If it's any consolation, lwn has a nice analysis that contains the following phrase: "the nearly two-month delay between the report and the fix is raising some eyebrows" and ends with the following:
The most unfortunate aspect of the bug is the length of time it took to fix. Not just the two months between its discovery and fix, but also the five years since Delalleau's presentation. We need to get better at paying attention to publicly accessible security reports and fixing the problems they describe. One has to wonder how many attackers took note of the CanSecWest presentation and have been using that knowledge for ill. There have been no reports of widespread exploitation--that would likely have been noticed--but smaller, targeted attacks may well have taken advantage of the flaw.
It's not slashdot, but it does show that Linux/Xorg people are taking the delay seriously and really don't like the delay in this case. There is a more in-depth analysis of what was going on behind the scenes (it's all public information, after all) that you can read when the article goes public in two weeks.
Of course, fanboys are going to be fanboys, be they Windows fanboys ("Unfair! MSFT was only given a week to patch it!") or Linux ("Slow news day, lol.") and reality isn't really going to sink past their outer defenses.
Michael Cote, an analyst at RedMon, told Howard Wen. 'Adobe has spent a lot of time optimizing Flash, and I'd wager it'd take some time to get HTML 5 video as awesome.'
Spoken like someone who's only used Flash on Windows. I'm pretty sure Mozilla's put in at least the same amount of work optimizing Firefox/HTML5 on Linux as adobe has spent optimizing Flash on Linux. I mean, it's one Saturday afternoon--while watching cruddy movies on the SyFy channel....
You're rather missing the point. Please reread the section you quoted, and particularly look for the part where I mention relying on another party or set of parties. Much like I don't know how to fix the transmission in my car, but I can find someone to fix it for me instead of going to the dealer, with FOSS you can hire (or otherwise convince) someone to do the work for you.
Yes. Silent updates suck. Well at least, for people that want to control their own computer, it does.
Fortunately, you (or someone or collection of persons you trust) have the source, can build it, use it, and redistribute it. Thus, you don't *have* to use the software with silent update functionality, even if you keep using the browser itself. (though you'll lose the branding; call it "iceweasel" perhaps;)
I second this. My Linux experience on these is take it out of box, plug it in (optionally; laptop came with mostly-full battery), boot up, choose username/pw, select timezone, start playing.
I rather liked the idea of a PC running Unix without having to futz with installing an OS not supported by the OEM.
Totally agree with the sentiment, although the argument doesn't logically follow. You can buy oem-supported Linux boxes, e.g. through system76 and zareason.
HTH.
if you live above or below the north and south tropics, respectively.
Of course, if you live within the tropics, the sun still only rises and sets directly (i.e. at an angle of 90deg to the horizon) one day per year, so you'd have to rotate your desk over the course of the year and within the day when necessary (which is only extreme at the equator; the limits are the tropics themselves where the sun is directly overhead on the same day it returns back down toward the equator.
I suspect that the solid angle out the window is likely a bigger and more controllable factor, though.
It's why I'm no longer a netflix customer; my money gets me less, despite years of trying to talk to them about it. It's especially bitter when everything *but* Linux gets a client.
Hulu Plus doesn't have much said about Linux, but straight Hulu runs just fine on Linux (for adobe values of "just fine"; stupid craptastic flash plugin), so I at least have *some* degree of hope.
Your Fortune 500 company most likely doesn't have retail/OEM Windows XP licenses - they ar emost likely under "Software Advantage" and pay a per-desktop licesne fee for a number of MS apps per year.
No, they have to pay for both an OEM or Retail license and the volume license:
Volume Licensing programs: For organizations that use multiple copies of Microsoft software, Volume Licensing is a flexible and economical way to acquire from five to thousands of licenses for software. Volume Licensing agreements, including Academic Volume Licenses, do not offer the full license for Windows Client operating systems; Volume Licensing covers only Windows Client upgrades. The full operating system license must be acquired as FPP or pre-installed by an OEM or System Builder.
(none of the Demos I attempted to View did anything but pop a "Download Safari for Mac + PC" (which is itself not helpful; my browser info clearly shows me using Linux!) I need to do more stuff. Please post any that you can get to not just pop a "Download Safari" dialog. Thanks!)
If you wanted to look at the demos on other browsers, all you had to do was go to the http;//developer.apple.com/safaridemos/ link. Again, not everything will work on non-safari browers but most of them will work on the latest chrome.
This demo was designed with the latest web standards supported by Safari. If you'd like to experience this demo, simply download Safari. It's free for Mac and PC, and it only takes a few minutes.
The animals are to be protected, but the end-user humans are SoL? *and* it's known by its developers to be GPL-incompatible? (http://www.peta.org/hpl.htm#pro_con)
Guess I can see their priorities.
the ZaReason netbooks can come with an ssd.
And they look about the same price as the netbooks on Amazon that I'm seeing for a quick search. Got links?
Slashdot Mirror
It's not slashdot, but it does show that Linux/Xorg people are taking the delay seriously and really don't like the delay in this case. There is a more in-depth analysis of what was going on behind the scenes (it's all public information, after all) that you can read when the article goes public in two weeks. Of course, fanboys are going to be fanboys, be they Windows fanboys ("Unfair! MSFT was only given a week to patch it!") or Linux ("Slow news day, lol.") and reality isn't really going to sink past their outer defenses.
Right; that's the meaning of "after a fashion." ;)
I do it all the time, after a fashion. It's amateur radio, and we use ionospheric skips to get over the horizon.
Spoken like someone who's only used Flash on Windows. I'm pretty sure Mozilla's put in at least the same amount of work optimizing Firefox/HTML5 on Linux as adobe has spent optimizing Flash on Linux. I mean, it's one Saturday afternoon--while watching cruddy movies on the SyFy channel....
You're rather missing the point. Please reread the section you quoted, and particularly look for the part where I mention relying on another party or set of parties. Much like I don't know how to fix the transmission in my car, but I can find someone to fix it for me instead of going to the dealer, with FOSS you can hire (or otherwise convince) someone to do the work for you.
Sure, and if that's not good enough for you, you still have options.
Fortunately, you (or someone or collection of persons you trust) have the source, can build it, use it, and redistribute it. Thus, you don't *have* to use the software with silent update functionality, even if you keep using the browser itself. (though you'll lose the branding; call it "iceweasel" perhaps ;)
I second this. My Linux experience on these is take it out of box, plug it in (optionally; laptop came with mostly-full battery), boot up, choose username/pw, select timezone, start playing.
(So, in the end, the solid angle of the window from you computer screen is the most important factor for everybody. Yay!)
Hmnm, excellent point. However, it comes in at an angle, and most buildings aren't open 360 degrees.
there's no "l" in "word". ;)
Totally agree with the sentiment, although the argument doesn't logically follow. You can buy oem-supported Linux boxes, e.g. through system76 and zareason. HTH.
if you live above or below the north and south tropics, respectively.
Of course, if you live within the tropics, the sun still only rises and sets directly (i.e. at an angle of 90deg to the horizon) one day per year, so you'd have to rotate your desk over the course of the year and within the day when necessary (which is only extreme at the equator; the limits are the tropics themselves where the sun is directly overhead on the same day it returns back down toward the equator.
I suspect that the solid angle out the window is likely a bigger and more controllable factor, though.
I think there's a bit of a disconnect between the first and third words here... ;)
ah well. at least I keep $50 and my productivity. :)
For an extra dispensation, I bet you'd be willing to give them the remaining 90% and let them build and use it too!
It's why I'm no longer a netflix customer; my money gets me less, despite years of trying to talk to them about it. It's especially bitter when everything *but* Linux gets a client. Hulu Plus doesn't have much said about Linux, but straight Hulu runs just fine on Linux (for adobe values of "just fine"; stupid craptastic flash plugin), so I at least have *some* degree of hope.
Netflix also has no linux support.
No, they have to pay for both an OEM or Retail license and the volume license:
(http://www.microsoft.com/licensing/resources/faq.mspx)
(none of the Demos I attempted to View did anything but pop a "Download Safari for Mac + PC" (which is itself not helpful; my browser info clearly shows me using Linux!) I need to do more stuff. Please post any that you can get to not just pop a "Download Safari" dialog. Thanks!)
Contrast your claim with the dialog which I just got from one of the demos, http://developer.apple.com/safaridemos/video-effects.php (Firefox 3.6.3) when I click on the "View Demo" button:
Or http://developer.apple.com/safaridemos/threesixty.php. http://developer.apple.com/safaridemos/audio.php http://developer.apple.com/safaridemos/canvas-pixel.php So far we're 0 for 4 attempts.
The animals are to be protected, but the end-user humans are SoL? *and* it's known by its developers to be GPL-incompatible? (http://www.peta.org/hpl.htm#pro_con) Guess I can see their priorities.
So, the USA is clear. The other must be Germany? http://lwn.net/Articles/384556/
This was also seen (perhaps inspired by?) 2D Boy and World of Goo. The wrapup page is http://2dboy.com/page/4/
the ZaReason netbooks can come with an ssd. And they look about the same price as the netbooks on Amazon that I'm seeing for a quick search. Got links?