I think you're only serving to muddy the waters by comparing this to people who invested in Enron. People who invested in Enron knew (or should reasonably have known) that share prices can fall. People who put their money in Ebay can reasonably assume that their money won't be stolen.
Chroot jails are not infallible, but they provide considerable extra security.
A good example of this is in the case of BIND9. One starts the name server (as root), which binds to the socket, and then chroots and drops priviliges to that of the named user. If BIND is compromised the attacker finds themself in a chroot jail as user named with only read access to the files they can see.
Chroot-jails do not provide complete protection for programs that run as root (at least not on machines that don't implement the jail() system-call, ie most *nix OSs). They are still, however, extremely useful.
If the whole jail resided in its own actual virtual Linux machine, where nasty things cannot break the account, just the session, they would be quite a bit more effective.
You can use User Mode Linux to do that.
Except that UML often gives the attacker enough that they don't need to bother breaking out of it. These days, nine times out of ten, the attacker has compromised your box in order to use it for a DoS net. UML gives the attacker all the tools necessary to do this without any need to break out of it at all.
The chroot jail approach is pretty cool, and
gives a great layer of security for the system too.
In the long run, though, I hope the standard aproach becomes User Mode Linux.
I don't. A UML installation normally has far more in the way of tools than a chroot-jail. if a cracker exploits a vulnerable daemon and gets into UML they have far more opportunity to do badness. If, on the other hand, they exploit a vulnerable chroot-jailed daemon then if it's well set up all they'll have access to is probably/dev/urandom and/dev/log - neither of which they can do any great damage with. UML is a great tool, but this really isn't the best way to use it.
Actually as far as I was aware all of KDE itself was free. TheKompany certainly produce some non-free software, but everything that comes with KDE is GPL'd AFAIK.
What would be truly useful is to provide these people with a system of morality that gave them a future, a reason for doing anything, the guts and insight to no longer fight each other or be suckered into stupid political deals, a humble but incredibly resolute attitude and a will to work. And then stand clear.
Dubyah's arrogant version of Christianity won't do it, similarly arrogant Roman Catholicism has had centuries to do it and failed miserably, Islam and other fatalistic systems have no chance and Atheism even less.
You seem to be mistaking morality with religion, when in actual fact the two are completely disparate. Atheists can and do have morals; there are a great many believers who exhibit amorral traits. This does mean that their (a)theology is wrong.
Whilst I certainly agree that morals are necessary, I believe you have made a flawed assumption in the way morals work.
Not only that, but there were actually some fun games that looked good too.
As an owner of both a PS2 and a Dreamcast (amongst quite a few other consoles) I was quite puzzled by this comment. The PS2 release games were pretty piss-poor to be honest (with the possible exception of Tekken Tag if fighting games are your thing, but IMO it doesn't come close to the almighty Soul Calibur). Even now, I'd say the Dreamcast has way more top quality titles:
PS2:
GT3
GTA3
Ico
Tekken Tag
Rez
Dreamcast:
Soul Calibur
Jet Set Radio
Virtua Tennis
Ferrari F355 Challenge
Shenmue
Rez
With the exception of GTA3, you could argue that for every PS2 game there's another in the same genre on the Dreamcast that's better. Of course, the DC didn't have Sony's marketing might, or the selling point that it would play DVDs too...
So from your extensive testing field of one (1) person you therefore conclude the drivers are fine?
nVidia's drivers have bugs. This really isn't nVidia's fault - it's impossible to write something that's bug free. Where I do blame nVidia is in the lack of freedom with their driver (yeah yeah, I know, it's the chipset they use not letting them release it, whatever) which means that no-one can fix the problems with their drivers. Even if nVidia's drivers worked perfectly (which in my limited experience they don't) I personally would choose not to run them because of their non-free nature.
if I am walking through an art gallery of and one of his paintings has a nude figure on it, maybe I'll want to walk past that one
Maybe I just don't understand because I'm an atheist, but this seems like a very strange standpoint to me. Taking the viewpoint that a being such as your god does exist, surely said omnipotent being created the human form, and gave the artist the ability to draw this form. Why should the lack of any man-made additions to the model make you not want to look?
In England having a phone as lowly as a Nokia 3210 would be social death for the 12-16 yr olds.. my little sister now constantly bitches how her 3310 is now 'sooo last year' and how she *must* have a new phone. Doubtless a similar situation occurs in schools across Europe..
Actually, the encoding scheme isn't necessarily crappy for either picture or video. When I first got my cable box, the picture quality was actually damn good. Unfortunately they've since added loads of 'pay-per-view' (ie porn) channels, and dropped the bitrate for the others. Now many channels are slightly better than VCD quality (and definatly sub divx;) quality).
When I tried software raid5 the performance was pretty terrible. Software raid1 adds pretty much no overhead though, so that's certainally an option to consider..
The problem with this article
on
Is RPM Doomed?
·
· Score: 5, Insightful
This article really shows more about the author's experience than it does about the merits of any particular package management system.
Let us for a moment pretend that instead of using.debs (but still had APT, ala Connectiva), Debian used RPM for its package management. Would Debian be as good as it is now? Of course. Why is this? Well, because the Debian people spend a hell of a lot of time making sure the package management is done properly. This has drawbacks of course, like the lack of the latest-and-greatest software (notably XFree86 4.2 and KDE 3), but in terms of stability you really can't argue that Debian is the best around.
The author then goes on to suggest that a Gentoo-like system is whats best. Quite frankly this just shows us more about how little the author understands what is necessary in a package management system. Don't get me wrong, I like Gentoo a lot (in fact I type this message on a machine running Gentoo:)) but package management really isn't its strong point, as things like the recent libpng problems show. Doing things this way makes dependencies extremely difficult to deal with. Lets pretend you have libxyz installed, and then install program abc. abc can use libxyz, but doesn't require it. As you have libxyz installed, gentoo compiles abc with libxyz support enabled (one of Gentoo's best features). However, the day after, you decide to 'emerge unmerge libxyz' (remove libxyz for Gentoo virigins). abc no longer works properly. Gentoo didn't tell you that abc needed libxyz, because it's not a dependecy.
In my opinion, the package format is irrelevant; RPM, DEB, TGZ, all are fine as long as they are centrally controlled and well put together. A system like APT makes things many, many times better, becuase it eases dependency problems, but it isn't a pre-requisite.
Actually, when I go into a record shop I often look out for the latest release on V Recordings, or Hospital Records or whatever.
Of course, given your examples (Sony, Island etc) I'm sure no-one gives a shit, because these labels have fuck all to do with an artist or style and everything to do with money making for a faceless corporation. This is why I only buy records from the underground.. (well, that and it fits my tastes too..:))
Slashdot Mirror
I think you're only serving to muddy the waters by comparing this to people who invested in Enron. People who invested in Enron knew (or should reasonably have known) that share prices can fall. People who put their money in Ebay can reasonably assume that their money won't be stolen.
If working on ones own initiative to help a company you are employed by is something really stupid, I'd hate to work with you.
Except that it may well be vulnerable because of an undisclosed bug in the program that is being chrooted.
A good example of this is in the case of BIND9. One starts the name server (as root), which binds to the socket, and then chroots and drops priviliges to that of the named user. If BIND is compromised the attacker finds themself in a chroot jail as user named with only read access to the files they can see.
Chroot-jails do not provide complete protection for programs that run as root (at least not on machines that don't implement the jail() system-call, ie most *nix OSs). They are still, however, extremely useful.
Except that UML often gives the attacker enough that they don't need to bother breaking out of it. These days, nine times out of ten, the attacker has compromised your box in order to use it for a DoS net. UML gives the attacker all the tools necessary to do this without any need to break out of it at all.
I don't. A UML installation normally has far more in the way of tools than a chroot-jail. if a cracker exploits a vulnerable daemon and gets into UML they have far more opportunity to do badness. If, on the other hand, they exploit a vulnerable chroot-jailed daemon then if it's well set up all they'll have access to is probably /dev/urandom and /dev/log - neither of which they can do any great damage with. UML is a great tool, but this really isn't the best way to use it.
You seem to be mistaking morality with religion, when in actual fact the two are completely disparate. Atheists can and do have morals; there are a great many believers who exhibit amorral traits. This does mean that their (a)theology is wrong.
Whilst I certainly agree that morals are necessary, I believe you have made a flawed assumption in the way morals work.
As an owner of both a PS2 and a Dreamcast (amongst quite a few other consoles) I was quite puzzled by this comment. The PS2 release games were pretty piss-poor to be honest (with the possible exception of Tekken Tag if fighting games are your thing, but IMO it doesn't come close to the almighty Soul Calibur). Even now, I'd say the Dreamcast has way more top quality titles:
PS2:
Dreamcast:
With the exception of GTA3, you could argue that for every PS2 game there's another in the same genre on the Dreamcast that's better. Of course, the DC didn't have Sony's marketing might, or the selling point that it would play DVDs too...
Opera is non-free. Mozilla is.
Suggested slashdot moderation entry:
-1, Needlessly sycophantic
nVidia's drivers have bugs. This really isn't nVidia's fault - it's impossible to write something that's bug free. Where I do blame nVidia is in the lack of freedom with their driver (yeah yeah, I know, it's the chipset they use not letting them release it, whatever) which means that no-one can fix the problems with their drivers. Even if nVidia's drivers worked perfectly (which in my limited experience they don't) I personally would choose not to run them because of their non-free nature.
Are we talking about the same Times, the one owned and controlled by the devil himself, Rupert Murdoch?
Maybe I just don't understand because I'm an atheist, but this seems like a very strange standpoint to me. Taking the viewpoint that a being such as your god does exist, surely said omnipotent being created the human form, and gave the artist the ability to draw this form. Why should the lack of any man-made additions to the model make you not want to look?
In England having a phone as lowly as a Nokia 3210 would be social death for the 12-16 yr olds.. my little sister now constantly bitches how her 3310 is now 'sooo last year' and how she *must* have a new phone. Doubtless a similar situation occurs in schools across Europe..
Actually, the encoding scheme isn't necessarily crappy for either picture or video. When I first got my cable box, the picture quality was actually damn good. Unfortunately they've since added loads of 'pay-per-view' (ie porn) channels, and dropped the bitrate for the others. Now many channels are slightly better than VCD quality (and definatly sub divx ;) quality).
When I tried software raid5 the performance was pretty terrible. Software raid1 adds pretty much no overhead though, so that's certainally an option to consider..
Yes.
Kopete is pretty damn nice too, and coming along very nicely..
Recycling still uses energy I'm afraid..
I think you mean €20...
What a great and original idea.
Let us for a moment pretend that instead of using .debs (but still had APT, ala Connectiva), Debian used RPM for its package management. Would Debian be as good as it is now? Of course. Why is this? Well, because the Debian people spend a hell of a lot of time making sure the package management is done properly. This has drawbacks of course, like the lack of the latest-and-greatest software (notably XFree86 4.2 and KDE 3), but in terms of stability you really can't argue that Debian is the best around.
The author then goes on to suggest that a Gentoo-like system is whats best. Quite frankly this just shows us more about how little the author understands what is necessary in a package management system. Don't get me wrong, I like Gentoo a lot (in fact I type this message on a machine running Gentoo :)) but package management really isn't its strong point, as things like the recent libpng problems show. Doing things this way makes dependencies extremely difficult to deal with. Lets pretend you have libxyz installed, and then install program abc. abc can use libxyz, but doesn't require it. As you have libxyz installed, gentoo compiles abc with libxyz support enabled (one of Gentoo's best features). However, the day after, you decide to 'emerge unmerge libxyz' (remove libxyz for Gentoo virigins). abc no longer works properly. Gentoo didn't tell you that abc needed libxyz, because it's not a dependecy.
In my opinion, the package format is irrelevant; RPM, DEB, TGZ, all are fine as long as they are centrally controlled and well put together. A system like APT makes things many, many times better, becuase it eases dependency problems, but it isn't a pre-requisite.
Of course, given your examples (Sony, Island etc) I'm sure no-one gives a shit, because these labels have fuck all to do with an artist or style and everything to do with money making for a faceless corporation. This is why I only buy records from the underground.. (well, that and it fits my tastes too.. :))
Both KDE and Gnome have session management features. Note that the applications you are using have to support them though..