Joe Stockbroker just installs a distribution and uses that, like he does with Windows. The Windows equivalent of this is tweaking things in the management console, and I'm pretty sure Joe Stockbroker almost certainly hasn't heard of it. This stuff for sysadmins.
99% people don't need to mess with PAM, hosts.deny or things like that because the defaults are sane. Now, in a big corporate environment the sysadmin will probably tweak all of that, but most home users can live without knowing anything about it. In several years of using Linux I only needed to read documentation on PAM when I decided to try to write a module for it, and that was just an experiment.
In any case, it's an unfortunate fact that security configuration can't be simple. Even the most user friendly Windows tools like Zone Alarm are horribly confusing for this hypothethical Joe Stockbroker. "services.exe wants to access the Internet, do you want to allow it?"
Right, kerberos shares something with PAM, that it can be implemented in a PAM module. I don't see what's the problem there, makes perfect sense to me.
hosts.allow and hosts.deny deal with a very simple thing: what computers are allowed to access what services. This can be replaced by a firewall.
hosts.equiv and rhosts are for tools like rsh, which these days should be considered obsolete and deprecated by ssh.
files like ftpaccess and rsyncd.conf contain configuration specific to services. I don't see how that's in conflict with hosts.allow either. It's very simple. hosts.allow determines what computers can use the FTP service. Then, ftpaccess determines options relevant only to FTP.
So, how does all this work together? Very simple.
hosts.allow determines which computers are allowed to connect to telnet
PAM determines how can you authenticate to telnet (for example, asking for an username and password, and verifying against the right database)
a config file then is read by the daemon to configure telnet-specific options.
So, what's the problem here? It's a perfect implementation of the Unix philosophy. Every tool does its own job.
PAM doesn't need to be concerned about what computers on the network are allowed - that can be done with hosts.allow or a firewall. It doesn't need to be concerned with a daemon's configuration either. Any of these layers can be replaced without touching the rest.
Many of those have nothing in common. Please at least do some reading on this stuff.
Bastille was a script that tweaked things for you last time I checked. It does nothing you can't do by editing config files and using chmod if you know how.
ACLs are approximately a WinNT-like permission system for Linux.
selinux goes MUCH further, adding capabilities that didn't exist before, making it possible to precisely specify what a process is supposed to do and what not. While quite complicated, it allows doing nifty things.
PAM has an unique purpose - handling authentication. If you want your users to use a smartcard or a fingerprint reader, that's what you need.
ssh is an encrypted telnet (simplifying things a bit)
sasl is an encryption library, beecrypt is another.
kerberos is an authentication method - which has absolutely nothing to do with things like filesystem permissions.
So, where are those interactions you talk about? SeLinux with all its power has nothing to do with encryption and doesn't replace it. Different encryption libraries don't conflict with each other and in most cases users don't even need to deal with them. PAM could be said to be related to SeLinux a tiny bit, but they do very different things. SeLinux handles permissions, while PAM defines how users are authenticated to the OS. Kerberos is just a protocol.
Re:Heh, so Java's slow indeed
on
Photon Soup Update
·
· Score: 1, Informative
Well, let me explain in more detail.
In 1993, the computer I had was a 386 DX 40 with 4 MB RAM and 170MB hard disk. 486 were recent and still very expensive.
Today, I have a dual Athlon MP 2000+ with 1 GB ECC DDR RAM and 200GB disk which when I bought it, cost me about the price of a high-end single CPU computer and definitely performed better.
After googling a bit, I found a Sparc Station 1 had a 25 MHz CPU, 64MB RAM, and a 25 MHz bus. While I know perfectly that MHz is not a good measure of performance, just the 25 MHz bus would ensure that machine would have a MUCH lower performance than anything modern.
Now, while Sun hardware at that point was probably way beefier than consumer stuff, these days it doesn't seem to be true for Sun hardware that has an affordable price.
So, let's try a little estimation. Assuming current hardware has a performance of only 10X of the Sparc Station 1, he should have got the same result with just 10 volunteers running 24/7. From the 900 emails figure it sounds like he got quite a few more than that.
And despite this increase in computing power, somehow his per-month performance was lower than 11 years ago.
Heh, so Java's slow indeed
on
Photon Soup Update
·
· Score: 3, Interesting
Computers got 3000 times faster, but Java managed to compensate for 11 years of evolution.
Now we have: Year: 2004 Computers: Unknown, supposedly 3000 times faster Time: 2.5 months Photons: 45.3 billions, 18 billion/month
If computers are indeed 3000 times faster, or heck, even 100, you should have got 72 billion just out of one of those computers running for the 2.5 months.
I'm not familiar with.NET, but in VB 6 you can have control arrays, which would avoid you all those pages of setting every control by hand.
And even if arrays aren't possible for some strange reason, couldn't you just have made a function that returns an image object? Say, in VB 6 this would have been along the lines of:
Public Function GetImage(n as Long) as Image
Select Case n
Case 1: Set GetImage = Image1
Case 2: Set GetImage = Image2
' etc
End Select End Function
Then you can avoid all this unholy mess you're making there.
I agree that this sucks, however I don't think the UPS people even have facilities where they can store anything at -20C. And if whatever you were sending was that valuable, you should have insured it for $20K.
Well, while there's sun you can use solar power. When there isn't, it'd be problematic, but perhaps a thermoelectric generator could be used. I heard you can extract some useful power from a heat differential, but I'm not sure if it'd produce enough power for melting anything
It's not strange at all, it happens that same everywhere. The more customers a restaurant has the more it will have to spend on maintenance: cleaning, replacing broken plates, etc. If it's a free museum, the same will happen. Every person that visits it contributes a tiny bit to degrading it somehow, like leaving dirt on the floor.
Besides, where'd you get the idea that ISPs get revenue from personal sites? They only get it from bandwidth. The ISPs give you a medium, but they don't get any gain from your use of it with the exception of what they charge you for their use. The owners of a toll road don't get any richer just because somebody drives trucks full of diamonds on it, they get the money from the toll.
Runs Descent, Descent2, Jazz Jackrabbit and One Must Fall 2097 for me. Although DOS4GW doesn't work on it, but you can replace the extender with the Zurenava DOS Extender, for example.
The site's in Russian, but it's simple to use. You run it on the game executable to replace the extender it uses. After that it works fine. Some games seem to lock up on exit on my laptop, but everything works fine during play, so it shouldn't be a huge problem.
This way of thinking is very strange. If you're a company, then yes, but if you're an individual it makes no sense at all to count the hypothetical cost of everything you do. For some people like me, $995 is a very significant of money that I'd prefer to spend on a laptop, while a say, month of programming during the summer is not a cost, and maybe a benefit in terms of practice and satisfaction, apart from giving me something to do.
Also, not everybody who can write code has the ability of doing so in an commercial environment. People can perfectly have a completely different way of earning money, and may not wish to do programming professionally to avoid killing their hobby.
And anyway, this is free software we're talking about. I wouldn't write my own toolkit, I'd look at existing ones and choose the one that'd be easier to port to the required architecture.
Re:Games don't have to be old to be good.
on
Retro Gaming Gets Hot
·
· Score: 3, Interesting
For a nice shooter I recommend Starscape. It's 2D in 3D (as in requires any cheap 3D capable card, but doesn't really have anything in 3D), and only runs on Windows though.
Well, I'm fairly sure that the GDI Ion Cannon will end being a reality sooner or later. And it seems the US Army is already doing some development that sounds a lot like the Nod Obelisk of Light.
Well, duh. It's because most OSS projects have *no customers*
Not all of them, though. Hans Reiser, who works on the ReiserFS filesystem for Linux will be glad to add whatever you want to it, for a price of course. Want encryption, compression, or a better handling of whatever vital task you need to accomplish? They'll do that for you. They'll even help you recover your data after you screw up (they'll help for free if it's a bug). I'm fairly sure you could make a similar deal with most OSS developers.
I'd say that's much better than most companies, since I don't remember MS making big changes their customers wanted. MS these days seems to be going in whatever direction they think is best (DRM, WinFS, etc). Hey, isn't that exactly how most OSS projects work as well?
The rest of your points simply don't make sense. It doesn't make sense for Linux to accomodate nVidia and whoever comes next. Linux would die if it had to stay compatible with everybody's closed source drivers. What about Samba, you know, MS didn't exactly give them a spec to implement. They have to reverse-engineer it.
Strange. Both DOS and Unix have had lots of white on black text for years, and I wasn't aware people found that painful to look at. I certainly don't.
Now, the default setting is light gray on black, but I used DOS for years having white on black without problems. On the other hand, I guess it's possible that my old 14" CRT didn't have the brightness of my current TFT.
BTW, white on black tends to look rather bad in print.
It didn't catch on because of its quality though. HTTP was adopted because it's a simple and decent protocol, even if not perfect. Windows would have never caught on so well if Microsoft limited to delivering boxes to shops and let everybody freely choose what they wanted to run or sell.
Just search the web for a few relaxing tunes. Say, on modarchive.com you probably can find a few nice ones. Politely ask the authors, I'm sure some wouldn't mind some extra advertising in this way. Or go to Magnatune, they seem to be very reasonable. As an additional advantage, your customers will hear something that they probably never heard before.
What, you too are behind some corporate non-disclosure agreement? Although if you're working on OSS it shouldn't be the case...
Don't you think that one step towards getting some people that would want to participate in whatever you're working on would be to tell them WHAT it is?
I hope your company isn't nathanlaan.ca, because at the moment it says "Directory Listing Denied":-P
I really don't get why so many people on slashdot will brag about their company/project and then not name it. It's just weird. Maybe it's just the american law that forces people to be so vague?
Would probably be research in better capacitors. Which would be pretty nice, if they got their capacity up to that of a battery, it'd be a lot nicer. Pretty much no charge limit, much faster charge and discharge time.
Getting OT, but ew. I just saw a piece of a Flintstones episode today on TV, after several years. I already remembered the animation was bad, but I didn't remember it was *that* crappy. Heck, even the cheapest anime looks much smoother in comparison.
I've got a perfectly comfortable environment in Windows already. It does everything I need to do. But when I want to play a game with a friend, I have to boot Win2K, and hope it loads because sometimes for an unknown reason it will BSOD on startup. Then I find I'm in a rather foreign environment, where the browser is not set up the way I like it, the IM works worse...
That's why I prefer games that can run on Linux. They make playing so much easier. For example, Neverwinter Nights.
Slashdot Mirror
Joe Stockbroker just installs a distribution and uses that, like he does with Windows. The Windows equivalent of this is tweaking things in the management console, and I'm pretty sure Joe Stockbroker almost certainly hasn't heard of it. This stuff for sysadmins.
99% people don't need to mess with PAM, hosts.deny or things like that because the defaults are sane. Now, in a big corporate environment the sysadmin will probably tweak all of that, but most home users can live without knowing anything about it. In several years of using Linux I only needed to read documentation on PAM when I decided to try to write a module for it, and that was just an experiment.
In any case, it's an unfortunate fact that security configuration can't be simple. Even the most user friendly Windows tools like Zone Alarm are horribly confusing for this hypothethical Joe Stockbroker. "services.exe wants to access the Internet, do you want to allow it?"
Right, kerberos shares something with PAM, that it can be implemented in a PAM module. I don't see what's the problem there, makes perfect sense to me.
hosts.allow and hosts.deny deal with a very simple thing: what computers are allowed to access what services. This can be replaced by a firewall.
hosts.equiv and rhosts are for tools like rsh, which these days should be considered obsolete and deprecated by ssh.
files like ftpaccess and rsyncd.conf contain configuration specific to services. I don't see how that's in conflict with hosts.allow either. It's very simple. hosts.allow determines what computers can use the FTP service. Then, ftpaccess determines options relevant only to FTP.
So, how does all this work together? Very simple.
hosts.allow determines which computers are allowed to connect to telnet
PAM determines how can you authenticate to telnet (for example, asking for an username and password, and verifying against the right database)
a config file then is read by the daemon to configure telnet-specific options.
So, what's the problem here? It's a perfect implementation of the Unix philosophy. Every tool does its own job.
PAM doesn't need to be concerned about what computers on the network are allowed - that can be done with hosts.allow or a firewall. It doesn't need to be concerned with a daemon's configuration either. Any of these layers can be replaced without touching the rest.
Many of those have nothing in common. Please at least do some reading on this stuff.
Bastille was a script that tweaked things for you last time I checked. It does nothing you can't do by editing config files and using chmod if you know how.
ACLs are approximately a WinNT-like permission system for Linux.
selinux goes MUCH further, adding capabilities that didn't exist before, making it possible to precisely specify what a process is supposed to do and what not. While quite complicated, it allows doing nifty things.
PAM has an unique purpose - handling authentication. If you want your users to use a smartcard or a fingerprint reader, that's what you need.
ssh is an encrypted telnet (simplifying things a bit)
sasl is an encryption library, beecrypt is another.
kerberos is an authentication method - which has absolutely nothing to do with things like filesystem permissions.
So, where are those interactions you talk about? SeLinux with all its power has nothing to do with encryption and doesn't replace it. Different encryption libraries don't conflict with each other and in most cases users don't even need to deal with them. PAM could be said to be related to SeLinux a tiny bit, but they do very different things. SeLinux handles permissions, while PAM defines how users are authenticated to the OS. Kerberos is just a protocol.
Well, let me explain in more detail.
In 1993, the computer I had was a 386 DX 40 with 4 MB RAM and 170MB hard disk. 486 were recent and still very expensive.
Today, I have a dual Athlon MP 2000+ with 1 GB ECC DDR RAM and 200GB disk which when I bought it, cost me about the price of a high-end single CPU computer and definitely performed better.
After googling a bit, I found a Sparc Station 1 had a 25 MHz CPU, 64MB RAM, and a 25 MHz bus. While I know perfectly that MHz is not a good measure of performance, just the 25 MHz bus would ensure that machine would have a MUCH lower performance than anything modern.
Now, while Sun hardware at that point was probably way beefier than consumer stuff, these days it doesn't seem to be true for Sun hardware that has an affordable price.
So, let's try a little estimation. Assuming current hardware has a performance of only 10X of the Sparc Station 1, he should have got the same result with just 10 volunteers running 24/7. From the 900 emails figure it sounds like he got quite a few more than that.
And despite this increase in computing power, somehow his per-month performance was lower than 11 years ago.
Computers got 3000 times faster, but Java managed to compensate for 11 years of evolution.
The previous article says:
Year: 1994
Computers: 100 SparcStation 1
Time: 1 month
Photons: 29 billion, 29 billion/month
Now we have:
Year: 2004
Computers: Unknown, supposedly 3000 times faster
Time: 2.5 months
Photons: 45.3 billions, 18 billion/month
If computers are indeed 3000 times faster, or heck, even 100, you should have got 72 billion just out of one of those computers running for the 2.5 months.
Probably that's why the stats are going down. Azureus has its own update mechanism, and at least the latest updates were distributed as torrents.
Wow. That looks *way* longer than it should be.
.NET, but in VB 6 you can have control arrays, which would avoid you all those pages of setting every control by hand.
I'm not familiar with
And even if arrays aren't possible for some strange reason, couldn't you just have made a function that returns an image object? Say, in VB 6 this would have been along the lines of:
Public Function GetImage(n as Long) as Image
Select Case n
Case 1: Set GetImage = Image1
Case 2: Set GetImage = Image2
' etc
End Select
End Function
Then you can avoid all this unholy mess you're making there.
I agree that this sucks, however I don't think the UPS people even have facilities where they can store anything at -20C. And if whatever you were sending was that valuable, you should have insured it for $20K.
Well, while there's sun you can use solar power. When there isn't, it'd be problematic, but perhaps a thermoelectric generator could be used. I heard you can extract some useful power from a heat differential, but I'm not sure if it'd produce enough power for melting anything
It's not strange at all, it happens that same everywhere. The more customers a restaurant has the more it will have to spend on maintenance: cleaning, replacing broken plates, etc. If it's a free museum, the same will happen. Every person that visits it contributes a tiny bit to degrading it somehow, like leaving dirt on the floor.
Besides, where'd you get the idea that ISPs get revenue from personal sites? They only get it from bandwidth. The ISPs give you a medium, but they don't get any gain from your use of it with the exception of what they charge you for their use. The owners of a toll road don't get any richer just because somebody drives trucks full of diamonds on it, they get the money from the toll.
Runs Descent, Descent2, Jazz Jackrabbit and One Must Fall 2097 for me. Although DOS4GW doesn't work on it, but you can replace the extender with the Zurenava DOS Extender, for example.
The site's in Russian, but it's simple to use. You run it on the game executable to replace the extender it uses. After that it works fine. Some games seem to lock up on exit on my laptop, but everything works fine during play, so it shouldn't be a huge problem.
This way of thinking is very strange. If you're a company, then yes, but if you're an individual it makes no sense at all to count the hypothetical cost of everything you do. For some people like me, $995 is a very significant of money that I'd prefer to spend on a laptop, while a say, month of programming during the summer is not a cost, and maybe a benefit in terms of practice and satisfaction, apart from giving me something to do.
Also, not everybody who can write code has the ability of doing so in an commercial environment. People can perfectly have a completely different way of earning money, and may not wish to do programming professionally to avoid killing their hobby.
And anyway, this is free software we're talking about. I wouldn't write my own toolkit, I'd look at existing ones and choose the one that'd be easier to port to the required architecture.
For a nice shooter I recommend Starscape. It's 2D in 3D (as in requires any cheap 3D capable card, but doesn't really have anything in 3D), and only runs on Windows though.
Well, I'm fairly sure that the GDI Ion Cannon will end being a reality sooner or later. And it seems the US Army is already doing some development that sounds a lot like the Nod Obelisk of Light.
Well, duh. It's because most OSS projects have *no customers*
Not all of them, though. Hans Reiser, who works on the ReiserFS filesystem for Linux will be glad to add whatever you want to it, for a price of course. Want encryption, compression, or a better handling of whatever vital task you need to accomplish? They'll do that for you. They'll even help you recover your data after you screw up (they'll help for free if it's a bug). I'm fairly sure you could make a similar deal with most OSS developers.
I'd say that's much better than most companies, since I don't remember MS making big changes their customers wanted. MS these days seems to be going in whatever direction they think is best (DRM, WinFS, etc). Hey, isn't that exactly how most OSS projects work as well?
The rest of your points simply don't make sense. It doesn't make sense for Linux to accomodate nVidia and whoever comes next. Linux would die if it had to stay compatible with everybody's closed source drivers. What about Samba, you know, MS didn't exactly give them a spec to implement. They have to reverse-engineer it.
Try to make the ebuild yourself. It's surprisingly easy, and pretty safe as well, since portage will let you try until you get it right.
Unless something complicated is required to install it, you probably can get a basic ebuild, tweak the filename and paths and have it work.
Strange. Both DOS and Unix have had lots of white on black text for years, and I wasn't aware people found that painful to look at. I certainly don't.
Now, the default setting is light gray on black, but I used DOS for years having white on black without problems. On the other hand, I guess it's possible that my old 14" CRT didn't have the brightness of my current TFT.
BTW, white on black tends to look rather bad in print.
It didn't catch on because of its quality though. HTTP was adopted because it's a simple and decent protocol, even if not perfect. Windows would have never caught on so well if Microsoft limited to delivering boxes to shops and let everybody freely choose what they wanted to run or sell.
Just search the web for a few relaxing tunes. Say, on modarchive.com you probably can find a few nice ones. Politely ask the authors, I'm sure some wouldn't mind some extra advertising in this way. Or go to Magnatune, they seem to be very reasonable. As an additional advantage, your customers will hear something that they probably never heard before.
What, you too are behind some corporate non-disclosure agreement? Although if you're working on OSS it shouldn't be the case...
Don't you think that one step towards getting some people that would want to participate in whatever you're working on would be to tell them WHAT it is?
I hope your company isn't nathanlaan.ca, because at the moment it says "Directory Listing Denied" :-P
I really don't get why so many people on slashdot will brag about their company/project and then not name it. It's just weird. Maybe it's just the american law that forces people to be so vague?
Well, I'm not an expert. I just said that because the few railgun projects I've seen online used banks of huge capacitors.
Would probably be research in better capacitors. Which would be pretty nice, if they got their capacity up to that of a battery, it'd be a lot nicer. Pretty much no charge limit, much faster charge and discharge time.
Getting OT, but ew. I just saw a piece of a Flintstones episode today on TV, after several years. I already remembered the animation was bad, but I didn't remember it was *that* crappy. Heck, even the cheapest anime looks much smoother in comparison.
Booting windows is just a pain in the arse.
I've got a perfectly comfortable environment in Windows already. It does everything I need to do. But when I want to play a game with a friend, I have to boot Win2K, and hope it loads because sometimes for an unknown reason it will BSOD on startup. Then I find I'm in a rather foreign environment, where the browser is not set up the way I like it, the IM works worse...
That's why I prefer games that can run on Linux. They make playing so much easier. For example, Neverwinter Nights.