How many OSes really consider "security" as a part of "core functionality"? Only one spring to mind and that is OpenBSD.
Neither Windows, Linux, Mac OS X, Solaris state "security" as a "core functionality". Yes, all are securable, but on any OS it needs a certain amount of work (yes, even OpenBSD...you need to apply the patches!) This needs maintenance, and on "homebrew servers" (read: glorified desktops) security is unfortunately just a second thought. I do realise that a well administered server will probably be secured, but that is due to a competent admin, not due to "security as a core functionality".
I don't say that "security out of the box", should not be a worthy goal, I just think that it is a utopian dream.
I don't call "reinstalling" easier... Especially not if we really consider Joe Sixpack who will use the OEM restore CD and thus lose all his data. A smart Joe User will backup his word/excel/pictures on CD, but his Outlook Express stuff will be lost, because that is not in the infamous "My Documents".
By the way, what you describe works exactly the same on any OS: unsure on how to fix your screwup? reinstall!
He retired. He wrote a "goodbye letter with the motivation why he left" in his user info (this was before the journals). After that he still posted it some threads, but according to his info his account has been inactive since last november.
Rumours are he is now at kuro5hin. Not sure though. Or he got a life;-) Like so many of us around here should (me included).
Other funny stuff:
on
Slashdot Turns 5
·
· Score: 2, Interesting
Oh, and you forgot the infamous Signal 11, founder of the Karma Whore movement. Too bad he retired.
Okay, Outlook Express is now patched and will not alow this kind of viruses anymore. Good (I still have to see it). The point of the parent poster was actually that this kind of code shouldn't have been written in the first place. Why was scripting included in a mailclient in the first place? I know there are legitimate reasons (Lotus Notes has scripting too, but it is certificate based), but only in a corporate environment. Outlook Express is not meant for the corporate environment.
Do not forget that for every patched Outlook Express client there are 100 unpatched ones. And a Virusscanner is nice. I use one myself, but alas that is not enough. Home users (or clueless users) tend to think that when they have a virusscanner everything is okay. The problem is that this is not true: unless you update your definitions regularly (my policy is twice a month) you are vulnerable. Most normal users do not understand this, even if you repeat it every time. I have seen virusscanners that haven't been updated in months, even years. That's just false sense of security.
The worst users that exist are the ones that refuse to buy a virusscanner. They think they don't need it. Above that most virusscanners are subsription-based (I use Norton, and that is subscription based). Paying each year for protection: unconceivable for the normal user.
The biggest issue is actually administrating the system, which is daunting for the average non-technical user
And this is different exactly "how" from any other operating system. Give Joe Sixpack a computer with any OS and he will fubar it within 6 months. (except if you lock down his machine to specific tasks) System administration is necessary, just like maintining your car is necessary. The difference is that people do it for their car, and not for their computer.
Read my latest journal entry on this issue...and be scared, very scared.
Installation of what software? I myself say "No" to reboots everytime a installer says me I should. Then I try the program, only 1 out of 10 time it really needs a reboot. It's the people who config the installers that often say "hey, a reboot...hmmm...better do that". Often it is not nessecary. Third party software ofter goes the easy way and requires a reboot "just to be sure". I'm not a Windows fanboy, but don't believe what installers tell you, they are often wrong. Upgrades to the operating system do need a reboot, of course. IE upgrades require a reboot, in that case of course;-)
You don't like OpenBSD because of the Mascot??? Oh? I actually bought a T-shirt because I liked the porcupine-fish (blowfish, but I don't want to attract perverts). Of course, I suspect that my slashdot handle makes me partial.
Don't diss an operating system because of it's mascot. If everybody did that, nobody would use Linux (cute Penguin, that screams 13-year old girl) or Darwin (have you seen the silly hat?) And don't get me started on the silly Windows icon. Base your operating system choices on merit, not on mascots.
My last tri-boot system was setup in a drunken stupor. Works fine you know. And I use BSD daily. I like it more than Linux, but that of course will be modded down around here.
No seriously, the Linux systems I use are the ones that are most close to BSD. Slackware and derivates. I suppose, the simplicity of BSD like systems goes me best.
Well, I know out of experience that 2.4.x distro's will boot. Just don't go mainstream, which means no SuSE, no RedHat, no Mandrake. Those are probably all compiled for Pentium Pro class machines (80686 and more) The laptop I mentioned is a Toshiba and all hardware is supported. The laptop had been running Peanut Linux for over 1 year. The only problem with Peanut is that it comes without a compiler. Now my sister doesn't need that, but I do in order to tweak the machines (compile kernel, install WindowMaker). It get's really, really, small on that 1.3Gig Harddisk when you add the compiler and the kernel source tree.
The above mentioned Vector Linux is smaller than Peanut and comes with gcc. Okay, granted a lot of documentation is missing (man lilo didn't work *sigh*), but I get a working system for 250Meg harddisk space. I find that a sweet deal. (Peanut was more) It even comes with my email client of choice (Sylpheed)
For older machines, the "minimalist" or "mini" distributions are the way to go. Thanks for the advice: if VectorLinux turns out not to work (X is playing it's games again, and I couldn't reuse XF86Config from the previous install because now it is a 4.1.0 version), I will give FreeBSD a shot. (first thought of NetBSD myself) Network install is not an option: the dongle of the PCMCIA network card I have is broken.:-( Everything must go over CD.
Sorry, I overlooked the reference. I know the expression "when pigs might fly".
You actually too the trouble to look up from where I come? (Okay, it's two clicks). In Lux people indeed speak French and German..and I speak 3 other languages. One of the advantages of living here.
That 286, with 20mb MFM HDD didn't happend to be a IBM PS/2 Model 50? We had one like that in the late eighties. I remember it partitioned up to 6 partitions, and I was wondering how to fill it all up. Aaaah, memories:-)
Maybe he actually purchased them, way back when, and kept the floppies, reverently, until such time as he might use them again.
Very unlikely. If you read the article, you'd know he is only 18. He was 11 when Windows 95 came out. I still have DOS 3.0 disks lying around somewhere, and I did not purchase them. My dad bought them when I was a kid. Now I'm 25.
It is a very impressive install though. I try to currently reinstall a old P120/32Meg laptop (No network card) that I want to give to my sister so she can take it to Africa (goes for Humanitarian aid), and I tried my old OS/2 Warp version and it didn't work. Now I'm trying VectorLinux which seems to be promising.
I'm pretty sure he must have had a struggle with all these OSes. I cannot imagine that Windows 1.01 would run on DOS 5 for example (Windows 1.01 is no OS in my eyes)
Read my latest journal entry . Okay, this was only a normal home user, but I have always been of the opinion that even home users need System Administrators, just like you need a mechanic for your car. And computers in small bussinesses are often more badly managed than home-computers.
I do not fear for the job security of System Administrators in the near future. As long as users are clueless, they will screw up.... and nothing that Sun, IBM or Microsoft will invent can prevent that.
I agree it's better to put them on different structures like water towers and large buildings. I personally never have seen a mast disguised as a tree, not around here at least.
To cover decently you need to put them closer than 70 km to each other. There needs to be some overlap, and not every landscape is flat: I suppose that when you live in a hilly area you need even more masts.
I do not think it is useless. It keeps the original "view" of a certain place. I live in a country that is about completely covered for cellphone usage, but I never have seen a cellphone mast...at least not like the one the pictured in the article. I don't want big ugly towers every 35km, if they can make them invisible it is worth the cost.
Anyways, the cell-phone users are paying the extra expense anyway and I'm happy with that.
Well, of course I am pessimistic. I still have some faith in humanity to learn and you don't even seem to have that.
As long as the informed crowd still can do as they always did (that is: a good password for each service), then I don't care too much. I will warn the people I love against using SSO, and won't use it myself. The danger just is that it will be "required", and that day is when the "informed people" lose their power to big corporations. So, warn any goddamn soul again and again... Education is the only way and even if our voices are small, we still might make a difference.
I have mod points today and my finger was hovering over the "Troll" moderation, probably because I disagree. So, instead of actually modding down, I will try to argument against this.
Why do the market demands it? I don't think that is true. Most people could cope with several PIN-codes for the debit cards, most people can remember the code of their alarm system at home. Most people have to remember at least one password at work (not considering the keypad they need to use to enter the building).
And on physical things people have alwasy managed to cope with different keys for different usages (or do you use the same key for your house, locker, car and safe?). See... this is all just the same. The only reason that people consider a "unified solution" is because they are too afraid of computers, too afraid of locking them out of their own data. We do not *need* a good unified solution, we need to educate people.
That of course is my opinion, but it ain't gonna happen I fear.
I like the fact that I can choose a password for any different service. Which I consider high-security gets a strong password, but low security just gets a dictionary-searchable password. Losing your control over your own data because you are uninformed is not an excuse.
I knew you were going to reply this. Oh, well... you know as well as me that I didn't write C or C++ in ages. Anyway, I still find it visually ugly and I like beauty (you knew that didn't you?). The worst kind is actually when using Hungarian on objects, how I loathe btnOk..urks... worse are when people use it on custom-made objects. Seen ostdlfinscapStartdate, which means "Object Life Insurance Standard Capitalisation". Yes, and I actually saw this in *Java* code. You think that is readable? Well, I don't.
Besides, aren't dangerous typecasts now warnings in C/C++? I hate warnings so much that I always make sure there are no more warnings in any of my code. So technically I still would get warned.
Oh, well... be glad you don't have to maintain my code but I sure as hell won't be using Hungarian anytime soon.
Well it all depends on how you see it. Ever had to change an int to a long in a very very huge program? That's kind of a big search 'n replace. Besides I really think that it makes code unreadable... If I don't know what type a variable is, I prefer to look up the declaration. But then I just probably am a bad programmer.
Just name the var what it is supposed to represent. If it is representing an age, call it "age" and not "iAge". Just my opinion.
If you had actually just taken the time to go to their website , you would have seen it does run on Solaris. The Linux version seems indeed to be x86 only, but the Solaris version is for SPARC. I don't know what it's worth, I don't have a SPARC handy;-) Only my G3 and diverse x86. Sorry, can't help you further than that.
The only good modern browsers on non windows/mac systems are open source.
Now while that may be true to some extent you need a very healthy machine to run those browsers. One little browser springs to my mind that is not opensource and runs very well on a P120/32Meg RAM running Linux with WindowMaker. It's called "Opera". I sure think you heard of it. I think it qualifies as a "modern browser".
It's not perfect, but it really runs fine on the above mentioned platform and also on my Psion Revo Plus. Both non-win non-mac platforms.
Hehe....
You forgot NT4-SP4... Many, many people stayed on SP3 for a loooong time. Ugly one, or the original NT-SP6 (not 6a)...
Perhaps for NT4 it was "the uneven service packs only". But of course exceptions confirm the rule.
Not only that... Consider this: I regularly reinstall PC's for family and friends. I usually use Windows 2000 if the machine can cope it. Don't start on the fact that I should install Linux, I did for some of the more computer literate ones. Actually try Lycoris...that one is so easy it should be forbidden. Though it choked on a WinModem, no way to get online without recompiling the kernel and I didn't want to go to these depths. For my own computers I always recompile the kernel...
But, back on what I wanted to tell. I have a set of "mandatory" software I install which includes WinAmp and Acrobat Reader. Now my strategy is that I install all manadatory stuff, run them once (in order to accept EULA's and/or set the software to more acceptable settings. After I did all that, it come to the point that I create the different users for the machine. Then I "fork" the Aministrator Profile and associate them with the new users. This results in the fact that the registry settings indicate that the user accepted the EULA. The users never have to accept any EULA unless they install something themselves (which I usually disable: they have to call me for that). So it is clear that I am liable according to the EULA, but none of my users ever accepted the EULA, so the cannot be liable.
I think this kind of "pre-installing" is done in a lot of companies where custom pre-ghosted configs are used. However, I live in the EU: I don't consider EULA's legal anyway. And beside that, I usually install machines drunk;-)
I said: "about" 100Euro. I just was too lazy to visit my ISP to have the pricing. Taken from the Visual Online product page" it seems that I pay monthly: 19.9Euro subscription to Visual Online and 56.35Euro to the P&T for the DSL subscription. Grand total: 76.25Euro per month. If you pass over the complete LuxDSL offering it is a grand total of 85.68 Euro (according to a PDF on that site). It just enhances my point that broadband is cheaper at a certain utilization level.
If there is a cheaper one you can gladly inform me, but I have been with VO for over 5 years and their service is just excellent, that's why I didn't even research other options.
Compared to Belgium, France, and Germany paying 80Euro for a 256kbps/64kbps is *very* expensive because they have faster connection for the same price.
Why the hell did you go through all the trouble discovering where I live, anyway? It's not hard to find, but I was just wondering... You could at least have posted non-anonymously.
How many OSes really consider "security" as a part of "core functionality"? Only one spring to mind and that is OpenBSD.
Neither Windows, Linux, Mac OS X, Solaris state "security" as a "core functionality". Yes, all are securable, but on any OS it needs a certain amount of work (yes, even OpenBSD...you need to apply the patches!) This needs maintenance, and on "homebrew servers" (read: glorified desktops) security is unfortunately just a second thought. I do realise that a well administered server will probably be secured, but that is due to a competent admin, not due to "security as a core functionality".
I don't say that "security out of the box", should not be a worthy goal, I just think that it is a utopian dream.
I don't call "reinstalling" easier... Especially not if we really consider Joe Sixpack who will use the OEM restore CD and thus lose all his data. A smart Joe User will backup his word/excel/pictures on CD, but his Outlook Express stuff will be lost, because that is not in the infamous "My Documents".
By the way, what you describe works exactly the same on any OS: unsure on how to fix your screwup? reinstall!
He retired. He wrote a "goodbye letter with the motivation why he left" in his user info (this was before the journals). After that he still posted it some threads, but according to his info his account has been inactive since last november. ;-) Like so many of us around here should (me included).
Rumours are he is now at kuro5hin. Not sure though. Or he got a life
Oh, and you forgot the infamous Signal 11, founder of the Karma Whore movement. Too bad he retired.
Okay, Outlook Express is now patched and will not alow this kind of viruses anymore. Good (I still have to see it). The point of the parent poster was actually that this kind of code shouldn't have been written in the first place. Why was scripting included in a mailclient in the first place? I know there are legitimate reasons (Lotus Notes has scripting too, but it is certificate based), but only in a corporate environment. Outlook Express is not meant for the corporate environment.
Do not forget that for every patched Outlook Express client there are 100 unpatched ones. And a Virusscanner is nice. I use one myself, but alas that is not enough. Home users (or clueless users) tend to think that when they have a virusscanner everything is okay. The problem is that this is not true: unless you update your definitions regularly (my policy is twice a month) you are vulnerable. Most normal users do not understand this, even if you repeat it every time. I have seen virusscanners that haven't been updated in months, even years. That's just false sense of security.
The worst users that exist are the ones that refuse to buy a virusscanner. They think they don't need it. Above that most virusscanners are subsription-based (I use Norton, and that is subscription based). Paying each year for protection: unconceivable for the normal user.
And this is different exactly "how" from any other operating system. Give Joe Sixpack a computer with any OS and he will fubar it within 6 months. (except if you lock down his machine to specific tasks) System administration is necessary, just like maintining your car is necessary. The difference is that people do it for their car, and not for their computer.
Read my latest journal entry on this issue...and be scared, very scared.
Installation of what software? I myself say "No" to reboots everytime a installer says me I should. Then I try the program, only 1 out of 10 time it really needs a reboot. It's the people who config the installers that often say "hey, a reboot...hmmm...better do that". Often it is not nessecary. Third party software ofter goes the easy way and requires a reboot "just to be sure". ;-)
I'm not a Windows fanboy, but don't believe what installers tell you, they are often wrong. Upgrades to the operating system do need a reboot, of course. IE upgrades require a reboot, in that case of course
Don't diss an operating system because of it's mascot. If everybody did that, nobody would use Linux (cute Penguin, that screams 13-year old girl) or Darwin (have you seen the silly hat?) And don't get me started on the silly Windows icon. Base your operating system choices on merit, not on mascots.
My last tri-boot system was setup in a drunken stupor. Works fine you know. And I use BSD daily. I like it more than Linux, but that of course will be modded down around here.
No seriously, the Linux systems I use are the ones that are most close to BSD. Slackware and derivates. I suppose, the simplicity of BSD like systems goes me best.
The above mentioned Vector Linux is smaller than Peanut and comes with gcc. Okay, granted a lot of documentation is missing (man lilo didn't work *sigh*), but I get a working system for 250Meg harddisk space. I find that a sweet deal. (Peanut was more) It even comes with my email client of choice (Sylpheed)
For older machines, the "minimalist" or "mini" distributions are the way to go. Thanks for the advice: if VectorLinux turns out not to work (X is playing it's games again, and I couldn't reuse XF86Config from the previous install because now it is a 4.1.0 version), I will give FreeBSD a shot. (first thought of NetBSD myself) Network install is not an option: the dongle of the PCMCIA network card I have is broken. :-( Everything must go over CD.
You actually too the trouble to look up from where I come? (Okay, it's two clicks). In Lux people indeed speak French and German..and I speak 3 other languages. One of the advantages of living here. :-)
That 286, with 20mb MFM HDD didn't happend to be a IBM PS/2 Model 50? We had one like that in the late eighties. I remember it partitioned up to 6 partitions, and I was wondering how to fill it all up. Aaaah, memories
Very unlikely. If you read the article, you'd know he is only 18. He was 11 when Windows 95 came out. I still have DOS 3.0 disks lying around somewhere, and I did not purchase them. My dad bought them when I was a kid. Now I'm 25.
It is a very impressive install though. I try to currently reinstall a old P120/32Meg laptop (No network card) that I want to give to my sister so she can take it to Africa (goes for Humanitarian aid), and I tried my old OS/2 Warp version and it didn't work. Now I'm trying VectorLinux which seems to be promising.
I'm pretty sure he must have had a struggle with all these OSes. I cannot imagine that Windows 1.01 would run on DOS 5 for example (Windows 1.01 is no OS in my eyes)
(If you don't get it, see my slashdot handle..yes, lame joke)
Read my latest journal entry . Okay, this was only a normal home user, but I have always been of the opinion that even home users need System Administrators, just like you need a mechanic for your car. And computers in small bussinesses are often more badly managed than home-computers.
I do not fear for the job security of System Administrators in the near future. As long as users are clueless, they will screw up.... and nothing that Sun, IBM or Microsoft will invent can prevent that.
To cover decently you need to put them closer than 70 km to each other. There needs to be some overlap, and not every landscape is flat: I suppose that when you live in a hilly area you need even more masts.
I do not think it is useless. It keeps the original "view" of a certain place. I live in a country that is about completely covered for cellphone usage, but I never have seen a cellphone mast...at least not like the one the pictured in the article. I don't want big ugly towers every 35km, if they can make them invisible it is worth the cost.
Anyways, the cell-phone users are paying the extra expense anyway and I'm happy with that.
Well, of course I am pessimistic. I still have some faith in humanity to learn and you don't even seem to have that.
As long as the informed crowd still can do as they always did (that is: a good password for each service), then I don't care too much. I will warn the people I love against using SSO, and won't use it myself. The danger just is that it will be "required", and that day is when the "informed people" lose their power to big corporations. So, warn any goddamn soul again and again... Education is the only way and even if our voices are small, we still might make a difference.
Why do the market demands it? I don't think that is true. Most people could cope with several PIN-codes for the debit cards, most people can remember the code of their alarm system at home. Most people have to remember at least one password at work (not considering the keypad they need to use to enter the building).
And on physical things people have alwasy managed to cope with different keys for different usages (or do you use the same key for your house, locker, car and safe?). See... this is all just the same. The only reason that people consider a "unified solution" is because they are too afraid of computers, too afraid of locking them out of their own data. We do not *need* a good unified solution, we need to educate people.
That of course is my opinion, but it ain't gonna happen I fear.
I like the fact that I can choose a password for any different service. Which I consider high-security gets a strong password, but low security just gets a dictionary-searchable password. Losing your control over your own data because you are uninformed is not an excuse.
Besides, aren't dangerous typecasts now warnings in C/C++? I hate warnings so much that I always make sure there are no more warnings in any of my code. So technically I still would get warned.
Oh, well... be glad you don't have to maintain my code but I sure as hell won't be using Hungarian anytime soon.
Well it all depends on how you see it. Ever had to change an int to a long in a very very huge program? That's kind of a big search 'n replace. Besides I really think that it makes code unreadable... If I don't know what type a variable is, I prefer to look up the declaration. But then I just probably am a bad programmer.
Just name the var what it is supposed to represent. If it is representing an age, call it "age" and not "iAge". Just my opinion.
If you had actually just taken the time to go to their website , you would have seen it does run on Solaris. The Linux version seems indeed to be x86 only, but the Solaris version is for SPARC. I don't know what it's worth, I don't have a SPARC handy ;-) Only my G3 and diverse x86. Sorry, can't help you further than that.
Now while that may be true to some extent you need a very healthy machine to run those browsers. One little browser springs to my mind that is not opensource and runs very well on a P120/32Meg RAM running Linux with WindowMaker. It's called "Opera". I sure think you heard of it. I think it qualifies as a "modern browser".
It's not perfect, but it really runs fine on the above mentioned platform and also on my Psion Revo Plus. Both non-win non-mac platforms.
Hehe....
You forgot NT4-SP4... Many, many people stayed on SP3 for a loooong time. Ugly one, or the original NT-SP6 (not 6a)... Perhaps for NT4 it was "the uneven service packs only". But of course exceptions confirm the rule.
Not only that... Consider this: I regularly reinstall PC's for family and friends. I usually use Windows 2000 if the machine can cope it. Don't start on the fact that I should install Linux, I did for some of the more computer literate ones. Actually try Lycoris...that one is so easy it should be forbidden. Though it choked on a WinModem, no way to get online without recompiling the kernel and I didn't want to go to these depths. For my own computers I always recompile the kernel... ;-)
But, back on what I wanted to tell. I have a set of "mandatory" software I install which includes WinAmp and Acrobat Reader. Now my strategy is that I install all manadatory stuff, run them once (in order to accept EULA's and/or set the software to more acceptable settings. After I did all that, it come to the point that I create the different users for the machine. Then I "fork" the Aministrator Profile and associate them with the new users. This results in the fact that the registry settings indicate that the user accepted the EULA. The users never have to accept any EULA unless they install something themselves (which I usually disable: they have to call me for that). So it is clear that I am liable according to the EULA, but none of my users ever accepted the EULA, so the cannot be liable.
I think this kind of "pre-installing" is done in a lot of companies where custom pre-ghosted configs are used. However, I live in the EU: I don't consider EULA's legal anyway. And beside that, I usually install machines drunk
If there is a cheaper one you can gladly inform me, but I have been with VO for over 5 years and their service is just excellent, that's why I didn't even research other options.
Compared to Belgium, France, and Germany paying 80Euro for a 256kbps/64kbps is *very* expensive because they have faster connection for the same price.
Why the hell did you go through all the trouble discovering where I live, anyway? It's not hard to find, but I was just wondering... You could at least have posted non-anonymously.