Most Linux newbies have the SAME questions time again and time again. How do I configure X? How do I use non-ugly X fonts? How do I configure PPP? How do I install these new drivers? Instead of documenting these procedures in the numerious "Linux HOWTOs", these problems should be fixed in SOFTWARE. Anytime someone needs to download a HOWTO doc that describes some obscure incantation of commands and settings, I consider that a BUG in Linux.
If you want to learn about uptime, don't bother going to codesta.com. Their servers have already melted from a brutal slashdotting. According to Netcraft, codesta.com runs Linux and has 74 days of uptime... until today!
He was very pleased; his publishers thought this was odd, as the new typesetting looked worse than the old.
I agree. I have always thought that TeX looks like shite. If yOU waNt YouR paPErS tO LOoK lIke THEy wEre WRitteN On a JAnGly OlD tYPewRiTEr THeN TeX MaY bE riGHt foR YOu!! Why do you think it is capitalized as "TeX"?
glibc should remove known security risks
on
New Red Hat Beta: LIMBO
·
· Score: 3, Interesting
If glibc is going to break compatibility for its next version, I think the glibc maintainers should consider removing functions which KNOWN SECURITY RISKS, such as gets(), strcpy(), strcat(), sprintf(), and friends. There are safer alternatives, such as strncpy(), strncat(), and snprintf(). If glibc removes risky functions, then application writers will be forced to improve their applications by use safer functions and coding practices. Shouldn't known "best practises" be encouraged by the libraries we use as the foundation of our software?
Unfortunately, even some of those "safe" functions can be difficult to use safely. OpenBSD, FreeBSD, NetBSD, and Solaris libc libraries include strlcpy() and strlcat(). Theo de Raadt co-wrote an insightful paper about these new functions: strlcpy and strlcat - consistent, safe, string copy and concatenation. Why does glibc insist on not supporting these safer alternatives?
If removing these risky functions is too controversial, then glibc could use a transitional approach. Move the risky functions' prototypes into a separate header file. Name it something scary like "unsafe.h", "securityrisk.h" or "bufferoverflow.h". Application writers who are too lazy to fix their use of risky functions, can simply #include "bufferoverflow.h".
Lindows Con: Not a single game or application that you buy at your local CompUSA, borrow from the neighbor's kids, or bring home from the office will work on your family's new computer. Try explaining that to your kids. They'll feel like their family is on welfare and be ridiculed at school.
Sorry to be a wet blanket, but how many bars do sell nails? Just because the bar does not sell nails does not mean the bar does not have nails (and other tools).
I agree that Apple has painted themselves into an awkward corner with the "Mac OS X 10" name. I hope they simplify it to something like "Mac OS 11" soon. Drop the X, please!;-)
What would the US gub'mint destroy the Columbia drug cartels that it created, funded, gave "aid" to (free airplanes and guns), and even flown their drugs in CIA planes? The CIA has been aiding drug cartels, toppling their competition and political opposition, and sabotaging DEA investigations and arrests in South America for many decades. This has been well documented in many sources. See Whiteout: The CIA, Drugs and the Press for a good introduction.
Of course, the CIA has also been funding drug cartels in Afganistan and Pakistan, but that is a story for another time..
I also like John Lakos' Large-Scale C++ Software Design. Yes, it is quite C++ specific, but this books has a unique focus on the the physical design on your software. Lakos describes how to organize your project files to minimize dependencies, reduce compile-time, and improve developer productivity.
David Dawes: This is one of the things I'm currently working on in my spare time: to make configuration automatic. My goal is to make the XF86Config file optional and to provide a facility for the X server to choose the best driver for the given hardware, with appropriate fallbacks if the hardware isn't explicitly supported. This is something I think XFree86 needs, because, as you mention, it can be very difficult for people new to this environment to get it up and running.
Configuration is one of X's biggest problems. Windows and Mac OS have had auto video configuration for a long time. Why must Linux users wait another 2-3 years for XFree86 5.0 to copy Plug-and-Play features that were in Windows 95? Have fun..
Who in the world is "A"? The Apache group? Slashdot editors, please do not forget to actually PROOFREAD your own story text, links, and titles before making fools of yourselves yet again. I guess I keep forgetting that this is not ACTUAL journalism, where professionalism, acurate sources, and correct grammar matter.
This is yet another example of an "Ask Slashdot" question that someone can answer for themselves with just a little thought on their own part. Rob Malda might as well post a page entitled: "Please tell us yet again why Apple suXX0rz or r00lzz."
Arresting people guilty of "pre-crimes" is obviously a questionable practice. Instead, why don't the police use the precognitions as a TIP? They can stake out the (future) crime scene, capture the whole crime on video, and stop it in progress. There would then be no question about guilt PLUS the violent outcome of the crimes are avoided. This is a win-win situation.
/dev/random and CryptGenRandom()
on
Pet Bugs?
·
· Score: 2
Java's random number generator probably just calls the platform's standard C library rand(). To get truly random data, you can use/dev/random on Linux and CryptGenRandom() on Windows.
Actually, I disagree. I have found the WOLK kernels to contain a lot of the fixes and features we needed all in one convenient package. Of course, I stress tested the WOLK servers before putting them into the production server room. I would highly recommend anyone that is curious in the WOLK kernels to use them in a production environment.
Always blame the low man on the totem pole. Managers could not possibly be responsible for a poorly-defined project that is shipped behind schedule. CYA, fellow coders!
I have to give a shout out to Seattle's KEXP, the University of Washington college station. KEXP (was KCMU) is an excellent college music station with a huge variety of music, but lots of indie rock and some techno/beats at night. They are 90.3 FM in Seattle, but they also stream live on the internet. They support MP3, RealAudio, and WMA. They even have an uncompressed, CD-quality (better than FM quality) audio stream.
Does Sun own the exclusive rights to create native Java CPUs? I know other companies have paid Sun to license picoJava designs, but what if someone else made a Java-compatible CPU but just did not call it "Java(tm)"?
Slashdot Mirror
Most Linux newbies have the SAME questions time again and time again. How do I configure X? How do I use non-ugly X fonts? How do I configure PPP? How do I install these new drivers? Instead of documenting these procedures in the numerious "Linux HOWTOs", these problems should be fixed in SOFTWARE. Anytime someone needs to download a HOWTO doc that describes some obscure incantation of commands and settings, I consider that a BUG in Linux.
Should that be Kobold?
If you want to learn about uptime, don't bother going to codesta.com. Their servers have already melted from a brutal slashdotting. According to Netcraft, codesta.com runs Linux and has 74 days of uptime... until today!
He was very pleased; his publishers thought this was odd, as the new typesetting looked worse than the old.
I agree. I have always thought that TeX looks like shite. If yOU waNt YouR paPErS tO LOoK lIke THEy wEre WRitteN On a JAnGly OlD tYPewRiTEr THeN TeX MaY bE riGHt foR YOu!! Why do you think it is capitalized as "TeX"?
If glibc is going to break compatibility for its next version, I think the glibc maintainers should consider removing functions which KNOWN SECURITY RISKS, such as gets(), strcpy(), strcat(), sprintf(), and friends. There are safer alternatives, such as strncpy(), strncat(), and snprintf(). If glibc removes risky functions, then application writers will be forced to improve their applications by use safer functions and coding practices. Shouldn't known "best practises" be encouraged by the libraries we use as the foundation of our software?
Unfortunately, even some of those "safe" functions can be difficult to use safely. OpenBSD, FreeBSD, NetBSD, and Solaris libc libraries include strlcpy() and strlcat(). Theo de Raadt co-wrote an insightful paper about these new functions: strlcpy and strlcat - consistent, safe, string copy and concatenation . Why does glibc insist on not supporting these safer alternatives?
If removing these risky functions is too controversial, then glibc could use a transitional approach. Move the risky functions' prototypes into a separate header file. Name it something scary like "unsafe.h", "securityrisk.h" or "bufferoverflow.h". Application writers who are too lazy to fix their use of risky functions, can simply #include "bufferoverflow.h".
Since the Limbo is also a dance, I bet that the next Red Hat release will be codenamed something like Mambo or (dare I say it) Macarena? ;-)
Lindows Con: Not a single game or application that you buy at your local CompUSA, borrow from the neighbor's kids, or bring home from the office will work on your family's new computer. Try explaining that to your kids. They'll feel like their family is on welfare and be ridiculed at school.
Sorry to be a wet blanket, but how many bars do sell nails? Just because the bar does not sell nails does not mean the bar does not have nails (and other tools).
I agree that Apple has painted themselves into an awkward corner with the "Mac OS X 10" name. I hope they simplify it to something like "Mac OS 11" soon. Drop the X, please!
What would the US gub'mint destroy the Columbia drug cartels that it created, funded, gave "aid" to (free airplanes and guns), and even flown their drugs in CIA planes? The CIA has been aiding drug cartels, toppling their competition and political opposition, and sabotaging DEA investigations and arrests in South America for many decades. This has been well documented in many sources. See Whiteout: The CIA, Drugs and the Press for a good introduction.
Of course, the CIA has also been funding drug cartels in Afganistan and Pakistan, but that is a story for another time..
I also like John Lakos' Large-Scale C++ Software Design. Yes, it is quite C++ specific, but this books has a unique focus on the the physical design on your software. Lakos describes how to organize your project files to minimize dependencies, reduce compile-time, and improve developer productivity.
SmartFilter labels goatse.cx as "Sex,Extreme". This is unfair! An outrage!
Does SmartFilter gnu.org as a religious web site?
David Dawes: This is one of the things I'm currently working on in my spare time: to make configuration automatic. My goal is to make the XF86Config file optional and to provide a facility for the X server to choose the best driver for the given hardware, with appropriate fallbacks if the hardware isn't explicitly supported. This is something I think XFree86 needs, because, as you mention, it can be very difficult for people new to this environment to get it up and running.
Configuration is one of X's biggest problems. Windows and Mac OS have had auto video configuration for a long time. Why must Linux users wait another 2-3 years for XFree86 5.0 to copy Plug-and-Play features that were in Windows 95? Have fun..
PHBs are also the ones who sign the checks.
Who in the world is "A"? The Apache group? Slashdot editors, please do not forget to actually PROOFREAD your own story text, links, and titles before making fools of yourselves yet again. I guess I keep forgetting that this is not ACTUAL journalism, where professionalism, acurate sources, and correct grammar matter.
This is yet another example of an "Ask Slashdot" question that someone can answer for themselves with just a little thought on their own part. Rob Malda might as well post a page entitled: "Please tell us yet again why Apple suXX0rz or r00lzz."
What if the phrase was changed to "one nation, under Satan"? Would anyone be offended? just maybe..
Arresting people guilty of "pre-crimes" is obviously a questionable practice. Instead, why don't the police use the precognitions as a TIP? They can stake out the (future) crime scene, capture the whole crime on video, and stop it in progress. There would then be no question about guilt PLUS the violent outcome of the crimes are avoided. This is a win-win situation.
Java's random number generator probably just calls the platform's standard C library rand(). To get truly random data, you can use /dev/random on Linux and CryptGenRandom() on Windows.
What's next - random() always returning 666 no matter what seed you use?
random() only returns 666 if you use a demon seed!
Actually, I disagree. I have found the WOLK kernels to contain a lot of the fixes and features we needed all in one convenient package. Of course, I stress tested the WOLK servers before putting them into the production server room. I would highly recommend anyone that is curious in the WOLK kernels to use them in a production environment.
Always blame the low man on the totem pole. Managers could not possibly be responsible for a poorly-defined project that is shipped behind schedule. CYA, fellow coders!
I have to give a shout out to Seattle's KEXP , the University of Washington college station. KEXP (was KCMU) is an excellent college music station with a huge variety of music, but lots of indie rock and some techno/beats at night. They are 90.3 FM in Seattle, but they also stream live on the internet. They support MP3, RealAudio, and WMA. They even have an uncompressed, CD-quality (better than FM quality) audio stream.
Does Sun own the exclusive rights to create native Java CPUs? I know other companies have paid Sun to license picoJava designs, but what if someone else made a Java-compatible CPU but just did not call it "Java(tm)"?