeing to the FSF's philosophy turns one into a morally-bankrupt communist), personal attacks (implying corruption on the part of FSF officials in paragraphs 15, 16, 17, and 21 and collusion in paragraph 18), and appeals to authority (such as the phrase "as some suggest") abound within an article whose theme is, simply, "be careful when you include free software in your product, as there may be undesirable restrictions in its licensing that may make its use inappropriate, given your business model". There is nothing wrong with this theme---"caveat emptor" should be on every entrepreneur's lips---but the way in which this message was delivered leaves much to be desired. Such weak writing has no place in a magazine like Forbes and is a poor advertisement to potential subscribers as myself. I would be much more interested in reading an article that interviews businesses that have successfully (or unsuccessfully) used free software and recounts the lessons they learned from it.
And I'm getting fed up with people who seem to think infection vectors are a good way to classify malicious mobile code. Personally, I don't see much of a difference between viruses, worms, malware, spyware, etc. It's all basically "bad stuff running on your computer". Some are network aware, some hide in executables, all do bad things and are pretty pernicious.
Oh and by the way, you are wrong about there being no Linux viruses found in the wild. There are several: Staog, Bliss, and Etap (aka Metaphor).
Firewalls aren't useless. Traffic shaping and filtering is an important part of one's perimeter defenses. Unfortunately, there are two major flaws that firewall vendors want you to ignore:
Much like a stoplight, firewalls must allow some traffic through them, i.e. they are traffic control mechanisms. One can still attack any system whose traffic is permitted to pass through the firewall.
Firewalls, like all perimeter defenses, cannot mitigate the risk of insider attacks, as Slammer and MSBlaster illustrated.
As with every threat (except for werewolves), there is no silver bullet, no magic countermeasure that by itself will mitigate every risk. One must deploy a variety of countermeasures against an even greater variety of threats and vulnerabilities, including traffic shaping and filtering (which could include firewalls, intrusion detection systems, and hybrid firewall-IDS aka intrusion prevention systems), configuration management (including software patches and malicious mobile code detection), and so forth and so on. These countermeasures must be deployed at several levels to afford adequate protection, e.g. both in the network core and at the network edge. Anyone who tells you different is a fool, as you so correctly described the "security consultants" you dealt with.
I only make these points to remind everyone of the concept of "defense in depth". There is no magic security solution that is all countermeasures to all threats.
I would have really enjoyed Black & White, if I could just have gotten it to run for longer than 20 minutes before crashing and wiping out my saved games.
Maybe we were looking at different products. IIRC, BlackICE Defender had firewall functionality. The new version, now named RealSecure Desktop, shares IDS signatures with other RealSecure products and can do the whole "active response" thing, including blocking packets, sending TCP RSTs, etc. If you use the enterprise version, it is administered centrally using the ISS SiteProtector console software (which is why we're looking at it at $ORK).
In fact, I seem to recall being impressed with its application-specific firewalling over-and-above Zone Alarm Pro. But I've slept since then, and could be misremembering something.
On the one hand, it's a remake of a classic. On the other, tt's a licensed game. Both will suck by definition. Why work yourselves into a lather over it now? You'll only be more disappointed when it actually starts sucking later.
Sorry, but I feel like putting on my "physics pedant" hat on. Gravity is measured in units of distance per units of time squared (i.e. acceleration). 1 mGal = 1 cm / s^2.
The way I figure it is that if I have to use that many parens to get a C program to work properly, then I might as well give in and use Lisp, instead.:)
IPSEC cannot authenticate users to a service, nor can it encrypt messages betweeen users or applications. At the most, your message transport is encrypted, which is all transport-layer encryption systems like IPSEC and SSL can do. Neither SSL nor IPSEC automatically make your POP or IMAP services "secure", e.g. one can still perform buffer overflow attacks over an encrypted channel. They merely make it difficult to eavesdrop on the transmission media.
Why not organize a dance? Use project management and collaboration software to plan and assign tasks, MP3 software and lpd to play the music (which is all eleet dance/techno streaming off the Net, of course), PIC microcontrollers and lasers mounted on swervos for the light show, and spam to announce it? You could geek out AND meet c00l chicks, all at the same time! W00t!
(I have the sneaking suspicion a Real Philosopher will put me in my place if I mention this without a certain degree of rigor, but what the hell do I care? It's not like navel-gazing here on Slashdot (or anywhere else) actually matters. ^_^ )
Three events---two that occur early in the second movie and one that occurs near its end---have me suspecting that the location of Zion, et al, is still inside of the Matrix. First, Agent Smith replaces Bane in the world of Zion by killing him in the Matrix. In the similarly-themed Thirteenth Floor, Jason Whitney and Jerry Ashton switch places when the "original" dies in the simulation of L.A. circa 1937, and it is only later the audience finds out that the "real world" of L.A. circa 1999 is itself a simulation. Second, as Neo and friends are about to leave Zion on their mission to save the Keymaker, one of the children gives Neo a spoon, saying that Neo would understand. In the first Matrix movie, the spoon symbolizes the chimerical nature of the Matrix, and a child within the Matrix gives Neo a spoon to demonstrate the illusion. Third, after the crew escapes the Nebuchadnezzar, Neo says that he can feel the crew's robotic persuers, and then halts their malefic advance in much the same fashion as he stops bullets within the Matrix: right hand outstretched, a look of concentration, and the missiles---dumb slug and smart monster---stop in their tracks and drop straight to the ground, as witnessed on several occasions in both movies.
There are at least three other hints, as well. The ripple effect---seen every time Neo does "his Superman thing" in the Matrix---is also seen when he stops the robots in the world of Zion. Agent Smith remarks "...we're not free. There is no escaping this system." Also, when describing himself and Neo, Agent Smith calls himself "Apparently free."
Ok, so I'm going to leave it to fellow navel-gazers (or future work-avoidance sessions) to link the events above to the Incompleteness Theorem, because it is late and I'm tired. Hah!
The "-u" flag to sort(1) only works on systems that implement the XPG4 standard. If you want to write portable shell scripts, you'll need to call uniq(1). Unfortunately for us script writers, not all the world uses GNU textutils.
It depends on how far back it was when Linus adopted BitKeeper, and when the code in question was submitted to Linus for inclusion in the kernel. There's nothing like the various BSD CVS trees (and attendant commit logs) for the Linux kernel, or Linux distributions, for that matter. Until Larry McVoy convinced Linus to use BitKeeper, Linus was opposed to any kind of version control system then available (including CVS). Larry basically wrote BitKeeper for Linus, if I recall correctly.
In America's Army, the enemy force (which is always the other guy) looks like terrorists in Soviet-style desert camo. Some of the maps are even set out in the middle of the desert, and some of the missions have a definite terrorist/counter-terrorist theme.
What is so interesting about gossiping about a bunch of purile weenies whining about names? I thought we were hackers, that we transcend all this foolishness. I could understand it if there's a serious flame fest going on over design and implementation---hell, I'd even understand "Emacs vs. VI" or "Mac vs. PC", but names? Not to mention the fact that the tactics used are nothing short of immature (I mean, mail bombing? Good God that's lame!). This is so unprofessional.
(Although, amusingly, it does remind me of a sci fi novel [I forget which, except that it wasn't very good]. In this novel, they had run out of Greco-Roman names for in-system objects [asteroids and stuff], so they started using names from other mythical sources, such as the Hindu.)
It pisses me off every time somebody comes along and thinks they can shoe-horn all possible solutions to all possible problems into a single programming style. So for everybody who's a newbie, let me impart a little wisdom to you so you don't have to learn it the hard way.
There is no silver bullet, no magical solution, no instantaneous makes-my-problem-go-away widget that is all things to all problems.
Use the right tool for the right job. Sometimes, a functional style is useful (especially when one's teaching programming language concepts and higher-order mathematics). Sometimes, procedural tools with abstract data types are useful. And sometimes, functional, procedural, and object-oriented styles can work together to solve a problem (such as the machine simulator I'm writing in Lisp).
Now things have turned the other way. Every new Unix application is available for Linux.
It's worse (for Sun) than that: Not only is every new UNIX application available for Linux, they are available for Linux on x86 (read: commodity) hardware. I would guess that Sun's worried more about losing hardware sales.
You're more than welcome to my annotated Postfix configuration files and URL bookmarks. Unfortunately, my setup may not serve your purposes. It's acting only as a smarthost and mail relay for some other (unmentionable) mail servers. Well, it also does a bunch of anti-spam stuff that (unmentionable) is incapable of doing.
I'm pretty happy with Postfix, although some of my friends are rabid Qmail fans. I tried setting Sendmail up as a smarthost and MX - pretty simple, you'd think. After reading the M4 documentation and the bat book, I just got more confused, if you can believe that. I guess it means I have a weak mind. Oh well. I'm lazy, too, and Sendmail was just too hard.
Because of the (unmentionable) mail server, the "+mailbox" syntax for email addresses no longer works. Just drop the "+slashdot" from my email address above and send me an email if you want my configs.
(Heh, sorry about the double entendre there in the subject line.)
So just when has DJB been hypocritical? His stuff seems to be pretty secure, and I've never read where he's claimed to be a Free Software/Open Source advocate. Plus, I'm in a gossipy mood. Please elaborate!
Slashdot Mirror
You make the amusing (and often wrong) assumptions that (1) laptops have anti-virus software installed and (2) it is updated frequently with the latest signatures. Some roaming users cannot or do not connect to the Internet or to the LAN for months at a time, so if they pick up something nasty in transit, there is no opportunity for their machine to be automatically disinfected.
Mr. Lyons attempts to comment on a simple dispute over intellectual property licensing. While I agree the current legal formulations of copyrights, trade secret protections, patents, etc. leave much to be desired, I would prefer erudite discussions of the intellectual property law to poorly-constructed logical fallacies posing as insightful commentary. Prejudicial language (the phrases "happy software proles" and "burn down your house", use of the word "comrade"), appeals to popularity (the aforementioned language implying that agreeing to the FSF's philosophy turns one into a morally-bankrupt communist), personal attacks (implying corruption on the part of FSF officials in paragraphs 15, 16, 17, and 21 and collusion in paragraph 18), and appeals to authority (such as the phrase "as some suggest") abound within an article whose theme is, simply, "be careful when you include free software in your product, as there may be undesirable restrictions in its licensing that may make its use inappropriate, given your business model". There is nothing wrong with this theme---"caveat emptor" should be on every entrepreneur's lips---but the way in which this message was delivered leaves much to be desired. Such weak writing has no place in a magazine like Forbes and is a poor advertisement to potential subscribers as myself. I would be much more interested in reading an article that interviews businesses that have successfully (or unsuccessfully) used free software and recounts the lessons they learned from it.
And I'm getting fed up with people who seem to think infection vectors are a good way to classify malicious mobile code. Personally, I don't see much of a difference between viruses, worms, malware, spyware, etc. It's all basically "bad stuff running on your computer". Some are network aware, some hide in executables, all do bad things and are pretty pernicious.
Oh and by the way, you are wrong about there being no Linux viruses found in the wild. There are several: Staog, Bliss, and Etap (aka Metaphor).
Firewalls aren't useless. Traffic shaping and filtering is an important part of one's perimeter defenses. Unfortunately, there are two major flaws that firewall vendors want you to ignore:
- Much like a stoplight, firewalls must allow some traffic through them, i.e. they are traffic control mechanisms. One can still attack any system whose traffic is permitted to pass through the firewall.
- Firewalls, like all perimeter defenses, cannot mitigate the risk of insider attacks, as Slammer and MSBlaster illustrated.
As with every threat (except for werewolves), there is no silver bullet, no magic countermeasure that by itself will mitigate every risk. One must deploy a variety of countermeasures against an even greater variety of threats and vulnerabilities, including traffic shaping and filtering (which could include firewalls, intrusion detection systems, and hybrid firewall-IDS aka intrusion prevention systems), configuration management (including software patches and malicious mobile code detection), and so forth and so on. These countermeasures must be deployed at several levels to afford adequate protection, e.g. both in the network core and at the network edge. Anyone who tells you different is a fool, as you so correctly described the "security consultants" you dealt with.I only make these points to remind everyone of the concept of "defense in depth". There is no magic security solution that is all countermeasures to all threats.
I would have really enjoyed Black & White, if I could just have gotten it to run for longer than 20 minutes before crashing and wiping out my saved games.
Maybe we were looking at different products. IIRC, BlackICE Defender had firewall functionality. The new version, now named RealSecure Desktop, shares IDS signatures with other RealSecure products and can do the whole "active response" thing, including blocking packets, sending TCP RSTs, etc. If you use the enterprise version, it is administered centrally using the ISS SiteProtector console software (which is why we're looking at it at $ORK).
In fact, I seem to recall being impressed with its application-specific firewalling over-and-above Zone Alarm Pro. But I've slept since then, and could be misremembering something.
On the one hand, it's a remake of a classic. On the other, tt's a licensed game. Both will suck by definition. Why work yourselves into a lather over it now? You'll only be more disappointed when it actually starts sucking later.
If the plural for "ox" is "oxen", then the plural for "box" must be "boxen", and every true geek knows that the plural for "VAX" is "VAXen". LOL
Sorry, but I feel like putting on my "physics pedant" hat on. Gravity is measured in units of distance per units of time squared (i.e. acceleration). 1 mGal = 1 cm / s^2.
The way I figure it is that if I have to use that many parens to get a C program to work properly, then I might as well give in and use Lisp, instead. :)
"IPSEC is not an end-to-end protocol."
IPSEC cannot authenticate users to a service, nor can it encrypt messages betweeen users or applications. At the most, your message transport is encrypted, which is all transport-layer encryption systems like IPSEC and SSL can do. Neither SSL nor IPSEC automatically make your POP or IMAP services "secure", e.g. one can still perform buffer overflow attacks over an encrypted channel. They merely make it difficult to eavesdrop on the transmission media.
Why not organize a dance? Use project management and collaboration software to plan and assign tasks, MP3 software and lpd to play the music (which is all eleet dance/techno streaming off the Net, of course), PIC microcontrollers and lasers mounted on swervos for the light show, and spam to announce it? You could geek out AND meet c00l chicks, all at the same time! W00t!
(I have the sneaking suspicion a Real Philosopher will put me in my place if I mention this without a certain degree of rigor, but what the hell do I care? It's not like navel-gazing here on Slashdot (or anywhere else) actually matters. ^_^ )
Three events---two that occur early in the second movie and one that occurs near its end---have me suspecting that the location of Zion, et al, is still inside of the Matrix. First, Agent Smith replaces Bane in the world of Zion by killing him in the Matrix. In the similarly-themed Thirteenth Floor, Jason Whitney and Jerry Ashton switch places when the "original" dies in the simulation of L.A. circa 1937, and it is only later the audience finds out that the "real world" of L.A. circa 1999 is itself a simulation. Second, as Neo and friends are about to leave Zion on their mission to save the Keymaker, one of the children gives Neo a spoon, saying that Neo would understand. In the first Matrix movie, the spoon symbolizes the chimerical nature of the Matrix, and a child within the Matrix gives Neo a spoon to demonstrate the illusion. Third, after the crew escapes the Nebuchadnezzar, Neo says that he can feel the crew's robotic persuers, and then halts their malefic advance in much the same fashion as he stops bullets within the Matrix: right hand outstretched, a look of concentration, and the missiles---dumb slug and smart monster---stop in their tracks and drop straight to the ground, as witnessed on several occasions in both movies.
There are at least three other hints, as well. The ripple effect---seen every time Neo does "his Superman thing" in the Matrix---is also seen when he stops the robots in the world of Zion. Agent Smith remarks "...we're not free. There is no escaping this system." Also, when describing himself and Neo, Agent Smith calls himself "Apparently free."
Ok, so I'm going to leave it to fellow navel-gazers (or future work-avoidance sessions) to link the events above to the Incompleteness Theorem, because it is late and I'm tired. Hah!
The "-u" flag to sort(1) only works on systems that implement the XPG4 standard. If you want to write portable shell scripts, you'll need to call uniq(1). Unfortunately for us script writers, not all the world uses GNU textutils.
HTH. HAND.
It depends on how far back it was when Linus adopted BitKeeper, and when the code in question was submitted to Linus for inclusion in the kernel. There's nothing like the various BSD CVS trees (and attendant commit logs) for the Linux kernel, or Linux distributions, for that matter. Until Larry McVoy convinced Linus to use BitKeeper, Linus was opposed to any kind of version control system then available (including CVS). Larry basically wrote BitKeeper for Linus, if I recall correctly.
In America's Army, the enemy force (which is always the other guy) looks like terrorists in Soviet-style desert camo. Some of the maps are even set out in the middle of the desert, and some of the missions have a definite terrorist/counter-terrorist theme.
What is so interesting about gossiping about a bunch of purile weenies whining about names? I thought we were hackers, that we transcend all this foolishness. I could understand it if there's a serious flame fest going on over design and implementation---hell, I'd even understand "Emacs vs. VI" or "Mac vs. PC", but names? Not to mention the fact that the tactics used are nothing short of immature (I mean, mail bombing? Good God that's lame!). This is so unprofessional.
(Although, amusingly, it does remind me of a sci fi novel [I forget which, except that it wasn't very good]. In this novel, they had run out of Greco-Roman names for in-system objects [asteroids and stuff], so they started using names from other mythical sources, such as the Hindu.)
It pisses me off every time somebody comes along and thinks they can shoe-horn all possible solutions to all possible problems into a single programming style. So for everybody who's a newbie, let me impart a little wisdom to you so you don't have to learn it the hard way.
Use the right tool for the right job. Sometimes, a functional style is useful (especially when one's teaching programming language concepts and higher-order mathematics). Sometimes, procedural tools with abstract data types are useful. And sometimes, functional, procedural, and object-oriented styles can work together to solve a problem (such as the machine simulator I'm writing in Lisp).
Rant mode off.
Thus saith the original poster:
I'd be a lot more interested in piracy if you had Britney Speares' chest in yonder CDs!
Thus saith the poster of the parent article:
It's worse (for Sun) than that: Not only is every new UNIX application available for Linux, they are available for Linux on x86 (read: commodity) hardware. I would guess that Sun's worried more about losing hardware sales.
Sorry, I just couldn't pass a straight line like this up!
I agree. Dating your own daughter is probably in poor taste and likely to get you arrested in some states. ;-P
You're more than welcome to my annotated Postfix configuration files and URL bookmarks. Unfortunately, my setup may not serve your purposes. It's acting only as a smarthost and mail relay for some other (unmentionable) mail servers. Well, it also does a bunch of anti-spam stuff that (unmentionable) is incapable of doing.
I'm pretty happy with Postfix, although some of my friends are rabid Qmail fans. I tried setting Sendmail up as a smarthost and MX - pretty simple, you'd think. After reading the M4 documentation and the bat book, I just got more confused, if you can believe that. I guess it means I have a weak mind. Oh well. I'm lazy, too, and Sendmail was just too hard.
Because of the (unmentionable) mail server, the "+mailbox" syntax for email addresses no longer works. Just drop the "+slashdot" from my email address above and send me an email if you want my configs.
(Heh, sorry about the double entendre there in the subject line.)
So just when has DJB been hypocritical? His stuff seems to be pretty secure, and I've never read where he's claimed to be a Free Software/Open Source advocate. Plus, I'm in a gossipy mood. Please elaborate!
LOL, thanks. I even googled for examples of that phrase to make certain I had it right.