This sounds like a good tool. The only concerns I have are the following:
1) It doesn't replace the people actually DRIVING the vehicle needing to be at their utmost alert. We've all seen what cellphones and driving do to people.
2) It doesn't get used later on as a spammer's paradise. The last thing I want is that every car in the country comes standard with these alert systems only to hear, while driving down the highway, "ALERT! Your car's engine is not optimized! Go to carspeed.com to help!"
3) It doesn't get used as a monitoring network. I'd assume since it would be sending personalized messages to cars given their position in traffic, cars around them specifically, etc., that you'd need some sort of unique identifier per car. Let's not abuse this like the FastTrack crap we heard about earlier, and have a constant, rudimentary GPS system in every car that uses it.
Other than that, it seems like it'd be a great tool for informing drivers (non-invasively) on what's going on on the highways.
I'd assume it has something to do with ease-of-setup. Ever tried getting dual-headed Debian to work, as opposed to Windows XP? A little easier with the latter.
Woohoo!! Imagine the possibilities! You won't even have to drive around to wardrive! It'll have to be named something else - how about WarCerritosing? No... Warslouching? Hmm... Anyone? Anyone? Beuler? Beuler?...Beuler?
-Annoying people by creating insanely large and annoying ANSI sigs.
My friend did that, just to piss me off.
-Fidonet
Ahh, that took me months to set up!
-KINGCOTT
Ok, RG always ruled, and Mr. Lang is a moron for doing that. Shows what OSS could do for RG!
-ANSI Bombs
Muhahaha....no comment.
-Legend of the Red Dragon
Don't get me started. I have too many memories for that one.
-TradeWars 2002
Ya know, I never really got into that, or Planets/TEOS either. Everyone loved it though, so I had to have it on my board.
-Horrible misconfigured MajorBBS sites.
>Grin -Wardialing (ToneLoc!)
I do remember ToneLoc, but I never got around to getting the guts to use it IRL. Now-a-days it'd be useless unless someone had a prefix that they knew wasn't a block of ISP phone numbers.
-Can I have Co-Sys?
Ahh, the statement of both appreciative users and social engineers...
Thanks!! That brought me back... Damn. I am a geek!
What I don't understand is why Enigmail doesn't get integrated directly into the TB tree.... I know they try to keep everything seperate..but this is really one of those features that everyone should start using!!
To those of you who say "Blah blah blah, of course they're not going to support some random crap you download off the Internet, blah blah blah":
Ok, so basically any and all tech-support contracts that came with someone's new Dell, that they paid for, is now void because they installed a PROGRAM? Right. So now what, are we only allowed to install "Dell Approved" software on our own computers? I think I hear the sound of a hood being welded shut.
It all comes down to money, every damn time. It's about the pre-installed software that contains spyware. Dell has contracts with these 3rd party software companies ($$$), and these 3rd party software companies will profit from the use of their spyware. It's a win-win for Dell and the 3rd parties. Guess who doesn't win? The customer who paid $700 for their new computer... But who cares about the customer, anyway? We'll just put them on the line with some $7.00/hr 1st tier call-center techie in India (No offense at all to Indians, but that's where most tech support calls get fielded) that's reading off a script, and has no actual verbal resemblance to a human with feelings or compassion for the poor user who just wants to send their mom a picture of their new baby.
I always used to tell people that if they were going to buy a name-brand computer, to buy a Dell. At least their hardware isn't complete crap.
I guess that recommendation goes in the garbage now.
Thank you. I was reading parent posts going, "Umm, I don't remember hearing anything about any pw cracking being possible since it was an encrypted connection or whatever, so if it was sniffed it obviously was done in clear-text. The people who did the foresnics on those boxes (and who wrote the paper) simply would have stated that. I have the utmost faith in said Debian.org sysadmins. And I applaud their open-source approach to the attack. You really wouldn't ever see something like that coming anyone else.
That's a lot, coming from me... I'm usually pretty pessimistic..;)
Protocols will become more proprietary, telco companies will continue to *squeeze* money out of consumers for sending text messages over networks which would otherwise be utilizing much more bandwidth for a normal voice call, and proprietary IM providers such as AOL, Microsoft and Yahoo will not collectively work toward a standard, because they have their hands too deep in consumers' pockets to see that it would benifit more people than just them to work together for a common good.
No, I don't think the major IM players will settle on a standard. The best thing we can hope for is that the Jabber protocol catches on and we all have an open IM standard.
That's most likely not going to happen, though, until the rest of the world catches on to the whole OSS movement. And at that point, there are going to be so much better things out there than text IM that people are working on together that it won't matter anyway.
Ok. I just got back from the first showing in San Francisco (IMAX). I really think it was worth seeing, especially if you enjoyed the first two. Don't expect any hardcore, geek-loving philosophy, just a bunch of mind-twisting plot changes.
What was with the little girl?? What a horrible actress. I mean, ok, she was what, 6? Still. I've seen much better acting out of a 6 year old than that. She even seemed to bring Neo down while they spoke at the train station.
The first one was definately the best if you're a geek. The second one was very mind-boggling, especially with the Architect speech. Still, nothing as cool as the first. The third, well... It wasn't as lovey-dovey mush crappy as the second, but it had it's fair share. It's nice to have a little of that, but COME ON!! This is The Matrix, not Sleepless in Seattle! I am happy to report that the Frenchman's wife does have a small part in the third, and there is, in fact, substantially more cleavage in her scenes. 8-D
All in all, don't expect it to match the first. The first rules above all, far and beyond. The second two just didn't do the first one justice, as far as philosophical mind-boggles go. The third one really did have too many Christianity ties to it (Neo & The Source, laid out like Jesus on the cross, the actual cross-shaped light coming out of him)... I'm not religious, and this really kinda ruined the perspective of where the movie was supposed to be for me.
Anyway, it was good. I recommend it. Just don't expect it to 'free your mind' like the first one.
Oh, one last thing - they REALLY should have cooled it with the repeat climax points (Trinity's bullet-time jump, Neo's Kung Fu taunt). We've SEEN IT ALREADY.
Imagine Selvestre Stallone promoting this new center for IBM:
Rocky: Yo, Adrian! Check this out! ADRIAAAAAN! Adrian: I CAN'T DO IT ANYMORE, ROCKY! Windows has hidden it's network configuration from me and put it in another place where I can't find it! IT'S JUST TOO MUCH! Rocky: Yo Adrian, I was just doing some pull-ups on this tree branch out in the middle of nowhere, with two-foot logs tied to my shins, and I saw IBM opening a Linux Competency Center over there! Yo! Suddenly, Mr. T appears out of nowhere Mr. T: I PITTY THA FOOL DAT RUNS MICROSOFT IN RUSSIA!
Oh wow... It really is Saturday. I'm spending way too much time trying to be funny.
You think Apache isn't stable enough to run concurrently on a box with DNS services? You're smoking SCO's crack, aren't you!;) Seriously though, I'm extremely security consious and realise the hazards of running multiple things on the same server. That's why this box is protected by a firewall, and nobody on the outside can even speak to him besides the designated slave DNS servers, and only on the DNS ports. He's well protected. Webmin is only used from the inside. It's runing Debian Stable, so I really don't think there's an issue with stability or OS securtiy, as well. (Not to mention it's a P4 2.4GHz w/hyperthreading, 1GB RAM and SATA RAID drives, running on kernel 2.4.22)
You'll realise that it's OK to do these things if they're done the right way. Some day, little grasshopper...;)
We use Webmin primarily to administer our Bind servers... Like every other GUI, it has it's ups and downs. The ups would be that it (obviously!) makes it easier to administrate those horribly syntaxed named.conf files (Umm, did I put a } in front of the ; or after? Was there a space there? DAMN IT!).. The downs are, obviously, once you know the config files well enough, you have much more control over everything. Webmin, for example, by default puts it's zone files in/var/cache/bind. I was used to putting them in/etc/bind. It just makes it that much more frustrating when you have scattered zone files. I mean, it's not like it makes it any worse performance wise, but I like keeping neat and tidy systems. It seems that the old saying always rings true - "If you want something done right, do it yourself." That being said, I think Webmin is an awesome thing for people who don't necessarily have the time to sift through all the man pages and spend hours learning the context of a config file before they need to set up a simple web/dns/samba/whatever server for their company, or themselves. It's a great stepping-stone.
Is the simple concept of opening and closing ports insufficient for networking services that require the client and server to open multiple simultaneous connections (both incoming and outgoing)?
I am the head sysadmin for a company that has many Linux, Windows, and Solaris servers, and other specialty systems such as Cobalt Raqs, proprietary satellite equipment like IP enabled RF Modems, MUXes, IPEs and a shitload of high-bandwidth routers in multiple POPs around the world. If you think that a firewall to protect your network is insufficient, especially for a network with mixed OSes and such, you are terribly wrong. Imagine working in an ISP. You have your private workstations, then your servers (DNS, MXes, etc.), then your colocation equipment. Put it all on the same network? Suuuuure!! WHOOPS! Someone hacked into a colo box and then used his r3wt account on that box to scan your internal network for other vulnerable boxes (all at the same time, using your T1/T3/OC-192 for hosting the world's biggest movie IRC bot). You didn't have a firewall and/or IDS to detect the initial portscan on the colo box, and now you don't know that he/she is sucking up your bandwidth and scanning your entire internal (well, to you it's internal, external, whatever) network for more boxes to royally *$#! up. Trust me. Once a box is rooted, you take it of as SOON AS POSSIBLE and reinstall. It's a shitty feeling knowing that someone owned YOUR network and now you have a shitload of crappy work to do over the weekend. Not to mention downtime, customer/employee complaints, fielding the hundreds of "I CAN'T CHECK MY E-MAIL!!! BOO HOO!" calls, and general feeling that maybe...just maybe there's a box that got 0wnz0r3d that you might not know about.
The moral of this story, boys and girls, is that FIREWALLS ARE GOOD. Intrusion detection systems are GOOD. NAT is GOOD. TCP syncookies are GOOD. Everything on the Internet is vulnerable by default unless YOU TAKE THE TIME TO SECURE IT YOURSELF. Keep the colo systems on their own subnet. Shit, keep each SYSTEM on it's own 2 port VLAN with the uplink. Keep your servers on a DMZ. Keep your internal workstations on a TRUSTED, PRIVATE, NATted network. Close every damn port besides the ones that are used by servers. Do not open ANY ports to your trusted, internal network. If someone roots a box, at least they can't load an SSH trojan on port 2000 with no password and automatic root access to get back in later.
This guy is right on the money. A co-worker of mine recently had a conversation with someone on the topic of E-Mail clients. I recently introduced her to ThunderBird, and she loved it (She's an active Linux advocate). She showed it to who she was talking to. Of course, the topic of price came into play. "It's free", she said. You know what? I don't think I've ever seen a more confused look on a 50 year-old man's face. "What's the gimmick?" He asked. She proceeded to explain to him about OSS, and he just got more confused.
If we want Open Source Software to make an impact on Joe user, we need to ease them into it. Humans don't like change. We need to feed it to them with a baby spoon a little bit at a time, and if they have questions, try to explain it to them in the simplest of terms. "Thousands of programmers around the world work in their free time to provide everyone with superior software" will lead to "Why would they do that?" because when Joe user thinks of a programmer, he thinks of a glasses wearing computer nerd in a cubicle, getting paid to write programs. He doesn't understand the fact that programmers might program for fun.
I think we need to start some kind of a campaign. The masses must join together to provide something to Joe user that won't scare him. Don't try to explain everything to them, just give them a CD and say "Here, install this, it's better than Microsoft Office", or "Here, check this new E-Mail program out, it's got a really good thing for Junk Mail". If they ask "How much does it cost?", say "It's my copy, you can have it."
This might seem like a childish, unprofessional route to clear GNU/Linux's good name, but when you're talking about going up against a company such as SCO, which is trying to discredit the entire GNU/Linux/OSS concept, this might be necessary. What can we, the herds of nerds do? Submit press releases that discredit SCO so people won't believe what SCO says. WE already know what tactics SCO has done in the past, but Joe CEO doesn't. We need to fight back in the way that we know will work - with the same fire that SCO is using right now (only ours is justified). Spread the word to major news outlets (Preferably the same ones SCO is using) siting multiple, FACTUAL evidence that SCO is not to be trusted based on their previous actions as a company. Do it professionally, do it the right way. Let the masses that are being convinced by SCO know that SCO isn't a company you should trust or believe in any way, shape or form. Think Enemy of the State.
Again, do this LEGALLY, PROESSIONALLY, and through the right channels, so Joe CEO, reading cnn.com in his private office will look at it and say "Wow, this isn't a tabloid article, this really makes sense! Maybe I shouldn't delay our Linux deployment because of these bozos!"
Slashdot Mirror
This sounds like a good tool. The only concerns I have are the following:
1) It doesn't replace the people actually DRIVING the vehicle needing to be at their utmost alert. We've all seen what cellphones and driving do to people.
2) It doesn't get used later on as a spammer's paradise. The last thing I want is that every car in the country comes standard with these alert systems only to hear, while driving down the highway, "ALERT! Your car's engine is not optimized! Go to carspeed.com to help!"
3) It doesn't get used as a monitoring network. I'd assume since it would be sending personalized messages to cars given their position in traffic, cars around them specifically, etc., that you'd need some sort of unique identifier per car. Let's not abuse this like the FastTrack crap we heard about earlier, and have a constant, rudimentary GPS system in every car that uses it.
Other than that, it seems like it'd be a great tool for informing drivers (non-invasively) on what's going on on the highways.
A Beowulf cluster of compressors on a Beowulf cluster of computers!
Umm.....
I'd assume it has something to do with ease-of-setup. Ever tried getting dual-headed Debian to work, as opposed to Windows XP? A little easier with the latter.
Am I the only one that sees that a full DS3 line goes BOTH WAYS at 45mb/sec, which would mean that 20mb/sec both ways would be around HALF of a DS3??
Woohoo!! Imagine the possibilities! You won't even have to drive around to wardrive! It'll have to be named something else - how about WarCerritosing? No... Warslouching? Hmm... Anyone? Anyone? Beuler? Beuler? ...Beuler?
Just give Microsoft control. They'll know what to do!
...And Al Gore.
-Annoying people by creating insanely large and annoying ANSI sigs.
My friend did that, just to piss me off.
-Fidonet
Ahh, that took me months to set up!
-KINGCOTT
Ok, RG always ruled, and Mr. Lang is a moron for doing that. Shows what OSS could do for RG!
-ANSI Bombs
Muhahaha....no comment.
-Legend of the Red Dragon
Don't get me started. I have too many memories for that one.
-TradeWars 2002
Ya know, I never really got into that, or Planets/TEOS either. Everyone loved it though, so I had to have it on my board.
-Horrible misconfigured MajorBBS sites.
>Grin
-Wardialing (ToneLoc!)
I do remember ToneLoc, but I never got around to getting the guts to use it IRL. Now-a-days it'd be useless unless someone had a prefix that they knew wasn't a block of ISP phone numbers.
-Can I have Co-Sys?
Ahh, the statement of both appreciative users and social engineers...
Thanks!! That brought me back... Damn. I am a geek!
What I don't understand is why Enigmail doesn't get integrated directly into the TB tree.... I know they try to keep everything seperate..but this is really one of those features that everyone should start using!!
Then some pot-smoking, commercial-acting intern will crack into the master database and get all your favorite pr0n URLs.
Hey! What's wrong with smoking pot, and finding new, fresh free porn sites??
To those of you who say "Blah blah blah, of course they're not going to support some random crap you download off the Internet, blah blah blah":
Ok, so basically any and all tech-support contracts that came with someone's new Dell, that they paid for, is now void because they installed a PROGRAM? Right. So now what, are we only allowed to install "Dell Approved" software on our own computers? I think I hear the sound of a hood being welded shut.
It all comes down to money, every damn time. It's about the pre-installed software that contains spyware. Dell has contracts with these 3rd party software companies ($$$), and these 3rd party software companies will profit from the use of their spyware. It's a win-win for Dell and the 3rd parties. Guess who doesn't win? The customer who paid $700 for their new computer... But who cares about the customer, anyway? We'll just put them on the line with some $7.00/hr 1st tier call-center techie in India (No offense at all to Indians, but that's where most tech support calls get fielded) that's reading off a script, and has no actual verbal resemblance to a human with feelings or compassion for the poor user who just wants to send their mom a picture of their new baby.
I always used to tell people that if they were going to buy a name-brand computer, to buy a Dell. At least their hardware isn't complete crap.
I guess that recommendation goes in the garbage now.
Until the next announcement comes out, further explaining the possible motives and more on how they exploited the system from an unprivileged account.
This is like a soap opera!! =)
P.S. I don't like soap operas, but if they had one about this, I might just have to quit my day job.
Thank you. I was reading parent posts going, "Umm, I don't remember hearing anything about any pw cracking being possible since it was an encrypted connection or whatever, so if it was sniffed it obviously was done in clear-text. The people who did the foresnics on those boxes (and who wrote the paper) simply would have stated that. I have the utmost faith in said Debian.org sysadmins. And I applaud their open-source approach to the attack. You really wouldn't ever see something like that coming anyone else.
.. ;)
That's a lot, coming from me... I'm usually pretty pessimistic
Protocols will become more proprietary, telco companies will continue to *squeeze* money out of consumers for sending text messages over networks which would otherwise be utilizing much more bandwidth for a normal voice call, and proprietary IM providers such as AOL, Microsoft and Yahoo will not collectively work toward a standard, because they have their hands too deep in consumers' pockets to see that it would benifit more people than just them to work together for a common good.
No, I don't think the major IM players will settle on a standard. The best thing we can hope for is that the Jabber protocol catches on and we all have an open IM standard.
That's most likely not going to happen, though, until the rest of the world catches on to the whole OSS movement. And at that point, there are going to be so much better things out there than text IM that people are working on together that it won't matter anyway.
I find myself liking music from real musicians, people like Celine Dion and Faith Hill.
Umm...
Nevermind. Too easy.
Ok. I just got back from the first showing in San Francisco (IMAX). I really think it was worth seeing, especially if you enjoyed the first two. Don't expect any hardcore, geek-loving philosophy, just a bunch of mind-twisting plot changes.
What was with the little girl?? What a horrible actress. I mean, ok, she was what, 6? Still. I've seen much better acting out of a 6 year old than that. She even seemed to bring Neo down while they spoke at the train station.
The first one was definately the best if you're a geek. The second one was very mind-boggling, especially with the Architect speech. Still, nothing as cool as the first. The third, well... It wasn't as lovey-dovey mush crappy as the second, but it had it's fair share. It's nice to have a little of that, but COME ON!! This is The Matrix, not Sleepless in Seattle! I am happy to report that the Frenchman's wife does have a small part in the third, and there is, in fact, substantially more cleavage in her scenes. 8-D
All in all, don't expect it to match the first. The first rules above all, far and beyond. The second two just didn't do the first one justice, as far as philosophical mind-boggles go. The third one really did have too many Christianity ties to it (Neo & The Source, laid out like Jesus on the cross, the actual cross-shaped light coming out of him)... I'm not religious, and this really kinda ruined the perspective of where the movie was supposed to be for me.
Anyway, it was good. I recommend it. Just don't expect it to 'free your mind' like the first one.
Oh, one last thing - they REALLY should have cooled it with the repeat climax points (Trinity's bullet-time jump, Neo's Kung Fu taunt). We've SEEN IT ALREADY.
Still, that's twenty bucks!! That buys you at *least* a 12-pack!
College priorities, people!! Softwre free, beer not free!
Imagine Selvestre Stallone promoting this new center for IBM:
Rocky: Yo, Adrian! Check this out! ADRIAAAAAN!
Adrian: I CAN'T DO IT ANYMORE, ROCKY! Windows has hidden it's network configuration from me and put it in another place where I can't find it! IT'S JUST TOO MUCH!
Rocky: Yo Adrian, I was just doing some pull-ups on this tree branch out in the middle of nowhere, with two-foot logs tied to my shins, and I saw IBM opening a Linux Competency Center over there! Yo!
Suddenly, Mr. T appears out of nowhere
Mr. T: I PITTY THA FOOL DAT RUNS MICROSOFT IN RUSSIA!
Oh wow... It really is Saturday. I'm spending way too much time trying to be funny.
You think Apache isn't stable enough to run concurrently on a box with DNS services? You're smoking SCO's crack, aren't you! ;) Seriously though, I'm extremely security consious and realise the hazards of running multiple things on the same server. That's why this box is protected by a firewall, and nobody on the outside can even speak to him besides the designated slave DNS servers, and only on the DNS ports. He's well protected. Webmin is only used from the inside. It's runing Debian Stable, so I really don't think there's an issue with stability or OS securtiy, as well. (Not to mention it's a P4 2.4GHz w/hyperthreading, 1GB RAM and SATA RAID drives, running on kernel 2.4.22)
;)
You'll realise that it's OK to do these things if they're done the right way. Some day, little grasshopper...
We use Webmin primarily to administer our Bind servers... Like every other GUI, it has it's ups and downs. The ups would be that it (obviously!) makes it easier to administrate those horribly syntaxed named.conf files (Umm, did I put a } in front of the ; or after? Was there a space there? DAMN IT!).. The downs are, obviously, once you know the config files well enough, you have much more control over everything. Webmin, for example, by default puts it's zone files in /var/cache/bind. I was used to putting them in /etc/bind. It just makes it that much more frustrating when you have scattered zone files. I mean, it's not like it makes it any worse performance wise, but I like keeping neat and tidy systems. It seems that the old saying always rings true - "If you want something done right, do it yourself." That being said, I think Webmin is an awesome thing for people who don't necessarily have the time to sift through all the man pages and spend hours learning the context of a config file before they need to set up a simple web/dns/samba/whatever server for their company, or themselves. It's a great stepping-stone.
Is the simple concept of opening and closing ports insufficient for networking services that require the client and server to open multiple simultaneous connections (both incoming and outgoing)?
I am the head sysadmin for a company that has many Linux, Windows, and Solaris servers, and other specialty systems such as Cobalt Raqs, proprietary satellite equipment like IP enabled RF Modems, MUXes, IPEs and a shitload of high-bandwidth routers in multiple POPs around the world. If you think that a firewall to protect your network is insufficient, especially for a network with mixed OSes and such, you are terribly wrong. Imagine working in an ISP. You have your private workstations, then your servers (DNS, MXes, etc.), then your colocation equipment. Put it all on the same network? Suuuuure!! WHOOPS! Someone hacked into a colo box and then used his r3wt account on that box to scan your internal network for other vulnerable boxes (all at the same time, using your T1/T3/OC-192 for hosting the world's biggest movie IRC bot). You didn't have a firewall and/or IDS to detect the initial portscan on the colo box, and now you don't know that he/she is sucking up your bandwidth and scanning your entire internal (well, to you it's internal, external, whatever) network for more boxes to royally *$#! up. Trust me. Once a box is rooted, you take it of as SOON AS POSSIBLE and reinstall. It's a shitty feeling knowing that someone owned YOUR network and now you have a shitload of crappy work to do over the weekend. Not to mention downtime, customer/employee complaints, fielding the hundreds of "I CAN'T CHECK MY E-MAIL!!! BOO HOO!" calls, and general feeling that maybe...just maybe there's a box that got 0wnz0r3d that you might not know about.
The moral of this story, boys and girls, is that FIREWALLS ARE GOOD. Intrusion detection systems are GOOD. NAT is GOOD. TCP syncookies are GOOD. Everything on the Internet is vulnerable by default unless YOU TAKE THE TIME TO SECURE IT YOURSELF. Keep the colo systems on their own subnet. Shit, keep each SYSTEM on it's own 2 port VLAN with the uplink. Keep your servers on a DMZ. Keep your internal workstations on a TRUSTED, PRIVATE, NATted network. Close every damn port besides the ones that are used by servers. Do not open ANY ports to your trusted, internal network. If someone roots a box, at least they can't load an SSH trojan on port 2000 with no password and automatic root access to get back in later.
I second that. One site to look at: Google-Watch.com
Wow. I must not have gotten past "Kindergarten" if I spelled it wrong. =p
Now they're gonna analyze all the "doctor" sessions in great detail.
Privacy for kindergardeners!!!
This guy is right on the money. A co-worker of mine recently had a conversation with someone on the topic of E-Mail clients. I recently introduced her to ThunderBird, and she loved it (She's an active Linux advocate). She showed it to who she was talking to. Of course, the topic of price came into play. "It's free", she said. You know what? I don't think I've ever seen a more confused look on a 50 year-old man's face. "What's the gimmick?" He asked. She proceeded to explain to him about OSS, and he just got more confused.
If we want Open Source Software to make an impact on Joe user, we need to ease them into it. Humans don't like change. We need to feed it to them with a baby spoon a little bit at a time, and if they have questions, try to explain it to them in the simplest of terms. "Thousands of programmers around the world work in their free time to provide everyone with superior software" will lead to "Why would they do that?" because when Joe user thinks of a programmer, he thinks of a glasses wearing computer nerd in a cubicle, getting paid to write programs. He doesn't understand the fact that programmers might program for fun.
I think we need to start some kind of a campaign. The masses must join together to provide something to Joe user that won't scare him. Don't try to explain everything to them, just give them a CD and say "Here, install this, it's better than Microsoft Office", or "Here, check this new E-Mail program out, it's got a really good thing for Junk Mail". If they ask "How much does it cost?", say "It's my copy, you can have it."
One word: Discredit.
This might seem like a childish, unprofessional route to clear GNU/Linux's good name, but when you're talking about going up against a company such as SCO, which is trying to discredit the entire GNU/Linux/OSS concept, this might be necessary. What can we, the herds of nerds do? Submit press releases that discredit SCO so people won't believe what SCO says. WE already know what tactics SCO has done in the past, but Joe CEO doesn't. We need to fight back in the way that we know will work - with the same fire that SCO is using right now (only ours is justified). Spread the word to major news outlets (Preferably the same ones SCO is using) siting multiple, FACTUAL evidence that SCO is not to be trusted based on their previous actions as a company. Do it professionally, do it the right way. Let the masses that are being convinced by SCO know that SCO isn't a company you should trust or believe in any way, shape or form. Think Enemy of the State.
Again, do this LEGALLY, PROESSIONALLY, and through the right channels, so Joe CEO, reading cnn.com in his private office will look at it and say "Wow, this isn't a tabloid article, this really makes sense! Maybe I shouldn't delay our Linux deployment because of these bozos!"