Slashdot Mirror


User: drsmithy

drsmithy's activity in the archive.

Stories
0
Comments
12,153
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 12,153

  1. Kickstart ? on New Community-Run RPM-based Distribution · · Score: 1

    Do you have an automated installation infrastructue like kickstart (or possibly even just a reimplemented kickstart) ?

  2. Re:design is better, performance is worse on Get To Know Mach, the Kernel of Mac OS X · · Score: 1
    The modular design of microkernels makes for easier design & debugging, and with some designs the freedom to make user space services that can only be in privileged space in monolithic designs, [...]

    That's the theory, but in the actual practice of microkernel designs, what you end up having to do is move most of those "user space services" into kernel space for decent performance, as NT and OS X do.

    I assume that they at least keep the stuff that would ideally run in user space logically separated from the microkernel - firstly to make it easier to debug and secondly so that once hardware performance is good enough, those modules can be moved back out to user space where they belong.

  3. Re:I don't think so... on Could Microsoft Buy Red Hat? · · Score: 1
    It would be seen as an admission that the Windows Server technology is not what it is cracked up to be, and be read by the market as such. The immediate impact to the server business would be significant, and it is the only segment at Microsoft that is growing.

    Or it could simply be viewed as an acceptance that - for a variety of reasons - some customers will always require a unix platform of some sort.

    *If* Microsoft were to do this - and I really don't think they would - their logical course of action would be to work intensely on, and then heavily market, the integration capabilities and compatibility of "their" Linux within a Windows/Active Directory network. The smart way to facilitate this would be a non-GPLed layer of administrative tools and APIs that abstracted away the "unixisms" into the same management tools used to run Windows servers and desktops.

    So they basically end up with a unix that can be *trivially* and *fully* integrated into a Windows/Active Directory network and managed with the same framework (this would be *huge* for heterogenuous shops). Additionally, in a similar vein to Apple with OS X, since the code that would actually make this product valuable to their customers wouldn't be OSS (analagous to all the non-OSS stuff that differentiates OS X from every other unix and makes it valuable), they'd actually be able to make money selling it.

  4. Re:I don't think so... on Could Microsoft Buy Red Hat? · · Score: 2, Insightful
    IIS, parts of GUI, MS Office, Ole (called as ActiveX) all run parts of themselves in kernel mode for speed.

    The only part of IIS that runs in kernel space is the HTTP listener, everything else is user space.

    The rest of your list is typical /. bullshit - none of those applications run anything in kernel space.

  5. Re:I don't think so... on Could Microsoft Buy Red Hat? · · Score: 1
    Microsft like to tell the PHBs that they hate OSS and all it stands for [...]

    Actually Microsoft are quite specific that it's only the *GPL* they don't like. The BSDL is fine (of course), and I'd imagine they'd be comfortable with the LGPL as well. It's only the GPL that's a problem.

  6. Re:"Anti-virus software" != "Fixing vulnerabilitie on Microsoft To Offer Virus Defense · · Score: 1
    ActiveX (get rid of it altogether).

    Sandboxing it would be sufficient. Really, it's just an application delivery tool and in controlled, trusted environments it's very useful. I think disabling it by default and making re-neabling it non-trivial (eg: only by GPO) would be a reasonable solution.

    Deploy basic safety nets at the framework (kernel/library) level.

    You'll have to be a bit more specific than that.

    Whole classes of buffer overflows can be avoided with very little effort these days. Yet, MS refuses to do so.

    Actually, they do - one of the reasons XP's SP2 was so large was it replaced large portions of the OS and supporting code recompiled with safer compilers to reduce the possibility of buffer overflows. It's also one of the reasons some applications broken with SP2.

    Remember, a while back, you could use a specially crafted BMP image to trigger an exploitable buffer overflow. This is ridiculous.

    But not uncommon. A similar bug was also found in the GTK and QT libraries when dealing with PNG images not that long ago as well, IIRC (not so sure about QT). Buffer overflows are the quintessential unix error - hardly something found only on Windows.

    Don't encourage the user run as "Administrator". Heck, don't let him.

    I wouldn't say they *encourage* it, but I'll agree they don't do enough to *discourage* it. I can't agree with disallowing Administrator users altogether, either.

    The biggest hurdle to curtailing Administrator usage in Windows is the mod-boggling large number of software developers who are too stupid/ignorant/lazy to write proper code. Lots of applications seem to require Admin privileges to run, and the silly thing is the workarounds are generally trivial permissions fiddling that demonstrate the developer is simply doing the wrong thing (eg: Doom 3 "requires" admin access because it tried to write to a file in the program's directory - modify the write privilege for that one file appropriate and it runs perfectly as a regular user - I have to wonder of the Linux version is similarly broken and, if not, why not).

    This is less of an issue in a managed environment, as admins can make the appropriate permissions changes so the applications work and the end user need know nothing. However, in the unmanaged home user scenario, where the user typically isn't capable of making such changes, there's little option but to open everything up just so they can use these poorly written applications.

    Fundamentally, it's not a problem Microsoft can be held responsible for, or exert a great deal of influence over.

    Don't let fucking office macros write to the filesystem or exec() without popping up 20 warning messages.

    This is an Office issue, not a Windows issue Certainly, Microsoft is responsible for Office, and the wisdom of a scripting language that can do that sort of thing is questionable, but we're talking about *Windows*, not applications that run on Windows.

    Do something to the so called outlook address book so that not every fucking trojan can use it to broadcast itself.

    If you can think of a workable way to do this while retaining the usefulness of an address book, I'd be impressed. Besides, it's not like doing the equivalent on most other systems is particularly difficult - a simple grep command through home directories will get you a fairly comprehensive list of email address on most unix machines.

    Do not open RPC ports to the world. No, the dysfunct firewall that ships with windows (have they fixed it finally?) doesnt help.

    You have a point, but the firewall does fix it quite adequately by blocking any traffic.

    Audit *all* services that *could under any circumstance* be exposed to the outside world and harden them.

    This is happening. They're also (finally) starting to run listening services at low privilege levels (another change XP's SP2 introduced).

    Better wo

  7. Re:IE is not a Browser on Several Critical MSIE Flaws Uncovered · · Score: 1
    Using IE as a browser is like putting your OS on the internet. Be smart, use a PROGRAM, not your OS to surf the web.

    IE is a user space application, just like Firefox. There's nothing IE can do that Firefox couldn't, if similarly exploited.

  8. Re:Focus on content, not protecting crap on RFID Tags for Digital Rights Management · · Score: 1
    Your examples aren't very good. Bottled water, fancy shampoos, and cafe food, none of these things can be obtained for free.

    Water certainly can (or, at least, at a cost with the same principle that downloading stuff "for free" still costs for the internet connection).

    The other two examples are there to show how people are quite happy to pay more if they perceive a need, or for convenience.

    In other words, with the proper marketing and/or level of convenience, people will pay $X for something, even if they could acquire another product with vanishingly few differences for some amount less than X. The doom and gloom rhetoric of P2P killing "art" conveniently ignores the massive body of historical evidence contradicting its premise.

  9. Re:In-N-Out Burger!!!!! on The Worst Foods to Eat Over a Keyboard · · Score: 5, Insightful
    And people wonder why americans are so fat.

    No. No-one wonders.

  10. Re:Focus on content, not protecting crap on RFID Tags for Digital Rights Management · · Score: 1
    Oh, right, because people are just dying to volunteer to pay for something they could otherwise get for free.

    When it marketed appropriately, or convenient enough, people will happily pay for things they could otherwise get much cheaper, or free.

    Exhibit A: bottled water

    Exhibit B: fancy shampoos

    Exhibit C: cafe food

  11. Re:Two words: user error on Australia Says No To Spyware · · Score: 1
    Politically, Australia is pretty left of center compared to the American middle of the road.

    I think you'll find Australia is pretty much "middle of the road" compared to America's "well and truly right wing".

    I note that a similarly aligned Clinton administration put the DMCA into place.

    It's worth noting that in Australia the Clinton administration would probably have been considered right wing. The "similarly aligned" - as you put it - Liberal Party currently holding power in Australia is considered about as far *right wing* as mainstream politics here gets.

  12. Re:This is probably a stupid question, but... on Testing Pre-Production Servers Accurately? · · Score: 1
    If you want to implement caching for slow links or disconnected access as Windows does, that's fine, but copying everything over the wire everytime someone logs in is just stupid.

    And Windows doesn't - it only copies *changes* (although, obviously, if it's the first time a user logs in the whole profile will be copied).

  13. Re:This is probably a stupid question, but... on Testing Pre-Production Servers Accurately? · · Score: 1
    Perhaps its a reference to the fact that windows *copies* your profile to each machine when you log in and so if users have hundreds of megs in their docs etc.. then the network quickly becomes busy.

    It doesn't copy the whole profile unless the user is logging into that machine for the first time, it only copies changes.

  14. Re:what are those idiots in the schools smoking? on Roadblocks to Linux in Education · · Score: 1
    Bet ANY Linux user could switch to windows in no time.

    I'll bet you anything you want that won't be true if Linux ever becomes widespread.

  15. Re:what are those idiots in the schools smoking? on Roadblocks to Linux in Education · · Score: 1
    Unfortunatly it's ingrained in our culture. Australians have a lack of faith in our own abilities and power.

    This is not true at all. Aussies have a great deal of faith in our own abilities.

    What we lack is the desire to tell everyone else about them.

  16. Re:No, wait! on Internet Explorer's Share Dips Below 90% · · Score: 1
    No software company will EVER sell a browser that competes with a free-bundled IE, on the most popular desktop OS. If you force IE to become unbundled, there's a chance for competition. But you're still trying to force a market solution on a product, treating it like a commodity, when software should actually be treated like a service. (WRT the definition of "dumping" or selling below-cost, etc.).

    Yeah, and we should force them to pull out the calculator, notepad, DirectX, the TCP/IP stack and everything else as well. That way we can get some "real competitiion" for those things, too. I'm also sure consumers will love cobbling together their OS from 100 different sources so that every PC they sit in front of looks and acts differently.

    Personally, I can't wait - I just loved those days of spending hours twiddling DOS drivers, upper memory blocks and extended memory just so I could get the latest games to run. Not to mention the way many games only supported a small subset of the sound and video cards on the market - it was just like buying a lottery ticket !

  17. Re:What's this? on Your Hard Drive Lies to You · · Score: 1
    You know the type, the ones who never got past "I before E except after C" and get hung up on "wierd"

    I think you need to consult a dictionary.

  18. Re:Virus scanning is futile. Limit authority inste on Microsoft To Offer Virus Defense · · Score: 1
    Downloaded software should not be given the power to mess with your system in the first place.

    Congratulations, you've just condemned pretty much every piece of free software out there.

    To truly solve the virus problem, limit the authority of running programs.

    So your solution is for users to become computer experts ? Yep, I can sure see that being popular (not to mention, if they did that then current systems would be more than sufficient).

  19. Re:Being right doesn't stop you being a pedant (^_ on Your Hard Drive Lies to You · · Score: 1
    Now, according to you, the 14.4k should mean ~'14063' bits a second.

    No, it shouldn't. When dealing with metrics being measured in bits, kilo has had the SI definition.

    In fact, they've always measured everything except memory that way.

    Actually they've measured just about anything that would be measured as xxxx-bytes "that way".

    Your .5GB of memory may indeed be 512MB and 524288kB and 536870912 bytes, but it's the only thing that does that, except, oddly enough, some file and disk size measurements in the OS.

    Are we seeing the pattern here yet ? Like, maybe, that when data is being stored and referred to in *bytes* that kilo means 1024 ?

    Your 1Gb/s network card is exactly 10 times faster than your 100M/s card, not 10.24.

    That's because it's a measurement being made in bits, not bytes.

    And I think the fact people are arguing otherwise shows exactly why we need 'kibibyte' and whatnot, no matter how silly those names were. It's so bad it confuses us.

    I've never met anyone for whom it mattered who was confused about when kilo meant 1024 or 1000.

  20. Re:Some food for thought on Microsoft To Offer Virus Defense · · Score: 1
    And of course, Apache has vastly more market share than IIS (and always has), yet IIS is the security nightmare.

    Apache having vastly more marketshare than IIS (an assumption whose basis - Netcraft - is questionabe at best) doesn't really mean much when the "market" you're talking about is only a tiny proportion of the machines out there. 1 might be a significantly bigger number than 0.5, but it's still pretty small compared to 95.

    Not to mention IIS6 has an excellent security record AFAIK, and Apache machines make poor targets for exploitation for a variety of other reasons.

  21. Re:Some food for thought on Microsoft To Offer Virus Defense · · Score: 1
    Market share does not imply vulnerability.

    True enough, but it certainly implies a more attractive target, faster spreading exploits, more visible exploits, longer lasting exploits, harder to contain exploits and exploits more likely to be known.

    As another poster pointed out Apache is the dominant web server software, a widely available target. However, Apache is not attacked because it is harder to attack. When it is attacked it more robust. IIS gets attacked more often because it is easier.

    AFAIK IIS6 has a security record comparable to Apache's.

    Most of the DNS on the internet uses BIND. If the market share theory was correct the internet would be unusable.

    How do you figure that ?

    And while BIND does have some problems, it is robust enough to survive a harsh environment and coninue to make the internet useable.

    How does its "security record" compare to the alternatives ? Tgat is, after all, meant to be the point of your rant, isn't it ?

    If routers were as buggy as Microsoft software the internet would probably collapse.

    If routers were anything close to as complex as Windows, they'd probably be a lot more vulnerable.

    Those are 3 examples of where the market share argument does NOT hold water.

    No, they're not. Your "examples" are meangingless because you haven't actually bothered to compare attributes of the dominant packages to less common ones.

  22. Re:It should be part of the OS! on Microsoft To Offer Virus Defense · · Score: 1
    But, didn't the integrate IE with the OS so tightly that it also replaced parts of the OS?

    FFS. The complete lack of knowledge about Windows (and IE) here is disgraceful, given how much it is criticised.

    IE is nothing more than an OS module used for "web access". It's no different to KDE's khtml or OS X's WebCore. It's just like QT, GTK, glibc or any one of the myriad other bits of modular code out there programmers can use to add functionality to their applications.

    It wasn't in M$'s best interest to abstract the web layer out to the point where FireFox could actually replace the layer.

    IE *is* abstracted to that level. There's even a drop-in replacement for it somewhere that uses Mozilla's Gecko engine.

    It isn't a long road to the argument that M$ is pure evil.

    It's a very long road - and here on Slashdot, at least, it's paved with lies, ignorance and FUD.

  23. Re:It should be part of the OS! on Microsoft To Offer Virus Defense · · Score: 1
    It should be an entity that you can install when you so choose... it eats up memory, it always sits in the background...

    Only if you invoke it somehow. IE is a *loadable module*. It only "sits in the background" if you've done something to kick it off.

    Same with using Word to edit messages in Outlook. It's only loaded when you actually write a message, it's not running all the time.

    If it was Linux... you could chuck it all away and run your OWN chosen things.

    You *can*. Just install different applications.

    Click on a link in most MS applications, and it won't take you to your default browser (which is probably FireFox) but it'll take you to IE6.

    False.

  24. Re:No, not part of the OS, just fix the OS. on Microsoft To Offer Virus Defense · · Score: 1
    Hence the Unix model of user separation.

    It's hardly the "unix model". Unix significantly dumbed-down the ideas of privilege separation.

    Extended by OS X by having the OS password protected, even from the admin (admin has to give their own password to install updates).

    OS X isn't doing anything other unixes haven't been doing for a lot longer. It's putting a somewhat friendlier face on it, but it's not doing anything new. Sudo has been around since the early 80s.

    Combine with with having an install standard that makes it difficult to integrate their applications into the OS, and strongly suggests developers stay from.

    I'm not sure what you're talking about here, but it doesn't match up with Windows, OS X or Linux...

    Where DLL's are stored, who writes those DLLs

    Have been defined for, oh, over a decade now.

    The registry (one of the most backwards and overtly complicated things ever invented)

    Just because you don't understand it, doesn't make it bad.

    Not having a good default for applications to use temp space for profiles and preferences (making some applications only runable by the admin)

    This "default" has been defined by Microsoft for, oh, over a decade now. Just because application developers are too lazy/stupid/ignorant to use it, is not Microsoft's fault (nor something they can control).

    Purposely setting up the OS in such a way as to make where an application actually installs thing is hard to figure out

    Again, just because you don't understand it, doesn't mean it's hard. Of course, there's not much Microsoft can do to stop application developers spewing crap all over the filesystem if they want to.

    True user/OS/Application separation (all 3 in separate directories, with separate file permissions). This is very important. Applications do NOT belong in the same file structure as the OS. Period.

    Which is why separate locations for same have been defined in Windows for, oh, about a decade now.

    Equating ease of use with "less work" and trying to have the OS guess what the user wants to do and perform it for them. A lot of applications are prone to this and love to auto-open things for the user.

    And you *never* see this on other OSes, right ?

    Instead of fixing Windows, which is at it's very foundation flawed, MS buys an anti-virus company. MS isn't stupid, nor are it's employees. They have PhDs who know about these issues, but they are ignored in favor of very poor design practices that make an OS that is heavily flawed, and it shows.

    How is it flawed ? You haven't shed light on anything with your above statements except your ignorance of Windows. You certainly haven't come within a bull's roar of raising any "design flaws".

  25. Re:"Anti-virus software" != "Fixing vulnerabilitie on Microsoft To Offer Virus Defense · · Score: 1
    Except there are more unpatched root vulnerabilities on Windows than Linux.

    Evidence ?

    Do I know which ones? No - because they haven't been discovered yet.

    No, I didn't think you had anything apart from meaningless rhetoric.

    But based on MS history, they will be. Far fewer will be found on Linux and they will be patched quicker.

    I think you'll find the proportion of privilege escalation exploits is weighted far towards the unix side of the equation.

    And your suggestion that there are no hooks into system space is just plain stupid. Currently patched systems do not count - it's the future holes that count.

    Then, presumably, you have some evidence to support your assertion ?