"AppLocker is not implementable using DAC on Linux. It checks digital signatures on binaries and libraries to enforce security and where this does not exist you can use hashes. "
Digital Signatures! WOW!!!! So in other words it can do, on a limited basis, what Linux does for every single binary and has for a decade? Newsflash, every binary installed on your Linux system has already been verified with a digital signature. Sure it doesn't re-verify at runtime, because that would be stupidly costly. It is guaranteed to be correct unless someone with privilege messes with it, and if someone has the privilege to mess with it and is a malicious actor you are already hosed either way on both platforms.
"BitLocker is not comparable to the FDE on Linux, as key escrow/recovery is conveniently tied into Active Directory"
That's an awesome trick. Somehow the system mounts the disk and boots, and then checks the key to see if it can mount the disk.
"Show me the TPM integration on current RHEL or Ubuntu versions thatâ(TM)s supported by the vendor!"
Here you go. (I note that you had to add the "supported by the vendor" qualifier that you know is bullshit to hedge your bets. In other words, what if I'm incompetent! I certainly understand your concern.)
"Where does Linux have this again?"
You keep asking the same wrong question. Show me how Linux accomplishes this goal the same way Windows does" The whole point is that it accomplishes the same goals in a different way that is smarter and better. All these things that make sense are possible with Linux, and the ones that don't might be too, but we are smart enough not to do it that way. Keys to decrypt the full disk are available on a server. That's so fucking precious:-)
Not using Windows means not using Windows. Complaining that it is hard to do things the Windows way with Linux just exposes your incompetence.
"I can do remote software installs, get reports, if some PCs are off they will install the updates when turned on, do custom lockdowns for HIPPA and PCI (credit card info), Add legacy websites that only work in ancient IE to zones across hundreds of PCs so they just work, update certificates for shitty intranet apps, etc. Nothing comes close in Linux."
And this drives it home. You just listed a bunch of shit that is easily done in Linux, and then tried to tell us one advantage of Microsoft is that they are the only people who make a software product so broken that theirs is the only one will work in certain situations. "You can go back to 1997 all you want " ROTFLMAO... fix your broken intranet apps that were written in 1997. It is clearly you that wants to live in 1997.
"Also good luck with the suits in management who DEMAND their Free/Busy scheduling in Outlook for meeting invites."
Ah yes, the old "Solution A doesn't work because even though it works great we have declared it doesn't by popular decree" argument:-) Again, dropping Windows means doing it right, not trying to keep doing it wrong but with Linux. Off you go now...
I agree, and certainly trust git to do it right. I was just attempting to add some extra extra assurance for the GP, that admittedly is unnecessary and as you say, upon further reflection it was a bad idea.
What they should do is allow only AC posts from a logged in account and have all mods still apply to the account. The purpose of AC was not originally to allow people to post without logging in. It is supposed to be so that you can post juicy / inside info without people who know your login from seeing it and tying it to you.
Since you made me your "foe" I went ahead and made you my "friend" so that every time you see a post from me you'll see that little green and red pill and remember to take your meds:-)
There will be no real arguments I presume. We have to believe your words. Windows fans at/. never cease to amaze: "Linujx is bad, Windows "Microsoft does this better than LibreOffice actually"" because why? Because I say so. Meanwhile in our company we have literally hundreds of documents the newest version of Word fails to render correctly, even though they were created by Word, but we have to take your word for it, right?
NFS in Windows? God, you've never ran it for even a single PCs right?
Then there's this little problem of LDAP, but I'm sure as hell you don't know what it is, or that it uses Kerberos which has been around since before Windows.
Your issue isn't that Linux doesn't work. It's that you know nothing about Linux. I actually do know about Windows, which is why I use Linux.
What feature do you need that you don't think exists?
Group Policy/Centralized Software Management
Give a use case that you think can't be handled
CIFS/Windows File Sharing
Linux has CIFS/SMB Support, but why would you need it without Windows?
Terminal Services, BitLocker, AppLocker
These are different things, but we had them all first. For example Applocker is an attempt to catch up with what standard Linux Discretionary Access Control mechanisms have been able to do since its inception. Bitlocker is just an FDE. Linux has FDE at the bootloader level, as well as the ability to do filesystem encryption, as well as encrypting filesystem subsets. Can you encrypt different folders on a Windows machine with different keys with Bitlocker, and set it up so whomever is logged in as a member of a specific group can automagically access that subset with PKI? I didn't think so.
Tight integration between various components
Sorry, I if you want a dick tightly integrated up your ass you still need Microsoft. (What the hell are you trying to say. Nice straw reaching though)
Ability to run your OS for years without reinstallation while retaining the ability to install new software
You are kidding me right. You just literally named what Linux affords that Microsoft never has and never will.
Ability to open Microsoft Office documents in their original formatting
LibreOffice does this better than Microsoft Office actually
Excellent compatibility with most modern hardware
Again, Linux is far better than Windows at this in 2017.
OK, I stand corrected. I always associated spamming with UCE since it originated in that context, but apparently these days any bulk unsolicited email classifies as spamming.
I proved you wrong and now you want to redirect the attention away from that... don't you have anything better to do than keep posting ridiculous and easily disproved claims on Slashdot?
... if they think their children are old enough to not be monitored, then that too was the parents choice.
No, it isn't. For example a parent might think that their 12 year old is old enough to pose for Penthouse. As you can imagine now that you think about it further, it doesn't work the way you think it does.
Do you want people commenting about the things they would like to do to them on youtube? Because if not, you might actually be for the censorship in this case.
Files also have metadata. You calculate the hash and compare the metadata including size and creation date. If they are identical so are the files for all practical purposes.
" If so then how would you know what the duplicate is and what the original is?"
Somebody should invent time and some way of recording it when a file is checked in, along with who is doing the commit! Either you have never used git or spent no time thinking before you posted.
Slashdot Mirror
Digital Signatures! WOW!!!! So in other words it can do, on a limited basis, what Linux does for every single binary and has for a decade? Newsflash, every binary installed on your Linux system has already been verified with a digital signature. Sure it doesn't re-verify at runtime, because that would be stupidly costly. It is guaranteed to be correct unless someone with privilege messes with it, and if someone has the privilege to mess with it and is a malicious actor you are already hosed either way on both platforms.
That's an awesome trick. Somehow the system mounts the disk and boots, and then checks the key to see if it can mount the disk.
Here you go. (I note that you had to add the "supported by the vendor" qualifier that you know is bullshit to hedge your bets. In other words, what if I'm incompetent! I certainly understand your concern.)
You keep asking the same wrong question. Show me how Linux accomplishes this goal the same way Windows does" The whole point is that it accomplishes the same goals in a different way that is smarter and better. All these things that make sense are possible with Linux, and the ones that don't might be too, but we are smart enough not to do it that way. Keys to decrypt the full disk are available on a server. That's so fucking precious :-)
And this drives it home. You just listed a bunch of shit that is easily done in Linux, and then tried to tell us one advantage of Microsoft is that they are the only people who make a software product so broken that theirs is the only one will work in certain situations. "You can go back to 1997 all you want " ROTFLMAO ... fix your broken intranet apps that were written in 1997. It is clearly you that wants to live in 1997.
Ah yes, the old "Solution A doesn't work because even though it works great we have declared it doesn't by popular decree" argument :-) Again, dropping Windows means doing it right, not trying to keep doing it wrong but with Linux. Off you go now ...
I agree, and certainly trust git to do it right. I was just attempting to add some extra extra assurance for the GP, that admittedly is unnecessary and as you say, upon further reflection it was a bad idea.
What they should do is allow only AC posts from a logged in account and have all mods still apply to the account. The purpose of AC was not originally to allow people to post without logging in. It is supposed to be so that you can post juicy / inside info without people who know your login from seeing it and tying it to you.
Since you made me your "foe" I went ahead and made you my "friend" so that every time you see a post from me you'll see that little green and red pill and remember to take your meds :-)
...
Off you go now little fuckwad
There will be no real arguments I presume. We have to believe your words. Windows fans at /. never cease to amaze: "Linujx is bad, Windows "Microsoft does this better than LibreOffice actually"" because why? Because I say so. Meanwhile in our company we have literally hundreds of documents the newest version of Word fails to render correctly, even though they were created by Word, but we have to take your word for it, right?
NFS in Windows? God, you've never ran it for even a single PCs right?
Then there's this little problem of LDAP, but I'm sure as hell you don't know what it is, or that it uses Kerberos which has been around since before Windows.
Your issue isn't that Linux doesn't work. It's that you know nothing about Linux. I actually do know about Windows, which is why I use Linux.
What feature do you need that you don't think exists?
Give a use case that you think can't be handled
Linux has CIFS/SMB Support, but why would you need it without Windows?
These are different things, but we had them all first. For example Applocker is an attempt to catch up with what standard Linux Discretionary Access Control mechanisms have been able to do since its inception. Bitlocker is just an FDE. Linux has FDE at the bootloader level, as well as the ability to do filesystem encryption, as well as encrypting filesystem subsets. Can you encrypt different folders on a Windows machine with different keys with Bitlocker, and set it up so whomever is logged in as a member of a specific group can automagically access that subset with PKI? I didn't think so.
Sorry, I if you want a dick tightly integrated up your ass you still need Microsoft. (What the hell are you trying to say. Nice straw reaching though)
You are kidding me right. You just literally named what Linux affords that Microsoft never has and never will.
LibreOffice does this better than Microsoft Office actually
Again, Linux is far better than Windows at this in 2017.
FTS: Comments from hundreds of pedophiles were posted alongside the videos, which appeared to have been uploaded by the children themselves,
ROTFLMAO ... more claims that are ridiculously easy to disprove. You are so precious.
Look at his user name Mr. Miagi
OK, I stand corrected. I always associated spamming with UCE since it originated in that context, but apparently these days any bulk unsolicited email classifies as spamming.
But what if there is ever way to comment besides directly on youtube! /herp-derp
I proved you wrong and now you want to redirect the attention away from that ... don't you have anything better to do than keep posting ridiculous and easily disproved claims on Slashdot?
API calls are the layer of abstraction, but we are talking about emulation. There is no extra layer of abstraction as the GP wrongly contends.
No, it isn't. For example a parent might think that their 12 year old is old enough to pose for Penthouse. As you can imagine now that you think about it further, it doesn't work the way you think it does.
Do you want people commenting about the things they would like to do to them on youtube? Because if not, you might actually be for the censorship in this case.
Children don't have the same rights as adults in the US, which might be pertinent if this was a US issue.
Mens rea is not always an issue in crime actually.
What does phishing have to do with spamming?
Files also have metadata. You calculate the hash and compare the metadata including size and creation date. If they are identical so are the files for all practical purposes.
I don't know where you learned to write software (if you did), but more conditions of any kind means more bugs are likely.
It isn't a flaw in math dumbshit. It's a flaw in the implementation.
Somebody should invent time and some way of recording it when a file is checked in, along with who is doing the commit! Either you have never used git or spent no time thinking before you posted.
That's redundancy, not duplication.
You actually believe that, because you are a complete fucking moron. Don't ever forget what a worthless piece of anti-American Shit you are loser boy.