Too right, this indicates that there must be a certain quality to the free software driver that the original Windows driver lacks.
I'm guessing it's a lack of bloat, after all, how many people will need full DirectX support on an embedded machine? But all the free testing on their code as it's developed in Linux should also be a good reason.
Until you use pidgin or the like. Encryption of messages over facebook is convenient and has been for a long time, provided both sender/recipient use software with an appropriate plugin.
Just some ideas that come to mind and show that actually Solaris isn't as innovative as the Linux camp...
Linux kernel innovations which are more flexible than most alternatives:
SELinux - label-based security which allows flexible controls over the privileges of objects and how they may interact with other labelled objects [Trusted Solaris] TOMOYO - pathname+history-based security which provides flexible controls over the privileges of processes and how they may interact with objects AppArmor - pathname based security with flexible controls over the privileges of processes and how they may interact with files/network cgroups - hierarchical scheduling, resource management customisable entirely by the user within software or through writing to files [Zone Resource Controls] Kernel Namespaces - flexible separation of networking, PID tables, IPC etc. called simply from within clone() [Jails / Zones] File Capabilities - labelling files with specific capabilities which would normally only be given to root - removing SETUID from a lot of files User Mode Linux - port of Linux to run in userland atop a Linux kernel, paravirtualization (Linode built their business upon this) Completely Fair Queuing (CFQ) - a decent method of prioritising I/O fairly, so that heavy I/O does not grind a desktop/server to a halt Completely Fair Scheduling (CFS) - a decent method of prioritising CPU fairly, so that heavy CPU load does not grind a desktop/server to a halt Kernel Mode Setting (KMS) - enables faster switching of terminals, simpler 2D acceleration and better security (Xorg no longer needs root) [Windows GDI] Full NX Support - helps reduce the risk of successful exploitation of buffer overflows [Windows DEP / OpenBSD W^X] Full ASLR Support / PIC / PIE - reduces risk of certain classes of exploit by randomising memory location of libraries NILFS2 - infinite snapshotting log-based filesystem, theoretically capable of tracking every change ever made to files
GNU/Linux userland innovations:
systemd - purely Linux-oriented solution for fast, parallelised initialisation of services AppArmor - simple way to lock down server/desktop processes interactively through a robust parser libvirt - abstraction layer to allow many different types of virtualisation to be used in a common way PolicyKit - secure method of enabling root processes to run without the risk of malicious X clients injecting commands PackageKit - abstraction layer for a common method of updating/installing/removing packages PulseAudio - low-latency abstraction layer for handling multiple audio systems, networking audio and multiplexing devices, with per-client volume controls firewalld - applications can make D-BUS requests to open inbound ports and PolicyKit handles allow/deny, along with any uPnP requests (if allowed) ABRT - automated bug reporting of most userland applications, sent to the distribution and/or the upstream developers [Windows Error Reporting] kerneloops - automated reporting of kernel oops errors to detect potential common bugs in the kernel without manual user interference [Windows Error Reporting] GCC SSP (ProPolice) - prevents buffer overflows in the stack through a canary value [Microsoft Visual Studio (C++) GS]
Solaris on x86 is a sad joke. The name "slowlaris" came about because of that hideous port.
Ever tried to run Solaris x86 on a normal PC? If you think Linux can't handle basic I/O on slow devices (really, try copying from multiple USB sticks at once and try to use your desktop to the same time!), Solaris lags up with the slightest bit of HDD I/O.
Why can't we have quangos do the signing? Governments can sign for companies, performing EV using their large, centralised databases of companies (e.g. Companies House in the UK).
Individuals may be signed off by the domain registrar subject to receiving basic identity documentation as individuals don't really need full EV'ing for their personal sites.
Anonymous individuals can be signed by a 3rd party and warnings can be given in-browser as to how the identity has not been verified.
Parents (If one can even use the plural in most cases) should have no right to dominate childrens' lives any more than the school system does or big media do. Child protection laws are all a sad joke which make bad assumptions about the intelligence of young people who happen to be below the age of 18. Due to child protection laws, a lot of young and talented people cannot find their place in the world until they are much older, this is wrong.
Parents very often do not recognise true potential in their kids and it should be up to the child as to who he/she communicates with in private. Teachers spend longer with classes of children at key times in any one given child's life than the parents do in many cases and teachers of specialist subjects are the best at identifying aptitude for a given subject. Students with an aptitude for a subject should get special attention to help them reach their true potential.
In addition, social networking is no more risky than keeping a student for face-to-face chat at the end of a class, when will people realise this?
Suggesting shutting down Facebook for an hour or two sounds like the best thing the Conservatives have said/done in a long time... Facebook is as creepy as hell. They keep a lot of data pretty much indefinitely, without a lot of user cooperation and/or DPA requests. Every message ever sent between users, every wall post, every app result/request, GeoIP on logins and EXIF tags from pictures to reveal location at any given point in time, friends "check you in" to places. Even without malicious abuse of Facebook APIs for using all that data to track you (Police app anyone?) the whole thing is as creepy as hell. That and Facebook controls the flow of information quite strictly, there are phrases one can't post on Facebook due to censorship/filtering. It takes a lot of hard work to sanitise a Facebook profile and still have it be usable for all the benefits of social networking.
Sure the rest of Conservative policies when it comes to IT and freedom (RIPA, DEA, Terrorism Act) are ghastly but I can't disagree with wanting to shut down Facebook, that is doing the brainwashed masses a favour...
Slashdot Mirror
Too right, this indicates that there must be a certain quality to the free software driver that the original Windows driver lacks.
I'm guessing it's a lack of bloat, after all, how many people will need full DirectX support on an embedded machine? But all the free testing on their code as it's developed in Linux should also be a good reason.
Until you use pidgin or the like. Encryption of messages over facebook is convenient and has been for a long time, provided both sender/recipient use software with an appropriate plugin.
Just some ideas that come to mind and show that actually Solaris isn't as innovative as the Linux camp...
Linux kernel innovations which are more flexible than most alternatives:
SELinux - label-based security which allows flexible controls over the privileges of objects and how they may interact with other labelled objects [Trusted Solaris]
TOMOYO - pathname+history-based security which provides flexible controls over the privileges of processes and how they may interact with objects
AppArmor - pathname based security with flexible controls over the privileges of processes and how they may interact with files/network
cgroups - hierarchical scheduling, resource management customisable entirely by the user within software or through writing to files [Zone Resource Controls]
Kernel Namespaces - flexible separation of networking, PID tables, IPC etc. called simply from within clone() [Jails / Zones]
File Capabilities - labelling files with specific capabilities which would normally only be given to root - removing SETUID from a lot of files
User Mode Linux - port of Linux to run in userland atop a Linux kernel, paravirtualization (Linode built their business upon this)
Completely Fair Queuing (CFQ) - a decent method of prioritising I/O fairly, so that heavy I/O does not grind a desktop/server to a halt
Completely Fair Scheduling (CFS) - a decent method of prioritising CPU fairly, so that heavy CPU load does not grind a desktop/server to a halt
Kernel Mode Setting (KMS) - enables faster switching of terminals, simpler 2D acceleration and better security (Xorg no longer needs root) [Windows GDI]
Full NX Support - helps reduce the risk of successful exploitation of buffer overflows [Windows DEP / OpenBSD W^X]
Full ASLR Support / PIC / PIE - reduces risk of certain classes of exploit by randomising memory location of libraries
NILFS2 - infinite snapshotting log-based filesystem, theoretically capable of tracking every change ever made to files
GNU/Linux userland innovations:
systemd - purely Linux-oriented solution for fast, parallelised initialisation of services
AppArmor - simple way to lock down server/desktop processes interactively through a robust parser
libvirt - abstraction layer to allow many different types of virtualisation to be used in a common way
PolicyKit - secure method of enabling root processes to run without the risk of malicious X clients injecting commands
PackageKit - abstraction layer for a common method of updating/installing/removing packages
PulseAudio - low-latency abstraction layer for handling multiple audio systems, networking audio and multiplexing devices, with per-client volume controls
firewalld - applications can make D-BUS requests to open inbound ports and PolicyKit handles allow/deny, along with any uPnP requests (if allowed)
ABRT - automated bug reporting of most userland applications, sent to the distribution and/or the upstream developers [Windows Error Reporting]
kerneloops - automated reporting of kernel oops errors to detect potential common bugs in the kernel without manual user interference [Windows Error Reporting]
GCC SSP (ProPolice) - prevents buffer overflows in the stack through a canary value [Microsoft Visual Studio (C++) GS]
Sarcasm dude.
Solaris on x86 is a sad joke. The name "slowlaris" came about because of that hideous port.
Ever tried to run Solaris x86 on a normal PC? If you think Linux can't handle basic I/O on slow devices (really, try copying from multiple USB sticks at once and try to use your desktop to the same time!), Solaris lags up with the slightest bit of HDD I/O.
It's a complete clone of Red Hat Enterprise Linux, with an optional Oracle-bastardised version of the kernel.
Why can't we have quangos do the signing? Governments can sign for companies, performing EV using their large, centralised databases of companies (e.g. Companies House in the UK).
Individuals may be signed off by the domain registrar subject to receiving basic identity documentation as individuals don't really need full EV'ing for their personal sites.
Anonymous individuals can be signed by a 3rd party and warnings can be given in-browser as to how the identity has not been verified.
Problem solved.
I imagined Amber Mac full of feathers :-|
Parents (If one can even use the plural in most cases) should have no right to dominate childrens' lives any more than the school system does or big media do. Child protection laws are all a sad joke which make bad assumptions about the intelligence of young people who happen to be below the age of 18. Due to child protection laws, a lot of young and talented people cannot find their place in the world until they are much older, this is wrong.
Parents very often do not recognise true potential in their kids and it should be up to the child as to who he/she communicates with in private. Teachers spend longer with classes of children at key times in any one given child's life than the parents do in many cases and teachers of specialist subjects are the best at identifying aptitude for a given subject. Students with an aptitude for a subject should get special attention to help them reach their true potential.
In addition, social networking is no more risky than keeping a student for face-to-face chat at the end of a class, when will people realise this?
Suggesting shutting down Facebook for an hour or two sounds like the best thing the Conservatives have said/done in a long time... Facebook is as creepy as hell. They keep a lot of data pretty much indefinitely, without a lot of user cooperation and/or DPA requests. Every message ever sent between users, every wall post, every app result/request, GeoIP on logins and EXIF tags from pictures to reveal location at any given point in time, friends "check you in" to places. Even without malicious abuse of Facebook APIs for using all that data to track you (Police app anyone?) the whole thing is as creepy as hell. That and Facebook controls the flow of information quite strictly, there are phrases one can't post on Facebook due to censorship/filtering. It takes a lot of hard work to sanitise a Facebook profile and still have it be usable for all the benefits of social networking. Sure the rest of Conservative policies when it comes to IT and freedom (RIPA, DEA, Terrorism Act) are ghastly but I can't disagree with wanting to shut down Facebook, that is doing the brainwashed masses a favour...