You could take a look at the NSA's Security Enhanced Linux patch, which allows for a much finer-grained control over access to files on the system. It's a bit complex but it sounds like the answer to your question.
Re:Well, they may have a point somewhere in there.
on
ADTI Whitepaper Released
·
· Score: 2, Informative
You're correct about the risk, but the Government has strict standards that systems must adhere to, both when they go into production and when they are in initial development. The Common Criteria site has a listing of protection profiles that basicly spell out all the requirements a system must adhere to in order to be considered 'secure.' In the Labeled Security Protection Profile (and likely the others...I'm only familiar with this one) there is a section that basicly states that "the developer must use a content management system" and provide all documentation for how it functions, is administered, and how changes to the content are tracked.
In other words if any government group were to use an open source product or start one of their own they are still required to keep their copy of the source tree for the code under rigid, monitored control to ensure what happened to irssi and FragRoute could not happen to their project.
I'm not saying that CVS will be the total solution to this problem, but it's nice to see that they do have measures built-in to mitigate the risks.
I recalled this being mentioned on/. before. Glad to see that they were finally able to realize their goal! Now they can get the ultimate stress-test: a slashdotting:)
"Caldera, Conectiva, SuSE, and Turbolinux will collaborate on the development of the UnitedLinux distribution in order to provide migration pathes from their former releases to UnitedLinux. However, each UnitedLinux partner will still have its own Linux distribution that is "Powered by UnitedLinux." Existing long-term relationships with leading hardware and software companies - as well as the current UnitedLinux partners - guarantee the compatibility of UnitedLinux with relevant business solutions. HW and SW manufacturers have the opportunity to join the alpha and beta test circles, thus reassuring in an early stage that UnitedLinux supports their products."
If I read this correctly, it means that the future versions of SuSe, Connectiva, etc will be forks of the main United Linux distro.
Correct me if I'm wrong, but isn't Mandrake built off of RedHat?:) Maybe that's changed in more recent versions...
That aside though, I think RedHat is prominent because they were one of the first distros to make serious efforts in making Linux 'easy' for people to deal with. It has come a long way from infuriating and confusing text-based installations to make Linux a little less intimidating for newcomers. Granted at this point I prefer those infuriating text-based installations, but for people who are new, RedHat was one of the first to take the steps towards easing their worries and making a transition to Linux as painless as possible.
Better get it while you can then; you might get a shirt in the mail with a cease and desist letter printed on it.:) Look at the myriad other ways to have DeCSS. I wonder if the MPAA will send a C&D order in haiku form for some of them?
"The DMCA circumvention device joke has been made. Several times. Stop mindlessly repeating it like you're Raymond going through the Who's On First routine."
Frankly, I think the point of all the jokes is to show what a ridiculous piece of legislation the DMCA actually is. Perhaps the more it's pointed out--humorously or otherwise--then perhaps more people will wake up and look at the damageithasdone in the past and get them thinking about what could happen in the future if crappy legislation like this is allowed to stand. Yeah the jokes are old, but since the damn law just won't seem to go away despite the obvious problems with it, why should the jokes that point out its flaws?
What you're talking about is COMMON BUSINESS PRACTICE. Undermining competition is what keeps businesses alive...
Here I thought quality products were what kept businesses alive, not underhanded tactics. Of course you're correct in saying this is common these days, but that doesn't necessarily mean it is all right. It's even more wrong when you see this sort of thing continue to pour out from company that has already been declared a monopoly.
Someone said it above in 4 easy steps and I say: A-M-E-N. I'm glad that there was not a call for more laws to protect kids from the dangers of online chat. It's certainly something to be concerned about, but legislation is no substitution for attentive parents. I for one am quite sick of the way some parents blame TV, video games, and the Internet for the way their children grow up, and place the responsibility of total child protection into the hands of the government. How many anti-drug commercials have you seen lately that basicly say something along the lines of "...know what your kids are doing and who they're doing it with..." or "...talk to your kids about drugs, they'll listen...?" Don't the same things apply to your kids when they're using a computer?
Not aiming to flame/troll, but frankly I do not see why it should be the government's responsibility. If the RIAA/MPAA are so concerned about piracy, then shouldn't -they- be the ones to fund some 'superhighway cops' to keep an eye on things and find those who are breaking the law? It's obvious from some quotes in the past by people like Hillary Rosen that both these industries are of the mindset that EVERYONE sharing ANYTHING is pirating or doing something illegal. If that's the case then let THEM invest in the money and staff to track people down. If they are crying so hard about the loss of their IP, then shouldn't they put the money and people into protecting it without screaming for legislation that will also harm consumers who have done nothing wrong? Not only will they see that sharing can be done legally, but they will spare the taxpayers who just want to listen to their CDs, watch their DVDs, and have a computer that's not a set-top box some money and a heap of aggravation.
While it probably does not bother the majority of *nix users who can simply hit Delete to solve their worm problems, I've found it pretty easy to filter things like Klez out (and protect any Windows boxen you might have behind a *nix gateway) using Sophos Antivirus for UNIX, Sophie, and Virge. They're fairly easy to install and so long as the virus scanner is kept up to date, they catch anything hostile that comes to your SMTP server.
Lots of spam would just drop out of sight if those jerks had to include their real email address.
Of course it would. The spammers would be dragged out into the street and hung with nooses made of their own email lists:)
Seriously though, it's nice in some ways to see that the spam sitution on the net has gotten to a point where the Government can't seem to ignore it anymore. On the other hand, I think it behooves people to help themselves when it comes to spam. Effective use of Procmail can really help a person cut the spam out of their email diets. And with tools like Vipul's Razor, you can help OTHERS avoid getting the same spam in the future.
Y'know, you guys really ought to just expect this by now. Every year they report April Fools links, and they're very likely going to keep doing it. If you don't like em, don't go to/. until April 2. Pretty simple, eh?:)
If you read the whole thing you can see there are updated patches to the crypto API, but they are works in progress. I'm using the patch for 2.4.15 and I haven't seen any major problems (yet?).
"Gee... i hope not. I really hope companies will change to Open Source for its quality and stability and not because of BSAs tactics."
Well, the first benefit that I think someone from the coporate/business arena would take notice of is the free factor. A healthy bottom line will be the most attractive thing to companies who aren't very pleased with the BSA's current tactics. I'm sure that's not the way you or I or lots of folks reading this would like to see companies come around to open source and free software, but it's probably a reality we need to face:) Adoption of free/open source solutions due to cost effectiveness isn't an entirely bad thing; the other benefits such as stability, quality, and security will become apparent to them in the future. If the BSA's letters/crackdowns/idle threats help push more companies towards open source and free software, then so be it.
True enough, and you have to wonder about the logic of this sort of meeting, and where it will go in the future. Microsoft has spent the last several months villifying the Open Source movement, calling it 'cancerous,' and saying it stifles IP. So why would they suddenly start talking to the developers of GNOME about aiding in the creation of an Open Source version of.Net?
After reading the attacks by MS on the Open Source movement, I have to say it's very hard to believe that they would suddenly turn around and say 'Ok, let's help these folks integrate with.Net' without some sort of ulterior motive. Either the other posts on here concerning Passport are hitting the nail on the head, or we might be seeing the first part of the MS 'Triple E' plan--Embrace. I think most on here remember what the other two E's are.
I don't know about everyone, but I see both the writer and the brilliant exec he quotes at the end as having a few things backwards.
1) The Pokemon anime was not inspired by Nintendo's videogame. I think it was the other way around.
2) Yes, anime such as DBZ is violent, but US companies full of suits who never researched or even WATCHED any anime before fail to realize that shows like DBZ are on as 'Prime Time' events in Japan. The fact that some shows are obviously not meant for kids is apparently lost in the radiance of good market value.
3) As an avid watcher of anime for half my life, I'd have to say that anime is not something the 'cool kids' flock around. Most anime was adopted and avidly watched first by the 'nerds' as they're called in the article. Vampire Hunter D was released in the late 80s to a small number of theatres. I didn't see all the 'cool kids' flocking to it. In this case I think the 'nerds' blazed the trail. Maybe some of them should become programming execs for Fox and CN? Then perhaps anime that's truly for kids will be on those networks.
I think a lot of us, in our infinite interest in the galaxy far far away, tend to forget how many other films he was in, and how many other accomplishments aside from Star Wars that he is noted with. He was a truly great actor, and he will be missed.
That is a very neat piece of hardware there. Unfortunately the MSRP is a bit steep right now. I'd wager that X would support them if they became a regularly-used piece of equipment, but I have a feeling that such a thing won't happen until the price goes down a little bit;)
The content of many of those posts is copyrighted...
You know you're absolutely right. The posts are copyrighted and owned; however from what I've seen of/.'s fine print, it states that the POSTER of any comment retains ownership of it, and that/. is not responsible for them. That said, shouldn't the MS lawyers be directing their requests towards the writers that posted the comments? Claiming that Andover--the PROVIDER of Slasdot--violated their rights and asking them to remove posts owned by others seems to make this a free speech issue in my eyes.
It's ironic that you brought up the invention of the car to defend your position. From what I recall reading, Henry Ford said something along the lines of "A business that makes nothing but money is a poor kind of business."
What kind of business do you think MS is? They are a bit less noble than you would make them out to be. So please don't insult the lightbulb by comparing it to Windows 98...at least the lightbulb can stay on for longer than 5 days without having to be turned off and then on again.
While I don't remember seeing a communism-HOWTO online, I like "pro-Linux zealot"...I can live with that title.
Slashdot Mirror
You could take a look at the NSA's Security Enhanced Linux patch, which allows for a much finer-grained control over access to files on the system. It's a bit complex but it sounds like the answer to your question.
You're correct about the risk, but the Government has strict standards that systems must adhere to, both when they go into production and when they are in initial development. The Common Criteria site has a listing of protection profiles that basicly spell out all the requirements a system must adhere to in order to be considered 'secure.' In the Labeled Security Protection Profile (and likely the others...I'm only familiar with this one) there is a section that basicly states that "the developer must use a content management system" and provide all documentation for how it functions, is administered, and how changes to the content are tracked.
In other words if any government group were to use an open source product or start one of their own they are still required to keep their copy of the source tree for the code under rigid, monitored control to ensure what happened to irssi and FragRoute could not happen to their project.
I'm not saying that CVS will be the total solution to this problem, but it's nice to see that they do have measures built-in to mitigate the risks.
I recalled this being mentioned on /. before. Glad to see that they were finally able to realize their goal! Now they can get the ultimate stress-test: a slashdotting :)
Here is another article from SecurityFocus about the issue, along with the original post to the BugTraq mailing list about this problem.
From the FAQ:
"Caldera, Conectiva, SuSE, and Turbolinux will collaborate on the development of the UnitedLinux distribution in order to provide migration pathes from their former releases to UnitedLinux. However, each UnitedLinux partner will still have its own Linux distribution that is "Powered by UnitedLinux." Existing long-term relationships with leading hardware and software companies - as well as the current UnitedLinux partners - guarantee the compatibility of UnitedLinux with relevant business solutions. HW and SW manufacturers have the opportunity to join the alpha and beta test circles, thus reassuring in an early stage that UnitedLinux supports their products."
If I read this correctly, it means that the future versions of SuSe, Connectiva, etc will be forks of the main United Linux distro.
Nah...likely he'll want to follow other recently successful naming trends. Therefore it will be 'Special Edition XP'
Correct me if I'm wrong, but isn't Mandrake built off of RedHat? :) Maybe that's changed in more recent versions...
That aside though, I think RedHat is prominent because they were one of the first distros to make serious efforts in making Linux 'easy' for people to deal with. It has come a long way from infuriating and confusing text-based installations to make Linux a little less intimidating for newcomers. Granted at this point I prefer those infuriating text-based installations, but for people who are new, RedHat was one of the first to take the steps towards easing their worries and making a transition to Linux as painless as possible.
Better get it while you can then; you might get a shirt in the mail with a cease and desist letter printed on it. :) Look at the myriad other ways to have DeCSS. I wonder if the MPAA will send a C&D order in haiku form for some of them?
"The DMCA circumvention device joke has been made. Several times. Stop mindlessly repeating it like you're Raymond going through the Who's On First routine."
Frankly, I think the point of all the jokes is to show what a ridiculous piece of legislation the DMCA actually is. Perhaps the more it's pointed out--humorously or otherwise--then perhaps more people will wake up and look at the damage it has done in the past and get them thinking about what could happen in the future if crappy legislation like this is allowed to stand. Yeah the jokes are old, but since the damn law just won't seem to go away despite the obvious problems with it, why should the jokes that point out its flaws?
SARC Analysis
Sophos' Write-Up
If over 1,000 boxen are already compromised, I have to wonder about SARC's statement that this is 'unlikely to spread.'
...another on CNET, for those of you who loathe free registration, or whatever :)
What you're talking about is COMMON BUSINESS PRACTICE. Undermining competition is what keeps businesses alive...
Here I thought quality products were what kept businesses alive, not underhanded tactics. Of course you're correct in saying this is common these days, but that doesn't necessarily mean it is all right. It's even more wrong when you see this sort of thing continue to pour out from company that has already been declared a monopoly.
Just my two cents..
Someone said it above in 4 easy steps and I say: A-M-E-N. I'm glad that there was not a call for more laws to protect kids from the dangers of online chat. It's certainly something to be concerned about, but legislation is no substitution for attentive parents. I for one am quite sick of the way some parents blame TV, video games, and the Internet for the way their children grow up, and place the responsibility of total child protection into the hands of the government. How many anti-drug commercials have you seen lately that basicly say something along the lines of "...know what your kids are doing and who they're doing it with..." or "...talk to your kids about drugs, they'll listen...?" Don't the same things apply to your kids when they're using a computer?
...a bit more ethical and acceptable than previous methods of getting stem cells.
Not aiming to flame/troll, but frankly I do not see why it should be the government's responsibility. If the RIAA/MPAA are so concerned about piracy, then shouldn't -they- be the ones to fund some 'superhighway cops' to keep an eye on things and find those who are breaking the law? It's obvious from some quotes in the past by people like Hillary Rosen that both these industries are of the mindset that EVERYONE sharing ANYTHING is pirating or doing something illegal. If that's the case then let THEM invest in the money and staff to track people down. If they are crying so hard about the loss of their IP, then shouldn't they put the money and people into protecting it without screaming for legislation that will also harm consumers who have done nothing wrong? Not only will they see that sharing can be done legally, but they will spare the taxpayers who just want to listen to their CDs, watch their DVDs, and have a computer that's not a set-top box some money and a heap of aggravation.
While it probably does not bother the majority of *nix users who can simply hit Delete to solve their worm problems, I've found it pretty easy to filter things like Klez out (and protect any Windows boxen you might have behind a *nix gateway) using Sophos Antivirus for UNIX, Sophie, and Virge. They're fairly easy to install and so long as the virus scanner is kept up to date, they catch anything hostile that comes to your SMTP server.
Lots of spam would just drop out of sight if those jerks had to include their real email address.
:)
Of course it would. The spammers would be dragged out into the street and hung with nooses made of their own email lists
Seriously though, it's nice in some ways to see that the spam sitution on the net has gotten to a point where the Government can't seem to ignore it anymore. On the other hand, I think it behooves people to help themselves when it comes to spam. Effective use of Procmail can really help a person cut the spam out of their email diets. And with tools like Vipul's Razor, you can help OTHERS avoid getting the same spam in the future.
Y'know, you guys really ought to just expect this by now. Every year they report April Fools links, and they're very likely going to keep doing it. If you don't like em, don't go to /. until April 2. Pretty simple, eh? :)
From the README.WARNING in the crypto/ directory on kernel.org:
"(please see also ftp://ftp.kernel.org/pub/linux/kernel/people/hvr for more recent patches or http://cryptoapi.sourceforge.net/"
If you read the whole thing you can see there are updated patches to the crypto API, but they are works in progress. I'm using the patch for 2.4.15 and I haven't seen any major problems (yet?).
Well, the first benefit that I think someone from the coporate/business arena would take notice of is the free factor. A healthy bottom line will be the most attractive thing to companies who aren't very pleased with the BSA's current tactics. I'm sure that's not the way you or I or lots of folks reading this would like to see companies come around to open source and free software, but it's probably a reality we need to face
--Kylus
After reading the attacks by MS on the Open Source movement, I have to say it's very hard to believe that they would suddenly turn around and say 'Ok, let's help these folks integrate with .Net' without some sort of ulterior motive. Either the other posts on here concerning Passport are hitting the nail on the head, or we might be seeing the first part of the MS 'Triple E' plan--Embrace. I think most on here remember what the other two E's are.
--Kylus
I don't know about everyone, but I see both the writer and the brilliant exec he quotes at the end as having a few things backwards.
1) The Pokemon anime was not inspired by Nintendo's videogame. I think it was the other way around.
2) Yes, anime such as DBZ is violent, but US companies full of suits who never researched or even WATCHED any anime before fail to realize that shows like DBZ are on as 'Prime Time' events in Japan. The fact that some shows are obviously not meant for kids is apparently lost in the radiance of good market value.
3) As an avid watcher of anime for half my life, I'd have to say that anime is not something the 'cool kids' flock around. Most anime was adopted and avidly watched first by the 'nerds' as they're called in the article. Vampire Hunter D was released in the late 80s to a small number of theatres. I didn't see all the 'cool kids' flocking to it. In this case I think the 'nerds' blazed the trail. Maybe some of them should become programming execs for Fox and CN? Then perhaps anime that's truly for kids will be on those networks.
--Kylus
--Kylus
--Kylus
You know you're absolutely right. The posts are copyrighted and owned; however from what I've seen of /.'s fine print, it states that the POSTER of any comment retains ownership of it, and that /. is not responsible for them. That said, shouldn't the MS lawyers be directing their requests towards the writers that posted the comments? Claiming that Andover--the PROVIDER of Slasdot--violated their rights and asking them to remove posts owned by others seems to make this a free speech issue in my eyes.
It's ironic that you brought up the invention of the car to defend your position. From what I recall reading, Henry Ford said something along the lines of "A business that makes nothing but money is a poor kind of business."
What kind of business do you think MS is? They are a bit less noble than you would make them out to be. So please don't insult the lightbulb by comparing it to Windows 98...at least the lightbulb can stay on for longer than 5 days without having to be turned off and then on again.
While I don't remember seeing a communism-HOWTO online, I like "pro-Linux zealot"...I can live with that title.
--Kylus