Given that you get the hard drive, software and documentation in the bundle, I'd say it's not too bad a price. Still, if you're that set against it you can always go buy yourself a GC dev kit instead.:)
Except, of course, by using the reasonably priced PS2 Linux kit, available from Sony. They've always been pretty good about this sort of thing compared to the other manufacturers.
Fine. But as soon as you want to do something useful with OpenBSD, you need to go beyond the default install profile, which is set up to be as secure as possible by disabling everything. Once you start enabling even common and inoffensive services, you hit security problems.
OpenBSD security advisories from this year (for version 3.2):
# March 31, 2003: A buffer overflow in the address parsing in sendmail(8) may allow an attacker to gain root privileges.
# March 24, 2003: A cryptographic weaknesses in the Kerberos v4 protocol can be exploited on Kerberos v5 as well.
# March 19, 2003: OpenSSL is vulnerable to an extension of the ``Bleichenbacher'' attack designed by Czech researchers Klima, Pokorny and Rosa.
# March 18, 2003: Various SSL and TLS operations in OpenSSL are vulnerable to timing attacks.
# March 5, 2003: A buffer overflow in lprm(1) may allow an attacker to elevate privileges to user daemon..
# March 3, 2003: A buffer overflow in the envelope comments processing in sendmail(8) may allow an attacker to gain root privileges.
# February 25, 2003: httpd(8) leaks file inode numbers via ETag header as well as child PIDs in multipart MIME boundary generation. This could lead, for example, to NFS exploitation because it uses inode numbers as part of the file handle.
# February 22, 2003: In ssl(8) an information leak can occur via timing by performing a MAC computation even if incorrect block cipher padding has been found, this is a countermeasure. Also, check for negative sizes, in allocation routines.
# January 20, 2003: A double free exists in cvs(1) that could lead to privilege escalation for cvs configurations where the cvs command is run as a privileged user.
I'd like to. Could you recommend an alternative operating system that hasn't had a single security problem in a year, and has been adding new functionality over that period?
Seriously, I can count on the fingers of one hand the number of sources of HTML e-mail that I'm actually interested in, and a simple whitelist should give reasonable results on letting those through and keeping the spammers out.
Why not just ditch the whole sorry concept of HTML e-mails? Seems like a better solution to me. Can't quite do that yet, but as a bare minimum HTML image tags (and anything else that makes a request automatically to a remote server, thus confirming the validity of your e-mail address) should be ignored.
Even if the price is zero, then I'm personally likely to be angry enough as it is. This is all about accepting that SCO is in the right, and until such time as they've taken this through court and proven that to be the case, I have no intention of doing anything to suggest that they have the right to impose restrictions on my use of Linux.
If they're truly that confident of their position, they should be rushing through the court case, and then asking people to license Unixware, with a suitable judgement behind them to back it up.
As it is, their case is built mostly on hot air, so I can see their motivation in pushing for payment in advance.
No. Which is probably for the best, given that "news that matters" isn't part of Slashdot's remit. "News for nerds" is. "Stuff that matters" is. This story falls neatly into the former category.
If you're looking for news that matters, you might want to try elswhere...
I do it manually under Windows: print to a standard PS printer driver (I believe I use an Apple Laserwriter colour printer driver, but wouldn't swear to it) then load into Ghostview and convert to PDF. Always seems to result in a pleasingly small file.
Haven't tried it under Linux recently (I tend to use XML/HTML for my home documents rather than PDFs) but I'd imagine you can get a similar setup working.
Presentations can certainly be exported as SWF - go to the Export... option from the File menu, and it's one of the first options in the file-type list.
I suppose you could shut the computer down that way. Me, I log off and click on the shutdown button, but maybe that's just my wild and zany hi-tech ways.
Best stick to the good old Microsoft logical user interface approach where you shut the computer down by pressing the start button.
Optimising for smaller files still produces output that's almost five times the size of the PDFs I generate by printing to PS and converting in Ghostview though.
Since when can't footnotes be done in HTML? No reason not to have them at the end of the document, and you can provide anchor links from the text to the footnote and back.
It's not EE Times that need to get their story straight: it's SCO. Unless by some wonderful stroke of chance Darl can be held personally accountable for some of the crap he spouts.
Or, as Babelfish would say after a round trip into Japanese:
The patent already as for me thinks of that it is in machine translation and high.
now we speak to the people of the place of the foreign country, makes us maintain it is possible the barrier of word. Now it can obstruct our communications exactly with the ??? of machine translation, as for us it is not possible to understand in any case. The smell progress of the Ahh being sweet!
Slashdot Mirror
They can't (legally). Sucks to be them.
If they've got a tape player, they can use a suitable adapter, of course.
Given that you get the hard drive, software and documentation in the bundle, I'd say it's not too bad a price. Still, if you're that set against it you can always go buy yourself a GC dev kit instead. :)
I'm guessing not all of then own digital video playback systems, as well.
Except, of course, by using the reasonably priced PS2 Linux kit, available from Sony. They've always been pretty good about this sort of thing compared to the other manufacturers.
From the article:
From the front page of Slashdot:
It's too late to discuss this - they've already taken over and are using violence to manipulate Slashdot...
Fortunately it also had the side-effect of making Ian Duncan Smith illegal. Hopefully we'll soon be entirely free of his repetitive noises.
Fine. But as soon as you want to do something useful with OpenBSD, you need to go beyond the default install profile, which is set up to be as secure as possible by disabling everything. Once you start enabling even common and inoffensive services, you hit security problems.
OpenBSD security advisories from this year (for version 3.2):
# March 31, 2003: A buffer overflow in the address parsing in sendmail(8) may allow an attacker to gain root privileges.
# March 24, 2003: A cryptographic weaknesses in the Kerberos v4 protocol can be exploited on Kerberos v5 as well.
# March 19, 2003: OpenSSL is vulnerable to an extension of the ``Bleichenbacher'' attack designed by Czech researchers Klima, Pokorny and Rosa.
# March 18, 2003: Various SSL and TLS operations in OpenSSL are vulnerable to timing attacks.
# March 5, 2003: A buffer overflow in lprm(1) may allow an attacker to elevate privileges to user daemon..
# March 3, 2003: A buffer overflow in the envelope comments processing in sendmail(8) may allow an attacker to gain root privileges.
# February 25, 2003: httpd(8) leaks file inode numbers via ETag header as well as child PIDs in multipart MIME boundary generation. This could lead, for example, to NFS exploitation because it uses inode numbers as part of the file handle.
# February 22, 2003: In ssl(8) an information leak can occur via timing by performing a MAC computation even if incorrect block cipher padding has been found, this is a countermeasure. Also, check for negative sizes, in allocation routines.
# January 20, 2003: A double free exists in cvs(1) that could lead to privilege escalation for cvs configurations where the cvs command is run as a privileged user.
I'd like to. Could you recommend an alternative operating system that hasn't had a single security problem in a year, and has been adding new functionality over that period?
Of course, if I were a spammer, I wouldn't remove you from the list. I'd just move your contact details to the Reply-To: header. :)
Sounds fair to me. *They* can have the spam.
Seriously, I can count on the fingers of one hand the number of sources of HTML e-mail that I'm actually interested in, and a simple whitelist should give reasonable results on letting those through and keeping the spammers out.
Why not just ditch the whole sorry concept of HTML e-mails? Seems like a better solution to me. Can't quite do that yet, but as a bare minimum HTML image tags (and anything else that makes a request automatically to a remote server, thus confirming the validity of your e-mail address) should be ignored.
Sounds reasonable enough to me. How does 25% sound? :)
Even if the price is zero, then I'm personally likely to be angry enough as it is. This is all about accepting that SCO is in the right, and until such time as they've taken this through court and proven that to be the case, I have no intention of doing anything to suggest that they have the right to impose restrictions on my use of Linux.
If they're truly that confident of their position, they should be rushing through the court case, and then asking people to license Unixware, with a suitable judgement behind them to back it up.
As it is, their case is built mostly on hot air, so I can see their motivation in pushing for payment in advance.
I have to disagree with this one, and present in evidence the words of the caretaker at my old school:
"I prefer radio to television, because the pictures are better."
That makes your password:
NNNNNNNNTNNNNNTNNNNN
Proof that this system really does create more secure passwords.
No. Which is probably for the best, given that "news that matters" isn't part of Slashdot's remit. "News for nerds" is. "Stuff that matters" is. This story falls neatly into the former category.
If you're looking for news that matters, you might want to try elswhere...
I do it manually under Windows: print to a standard PS printer driver (I believe I use an Apple Laserwriter colour printer driver, but wouldn't swear to it) then load into Ghostview and convert to PDF. Always seems to result in a pleasingly small file.
Haven't tried it under Linux recently (I tend to use XML/HTML for my home documents rather than PDFs) but I'd imagine you can get a similar setup working.
Presentations can certainly be exported as SWF - go to the Export... option from the File menu, and it's one of the first options in the file-type list.
I suppose you could shut the computer down that way. Me, I log off and click on the shutdown button, but maybe that's just my wild and zany hi-tech ways.
Best stick to the good old Microsoft logical user interface approach where you shut the computer down by pressing the start button.
Optimising for smaller files still produces output that's almost five times the size of the PDFs I generate by printing to PS and converting in Ghostview though.
Still, a nice start.
Since when can't footnotes be done in HTML? No reason not to have them at the end of the document, and you can provide anchor links from the text to the footnote and back.
And now you're posting to Slashdot, the self-avowed "News for Nerds" site. Ironic, yes? :P
It's not EE Times that need to get their story straight: it's SCO. Unless by some wonderful stroke of chance Darl can be held personally accountable for some of the crap he spouts.
Or, as Babelfish would say after a round trip into Japanese:
And the simple gaping flaw in this ingenious solution is that I can now drive you out of business by spamming with your contact details.
Nice try.