I would be interested to know how they would be able to stop "contactless thieves" in this case. It seems to me that scanners would become available for people to walk around zapping people's funds away from them. One nice thing about the tried and true swipecards is that to charge them, it's very much a physical action.
Not entirely true. One of the more common credit card scams here in Los Angeles is portable card scanners being carried by waiters in restaurants. As they take the card you've handed them back to scan it for the bill, they scan it in their personal scanner, which records the information for later use.
There is no meaningful physical location tied to this because you've given your card (intentionally) to someone you have to trust. If you eat at multiple restaurants over the course of a week, there's no easy way to trace the theft back to an individual location.
" In the last 18 months, we found that IBM had donated some very high-end enterprise-computing technologies into open-source. Some of it looked like it was our intellectual property and subject to our licensing agreements with IBM. Their actions were in direct violation of our agreements with them that they would not share this information, let alone donate it into open-source. We have examples of code being lifted verbatim. And IBM took the same team that had been working on a Unix code project with us and moved them over to work on Linux code. If you look at the code we believe has been copied in, it's not just a line or two, it's an entire section -- and in some cases, an entire program. "
They don't actually say they own the code (in this excerpt), but rather, that they have licensed it to IBM. As I'm sure you know, there are often agreements made that allow corporations to sublicense works; although Novell owns the code itself, if they granted SCO the right to license it (as they apparently have), and SCO licensed it to IBM (as they apparently have), IBM is still responsible for using it legally.
Yea, but 16384 emails in a single "folder" in Outlook (2000) will cause it to die (and return a useless error message). This includes the "Deleted" folder, FYI.
You think that claiming WinCE computers are responsible for people being trapped inside cars doesn't constitute as "Fear" or "Doubt" (the F and D in FUD)?
If nothing else, the fact that it was modded up to 5 qualifies it as spreading "Uncertainty."
Yes, it's FUD. It may not be intentional, but it's still FUD.
But when contacted by CNETAsia, a spokeswoman from BMW Thailand said the car at fault was a 10-year old BMW 520i that had suffered a simple electronic failure. She declined to reveal if the firm received identical reports from other users in the country.
You can't complain about Microsoft FUD when the Anti-Microsoft FUD is just as bad.
Things the have come out of JPL and NASA, as well as the national laboratories, have consistently been in the public domain. Adding the restrictions of the Mozilla license is a step backwards.
Re:Marketing mantra
on
TiVo Basic
·
· Score: 0, Offtopic
Slashdot.... Ads for nerds, stuff that doesn't matter.
Re:Everything can be related to math.
on
Origami and Math
·
· Score: 2, Informative
You don't have to include XOR. You can create it out of ((x OR y) AND (NOT (x AND y)))
Congratulations. You've completely missed the point.
The control features aren't there to stop the kids from working, or to keep them from breaking things: standard accounts can do that function.
The the parental controls do are control WHEN and HOW things are done. Specifically, you can say "Billy is only allowed to use the computer between three and five pm on weekdays", or "Sally can use the computer anytime she wants, but she can only visit the websites listed blow"
1. The best reason is security. Even with the best planning crackers can sometimes reach the machine in question. OpenBSD has the lowest rate of bugs and security holes of any OS out there. Any serious problems that are found are usually patched within days instead of weeks.
FreeBSD is a close second. The reason you hear so little about FreeBSD's security is that there is no concept of the 'default install', and thus, there's no easy way to tell what FreeBSD's security record would be if you did the default install. But, if you choose the absolute minimum, and configure it similarly to OpenBSD (which is quite easy to do, make sendmail start only on the loopback, set the same defaults for SSH, etc). It's not as secure by default, because there is no default.
Moreover, anyone who installs services they don't need deserves to get hacked. Need a mail server? You're gonna get hit with the sendmail holes. Need SSH access? You're gonna get hit with the (1) OpenSSH hole. If you don't need the services, they shouldn't be enabled. You can mitigate the threat with firewalling (or hopefully, detaching it from the real internet), but chances are, the holes are going to be in the services you run and not in the OS itself.
(You could argue that systrace can limit a lot of otherwise horrific vulnerabilities: fair enough. So does chroot() and jail())
2. Stability. Like a rock. Even running the current branch, you will most likely not have any stability problems. Install, configure, and throw away the key. This is the first OS I've run that I can truthfully say is, besides any necessary patches, maintainence free.
FreeBSD. More stable and FASTER.
3. BSD systems are much easier to maintain than Linux yet just as powerful as a full Unix. The ports system is well kept up and easy to use and the filesystem is much less cluttered than in Linux.
I agree. 'make buildworld; make buildkernel; make installkernel; reboot ; make installworld' is pretty nice too.
Re:OpenBSD = Coordinated Innovation
on
OpenBSD 3.3 Released
·
· Score: 0, Flamebait
And with that kind of webpage, spelling errors and all, you know they're paying attention to detail.
1Computer Related Offenses; Network Security. Amend RSA 638:17, I to read as follows:
I.
(a) A person is guilty of the computer crime of unauthorized access to a computer or computer network when, knowing that the person is not authorized to do so, he or she knowingly accesses or causes to be accessed any computer or computer network without authorization. It shall be an affirmative defense to a prosecution for unauthorized access to a computer or computer network that:
(1) The person reasonably believed that the owner of the computer or computer network, or a person empowered to license access thereto, had authorized him or her to access; or
(2) The person reasonably believed that the owner of the computer or computer network, or a person empowered to license access thereto, would have authorized the person to access without payment of any consideration; or
(3) The person reasonably could not have known that his or her access was unauthorized.
(b) The owner of a wireless computer network shall be responsible for securing such computer network. It shall be an affirmative defense to a prosecution for unauthorized access to a wireless computer network if the unauthorized access complies with the conditions set forth in subparagraph I(a)(1)-(3).
So, the way I read it is: the owner is responsible for securing the network, but its legal IF and ONLY IF you were legally granted access, would have been granted access if asked, or had no way of knowing whether or not you were allowed to use the network.
This doesn't protect wardriving at all: if you're knowingly going around looking for unsecured wireless access points, you've already failed 1 & 2. The only issue up for debate is 3: would you have known that you were not authorized? I'm sure once this hits court, the party with the better lawyer is going to win.
There are still real moral issues here with whether or not it's actually RIGHT to connect to other people's networks. Just because the networks are not completely secure, you're still not justified in connecting to them, specifically if your reason to connect is to abuse them.
The law has decent motivation, but it's basically saying "Go ahead and break into wireless networks, because if they're not completely secure, it's not your fault." What happens when people start snooping the traffic, stealing corporate secrets, and then claim that the wireless network wasn't secure, so they can't be responsible?
There's a flaw in the sentence, but it's got nothing to do with RedHat or IBM. It has everything to do with the fact that Solaris/SunOS came well before FreeBSD, even though they're both BSD derived.
Either he's confusing Sun with Apple, or confusing FreeBSD with BSD.
First: You don't consider Linus' control over the central repository to be the 'fascist period'? You could argue that this 'period' has never ended.
Second: the BSD license is not 'freeware'. It's a statement that the software was written to be used by the community, with a single person receiving credit for the implementation. Microsoft does not steal this code: the people who wrote it, and licensed it, know that it's possible, and probably LIKE IT THAT WAY. The developers usually know their code is being used, and should be honored. Microsoft using pieces of the BSD tcp stack? Good for them, good for the people who wrote it initially, it just verifies that it's one of the best damn TCP stacks ever written.
Finally: I'll remind you that the BSD programmer always has access to his or her own code. Microsoft improving a TCP stack doesn't remove the existing stack from the face of the earth, and it doesn't limit use of the original stack. Once Microsoft improves upon it, that's not your code. Your code is still on your disk, where it was all along.
Name an application, or a feature of the operating system, that is truly innovative?
The only I can think of is Mosix. The other large areas of development (KDE, GNOME, Mozilla, the kernel) are simply trying to catch up to existing commercial software (Windows, IE, Solaris/BSD).
Oh come on. The GPL is about as close to communism as you can get in the software world.
"I've written this software. It's free to use, it's free to modify, but you have to give back any changes to the community".
If it was really about freedom, you'd be writing code under the BSD license (free to use, free to modify, do whatever the hell you want, just don't blame the original authors if it doesn't work).
Given Microsoft's track record with security problems, buggy code--such as infinite registration, and the famous blue screen of death, it's probbably not a good idea to ask Microsoft type questions with Software Engineering candidates because something isn't working.
Because remote root holes in sendmail, OpenSSH, apache, and samba, and linux kernel panics, are so much better than Microsoft's flaws? Sure, Linux never has a problem with infinite registration, but then again, they don't have any problems with registration, nor any of those ugly cash flow problems that registration would bring.
The inventer of Beowulf is currently working on something called "Processor in memory", the idea being that you embed a number of smaller, slower processors within the memory to speed up the smaller, easier calculations, and send the slower, longer calculations to the main processor.
For instance, if you were searching through a huge 1000000x1000000 matrix for a single entry to hash, you don't want to have to move each and every entry to the processor to decide whether it's the right one: offload the searching work to the processor in memory, and then once the right entry is found, send that to the main processor.
It's a rather novel idea, but it seems that it'll take a few years before anyone even tries to implement it.
For those of you too lazy to click through to the 11th page, here's their conclusion:
The major conclusion, which we can draw as a result of this test session, sounds as follows. Even though Athlon 64 processors have internal architecture very similar to that of Athlon XP processors, they still differ from their predecessors quite significantly from the practical point of view. We can't give you a definite answer to the question, if Athlon 64 has become any faster than Athlon XP. In fact, this is just a different processor.
Moreover, there is also not much we could say about the performance of Athlon 64 in 64bit applications or at least in 64bit operation systems and 32bit applications. Supposedly, x86-64 will ensure a significant performance improvement, but it is also quite possible that x86-64 will not receive a warm welcome from the software developers. AMD has already tried to promote its own instructions set a while ago, and this experience could hardly be regarded as a success, to tell the truth. 3DNow! instructions set failed to become widely spread even though it proved to be very convenient to work with. So, we can only wait here for the first signs for or against these suppositions.
Speaking about the performance of Athlon 64 in traditional 32bit applications we can say that this new CPU boasts a few very remarkable and strong features: large L2 cache, high-performance memory subsystem and SSE2 instructions support. On the other scale we see relatively low core frequency. As a result, we see either a performance boost or a performance drop depending on each particular application and its critical parameters.
For example, Athlon 64 is not very successful in traditional calculating tasks, such as scientific calculations or 3D rendering. But as soon as we get to games or info compression, it appears beyond any competition. In general, if we compare the performance of Athlon 64 2800+ with that of Athlon XP 2800+, we will have to admit that the latter appeared slower than our today's hero in quite a bit of benchmarks.
Admittedly, jail has some improvements over chroot, but it can't provide the same protections that systrace can.
I believe XFree86 is a good example, as are programs like Mozilla, GAIM, etc. Systrace simply provides a much finer control over what a program can and can't do (which includes prompting the user for each specific action if you so desire).
While jail would basically give an attacker free-range within the jail (similar to chroot), systrace effectively limits prividges to the bare minimum, usually stopping any exploits from being effective in the first place, and giving the attacker access to practically nothing in the worst case.
Right, but I'm trading off the ability to exploit a jail for my time (it takes about 3 minutes to rebuild a jail from the ground up). Systrace (from what I've read) usually takes some tweaking to get absolutely correct. Realistically, I'm hoping someone will take the time to port it to FreeBSD.
So you probably also know about propolice,.rodata, W^X, and PROT_* purity
Yes. I'm waiting for all of them to make their way into the FreeBSD tree...
As for the shells...
Much of my preference for tcsh once again reverts to time: I've got a really nice config setup for tcsh, the result of years of tweaking, and changing to bash/ksh would just cause me to have to rewrite it (doable, but once again, I value my time). I don't bother scripting anything more than a trivial two line script in csh variants, I just write it in SH, and call it with/bin/sh.
Slashdot Mirror
I would be interested to know how they would be able to stop "contactless thieves" in this case. It seems to me that scanners would become available for people to walk around zapping people's funds away from them. One nice thing about the tried and true swipecards is that to charge them, it's very much a physical action.
Not entirely true. One of the more common credit card scams here in Los Angeles is portable card scanners being carried by waiters in restaurants. As they take the card you've handed them back to scan it for the bill, they scan it in their personal scanner, which records the information for later use.
There is no meaningful physical location tied to this because you've given your card (intentionally) to someone you have to trust. If you eat at multiple restaurants over the course of a week, there's no easy way to trace the theft back to an individual location.
Wait a minute ....
The SCO claim is that:
" In the last 18 months, we found that IBM had donated some very high-end enterprise-computing technologies into open-source. Some of it looked like it was our intellectual property and subject to our licensing agreements with IBM. Their actions were in direct violation of our agreements with them that they would not share this information, let alone donate it into open-source. We have examples of code being lifted verbatim.
And IBM took the same team that had been working on a Unix code project with us and moved them over to work on Linux code. If you look at the code we believe has been copied in, it's not just a line or two, it's an entire section -- and in some cases, an entire program. "
They don't actually say they own the code (in this excerpt), but rather, that they have licensed it to IBM. As I'm sure you know, there are often agreements made that allow corporations to sublicense works; although Novell owns the code itself, if they granted SCO the right to license it (as they apparently have), and SCO licensed it to IBM (as they apparently have), IBM is still responsible for using it legally.
Yea, but 16384 emails in a single "folder" in Outlook (2000) will cause it to die (and return a useless error message). This includes the "Deleted" folder, FYI.
You think that claiming WinCE computers are responsible for people being trapped inside cars doesn't constitute as "Fear" or "Doubt" (the F and D in FUD)?
If nothing else, the fact that it was modded up to 5 qualifies it as spreading "Uncertainty."
Yes, it's FUD. It may not be intentional, but it's still FUD.
But when contacted by CNETAsia, a spokeswoman from BMW Thailand said the car at fault was a 10-year old BMW 520i that had suffered a simple electronic failure. She declined to reveal if the firm received identical reports from other users in the country.
You can't complain about Microsoft FUD when the Anti-Microsoft FUD is just as bad.
Yes.
Things the have come out of JPL and NASA, as well as the national laboratories, have consistently been in the public domain. Adding the restrictions of the Mozilla license is a step backwards.
Slashdot .... Ads for nerds, stuff that doesn't matter.
You don't have to include XOR. You can create it out of ((x OR y) AND (NOT (x AND y)))
Besides, we almost HAVE to use NAT to prevent p2p apps from completely swamping our tiny college connection, so we have unlimited IP addresses anyway.
A competant network administer would have killed p2p apps long ago with firewalls and packet filtering.
Congratulations. You've completely missed the point.
The control features aren't there to stop the kids from working, or to keep them from breaking things: standard accounts can do that function.
The the parental controls do are control WHEN and HOW things are done. Specifically, you can say "Billy is only allowed to use the computer between three and five pm on weekdays", or "Sally can use the computer anytime she wants, but she can only visit the websites listed blow"
This is incredibly helpful.
If I were writing articles in French, I would use a French spell-checker.
It's not very hard to find an ispell english dictionary.
1. The best reason is security. Even with the best planning crackers can sometimes reach the machine in question. OpenBSD has the lowest rate of bugs and security holes of any OS out there. Any serious problems that are found are usually patched within days instead of weeks.
FreeBSD is a close second. The reason you hear so little about FreeBSD's security is that there is no concept of the 'default install', and thus, there's no easy way to tell what FreeBSD's security record would be if you did the default install. But, if you choose the absolute minimum, and configure it similarly to OpenBSD (which is quite easy to do, make sendmail start only on the loopback, set the same defaults for SSH, etc). It's not as secure by default, because there is no default.
Moreover, anyone who installs services they don't need deserves to get hacked. Need a mail server? You're gonna get hit with the sendmail holes. Need SSH access? You're gonna get hit with the (1) OpenSSH hole. If you don't need the services, they shouldn't be enabled. You can mitigate the threat with firewalling (or hopefully, detaching it from the real internet), but chances are, the holes are going to be in the services you run and not in the OS itself.
(You could argue that systrace can limit a lot of otherwise horrific vulnerabilities: fair enough. So does chroot() and jail())
2. Stability. Like a rock. Even running the current branch, you will most likely not have any stability problems. Install, configure, and throw away the key. This is the first OS I've run that I can truthfully say is, besides any necessary patches, maintainence free.
FreeBSD. More stable and FASTER.
3. BSD systems are much easier to maintain than Linux yet just as powerful as a full Unix. The ports system is well kept up and easy to use and the filesystem is much less cluttered than in Linux.
I agree. 'make buildworld; make buildkernel; make installkernel; reboot ; make installworld' is pretty nice too.
And with that kind of webpage, spelling errors and all, you know they're paying attention to detail.
1Computer Related Offenses; Network Security. Amend RSA 638:17, I to read as follows:
I.
So, the way I read it is: the owner is responsible for securing the network, but its legal IF and ONLY IF you were legally granted access, would have been granted access if asked, or had no way of knowing whether or not you were allowed to use the network.
This doesn't protect wardriving at all: if you're knowingly going around looking for unsecured wireless access points, you've already failed 1 & 2. The only issue up for debate is 3: would you have known that you were not authorized? I'm sure once this hits court, the party with the better lawyer is going to win.
There are still real moral issues here with whether or not it's actually RIGHT to connect to other people's networks. Just because the networks are not completely secure, you're still not justified in connecting to them, specifically if your reason to connect is to abuse them.
The law has decent motivation, but it's basically saying "Go ahead and break into wireless networks, because if they're not completely secure, it's not your fault." What happens when people start snooping the traffic, stealing corporate secrets, and then claim that the wireless network wasn't secure, so they can't be responsible?
There's a flaw in the sentence, but it's got nothing to do with RedHat or IBM. It has everything to do with the fact that Solaris/SunOS came well before FreeBSD, even though they're both BSD derived.
Either he's confusing Sun with Apple, or confusing FreeBSD with BSD.
First: You don't consider Linus' control over the central repository to be the 'fascist period'? You could argue that this 'period' has never ended.
Second: the BSD license is not 'freeware'. It's a statement that the software was written to be used by the community, with a single person receiving credit for the implementation. Microsoft does not steal this code: the people who wrote it, and licensed it, know that it's possible, and probably LIKE IT THAT WAY. The developers usually know their code is being used, and should be honored. Microsoft using pieces of the BSD tcp stack? Good for them, good for the people who wrote it initially, it just verifies that it's one of the best damn TCP stacks ever written.
Finally: I'll remind you that the BSD programmer always has access to his or her own code. Microsoft improving a TCP stack doesn't remove the existing stack from the face of the earth, and it doesn't limit use of the original stack. Once Microsoft improves upon it, that's not your code. Your code is still on your disk, where it was all along.
And to be fair, they have existed in windows since late 1999.
2000 is quite stable; anyone who says otherwise either never tried it, or doesn't know what they're doing.
Let's be completely fair here.
Name an application, or a feature of the operating system, that is truly innovative?
The only I can think of is Mosix. The other large areas of development (KDE, GNOME, Mozilla, the kernel) are simply trying to catch up to existing commercial software (Windows, IE, Solaris/BSD).
Oh come on. The GPL is about as close to communism as you can get in the software world.
"I've written this software. It's free to use, it's free to modify, but you have to give back any changes to the community".
If it was really about freedom, you'd be writing code under the BSD license (free to use, free to modify, do whatever the hell you want, just don't blame the original authors if it doesn't work).
Given Microsoft's track record with security problems, buggy code--such as infinite registration, and the famous blue screen of death, it's probbably not a good idea to ask Microsoft type questions with Software Engineering candidates because something isn't working.
Because remote root holes in sendmail, OpenSSH, apache, and samba, and linux kernel panics, are so much better than Microsoft's flaws? Sure, Linux never has a problem with infinite registration, but then again, they don't have any problems with registration, nor any of those ugly cash flow problems that registration would bring.
It is exactly what I was describing.
Apparently my wild-ass-guess on the time until implementation was a few years off.
Thanks for the link.
The inventer of Beowulf is currently working on something called "Processor in memory", the idea being that you embed a number of smaller, slower processors within the memory to speed up the smaller, easier calculations, and send the slower, longer calculations to the main processor.
For instance, if you were searching through a huge 1000000x1000000 matrix for a single entry to hash, you don't want to have to move each and every entry to the processor to decide whether it's the right one: offload the searching work to the processor in memory, and then once the right entry is found, send that to the main processor.
It's a rather novel idea, but it seems that it'll take a few years before anyone even tries to implement it.
For those of you too lazy to click through to the 11th page, here's their conclusion:
The major conclusion, which we can draw as a result of this test session, sounds as follows. Even though Athlon 64 processors have internal architecture very similar to that of Athlon XP processors, they still differ from their predecessors quite significantly from the practical point of view. We can't give you a definite answer to the question, if Athlon 64 has become any faster than Athlon XP. In fact, this is just a different processor.
Moreover, there is also not much we could say about the performance of Athlon 64 in 64bit applications or at least in 64bit operation systems and 32bit applications. Supposedly, x86-64 will ensure a significant performance improvement, but it is also quite possible that x86-64 will not receive a warm welcome from the software developers. AMD has already tried to promote its own instructions set a while ago, and this experience could hardly be regarded as a success, to tell the truth. 3DNow! instructions set failed to become widely spread even though it proved to be very convenient to work with. So, we can only wait here for the first signs for or against these suppositions.
Speaking about the performance of Athlon 64 in traditional 32bit applications we can say that this new CPU boasts a few very remarkable and strong features: large L2 cache, high-performance memory subsystem and SSE2 instructions support. On the other scale we see relatively low core frequency. As a result, we see either a performance boost or a performance drop depending on each particular application and its critical parameters.
For example, Athlon 64 is not very successful in traditional calculating tasks, such as scientific calculations or 3D rendering. But as soon as we get to games or info compression, it appears beyond any competition. In general, if we compare the performance of Athlon 64 2800+ with that of Athlon XP 2800+, we will have to admit that the latter appeared slower than our today's hero in quite a bit of benchmarks.
Admittedly, jail has some improvements over chroot, but it can't provide the same protections that systrace can.
I believe XFree86 is a good example, as are programs like Mozilla, GAIM, etc. Systrace simply provides a much finer control over what a program can and can't do (which includes prompting the user for each specific action if you so desire).
While jail would basically give an attacker free-range within the jail (similar to chroot), systrace effectively limits prividges to the bare minimum, usually stopping any exploits from being effective in the first place, and giving the attacker access to practically nothing in the worst case.
Right, but I'm trading off the ability to exploit a jail for my time (it takes about 3 minutes to rebuild a jail from the ground up). Systrace (from what I've read) usually takes some tweaking to get absolutely correct. Realistically, I'm hoping someone will take the time to port it to FreeBSD.
So you probably also know about propolice,
Yes. I'm waiting for all of them to make their way into the FreeBSD tree...
As for the shells
Much of my preference for tcsh once again reverts to time: I've got a really nice config setup for tcsh, the result of years of tweaking, and changing to bash/ksh would just cause me to have to rewrite it (doable, but once again, I value my time). I don't bother scripting anything more than a trivial two line script in csh variants, I just write it in SH, and call it with