Me to tech department: "Hi, I need to setup a FTP server with anonymous access only for people to download our companies installer who have problems getting it through http"
BSD user: FTP is insecure because password are plain text.
Whoever gave you this answer is a moron. There's no plaintext password if it's an FTP for anonymous users.
Software should be well-written before you start charging for it. Period.
How do you assess if it's well written?
From what I understand of Microsoft's development cycle, they do employ third parties to do security penetration testing on their systems before release as well as numerous other sorts of audits from manual to automated testing.
What would you suggest they do to reach your level of 'well written'?
It's not too hard to determine when it's "well written": it's basically when the default install does not have security holes. ie: not like windows.
OpenBSD has only had 2 remote security holes in several dozen releases
Out of the box with the default installation.
Windows has security holes out-of-the-box with all the defaults set. No system is safe if a user reconfigures it. What OS can protect me from a user who sets his password to his birthdate?
Of course, nobody uses OpenBSD in it's default configuration because it's useless. There are bigger security problems with OpenBSD, such as the default of creating just a root user
The installer quite clearly offers a choice to create a non-root account
, no configuration of sudo out of the box, ssh enabled to permit root logins by default (therefore making it an excellent bruteforce target)
This is only enabled if you skipped the step in whice you can create a non-root user. If you only have root, then it's quite obvious you'll want to log in as root
and so many other daemons that retain an unsafe configuration by default (although, I emphasize they aren't installed by default, so this magically makes it okay to the OpenBSD crowd).
[citation needed]
OpenBSD in this configuration doesn't help users learn 'safe' way of using the system and from experience, I have seen many who just continue using root for everything.
In reality, you will find that servers and desktops from SuSE or Ubuntu are more secure because of the enforcement of various policies. Ubuntu for example tries to ensure all the daemons run as regular users that don't have access to more than what they need to.
OpenBSD does this and chroots several daemons as well.
In any case, this is a fine example of yet another OS that cares about security to some degree, but does not defend window's stance in any way.
SuSE on the other hand focuses on having daemons jailed, so even if they are running as root, they don't have access to the rest of the system. They both have sane root and sudo policies. Root by default not being accessible from remote systems and instead need to enter via a regular user and use sudo to obtain access to higher privileged commands.
Again, OpenBSD only suggests you don't disable remote root logins if you skipped the step where you create another user. For quite obvious reasons.
OpenBSD really needs to update their security practices because security these days is more than just kernel vulnerabilities and what the default configuration installs with the system (which is essentially 'nothing' on OpenBSD). The practice of blaming the user for the fact they are using poor default configurations on daemons and poor user privilege management which is encouraged by how the system sets up the system initially does not help security.
Why is it acceptable that something you pay for has had thousands more every release?
If it's unacceptable, don't use it. So far, I find Microsoft's security practices somewhat more decent than OpenBSD's when it comes to default and usable configurations.
1) Install XP on a PC. 2) Plug an internet cable. 3) Sit back. 4) You now have an infected machine.
Windows 8 hasn't reached this point yet, but it's just a matter of time, as with every other release.
It's sad to see that MS has dominated the market for so long that exploits seem accetable and it's insightful to claim this. Software should be well-written before you start charging for it. Period.
OpenBSD has only had 2 remote security holes in several dozen releases, in over 15 years. Why is it acceptable that something you pay for has had thousands more every release?
I'm sure the 150USD difference must be to cover the translation of the entire UI from en_us to en_gb. Imagine the amount of effort and people you need to achieve this!!
Oh, and keep a backup of anything important. If you're like me, you'll need to do a full reformat/reinstall every two years or so, due to either a virus or just a slow system.
From what I hear from my windows-using friends, this tends to be more like 6months-1year, rather than 2years. I'm guessing you're probably an advances windows-user, while clearly the op is not.
For those of you who don't know, platinum means that absolutely no tweaking is required at all.
If they want to game on wine though, make sure you get an nvidia card. It's the only way to go. Sure ATI/Intel are more open, bla bla, but if gaming's what you want, then it's your only choice.
Pluging a device into another to syncronize contacts/music/whatever is quite primitive. We've been using something called wi-fi and internet for plenty of years outside of apple's world, you know?
I don't see any issues on using a single OS from a single vendor for every device and every task I perform. It's not like MS is going to develop close-standards, or closed-services which will keep me from moving elsewhere, or choosing my own service providers later on.
Most of your points sound rather in favour of syncronization. I ever, ever plug my phone to my computer, but still keep everything syncronized. I don't see why I'd even need to plug it in.
No, I don't use POP, I use IMAP, which helps all my email clients keep my emails syncronized. I want my work-stuff and photos on every computer I own, so I use git+cron to keep those synchornized.
Without syncronization, if you give me your phone number, and I write it down on my desktop, it means I can't call you from outside home.
"Same kernel" and "same OS" aren't the same thing: Android and Meego are different OS, even though they use the same kernel. I do agree with you on one thing - they could have reused the same kernel with different interfaces. But my guess is that the kernel/userland/ui separation isn't done as well as you'd expect, since they're all developed together as a single product, not designed to have changable parts.
Once the recipient receives his mails it belongs to him. Before that, they belong to the sender, and google is crawling those emails before they are received by the sender (remember, received by google != received by the recipient, google is just a middleman).
Slashdot Mirror
If Theo hadn't systematically pissed off everyone in large corporations that he's come in contact with, they might have written some drivers.
But he doesn't even want those corporations to write those drivers, he just wants the documentations so he (and other devs) can do it themselves.
I am a Linux user because of this exchange:
Me to tech department: "Hi, I need to setup a FTP server with anonymous access only for people to download our companies installer who have problems getting it through http"
BSD user: FTP is insecure because password are plain text.
Whoever gave you this answer is a moron. There's no plaintext password if it's an FTP for anonymous users.
How do you assess if it's well written?
From what I understand of Microsoft's development cycle, they do employ third parties to do security penetration testing on their systems before release as well as numerous other sorts of audits from manual to automated testing.
What would you suggest they do to reach your level of 'well written'?
It's not too hard to determine when it's "well written": it's basically when the default install does not have security holes. ie: not like windows.
OpenBSD has only had 2 remote security holes in several dozen releases
Out of the box with the default installation.
Windows has security holes out-of-the-box with all the defaults set. No system is safe if a user reconfigures it. What OS can protect me from a user who sets his password to his birthdate?
Of course, nobody uses OpenBSD in it's default configuration because it's useless. There are bigger security problems with OpenBSD, such as the default of creating just a root user
The installer quite clearly offers a choice to create a non-root account
, no configuration of sudo out of the box, ssh enabled to permit root logins by default (therefore making it an excellent bruteforce target)
This is only enabled if you skipped the step in whice you can create a non-root user. If you only have root, then it's quite obvious you'll want to log in as root
and so many other daemons that retain an unsafe configuration by default (although, I emphasize they aren't installed by default, so this magically makes it okay to the OpenBSD crowd).
[citation needed]
OpenBSD in this configuration doesn't help users learn 'safe' way of using the system and from experience, I have seen many who just continue using root for everything.
In reality, you will find that servers and desktops from SuSE or Ubuntu are more secure because of the enforcement of various policies. Ubuntu for example tries to ensure all the daemons run as regular users that don't have access to more than what they need to.
OpenBSD does this and chroots several daemons as well.
In any case, this is a fine example of yet another OS that cares about security to some degree, but does not defend window's stance in any way.
SuSE on the other hand focuses on having daemons jailed, so even if they are running as root, they don't have access to the rest of the system. They both have sane root and sudo policies. Root by default not being accessible from remote systems and instead need to enter via a regular user and use sudo to obtain access to higher privileged commands.
Again, OpenBSD only suggests you don't disable remote root logins if you skipped the step where you create another user. For quite obvious reasons.
OpenBSD really needs to update their security practices because security these days is more than just kernel vulnerabilities and what the default configuration installs with the system (which is essentially 'nothing' on OpenBSD). The practice of blaming the user for the fact they are using poor default configurations on daemons and poor user privilege management which is encouraged by how the system sets up the system initially does not help security.
If it's unacceptable, don't use it. So far, I find Microsoft's security practices somewhat more decent than OpenBSD's when it comes to default and usable configurations.
1) Install XP on a PC.
2) Plug an internet cable.
3) Sit back.
4) You now have an infected machine.
Windows 8 hasn't reached this point yet, but it's just a matter of time, as with every other release.
It's sad to see that MS has dominated the market for so long that exploits seem accetable and it's insightful to claim this. Software should be well-written before you start charging for it. Period.
OpenBSD has only had 2 remote security holes in several dozen releases, in over 15 years. Why is it acceptable that something you pay for has had thousands more every release?
You can't have 3 friends over and play on a huge screen with tablets/cell-phones, and that makes a difference, especially with nintendo consoles.
I'm sure the 150USD difference must be to cover the translation of the entire UI from en_us to en_gb. Imagine the amount of effort and people you need to achieve this!!
Forcing me to tolarate them isn't either. That's why we draw certain lines.
Well, in my app we app every app, so I think it's quite app!
I won't be able to alt-tab between those, and it would be way harder for applications to switch between full-screen and windows-mode.
You can get them for free from StartSSL, and most browsers/vendors will trust them.
It slightly above what a developer makes per month in some countries. US/Europe isn't the entire world, you know.
If Windows is the answer, then it must have been a really stupid question.
I'm betting they won't even start, but in case they do, there's no 3D acceleration, so you won't get very far past the main menu.
Oh, and keep a backup of anything important. If you're like me, you'll need to do a full reformat/reinstall every two years or so, due to either a virus or just a slow system.
From what I hear from my windows-using friends, this tends to be more like 6months-1year, rather than 2years.
I'm guessing you're probably an advances windows-user, while clearly the op is not.
Your point still stands though! :)
There's not a chance in hell you get decent enough performance out of a VM for gaming, especially when it comes to 3D accelerated graphics.
What do you mean you "couldn't get wow to run on wine"?
WOW has a platinum rating on wine's appdb.
For those of you who don't know, platinum means that absolutely no tweaking is required at all.
If they want to game on wine though, make sure you get an nvidia card. It's the only way to go. Sure ATI/Intel are more open, bla bla, but if gaming's what you want, then it's your only choice.
Pluging a device into another to syncronize contacts/music/whatever is quite primitive. We've been using something called wi-fi and internet for plenty of years outside of apple's world, you know?
I don't see any issues on using a single OS from a single vendor for every device and every task I perform.
It's not like MS is going to develop close-standards, or closed-services which will keep me from moving elsewhere, or choosing my own service providers later on.
Most of your points sound rather in favour of syncronization.
I ever, ever plug my phone to my computer, but still keep everything syncronized. I don't see why I'd even need to plug it in.
No, I don't use POP, I use IMAP, which helps all my email clients keep my emails syncronized.
I want my work-stuff and photos on every computer I own, so I use git+cron to keep those synchornized.
Without syncronization, if you give me your phone number, and I write it down on my desktop, it means I can't call you from outside home.
"Same kernel" and "same OS" aren't the same thing: Android and Meego are different OS, even though they use the same kernel.
I do agree with you on one thing - they could have reused the same kernel with different interfaces. But my guess is that the kernel/userland/ui separation isn't done as well as you'd expect, since they're all developed together as a single product, not designed to have changable parts.
I've never seen ads or spam added to my incoming emails, nor from gmail, nor anywhere else.
Are you sure it's not an issue on your end?
You could have just told them to use adblock.
Also, non-gmail users who view email in plain text, will see that text.
Adium and Pidgin are not email clients, AFAIK. Maybe you meant something like Thunderbird or Mutt.
User who see the ads are using webmail, and webmail does not generally support GPG.
Once the recipient receives his mails it belongs to him.
Before that, they belong to the sender, and google is crawling those emails before they are received by the sender (remember, received by google != received by the recipient, google is just a middleman).