Slashdot Mirror


User: drsmithy

drsmithy's activity in the archive.

Stories
0
Comments
12,153
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 12,153

  1. Re:Who drives them? on Ballmer on Innovation · · Score: 1
    Discrete config files allow for much easier management.

    What do they give you that the registry does not ?

  2. Re:I N N O V A T I O N on Ballmer on Innovation · · Score: 1
    * i have no idea if IE is actually tied to the kernel, i didn't actually claim it was

    You just wrote three sentences (and that's disregarding the prior post) explicitly implying IE is "tied to the kernel".

  3. Re:Microsoft may do cool stuff on Ballmer on Innovation · · Score: 1
    NTFS has metadata, but not indexing - that has to be built on top (and MS still haven't done it properly).

    NTFS indexes attributes (ie: metadata).

  4. Re:Only for servers? on Fujitsu Bundling SUSE Linux · · Score: 1
    No, they wouldn't. Microsoft would have revoked their OEM license for using a competitor's products.

    If there was business in it, this wouldn't matter.

    Why do so many Microsoft fanboys have such a poor grasp of the law?

    I have quite a good grasp of the law. What I lack is a belief it is infallible.

  5. Re:I run Linux on Non-Technical Users Talk Malware · · Score: 1
    The question isn't whether users will or will not do silly things. The question is what silly things will the OS let them do.

    And the answer, of course, is anything they want - because otherwise those computers wouldn't be very useful.

    "Silly" - like "malicious" - is a matter of context. Computers aren't very good with determining context.

    Also, on your previous claim that script kiddies will try to get users to compile executables, good luck trying to resolve the library dependencies (or will the script kiddies include their own libraries?).

    I made no such claim.

    And you really have not explained how they will exploit the rich scripting/programming environment of Linuz.

    Much the same way they do on any other platform.

  6. Re:Band-aid on Tear Down the Firewall · · Score: 1
    Firewalls are such a band-aid solution to the problem of unknown processes running on your own computers.

    Firewalls have nothing to do with processes running on computers. They are for filtering network packets.

    The right way to solve the problem of rejecting incoming and outgoing requests is to make it easy to see which processes are accepting and making connections on which port.s

    No, this is the right way of identifying which processes are sending and receiving information, not whether or not those packets are getting to and from the mahcine.

  7. Re:Only for servers? on Fujitsu Bundling SUSE Linux · · Score: 1
    Dell did that for a while and fell to microsoft's feet later on. If only they had continued ...

    If there was business in it they _would_ have continued.

    Why do so many Linux zealots have such a poor grasp of economics ?

  8. Re:Microsoft may do cool stuff on Ballmer on Innovation · · Score: 1
    BFS supported indexed metadata and filesystem journalling back in the days when other desktop platforms hadn't even heard of the concepts.

    NTFS had this in 1993. Even earlier, if you want to go from when it was designed/implemented rather than when it was publically available.

  9. Re:Microsoft may do cool stuff on Ballmer on Innovation · · Score: 1
    Look at how small Be's development team was, yet somehow they managed to create a 64bit file system with many of WinFS' features back in what? 1998-1999?

    There's very little - if anything - BeFS was capable of that NTFS wasn't back in 1993.

    The problem is that just as Microsoft takes Apples ideas [...]

    Are you able to conceive of two (or more) entities idependently coming up with the same idea ?

  10. Re:Show me one example on Ballmer on Innovation · · Score: 1
    While they ultimately did rewrite (most or all of) the code for it (maybe completely by version 5), they didn't come up with the innovation themselves.

    In fact IE was mostly rewritten by version 3, and the "innovation" was making it an embeddable, reusable "library" rather than a standalone application.

  11. Re:Show me one example on Ballmer on Innovation · · Score: 1
    The only reason IE took over market share is BECAUSE IT WAS INCLUDED FOR FREE IN EVERY OS IN 95% OF THE COMPUTERS.

    Except the versions of IE that took over Navigator's market share - at the time they did so - were only available via download, not bundled with the OS.

    IE killed Navigator because it was better. More people wanted to use it. Fewer people wanted to use Navigator. Netscape chose to stop trying to improve their product and paid the price.

  12. Re:The monkey man screeches on Ballmer on Innovation · · Score: 1
    If Mr. Ballmer says he hasn't seen much in the way of technical innovation in Open Source, he's either not looking in the right places or he's telling porkies.

    What "technical innovations" are you thinking of ?

  13. Re:Name 5 innovations from Microsoft. on Ballmer on Innovation · · Score: 1
    Name 5 things that Microsoft has innovated and NOT just distributed to more people (because more people use Microsoft desktops).

    What's your definition of "innovation" ? Name "5 innovations" on some other platforms.

  14. Re:Who drives them? on Ballmer on Innovation · · Score: 1, Interesting
    They can even just look at one of the Open Source OS's and SEE how others have solved those problems.

    What "problems" are you thinking of ?

    I still have to ensure that the DAILY anti-virus/anti-spyware downloads happen.

    Maybe you should embrace some basic security principles then.

    The same virus that was known to infect Win98 ... will STILL infect Win2003.

    THAT is the problem.

    No, it's the price of compatibility. You want your 10 year old applications to run on today's OS ? That means 10 year old malicious code will run as well.

    Microsoft's security model PREFERS for you to run ADDITIONAL 3rd party software because the OS itself does not (without massive amounts of work and testing on the part of the HIGHLY TRAINED administrator) provide any way of stopping viruses, worms, trojans, spyware, etc.

    Oh, bullshit. The vast majority of problems in running as a non-Admin in Windows are the responsibility of *application developers*, not Microsoft.

  15. Re:I run Linux on Non-Technical Users Talk Malware · · Score: 1
    So Microsoft lied when it said that Internet Explorer was part of Windows?

    No.

    Also, if executables aren't compatible across systems, doesn't that mean that Linux is not a monoculture?

    I have already explained how Linux is enough of a monoculture. Applications standard to just about every unix machine on Earth provide more than enough functionality for malware.

    Also, do you have any real evidence that Linux users would act this way, or are you merely extrapolating from Windows users?

    Users do silly things. The platform they choose to do them on is but a minor detail. Linux will not magically make people stop doing silly things.

  16. Re:I run Linux on Non-Technical Users Talk Malware · · Score: 1
    And would such end users run things like gcc?

    No. The shell script they received in an email and executed would.

    It may be possible to get unsuspecting users to compile programs, but why bother? Why not just have them load the executable instead?

    Because the executable might not be compatible across systems.

    Again, the same with sendmail and such. Would these users run mail servers (as opposed to clients)?

    Most unix systems have a mailserver running to handle local mail delivery, even if the end user never knows about it nor deliberately enables it.

    Sendmail - or equivalent - is the rough unix equivalent to those MAPI APIs that allow Windows applications to send mail.

    As for the naivete of the users, doesn't Linux have better separation between regular users and root?

    It's irrelevant. You don't need root access to do just about everything malware wants to do. Most malware /today/ breaks with a regular user account because it is written under the assumption the user is running as Administrator. However, higher privileges are rarely a functional requirement - expect to see more malware in the future start working under regular user accounts.

    Not that root access is particularly hard for a program to obtain with the fancy new GUI sudo programs that get around these days conditioning users into typing in their password whenever a box pops up. Just raise a password request with a vaguely authentic sounding reason and voila, you've got root.

    If Linux develops Microsoft levels of market share, more experienced users will have to warn newer users about such issues.

    Pffft. "More experienced users" rarely deign to try and impart wisdom _today_, let alone in the future when they're even more outnumbered.

    Your inherent assumptions that regular users will be prepared to listen, or that the "advice" will come in an understandable form, is also rather optimistic.

    Maybe what malware needs more than scripting languages are mail clients and browsers that have deep hooks in the OS. Linux doesn't have these.

    These "hooks" are no "deeper" in Windows than they are in any other OS.

  17. Re:I run Linux on Non-Technical Users Talk Malware · · Score: 1
    And how many vulnerabilities do perl, bash, gcc, etc have? Also, even here one has alternatives (python vs. perl, zsh vs. bash). And what is the level that matters? Does Microsoft Windows need these to attract malware?

    You miss the point. It's not the vulnerabilities, it's what all those tools allow you to do. There's more than enough capabilities - just from the basic tools installed on nearly every unix box you'll ever use - to do the things most pieces of malware want to do.

    When you say sendmail (or equivalent), do you know if other mail servers would share sendmail's vulnerabilities, if any?

    Nope, but I bet they've nearly all got a sendmail-compatible mode for $PROGRAM to generate and set a shitload of emails.

    Even if gcc has no alternatives (is the kernel ANSI compliant?), is it the sort of thing that script kiddies could exploit?

    It makes it pretty easy to get whatever software you want running on the machine.

    Software vulnerabilities are not the primary problem - on all platforms they're relatively uncommon (particularly remote exploits). The biggest problem is end users, and their penchant for doing anything a random email or web page asks them to do so they can get at teh free b00bies. This is the point I was trying to make - from the perspective of end users running "stuff", linux (indeed, unix in general) is more than homogenous enough.

  18. Re:All depends on what you want. on Open-source Licensing: BSD or GPL? · · Score: 1
    The purpose of the GPL is to ensure that the code will always be open.

    No, the purpose of the GPL is to ensure *other people's* code gets GPLed when it touches yours. The GPL is not about *your* code, it's about *other people's code*.

    The LGPL is about *your code*.

    The purpose of the BSD license is to ensure the authors are given proper credit, not necessarily to keep the code open.

    Any code that is released under the BSD remains open. Derivatives of that code, however, may not.

  19. Re:What a retarded question. on Open-source Licensing: BSD or GPL? · · Score: 3, Insightful
    The GPL motivates development because DEVELOPERS are enticed by the idea that derivatives of their code will REMAIN open, and that their projects will flourish.

    Unless you subscribe to the loony definition of "derivative code" that RMS does, the GPL encompasses a hell of a lot more than "derivatives of their code".

  20. Re:Danger Will Robinson, Danger! on Open-source Licensing: BSD or GPL? · · Score: 3, Interesting
    I've seen a bunch of projects that chose to go with the BSD style licence and it's bit them in the ass. People are using their code left and right, but hardly anyone is contributing back since they don't have to.

    If this is /really/ "biting them in the ass", and not just something they expected, but you happen to find personally disagreeable, then the people in those projects deserve every bit of pain they receive. The whole *point* of the BSD license is so derivative code remains under the control of the people writing it.

  21. Re:not a big surprise, but it's ominous for future on Non-Technical Users Talk Malware · · Score: 1
    they really aren't as stupid as we accuse them of being

    Yes, they are. A depressingly large amount of malware requires the user to do something stupid - or at the very least questionable - before it can get onto the computer.

    I have programs I like to use in Windows I've actually begun to offset by creating my own similar linux functionality (thank Goodness I can code) just because I can't stand the 15 minute preamble to getting up and running in Windows.

    I'm having difficulting conceiving WTF you could possibly be doing in Windows that requires 15 minutes of rebooting just to get started.

  22. Re:Linux/OS X don't run as ADMIN on Non-Technical Users Talk Malware · · Score: 1
    You're missing my point about windows being vulnerable. I should have posted it this way, perhaps.

    Windows doesn't REQUIRE you to either - I've been running as a regular user in Windows for nearly 10 years now - it just defaults to it.

  23. Re:I run Linux on Non-Technical Users Talk Malware · · Score: 1
    [...] it's that Linux itself is not a monoculture.

    It is at the level that matters for this sort of thing. How many Linux machines do you see without perl, bash, sendmail (or equivalent), etc installed ? Heck, it's not often you find a Linux machine without gcc installed.

  24. Re:I run Linux on Non-Technical Users Talk Malware · · Score: 1
    Unreal Tournament 2004 can't save your info for single player unless you are in admin mode, and pretty much any other game that saves progress. And you can't download patches for MMORPGs without running them in admin mode. (At least they have a run as option so I can just run those few things as admin)

    A safer way (at least with regards to saving, may not work for patching) is to find the files/directory the games try to write to that they shouldn't be (will probably be in the program's directory) and make them writable by your user. That way you can still run the game as a regular user and not worry about any network related exploits in that game making your whole system vulnerable.

    You should also file a big report with any developer stupid enough to write their software such that day-to-day usage requires writing to files outside the user's home directory.

  25. Re:It's not just the non-technical users on Non-Technical Users Talk Malware · · Score: 1
    While doing that, I accidentally clicked on a certain part of the web page. Bingo slammo, my system was infected with spyware, this nasty Aurora and nail.exe [netrn.net]

    Your biggest mistake is running as an admin and not a regular user.

    Your other mistake was using IE for something other than Windows Update.