I never suggested it was. Nor did anyone else outside of a marketing department.
It's Vista renamed "Mohave" (in the ads) and then "Seven" (in real life).
This is false. "Mojave" used Vista. Windows 7 is not Windows Vista, no matter how much you want to try and argue otherwise.
It's just the same OS with reworked code to use less RAM. It's part of the NT 6.x family. - It should have been a service pack provided free of charge.
They're all "the same OS with reworked code [...]". No version of Windows NT since 3.1, in 1993, is "a new OS", any more that OS X was "a new OS" (rather than a Vista-like overhaul of NeXT) or any release of Linux since 1991 was "a new OS".
A.1 release is not a Service Pack. Windows 2003, was a.1 release, as was Windows 3.51, and no-one rational would try and argue they were "just a service pack" for previous releases. Service Packs (generally speaking) fix existing bugs, they don't introduce new features, functionality, or major changes.
You are correct sir. Windows 2000 == NT 5.0 while XP == 5.1 -(basically 2000 with bugfixes). Likewise Vista == 6.0 and Seven == 6.1, the bugfixed and memory-optimized version of Vista.
A.1 release is not a Service Pack.
Don't be duped. Remember this is the company that tried to trick people with "Windows Mohave" which was really just vista.
Er, right. An anti-FUD experiment is "trying to trick people" ?
IIRC, they lampooned it for its cartoonish look, and the fact that it was slower than Win98 and Win 2K, depending on where you were coming from.
Yes. Just like Vista.
Win 2K was probably the "best" of the NT versions, solid and trim compared to all of its predecessors and descendants.
Compared to NT4, Windows 2000 was "bloated" and slow - the former needing a 33Mhz 486 with 16Mb RAM and the latter a 133Mhz+ Pentium (~8x more) with 64MB RAM (4x more).
Vista never will be, as Win 7 is now out (Vista SP2 really, renamed because "Vista" had such a bad rap)
Windows 7 is as much "Vista SP2" as Windows XP was "Windows 2000 SP1". Certainly the changes weren't as large as Vista (probably the single biggest update to NT since its release), but definitely more than just a service pack.
The Government is at fault for even going through the process in the first place. A perfectly serviceable process for classifying R18+ movies already exists. There is no reason why it could not be used to rate games as well.
The day that happens is the day that freedom and self-determination die. Society does not have the right to tell me what I can and can not do with my body.
Yes it does, Refer to the numerous laws about same, and their relevant punishments.
To say nothing about the whole concept of being imprisoned.
There's a reason for that. It's not needed. ACL's are usually just pointless complexity breaking the KISS principle. ACL's on Windows are a common cause of failure on systems that don't actually need ACL's at all.
It's hilarious to hear people talk about the "KISS principle" in favour of UNIX-like file permissions, because you just know that when presented with some relatively trivial and common request about file access (eg: typically involving multiple otherwise independent people requiring differeng access to the same file or directory) that they'll propose some complex, intricate and maintenance-intensive conglomerate of multiple new groups to meet it.
The UK recently had a telling case. A BNP politician (racist party) was canvasing and a fight broke out. On Have I Got News For You (British political comedy show) they showed the footage. The guy punched a dark skinned (probably Muslim immigrant but that would from that footage have been a presumption) in the face. Oooh bad. What they didn't show is the few seconds before that, when that guy spitted in his face.
Taking things out of context for humorous purposes is a pretty common technique. Did the _actual_ BBC news not show to entire sequences of events ?
Guess you've never had to use the 'SYSTEM' account. That is root on an NT machine, it does whatever it wants whenever it wants however it wants (okay, thats an exaggeration). Its not something you can normally get at, it takes a bit of effort... launching a command prompt via the AT command in NT used to work well for that purpose but I suppose they've probably fixed that by now.
SYSTEM is not a superuser. It is a very highly privileged user. There is a difference.
Both have user and group permissions, both have ACLs. The only difference is syntax at this point and some obscure differences that give neither side a clear advantage or disadvantage in general, though I'm sure there are some specific exceptions to this but thats the case with everything, and exception to every rule.
The traditional UNIX security model being discussed here does not have per-user ACLs.
Except in Unix, pretty much everything is treated as a file, so applying ACLs and permissions to files works perfectly.
Apart from the things that _aren't_ represented as files...
Simply put, you don't know what you're talking about. Every major unix that anyone bothers to use has had real ACLs for years.
Except a) we're talking about the traditional UNIX security model that doesn't have ACLs, and b) even today hardly anyone actually uses ACLs on UNIX and UNIX-like systems.
One of the major problems with NTs security model is its complexity and obscure permissions out of the box.
For example ?
Microsoft has spent at least the last 15 years or so slowly fixing them (and breaking compatibility with poorly written apps along the way) and trying to make it better. Its FAR better than it was a few years back, but if you think NTs security model is good out of the box, or easy, or 'a superset of Linux's' you clearly have no experience with either worth speaking of.
How is it worse ?
You want to know the best way to get hacked? Tell everyone how bad ass you are. Just ask rootshell.org/com (can't remember, it was ages ago) how well that worked out for them.
The only one here suggesting how "bad ass" they are, is you.
Part of the windows problem is that nearly all installers require escalation, therefore there is nothing out of the ordinary when XYZ_INSTALLER requests it.
The same is true on all platforms. It's hardly a "Windows problem".
One of the earlier posters has already admitted that ACL's are nearly equal between Linux and Windows, if administered with similar expertise [...]
And he's wrong.
But, even restricting ourselves to ACL's - default Linux installations beat default Windows installations all to hell and back on workstation installations [...]
How so ?
But - how many Linux servers do you think are run without SEL?
Most of them. Heck, I'd be amazed if the proportion of Linux servers using SEL at all was more than a few percent, and those with it configured specifically for their purpose a significant fraction of that.
Das Auge made a reasonable statement - and you respond with that old stupidity. "It's all about market share".
It's more about user demographics than marketshare, though marketshare is also a non-trivial factor (and intrinsically linked to user demographics anyway).
Windows NT security model is in now way, shape, or form, "superior" to *nix security model.
The Windows NT security model is superior to the classic UNIX security model (which is all the vast, vast, vast majority of UNIX or UNIX-alike systems are configured , even if they're technically capable of more advanced functionality like ACLs or SELinux) in every measurable way.
But I've said it before, I'll say it again: Linux systems, worldwide, guard more money and data than it would take to make thousands of hackers filthy rich. If it were easy, they would have done it already, instead of fighting over that huge Windows market share.
You might want to contemplate for a while how many of those Windows systems provide gateways into all that money and data being "guarded" by Linux, or are directly responsible for putting it there in the first place. You might also want to contemplate the difference between attacking an actively monitored, professionally managed server system and an unmonitored, unmanaged home PC whose users almost certainly understand nothing about security.
The biggest security hole in any system is the people. Which person do you think presents a softer target - the 12 year old girl who spends 4 hours a day using Daddy's computer for Facebook, or the bearded Linux sysadmin with an encrypted, hidden volume on his USB key ?
The "shitty" user/group/others system is understandable by regular users and they tend to use it correctly.
No, they don't. They simply tend not to use it at all (either in Linux or equivalent usage in Windows).
There are cases where it isn't flexible enough. Most of those can be handled by asking the systems administrator (which tends to be the user anyway, these days) to set up an extra group, but otherwise setfacl works fine.
IME, the most common case of u/g/o being insufficient (or impractical), is when someone wants to allow or deny a specific user access. The next most common case applies to the same situation but a group of people other than the one the file is already owned by.
However, this talk of "users" changing permissions is silly, because it just doesn't happen in the real world. When "users" want to share something between multiple people - assuming they don't get their ssysadmin to do it (or don't have one) - they either email it or put it into a world-writable shared directory with permissions set to "allow anyone full control".
While I agree with you that in theory, NT's permissions capabilities are more fine-grained and thus should provide a better security model than unix, in practice, I wonder if the complexity of NT's model commonly leads to bad implementations in practice.
No, the biggest problem stems simply from users deliberately circumventing the security model - typically by willing running arbitrary code with elevated privilege levels. While it's true NT's more capable system is frequently not used to tighten down a system any more than a classic UNIX scheme could, it is also not left any more open (at least by default).
There may be something to be said for simple & dumb.
It wouldn't make a difference. The most intricate security system in the world is rendered useless by someone already authorized deliberately providing others access.
To put it another way: no system over which an ignorant user has complete control can be secured. You can put up as many "are you sure" barriers as you want, but so long as someone who doesn't understand has the ultimate power to click "OK", then the nasties are inevitably going to get in.
Microsoft used it once to track down a virus writer. You may remember that case. But what it boils down to is that Office "called home" and reported to Microsoft what this person's GUID was. And Microsoft looked it up in their database to find the person who originally authored a Word macro virus.
This is false - though typical Slashdotist - anti-Microsoft hysteria.
What actually happened was simple, old-fashioned police work. The original upload of Melissa was tracked to a newsgroup posting, which was subsequently tracked to an IP address belong to an AOL account. The police got the logs for that account from AOL, identified the address of the number that dialed into it, and then arrested the resident along with seizing their computer.
The only role the GUID played was as supporting evidence that the document containing Melissa was, in fact, created on the computer that they had seized. It was also used fairly extensively throughout the computing world to identify other viruses that had been written by the same author, as they all had the same GUID.
No phoning home. No centralised database of Office users. No conspiracy.
Well, your whole democracy is a patch. A hack. You still keep the queen around, of course, she has no political power and her role is to produce news for the tabloids that the illiterate of your country can follow. The queen in the UK = Oprah in the states. Except, that according to the law, the queen can still intervene. Her powers, while null in practice, are still intact on paper. Please remember the Fear of queen-intervention in Canada a few months ago, and a similar situation now in the UK. So, this arcane bitch that you keep for decorative purposes has actual power that she can use at any time. Off course, nobody will actually let her use it. The deal is: She gets to keep the crown and go to boring parties as long as she doesn't use her power. If she does, the people will kick her out in the blink of an eye.
I think you mean the politicians will kick her out. I seriously doubt the vast majority of the population with the current Queen going a bit dictatorial, at least in the short term, considering what they think of the average politician.
Heck, if she decided to dissolve parliament and fire every current MP, you'd probably see people partying in the streets.
The Windows and Linux security models are virtually identical if you exclude MAC (SELinux etc.).
Except for NT having no concept of a superuser and Linux utterly dependent on one to implement nearly all aspects of a usable system.
Except for the finest granularity in Linux being the group and in NT the user.
Except for the utter nightmare in Linux trying to create exclusionary or complicated sets of permissions with multiple users and/or groups.
Except for the NT ACLs applying to nearly all objects in the OS, and in Linux only things represented in the filesystem.
Except for NT ACLs controlling nearly all ways to manipulate an object and in Linux being limited to read, write and execute.
"Virtually the same" my arse. NT's security model is vastly more capable than traditional UNIX's.
The main difference is that people actually understand the basic Unix model of users and groups and so they often manage to set their file permissions to something relatively sane. Practically noone uses the full power of ACL's on either system.
NT's permissions capabilities are a superset of Linux's. If someone understands the latter, then they can implement something *at least* as good on the former with the same amount of effort.
Al Gore's "Earth in the Balance" advocates reduction of the earth's population by more than 2/3, before the end of the century. Methodology for accomplishing this is not elaborated on; yet the only way to reduce population that drastically in that short a time frame is either mass sterilization, or mass genocide.
Please quote a relevant excerpt of the book advocating genocide, not fanciful conspiracy theories.
How do you suppose THAT would effect global climate, eh?
*Global* climate ? Probably not a lot. Do you have any evidence to support your idea ? Can you propose a more effective way of reducing emissions ?
Slashdot Mirror
Neither is +0.1 a whole new OS.
I never suggested it was. Nor did anyone else outside of a marketing department.
It's Vista renamed "Mohave" (in the ads) and then "Seven" (in real life).
This is false. "Mojave" used Vista. Windows 7 is not Windows Vista, no matter how much you want to try and argue otherwise.
It's just the same OS with reworked code to use less RAM. It's part of the NT 6.x family. - It should have been a service pack provided free of charge.
They're all "the same OS with reworked code [...]". No version of Windows NT since 3.1, in 1993, is "a new OS", any more that OS X was "a new OS" (rather than a Vista-like overhaul of NeXT) or any release of Linux since 1991 was "a new OS".
A .1 release is not a Service Pack. Windows 2003, was a .1 release, as was Windows 3.51, and no-one rational would try and argue they were "just a service pack" for previous releases. Service Packs (generally speaking) fix existing bugs, they don't introduce new features, functionality, or major changes.
Then XP came along, and didn't really add anything of substance to 2k, mostly just fluff.
This is false.
You are correct sir. Windows 2000 == NT 5.0 while XP == 5.1 -(basically 2000 with bugfixes). Likewise Vista == 6.0 and Seven == 6.1, the bugfixed and memory-optimized version of Vista.
A .1 release is not a Service Pack.
Don't be duped. Remember this is the company that tried to trick people with "Windows Mohave" which was really just vista.
Er, right. An anti-FUD experiment is "trying to trick people" ?
Well, this is Slashdot I suppose...
IIRC, they lampooned it for its cartoonish look, and the fact that it was slower than Win98 and Win 2K, depending on where you were coming from.
Yes. Just like Vista.
Win 2K was probably the "best" of the NT versions, solid and trim compared to all of its predecessors and descendants.
Compared to NT4, Windows 2000 was "bloated" and slow - the former needing a 33Mhz 486 with 16Mb RAM and the latter a 133Mhz+ Pentium (~8x more) with 64MB RAM (4x more).
Vista never will be, as Win 7 is now out (Vista SP2 really, renamed because "Vista" had such a bad rap)
Windows 7 is as much "Vista SP2" as Windows XP was "Windows 2000 SP1". Certainly the changes weren't as large as Vista (probably the single biggest update to NT since its release), but definitely more than just a service pack.
Everybody hailed it as uncharacteristically stable and usable.
Er, no. They treated pretty much the same way they did Vista.
Since when is a government consulting the community before doing something a bad thing?
When the community has already been consulted on the same question with slightly different wording.
The governments are not at fault here.
The Government is at fault for even going through the process in the first place. A perfectly serviceable process for classifying R18+ movies already exists. There is no reason why it could not be used to rate games as well.
The day that happens is the day that freedom and self-determination die. Society does not have the right to tell me what I can and can not do with my body.
Yes it does, Refer to the numerous laws about same, and their relevant punishments.
To say nothing about the whole concept of being imprisoned.
If they do then you are looking at another few weeks of having to use alternate birth control methods and in that case what's the damn point?
Er, because after that few week period you then only need to get it done every, say, 3-4 months ?
Gah. I do not get this at all. I can dig a little grooming, but what is the point of mimicking prepubescent hair growth patterns?
I know what you mean. That's why I only ever date women whose legs and armpits are at least as hairy as mine.
But everyone who watch the comedy NEWS show also watch the news? Have they watched that news segment?
FUCK yes - assuming they want news and not entertainment.
A comedy show about the news (or, more accurately, current events) is not there to tell you what the news is. It's there to make you laugh.
It blows my mind that I even have to say this, but comedy is not news. Not even comedy about the news.
There's a reason for that. It's not needed. ACL's are usually just pointless complexity breaking the KISS principle. ACL's on Windows are a common cause of failure on systems that don't actually need ACL's at all.
It's hilarious to hear people talk about the "KISS principle" in favour of UNIX-like file permissions, because you just know that when presented with some relatively trivial and common request about file access (eg: typically involving multiple otherwise independent people requiring differeng access to the same file or directory) that they'll propose some complex, intricate and maintenance-intensive conglomerate of multiple new groups to meet it.
The UK recently had a telling case. A BNP politician (racist party) was canvasing and a fight broke out. On Have I Got News For You (British political comedy show) they showed the footage. The guy punched a dark skinned (probably Muslim immigrant but that would from that footage have been a presumption) in the face. Oooh bad. What they didn't show is the few seconds before that, when that guy spitted in his face.
Taking things out of context for humorous purposes is a pretty common technique. Did the _actual_ BBC news not show to entire sequences of events ?
Guess you've never had to use the 'SYSTEM' account. That is root on an NT machine, it does whatever it wants whenever it wants however it wants (okay, thats an exaggeration). Its not something you can normally get at, it takes a bit of effort ... launching a command prompt via the AT command in NT used to work well for that purpose but I suppose they've probably fixed that by now.
SYSTEM is not a superuser. It is a very highly privileged user. There is a difference.
Both have user and group permissions, both have ACLs. The only difference is syntax at this point and some obscure differences that give neither side a clear advantage or disadvantage in general, though I'm sure there are some specific exceptions to this but thats the case with everything, and exception to every rule.
The traditional UNIX security model being discussed here does not have per-user ACLs.
Except in Unix, pretty much everything is treated as a file, so applying ACLs and permissions to files works perfectly.
Apart from the things that _aren't_ represented as files...
Simply put, you don't know what you're talking about. Every major unix that anyone bothers to use has had real ACLs for years.
Except a) we're talking about the traditional UNIX security model that doesn't have ACLs, and b) even today hardly anyone actually uses ACLs on UNIX and UNIX-like systems.
One of the major problems with NTs security model is its complexity and obscure permissions out of the box.
For example ?
Microsoft has spent at least the last 15 years or so slowly fixing them (and breaking compatibility with poorly written apps along the way) and trying to make it better. Its FAR better than it was a few years back, but if you think NTs security model is good out of the box, or easy, or 'a superset of Linux's' you clearly have no experience with either worth speaking of.
How is it worse ?
You want to know the best way to get hacked? Tell everyone how bad ass you are. Just ask rootshell.org/com (can't remember, it was ages ago) how well that worked out for them.
The only one here suggesting how "bad ass" they are, is you.
Part of the windows problem is that nearly all installers require escalation, therefore there is nothing out of the ordinary when XYZ_INSTALLER requests it.
The same is true on all platforms. It's hardly a "Windows problem".
bullshit. While it's true Windows has been victimized and targeted, there are fundamental security design flaws in NT that you won't find In UNIX.
For example ?
On UNIX, if you don't root the machine, you haven't taken it, and it's no trivial task to do remotely.
Funny you should mention root, given that a superuser is a fundamental design flaw Windows NT _doesn't_ have.
One of the earlier posters has already admitted that ACL's are nearly equal between Linux and Windows, if administered with similar expertise [...]
And he's wrong.
But, even restricting ourselves to ACL's - default Linux installations beat default Windows installations all to hell and back on workstation installations [...]
How so ?
But - how many Linux servers do you think are run without SEL?
Most of them. Heck, I'd be amazed if the proportion of Linux servers using SEL at all was more than a few percent, and those with it configured specifically for their purpose a significant fraction of that.
Das Auge made a reasonable statement - and you respond with that old stupidity. "It's all about market share".
It's more about user demographics than marketshare, though marketshare is also a non-trivial factor (and intrinsically linked to user demographics anyway).
Windows NT security model is in now way, shape, or form, "superior" to *nix security model.
The Windows NT security model is superior to the classic UNIX security model (which is all the vast, vast, vast majority of UNIX or UNIX-alike systems are configured , even if they're technically capable of more advanced functionality like ACLs or SELinux) in every measurable way.
But I've said it before, I'll say it again: Linux systems, worldwide, guard more money and data than it would take to make thousands of hackers filthy rich. If it were easy, they would have done it already, instead of fighting over that huge Windows market share.
You might want to contemplate for a while how many of those Windows systems provide gateways into all that money and data being "guarded" by Linux, or are directly responsible for putting it there in the first place. You might also want to contemplate the difference between attacking an actively monitored, professionally managed server system and an unmonitored, unmanaged home PC whose users almost certainly understand nothing about security.
The biggest security hole in any system is the people. Which person do you think presents a softer target - the 12 year old girl who spends 4 hours a day using Daddy's computer for Facebook, or the bearded Linux sysadmin with an encrypted, hidden volume on his USB key ?
The "shitty" user/group/others system is understandable by regular users and they tend to use it correctly.
No, they don't. They simply tend not to use it at all (either in Linux or equivalent usage in Windows).
There are cases where it isn't flexible enough. Most of those can be handled by asking the systems administrator (which tends to be the user anyway, these days) to set up an extra group, but otherwise setfacl works fine.
IME, the most common case of u/g/o being insufficient (or impractical), is when someone wants to allow or deny a specific user access. The next most common case applies to the same situation but a group of people other than the one the file is already owned by.
However, this talk of "users" changing permissions is silly, because it just doesn't happen in the real world. When "users" want to share something between multiple people - assuming they don't get their ssysadmin to do it (or don't have one) - they either email it or put it into a world-writable shared directory with permissions set to "allow anyone full control".
While I agree with you that in theory, NT's permissions capabilities are more fine-grained and thus should provide a better security model than unix, in practice, I wonder if the complexity of NT's model commonly leads to bad implementations in practice.
No, the biggest problem stems simply from users deliberately circumventing the security model - typically by willing running arbitrary code with elevated privilege levels. While it's true NT's more capable system is frequently not used to tighten down a system any more than a classic UNIX scheme could, it is also not left any more open (at least by default).
There may be something to be said for simple & dumb.
It wouldn't make a difference. The most intricate security system in the world is rendered useless by someone already authorized deliberately providing others access.
To put it another way: no system over which an ignorant user has complete control can be secured. You can put up as many "are you sure" barriers as you want, but so long as someone who doesn't understand has the ultimate power to click "OK", then the nasties are inevitably going to get in.
Microsoft used it once to track down a virus writer. You may remember that case. But what it boils down to is that Office "called home" and reported to Microsoft what this person's GUID was. And Microsoft looked it up in their database to find the person who originally authored a Word macro virus.
This is false - though typical Slashdotist - anti-Microsoft hysteria.
What actually happened was simple, old-fashioned police work. The original upload of Melissa was tracked to a newsgroup posting, which was subsequently tracked to an IP address belong to an AOL account. The police got the logs for that account from AOL, identified the address of the number that dialed into it, and then arrested the resident along with seizing their computer.
The only role the GUID played was as supporting evidence that the document containing Melissa was, in fact, created on the computer that they had seized. It was also used fairly extensively throughout the computing world to identify other viruses that had been written by the same author, as they all had the same GUID.
No phoning home. No centralised database of Office users. No conspiracy.
Well, your whole democracy is a patch. A hack. You still keep the queen around, of course, she has no political power and her role is to produce news for the tabloids that the illiterate of your country can follow. The queen in the UK = Oprah in the states. Except, that according to the law, the queen can still intervene. Her powers, while null in practice, are still intact on paper. Please remember the Fear of queen-intervention in Canada a few months ago, and a similar situation now in the UK. So, this arcane bitch that you keep for decorative purposes has actual power that she can use at any time. Off course, nobody will actually let her use it. The deal is: She gets to keep the crown and go to boring parties as long as she doesn't use her power. If she does, the people will kick her out in the blink of an eye.
I think you mean the politicians will kick her out. I seriously doubt the vast majority of the population with the current Queen going a bit dictatorial, at least in the short term, considering what they think of the average politician.
Heck, if she decided to dissolve parliament and fire every current MP, you'd probably see people partying in the streets.
The Windows and Linux security models are virtually identical if you exclude MAC (SELinux etc.).
Except for NT having no concept of a superuser and Linux utterly dependent on one to implement nearly all aspects of a usable system.
Except for the finest granularity in Linux being the group and in NT the user.
Except for the utter nightmare in Linux trying to create exclusionary or complicated sets of permissions with multiple users and/or groups.
Except for the NT ACLs applying to nearly all objects in the OS, and in Linux only things represented in the filesystem.
Except for NT ACLs controlling nearly all ways to manipulate an object and in Linux being limited to read, write and execute.
"Virtually the same" my arse. NT's security model is vastly more capable than traditional UNIX's.
The main difference is that people actually understand the basic Unix model of users and groups and so they often manage to set their file permissions to something relatively sane. Practically noone uses the full power of ACL's on either system.
NT's permissions capabilities are a superset of Linux's. If someone understands the latter, then they can implement something *at least* as good on the former with the same amount of effort.
I think the limiting factor is the SATA bus. Pack a 3.5-inch drive with NAND and a good controller and you will absolutely swamp a 3Gb SATA bus.
The typical IO bottleneck is due to IOPS, not bandwidth. Most people using SSDs would still see the same improvement on SATA1.
Al Gore's "Earth in the Balance" advocates reduction of the earth's population by more than 2/3, before the end of the century. Methodology for accomplishing this is not elaborated on; yet the only way to reduce population that drastically in that short a time frame is either mass sterilization, or mass genocide.
Please quote a relevant excerpt of the book advocating genocide, not fanciful conspiracy theories.
How do you suppose THAT would effect global climate, eh?
*Global* climate ? Probably not a lot. Do you have any evidence to support your idea ? Can you propose a more effective way of reducing emissions ?