I read an explanation elsewhere that compared URLs to physical addresses. It'd be ridiculus to copyright "123 Maple Ave.", although you could argue that the government assigned that one to you.
Try copyrighting "Mail Stop 4, Dept. #4528, Building 6", though.
Many people don't install their own Linux. They're fed up with Windows so they get a friend to install it for them, or they work at a company that's switching. Either way, a familiar interface will be a good thing for these people.
It appears so. On 4.5, you're given a screen on first boot explaining a little about security. There are three buttons: OK, Set Time, Advanced. To set up a non-root user, you must click Advanced, then Manage Users to open up KDE's users config screen, and then go through those menus to actually add a new one.
Not sure if this has changed in 5.0, but the article doesn't mention a difference.
Um, none of those thing have happened to me. But my post was talking about pure numbers of vulnerabilities, not the risk of exploit. Notice that I mentioned the severity thing at the bottom.
The story mentioned numbers of vulnerabilities. So I laid them out. RHEL, like, had more.
I included python, squid, and ethereal because they're likely to be present on a server. Just like I included.NET Framework and ASP on the Windows side.
You're not making any sense. The issue was with libpng, which is used by pretty much every image-capable platform in existance. Everyone else patched it when it was discovered last summer, though.
The real question to ask is "Why did it take MS so long to remember it had used a vulnerable version in MSN Messenger?"
I agree. Since we're comparing statistics here, and the grandparent hasn't pointed to any sources, let's get some facts on the table.
Since Microsoft brought up server operating systems, let's compare Microsoft Windows Server 2003 Enterprise Edition with IIS 6 and Red Hat Enterprise Linux 3 Advanced Server with its default suite of servers (apache, etc.)
For WS2003-EE, microsoft.com reveals 12 security bulletins for 2005:
MS05-001 - HTML Help ActiveX Control - Moderate (3)
SA14061 (01/2005) - local Registry vuln - Not critical (5)
So it looks like the WS2003-EE/IIS6 combination has been subject to 12 patches in 2005 caused by 16 vulnerabilities with an average criticality of 2, plus 6 unpatched or partially patched vulnerabilities with an average criticality of 4.
Since I'll be getting rid of KDE and Mozilla vulns with RHEL because they're not really used on back-room servers, I'll toss out the IE and HTML Help ones here. That leaves 8 updates patching 10 security holes and an average severity of 2, plus 5 unpatched holes of low severity (mostly local).
Now on to Red Hat Enterprise Linux 3 Advanced Server, for which redhat.com lists 22 advisories for 2005 (more abbreviated list format):
So so far in 2005, RHEL3-AS has been hit with 22 patches, consisting of 53 individual vulnerabilities of unknown criticality (they didn't say). Taking out the ones effecting packages that aren't part of the base system (that don't really have any match on a backroom Windows server), that still leaves 14 updates fixing 41 vulnerabilities. Secunia, however, shows none unpatched.
The Secunia site has some good comparative charts, showing that from 1993-today, WS2003 has been hit with fewer problems, with a fewer percentage remotely exploitable, but with a highe
I agree. I can't see Bush or his administration invading Iraq simply for oil or any of the myriad other conspiracy theories mentioned further up on the page. Instead, I see the motivation in Saddam's continued belligerance toward the UN and US, his shenanigans after 9/11, his repeated banning of the weapons inspectors, his refusal to give up required documents, etc. Saddam was not your everyday happy-go-lucky dictator.
Bush's motivations may have been misguided, and his administration overzealous, but I don't see them as being conspiratorial.
Of course, if anyone has any actual evidence of alterior motives that passes the reasonable doubt test, I'd be glad to see them. A departmental memo entitled "Let's go get some Iraqi oil!" perhaps?
I agree. "American Idiot" restored (or maybe cemented) my faith in the album as an art form. Every so often I'll go back and listen to my old Hybrid Theory CD from Linkin Park from front to back. Brings back memories of high school. For me, listening to an entire album gives me much more than just a single or two (provided, of course, that it's a good album).
Contributed back their full patchset, no. But a quick search reveals 1736 CVS commits to the WINE tree by Transgaming employees. Also note that ReWind is maintained by a Transgaming employee. Finally, remember that WINE's license at the time expressly permitted this behavior (and ReWind's still does).
Because all the Linux users brought it up first. If millions of people were saying that you like to have sex with goats, you either deny it, or you let the rumor grow, thereby making people assume that it must be true.
Once again, someone avoids admitting his ignorance by lashing out at someone else.
Go call up Chris McKay at NASA and tell him your feelings about his project. My prediction is that he'll say something other than "Oh my gosh! You're right! I'll begin a more realistic project immediately!"
Piss off the power user? It's precisely the power user that has the ability to easily change back to tree view if he or she wants. Just make a shortcut with the proper command line switch, or go to gconf-editor and change the value. It's in apps > nautilus > preferences. Hell, in Gentoo, 2.8.0 even came with a premade shortcut for 'Nautilus - Browse Mode'. And now that 2.8.1 is out, you don't even have the lack of a handy GUI toggle switch to complain about.
This is true, but it doesn't mean that AA is a CS knockoff. It's much more slow-paced and tactical. No automatic weapons, just single and burst (unless you're the SAW guy). Large maps. Realistic damage. Persistent scoring across games (honor system). Squad tactics.
I find myself popping into CS as a quickie stress reliever, but I always go back to AA for the real deal.
Here's an idea: what if a group of dedicated Linux gamers got together and petitioned a developer to let them port one of their old Windows-only titles for free. It wouldn't cost them a dime, they wouldn't have much to worry about otherwise, since the game wouldn't still be in the stores, and they may get some extra support from the community. It would probably mean signing an NDA, but it would be a step in the right direction.
Even glibc and the bigger libraries can be problems for games. Ever try playing some old classics like DOOM or Quake? The DOOM binaries all need X11R5 and glibc5, and Quake comes as RPMs on the cd (and doesn't work with current nvidia drivers).
And yes, I know, there are source ports for these specific games. But I'm talking official binaries, and it demonstrates a problem nontheless.
Slashdot Mirror
I read an explanation elsewhere that compared URLs to physical addresses. It'd be ridiculus to copyright "123 Maple Ave.", although you could argue that the government assigned that one to you.
Try copyrighting "Mail Stop 4, Dept. #4528, Building 6", though.
Many people don't install their own Linux. They're fed up with Windows so they get a friend to install it for them, or they work at a company that's switching. Either way, a familiar interface will be a good thing for these people.
It appears so. On 4.5, you're given a screen on first boot explaining a little about security. There are three buttons: OK, Set Time, Advanced. To set up a non-root user, you must click Advanced, then Manage Users to open up KDE's users config screen, and then go through those menus to actually add a new one.
Not sure if this has changed in 5.0, but the article doesn't mention a difference.
Um, none of those thing have happened to me. But my post was talking about pure numbers of vulnerabilities, not the risk of exploit. Notice that I mentioned the severity thing at the bottom.
The story mentioned numbers of vulnerabilities. So I laid them out. RHEL, like, had more.
I included python, squid, and ethereal because they're likely to be present on a server. Just like I included .NET Framework and ASP on the Windows side.
You're not making any sense. The issue was with libpng, which is used by pretty much every image-capable platform in existance. Everyone else patched it when it was discovered last summer, though.
The real question to ask is "Why did it take MS so long to remember it had used a vulnerable version in MSN Messenger?"
To add some sanity to this discussion, here's some facts:
n /MS05-009.mspx
The MS bulletin and patch: http://www.microsoft.com/technet/security/Bulleti
It's a vulnerability in libpng that was just patched by MS Tuesday, but was fixed by everyone else when it was discovered last June.
Since Microsoft brought up server operating systems, let's compare Microsoft Windows Server 2003 Enterprise Edition with IIS 6 and Red Hat Enterprise Linux 3 Advanced Server with its default suite of servers (apache, etc.)
For WS2003-EE, microsoft.com reveals 12 security bulletins for 2005:
In addition, Secunia lists 5 unpatched security holes and 1 partial fix:
So it looks like the WS2003-EE/IIS6 combination has been subject to 12 patches in 2005 caused by 16 vulnerabilities with an average criticality of 2, plus 6 unpatched or partially patched vulnerabilities with an average criticality of 4.
Since I'll be getting rid of KDE and Mozilla vulns with RHEL because they're not really used on back-room servers, I'll toss out the IE and HTML Help ones here. That leaves 8 updates patching 10 security holes and an average severity of 2, plus 5 unpatched holes of low severity (mostly local).
Now on to Red Hat Enterprise Linux 3 Advanced Server, for which redhat.com lists 22 advisories for 2005 (more abbreviated list format):
So so far in 2005, RHEL3-AS has been hit with 22 patches, consisting of 53 individual vulnerabilities of unknown criticality (they didn't say). Taking out the ones effecting packages that aren't part of the base system (that don't really have any match on a backroom Windows server), that still leaves 14 updates fixing 41 vulnerabilities. Secunia, however, shows none unpatched.
The Secunia site has some good comparative charts, showing that from 1993-today, WS2003 has been hit with fewer problems, with a fewer percentage remotely exploitable, but with a highe
Mississippi DLs have all of those.
I agree. I can't see Bush or his administration invading Iraq simply for oil or any of the myriad other conspiracy theories mentioned further up on the page. Instead, I see the motivation in Saddam's continued belligerance toward the UN and US, his shenanigans after 9/11, his repeated banning of the weapons inspectors, his refusal to give up required documents, etc. Saddam was not your everyday happy-go-lucky dictator.
Bush's motivations may have been misguided, and his administration overzealous, but I don't see them as being conspiratorial.
Of course, if anyone has any actual evidence of alterior motives that passes the reasonable doubt test, I'd be glad to see them. A departmental memo entitled "Let's go get some Iraqi oil!" perhaps?
I agree. "American Idiot" restored (or maybe cemented) my faith in the album as an art form. Every so often I'll go back and listen to my old Hybrid Theory CD from Linkin Park from front to back. Brings back memories of high school. For me, listening to an entire album gives me much more than just a single or two (provided, of course, that it's a good album).
Things are improving, however. For graphics/sound/control, use SDL.
For desktop integration, go with the Freedesktop.org menu spec.
And for package management, there's RPM, standardized by all LSB-compliant distributions.
Contributed back their full patchset, no. But a quick search reveals 1736 CVS commits to the WINE tree by Transgaming employees. Also note that ReWind is maintained by a Transgaming employee. Finally, remember that WINE's license at the time expressly permitted this behavior (and ReWind's still does).
Here ya go
Because all the Linux users brought it up first. If millions of people were saying that you like to have sex with goats, you either deny it, or you let the rumor grow, thereby making people assume that it must be true.
Once again, someone avoids admitting his ignorance by lashing out at someone else.
Go call up Chris McKay at NASA and tell him your feelings about his project. My prediction is that he'll say something other than "Oh my gosh! You're right! I'll begin a more realistic project immediately!"
Piss off the power user? It's precisely the power user that has the ability to easily change back to tree view if he or she wants. Just make a shortcut with the proper command line switch, or go to gconf-editor and change the value. It's in apps > nautilus > preferences. Hell, in Gentoo, 2.8.0 even came with a premade shortcut for 'Nautilus - Browse Mode'. And now that 2.8.1 is out, you don't even have the lack of a handy GUI toggle switch to complain about.
There's a firewall on all Windows XP. You just need to enable it first.
Possibly, if anyone actually takes them to court. AFAIK, none have.
This is true, but it doesn't mean that AA is a CS knockoff. It's much more slow-paced and tactical. No automatic weapons, just single and burst (unless you're the SAW guy). Large maps. Realistic damage. Persistent scoring across games (honor system). Squad tactics.
I find myself popping into CS as a quickie stress reliever, but I always go back to AA for the real deal.
Here's an idea: what if a group of dedicated Linux gamers got together and petitioned a developer to let them port one of their old Windows-only titles for free. It wouldn't cost them a dime, they wouldn't have much to worry about otherwise, since the game wouldn't still be in the stores, and they may get some extra support from the community. It would probably mean signing an NDA, but it would be a step in the right direction.
Even glibc and the bigger libraries can be problems for games. Ever try playing some old classics like DOOM or Quake? The DOOM binaries all need X11R5 and glibc5, and Quake comes as RPMs on the cd (and doesn't work with current nvidia drivers).
And yes, I know, there are source ports for these specific games. But I'm talking official binaries, and it demonstrates a problem nontheless.
Interestingly, this is the only truly free (as in endorsed by RMS himself) Linux LiveCD.
It's nice to see big names specifically supporting Firefox. This new browser war may have something going for it after all...
I do, I do! I have it on 2 5.25" and one 3.5" disk in the original box. Too bad I lost the "code card", making it basically unplayable.