Slashdot Mirror


User: Junta

Junta's activity in the archive.

Stories
0
Comments
6,549
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 6,549

  1. Re:Of course. Open source rarely gets the GUI righ on Chinese Pirates Launch Ubuntu That Looks Like XP · · Score: 1

    The typical "open source" solution to a badly designed GUI is to make the GUI reconfigurable, with "skins" or "themes". This is an admission of failure.

    While a poor default for a general populace is bad, giving the user the control to theme is hardly an admission of failure. By that measure, the fact that third-party themes/skins are hacked into MS and Apple products mean they fail too. The fact I can buy different color siding for my house suggests failure in creating my house appearance. Being able to buy a sports car in multiple colors would represent admitting failure. Simple fact is that humanity has a varying set of tastes and inclinations, enabling people to tailor something to their needs is not a bad thing.

    I can't speak to Blender specifically, but I have heard it compared to vi vs. gedit/notepad. If that is the case I can respect Blender for their UI design catering to experts at the expense of an easy learning curve. Sometimes it's impossible to do both in a single project, so you leave one (possibly more popular) paradigm to competitors while you focus on delivering on your own interface paradigm with its adherents.

    This comes from a design flaw of UNIX - when you run a subprocess, you can pass in a list of arguments, but all you get back is an exit status and maybe a text stream. "exit" should have had "argc" and "argv" parameters via which the subprogram could return structured results to the caller.

    This is a total mischaracterization. I have seen the UIs you describe and it is about laziness rather than failure of the wrapped CLI. Windows and OSX has these too (not first party, but one particular *commercial* OSX app I can think of just is a wrapper for ffmpeg CLI utility that acts like this). Don't blame Unix for simplified exit codes (seeing as how any C program falls into that for 'exit', which is not crippling). Besides, OSX is a Unix too The problem is that the GUI designer opts not to think about the meaning of output and just dumps it to user. If they had a theoretical argc/argv structure passed back, they'd just dump that too, with no extra effort. The simple fact is that there are three free-form streams to communicate with an external program (stdin, stdout, stderr) which can encode arbitrary complex structures for CLI wrapping. A good CLI frontend can do a lot with this facility if they so choose, but the typical thing to do for a more 'integrated' experience is to select a backend with functions exported via API rather than wrapping a CLI. This is the same regardless of platform or project, and as my example points out above, this is *not* any more strange or different in Linux than OSX or Windows.

    For a painful example of this problem, make a wireless network connection with a Linux EeePC.

    I can't speak to the EeePC experience first hand, but I had heard that the platform was full of amateurish hacks relative to other efforts out there. Linux has no barrier to entry, allowing even the most amateur efforts to potentially get rolled out in a high-profile scenario, which is risky from a 'marketing' perspective to the 'Linux' platform. This may be a good reason to refer to a platform as 'WebOS', 'Android', 'SuSE', 'RedHat', 'Ubuntu', or whatever first and 'Linux' a relatively distant second when dealing with a less familiar audience. A Gentoo Box is markedly distinct in end-user experience from a Palm WebOS device, so blanket statements about how Linux overall 'doesn't get it' (or 'does get it') are not possible to feasibly back (except maybe talking about low-level details of exceedingly common components like the kernel/glibc or vague commentary on the philosophy, but that's rarely the subject of discussion). It's like saying OSX 'doesn't get it' because you tried a random guy's weeked XCode project and it was a simple piece of crap.

  2. Re:binary drivers on Gnome Switches Nautilus Back To Browser Mode · · Score: 1

    Note the emphasis on older hardware. I have a network adapter card that will not work with Windows 7, Windows Vista, or any 64-bit variant for that matter. The manufacture EOLed it years ago and didn't do driver updates. The driver is still present in even the most bleeding edge linux development. In response to the FUD that printers,scanners, cameras, capture devices, and video cards are problematic, I received a random digital camcorder from a relative who knows zero about my linux usage. Plugged it in and could instantly manipulate the movies. I bought a random Brother scanner/printer/copier, and plugged it in and it worked fine. I am generally careful to stick to ATI or Intel (though I have no technical issues with nVidia cards, more philosophical), but haven't had a driver issue with them yet. I also have a random cheapo digital tuner card in my system for capturing digital TV and recording in MythTV, no problems there. And while I'm at it, my last system came installed with a memory card reader that I didn't give a second thought to and it just worked. From a technical standpoint, things are mostly in order. I will actively seek out a generic assurance of linux support on the label and prefer a vendor that will explicitly declare that, but I'm not horribly dissuaded by the absence of such an explicit declaration and that hasn't bitten me yet.

    On software, it's a mixed bag, but you do admittedly have to go further back. I have a copy of Myst (or one of the variants, I can't recall) and on a whim I tried to install it on a Windows 7 system. It simply refused to work correctly (I actually found a lot of forums talking about it and many giving up). Incidentally, this also wouldn't install in WinXP, Win2k, or any NT kernel system. Wine, however, started up fine. As far as linux backwards compatibility with native apps, I have a Quake 3 CD I purchased long time ago (when Loki was still alive) and it still installs and runs. As far as drivers go, yes, the kernel has a moving API, but glibc and most libraries do a very good job of backwards compatibility, even at the ABI level.

    I don't know how many distributions there are and I don't care. As far as my world goes, I know Canonical, Novell and RedHat exist and that's all I must care about (most software vendors that actually do linux actively pay attention only to RedHat and *maybe* Canonical, and end-users can blissfully ignore all but one if they so choose). I am so sick and tired of this argument, as sick as I'm going to make people of car analogies. Do you find yourself crippled and unable to buy a car because there are so many different manufacturers on the market? Do you feel unable to evaluate the usefulness of a Dodge Ram for your purposes because out in the world the Daihatsu Hijet exists? Is it required that you either evaluate every possible vehicle in the world for your use before making a decision or otherwise forgo the decision entirely?

  3. Re:why anyone would use gnome is another question on Gnome Switches Nautilus Back To Browser Mode · · Score: 1

    There have been platforms with that sort of sensibility (Free, but willing to compromise) and none have taken off in a wide scope as much as Linux has. Either that philosophy just automatically draws the talent or else companies are actually being forced to reciprocate has had a positive impact whereas platforms willing to compromise end up with proprietary companies ripping it off and generally not contributing back. It could also be that by not nailing themselves to any ABI (hell, API is in flux sometimes too) that they are able to make advances that other platforms have to forgo for the sake of backwards compatibility. I'm not exactly sure how it works, but the relative technical success of Linux is at least partially attributed to the ideology, and I seriously doubt an ideology change would have resulted in a 40% market share on the desktop. I'm not sure there is anything that would get 40% on the desktop (it's not a technical issue so much as a business and momentum one), and I don't know if that is really important. Note this is all focusing on the desktop since the server space has seen wide adoption of Linux based systems, and I presume you wanted to ignore that.

    For another point, I don't know if there is much a point to Linux if you allow too much of the core concepts to change. The point is having an alternative, and one huge part is that most drivers will continue to exist and be maintained even if the vendor goes under. I like Linux the way it is for my desktop, and I don't want to compromise my experience for the sake of adoption by people who already have platforms that make them happy that do not satisfy my needs and preferences.

    Also, Linux 10 years ago was both much harder to use, less featureful, and had much lower penetration than it does now. 10 years ago you'd be hard pressed to find a linux install without the end-user compiling a large part of it from source themselves. You had Gnome 1.x, but admittedly a respectable KDE underway. You had no automatic hotplug device handling in a 'desktop' style (admittedly, hotplug devices were rare too). You had no anti-aliased fonts, the installers asked a ton of questions, complex package education and selection was pretty much a must to install. No one could be spared from the CLI. Now, I have handed people recent Ubuntu discs, and they installed on their own no problem, with few simple questions and presuming a bunch of defaults. They plug in a camera and it offers to open a photo manager for them. They visit a web page with flash and it automatically prompts for approval to install the plugin. Most don't know what the CLI looks like, though those that do appreciate the power and don't feel they need it to compare with Windows GUI. Even I haven't compiled a single app on my systems in a long time. To begin to claim it is no better than it was 10 years ago is horribly ignorant. I also note that all this was accomplished without compromising my choice to do it the way I want, I can opt to ignore any one of these advancements at my option and continue using modern software with the features I like cherry picked and still use it the same way as I did 10 years ago if I so choose.

    Finally, there is a lot of business motivation to release code and/or specs for hardware products. If I am selling a piece of hardware and I can target a platform in which I can offload a large chunk of my development expense to a community, that is pretty compelling. I'm not selling a software package, I'm selling a hardware product for which software development is nothing more than a necessary evil from a business perspective. I just installed an adapter I had on a shelf for 6 years into a brand new linux system. The company providing it EOLed it years ago, it won't work in any Windows version newer than XP, and never will. However, the Linux driver is open and in the mainline kernel, and despite no official funding or investment, the community has effectively extended support for the equipment into the modern age. Making a promise of con

  4. Why HTPC? on Where Are the Cheap Thin Clients? · · Score: 1

    'Thin-client' goes a bit far there. My HTPC is a diskless client that netboots a MythFrontend. This way, I transfer the pre-compressed streams (which will always be able to be more efficient than any real-time compression) to my box. The box has no storage and the computational complexity required is sufficiently low to avoid overly loud noise.

  5. Re:perl 5 versus ruby versus perl 6 on The Perl 6 Advent Calendar · · Score: 1

    I will say he was overly dismissive of python and ruby, but there is a kernel of truth there. Beware of any language that is a current fad. No matter how good it is, it will be advocated and tried to be used even in places where it doesn't make sense. "Ruby on Rails" did that to ruby for a time (not sure about now) and Python is still very much in the fad stage where a recommendation should be noted, but taken with a grain of salt. I'm not saying this doesn't happen for languages that aren't "hip" (for example perl), but it is a bit less prevalent.

    Personally, I think people get too worked up over other people's choice in programming language. At the end of the day, most are equally capable given the right knowledge and resources.

  6. Re:That cloud word again on The Cloud Ate My Homework · · Score: 1

    You can replace the notions of varying editions of MS office with hypothetically equally heterogeneous 'cloud' solutions and have the same (or worse) problem. I.e. if some of your team purchases a cloud offering, they may not even be able to send the data at all if they chose a solution that doesn't implement data export (hypothetically), and if they do export data, it's back to the same scenario as disparate apps. Everyone seems to presume that 'everyone use Google docs because it is free' would hold, though they explicitly call out MS office version differences when openoffice.org is a free office suite that everyone could use, but doesn't.

    The fundamental problem does not change, it's just that everyone is pretending that Google docs is the only thing anyone would use. Somehow, everyone recognizes MS being a monopoly as bad, but then most people happily say 'just use google for everything'.

  7. Patent System stacks the deck... on Recipient of First Software Patent Defends Them · · Score: 1

    We all bemoan the software patent situation largely because it's a market with nearly no barrier to entry otherwise, but the system isn't good as it stands for physical inventions either. Infringing a copyright is hard to accidentally do, but infringing a patent accidentally represents a huge risk to someone. Even if you didn't think it was patentable, if it hits you, it will be pricey to defend yourself even if right. Exacerbating this problem is that patents are extremely long lived given the general rapid pace of the software market (don't have to invest a lot to 'ramp up' production, delivery to customer is potentially instantaneous, even if it takes you a full year from patent filing, you can probably earn the worth of it in five years or less.

    Assuming you do have a unique and genuinely innovative idea, unless you can tap the resources of a large corporation who will assume ownership of your idea, it may be prohibitively expensive to get one as an entrepreneur. Assuming you do have the resources to acquire a patent, the process takes a relative eternity to get approval. If you need to go to market *now*, you have to run under the hopes that your patent will be granted. In the intervening area of time, competitor's may bet you won't get it and drive you out of the market. Even if you eventually will get the patent, that competitor may drive you out of business before your chance to seek damages comes (even if retroactive, the damage is done). Assuming you make it to market and have the patent granted, going after a large company is also likely not to work relative to a large company going after a small company given the legal resources available. So a good shot at patents require the resources more available to large companies, and the patience of a large company that has enough bankrolled that can afford to be patient, and the resources to defend that patent vigorously.

  8. Re:openness(Google) vs. openness(Microsoft) on Google-Microsoft Crossfire Will Hit Consumers · · Score: 2, Insightful

    If Google successfully challenges Microsoft's dominance on the desktop/netbook area, it will look like ChromeOS, which I'm not crazy about. I also fail to understand the relative effort of enthusiasts to get ChromeOS to run in platforms now, considering the platform is very much geared to a different audience and intentionally limits the user experience rather than enriching it. I was confounded enough to see Android awkwardly put on larger screens, but ChromeOS is ludicrous. There is an unhealthy amount of affection for Google that people really need to step back and re-examine.

    A world where the platform is little more than a fullscreened web browser pointed at Google's servers holding your data isn't particularly appealing compared to Microsoft's platform monopoly where they do exert unfair influence over the applications that run on a system, but, relatively speaking, doesn't have so much control over my data.

    A world of software-as-a-service (where I don't persistently own anything, just rent access to it), where my data is mined by whoever for marketing purposes, I do not see this as particularly appealing alternative to MS dominance. I know MS probably feels gypped that they must figure out some way to extract money from customers as they run low on ideas whereas Google's funding model is such that so long as they maintain the status quo and no one dislodges them, they could sit on their laurels and their revenue stream would be steady, and as such would love to move to charging monthly fees or ad-supported application access.

    So far, the only contender I'm comfortable with is Canonical at this point. Apple and Google both I view as a worse-than-MS endgame if their current strategies are brought to the ultimate conclusion (Apple's ideal platform is more locked-in than MS, Google wants all my data and uses applications that I cannot use beyond any active business relationship with them. RedHat invests in some interesting long-term efforts, but makes short-term decisions I disagree with and generally expresses disinterest in the desktop experience. Canonical seems to be the only one with a hopefully viable strategy that doesn't end in me getting screwed. They want a particular market, recognize it is not viable without a market share in a market segment they can't commercially target, and as such they keep the platform free and recognize services as the market to extract funding from, banking on community efforts to flesh out development.

    BTW, on the android platform aspect, I was surprised to find I had more open access to my Palm WebOS than my friend could get to his Droid.

  9. Re:Good grief! on Hacker McKinnon To Be Extradited To US · · Score: 1

    It was intended as parody (as I thought my subsequent paragraphs made clear) of what I hear from most self-proclaim Asperger's sufferers. They read a paragraph on Wikipedia or take some lame quiz and suddenly they know they have Asperger's. If I hear someone say "I have Asperger's", odds are they have no sound justification for the claim. Even amongst those who have a diagnosis from a medical professional, in the case of something like Asperger's, I think some doctors just cave to whatever the patient wants to think as they often do over diagnoses without extremely dire prognoses (for example, I had a friend who 'knew' they had swine flu, the doctor said 'ok, you have swine flu', knowing the actual test and determining the absolute truth was of no significant importance. I can imagine for something like Asperger's it being even easier to just cave than deal with an insistent patient.

  10. Re:Good grief! on Hacker McKinnon To Be Extradited To US · · Score: 0

    Hey, Asperger's is very important. I should know because I have it, self-diagnosed.

    Some may be skeptical, but I'm an asshole who thinks he's smart, what other possible cause for that is there other than Asperger's?

    Seriously for a moment, my skepticism meter goes off the charts when I hear anyone claim to be afflicted by Asperger's. An excuse for being a self-absorbed jerk while simultaneously implying high intelligence with vague diagnostic criteria? Talk about begging everyone to be diagnosed with something. Haven't seen something this widespread since ADHD in children...

  11. Sooo... on No More Fair-Price Refund For Declining XP EULA · · Score: 1

    If I wanted to buy a copy of XP, I should be able to get it for $6?

    I implore the laptop manufacturing sector to make more than token offerings of linux on your products. Every time I look for a laptop with linux preloaded, they are all very specific models with unappealing specs compared to the full selection available with Windows. If I were cynical, I would presume your linux offerings are intentionally screwed up so as to give Microsoft marketing material about how unpopular linux computers are. Oh, what the hell, I am that cynical.

    I would have the same problem in the desktop sector, except I assemble my stuff piece-wise.

    Typed from a linux laptop with a Windows Vista sticker still on it.

  12. Re:Microsoft Essential Business Server on Best Practices For Infrastructure Upgrade? · · Score: 1

    seriously, do you have no other work than to troll a Microsoft guy trying to make a suggestion to use a product that will actually solve the poster's problem?

    It's a weekend and I'm bored ;) More seriously, my intent was to explain to you how your wording comes off as a sales pitch rather than a viable recommendation coming from a technical guy. If you want to advocate MS solutions, fine (though I'm not personally a fan), but be aware that your current wording doesn't sound like the other participants in the thread, and sounds like astroturf. So while you may not be astroturfing you sound like it, and at the same time, there are probably VMWare astroturfers in the thread, but they don't sound like it ;)

  13. Re:Microsoft Essential Business Server on Best Practices For Infrastructure Upgrade? · · Score: 1

    If you have heard of Small Business Server, Microsoft just released a 3 server solution for businesses of your size called EBS

    Then if I haven't heard of Small Business Server, MS didn't release EBS? That's a cool trick.

  14. Re:Microsoft Essential Business Server on Best Practices For Infrastructure Upgrade? · · Score: 1

    If you are in a purely technical role, then you may want to spend a little time away from your sales/PR people and marketing material. The recommendation or discussion of EBS may well be on topic, and as you say other specific branded technologies (many of which I think are inappropriate) are discussed, but it is less about the core content and more about the wording of your post. It sounds less like an informed user of the project and more like an infomercial. It's worrisome that even if you didn't say "I AM AN MS EMPLOYEE" that your post screams it for you (btw, I personally always declare first thing my employment bias when discussing my company, but I avoid participating in discussions about my company as much as possible as I know my perspective is skewed and may be inappropriate for most discussions).

    The word choice and phrasing trended toward overly long and consist of buzz words more than I would expect most posts in this area to trend. You also took the opportunity to throw in other Microsoft branded services whereas the submitter didn't ask about them (AD, SharePoint, IIS). While others will throw in the phrases like 'vmware is useful for this' (I disagree that this is the case, but that's an opinion seen here, with the length and type of language roughly representative), they didn't say things like 'VMWare recently released their vSphere architecture which encompasses their ESX family of technologies together with the vCenter management solution to help you with your business requirements while acheiving lower TCO utilizing vMotion, HA, and FT features to drive your availability. You'll be able to provide your users with a next-generation experience that they want and you'll have more time to address forward-looking challenges. If you choose vSphere, you can focus on what is really important in your business and really be a hero!'. Yes some of the VMware recommendations may be astroturfing, but it doesn't stick out like a sore thumb.

    Additionally, making a big point of password reset as a big feature to be captivated in the field of self-service seems odd, since that has been a long time feature of most every password system for a long time, and thus people have little reason to be impressed by it.

  15. Re:Why all the VM hate? on Best Practices For Infrastructure Upgrade? · · Score: 1

    The problem is Virtualization is a hammer, and too many people assume every problem to be solved is a nail. The (occasionally excessive) VM hate is to offset irrationally excessive VM love. Virtualization in some cases can be more expensive, less efficient, decrease performance needlessly, and incur more management complexity rather than reducing. It shines in aggregating platforms that are not similar enough to run on the same hardware concurrently and some simplifications when dealing with different administrative users with different permissions. It has a use just like it has had a use ever since it became commonplace in mainframes, it's just not the end-all, be-all of IT solutions as VMware wants the world to believe (VMware is not the only player in the game, but they are a one-trick pony and as such feel the need to frame everything as a virtualization problem moreso than other virtualization vendors).

    If you have an email and webserver both running the same operating system on separate servers and wish to aggregate, Virtualization is not nearly as frequently the best option as proponents suggest. If the OS is commercially licensed, you incur increased cost for the extra instances. If using a commercial virtualization solution, you are paying extra for that platform. Instead of managing 1 os instance you must manage 3 os instances (the hypervisor platform and two guests in my example), incuring extra OS management overhead. If you have disparate OSes, that may be a valid place for virtualization. If your administrative staff is sufficiently convoluted that you need to give administrator privilege in a manner more fine grained than the chosen platform allows in a single instance, it can make sense (hosted servers and thin clients can make a lot of sense for this reason).

    If your admin team is one to a handful of people with equal access serving a company of 150, consolidating services doesn't have to mean maintaining independent OS instances. Modern OSes have for a long time allowed for concurrent services to run at the same time with proper isolation, and yet many seem to think an smtp process and a caching nameserver *must* run on different 'systems'.

    People seem to forget about application level failover. The 'hard' parts mostly have to be solved for HA virtualization case (redundant shared storage being a big part of that, and admittedly VMWare comes with a usable SAN filesystem and some other platforms don't come with that out of the box), most network services are sufficiently stateless that the same redundant storage configuration required for VM HA can be used directly with mere IP takeover for sub-10 second downtime at overall reduced cost. In Virtualization, without a heavily stripped down platform, the HA will be slower (except the admittedly nifty FT stuff, but that is a relatively tall order as implemented today) and more expensive. Some services persist state in a manner where it is unavoidable to shell out money to do HA at the application level, and then it may warrant an analysis of which approach is appropriate, but those services are in the significant minority.

  16. Astroturfing.. on Best Practices For Infrastructure Upgrade? · · Score: 2, Insightful

    If MS is going to astroturf, you need to at least learn to be a bit more subtle about it. That post couldn't have been more obviously marketing drivel if it tried. Regardless of technical merit of the solution (which I can't discuss authoritatively).

    The post history of the poster is even more amusingly obvious. No normal person is a shill for one specific cause in every single point of every post they ever make.

    To all companies: please keep your advertising in the designated ad locations and pay for them, don't post marketing material posing as just another user.

  17. Re:Probably forgo virtualization on Best Practices For Infrastructure Upgrade? · · Score: 1

    And it *should* go without saying, but just in case: none of this excuses a good backup plan. HA strategies will dutifully replicate incoming data into all the redundant copies as fast as it can to recover from hardware/os/service death as fast as possible. This includes propagating an accidental deletion or corruption as fast as it can.

    Something like ZFS or rsync with hardlinks for incremental is a good first line of defense, but you should have a backup plan with removable media that can be taken offsite and also means that no matter how bugged/fubar your backup solution is on tuesday, it can't possibly corrupt your monday backup.

  18. Probably forgo virtualization on Best Practices For Infrastructure Upgrade? · · Score: 1

    If the administration 'team' has equal access to all the services today on disparate servers, I don't think virtualization is necessarily a good idea, the services can be consolodated in a single OS instance.

    In terms of HA, put two relatively low end boxes in each branch (you said 7 year old servers were fine, so high end is overkill). Read up on linux HA which is free, and use DRBD to get total redundancy in your storage as well as a cheap software mirror or raid 5. Some may rightfully question the need for HA, but this approach is pretty dirt cheap at low scale.

  19. Re:At the risk of being flamed to hell on Fedora 12 Package Installation Policy Tightened · · Score: 1

    It is a horrible horrible horrible default. Provide the capability so those infrastructures that really want it can make an *informed* choice to do so, fine.

    You don't have to give people *full* root privileges, you can selectively give them access through sudo to use a package installer that only works with signed packages. Though fedora emphasizes 'su' style privilege escalation which has no granularity, 'sudo' style gives the granularity required. The credential of 'oh, I happen to be at the 'local' screen' doesn't make sense for this sort of activity. On a desktop system absent of a larger administration team, the first and nearly always only users gets to be admin. In a larger environment, use group memberships to do this sort of thing, but in all cases prompt for the users password.

    Fedora's overlooking sudo as a primary part of their privilege escalation strategy is a huge mistake in my opinion.

  20. Line crossed.. on Fedora 12 Lets Users Install Signed Packages, Sans Root Privileges · · Score: 3, Informative

    I undestood locality to console as an 'authentication' scheme for reboot/shutdown -h now. That is a transient state change with, in theory, no lasting effects on the underlying platform. The slight risk of temporary DoS is taken understanding that the user would otherwise resort to ungraceful use of the power button.

    I understand the use for removable media, where the owner of auto-plugged media is assigned to the 'console' user. Persistent state change is possible, but restricted in scope to a removable device that someone at a 'console' controlled physically anyway.

    However, this is a mechanism that allows a user to make persistent state changes to the 'root' owned content. This is simply not acceptable. The act of installing software is rare enough so the password shouldn't be considered horrible, and no worse alternatives are likely if a user cannot install the software conveniently.

  21. Re:LOCAL USER ONLY, AND SIGNED PACKAGE ONLY on Fedora 12 Lets Users Install Signed Packages, Sans Root Privileges · · Score: 2, Insightful

    Either that, or someone able to fool the checks for console ownership (one of the points in the email thread were that the checks weren't sufficiently robust for their comfort).

    Every package from the project is signed. It doesn't 'lose' its signature just because a new rpm exists in the world somewhere that fixes a vulnerability. So a system that doesn't want to run 'extremeliabilityd' and opts not to install it at all, could be compromised anyway.

    Why would one want to imitate the Windows 95 model for deployment security?

  22. I don't get it... on Fedora 12 Lets Users Install Signed Packages, Sans Root Privileges · · Score: 1

    If it *is* a desktop scenario, then controlling it via sudo shouldn't be a problem. If you don't have sudo access, I don't see why you should get to install packages...

    Second, a vulnerability is found in an apache package in fedora 12, and the repo is fixed, but vulnerable versions from release may be had by crackers. A fedora server with multiple users that doesn't happen to have apache installed is vulnerable to having the vulnerable package injected by an untrusted user.

  23. Re:Great work! on Fedora 12 Released · · Score: 1

    That's fine to an extent, but I would find it more 'honest' to ship explicitly with a 2.6.32rc rather than saying 'oh we are using 2.6.31 (except where it isn't really)' if they simply couldn't stand to wait for the RC featureset to make it to release. I recognize Fedora is a bleeding edge distro, I just want to raise wareness, and making it more plain that you are 'shipping' pre-'release' upstream software shouldn't deter your target audience and wouldn't suggest a misleading state of 'mature' upstream usage.

  24. Re:Great work! on Fedora 12 Released · · Score: 1

    Nowadays, I don't use Fedora or nVidia, so I'm good now. ATI packaging of drivers is more distro friendly (I don't *have* to wait for a third-party repo to package it for me, though that isn't Fedora's problem to fix).

    I'm aware of rpm fusion, I even mentioned it by name. I don't think it's a very user-friendly approach though, but the goal is to 'bully' the proprietary vendors to do it the better way, and I can see that as an important goal, just not one I want to deal with the hassle to achieve.

  25. Re:RH backporting debacle .. on Fedora 12 Released · · Score: 1

    I honestly don't, do you mind providing a link. Did people come in one morning and find their gcc 2.96 had automatically upgraded itself?

    This was relatively back in the day, but the GCC maintainers still have their page up:
    http://gcc.gnu.org/gcc-2.96.html

    RH decided they were impatient with gcc 3.0 and just plopped down a random cvs snapshot in their distro, much to the chagrin of the gcc community.