In general, this isn't valid -- Debian stable is supposed to be very stable, and so when an exploit is found in a Debian package, they'll patch only that bug instead of upgrading to the "minimum safe" version (which might break something else.) So yes, some "funky patching" is going on:-).
many friends/clients will be accessing your network unexpectedly
If you need people to access your network "unexpectedly," but you want security, no currently available technology can be of assistance.
Sure, they can still sniff packets, and they can still break encryption, but it will be a sight harder for them to access your wired network/Internet connection.
Harder, but still not hard. The script-kiddie-class wireless sniffing programs probably reset your MAC address to one they see in a packet (just in case); if they don't, they will soon. Breaking WEP at least requires hanging around until X megs of traffic have passed across the AP.
any key you could possible be using will get exposed through these very well documented and standardized packets
This is wrong -- if knowing the plaintext for a given ciphertext exposes the key, then your cryptography is bad. https sessions are mostly known-plaintext (http headers & static html), but you still have to brute-force the key (as far as we know.)
Microsoft's account of this occurence (question 15) has this to say:
For example, the "Bison" parser developed by Richard Stallman, Robert Corbett and Wilfred Hansen was licensed under the GPL for some time before users realized that the software they were developing with the tool was arguably subject to the GPL. The potential exposure resulted from the parser's inclusion of incidental GPL material in the tool's output. In response to this problem, Bison version 1.24 and later was distributed with a "special exception" regarding output files. The implication is that businesses concerned about the possible infection of their software by the GPL should make sure they consider: what, if any, GPL tools are being used by their developers; how those tools are used; and the possibility that such uses might subject their own code to the GPL.
It sounds to me like no harm was done to anyone. What court case are you referring to? I was under the impression that the GPL had never been tested in court...
If you actually bother to go to the full list [spec.org] you'll find that linux servers are generally faster than IIS running on the same hardware. Sometimes being over twice as fast.
Be very careful interpreting this page -- some hardware setups that look identical aren't. For example, this 2-CPU Dell Poweredge 1650 running Tux stomped this 2-CPU Dell Poweredge 1650 running IIS -- in part because it had two gigabit NICs instead of one. Some story with thesetwo. AFAICT, that page contains zero benchmarks of Tux vs. IIS on 100% identical hardware.
A nitpick: "Probable cause" refers to what must exist for a warrant to be issued by a judge -- it's not mumbo-jumbo that allows a cop to conduct a warrantless search; in the case of the bag of cocaine, the cop never had to search for it, so probable cause never entered into the equation. A cop who starts talking about probable cause may be trying to bully you into letting him search you without a warrant. There's plenty of stuff on the net about this (like here.)
If the kernel maintainers would just grasp this one simple point, maybe this issue wouldn't be one, and maybe people wouldn't laugh at the.0 release of the kernel.
The problem is that "stable" can't be added as a feature; it has to be bought with testing (ergo bugfixing), and you run into a chicken-and-egg problem trying to get people to test stuff that isn't "stable" yet. Each new level of supposed trustworthiness (2.3.x -> 2.4.0pre -> 2.4.x -> distro releases) brings orders of magnitude more users, and inevitably uncovers oodles of bugs.
"Stable" refers to the halfway-frozen API in even-numbered releases; it doesn't mean 2.4.x is not expected to crash. Stability is empirical.
Hey now, be fair. You cut the guy off before he finished:
ICANN has no guns, and no soldiers; it has no coercive power. It can succeed only if the relevant portions of the community voluntarily agree that they want to participate and make it succeed.
He's just saying that ICANN ultimately depends on the support of the community (at the least, we have to point our nameservers at ICANN's root.) He goes on to argue that this implies that we should support them even though they're actively abusing that support, of course, but he's not saying he needs a "defense" budget.
MS's own JVM works flawlessly on every web site I've ever visited which required Java.
Because:
(A) Java developers, having signed the contract of "write once, run anywhere," do their development on Solaris, test their applets on a Mac, and then it magically works on Windows, because Windows has a properly working Java VM.
(B) Everyone tests it on Windows and works around the bugs in MS's VM.
I developed a couple of semi-nontrivial Java apps in my day, and getting them to work on MS's JVM was a colossal pain in the ass (Win98/IE5.5). Some classes (I think somewhere down in java.awt.color) were just missing. Taxing the garbage collector or the console would crash the OS. Parts of the AWT were broken as well; I remember a simple loop that would load 1000 10x10 transparent GIFs and then display them all in the applet's window at slightly different locations -- this would reliably hose the VM to the point that only about half the images would even get a chance to display. We got the thing done (and mostly working), but it was way late, and the experience was akin to walking on one broken leg. In the end, it "works flawlessly" at what it does -- because it has to work on Windows, and so we sucked it up and made it.
These numbers look kind of piddling, of course, next to the $575 million Eisner took home in 1998. Dig how, in the WSJ article, it talks about how hard they've been working to cut costs -- painting fewer stripes on one animated girl's bathing suit, for example (this is not a joke.)
After reviewing the moderated comments on this thread, I have come to the conclusion that RMS has become the joke of the Open Source movement like Milli Vanilli became the joke of music industry.
Sadly, this seems to be true. I'm not sure why; I've never had the sense that he deserves it, and no one's ever been able to explain to me why they think he does.
But I guess when you release a kernel that has 8 years of development and it can barely keep a machine running, you are a joke.
You've never written a stable kernel, I'll wager. Are you a joke? Or, to put it another way:
"It is not the critic who counts, not the man who points our how the strong man stumbles or where the doer of deeds could have done them better. The credit belongs to the people who are actually in the arena, who's faces are marred by dust and sweat and blood, who strive valiantly, who errs and come up short again and again because there is no effort without error and shortcomings, who know the great devotion, who spend themselves in a worthy cause, who at the best knows in the end the high achievement of triumphant who at worst, if they fail while daring greatly, know their place shall never be with those timid and cold souls who know neither victory nor defeat." -Teddy Roosevelt
I agree, but I see that as a good rather than a bad thing.
In that role, he has fought for the complete freedom of software.
"Fought for" is, I would argue, a distortion -- he didn't beat anybody up or use force (physical/political/etc.) to advance the freedom of software. He wrote a metric assload of free software (emacs, gcc, glibc, etc.), and he'll talk to anyone who'll listen about how important it is for software to be free, but to my knowledge he's never fought.
McVoy is hardly anti-free-software. The very fact that he gives away *anything* for free symbolizes that.
"Free software" is normally used to mean software that can be modified and redistributed without restriction (or with only the restriction that source be included.) Bitkeeper is not free software. By your standard, Microsoft is hardly anti-free-software; they give away IE and DirectX at no cost, after all.
But RMS bristles at even the association with a software product that is ever sold for money.
The GPL explicitly allows you to sell GPLed software; without that, Red Hat and Mandrake wouldn't exist, and free software wouldn't be where it is today. RMS will complain, though, if you claim that your business model requires you to take away freedom from your customers in order to survive. McVoy brags about how much he pays his engineers (including, presumably, himself), and then claims that he's concluded that you can't make money selling free software. RMS claims that the right to do as you wish with software you bought is more important than your right to spend $4 million dollars producing software.
In a similar vein, am I the only one who is sick of RMS whining about the naming of Linux?
Okay, here's the deal: Originally, Linux and GNU were two separate projects. Gradually, the Linux people assimilated more and more GNU code, until the Red Hat system that you boot uses a Linux kernel, and a GNU compiler toolchain, text editor, C library, shell, common UNIX utilities (sed/ls/tar/etc.), and sometimes GUI. The vast majority of the code without which your system wouldn't function is GNU code. For this, RMS asks that the GNU project be given credit equal to that given to the Linux project (which has now given up on producing a complete OS, and is happily maintaining the Linux kernel and a handful of kernely user-space tools) when referring to the resulting hybrid.
Anyone have any solid facts (or at least a little more substantial than these whisps of smoke) about music and movie piracy supporting terrorism and terrorists?
I saw an article once where they interviewed a Russian software "pirate" -- they asked him about the terrorism thing. His response was basically, "Well, I make $x a week. About $x of that goes into food and housing for myself and my family. Why would I send any of my money to any terrorists?"
Oddly enough, the Rome Labs Snowball Cam was the first thing that delighted me about the web; it convinced me that http was more than just a glitzy and unreliable reinvention of gopher.
At the time, my officemate and I were being overpaid for working on a useless project for an employer we despised. Our main concern at work was relief from the crushing boredom we endured daily. Secretly mocking our superiors, assembling chess pieces into towering structures, and using the magic of X Windows to spy on our cowworkers (via those little SGI cams) were all well and good, but nothing compared to the boundless slacking possibilities presented by the web, and the Rome Labs Snowball Cam was one of the first worthwhile sites we came across. I can't explain what was good about it, but it represented the web (than as now) quite well -- restful without being boring, interesting without being tiring, worthless yet intriguing. I was hooked.
We completed our useless project ahead of schedule, by the way, and were modestly praised for it. Ah, the good old days...
The complete quote, which is referenced in this article, was, "During my service in the United States Congress, I took the initiative in creating the Internet." Vint Cerf says that Gore would "be quite correct to say 'I helped create the Internet' - because of his work to provide an environment of support for research... so fundamental to the Internet today."
Since you were trying so hard to be so technical, you completly missed the point. Instead of trying to flame, why don't you actually research the facts.
The reason I took your comment seriously, sir, was that statements like this tend to develop into urban legend and then into fact over time -- like the claim that Al Gore said he invented the internet, or that Dan Quayle thought Latin Americans spoke Latin. Both of these are simply false, but many people accepted them as the truth because their strong party affiliation made them want to believe. Likewise, if left unchallenged, your post would have contributed to a false (AFAIK) perception that Daschle supports reducing our technological freedoms.
Your comment would have made satirical sense had it been about Hollings or Hatch, but I've not seen Daschle express any view at all about the content industry's attempt to legislate away the tech industry (if you have, please point me to it.) I assure you in any case that the assault on our freedom is a bipartisan effort.
Of course, I've taken your words seriously and presented my views honestly, and so IHBT. IHL. So be it. HTH.
Senator Tom Daschel was already quoted as saying that he would be "behind legislation agaainst any DeCSS propaganda or code whatseover". This apparently was stated after it was rumoured that hos own son had brought the DeCSS song on MP3 to school, where it was confiscated by his teacher. (http://routers.com).
Thatisbullshit. I hope you're not a Republican; you're making them look like liars.
In all honesty they've done a better job than anyone else at creating a useable desktop OS good for a wide range of activities on a large variety of hardware.
People who tried BeOS will probably disagree with you. We'll never know now, though, will we?
Amen. Patsy Mink (HI) penned the first letter of this type that I know of (on March 13th), by the way.
The congressfolk who signed the letter were (sorted by state):
AZ: Jeff Flake
CA: Anna Eshoo
CA: Michael Honda
CA: Tom Lantos
CA: Zoe Lofgren
FL: Corrine Brown
FL: Ander Crenshaw
IL: Lane Evans
UT: Chris Cannon
VA: Rick Boucher
VA: James Moran
WA: Brian Baird
WA: Norman Dicks
WA: Jennifer Dunn
WA: Doc Hastings
WA: Jay Inslee
WA: Rick Larsen
WA: George Nethercutt
WA: Adam Smith
Unfortunately, there are two Tim Johnsons (one in the senate from South Dakota, one in the house from Illinois.) One of them signed the letter, and I don't know which one. Does anyone know?
In any case, Inslee, Cannon, and Boucher wrote the letter, and the rest of 'em signed off on it. Sending any of these nice ladies and gentlemen $50 (come on, you can afford it) with a note explaining why will do more to protect net radio than a year's worth of slashdot stories.
I heartily (if respectfully:-) disagree. Debian's release schedule strikes me as saner than any other distribution's, which is why I use it. There are four salient stability heights to fly at:
Old as rocks, and just as stable. This is for servers; proftpd doesn't change that much from year to year. This is Debian stable.
Old enough to be behind the cutting edge, but not yet old enough to be totally trustworthy. This is where most distributions fly (remember when kernel 2.4 came out?) Redhat makes it work pretty well by QAing holy hell out of their software at this stage, stablizing it before its time, but it costs them a lot to do this.
"It worked for a week. Ship." This is Debian testing.
"I want it to break so I can fix it." This is unstable, Cooker, Rawhide, etc.
The lack of #1 and #3 is what turns me off about all the commercial distros I've tried. If you value recent software above rock-solid stability, run testing; in my experience it's plenty stable enough for everyday use.
While testing is almost sufficiently stable for a production environment, it is a constantly moving target that would need to be upgraded every couple of days; this is simply impractical for a production environment, nobody has that much spare time on their hands at work.
Eh? No. Point yourself at testing, "apt-get upgrade" once, and forget about it until the next time you want newer software. Nobody says you have to track the upgrades.
Also, it's important to remember that version numbers aren't the whole story. Once I wound up with a video card that needed X from CVS -- 4.2 didn't have it yet. I had already checked out the CVS tree (big!) when I discovered that Debian's "4.1" build of X had had the driver backported. I've yet to have a problem with that driver.
When Microsoft made IE free, they were abusing their monopoly (as they were when they used their Windows monopoly to pressure OEMs into not offering Netscape when their customers preferred it.) That's a crime, because it's bad for the marketplace. Two federal courts said so. It'll take quite a bit to convince me that their rulings were in error.
When people release GPLed software, which then competes with proprietary software, they are demonstrating a more efficient production process. Rarely if ever do they even obtain a monopoly to abuse.
Completely irrelevant. If there were no law to the contrary, I could "take" paperclips from my employer and resell them for a ten bucks apiece. But I would earn just as money doing that as I would selling free software.
Okay, so you think that it's impossible to make money selling GPLed software. People are laying serious cash into businesses like Redhat, Mandrake, and Suse, though -- indicating that not everyone thinks that this is a settled issue. The marketplace will of course eventually decide, but this hasn't happened yet. Note that book publishers do continue to sell copyright-expired books whose text is available on Gutenberg.
Regardless of whether or not they are doomed to failure, the GPL protects these guys' right to attempt to make a buck selling free software. It didn't have to be this way; many pre-GPL freeish licenses prohibit distribution for profit, but the GPL specifically allows it. So claiming, as the original poster did, that the GPL was designed to harm software companies is misleading.
As a footnote, I've made money selling free software. A buddy of mine paid me $15 to download and burn all the GNU utilities I thought he'd find useful under Solaris, with the understanding that I'd help him install them if he had trouble (he didn't.) Not a living, of course, but it is more than Microsoft's ever done for me.
Slashdot Mirror
Err... or then again, you might not.
/tmp]$ mozilla-snapshot& /tmp]$ /tmp]$
[chops@pogo
[1] 24058
[chops@pogo
[1] + segmentation fault mozilla-snapshot
[chops@pogo
Ahh... yep. Remember the good old days?
You want mozilla-browser-snapshot, I'll wager.
In general, this isn't valid -- Debian stable is supposed to be very stable, and so when an exploit is found in a Debian package, they'll patch only that bug instead of upgrading to the "minimum safe" version (which might break something else.) :-).
So yes, some "funky patching" is going on
A nitpick: "Probable cause" refers to what must exist for a warrant to be issued by a judge -- it's not mumbo-jumbo that allows a cop to conduct a warrantless search; in the case of the bag of cocaine, the cop never had to search for it, so probable cause never entered into the equation. A cop who starts talking about probable cause may be trying to bully you into letting him search you without a warrant.
There's plenty of stuff on the net about this (like here.)
"Stable" refers to the halfway-frozen API in even-numbered releases; it doesn't mean 2.4.x is not expected to crash. Stability is empirical.
He's just saying that ICANN ultimately depends on the support of the community (at the least, we have to point our nameservers at ICANN's root.) He goes on to argue that this implies that we should support them even though they're actively abusing that support, of course, but he's not saying he needs a "defense" budget.
Because:
(A) Java developers, having signed the contract of "write once, run anywhere," do their development on Solaris, test their applets on a Mac, and then it magically works on Windows, because Windows has a properly working Java VM.
(B) Everyone tests it on Windows and works around the bugs in MS's VM.
I developed a couple of semi-nontrivial Java apps in my day, and getting them to work on MS's JVM was a colossal pain in the ass (Win98/IE5.5). Some classes (I think somewhere down in java.awt.color) were just missing. Taxing the garbage collector or the console would crash the OS. Parts of the AWT were broken as well; I remember a simple loop that would load 1000 10x10 transparent GIFs and then display them all in the applet's window at slightly different locations -- this would reliably hose the VM to the point that only about half the images would even get a chance to display. We got the thing done (and mostly working), but it was way late, and the experience was akin to walking on one broken leg. In the end, it "works flawlessly" at what it does -- because it has to work on Windows, and so we sucked it up and made it.
These numbers look kind of piddling, of course, next to the $575 million Eisner took home in 1998. Dig how, in the WSJ article, it talks about how hard they've been working to cut costs -- painting fewer stripes on one animated girl's bathing suit, for example (this is not a joke.)
Sadly, this seems to be true. I'm not sure why; I've never had the sense that he deserves it, and no one's ever been able to explain to me why they think he does.
You've never written a stable kernel, I'll wager. Are you a joke? Or, to put it another way:
"It is not the critic who counts, not the man who points our how the strong man stumbles or where the doer of deeds could have done them better. The credit belongs to the people who are actually in the arena, who's faces are marred by dust and sweat and blood, who strive valiantly, who errs and come up short again and again because there is no effort without error and shortcomings, who know the great devotion, who spend themselves in a worthy cause, who at the best knows in the end the high achievement of triumphant who at worst, if they fail while daring greatly, know their place shall never be with those timid and cold souls who know neither victory nor defeat." -Teddy Roosevelt
I agree, but I see that as a good rather than a bad thing.
"Fought for" is, I would argue, a distortion -- he didn't beat anybody up or use force (physical/political/etc.) to advance the freedom of software. He wrote a metric assload of free software (emacs, gcc, glibc, etc.), and he'll talk to anyone who'll listen about how important it is for software to be free, but to my knowledge he's never fought.
"Free software" is normally used to mean software that can be modified and redistributed without restriction (or with only the restriction that source be included.) Bitkeeper is not free software. By your standard, Microsoft is hardly anti-free-software; they give away IE and DirectX at no cost, after all.
The GPL explicitly allows you to sell GPLed software; without that, Red Hat and Mandrake wouldn't exist, and free software wouldn't be where it is today. RMS will complain, though, if you claim that your business model requires you to take away freedom from your customers in order to survive. McVoy brags about how much he pays his engineers (including, presumably, himself), and then claims that he's concluded that you can't make money selling free software. RMS claims that the right to do as you wish with software you bought is more important than your right to spend $4 million dollars producing software.
Okay, here's the deal: Originally, Linux and GNU were two separate projects. Gradually, the Linux people assimilated more and more GNU code, until the Red Hat system that you boot uses a Linux kernel, and a GNU compiler toolchain, text editor, C library, shell, common UNIX utilities (sed/ls/tar/etc.), and sometimes GUI. The vast majority of the code without which your system wouldn't function is GNU code. For this, RMS asks that the GNU project be given credit equal to that given to the Linux project (which has now given up on producing a complete OS, and is happily maintaining the Linux kernel and a handful of kernely user-space tools) when referring to the resulting hybrid.
I saw an article once where they interviewed a Russian software "pirate" -- they asked him about the terrorism thing. His response was basically, "Well, I make $x a week. About $x of that goes into food and housing for myself and my family. Why would I send any of my money to any terrorists?"
Oddly enough, the Rome Labs Snowball Cam was the first thing that delighted me about the web; it convinced me that http was more than just a glitzy and unreliable reinvention of gopher.
At the time, my officemate and I were being overpaid for working on a useless project for an employer we despised. Our main concern at work was relief from the crushing boredom we endured daily. Secretly mocking our superiors, assembling chess pieces into towering structures, and using the magic of X Windows to spy on our cowworkers (via those little SGI cams) were all well and good, but nothing compared to the boundless slacking possibilities presented by the web, and the Rome Labs Snowball Cam was one of the first worthwhile sites we came across. I can't explain what was good about it, but it represented the web (than as now) quite well -- restful without being boring, interesting without being tiring, worthless yet intriguing. I was hooked.
We completed our useless project ahead of schedule, by the way, and were modestly praised for it. Ah, the good old days...
The complete quote, which is referenced in this article, was, "During my service in the United States Congress, I took the initiative in creating the Internet." Vint Cerf says that Gore would "be quite correct to say 'I helped create the Internet' - because of his work to provide an environment of support for research ... so fundamental to the Internet today."
Your comment would have made satirical sense had it been about Hollings or Hatch, but I've not seen Daschle express any view at all about the content industry's attempt to legislate away the tech industry (if you have, please point me to it.) I assure you in any case that the assault on our freedom is a bipartisan effort.
Of course, I've taken your words seriously and presented my views honestly, and so IHBT. IHL. So be it. HTH.
That is bullshit. I hope you're not a Republican; you're making them look like liars.
People who tried BeOS will probably disagree with you. We'll never know now, though, will we?
The congressfolk who signed the letter were (sorted by state):
- AZ: Jeff Flake
- CA: Anna Eshoo
- CA: Michael Honda
- CA: Tom Lantos
- CA: Zoe Lofgren
- FL: Corrine Brown
- FL: Ander Crenshaw
- IL: Lane Evans
- UT: Chris Cannon
- VA: Rick Boucher
- VA: James Moran
- WA: Brian Baird
- WA: Norman Dicks
- WA: Jennifer Dunn
- WA: Doc Hastings
- WA: Jay Inslee
- WA: Rick Larsen
- WA: George Nethercutt
- WA: Adam Smith
Unfortunately, there are two Tim Johnsons (one in the senate from South Dakota, one in the house from Illinois.) One of them signed the letter, and I don't know which one. Does anyone know?In any case, Inslee, Cannon, and Boucher wrote the letter, and the rest of 'em signed off on it. Sending any of these nice ladies and gentlemen $50 (come on, you can afford it) with a note explaining why will do more to protect net radio than a year's worth of slashdot stories.
And, oh yeah, vote.
- Old as rocks, and just as stable. This is for servers; proftpd doesn't change that much from year to year. This is Debian stable.
- Old enough to be behind the cutting edge, but not yet old enough to be totally trustworthy. This is where most distributions fly (remember when kernel 2.4 came out?) Redhat makes it work pretty well by QAing holy hell out of their software at this stage, stablizing it before its time, but it costs them a lot to do this.
- "It worked for a week. Ship." This is Debian testing.
- "I want it to break so I can fix it." This is unstable, Cooker, Rawhide, etc.
The lack of #1 and #3 is what turns me off about all the commercial distros I've tried. If you value recent software above rock-solid stability, run testing; in my experience it's plenty stable enough for everyday use.Eh? No. Point yourself at testing, "apt-get upgrade" once, and forget about it until the next time you want newer software. Nobody says you have to track the upgrades.
Also, it's important to remember that version numbers aren't the whole story. Once I wound up with a video card that needed X from CVS -- 4.2 didn't have it yet. I had already checked out the CVS tree (big!) when I discovered that Debian's "4.1" build of X had had the driver backported. I've yet to have a problem with that driver.
Your argument seems to be that the ways Redhat, Mandrake, and Suse make money to pay their programmers don't count.
I do not agree.
When Microsoft made IE free, they were abusing their monopoly (as they were when they used their Windows monopoly to pressure OEMs into not offering Netscape when their customers preferred it.) That's a crime, because it's bad for the marketplace. Two federal courts said so. It'll take quite a bit to convince me that their rulings were in error.
When people release GPLed software, which then competes with proprietary software, they are demonstrating a more efficient production process. Rarely if ever do they even obtain a monopoly to abuse.
See the difference?
Okay, so you think that it's impossible to make money selling GPLed software. People are laying serious cash into businesses like Redhat, Mandrake, and Suse, though -- indicating that not everyone thinks that this is a settled issue. The marketplace will of course eventually decide, but this hasn't happened yet. Note that book publishers do continue to sell copyright-expired books whose text is available on Gutenberg.
Regardless of whether or not they are doomed to failure, the GPL protects these guys' right to attempt to make a buck selling free software. It didn't have to be this way; many pre-GPL freeish licenses prohibit distribution for profit, but the GPL specifically allows it. So claiming, as the original poster did, that the GPL was designed to harm software companies is misleading.
As a footnote, I've made money selling free software. A buddy of mine paid me $15 to download and burn all the GNU utilities I thought he'd find useful under Solaris, with the understanding that I'd help him install them if he had trouble (he didn't.) Not a living, of course, but it is more than Microsoft's ever done for me.