I agree on Nokia's unnecessary device proliferation, however not:
Too many OSs, no clear dev schemes for third parties.
Since S^3 (all S^3 phones ship with Qt 4.7) shipped, the dev scheme for all smart phones (including S60v3/S60v5, S^3, Maemo 5 / N900, upcoming Maemo6 or Meego devices) was Qt and Qt Quick. Until the MS agreement, which removed almost all incentive to develop for Symbian.
In the meantime, Qt for Android is coming along nicely...
iPhone and Android have been eating the aging Symbian for lunch and the Maemo/Meego replacements haven't been ready.
It seems that the Maemo replacements *are* ready, except for a tussle with Intel about whether they can be called "Meego compatible", "Meego ready" or otherwise use the Meego brand. Since Intel now employs two thirds of the Technical Steering Group which makes this decision (Nokia's representative moved to Intel after the Nokia MS announcement), and Intel isn't happy about the Nokia MS announcement, the fact that the Maemo 6 phones haven't been announced is due to the MS agreement, not that the phones aren't technically ready.
I figure the layoffs are about to begin and who do you think that will be, the Microsoft Phone developers or the Qt developers?
Well, the question is, why are layoffs coming? Because phones aren't selling, after Nokia announced "our current phones are dead, our new phones won't be ready for a while".
While a change was required, announcing a drastic change without having new products on the (3-month) horizon is foolish.
It seems many companies are keen to pick up the Qt developers...
...And I will say that again -- Linux in a production environment does not belong in VM in the first place.
How do you add memory to a large Java application (requiring >12GB memory), which can't be load-balanced without having significant downtime. To take a server down, pull it out the rack, add 8 DIMMs, get the server back in the rack, and boot it will take at least 15 minutes, but more likely about 30.
Sure, if we had HA clusters everywhere, we could do this without virtualisation, but at the cost of running (roughly) twice the hardware.
We live-migrate the production VM to the spare (Xen) hypervisor, take the hypervisor that getting a memory upgrade down, add DIMMs, boot the box, and live-migrate the VM back, then dynamically increase the memory available to the VM. The last bit that is required is a restart of the application (granted, a minute or two).
Since we were having some failures of the application, and wanted to reduce the proportion of users affected, we at one stage migrated from having 4 production (clustered - where clustering wasn't improving availability) instances to 8 (standalone) instances (where only one application instance can be accommodated on a single OS image). Virtualisation allowed us to do that with less impact than it would have been without virtualisation. We have since added more instances without the cost and delay of procuring/installing/zoning more hardware.
I don't want to pay for their modem firmware updates and other network management traffic
1. Most likely, their ability to provide management of the modem is in the terms of service. Even if you saw a significant difference, how would you prove it was firmware updates, and even if you could, would you be able to get reimbursed for the traffic?
2. Most likely, the modem updates and network management traffic is a small fraction of your total bandwidth usage (e.g. 20MB/month).
Most ISPs (well, those that don't have complex "this service is free, this is not" products) do accounting based on the interface counters of the virtual interface on the border router. To be able to separate the firmware and network management traffic, they would need to do DPI instead. The cost of the equipment upgrades to do this would have to be passed on to the consumer. Most likely, that would cost more than what the firmware updates and management traffic are costing you.
Yes, being able to see (without incurring more bandwidth use) how much you have used is useful, but not for the purpose you wanted...
... and printer/scanner resolution, and photo print sizes are about the only other ones. Of course, the Americans couldn't come up with increasing sizes of print media that have the same ratios, so depending on whether you're printing your digital photos at 4x6 or 5x7 or 8x10 you have to crop them differently:-(.
From one of the articles: "The Nyxboard Hybrid supports IR to function as a universal remote for your TV and includes an RF adapter for operating your home theater device without line-of-sight."
When it launched just over a year ago, it was going for $90...
you get a keyboard+touchpad combo in a very compact package, and it has a backlight which I admit to needing most of the time. It's even more stylish, so while I agree that a dedicated remote layout is a good idea, the price, and the availability of very good alternatives make me doubt it will have that much success.
You weren't clear on the subject of your last sentence, but I currently have a cheap (15 GBP) RF remote for XBMC, and 4 other IR remotes (amp, TV, DVD/HDD player/recorder, Satellite receiver). While I can use the amplifier's remote for most of the functions on the TV and DVD player, I still need at least the DVD player's remote for some features (switching between HDD and DVD etc.), the bluetooth-only solution won't help me, and neither will a Logitech Harmony (currently), but the Nyxboard Hybrid remote for XBMC etc. may just...
We just need more details on how programmable the IR portion is.
(Reuters) - Microsoft Corp stepped up its rivalry with Google Inc with a formal complaint to EU antitrust regulators, claiming Google systematically thwarts Internet search competition.
No other part of the article make a statement about what the complaint is about. So, I fail to see how slashdotters are stupid. Maybe the author of the article was (intentionally?) misleading?
Forced is a bit strong. I'm running OS/X... using VirtualBox on a Win7 host as I'm typing this.
If it is not on Apple hardware, you are in licence violation.
This is (IMHO) anti-competitive, I will not support Apple in any way while they have such restrictions.
Our own web applications are regularly tested on a wide variety of browsers (on Windows and Linux), but not Mac OS X, since we have almost no Apple hardware. Mac OS X users are unlucky, if there is some Mac-OS-specific bug, they will have to find it and report it...
If every distro is doing the same thing, this is not going to be very good for the future of Linux.
If every distro were doing as much (proportionally) upstream work as Red hat, it would be very good for the future of Linux.
Engineers at every distro are going to waste a lot time trying to figure what other distros had been patching, which part of the code had been changed while a specific issue was fixed, etc.
But, they shouldn't be. They should be tracking *upstream*, putting their effort into *upstream*, instead of following other forks of the kernel.
Even though Linux distros are quite fragmented, but the current kernel development has been working quite well, because every distro is playing by the rule (more or less), which is quite transparent.
But, this has nothing to do with upstream kernel development, to which Red Hat is still contributing directly. This only has to do with development of Red Hat's Linux-based kernel (which is actually a fork).
Maybe if RH bothered to ship rpm-4.6.x to RHEL5, you would only need to reboot once during an upgrade from RHEL5 to RHEL6...
Like you can on other distros, including other RPM-based distros.
If you used a VCS or a configuration automation tool (cfengine, puppet etc.), then you wouldn't need to re-image or re-install a server to get it's config in-line...
Show me an in-kernel printer driver. If your printer vendor isn't doing *their* job (upstreaming printer drivers, or maintaining them if they want to retain all their IP in-house), change printer vendors (see below).
3. You have to buy need devices which need new drivers.
As for why people would buy new hardware?
If you're a big shop like this, you specify Linux support as a requirement, and do a PoC or open tender when you want to introduce new printers, and select models that pass your requirements. This should not be your problem , it is your vendors' problem.
The Egypt Internet cutoff was technically done by stopping the BGP (Border Gateway Protocol) announcement of most Egyptian address blocks. BGP itself was not taken down, and the circuits themselves did not alarm. This was most likely not achieved by cutting cords or unplugging routers (which would have downed BGP, at the least).
Most likely the internet-facing interfaces on the routers were shut. Technically, it wouldn't be hard to make it possible to do this remotely (via and SNMP set, or ssh/telnet scripted 'conf t;int gig0/1;shut').
It's hardly rocket science, and I wonder about all the people who wondered "did they stop the BGP process on the routers?", or "did they hack the BGP protocol" or similar.
force internet providers to retain logs on the online habits of citizens
And of course, that's also how long we should keep recordings of everyone's phone calls, and copies of their (opened) mail, too.
Right, because logs show what was *inside* all the traffic. Not.
(Almost all telcos retain CDRs, the telephonic equivalent of "logs on the online habits of citizens" for at least 3 years, surely all courier companies and most postal services keep records of items mailed for at least a year)
The line of thought that GPL is "infectious" and represents a risk for their closed source components is well known. Right or wrong, that's their motive, and they are taking precautions to protect themselves from lawsuit trolls.
Really? You don't think it's that they don't want users to be able to legally be able to get the same apps for free?
There are risks in distributing *any* source code you haven't adequately licensed, but it doesn't say you can't sell software which includes proprietary code you stole and don't allow redistribution of. So, I doubt this is about source code copyright compliance. It's about *money*. Surprise surprise.
“Excluded License” means any license requiring, as a condition of use, modification and/or distribution of the software subject to the license, that the software or other software combined and/or distributed with it be... redistributable at no charge.
Well, I guess no firefox for WP7 then... I'll stick with my N900 for now.
About half of that is between Nokia Siemens Networks, who develop network equipment for mobile operators, and Navteq. Nokia also does a lot of GSM-related research and most likely gets a lot of royalty revenue from every GSM-based vendor (other carrier suppliers, mobile device manufacturers).
Linux still has the antiquated "user, group, everyone" security model from the 1970s.
Yes, there's SELinux. But there isn't a whole distribution with a full range of applications which can run under a mandatory security model.
Actually, the Unix model is so ingrained in all Unix platforms, that getting users who expect broken Unix off it (on Linux) is difficult, and they want the insecurity and convenience of Mac OS X.
And, for the demo, the speaker actually had disabled AppArmor, because with it enabled, his exploit didn't work. He said he would have been able to get around AppArmor (due to one or two controls that we not enforced on the thumbnailer) with sufficient time.
While he talks about the possibility of driver vulnerabilities and means to exploit them (e.g. a USB device which claims to be a member of a class for which you have found an exploitable driver, but sends corrupt data as an exploit and payload), the exploit demonstrated works by: -GNOME's stupid default of auto-mounting (KDE just shows you that a device has been plugged in, you have to click it to have it mounted), even when the screensaver is locked -Opening a nautilus window on the mounted filesystem (again, even when the screensaver is locked) -Vulnerabilities in a file parser (in this case for dvi files) specific to the PDF viewer -The ability to kill the screensaver process quite trivially
The thumbnailer was protected by AppArmor, and while he disabled AppArmor for the demo, reckons he could have got around AppArmor with a bit more time.
I use KDE, because the extra "usability" of saving one click is not worth the risk imposed by auto-previewing files without me having the option to say no.
That's the thing that people who haven't actually used webOS devices don't "get." You do not have what webOS gives you.
So, there's *no* other phone OS that offers similar features to WebOS?
It's very frustrating to be in a twitter app, and have a message come in, and a phone call, and no way to select which app I want to go back to, even if the OS didn't put the apps not on screen on hold instead of letting them continue to run in the background.
On webos, I can have a video running in a minimized card while I have a phone call going on, while I have a twiiter app updating, and flip between them easily.
No problem on N900 / Maemo
Now, I know that the average user isn't going to have the 10 or 12 windows I leave open on my Palm Pre + all the time, but the people I know who own them who are NOT geeks love the UI and mutter and mumble angrily when they're confined to android and Ios phones.
Well, 10 or 12 windows is fine on Nokia's N900.
HP has a lot of work to do to get that fact into the publics mind, but webOS is by far the most USABLE portable operating system in the world.
Really? Have you tried Maemo (e.g N900) (or Meego)? It seems WebOS is getting Qt (which has Qt Web Run Time). Some apps (mostly games) for Web OS already run on N900 (Meamo on ARM).
Maybe WebOS will merge with Meego? Between them they may be able to create a big enough app market.
If it logs everything sent to your screen, it fails.
Why does it fail on this account? Excessive logging on chatty commands (e.g. 'tail -f verbose_log_file') ?
The key is that the end user must not be greatly inconvenienced by the logging so that they do not feel like there is a reason to go around it. That's why I like the ksh-93 with auditing approach. It's a comfortable and familiar shell, but it logs their command line history in real time off-host. (Built into ksh-93, but not enabled in a default build).
What I look for isn't necessarily what they did after they took actions to evade logging, but did an action occur that could reasonably allow them to bypass logging?
Like running a shell they prefer (for some reason), or the one that stipulated as being the required shell for the admin user of an expensive proprietary application?
Have you looked at something like sudosh or it's AWOL-but-enterprise-variant, eash?
No, the security reviewer should ask why you are allowing 'sudo vi' when you should be allowing 'sudoedit'. But, most security reviewers I have met seem to not know anything that isn't installed by default on Solaris or AIX.
Slashdot Mirror
I agree on Nokia's unnecessary device proliferation, however not:
Too many OSs, no clear dev schemes for third parties.
Since S^3 (all S^3 phones ship with Qt 4.7) shipped, the dev scheme for all smart phones (including S60v3/S60v5, S^3, Maemo 5 / N900, upcoming Maemo6 or Meego devices) was Qt and Qt Quick. Until the MS agreement, which removed almost all incentive to develop for Symbian.
In the meantime, Qt for Android is coming along nicely ...
iPhone and Android have been eating the aging Symbian for lunch and the Maemo/Meego replacements haven't been ready.
It seems that the Maemo replacements *are* ready, except for a tussle with Intel about whether they can be called "Meego compatible", "Meego ready" or otherwise use the Meego brand. Since Intel now employs two thirds of the Technical Steering Group which makes this decision (Nokia's representative moved to Intel after the Nokia MS announcement), and Intel isn't happy about the Nokia MS announcement, the fact that the Maemo 6 phones haven't been announced is due to the MS agreement, not that the phones aren't technically ready.
I figure the layoffs are about to begin and who do you think that will be, the Microsoft Phone developers or the Qt developers?
Well, the question is, why are layoffs coming? Because phones aren't selling, after Nokia announced "our current phones are dead, our new phones won't be ready for a while".
While a change was required, announcing a drastic change without having new products on the (3-month) horizon is foolish.
It seems many companies are keen to pick up the Qt developers ...
...And I will say that again -- Linux in a production environment does not belong in VM in the first place.
How do you add memory to a large Java application (requiring >12GB memory), which can't be load-balanced without having significant downtime. To take a server down, pull it out the rack, add 8 DIMMs, get the server back in the rack, and boot it will take at least 15 minutes, but more likely about 30.
Sure, if we had HA clusters everywhere, we could do this without virtualisation, but at the cost of running (roughly) twice the hardware.
We live-migrate the production VM to the spare (Xen) hypervisor, take the hypervisor that getting a memory upgrade down, add DIMMs, boot the box, and live-migrate the VM back, then dynamically increase the memory available to the VM. The last bit that is required is a restart of the application (granted, a minute or two).
Since we were having some failures of the application, and wanted to reduce the proportion of users affected, we at one stage migrated from having 4 production (clustered - where clustering wasn't improving availability) instances to 8 (standalone) instances (where only one application instance can be accommodated on a single OS image). Virtualisation allowed us to do that with less impact than it would have been without virtualisation. We have since added more instances without the cost and delay of procuring/installing/zoning more hardware.
I don't want to pay for their modem firmware updates and other network management traffic
1. Most likely, their ability to provide management of the modem is in the terms of service. Even if you saw a significant difference, how would you prove it was firmware updates, and even if you could, would you be able to get reimbursed for the traffic?
2. Most likely, the modem updates and network management traffic is a small fraction of your total bandwidth usage (e.g. 20MB/month).
Most ISPs (well, those that don't have complex "this service is free, this is not" products) do accounting based on the interface counters of the virtual interface on the border router. To be able to separate the firmware and network management traffic, they would need to do DPI instead. The cost of the equipment upgrades to do this would have to be passed on to the consumer. Most likely, that would cost more than what the firmware updates and management traffic are costing you.
Yes, being able to see (without incurring more bandwidth use) how much you have used is useful, but not for the purpose you wanted ...
... and printer/scanner resolution, and photo print sizes are about the only other ones. Of course, the Americans couldn't come up with increasing sizes of print media that have the same ratios, so depending on whether you're printing your digital photos at 4x6 or 5x7 or 8x10 you have to crop them differently :-(.
Does it control anything besides XBMC/media pl
From one of the articles:
"The Nyxboard Hybrid supports IR to function as a universal remote for your TV and includes an RF adapter for operating your home theater device without line-of-sight."
For a while I've been looking forward to getting this http://www.amazon.com/Portable-Wireless-Keyboard-Rechargeable-Notebooks/dp/B003UE52ME/ref=sr_1_2?s=electronics&ie=UTF8&qid=1298676916&sr=1-2
For half of the price,
When it launched just over a year ago, it was going for $90 ...
you get a keyboard+touchpad combo in a very compact package, and it has a backlight which I admit to needing most of the time. It's even more stylish, so while I agree that a dedicated remote layout is a good idea, the price, and the availability of very good alternatives make me doubt it will have that much success.
You weren't clear on the subject of your last sentence, but I currently have a cheap (15 GBP) RF remote for XBMC, and 4 other IR remotes (amp, TV, DVD/HDD player/recorder, Satellite receiver). While I can use the amplifier's remote for most of the functions on the TV and DVD player, I still need at least the DVD player's remote for some features (switching between HDD and DVD etc.), the bluetooth-only solution won't help me, and neither will a Logitech Harmony (currently), but the Nyxboard Hybrid remote for XBMC etc. may just ...
We just need more details on how programmable the IR portion is.
Well, the story linked to has the summary:
(Reuters) - Microsoft Corp stepped up its rivalry with Google Inc with a formal complaint to EU antitrust regulators, claiming Google systematically thwarts Internet search competition.
No other part of the article make a statement about what the complaint is about. So, I fail to see how slashdotters are stupid. Maybe the author of the article was (intentionally?) misleading?
Forced is a bit strong. I'm running OS/X ... using VirtualBox on a Win7 host as I'm typing this.
If it is not on Apple hardware, you are in licence violation.
This is (IMHO) anti-competitive, I will not support Apple in any way while they have such restrictions.
Our own web applications are regularly tested on a wide variety of browsers (on Windows and Linux), but not Mac OS X, since we have almost no Apple hardware. Mac OS X users are unlucky, if there is some Mac-OS-specific bug, they will have to find it and report it ...
we recently were stunned by the very high cost of redhat support. Its more expensive than microsoft.
I suspect you were comparing licensing (MS) to support (RH), not support to support.
If every distro is doing the same thing, this is not going to be very good for the future of Linux.
If every distro were doing as much (proportionally) upstream work as Red hat, it would be very good for the future of Linux.
Engineers at every distro are going to waste a lot time trying to figure what other distros had been patching, which part of the code had been changed while a specific issue was fixed, etc.
But, they shouldn't be. They should be tracking *upstream*, putting their effort into *upstream*, instead of following other forks of the kernel.
Even though Linux distros are quite fragmented, but the current kernel development has been working quite well, because every distro is playing by the rule (more or less), which is quite transparent.
But, this has nothing to do with upstream kernel development, to which Red Hat is still contributing directly. This only has to do with development of Red Hat's Linux-based kernel (which is actually a fork).
If you're a Windows user - get Picasa.
If you're a Mac user - iPhoto works great.
If you're a Linux/BSD user - teach her about tar.
Don't you think Digikam (which can upload to Facebook, and download entire albums from Facebook) would be a more appropriate suggestion for Linux/BSD users?
Maybe if RH bothered to ship rpm-4.6.x to RHEL5, you would only need to reboot once during an upgrade from RHEL5 to RHEL6 ...
Like you can on other distros, including other RPM-based distros.
If you used a VCS or a configuration automation tool (cfengine, puppet etc.), then you wouldn't need to re-image or re-install a server to get it's config in-line ...
Show me an in-kernel printer driver. If your printer vendor isn't doing *their* job (upstreaming printer drivers, or maintaining them if they want to retain all their IP in-house), change printer vendors (see below).
3. You have to buy need devices which need new drivers.
As for why people would buy new hardware?
If you're a big shop like this, you specify Linux support as a requirement, and do a PoC or open tender when you want to introduce new printers, and select models that pass your requirements. This should not be your problem , it is your vendors' problem.
The Egypt Internet cutoff was technically done by stopping the BGP (Border Gateway Protocol) announcement of most Egyptian address blocks. BGP itself was not taken down, and the circuits themselves did not alarm. This was most likely not achieved by cutting cords or unplugging routers (which would have downed BGP, at the least).
Most likely the internet-facing interfaces on the routers were shut. Technically, it wouldn't be hard to make it possible to do this remotely (via and SNMP set, or ssh/telnet scripted 'conf t;int gig0/1;shut').
It's hardly rocket science, and I wonder about all the people who wondered "did they stop the BGP process on the routers?", or "did they hack the BGP protocol" or similar.
force internet providers to retain logs on the online habits of citizens
And of course, that's also how long we should keep recordings of everyone's phone calls, and copies of their (opened) mail, too.
Right, because logs show what was *inside* all the traffic. Not.
(Almost all telcos retain CDRs, the telephonic equivalent of "logs on the online habits of citizens" for at least 3 years, surely all courier companies and most postal services keep records of items mailed for at least a year)
The line of thought that GPL is "infectious" and represents a risk for their closed source components is well known. Right or wrong, that's their motive, and they are taking precautions to protect themselves from lawsuit trolls.
Really? You don't think it's that they don't want users to be able to legally be able to get the same apps for free?
There are risks in distributing *any* source code you haven't adequately licensed, but it doesn't say you can't sell software which includes proprietary code you stole and don't allow redistribution of. So, I doubt this is about source code copyright compliance. It's about *money*. Surprise surprise.
“Excluded License” means any license requiring, as a condition of use, modification and/or distribution of the software subject to the license, that the software or other software combined and/or distributed with it be ... redistributable at no charge.
Well, I guess no firefox for WP7 then ... I'll stick with my N900 for now.
About half of that is between Nokia Siemens Networks, who develop network equipment for mobile operators, and Navteq. Nokia also does a lot of GSM-related research and most likely gets a lot of royalty revenue from every GSM-based vendor (other carrier suppliers, mobile device manufacturers).
http://www.nokia.com/results/Nokia_results2010Q4e.pdf
Linux still has the antiquated "user, group, everyone" security model from the 1970s.
Yes, there's SELinux. But there isn't a whole distribution with a full range of applications which can run under a mandatory security model.
Actually, the Unix model is so ingrained in all Unix platforms, that getting users who expect broken Unix off it (on Linux) is difficult, and they want the insecurity and convenience of Mac OS X.
And, for the demo, the speaker actually had disabled AppArmor, because with it enabled, his exploit didn't work. He said he would have been able to get around AppArmor (due to one or two controls that we not enforced on the thumbnailer) with sufficient time.
While he talks about the possibility of driver vulnerabilities and means to exploit them (e.g. a USB device which claims to be a member of a class for which you have found an exploitable driver, but sends corrupt data as an exploit and payload), the exploit demonstrated works by:
-GNOME's stupid default of auto-mounting (KDE just shows you that a device has been plugged in, you have to click it to have it mounted), even when the screensaver is locked
-Opening a nautilus window on the mounted filesystem (again, even when the screensaver is locked)
-Vulnerabilities in a file parser (in this case for dvi files) specific to the PDF viewer
-The ability to kill the screensaver process quite trivially
The thumbnailer was protected by AppArmor, and while he disabled AppArmor for the demo, reckons he could have got around AppArmor with a bit more time.
I use KDE, because the extra "usability" of saving one click is not worth the risk imposed by auto-previewing files without me having the option to say no.
Facebook says there are 75 000 people that have them and regularly upload content with them.
No, actually, you don't.
That's the thing that people who haven't actually used webOS devices don't "get." You do not have what webOS gives you.
So, there's *no* other phone OS that offers similar features to WebOS?
It's very frustrating to be in a twitter app, and have a message come in, and a phone call, and no way to select which app I want to go back to, even if the OS didn't put the apps not on screen on hold instead of letting them continue to run in the background.
On webos, I can have a video running in a minimized card while I have a phone call going on, while I have a twiiter app updating, and flip between them easily.
No problem on N900 / Maemo
Now, I know that the average user isn't going to have the 10 or 12 windows I leave open on my Palm Pre + all the time, but the people I know who own them who are NOT geeks love the UI and mutter and mumble angrily when they're confined to android and Ios phones.
Well, 10 or 12 windows is fine on Nokia's N900.
HP has a lot of work to do to get that fact into the publics mind, but webOS is by far the most USABLE portable operating system in the world.
Really? Have you tried Maemo (e.g N900) (or Meego)? It seems WebOS is getting Qt (which has Qt Web Run Time). Some apps (mostly games) for Web OS already run on N900 (Meamo on ARM).
Maybe WebOS will merge with Meego? Between them they may be able to create a big enough app market.
If it logs everything sent to your screen, it fails.
Why does it fail on this account? Excessive logging on chatty commands (e.g. 'tail -f verbose_log_file') ?
The key is that the end user must not be greatly inconvenienced by the logging so that they do not feel like there is a reason to go around it. That's why I like the ksh-93 with auditing approach. It's a comfortable and familiar shell, but it logs their command line history in real time off-host. (Built into ksh-93, but not enabled in a default build).
What I look for isn't necessarily what they did after they took actions to evade logging, but did an action occur that could reasonably allow them to bypass logging?
Like running a shell they prefer (for some reason), or the one that stipulated as being the required shell for the admin user of an expensive proprietary application?
Have you looked at something like sudosh or it's AWOL-but-enterprise-variant, eash?
Well, there's /root/.bash_history
Which is useless for auditing purposes. For example, instead of using 'exit' or CTRL-d, use 'kill -9 $$', and see if it gets updated ...
No, the security reviewer should ask why you are allowing 'sudo vi' when you should be allowing 'sudoedit'. But, most security reviewers I have met seem to not know anything that isn't installed by default on Solaris or AIX.
DON'T PROVIDE EDITOR ACCESS VIA sudo, BUT VIA sudo -e, OR sudoedit!!!!!
This problem has been known, and solved, for a long time.