But that still requires distros to inspect and validate the patches before they go live to repositories. The big part isn't really fixing the code, it's to test that it surely works and doesn't cause problems for users.
And even so, if the vulnerability is in lets say flash, just anyone or distros can't fix that closed source application.
It's been told to all the linux zealots so many times that Linux itself isn't really more secure against malware than Windows. It's only so because it's marketshare is like 0.5%, if even that, and it makes much more sense to make malware where the (non-geeky) users are.
This just shows that if ever linux did gain marketshare with casual people enough, the malware problem will be there too. Repositories won't help with that, because people want 3rd party programs and games.
The funny thing about this is the same that as with Mac OS X users. All of the zealots yelling that Linux/Mac OSX are secure about malware, which results in normal people thinking they can run whatever downloaded "because my OS is secure!".
And before everyone jumps on the "but you can't get infected by just browsing on porn sites on linux!", why not? What was the last time you got infected by Windows vulnerability? Those attacks are usually against 3rd party programs like PDF or Flash. And guess what, those apps are on Linux too and are just as well exploitable.
The only reason malware problems are smaller on Linux than Windows is because of the almost-non-existing desktop marketshare and that those who use it on desktop are usually more tech savvy.
This just shows that if Linux had 95% marketshare on desktop, and Windows 0.5%, it would be the same thing but just turned around.
The fact that USA is a really big country doesn't really matter. Like USA, not all of Europe is heavy-density populated. Scandinavia for example has much smaller population density than USA, but in cities people get 100mbit/s to home, even 1gbit/s. If you're living off a city, 24mbit/s is common place. And no such bullshit than usage fees.
Social ones are mostly the problem. If I have to think that this action (visiting slashdot, downloading something, streaming music) will cost me specific amount, I rather don't do it. Add to that the fact that in most cases ISP's/operators charge a lot per MB, and it just sucks.
Technically it makes more sense to charge by bandwidth too. ISP's itself pay for peering by bandwidth, not usage. They just have to calculate how much their customers statistically use bandwidth and adjust their peering agreements by that (calculating that they still make profit in it). Like you said, not all of the customers are going to max all the time, or even near.
This is why I use colocation providers that instead of 1500GB per month allowance or such tell you what speeds you can except. Like for example you get 50Mbps at peak times, 100Mbps at non-peak. It's still a shared line, but you pretty much get what is promised.
Usage-based billing is just trouble some and doesn't really make sense for the hosting providers either. They pay peering for the bandwidth, not per usage. Allowance is just there arbitrarily limiting the users, so they wouldn't use all the bandwidth they're promised.
Welcome back to 2000. Data-usage fees per MB were common place back then. Now it's all based on the actual bandwidth, 512kbit/s, 1mbit/s and so on, like it really should be. Use how you want to. In Europe that is.
It's funny to think that USA should be the best nation with technology and infrastructure, but still your internet connections suck this much.
But how would that be different on any other OS? If the application has a vulnerability that lets the attacker execute code on user base, it doesn't matter what the OS is. Unless it's locked down OS like iPhone.
a message archive for emails you don't want to delete but still want to keep
Well that was cleverly written:)
But tabbed email sounds interesting. It makes text editors, web browsers and many other apps so much better and makes so much sense for email application that I'm thinking why didn't Thunderbird have it before.
One thing I would surely like to see in email clients however - the gmail like threaded conversation view. It's just so much better and nicer to use, but still many email applications tend to have the plain-list-of-messages view.
Why do I have 10 moderator points instead of the usual 5?
Congratulations! You are in the top 1% of moderators and have been given the gift of 10 points for your good work. It looks like your mom was wrong when she said all those hours on Slashdot wouldn't get you anything.
Exactly. And this line in the summary doesn't just make sense:
The drop in US spam might have had something to do with the temporary shutdown of the McColo spam ISP.
Didn't it take just some days while the botnets moved elsewhere and spam level was same again? McColo was hosting C&C for the botnets, not actually spamming itself.
Do you know what you're talking about? What prevents a keylogger to log a user password on windows that do not prevent it in Linux?
Well UAC is built-in to the system. Windows just disables sending the keys to other apps while user is presented with UAC dialog.
But what about when you're running a terminal screen on your X desktop in Linux and sudo to root. Linux kernel nor sudo can't disable the equivalent api's because X, terminal window and several other hooks need to be able to get them. That is a problem with a system build from blocks.
All of the problems with multiple computers and OS's behind a single internet line beside, they would never do it that complicated but just charge the extra fees from all users equally.
I think this has the effect of being a malware bailout for Microsoft, discouraging them and other software companies from writing better code and giving users little incentives to switch to more secure alternatives.
I have to disagree with that. Malware problem is usually because of user stupidity. Like any other OS, you can run Windows securely if you don't do stupid things.
The thing is, as we don't care so much about how to properly feed, exercise and clean ponies, normal people don't care so much about computer security. They just want to do their thing. But now they would have a place they know they can seek help from, and who are giving helpful instructions how to not get infected anymore and how to solve their problem. Maybe those hints stick, maybe not, but at least they can get help with the problem (without calling over our fellow slashdotters all the time!)
But what is an interesting piece in the article (and somewhat worry-some)
Before the plans are implemented, however, a decision needs to be made on what sanctions customers who decline to cooperate with their ISP can be subjected to. According to an eco project manager, quoted by the dpa, "Anyone surfing without proper anti-virus software is endangering other web users, in the same way that a car driver driving with faulty brakes is endangering other road users."
I'm sure Symantec will hurray for that, but I don't want someone push an av software down my throat that I don't even need. Even less on my linux server. I really hope it only means those users who have been identified by the ISP to be sending spam out.
But the bottom line is, it's not a "bailout" for Microsoft. Malware goes where the users and money are and any kind of better code or secure alternatives cannot go around user stupidity. Linux is mostly secure from malware because the users generally are more geeky than the casual users on Windows and don't just random stuff from the internet. Repositories also help with this, but if Linux ever gained any actual desktop marketshare and casual users, the 3rd party applications/games/whatever that people want would be downloaded from the internet just the same way as on Windows. But any (good) Linux sysadmin knows there been worms in Linux too and remote hacks are commonplace if the system isn't properly secured (and casual users just wont do that).
Exactly. And the fact Firefox users try to push it down everyones throats who don't even want to use it (thank god it's not as bad anymore than it was a few years ago).
However Opera pretty much has all the features built-in I need, expect for ad blocking I use Ad Muncher. And since they're built-in, you can be pretty sure they're fast, done with the same quality and are consistent to rest of the browser.
It's not just about the ability to run extensions though. The main reason javascript-heavy sites looked bad was because the previous javascript engines we're done clumsy. Thankfully there's been huge improvement there. But if the base browser requires you to install many extensions to be useful and nice to use for you, and the extension engine is done poorly, it starts to become bloated compared to other browsers that have those features built-in.
Even though I'm a little bit skeptical about the bloated aspect, hopefully SRWare Iron will be updated to support them soon too. Iron is Chrome but with all the things that violate your privacy removed.
Hopefully Chrome's extension system is done better than in Firefox though. It becomes incredibly clumsy, and the interface itself is already too. Been the main reason I've stayed with Opera, as it has everything build-in and works fast. But maybe Chrome becomes more useful now.
It's not just what you put out there, it's also what you search for, what sites you visit, whatever your private emails contain. Not all people would want everyone to know everything about them. What I do and talk with my parents is kind of different what I do and talk with my girlfriend. Same thing with people that have mental problems and talk freely about them to their doctor, but probably wouldn't want everyone to know what they're talked about.
What Google CEO is basically saying that everyone should be completely open about themself to everyone and shouldn't except any privacy.
Or play on PC, where there is keyboard and mouse available (plugging USB keyboard&mouse on xbox 360 wont work)
But I guess the parent is just trolling about MW2 and all the things we've already heard and discussed before. It's offtopic too, as MMO private servers are quite a different thing than dedicated servers on FPS games.
Slashdot Mirror
But that still requires distros to inspect and validate the patches before they go live to repositories. The big part isn't really fixing the code, it's to test that it surely works and doesn't cause problems for users.
And even so, if the vulnerability is in lets say flash, just anyone or distros can't fix that closed source application.
Yes, they do. That's why I choose those that don't and tell me exactly what kind of bandwidth I can expect to use.
It's been told to all the linux zealots so many times that Linux itself isn't really more secure against malware than Windows. It's only so because it's marketshare is like 0.5%, if even that, and it makes much more sense to make malware where the (non-geeky) users are.
This just shows that if ever linux did gain marketshare with casual people enough, the malware problem will be there too. Repositories won't help with that, because people want 3rd party programs and games.
The funny thing about this is the same that as with Mac OS X users. All of the zealots yelling that Linux/Mac OSX are secure about malware, which results in normal people thinking they can run whatever downloaded "because my OS is secure!".
And before everyone jumps on the "but you can't get infected by just browsing on porn sites on linux!", why not? What was the last time you got infected by Windows vulnerability? Those attacks are usually against 3rd party programs like PDF or Flash. And guess what, those apps are on Linux too and are just as well exploitable.
The only reason malware problems are smaller on Linux than Windows is because of the almost-non-existing desktop marketshare and that those who use it on desktop are usually more tech savvy.
This just shows that if Linux had 95% marketshare on desktop, and Windows 0.5%, it would be the same thing but just turned around.
The fact that USA is a really big country doesn't really matter. Like USA, not all of Europe is heavy-density populated. Scandinavia for example has much smaller population density than USA, but in cities people get 100mbit/s to home, even 1gbit/s. If you're living off a city, 24mbit/s is common place. And no such bullshit than usage fees.
Social ones are mostly the problem. If I have to think that this action (visiting slashdot, downloading something, streaming music) will cost me specific amount, I rather don't do it. Add to that the fact that in most cases ISP's/operators charge a lot per MB, and it just sucks.
Technically it makes more sense to charge by bandwidth too. ISP's itself pay for peering by bandwidth, not usage. They just have to calculate how much their customers statistically use bandwidth and adjust their peering agreements by that (calculating that they still make profit in it). Like you said, not all of the customers are going to max all the time, or even near.
This is why I use colocation providers that instead of 1500GB per month allowance or such tell you what speeds you can except. Like for example you get 50Mbps at peak times, 100Mbps at non-peak. It's still a shared line, but you pretty much get what is promised.
Usage-based billing is just trouble some and doesn't really make sense for the hosting providers either. They pay peering for the bandwidth, not per usage. Allowance is just there arbitrarily limiting the users, so they wouldn't use all the bandwidth they're promised.
Welcome back to 2000. Data-usage fees per MB were common place back then. Now it's all based on the actual bandwidth, 512kbit/s, 1mbit/s and so on, like it really should be. Use how you want to. In Europe that is.
It's funny to think that USA should be the best nation with technology and infrastructure, but still your internet connections suck this much.
Whooosh!
But how would that be different on any other OS? If the application has a vulnerability that lets the attacker execute code on user base, it doesn't matter what the OS is. Unless it's locked down OS like iPhone.
But what do you need sudo for? Most malware that is trying to steal your info, send spam or whatever runs perfectly happy in user base.
You only need root access if you're trying to get control over the box, which is more of a hacking thing than what malware does.
a message archive for emails you don't want to delete but still want to keep
Well that was cleverly written :)
But tabbed email sounds interesting. It makes text editors, web browsers and many other apps so much better and makes so much sense for email application that I'm thinking why didn't Thunderbird have it before.
One thing I would surely like to see in email clients however - the gmail like threaded conversation view. It's just so much better and nicer to use, but still many email applications tend to have the plain-list-of-messages view.
Yeah, it's not like we are discussing about malware or anything. Or that the GP said "no user space programs can keylog".
It's in FAQ
Why do I have 10 moderator points instead of the usual 5?
Congratulations! You are in the top 1% of moderators and have been given the gift of 10 points for your good work. It looks like your mom was wrong when she said all those hours on Slashdot wouldn't get you anything.
Exactly. And this line in the summary doesn't just make sense:
The drop in US spam might have had something to do with the temporary shutdown of the McColo spam ISP.
Didn't it take just some days while the botnets moved elsewhere and spam level was same again? McColo was hosting C&C for the botnets, not actually spamming itself.
Do you know what you're talking about? What prevents a keylogger to log a user password on windows that do not prevent it in Linux?
Well UAC is built-in to the system. Windows just disables sending the keys to other apps while user is presented with UAC dialog.
But what about when you're running a terminal screen on your X desktop in Linux and sudo to root. Linux kernel nor sudo can't disable the equivalent api's because X, terminal window and several other hooks need to be able to get them. That is a problem with a system build from blocks.
All of the problems with multiple computers and OS's behind a single internet line beside, they would never do it that complicated but just charge the extra fees from all users equally.
I think this has the effect of being a malware bailout for Microsoft, discouraging them and other software companies from writing better code and giving users little incentives to switch to more secure alternatives.
I have to disagree with that. Malware problem is usually because of user stupidity. Like any other OS, you can run Windows securely if you don't do stupid things.
The thing is, as we don't care so much about how to properly feed, exercise and clean ponies, normal people don't care so much about computer security. They just want to do their thing. But now they would have a place they know they can seek help from, and who are giving helpful instructions how to not get infected anymore and how to solve their problem. Maybe those hints stick, maybe not, but at least they can get help with the problem (without calling over our fellow slashdotters all the time!)
But what is an interesting piece in the article (and somewhat worry-some)
Before the plans are implemented, however, a decision needs to be made on what sanctions customers who decline to cooperate with their ISP can be subjected to. According to an eco project manager, quoted by the dpa, "Anyone surfing without proper anti-virus software is endangering other web users, in the same way that a car driver driving with faulty brakes is endangering other road users."
I'm sure Symantec will hurray for that, but I don't want someone push an av software down my throat that I don't even need. Even less on my linux server. I really hope it only means those users who have been identified by the ISP to be sending spam out.
But the bottom line is, it's not a "bailout" for Microsoft. Malware goes where the users and money are and any kind of better code or secure alternatives cannot go around user stupidity. Linux is mostly secure from malware because the users generally are more geeky than the casual users on Windows and don't just random stuff from the internet. Repositories also help with this, but if Linux ever gained any actual desktop marketshare and casual users, the 3rd party applications/games/whatever that people want would be downloaded from the internet just the same way as on Windows. But any (good) Linux sysadmin knows there been worms in Linux too and remote hacks are commonplace if the system isn't properly secured (and casual users just wont do that).
Exactly. And the fact Firefox users try to push it down everyones throats who don't even want to use it (thank god it's not as bad anymore than it was a few years ago).
However Opera pretty much has all the features built-in I need, expect for ad blocking I use Ad Muncher. And since they're built-in, you can be pretty sure they're fast, done with the same quality and are consistent to rest of the browser.
I browse without AdBlock and I'm perfectly happy. I do use Ad Muncher however, as it works system-wide with all browsers (incl Chrome).
It's not just about the ability to run extensions though. The main reason javascript-heavy sites looked bad was because the previous javascript engines we're done clumsy. Thankfully there's been huge improvement there. But if the base browser requires you to install many extensions to be useful and nice to use for you, and the extension engine is done poorly, it starts to become bloated compared to other browsers that have those features built-in.
TripMaster Monkey, how do you know that it's not as privacy-invasive as Chrome is? Just because they say so on their web site?
Iron is free and OpenSource.
So you can check it yourself. Or packet dump, whichever you prefer.
Even though I'm a little bit skeptical about the bloated aspect, hopefully SRWare Iron will be updated to support them soon too. Iron is Chrome but with all the things that violate your privacy removed.
Hopefully Chrome's extension system is done better than in Firefox though. It becomes incredibly clumsy, and the interface itself is already too. Been the main reason I've stayed with Opera, as it has everything build-in and works fast. But maybe Chrome becomes more useful now.
It's not just what you put out there, it's also what you search for, what sites you visit, whatever your private emails contain. Not all people would want everyone to know everything about them. What I do and talk with my parents is kind of different what I do and talk with my girlfriend. Same thing with people that have mental problems and talk freely about them to their doctor, but probably wouldn't want everyone to know what they're talked about.
What Google CEO is basically saying that everyone should be completely open about themself to everyone and shouldn't except any privacy.
Google allowing EVERY employee 20% free time for personal interest projects constitutes a greater percentage of their resources than Bell's.
I can't see how this makes sense for their kitchen, cleaning and security employees, but good for them.
Or play on PC, where there is keyboard and mouse available (plugging USB keyboard&mouse on xbox 360 wont work)
But I guess the parent is just trolling about MW2 and all the things we've already heard and discussed before. It's offtopic too, as MMO private servers are quite a different thing than dedicated servers on FPS games.