Slashdot Mirror


User: drsmithy

drsmithy's activity in the archive.

Stories
0
Comments
12,153
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 12,153

  1. Re:Here is the FIX on Hack Mac OS X With Installer Packages · · Score: 1
    What kind of tasks are you performing on a regular basis that you cannot use Linux unless logged in as root?

    I think he is complaining because the graphical sudo programs in GNOME and KDE only work if your logged in user is in /etc/sudoers, they don't give you the opportunity to run as a user *not* in /etc/sudoers and specify a dedicated "sudoer" username/password when something needs to be run as root.

  2. Re:WHY this is unexpected for macs on Hack Mac OS X With Installer Packages · · Score: 4, Informative
    I'm going to reply to my own post because reading other comments I see that people don't grasp why this is an unexpected behaviour on a mac. It's a fairly normal behaviour on linux and Windows.

    According to the Apple documentation linked from TFA, if this behaviour is actually happening, then it is neither expected, nr proper, and is definitely a bug. How the article writer managed to arrive at the conclusion that Apple's documentation say it is correct and expected, I don't know.

    On a mac, it's normally possible to install an application without requiring any super user privledges. On linux and Windows it's frequently impossible or at least quite hard (on linux you often have to fiddle with the make configuration, and it results normally in a crippled application.

    On Windows this is an issue completely up to the application developer, who decides a) whether their installation procedures requires access to system areas, and/or b) whether they allow the user to specify where to install the applications (and/or c) if they bother to check the privilege level that the user has).

    On Linux, if you're compiling from source, it's a matter of passing --prefix=/some/path to 'configure'. WIth packages, it's a function of the package manager and subject to the same restrictions regarding whether or not the developer has done the right thing.

    OS X is *exactly* the same.

    Here's one example. On a windows computer when you install something it has to have some way to get it's hooks into the OS.

    No, it doesn't.

    This might be as simple as notifying the OS of what extension/suffixes it can open or what services or filters it provides to other applications. This is done through the registry. And you need to be root to modify the registry. So you can't really install anything properly without giving your application the ability to write to the registry.

    This is wrong.

    Firstly, you don't need to be "root" to write to the Registry (Windows has no "root" equivalent and access to the Registry is governed by the same types of ACLs that restrict filesystem access, applied on a per-Registry-key basis).

    Secondly, file associations and similar config data are stored in the per-user Registry hives which, of course, users are (typically) able to modify. The equivalents in OS X are all those XML config files hiding in your home directory (which, of course, you have permissions to modify - although access is not restricted at the same fine-grained level as it is to the Registry).

    And since there's no selective privledges that would say "well I trust you to only modify this part of the registry and no where else nor any other file, you basically pull your pants down around your ankles, close your eyes and pray there is no unsolicited finger up the butt every time you install. Linux is simmilar, since it propably wants to shove stuff in /bin and maybe overwrite somethings in /lib.

    There most certainly *is* the capability for such "selective pivileges" when accessing the Registry, and it is enforced. Linux (and unix in general - including OS X), however, lacks both the centralised repository to lock down access to such a degree and the fine-grained permissions system to actually do so, and is somewhat hampered by the fact "root" has no restrictions whatsoever (at least in typical configurations).

    As a result, there is no need to unbuckle your jeans and grab your ankles when you do an install in most cases. And it's also easy to undo an application since the number of places it touches (usually just the application's folder and the library/preferences)

    From a technical perspective, the situation in Windows (and Linux, to a less degree) is no different.

    And there is the problem. It turns out that the installer application on a mac, is a an application that can retain root privs after the first time you grant them (like says SETUID). To me this would seem unneccess

  3. This behaviour must be a bug on Hack Mac OS X With Installer Packages · · Score: 1
    In TFA, the writer says:
    There exists a pretty significant interface problem with the Apple Installer program such that any package requesting admin access via the AdminAuthorization key, when run in an admin user account, is given full root-level access without providing the user with a password prompt during the install. This is even explained in Apple's Installer documentation as proper behavior.

    Yet on the table here, linked to from TFA, the documentation quite clearly states that if a user is already an Administrator and the "Authorisation Access" specified is "Admin Authorisation", then the subsequent install will only run as the Administrator user. It also says that to get root privileges, "Root Authorisation" must be requested, which will prompt for appropriate user credentials.

    So it would appear while TFA is correct in identifying the behaviour (if it actually happens) as a bug, it is *not* correct in stating this behaviour is "proper".

  4. Re:Kernel Drivers on Would You Date Microsoft? · · Score: 1
    If you really, truly believe this, try installing a Win 95 driver on an XP system.

    How surprising, a ridiculously extreme and out of context example to try and disprove a valid and important point.

  5. Re:My Linux Annoyances as a Hardended Windows user on Would You Date Microsoft? · · Score: 0, Troll
    Driver has to go with the kernel for it to work.

    Only on Linux. Other platforms do not have this flaw.

  6. Re:This is great on Vista to Create 50,000 Jobs in Europe · · Score: 1
    M$ was earning money making early very different PCs behaving similarly. Or in other words, all those fancy "white boxes" have had all the same interface with the same DOS based OS. M$ power was in control of hardware companies - not in its OS.

    Microsoft have never had any real influence over hardware companies. Otherwise things like floppy drives, parallel ports and probably even intel CPUs would have gone the way of the Dodo years ago. Windows 98 (and 95, for that matter) would never have existed, because the primary reason for their existence (legacy hardware support) would have been irrelevant.

    In evolutionary current of events, thanks to mono-OS environment, PCs become standardized - all thanks to M$. When I open *any* system in my company I find pretty normal ATX system - w/o any proprietary cruft all the earlier white boxes are so infamous for.

    PCs have been standardised since the mid-80s, a handful of aberrations here and there notwithstanding. Any suggestion that the "generic PC" is a remotely recent development is ridiculous on its face.

    We already have choice of OSs: Linux kernel and *BSD made entry to OS market damn cheap for anybody.

    If the juvenile usage of "M$" didn't already betray your age, this certainly does. OSes are *already* "damn cheap for anybody", have been for years, and are only getting cheaper.

    M$Server 2003 is fine solid product - but why would anyone pay for it all the moneys when they can get all the same from Linux for much less/no money?

    Since your immature bias blinds you to the (obvious) answer, I'll help you: because they *don't* get "all the same from Linux".

    Vista comes precisely in the time when it starts to make more and more sense for M$ to release its OS for free (free as in "free beer") as it was suggested by many journalists and observers some time ago.

    It makes no sense whatsoever for Microsoft to release its OS for free. The vast majority of end users end up in front of a machine where the cost of Windows is either invisible (OEM PCs) or irrelevant to them (business PCs). Even people who go out and buy Windows without a PC, almost all buy the upgrade version. Only a tiny minority of consumers pay the full retail price for Windows. For business purchasers, the cost of the OS - even were it full retail price (which they don't pay anyway) - is a drop in the ocean compared to the combined cost of the machine and its user(s) over its lifetime.

    There is no compelling pressure for Microsoft to remove - or even reduce - the up-front cost of Windows from anyone - except, of course, people who almost certainly wouldn't buy it even if it cost less than a takeaway meal.

  7. Re:Right... because Bush Started the DMCA. on Pro-DRM Law May Be Coming To Australia · · Score: 1
    Besides, why is it that the other countries need to harmonize with OUR laws? Why can't we harmonize with THEIRS?

    Trust me, you wouldn't have wanted to harmonise with Australia's copyright laws.

  8. Re:Australia's come a long way since the 1970s on Pro-DRM Law May Be Coming To Australia · · Score: 1
    Australia doesn't have a crime problem?

    No. (Despite numerous and frequent attempts by alarmist media trying to convince us otherwise). Crime is very low in Australia, violent crime even less so.

    Guns are mostly illegal in Britain too, but Britain actually has a higher crime rate than the USA, especially in the area of muggings. The lack of gun ownership doesn't seem to be helping them much, unless you somehow consider a criminal's life to be of equal worth to a victim's.

    The main difference vis-a-vis "muggings" is, in the UK you get beaten up, while in the US you get shot and killed.

  9. Re:You don't see the problem. on EU And Microsoft Clash Over Vista Security · · Score: 1
    Security as it pertains to the operating system is the ability to authenticate users prior to access, categorize the level of access the user has, and limit access based on a policy placed by administration.

    By this definition, Windows is "secure". Heck, by this definition, Windows is more secure than a typical unix, including OS X.

    However, since you had previously indicated that you did *not* consider Windows "secure", then the only rational conclusion I could reach is that you weren't using that definition. Hence, I requested clarification.

    An anti-virus clearly plays no role in the purpose of an OS, nor is it a key component in building a secure OS--unless perhaps you have a different definition of an OS that you'd like to share?

    "[...] limit access based on a policy placed by administration."

    An AV program limits access based on the policy of known malicious code.

    You can't seem to build a logically sound argument [...]

    I can't build a logically sound argument because the goalposts get shifted around with pretty much every post in a typical Slashdot thread.

    For example, the biggest security hole in any system is the end user. Logically, then, any additional capabilities which serves to reduce both the size and potential impact of that hole make an OS more secure.

    OS X does not come with a pre-packaged AV, nor do most Linux distros, FreeBSD, NetBSD, Solaris, nor pretty much all other OSes.

    Nor do any of them share the combination of marketshare and user demographic that Windows does.

    The fact that it is something that would be packaged along side the operating system suggests that it's not an integral part of the OS or OS security.

    TCP/IP stacks used to be packaged along side the operating system. So did GUIs, CLIs, libraries and hardware drivers, to mention but a few things that most people, today, consider "part of the OS".

    There's no such thing as a perfectly secure OS, but there are relatively secure OS's--these are operating systems that are secure by design (rational security policies), [...]

    Design != Policy. Design dictates what capabilities are. Policy dicates how those capabilities are applied.

    [...] have relatively few exploitable bugs (few system vulnerabilities), [...]

    Bugs != system vulnerabilities. Poorly configured passwords or permissions, or unnecessarily started services, are [potential] system vulnerabilities, but they are not bugs.

    [...] and have secure default configurations (easy to secure by the average user).

    Again, you try to equate two different things. A secure default configuration, by definition, makes "easy to secure by the end user" irrelevant.

    This doesn't entail protecting the user from himself.

    Yes, it does. Otherwise there would be nothing considered wrong about running a system day to day as root.

    If an AV detects a virus, then chances are the OS has already been infected.

    Unlikely. Viruses, by definition, need vectors like email and downloads. Virus definitions are updated frequently enough to make 0-day virus infections uncommon, simply because of the time it takes people - rather than computers - to propogate them.

    If anything, AV's encourage users to be stupid about what they download since they think the AV will pick up all viruses and they will be more likely to proceed downloading and executing suspicious attachments.

    Like most geeks, you confuse "ignorant" and "stupid".

    This also demonstrates a flaw in your argument. Since only "stupid" people use hihgly privileged accounts for day to day use, then only "stupid" people are vulnerable to the vast majority of Windows "exploits", which fail when the user is not in an Administrator user context. Similarly, since you argue the OS should make no effort to protect the user from himself, then you should see no issue whatsoever with the default user account f

  10. Re:You don't see the problem. on EU And Microsoft Clash Over Vista Security · · Score: 1
    If you need a definition for those terms, look it up on wikipedia.

    That's a pretty pitiful attempt at a dodge.

    An operating system's purpose is not to stop human stupidity.

    There's a hell of a lot of people on Slashdot who seem to think it can, however.

    The definition of a secure operating system isn't an operating system that prevents users from acting like idiots.

    So what is the definition of a secure operating system ? What OSes meet it ? What OSes don't ?

    What good is an operating system that protects you from viral e-mail attachments when there exist exploits that allow attackers to take over your system remotely without you doing anything?

    What outstanding remote exploits of that nature are there in Windows ?

    You can prevent e-mail viruses from infecting your computer by exercising common sense.

    If it were that common, email-bourne viruses would never have amounted to more than a minor footnote in history.

    There are millions of ways to secure Vista other than packaging an anti-virus with it. These are the ways that Vista should be securing Vista because other companies can't.

    For example ?

    Ofcourse if you rely on MS marketing speak instead of reasoning through the situation, you'd come to the conclusion that the EU wants MS to release an insecure OS...

    Anyone "reasoning through the situation" will invariably arrive at the conclusion that anti-virus and anti-malware tools are an essential component for any OS aimed at the typically ignorant end user - or "idiot", as you would probably refer to them.

  11. Re:Then what for...? on Linux Desktop Ready, Says Mainstream Media · · Score: 1
    Maybe, but if Dell or HP or Best Buy offer a PC system that will browse the intarweb and do email and IM and print school reports, for a *real* discount ($200+ less than a Windows system?), then they all those Joe Smith's might actually adopt a linux system.

    So where is the benefit to Dell, HP or Best Buy in making ~$150 less (which would probably result in them selling at a loss) off each machine just to push Linux ?

    You don't seriously think an OEM version of Windows costs big name vendors $200, do you ?

  12. Re:I predict on The Hard Drive Turns 50 · · Score: 1
    At some point in the future, capacity will take a back seat to recoverability ( for the average consumer ). To that end, I predict harddrive companies effectively setting up a raid 1 array on a single drive; Probably by platter. To the host system, it would appear as a single drive of 160gb ( for example ), but it would actually be two platters of 160gb, with a bit for bit copy being maintained on the fly by the drive itself.

    That's not going to help you if the motors and/or onboard circuitry dies. Which is, IME, *vastly* more common failure modes than the platter surface(s) suddenly degrading.

    I think you'll see traditonal RAID1 configurations being pushed more by OEMs, long before you see any sort of "all in one" solutions coming from the hard disk manufacturers (and I even think that's unlikely). Especially when there's so much money for them to be made by taking a regular hard disk, putting it into a cool-looking USB cage and doubling the price tag.

  13. Re:Playstation 3 on IBM's Cell Processor — Not Just for PS3 Anymore · · Score: 1
    Kind of like 386DX vs. 386SX -- instead of throwing away the DX chips that had defective math coprocessors, Intel simply burned out the traces, screened a different label on them, and sold them at discount prices.

    Minor correction, that was 486s, not 386s.

  14. Re:The problem is on EU And Microsoft Clash Over Vista Security · · Score: 1
    Isn't this the whole point?

    By "you" I mean you, personally.

    If "we" (or more accurately the EU) could say which modules should be included in a default install, this whole article wouldn't exist. If the EU says "we don't want (media player/antivirus/firewall/etc.) enabled by default," MS just makes sure that that module is disabled on default installs for machines being sold in the EU. Problem solved.

    No, *huge* problem created. Microsoft can now no longer write *any other part of Windows* with the assumption that the functionality provided by those modules is present (so, for example, if IE is "optional", then they couldn't have created an HTML-based help system). It means either a) that functionality may as well not exist (because developers cannot assume it exists, therefore cannot use it), or b) equivalent functionality must be independently implemented in all aspects of the system that want to use it (thus removing one of the primary reasons for a modular design).

    Yes, but right now "core component" includes a lot of things that wouldn't necessarily need to be there, [...]

    Only by your definition of "need to be there". I can't think of a single piece of Windows functionality that doesn't also exist on its contemporaries (and in many cases existed there first).

    [...] and are causing the legal troubles the article is talking about.

    Only because of a braindead legal system that is trying to make sure Microsoft cannot provide feature parity with its competitors in an effort to "punish" it (although in reality, only disadvantaging innocent end users).

    Hence the suggestion to trim down the part of the OS that's absolutely, positively required, to make it easier to comply in the future.

    So who gets to decide what's required ? How will these conclusions be reached ? How frequently will they be reviewed ? Will these guidelines be applied fairly to all vendors shipping Operating Systems ?

    I'm not suggesting that Microsoft do this at all; in my view most installations will default to installing all of the components, unless the user specifically asks otherwise.

    You're missing the point. If a component's presence cannot be guaranteed, then its attractiveness to developers (and, hence, usefulness to end users) is close to zero in the case of general purpose software.

    The important thing is that the option to remove major components (or disable their installation by default in certain geographic or political regions) would be feasible to comply with the type of anti-monopoly policy that the EU is asking for.

    And my point is such a requirement is idiotic. It's effectively stating that Operating System design and featuerset should be dictated by politicians, not developers and end users.

    I think you're confused. This wouldn't be "pandering to a miniscule proportion of people," it would be "pandering" to the entire EU, which isn't a miniscule segment of their customer base.

    "Miniscule proportion of people" and "the EU" are not contradictions. Just because the EU *government* says something, doesn't mean the customers have the slightest interest in it. The utter disinterest of the market in Windows "Reduced Media Edition" should be more than enough evidence of that, for those who were too stupid to figure it out for themselves.

  15. Re:Yeah... really BIG news... bah on The Apple News That Got Buried · · Score: 1
    Apple make a 'mid range' machine - it's called the iMac.

    Maybe you missed the "standalone" part. You know, for users who don't want to pay for a big LCD screen when they've already got one (and subsequently have to buy another when they replace their computer). Or for users who want to be able to upgrade the typically weak video card Apple includes as standard (somewhat ironic given their emphasis on how much their GUI makes use of GPUs).

    Apple won't do it, of course, because they know that a huge proportion of people who buy PowerMacs^WMac Pros really only want a headless iMac with a replacable video card - and that any such machine would absolutely slaughter the sales of the higher margin "Pro" machines.

  16. Re:Yeah... really BIG news... bah on The Apple News That Got Buried · · Score: 1
    There are two types of Mac Pro owners - posers, and people who actually need the power.

    You forgot all those people who want (and have wanted for years) a mid-range standalone machine.

  17. Re:ahahahahah on Microsoft Sues and Gets Sued · · Score: 1
    Ummm, that guy is bitching that an 800MHz Powerbook with 1GB of RAM was slow running 10.2.x, which is a bunch of bullshit since I'm running 10.3.9 on an 800MHz G3 iBook with 640MB of RAM and it runs fine. Hell, we had 333MHz G3 B&W Powermacs with 384MB of RAM that ran OS X 10.1.x just fine when we still had those machines.

    If your idea of "fine" is a G3 running OS X, then any PC released in the last decade will run Windows "fine".

  18. Re:wow. on Microsoft Sues and Gets Sued · · Score: 1
    If forces you to upgrade. I've gone through several Windows machines this decade, but the Mac I bought my wife in 2000 is still kicking, and still quite useful.

    If your wife is happy with a ca. 2000 Mac running OS X, then it's pretty clear she doesn't have a great deal of sensitivity to OS performance.

  19. Re:How does this bode for NT6? on The Apple News That Got Buried · · Score: 2, Informative
    The NeXT architecture of OS X has always been more "at ease" with multiple CPUs than various versions of NT.

    Your evidence for this being what, exactly ? Tea leaves ?

    NeXT didn't even *support* multiple processors until Apple's OS X reinvention, whereas NT was designed from the ground up with multi-CPU machines in mind and has supported them since its first release in 1993.

    Not that NT can't handle them, but that OS X does a better job of dividing tasks sanely to more fully utilize the chips and from what I've heard is much more capable once you move past four.

    Heard from who ? Apple zealots who think OS X isn't dog-slow to use and multitasks well because Expose still works when the machine is under load ?

    As good old Ars describes, the multiprocessor support in OS X before 10.4 was only average, to say the least.

    It's doubtful that the multiprocessor capabilities in OS X at the moment are even as mature as it was in Windows 2000.

    That being the case, as multiple CPUs/cores become more commonplace, I think OS X will end up with the reputation of being the faster of the two.

    Well, it's got a lot of work to do before it's faster than anything except earlier versions of OS X.

  20. Re:The problem is on EU And Microsoft Clash Over Vista Security · · Score: 1
    The only reason it's true of XP is that XP is not modular.

    Yes, it is. It's just that *you* didn't have a say in which modules were optional.

    However, what if Vista were modularized from the beginning, with this in mind? Development kits would emphasize which parts of the OS were core components (and thus guaranteed to exist) and which components were optional. Programs that were written that tried to require optional components would be subject to scrutiny; perhaps they would not be allowed to put the "Compatible with Vista" sticker on the box.

    That's exactly what happens now.

    If it gets installed by default, it's a core component and software developers can safely assume that it will be present on any Windows installation their software runs on. If it doesn't, it isn't, and they can't.

    The point you bring up about the html rendering engine in IE is a good one, but it's not difficult to work around it. Simply make sure that the default windows install has a basic html rendering engine, but only barely enough to run help files. The "IE" module would then be a larger component that focused on a clean front-end designed to be a solid user interface for web browsing, with full support for RSS and the like that wouldn't be included in the basic install.

    I still find it amazing, that *years* after everyone else (GNOME, KDE, OS X) went down the same path with a browser component as Microsoft did, people are still carrying on about it trying to pretend a web browser isn't an expected and critical feature of any consumer-oriented OS.

    But I don't see a compelling reason that this couldn't be achieved, provided the decision to go this route is made early enough in the OS's development cycle.

    The compelling reason is that the vast majority of end users will *hate* having to run out and acquire additional software (even if it's download straight from Microsoft, at no extra cost) to reach levels of functionality that have been standard for a decade or more.

    This is no longer the early 80s. Computers aren't just for 31337 geeks anymore and when people buy one today they expect to get more than a text screen with a flashing cursor and the opportunity to create their own experience. Microsoft are not pandering to the minscule proportion of people that wish it was, nor are they ever likely to. Get over it, install Linux (which *does* pander to your demographic) and move on with your life.

  21. Re:Modularization on EU And Microsoft Clash Over Vista Security · · Score: 1
    If they would simply modularize many of the components that come with Windows, they might wriggle out of a lot of legal troubles.

    Windows is already modular. What you want to do is make it *less* modular, by making it impossible for Windows developers to reuse code (since they will not be able to guarantee that a given module will be present in the system).

  22. Re:Security should be inherent in the OS on EU And Microsoft Clash Over Vista Security · · Score: 1
    The code should by design be resistant to mallicious processes.

    Can you objectively (ie: programmatically) define "malicious" ?

  23. Re:The solution on EU And Microsoft Clash Over Vista Security · · Score: 1
    Problem being most of that is rather easily bypassed due to poor implementation and the fact for a lot of applications to work the have to be run as administrator which overrides all these settings and allows access.

    Microsoft shares absolutely zero blame for applications (needlessly) require Administrator privileges to run.

  24. Re:You don't see the problem. on EU And Microsoft Clash Over Vista Security · · Score: 1
    An OS does not need to be packaged with an anti-virus to be secure.

    This statement is meaningless without a definition of "secure".

    MS can simply put out more secure code in the first place and implement more intelligent security policies.

    That still won't stop people deliberately executing malicious code, the #1 vector for all malicious code.

    The anti-virus is simply there is resolve inherent security flaws.

    No, the AV is there to stop ignorant users from shooting themselves in the foot when they run the latest virus and malware-laden version of Comet Cursor.

    The purpose of an Anti-virus (and anti-malware) program is *not* to plug holes in OS security, it's to plug the great big security hole the end user opens up by sitting in front of the computer.

    Well, a Word process isn't an integral component to an operating system.

    This statement is meaningless without a definition of "operating system".

  25. Re:THey also added gapless playback on Apple Announces iTunes 7, Movies, Set-Top Box · · Score: 0
    By the way, that sinking sound you hear coming from Redmond is the hope of Microsoft in taking over the living room through Zune, the XBox 360, and Media Center PCs.

    Bollocks. Even this iTV thing, when it ships, will be just like using an XBox 360 as an "MCE Extender" *only without the ability to play games, and for the same price*.

    (Somewhat ironically, however, a Core Duo Mini running Windows MCE would (IMHO) make an excellent base to build a high-def capable HTPC from.)