Slashdot Mirror


User: Russ+Nelson

Russ+Nelson's activity in the archive.

Stories
0
Comments
3,476
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 3,476

  1. Re:Venoumous, but true... on Bertrand Meyer's "The Ethics of Free Software" · · Score: 2

    No, what he writes is pointless because it's based on a tenditious redefinition of the word "free". Yes, "free" means zero cost, but it also means freedom. Gratis AND libre. Bertie discards the libre meaning. How could you hope to make sense from that hash?
    -russ

  2. Also confuses commercial and proprietary on Bertrand Meyer's "The Ethics of Free Software" · · Score: 3

    Bertie also confuses commercial software with proprietary software. Redhat Linux is commercial software. They charge money for it. Nobody's upset with Redhat because they charge money for their distribution. Some people are upset because Redhat has too much market share. Some are upset because they think Redhat is technically flawed. In spite of this, Bertrand says that free software people hate commercial software. That's nonsense on stilts!
    -russ

  3. Thank you for missing the whole point, Bertrand. on Bertrand Meyer's "The Ethics of Free Software" · · Score: 2

    Whether Open Source has zero cost or not is totally besides the question. When the cost is zero, it is an artifact of the freedom to redistribute the code. Bertrand TOTALLY misses the point behind the Open Source movement: it is the ability to modify and/or redistribute the code that brings the community its power.
    -russ

  4. I know why Borland says this: on Slashback: cubans, crises, code-dependency · · Score: 4

    I know one possible reason for why Borland says this:

    Nothing in this license statement permits you to derive the source code of files that Borland has provided to you in executable form only, or to reproduce, modify, use, or distribute the source code of such files.

    Because, back in 1987 or thereabouts, the Borland C library had a bug. I reverse-engineered their source (for all memory modules), fixed the bug, posted it to the net, and sent it to them. They sent me a demand letter demanding that I stop distributing their source code. Hehe. Not theirs, mine!! Still, they wanted to stop people from fixing bugs in their software, so they now have this in their license.
    -russ

  5. Re:NAT != firewall on The Slashdot DDoS: What Happened? · · Score: 2

    Which operating systems forward source routed packets or tunnel packets without explicitly being configured to do that?

    You say it's weak security, but you come up with a weak example of why it is.
    -russ

  6. Re:Who cares??-some do. on Should We Be Wary Of Free-Beer Software? · · Score: 2

    Your reply is off-topic. The author of the story asked will it see our beloved OSs lose their open-source vision and simply become the new medium for commercial software?"

    I answered his question. You are responding to something I never said.
    -russ

  7. Who cares?? on Should We Be Wary Of Free-Beer Software? · · Score: 2

    Who cares if proprietary software (even if zero-cost) switches from proprietary operating systems to open-source operating systems? Who could be harmed by this?
    -russ

  8. Re:NAT != firewall on The Slashdot DDoS: What Happened? · · Score: 2

    Who was talking about NAT? I'm suggesting that you run your public services on a public IP address and your private services on a non-routable private IP address.

    The use of a firewall in itself offers little if any security!

    Cool. Does it make me more correct if I use boldface?

    And yes, geez, if you have one compromised host it can lead to other hosts being compromised. Should that surprise anyone?
    -russ

  9. Re:how is this a troll??? on The Slashdot DDoS: What Happened? · · Score: 2

    By the same logic:

    This is Unix, get real. The logic is completely different. Arguing by analogy is, like, stupid.

    I think the point is that they have one really good BSD guy. That makes BSD expertise 'more available' to Slashdot than whatever else.

    You're right, that's a good point, but how does that make what I wrote a troll?
    -russ

  10. Re:how is this a troll??? on The Slashdot DDoS: What Happened? · · Score: 2

    Because FreeBSD doesn't suck, it just doesn't have (tada!) as much expertise available.
    -russ

  11. Re:how is this a troll??? on The Slashdot DDoS: What Happened? · · Score: 1

    bastards. Guys are bastards, girls are bitches. Sheesh!
    -russ

  12. Re:Heh. Some good books On AI. on Online Book About Nano/AI · · Score: 2

    "AI" is any technology we haven't implemented yet. A C compiler used to be AI. babelfish used to be AI. Now it's just a program.
    -russ

  13. Re:Sometimes I wonder if.... on Online Book About Nano/AI · · Score: 2

    Imagine what a well-trained terrorist group could do with plastic explosives.

    Oops, they already have. And we seem to have lived through it. There's a limit to the number of people desperate enough to take such chances with their lives.

    If we can't keep crypto from being exported, how are we going to keep nanotech secret? It seems like we can only get rid of the *fantastic* risks of nanotech by giving up the *fantastic* benefits. That's a high cost.
    -russ

  14. Re:When will this be on Online Book About Nano/AI · · Score: 2

    I think the argument is that anything complicated enough to be smart and creative will also make mistakes. Oops.
    -russ

  15. Technology solves problems on Online Book About Nano/AI · · Score: 2

    Technology solves problems. So, to ask the question "Is technology always good?" is to ask the question "Are there some problems for which the solution is worse than the problem?" If the problem has externalities that cannot be turned into private property, then perhaps the question is yes. But first you have to try to turn the externalities into private property.
    -russ

  16. how is this a troll??? on The Slashdot DDoS: What Happened? · · Score: 1

    It's a simple fact that more Linux expertise is available because more people are running Linux. How is it a troll to recognize this fact in public? Sheesh, some moderators are biased.
    -russ

  17. Re:In short: Memory Exhaustion on The Slashdot DDoS: What Happened? · · Score: 2

    SYN flooding is a solved problem in modern Linux kernels. Try again.
    -russ

  18. Re:Why not a firewall. on The Slashdot DDoS: What Happened? · · Score: 2

    No, I'm not trolling. I haven't seen an rationale for a firewall which is any better than "Well, we're too stupid and lazy to lock down N Unix hosts, so we're going to lock down one. Somehow we will become less stupid and lazy because there is only one machine."

    If I can secure a firewall that I control, then I can secure a firewall that I control.

    If X then X is true every time, but it's not much of an argument for a firewall.

    I can't prevent the group behind the firewall from introducing vulnerabilities on their side of the street

    If they're in public services, you're toast *anyway*, because your firewall is letting those services through. If they're in private services, then why for God's sake did you bind them to a public IP address???

    Most of the things that people are using firewalls to protect against can be solved by using non-routable IP addresses and some small amount of filtering on your router.
    -russ

  19. Re:Why not a firewall. on The Slashdot DDoS: What Happened? · · Score: 2

    It's not that I'm a god. It's just that I've seen firewalls and the machines behind them, and I'm unimpressed by the way they work, and I'm unimpressed by the arguments for them.

    Why isn't your router blocking traffic with an unroutable source address?

    You mean they build insecure boxes and then put them on the net? Why did they waste their time?
    -russ

  20. Re:Why not a firewall. on The Slashdot DDoS: What Happened? · · Score: 2

    Machines are cheaper than people. It's easier to configure N+1 machines all the same than to configure N machines one way and one machine a different way.

    Not ignoring, just forgetting to dispense with it as an issue.
    -russ

  21. Why not a firewall. on The Slashdot DDoS: What Happened? · · Score: 1

    1) Several people have asserted that a firewall somehow magically has more resources to deal with an attack. Sorry, no. If you have N+1 hosts, calling the one a firewall doesn't create more resources to deal with an attack.

    2) A firewall breaks the end-to-end communication paradigm of the Internet. The idea is that you place smarts in the middle. Sorry, no. Hosts should communicate with hosts, not with intermediaries.

    3) C'mon, you're running Unix, stop acting so helpless. If you can secure a Unix firewall, you can secure a Unix server. This is not rocket science. If you have to communicate with a service that you don't want to expose to the world, you bind it to a private IP address on NET10.

    4) More often than not, a firewall is used to hide insecure hosts, and then people laughably call it "security in depth".

  22. Re:Why a firewall? on The Slashdot DDoS: What Happened? · · Score: 2

    the only thing that allows your other boxes to work at all, since anything you want to do as a webhost is inherently insecure.

    Exactly my point. You're exposing your weakest service. How does a firewall increase your security when you're giving away the farm? And as Slashdot proved, it's a single point of failure.
    -russ

  23. Re:Why a firewall? on The Slashdot DDoS: What Happened? · · Score: 2

    You have N servers plus one firewall. All told, N+1 hosts have the horsepower to deal with the traffic. You just agreed to that, right? So why is life any easier just because one of the machines is configured as a firewall?
    -russ

  24. Re:Why a firewall? on The Slashdot DDoS: What Happened? · · Score: 2

    You can't invent more CPU speed by dedicating one machine to filtering packets. The same amount of CPU speed could be used to serve pages.

    What services does a slashdot server need to expose? ssh, qmail, http, mysql. The first two are trusted services, the third you're exposing to everyone so it had better be secure anyway. It's only the fourth that isn't necessarily trustworthy.
    -russ

  25. Re:Why a firewall? on The Slashdot DDoS: What Happened? · · Score: 1
    1. I'd say that they don't want to limit thier functionality. A tweaked firewall will let them keep useful schtuff turned on.

    So that when the firewall is breached, they lose everything? Uh-uh for me.

    2.If the firewall uses its CPU to deflect the crap, then the web servers wont have to deal with it.

    So put the firewall into service as another server. You can't create more CPU by dedicating some of it to being a firewall.

    3. They have a BSD uberadmin who can make that BSD box walk the dog. If something else wierd goes on, it'll be in his back yard.

    Linux expertise is more widely available.
    -russ