If you are tooling around the inland waterway area of Stone Harbor, NJ, in one of the multi-million dollar beach houses, there's a large (10-20ft dia) silvered dome on one of the waterfront places. No idea who owns it or anything, but it's definitely a nice cap to a beautiful house. Retracting door, rotating dome, etc... When we were there, it was covered with a tarp, possibly for repairs or something, but you could still tell it was an observatory.
They already are - I just had to buy a large batch of Xircom PC Card modems for the truckload of spiffy new Dell laptops we purchased here. No NT drivers for the built-in modems whatsoever. My day was not darkened by this senseless expenditure, though. Why? Because the hardware vendor provides Linux drivers for the built-in card. I never thought I'd see the day!!
Have you considered Evolution? You didn't specify if you are on a 'doze network, but if not, Evo apparently has built-in hooks for palm sync'ing. I've not used it, but it looks quite polished. Also, it goes without saying that if you don't have Linux deployed across your network, the work involved with that would likely outweigh the benefits...
Urrrgh... how many times does this get discussed?!?! So what? OpenBSD is still far more secure than most Linux distros or Windows. The only O/S I've ever come across with better security than OpenBSD is OS/400 by IBM.
I believe that the original poster was making a remark on the heralded "270,000 installations without a default-enabled root-level vulnerability" statement that OpenBSD uses. I don't use BSD, so I don't know the exact quote, but if the affected version of OpenSSH is enabled by default, this would jeapordize that tagline.
Cool, thanks! I understand the aversion from an admin perspective (it's my day job...). After looking at your homepage and documents, I knew your original message wasn't a troll, but I was curious about why exactly you took such a strong viewpoint. I agree that a VPN is the right answer for site-to-site links, but I think that for small-time folks, tunnelling could be a useful tool, provided the implementation correctly re-assembles the packets on the other end. Wide scale usage? Hell no. Thanks for the clarification (and to the person below your post who replied as well...)
That homepage link is the funniest damn thing I've seen in a LOOOONG time. Well done. Rest assured, there will be at least a few hits from the folks around my office tomorrow!
RPM can do most of what this crowd wants...
on
Is RPM Doomed?
·
· Score: 2
I was very anti-RPM a few years back - even as late as RH7.0. I still compiled all software from.tar.gz source and installed appropriately. If I couldn't get the source to compile for some reason (strange dependencies that I could not track down), I'd end up trying a rpm -Uvh --nodeps foo.i386.rpm. Without the --nodeps, the installation would fail 99% of the time - the files it needed were there, but not in the RPM database. Then, for some reason that escapes me now, I tried a pure rpm-only box. Dependencies were still a pain the the ass to some extent, but much easier with sites like rpmfind - just type in the missing dependency and d/l the topmost result for your architecture, and voila - the original package installs fine. I missed being able to compile from source, though. The security aspect is one major plus, but being able to tweak PHP to include EXIF, TrueType, and libGD support so my web apps keep working was the clincher. Enter rpm -bb --clean/usr/src/redhat/SPECS/foo.spec. All you have to do is d/l the.src.rpm file, install it (usually installs 2 files/usr/src/redhat/[SPECS/foo.spec | SOURCES/foo.tar.gz]). You can tweak the.spec file (the./configure line is in there - modify to your hearts content!), then do the -bb command listed above. Grab a coke, come back, new package file specific to your installation is in/usr/src/redhat/RPMS/i386/foo.i386.rpm. Have a lot of like-OS machines (I have 7 RH7.3 machines at home)? Compile your binary RPM on the fastest machine (a dual P-III 850 VALinux box here), install the binaries on each machine. This ability combined with the most EXCELLENT red-carpet and up2date capabilities in ximian and RH, respectively, make RPM usable for the masses. I have seen many low-end-tekkies (no disrespect, of course) using red-carpet on their personal machines with no hiccups. Need do remove something to get this new software? OK - it tells you. Need extra dependencies for the new package? OK - it's all automatic. (They don't even need to know that RPM and red-carpet are crypto-checking the stuff they install to ensure there's no man-in-the-middle work going on!) RPM is really powerful. There's a LOT more than the features I've listed here. Want to see what files have changed since you installed the XFree86 RPMs? rpm -V XFree86. It tells you if the date, file size, contents (MD5 hash), and a bunch of other stuff have changed or if files are missing since install. It even tells you if the file is a configuration file, meaning a change in size, date, and content is not necessarily something to be concerned about. Please don't think my support of RPM is blind - I have used Slack, played with Debian, and done the 100% source code route. RPM is a great tool, and most linux users (even some of the very skilled ones) don't use it to it's fullest potential. Spend a day or two reading the man page, the files in/usr/share/doc/rpm*, and make the call then. Full disclosure - I am an RHCE, but I was sold on the advanced stuff RPM can do way before I took the class and test. Check it out - you might be surprised at what you've been missing. Feel free to e-mail me after unmangling the addy if you like...
I know quite a few fighter pilots, and they all (yes, every single one of them) said something along the line of "I'd rather fly a desk than that damn thing." (Even some scientist-type Air Force folks who never see a cockpit said this!) One guess who makes a lot of purchasing decisions on aircraft - pilots. Does it make sense? Should something so superficial be used as a basis for acceptance, not to mention millions in contract award $$$? Certainly not. Maybe it wasn't the main reason for not choosing Boeing, but I'm sure it played a part.
I'm not 100% familiar with the J2EE bundle, but I think that the difference is that MS's "extras" are (supposedly) integrated to the OS and cannot be removed. (OK, there's that new XP patch, but I don't use 'doze anyway, so I don't care:P) I don't believe that the J2EE server is integrated to the OS - you should be free to delete or not install it and use an alternative. Similarly, there's a whole butt-load of apps that are bundled with nearly every linux distribution - you just don't have to install them.
I use GPG with Evolution daily, and have had no problems in the 1.0.3 release. It even handles different keys for different accounts without user intervention (after telling it the key number for a given account, of course). It has the handy features like "remember pass phrase for this session" (it's an option for the paranoid), sign-every-message, and verification of a signed message sent to you with a mouse click. Check it out - it's the only mail client I use now!
IIRC, PHP has been released for Apache 2.0. (I seem to remember that version 4.1.2 announced this.) I don't use mod_perl, so I can't comment on that, though.
Don't believe everything the glossy pages tell you - going reserves does not guarantee you an exit strategy from the corporate world. Is it somewhat more likely? Sure. NOTHING IS A GUARANTEE. If you read it in a brochure or hear it from a recruitment office, get independent confirmation from someone who's been around for a while (5-10 years is a good window - not the new active duty guy/gal and DEFINITELY not a ROTC or military academy cadet. They don't have a clue how the "real military" works - I sure as heck didn't.) There's a whole slew of bureaucratic crap that is involved with this. Reserves are cool, but it's not a guaranteed paycheck. Also, you are more likely to have an unexpected deployment schedule as a reservist... Civilian employers are not permitted to fire you because you are activated in the reserves, but it's definitely a hiring hurdle...
OT: Re:Tobor is Robot spelled backwards...
on
Hospital Robots
·
· Score: 1
You mean like "copy this file" and "read e-mail" at the same time? Oh wait, Windows wasn't released back then.
Sorry... Just been troubleshooting loads of this kind of crap at work today.
Since installing Ximian is "conveniently" performed by running "lynx -source http://go-gnome.org | sh" (as root, of course), what happens when someone registers go-gnom.org or similar typos? (Credit to my brother for thinking of that one.) Now I did issue the above command, but ensured that the DNS records were compliant and my local DNS server reported the same distant end IP as the authoritative one for the domain, but I doubt many folks do the same. Also, when installing packages via RedCarpet (again, has to be done as root), what are the cryptographic signatures checked against? (Note: I haven't even researched this. Just typing off the top of my head...) I would hope that the proper response from GPG is hard-coded in the red-carpet binary... Basically, I think that a lot of new update technologies are vulnerable to this - from windowsupdate.microsoft.com as mentioned in the article to more trusted (by this community, anyway) sites. Semi-automatic updating is great, but it still takes people at the keyboard to think before they do something. Not likely to see a widespread change in that mentality for some time to come.
An interesting proposition, however, LIDS is written in the People's Republic of China, and SELinux is being developed by the US Department of Defense's NSA. Now, of course, the obvious argument would be that since both are open source, each can monitor the other's contributions to the merged product, but I highly doubt that Military red tape and PRC "Party procedures" would allow that to happen. On second thought, the Chinese would most likely welcome the code, even though they can have it already...
Besides @Home being a cable provider, it depends on your Terms of Service (TOS) for whether or not they can cut you off for this. My provider (unpaid plug: www.toad.net RULES) does not have such a limitation, and, I think that I'm even allowed to sublet the bandwidth (can't remember, so that part is not a promise.) Other providers, like Verizon, WILL cut you off and try to charge a hefty fee since you essentially would be in "breach of contract". I host several pretty major (but low traffic - 200-500MB/mo total) sites on my 640/128 DSL line and have not experienced problems at all. You are correct, though, about setting up a business (legally) and getting a tax break, etc. Bud DSL is often SDSL, so your uplink doesn't suffer.
2mm? Not sure if you meant 2cm (as a rightful exaggeration), but I've never seen anything (except for those trendy credit-card clocks you can get with a mag subscription) that's so thin - espescially in a watch...
Regarding the thickness of the Seiko Kinetic, the titanium model (no model number on the case, just "Kinetic Titanium") is a bit less than 1cm thick, so it's not obtrusive at all...
I agree - my wife and I bought each other the Seiko Kinetics for our wedding, and they are great! The titanium one I got is light, and looks really cool, plus they wind themselves with a pendulum inside as you walk, move, type, etc. Definitely has geek appeal there!!
Slashdot Mirror
If you are tooling around the inland waterway area of Stone Harbor, NJ, in one of the multi-million dollar beach houses, there's a large (10-20ft dia) silvered dome on one of the waterfront places.
No idea who owns it or anything, but it's definitely a nice cap to a beautiful house. Retracting door, rotating dome, etc...
When we were there, it was covered with a tarp, possibly for repairs or something, but you could still tell it was an observatory.
They already are - I just had to buy a large batch of Xircom PC Card modems for the truckload of spiffy new Dell laptops we purchased here. No NT drivers for the built-in modems whatsoever.
My day was not darkened by this senseless expenditure, though. Why? Because the hardware vendor provides Linux drivers for the built-in card. I never thought I'd see the day!!
I've not used either extensively, but my guess is that Eye Of Gnome (eog) will be replacing ElectricEyes (ee)...
Have you considered Evolution? You didn't specify if you are on a 'doze network, but if not, Evo apparently has built-in hooks for palm sync'ing.
I've not used it, but it looks quite polished.
Also, it goes without saying that if you don't have Linux deployed across your network, the work involved with that would likely outweigh the benefits...
I'd agree if the article said "Maybe we need a topic on good ethics", but providing a topic for discussions on ethics might be pretty useful.
I believe that the original poster was making a remark on the heralded "270,000 installations without a default-enabled root-level vulnerability" statement that OpenBSD uses. I don't use BSD, so I don't know the exact quote, but if the affected version of OpenSSH is enabled by default, this would jeapordize that tagline.
Cool, thanks! I understand the aversion from an admin perspective (it's my day job...). After looking at your homepage and documents, I knew your original message wasn't a troll, but I was curious about why exactly you took such a strong viewpoint.
I agree that a VPN is the right answer for site-to-site links, but I think that for small-time folks, tunnelling could be a useful tool, provided the implementation correctly re-assembles the packets on the other end. Wide scale usage? Hell no.
Thanks for the clarification (and to the person below your post who replied as well...)
That homepage link is the funniest damn thing I've seen in a LOOOONG time. Well done. Rest assured, there will be at least a few hits from the folks around my office tomorrow!
I was very anti-RPM a few years back - even as late as RH7.0. I still compiled all software from .tar.gz source and installed appropriately. If I couldn't get the source to compile for some reason (strange dependencies that I could not track down), I'd end up trying a rpm -Uvh --nodeps foo.i386.rpm. Without the --nodeps, the installation would fail 99% of the time - the files it needed were there, but not in the RPM database. /usr/src/redhat/SPECS/foo.spec. All you have to do is d/l the .src.rpm file, install it (usually installs 2 files /usr/src/redhat/[SPECS/foo.spec | SOURCES/foo.tar.gz]). You can tweak the .spec file (the ./configure line is in there - modify to your hearts content!), then do the -bb command listed above. /usr/src/redhat/RPMS/i386/foo.i386.rpm. Have a lot of like-OS machines (I have 7 RH7.3 machines at home)? Compile your binary RPM on the fastest machine (a dual P-III 850 VALinux box here), install the binaries on each machine. /usr/share/doc/rpm*, and make the call then.
Then, for some reason that escapes me now, I tried a pure rpm-only box. Dependencies were still a pain the the ass to some extent, but much easier with sites like rpmfind - just type in the missing dependency and d/l the topmost result for your architecture, and voila - the original package installs fine.
I missed being able to compile from source, though. The security aspect is one major plus, but being able to tweak PHP to include EXIF, TrueType, and libGD support so my web apps keep working was the clincher.
Enter rpm -bb --clean
Grab a coke, come back, new package file specific to your installation is in
This ability combined with the most EXCELLENT red-carpet and up2date capabilities in ximian and RH, respectively, make RPM usable for the masses. I have seen many low-end-tekkies (no disrespect, of course) using red-carpet on their personal machines with no hiccups. Need do remove something to get this new software? OK - it tells you. Need extra dependencies for the new package? OK - it's all automatic. (They don't even need to know that RPM and red-carpet are crypto-checking the stuff they install to ensure there's no man-in-the-middle work going on!)
RPM is really powerful. There's a LOT more than the features I've listed here. Want to see what files have changed since you installed the XFree86 RPMs? rpm -V XFree86. It tells you if the date, file size, contents (MD5 hash), and a bunch of other stuff have changed or if files are missing since install. It even tells you if the file is a configuration file, meaning a change in size, date, and content is not necessarily something to be concerned about.
Please don't think my support of RPM is blind - I have used Slack, played with Debian, and done the 100% source code route. RPM is a great tool, and most linux users (even some of the very skilled ones) don't use it to it's fullest potential. Spend a day or two reading the man page, the files in
Full disclosure - I am an RHCE, but I was sold on the advanced stuff RPM can do way before I took the class and test. Check it out - you might be surprised at what you've been missing. Feel free to e-mail me after unmangling the addy if you like...
I know quite a few fighter pilots, and they all (yes, every single one of them) said something along the line of "I'd rather fly a desk than that damn thing." (Even some scientist-type Air Force folks who never see a cockpit said this!)
One guess who makes a lot of purchasing decisions on aircraft - pilots.
Does it make sense? Should something so superficial be used as a basis for acceptance, not to mention millions in contract award $$$? Certainly not. Maybe it wasn't the main reason for not choosing Boeing, but I'm sure it played a part.
but man could be used to learn about the other kew1 h4xor t3wls that you listed....
I'm not 100% familiar with the J2EE bundle, but I think that the difference is that MS's "extras" are (supposedly) integrated to the OS and cannot be removed. (OK, there's that new XP patch, but I don't use 'doze anyway, so I don't care :P) I don't believe that the J2EE server is integrated to the OS - you should be free to delete or not install it and use an alternative.
Similarly, there's a whole butt-load of apps that are bundled with nearly every linux distribution - you just don't have to install them.
I use GPG with Evolution daily, and have had no problems in the 1.0.3 release.
It even handles different keys for different accounts without user intervention (after telling it the key number for a given account, of course).
It has the handy features like "remember pass phrase for this session" (it's an option for the paranoid), sign-every-message, and verification of a signed message sent to you with a mouse click.
Check it out - it's the only mail client I use now!
IIRC, PHP has been released for Apache 2.0. (I seem to remember that version 4.1.2 announced this.)
I don't use mod_perl, so I can't comment on that, though.
Makes you wish you had a patent on rubber stamps, eh?
Don't believe everything the glossy pages tell you - going reserves does not guarantee you an exit strategy from the corporate world. Is it somewhat more likely? Sure. NOTHING IS A GUARANTEE. If you read it in a brochure or hear it from a recruitment office, get independent confirmation from someone who's been around for a while (5-10 years is a good window - not the new active duty guy/gal and DEFINITELY not a ROTC or military academy cadet. They don't have a clue how the "real military" works - I sure as heck didn't.)
There's a whole slew of bureaucratic crap that is involved with this. Reserves are cool, but it's not a guaranteed paycheck. Also, you are more likely to have an unexpected deployment schedule as a reservist... Civilian employers are not permitted to fire you because you are activated in the reserves, but it's definitely a hiring hurdle...
You mean like "copy this file" and "read e-mail" at the same time?
Oh wait, Windows wasn't released back then.
Sorry... Just been troubleshooting loads of this kind of crap at work today.
Since installing Ximian is "conveniently" performed by running "lynx -source http://go-gnome.org | sh" (as root, of course), what happens when someone registers go-gnom.org or similar typos? (Credit to my brother for thinking of that one.)
Now I did issue the above command, but ensured that the DNS records were compliant and my local DNS server reported the same distant end IP as the authoritative one for the domain, but I doubt many folks do the same.
Also, when installing packages via RedCarpet (again, has to be done as root), what are the cryptographic signatures checked against? (Note: I haven't even researched this. Just typing off the top of my head...) I would hope that the proper response from GPG is hard-coded in the red-carpet binary...
Basically, I think that a lot of new update technologies are vulnerable to this - from windowsupdate.microsoft.com as mentioned in the article to more trusted (by this community, anyway) sites. Semi-automatic updating is great, but it still takes people at the keyboard to think before they do something. Not likely to see a widespread change in that mentality for some time to come.
Just saw this story on CNN that talks about the program...
An interesting proposition, however, LIDS is written in the People's Republic of China, and SELinux is being developed by the US Department of Defense's NSA.
Now, of course, the obvious argument would be that since both are open source, each can monitor the other's contributions to the merged product, but I highly doubt that Military red tape and PRC "Party procedures" would allow that to happen.
On second thought, the Chinese would most likely welcome the code, even though they can have it already...
Would be interesting, though!!
So CowboyNeal would be the woofer, right?
...
And you'll be getting a lawsuit of flames!
(put the emphasis on 'law' and it kinda works...)
Besides @Home being a cable provider, it depends on your Terms of Service (TOS) for whether or not they can cut you off for this. My provider (unpaid plug: www.toad.net RULES) does not have such a limitation, and, I think that I'm even allowed to sublet the bandwidth (can't remember, so that part is not a promise.) Other providers, like Verizon, WILL cut you off and try to charge a hefty fee since you essentially would be in "breach of contract".
I host several pretty major (but low traffic - 200-500MB/mo total) sites on my 640/128 DSL line and have not experienced problems at all.
You are correct, though, about setting up a business (legally) and getting a tax break, etc. Bud DSL is often SDSL, so your uplink doesn't suffer.
2mm? Not sure if you meant 2cm (as a rightful exaggeration), but I've never seen anything (except for those trendy credit-card clocks you can get with a mag subscription) that's so thin - espescially in a watch...
Regarding the thickness of the Seiko Kinetic, the titanium model (no model number on the case, just "Kinetic Titanium") is a bit less than 1cm thick, so it's not obtrusive at all...
I agree - my wife and I bought each other the Seiko Kinetics for our wedding, and they are great! The titanium one I got is light, and looks really cool, plus they wind themselves with a pendulum inside as you walk, move, type, etc. Definitely has geek appeal there!!