Hmmmm..... Just to know, how many multi-dozen-megaton bombs were actually built and deployed ?
megatons aren't that useful. Dozens of Kilotons with variable (selectable yield) + ceramic penetrator or Co coating are much more fun. You want survivors, so that everyone's busy trying to (hopelessy) rescue them. (Think about why personal mines are not designed to kill, but to severely injure).
A nice albeit useless one : (50 Mt as tested, could go up to 100 in the "dirty" (untested) version) : http://www.enviroweb.org/enviroissues/nuketesting/ hew/Russia/Tsarbmb.jpg.
Have a look at http://www.enviroweb.org/enviroissues/nuketesting/ hew/index.html, it's pretty instructive (though you shouldn't believe everything, as usual in that kind of subject).
solution : Richard Gooch's brilliant work : devfs.
Really cool (I wish Linus said why he didn't include it in the official 2.2 tree, though he said at one point (circa 2.1.105 ?) that he was considering it). FWIW, I'd be quite unsurprised to see some devfs-based distributions out there soon (I'm speculating the Bero/Mandrake folks would be the kind of people to attempt this first).
On my (work) machine, "ls/dev | wc" yields 52 entries (that makes 7 lines x 80 characters, pretty manageable, isn't it ?), while "ls/dev/**/* | wc" gives 422 devices total (and I'm still running with the glibc2.0 compatibility symlinks, together with a few custom links I had to do to support legacy stuff [call this laziness]). Yet almost all the device nodes there are functional and mean there's actually a device behind.
(now, what does this have with major/minor ? Easy, the devfs support routines either use the legacy magic numbers, if so requested by the drivers, or can assign new ones on the fly, as available. Either way, major/minor is now an (almost) irrelevant feature, only the device node counts).
(Oh, yes, Solaris' been doing something quite similar for some time, though not that bold and confident, some other OSes may do too, but I'm quite an ignorant).
-- Cyrille
How about something like DirectX?
on
Gaming on Linux
·
· Score: 1
DirectPlay - Networking support
DirectAnimation - ???
MesaGL is something like *part of* DirectX.
on
Gaming on Linux
·
· Score: 1
Esound does quite a lot of things the early DirectSound did : it is able to play simultaneously several audio channels, with mixing and panning. What it doesn't is 3D positionment, but that probably could be added, if the proper algorithms weren't proprietary (or if the suitable sound boards were properly documented).
Mmmm.... Sure, you or Apple can't export software to Cuba, for instance, without being smacked hard by "the proper authority".
However, if I get GPL'd software from you (a rather simple USA->France, or actually, USA->EU/Schengen export. There aren't any bananas in your software, are they ?), I break no law (you have the right to export any software to me, barring your stupid encryption ban [*]). Then, if without your knoweldge, I re-export this stuff straight to Cuba, this is none of your business, and none of your government's. And AFAIK, I won't have violated a fed.. oops, Brussels law (I might be in serious trouble if for instance you s/Cuba/Iraq/g, because of the UN resolutions, of course).
Naturally, your law specifically forbides you to use me as a middleman to sell your stuff in Cuba, but Seth points out that as long as you don't control me, and I don't tell you in advance I'll make you breach your law, you aren't going to breach it.
IMHO, you should read the GPL (or any other OSD license) as a source code. You have to compile it with your local compiler (the body of laws governing the place where you are) in order to execute it locally (know what set of rules you must abide to). Now, the GPL asks you to pass on the source code[**] along with the binary (if I request so). If your runtime execution environment allows you to pass software to me, I now have a copy of my own of the binaries, the source, and of course, the license. Now the stuff is outside your runtime environment (the USA), I might not trust your compiler (governement) and recompile the GPL with the compiler I have access to locally (EU+French laws). (actually, I have to. I can't suddenly decide to apply here the US or Kenyan or Vaticanese law just because I decide they better suit my needs). Now, if my runtime environment doesn't segfault if I re-export the software to somewhere yours does, this is not your problem.[***]
Three, because those of you who claim to be running fully-Open-Source systems actually aren't.
Could you please elaborate on this ? Why would the copy of GPL RedHat I run currently not be fully-Libre ? What would I have to think about Mandrake/Bero (GPL, RedHat derived, but maintained on both sides of the Rhine), Debian ? *BSD ?
-- Cyrille
[*] French cryptography laws, although in the process of being de-moronised, are still more stupid than the US ones. At least rumour is that the decree lifting the maximum key size to 128-bit passed this week. And anyway, we're all subject to the United States-imposed Wassenaar "Iron Curtail" Agreement:-(
[**] The analogy between the GPL itself and source code unfortunately ends here : I can obviously not modify it and still apply it to code you (or others) wrote before. Unless of course I'm the FSF, which I'm not:-)
[***] In fact, I've gone probably a bit too far. Okay, let's say the GPL is p-code and we have two runtime environments claiming to be more or less compatible, and which actually aren't better than more-or-less compatible. Oh, well, it's way too late this evening [evil grin]
And you could mirror the/updates directory of the most used distros on your site (and even the MS Service Packs, if the license allows it), then mandate that autorpm[*] (or similar tools) be launched at least weekly (better : nightly *and* at reboot). With a quick perl script to suck the FTP mirror's logs (combined with a ping to not fire upon people with machines switched off during the night), this is quite enforceable, and at least partially ensures no one runs a too old version of sendmail or tcpd.
-- Cyrille
[*] I use autorpm http://www.kaybee.org/~kirk/html/linux.html, but there are plenty of them for the various package formats.
Here in my Uni (ENS Cachan, France), this is what we're doing : two routers with each its own set of ACLs (yeah, we're wasting a quarter class C for that). One (a small cisco) is owned by the school, one (a four-NIC hack'n'trash Linux box running ipchains) owned by us.
Both implement various security blocks (for instance, NO SMB access whatsoever to the outside world. NFS forbidden as well. SMTP mandatorily goes through the one server, and the MX records set a fascist way in the DNS./etc/sendmail.cf built using the Jussieu Kit, with the most autist anti-spam measures on (even if that means we loose all mail from poorly configured sites, and despite the authors of the Kit publicly saying some of these features are too much and should be withdrawn). No FTP or web serving unless through the server, subject to quotas. etc.). The probable next step now that France left Iraq, China and Iran alone in the club of countries which forbide encryption is probably to lock out POP3, telnet & X access in favour of SSH pipes.
(Oh yeah, none of this is really strong. One can always do a httptunnel on a pipe pseudo-network device -- but that's circumventing the barriers... And these barriers are first here to protect the newbies from accidentally exporting their c:\WINDOWS\TOTO.PWL files).
There's also a tangle of legal documentation (the campus-wide Network Security Charter (NSC) each individual, lab or association has to sign in order to get even a simple login access anywhere on the campus; the dorm subnet NSC each member has to sign ; specific security agreements between the association in charge of the dorm subnet and the uni ; the nationwide Renater NSC, etc.). Finally, there are quite a few daemons running on the inner router/server, we for instance strictly forbide MAC address changes if not warned in advance (and we do pull the plug for that), etc.
Yes, we have some problems from time to time with people having trouble with reading French and/or not willing to understand the rules, and I believe the guys now in charge are going to see quite a few incidents of the sort per year, but overall, having well-explained legalware signed by everyone (and spending a good deal of pedagogy after the signature, in order to make clear the Charter is not just a piece of paper !), and explaining why some services are blocked, is IMHO quite well working.
Slashdot Mirror
Hmmmm..... Just to know, how many multi-dozen-megaton bombs were actually built and deployed ?
/ hew/Russia/Tsarbmb.jpg.
/ hew/index.html, it's pretty instructive (though you shouldn't believe everything, as usual in that kind of subject).
megatons aren't that useful. Dozens of Kilotons with variable (selectable yield) + ceramic penetrator or Co coating are much more fun. You want survivors, so that everyone's busy trying to (hopelessy) rescue them. (Think about why personal mines are not designed to kill, but to severely injure).
A nice albeit useless one : (50 Mt as tested, could go up to 100 in the "dirty" (untested) version) : http://www.enviroweb.org/enviroissues/nuketesting
Have a look at http://www.enviroweb.org/enviroissues/nuketesting
solution : Richard Gooch's brilliant work : devfs.
/dev | wc" yields 52 entries (that makes 7 lines x 80 characters, pretty manageable, isn't it ?), while "ls /dev/**/* | wc" gives 422 devices total (and I'm still running with the glibc2.0 compatibility symlinks, together with a few custom links I had to do to support legacy stuff [call this laziness]). Yet almost all the device nodes there are functional and mean there's actually a device behind.
Really cool (I wish Linus said why he didn't include it in the official 2.2 tree, though he said at one point (circa 2.1.105 ?) that he was considering it). FWIW, I'd be quite unsurprised to see some devfs-based distributions out there soon (I'm speculating the Bero/Mandrake folks would be the kind of people to attempt this first).
On my (work) machine, "ls
(now, what does this have with major/minor ? Easy, the devfs support routines either use the legacy magic numbers, if so requested by the drivers, or can assign new ones on the fly, as available. Either way, major/minor is now an (almost) irrelevant feature, only the device node counts).
(Oh, yes, Solaris' been doing something quite similar for some time, though not that bold and confident, some other OSes may do too, but I'm quite an ignorant).
-- Cyrille
Esound does quite a lot of things the early DirectSound did : it is able to play simultaneously several audio channels, with mixing and panning. What it doesn't is 3D positionment, but that probably could be added, if the proper algorithms weren't proprietary (or if the suitable sound boards were properly documented).
However, if I get GPL'd software from you (a rather simple USA->France, or actually, USA->EU/Schengen export. There aren't any bananas in your software, are they ?), I break no law (you have the right to export any software to me, barring your stupid encryption ban [*]). Then, if without your knoweldge, I re-export this stuff straight to Cuba, this is none of your business, and none of your government's. And AFAIK, I won't have violated a fed.. oops, Brussels law (I might be in serious trouble if for instance you s/Cuba/Iraq/g, because of the UN resolutions, of course).
Naturally, your law specifically forbides you to use me as a middleman to sell your stuff in Cuba, but Seth points out that as long as you don't control me, and I don't tell you in advance I'll make you breach your law, you aren't going to breach it.
IMHO, you should read the GPL (or any other OSD license) as a source code. You have to compile it with your local compiler (the body of laws governing the place where you are) in order to execute it locally (know what set of rules you must abide to). Now, the GPL asks you to pass on the source code[**] along with the binary (if I request so). If your runtime execution environment allows you to pass software to me, I now have a copy of my own of the binaries, the source, and of course, the license. Now the stuff is outside your runtime environment (the USA), I might not trust your compiler (governement) and recompile the GPL with the compiler I have access to locally (EU+French laws). (actually, I have to. I can't suddenly decide to apply here the US or Kenyan or Vaticanese law just because I decide they better suit my needs). Now, if my runtime environment doesn't segfault if I re-export the software to somewhere yours does, this is not your problem.[***]
Could you please elaborate on this ? Why would the copy of GPL RedHat I run currently not be fully-Libre ? What would I have to think about Mandrake/Bero (GPL, RedHat derived, but maintained on both sides of the Rhine), Debian ? *BSD ?-- Cyrille
[*] French cryptography laws, although in the process of being de-moronised, are still more stupid than the US ones. At least rumour is that the decree lifting the maximum key size to 128-bit passed this week. And anyway, we're all subject to the United States-imposed Wassenaar "Iron Curtail" Agreement :-(
[**] The analogy between the GPL itself and source code unfortunately ends here : I can obviously not modify it and still apply it to code you (or others) wrote before. Unless of course I'm the FSF, which I'm not :-)
[***] In fact, I've gone probably a bit too far. Okay, let's say the GPL is p-code and we have two runtime environments claiming to be more or less compatible, and which actually aren't better than more-or-less compatible. Oh, well, it's way too late this evening [evil grin]
And you could mirror the /updates directory of the most used distros on your site (and even the MS Service Packs, if the license allows it), then mandate that autorpm[*] (or similar tools) be launched at least weekly (better : nightly *and* at reboot).
With a quick perl script to suck the FTP mirror's logs (combined with a ping to not fire upon people with machines switched off during the night), this is quite enforceable, and at least partially ensures no one runs a too old version of sendmail or tcpd.
-- Cyrille
[*] I use autorpm http://www.kaybee.org/~kirk/html/linux.html, but there are plenty of them for the various package formats.
Soooo much agreed....
/etc/sendmail.cf built using the Jussieu Kit, with the most autist anti-spam measures on (even if that means we loose all mail from poorly configured sites, and despite the authors of the Kit publicly saying some of these features are too much and should be withdrawn). No FTP or web serving unless through the server, subject to quotas. etc.).
Here in my Uni (ENS Cachan, France), this is what we're doing : two routers with each its own set of ACLs (yeah, we're wasting a quarter class C for that). One (a small cisco) is owned by the school, one (a four-NIC hack'n'trash Linux box running ipchains) owned by us.
Both implement various security blocks (for instance, NO SMB access whatsoever to the outside world. NFS forbidden as well. SMTP mandatorily goes through the one server, and the MX records set a fascist way in the DNS.
The probable next step now that France left Iraq, China and Iran alone in the club of countries which forbide encryption is probably to lock out POP3, telnet & X access in favour of SSH pipes.
(Oh yeah, none of this is really strong. One can always do a httptunnel on a pipe pseudo-network device -- but that's circumventing the barriers... And these barriers are first here to protect the newbies from accidentally exporting their c:\WINDOWS\TOTO.PWL files).
There's also a tangle of legal documentation (the campus-wide Network Security Charter (NSC) each individual, lab or association has to sign in order to get even a simple login access anywhere on the campus; the dorm subnet NSC each member has to sign ; specific security agreements between the association in charge of the dorm subnet and the uni ; the nationwide Renater NSC, etc.).
Finally, there are quite a few daemons running on the inner router/server, we for instance strictly forbide MAC address changes if not warned in advance (and we do pull the plug for that), etc.
Yes, we have some problems from time to time with people having trouble with reading French and/or not willing to understand the rules, and I believe the guys now in charge are going to see quite a few incidents of the sort per year, but overall, having well-explained legalware signed by everyone (and spending a good deal of pedagogy after the signature, in order to make clear the Charter is not just a piece of paper !), and explaining why some services are blocked, is IMHO quite well working.