I, like most gamers, don't care how many companies are making what they call "3D graphics cards". I think it was the S3 Virge chip that the company called a "3D graphics card" but the industry called a "3D decelerator", since actually using the card's hardware was slower than software rendering on a PII. I care how many companies are making good 3D graphics cards.
And that number's only going up. First there was the Voodoo, the Voodoo, and only the Voodoo. If you wanted a choice, you shopped between different cards with the same Voodoo chipset. If you wanted a high end card, it had TV out.
There was much rejoicing when the TNT came out and started heating up the graphics card competition... and even Matrox seemed to want to do 3D, although it took them until the G200 before they even had an OpenGL driver using their card... but now they have the G400, and their card's actually good at it. For people buying a new system, it's generally worthwhile to look at the Voodoo 3, TNT 2, G400, GeForce(of course), and ATI cards... and that's a good thing.
I was in the middle of mirroring the documentation, and suddenly www.usb.org is unpingable. I assume this is because someone over on their end noticed the massive hard drive churning, and the flood of wget clients in the server logs. If this is actually the result of some losers DOS attack I'm going to be annoyed.
Think about it - if they were going to port Microsoft applications to Linux, why wouldn't they start with Internet Explorer, which already has a Solaris port, and just type "make"? Sure, porting from Solaris to Linux could be more difficult than that, but not much, and the biggest difficulty would be the different endian architectures, something they'd have already figured out with the Windows -> Solaris/Sparc port.
Or for that matter, why not port Windows Media Player? They could reuse code from the Linux port of NetShow that got killed a while back.
Hell, while we're on the subject of Unix ports, why did they port IE to Solaris/Sparc and not Solaris/x86?
Simple. Microsoft isn't in business to let it's application development teams build up more competition for it's OS development teams. Solaris/Sparc runs on obscure hardware that NT can't? Fine, give them an IE port and hope that the accelerated death of Netscape will outweigh the few lost sales of NT/x86 workstations. But practically every copy of Solaris/x86 (and Linux) in use means one more Intel system that won't see NT installed, and so no ports for them.
It would be a retarded decision for Microsoft as a whole to spend resources on a project whose net outcome is to make their most dangerous competitor much more viable in a much wider market. In 4 years, when KOffice (and maybe Corel Office, if it ever ships) is kicking ass, then maybe Microsoft will port Office to try and keep marketshare. Even then I doubt it.
I always thought (and I suspect this goes for most people) that the first time the GPL was challenged in court it would be by some massive corporation stacking high-priced lawyers up against whatever trickle of legal funds the FSF could provide to some starving Linux programmer.
Now, instead, it's some starving programmer trying to rip off John Carmack, a recognized programming god among both Windows and Linux users, and a man with a successful company and a Ferrari collector's level of personal wealth backing him. Sweet. Could we ask for a better opportunity to get some legal precedent to back up the GPL? I'm sure Slade will back down... but ironically if he really "is a strong supporter of the GPL" the most helpful thing he could do is throw away a bunch of money on legal fees and lose a court case attacking it.
He should lose, of course. He claims:
To download binaries or proceed into this site, you have to give up your rights under the GPL.
Whereas, the GPL claims one of the conditions of distributing binaries is:
b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License.
That's it. Either you distribute modified work under the same license or don't distribute at all.
Otherwise you make Carmack mad. And between the Quake player and the Linux advocate in my soul, there's some kind of sweet righteousness in the image of Carmack pouring a can of whoop-ass on a GPL violator.
The biggest complaint I hear about C++ (and agree with myself, depending on whose code I'm reading), is that it gives you enough rope to hang yourself, your company, and your close family.
Unfortunately, while it's easy to give a language new features without harming backwards compatibility, it's a lot harder to take things out. Are there any features that, in hindsight, you wouldn't have put into C++ to begin with? Are there particular features (templates keep coming to mind) that you would advise inexperienced programmers to avoid?
And remove unnecessary services, of course, but simply keeping your system up to date is the most important way to avoid having it compromised. You didn't say which Unix you were using, but all the major Linux vendors have security mailing lists and I can't imagine the BSDs and proprietary Unices lacking the same.
Having a genuine hacker reverse-engineer a bug in a network service and turn it into a root exploit against your system is very rare; I've never seen it done. Having a script kiddie use that reverse engineering to automatically probe and attempt to crack entire blocks of IPs, on the other hand, that happens every day. The trick is to get the bugfix installed before the kiddies start trying to exploit it.
Start out by removing all network services you don't need and using TCP wrappers to limit access to the ones you do need. A firewall wouldn't hurt, but is probably overkill. Then get onto one of those security mailing lists and make sure that no alert goes by without you either disabling the compromisable program or installing a secured update.
That's about all you need to worry about. Most systems that get broken into are cracked simply because their owner never heard about an imapd exploit 6 months before, shouldn't have been running imapd in the first place, and so wasn't ready when the script kiddies started port scanning for it.
And look, you got knocked down to a zero yourself! It must be a conspiracy. I demand that the moderators mark me up to a 2 to make up for this outrage!
(Note: hit the link on the comment ID number and you can see it's moderation history.)
Since nobody else seems to have the full thing posted yet, and it's funny:
Tired of collecting Beanie Babies and Pokemon cards?
Christopher Robin called last night complaining about the lack of collectibles pertaining to the famous "Pooh" show. Eeyore, of course, said, "I dooon't knooow aboouuut this".... But what does Eeyore know anyway?
The result:
PIGLET
This is no ordinary pig! Stand back folks, he's large and live and ready to rumble. This pig is knocking back CPU loads of 99 whilst having tea and crumpets with Pooh Bear. This bad boy eats Lizards for breakfast and spits out kernel patches. Approach with caution, he could be dangerous!
PIGLET: Your once in a lifetime chance to have this rare collection!
This is a limited time offer, when we run out of bits, they'll be gone forever. Don't miss out folks, the Internet lines are lighting up, they're going like hotcakes, and we can't guarantee availability on this item for very long! Similar items we have provided in the past are now going for over a ONE MILLION percent gain on the original price tag of $0.
PIGLET includes the following new features:
- A new and improved Anaconda [tm] installer - Partitionless installs - Improved X Configuration - Additional GUI Partitioning tool - Software RAID Configuration in Kickstart Installations - RAID upgrades - ATAPI Zip and Jaz Drive Recognition - Rescue Disk Improvements - It works! - Rescue via the installation CD - Pico on rescue disk - mtools on rescue disk - Kernel 2.2.15 - Enhanced Software RAID - P III Enhancements - New web based High Availability Configuration Utility - Kerberos Integration - New Window Managers - New desktop backgrounds and themes - Docbook tools - Standard Samba mounts in/etc/fstab - Smaller minimal install - Separate client/server packages for servers:
PIGLET, pick up this rare find at:
ftp://ftp.redhat.com/pub/redhat-6.2beta/
Or at a mirror near you! A list of Red Hat ftp mirrors can be had via your web browser of choice at:
PIGLET is available now for Intel, Sparc and Alpha architectures. PIGLET is ONLY available through the Internet, and ONLY for a limited time!. This is a beta release of Red Hat Linux, and we don't encourage using this for mission critical applications. However, like most Red Hat beta collectibles, it is very usable for:
1) Testing those new holographic storage devices 2) Installing on all of the machines in your favorite lab 3) Seeing what that "Linux thing" is really all about 4) Preparing your thesis on "Works in progress"
We have created piglet-list for discussion of this beta release. To subscribe, merely send a message to piglet-list-request@redhat.com with the code word "subscribe" in the subject line, respond to the confirmation message request, and enjoy hours upon hours of entertaining and useful messages from hackers trying to make this thing fall down go *BOOM*...
(With a special thanks to home shopping channels everywhere!)
Will we see any "I didn't get MS Office, but $80 of my tuition went to subsidize this guy's copy" posts in response?
It's a beautiful setup for Microsoft. Lower the apparant price, and you reduce people's incentive not to buy MS software. But you've got a deal with the school, so you get paid for all that software anyway. Everybody wins, except for those people who still don't buy MS products.
What is the GPL but a very restrictive license then?
A very unrestrictive license.
Think about it. Every license starts at what you get with copyright law. Every EULA-esque license out there wants to *take* away those rights:
"You have a license to use this software, but: You can't disclose performance benchmarks. Or you can't make a backup copy. Or you can't disassemble it. Or you can't run it in an emulator or an unlicensed player/computer." Or whatever they can think of to push the limits: "You can't read it's files with a competitor's product. You can't store it's files on a competitor's server. You can't use it except in conjunction with the following list of other software. We can remotely disable it if we believe you have broken this license. You must succumb to the power of the Dark Side."
With the GPL, on the other hand, "You have a license to use this software. You have all rights copyright law gives you with this software. In addition, you get these rights: The right to modify or recompile the software and use the modified software. The right to distribute the software or it's modifications under the GPL, as long as you distribute the source as well upon request. The right to charge a fee for that distribution (not for the license or the source code, though)."
In other words, You don't even need to agree to the GPL to use GPL'ed software. However, if you don't agree to the GPL, you just have the ordinary copyright law restrictions to deal with, and you don't get the extra rights the GPL affords you; you can't modify or copy the software.
Granted, it's more restrictive than public domain software, but it's less restrictive than about every commercial license out there.
If the GPL were found to be legally invalid (which I don't expect to see), it wouldn't mean GPL'ed software suddenly became public domain; it would mean that GPL'ed software suddenly became restricted as per copyright law until it could be released by the authors under a different license.
You must not have done much with it (or have gotten it pretty recently) if you still brag about it (and obnoxiously and insultingly at that). At Rice you learn to shut up about stuff like that pretty quickly when your mention of "I got a 1600" is met by "Really? You too?"
I'd go into the huge variance in the correlation between SAT scores and grades/salary/whatever, but that'd just be excessive.
...when the only thing stopping us from having an open source player is a backwards legal battle? Generally when people want to see Starcraft, Illustrator, or whatever ported to Linux it's because it's a mammoth software product that is the fruit of years of development by tens or hundreds of programmers, which we would rather pay $50-$500 for than try to reimplement.
A DVD player isn't in that category. We have free software mpeg2 players (albeit not optimized or hardware-accelerated yet; there's a short window where a commercial player would have a number of customers); we have free software DVD filesystem and lowlevel drivers... why should we be prohibited from using these things for legal, fair purposes just because the same software can also be used for (and isn't even required for) illegal, impractical DVD copying?
Outlawing unlicensed DVD players because they can be used to make copies is like outlawing non-General Motors cars on the excuse that "unsafe, unlicensed cars can kill people", when the reality is that "unlicensed cars have major legal uses, and our existing cars can be used to kill people, but unlicensed cars don't make us as much money."
Here's a hint for Mr. Valenti - it's not to pirate DVDs.
1. I want to play DVDs on Linux. I know that's semi-possible now with the css-auth code, but not on a K6II with no hardware decoding. I'm hoping that once the CSS cat is legally out of the bag we'll start to see the software that's already there blossom much faster than if further development is legally shackled.
2. I don't want to play DVDs on Windows or with a hardware DVD player. I don't like Windows, I don't use Windows, and I'm not about to change that. I don't have a standalone CD player, and never bought CDs until I had a CD-ROM. If I have to get a separate DVD player to hook straight to a TV, I'll just stick with VHS, thanks.
Oh, and I'm not too interested in closed source Linux players either. I buy closed source games for Linux, but something as basic as a video decoder should be open source, for a number of reasons.
3. I want to archive movies someday. Analogy: I went through grades K-12 without buying a single audio CD (and just a couple tapes). After MP3s became popular, I started buying audio CDs, simply because it's infinitely more convenient to have my entire music collection ultra-accessible. I have an internet accessible (passworded) infinite CD changer (of my own purchased music), in essence, and that's a very good thing. When hard drives get into the hundreds of GB, I want to do the same thing with video.
4. I want to be able to play DVDs without a DVD player. Sounds oxymoronic, no? But in the not-too-distant future when Crusoe webpads are all the rage, I want to be able to upload a movie or two to my light notebook and watch them on the road. I shouldn't need more than an ethernet connection on said notebook to do this; I definitely shouldn't need an additional (and more expensive portable) DVD-ROM drive.
5. I don't think all software should be open source, but I do think all software should be possible to reimplement from scratch as open source, whenever people with the necessary skills gets up sufficient motivation. Microsoft gets enough flak for making obfuscated, poorly documented Office formats; what do you think the DoJ would do if all their file formats were *impossible* to read/write with other software because of some technically weak but legally bulwarked encryption scheme?
6. I want to be able to conveniently downsample, take still shots of, and edit DVD video. Yeah, yeah, you can do this pretty well with a Windows crack or piping the analog video to a capture card, but I want to do it on *my* system. Did nobody else get a kick out of the recent Matrix parody? Imagine more things like that, but add short dubbed clips, Gimpish effects, etc. Imagine taking a set of TV episode collections (I'm waiting for the Simpsons) on DVD and chopping out credits, bad episodes, etc. and putting just your favorites on a disk to lend to friends.
7. I want to be able to preserve my DVDs. The movie industry seems to be pining for the day when consumer video just wore out after a while, when technology made sure that people who paid for a piece of video didn't get that video forever. How many millions of dollars did media studios get from people who left a tape in the sun, who watched or listened to an analog tape too many times, etc. and wore down the quality but enjoyed the entertainment *they purchased* enough that they bought a replacement? Even DVDs get scratched - and the horrid skips in a copy of Saving Private Ryan my friend rented demonstrated what happens then. I want to be able to make perfect copies of movies I buy, stick the originals in a closet, and just make a new perfect copy to watch if something happens to the first one.
8. I want to be able to move my DVDs to The Next Big Format. Sure, it's a nice coincidence that we're at just that moment in technological history when 1 movie of data == 1 disc of data, but does anyone really think we won't be able to fit a dozen movies on removable media in 10 years, or a hundred movies on a disc within our lifetime? If you can't make fair use copies of the movies you purchased, and you want a library disc of your whole video collection, you're out of luck.
9. IT IS MY RIGHT. It was the DeCSS author's right to reverse-engineer software to make a compatible alternative. It is my right to make perfect copies of media I own a license for, for personal use. I made up this list because Mr. Valenti (and the judge in the court transcript I read) can't seem to understand that there might be normal reasons for normal people to want unfettered access to the media they purchased, but in reality I shouldn't need any excuse to legally exercise the rights that copyright law gives me.
I don't own a DVD player, and I don't plan on ever getting one if distributing this software is incomprehensibly ruled illegal. I would want to move this mirror offshore to somewhere it is legal, however.
I'd boycott them because I'll be sick of the DVD industry, not because I won't be able to use the software, mind you. I downloaded CSS source code from public court records, so I've got it legally; they can't retract that after the fact. I wouldn't be copying DVDs illegally, so they can't pick on me for that. Even if they rule that reverse engineering pitiful "encryption" is illegal, using a legally obtained product to exercise your license rights still won't be.
then i guess no operating system is ready for the desktop.
Not really. Win98 comes close, at least. All that missing network functionality at least means there's less to break, and Windows Update means you can get patches when something is found broken, whether you're a security expert or not. Sure, in Windows' history it's been susceptable to remote-crash attacks more often than not, but I can't recall more than a few times it's been possible to "root" a stock Windows box remotely (not counting third-party products like mirc and ftp servers).
With Linux there's so much stuff open to the net by default that it seems like there's a remote root exploit every year. If you're security aware you'll be able to install the fix as soon as the world knows about the problem, but if you're not you're just a target.
updates are the user's responsibility. why should everyone work double for the lazy ppl?
Because that way we don't have a ripe population of insecure Linux boxes for viruses and worms to spread through?
Because that way Linux looks better in the press?
Because lazy people buy things like Unreal Tournament and CivCTP, and thus get companies to port those things to Linux so we can buy them too?
Because we have lazy or non-computer-geek friends and family whom we'd like to stop using Windows (and stop bugging us when it crashes), and we can't personally see to the security of every one of their machines?
Because distributions who do work double for lazy people sell more copies and make more money.
So we can achieve world domination! Duh.
Because sometimes *we* are inadvertently the lazy people. Deadangel, I notice your computer may be on a new distribution with no security updates required (and ssh installed; good for you), but the fact that you've still got telnet and linuxconf ports open to the net doesn't bode well for the future. (Sorry for the nmap, BTW; I hope you don't have any paranoid TCP/IP logging enabled)
Finally, because having the operating system checking it's own security in a cron job means we have one more thing that the computer is doing for us, which is just technically better. Users shouldn't have to monitor a security mailing list when the computer can do that (and update programs from cryptographically signed packages) for us.
Perhaps InterNIC or whatever company replaces them could link disputed domain names to a list of the sites that have registered them.
First problem: For a $50 registration fee, by registering "diamond.com" you've just required InterNIC to put up a redirecting web server for a year. That'll run a lot more than $50.
Second problem: If this were allowed, how many people do you think would register "microsoft.com" and other well-hated sites in an attempt to bury the original site in a sea of alternate registrant links?
Third problem: You're thinking too web-centric. "diamond.com" may have a web server, or it may be the central domain for 10,000 net-connected computers at Diamond Multimedia's offices. You're going to conscript that domain and make a change costing Diamond thousands of dollars, just because someone else paid $50 for a cool domain name? What about email addresses? Where does mail to root@diamond.com get sent? What happens when someone else registers hotmail.com? What happens when some non-HTTP protocol becomes the most important thing on the net, or when diamond.com turns out to be running more FTP than web traffic, or when it's the domain name for some chat server or something else that needs a unique IP?
Fourth problem: What about preexisting links? For $50, you say I can register microsoft.com, require the site to change into a redirection page, and thus break every existing http://*.microsoft.com/* link? Sweet.
Well, there's more, but you get the picture. Anyone have any more ideas?
Frankly, I'd be fine with allowing companies to override previous registrants of existing trademarks (but even then, what if the domain name is a trademark for different companies in different industries?), but that's about as much as I'd stretch it. If you had your heart set on anonymouscoward.com, and whois tells you that Cybernet2000 has already registered it (damn!), then you'd better either suck it up and pay what they want, or get a new domain name.
In this article's particular case, I'd have been OK with it if Linus had decided to enforce his trademark and prohibit anyone else from "squatting"... but it's *his* choice. The original linux.net owner is an old time kernel developer, did a good job selling linux.com, and if Linus doesn't have a problem with his getting rich off the domain names then certainly nobody else has a right to.
I might have thought at one time that selling the linux* domain names would be a good way for Linus to make money himself while coding free software... but of course now that he's slated to become a bajillionaire over the next decade on Transmeta stock options that's not really necessary.
Exactly how would you register domain names? When a user types "diamond.com" (or the Real Name "diamond", or "diamond" in whatever dumbass scheme could replace DNS), it's got to go somewhere. How would you decide where it goes? Highest bidder? A government agency? I'm genuinely curious; I can't think of anything better than "first come first served". It seems to me like 50% of the complaints about the current "first come, first served" scheme come from clueless companies who didn't figure out that "that Internet thing" might be important until last year, by which time their name had been registered as a.com long ago.
I mean, honestly, "Security hole found in wu-ftpd" would be a lot more valuable headline to most people than "New minor release of the kernel", and would happen a lot less often.
Linux is going to get a bad name someday because millions of people out there have distributions which install with tons of (often unneeded) services on, and don't know enough to subscribe to a security mailing list or check for updated packages. It doesn't matter if Linux gets security fixes within 24 hours, if most people don't install them within 6 months. No Linux distribution that doesn't come configured to automatically check for, notify users of, and help users install software updates should be considered "ready for the desktop".
Or, at least, it does for me playing Starcraft; I really haven't tried it on any other DirectX stuff.
It's quite odd, it plays Starcraft flawlessly (and fast/faster than Windows, using DGA) for a random amount of time (seems to be a half-life of around an hour), then suddenly slows and hangs solid within a fraction of a second. You can play through the single player this way without getting too annoyed if you save often, but it's just unacceptable for multiplayer.
But anyway, the Wine people have had it working but buggy since at least this time last year, when it had horrible memory leaks and was slow over IPX, but ran.
Does anyone have Starcraft under Wine working and perfectly stable? If so, could I hear details?
Off topic: Does anyone know why DGA is so much faster than MIT-SHM, and why it needs root? I don't like running Starcraft as root, but it doesn't run as smoothly otherwise. For DGA, couldn't the X server create a file mmaped with the necessary I/O range on the graphics card, then set permissions on it to let the X client mmap that same file to write directly into that chunk of RAM without security concerns?
How about GNU Privacy Guard? It's only got 3DES, CAST5, Blowfish, Twofish, and (modular) IDEA for symmetric encryption, but how many do you need? And it does public key encryption, too, and it's PGP compatible.
I don't care so much if a game isn't free software (although having as many libre low level libraries as possible, as Loki's games and Unreal Tournament do, is a huge plus) because I don't depend on a game. If a game maker goes out of business next year, I don't care that their game will never again see another upgrade. If I'm feeling security conscious, I think it's crucial that my daemons running as root are open source, but I'm not so concerned about games running as a user account. And if a game crashes every so often, it doesn't worry me much as long as the save game files aren't corrupted.
Besides, games are (or should be) about *content*. Graphics, level designs, sounds and music, story line, character development, interactivity... these things are often aided by improved software engines, but they primarily aren't part of the software. In fact, I can't think of a game besides half-life that took an existing software engine and made it heavily better. Some games license an engine and use it to run new content, some games have an engine written from scratch, but how many games are subject to the steady, incremental improval process which free software so benefits?
And starting with Quake (to my knowledge; I'm probably wrong), a heavy component of game development has been driven by almost-open source: the code-level mods that the user community puts out so enthusiastically is made possible by the release of a significant chunk of source code for the base game.
For an operating system, on the other hand, having it crash every month, much less every week, is not acceptable. Security issues for OS and daemon software are critical, and ongoing, steady development on top of the same code base should be as fast as possible without compromising stability.
Any activist who feels threatened by Sandia has severe delusions of grandeur.
Hell, any activist who feels threatened by Sandia is welcome to come down to the Kirtland Air Force Base gates and tell them so. I've been working at Sandia the past couple summers, and there's been at least one underwhelming protest by people with more good intentions than good sense.
I remember in particular one sign to the effect of "do you feel good about your job?" I was tempted to stop, tell the person yes, and ask him what in his life has been as worthwhile as the GPS satellites and nuclear test ban monitoring satellites that my department was involved in.
But, hey, don't rule out crowd control entirely. Wasn't it Sandia or Los Alamos behind those "goop guns" that would spray sticky foam over a target and nonharmfully stop him in his tracks?
That's for when you send it the signal 11, the most random mode. It posts a comment to Slashdot, enters a wait state for two hours, then comes back, takes the moderation score and adds 1.
It's ironic, then, that this particular comment is 99% certain to be marked "-1, Offtopic" sometime within the next 10 minutes. Not very random, no?
Slashdot Mirror
I, like most gamers, don't care how many companies are making what they call "3D graphics cards". I think it was the S3 Virge chip that the company called a "3D graphics card" but the industry called a "3D decelerator", since actually using the card's hardware was slower than software rendering on a PII. I care how many companies are making good 3D graphics cards.
And that number's only going up. First there was the Voodoo, the Voodoo, and only the Voodoo. If you wanted a choice, you shopped between different cards with the same Voodoo chipset. If you wanted a high end card, it had TV out.
There was much rejoicing when the TNT came out and started heating up the graphics card competition... and even Matrox seemed to want to do 3D, although it took them until the G200 before they even had an OpenGL driver using their card... but now they have the G400, and their card's actually good at it. For people buying a new system, it's generally worthwhile to look at the Voodoo 3, TNT 2, G400, GeForce(of course), and ATI cards... and that's a good thing.
They're still unpingable, but responding to web requests again. False alarm, I suppose their firewall and their current slashdotting threw me off.
I was in the middle of mirroring the documentation, and suddenly www.usb.org is unpingable. I assume this is because someone over on their end noticed the massive hard drive churning, and the flood of wget clients in the server logs. If this is actually the result of some losers DOS attack I'm going to be annoyed.
Think about it - if they were going to port Microsoft applications to Linux, why wouldn't they start with Internet Explorer, which already has a Solaris port, and just type "make"? Sure, porting from Solaris to Linux could be more difficult than that, but not much, and the biggest difficulty would be the different endian architectures, something they'd have already figured out with the Windows -> Solaris/Sparc port.
Or for that matter, why not port Windows Media Player? They could reuse code from the Linux port of NetShow that got killed a while back.
Hell, while we're on the subject of Unix ports, why did they port IE to Solaris/Sparc and not Solaris/x86?
Simple. Microsoft isn't in business to let it's application development teams build up more competition for it's OS development teams. Solaris/Sparc runs on obscure hardware that NT can't? Fine, give them an IE port and hope that the accelerated death of Netscape will outweigh the few lost sales of NT/x86 workstations. But practically every copy of Solaris/x86 (and Linux) in use means one more Intel system that won't see NT installed, and so no ports for them.
It would be a retarded decision for Microsoft as a whole to spend resources on a project whose net outcome is to make their most dangerous competitor much more viable in a much wider market. In 4 years, when KOffice (and maybe Corel Office, if it ever ships) is kicking ass, then maybe Microsoft will port Office to try and keep marketshare. Even then I doubt it.
I always thought (and I suspect this goes for most people) that the first time the GPL was challenged in court it would be by some massive corporation stacking high-priced lawyers up against whatever trickle of legal funds the FSF could provide to some starving Linux programmer.
Now, instead, it's some starving programmer trying to rip off John Carmack, a recognized programming god among both Windows and Linux users, and a man with a successful company and a Ferrari collector's level of personal wealth backing him. Sweet. Could we ask for a better opportunity to get some legal precedent to back up the GPL? I'm sure Slade will back down... but ironically if he really "is a strong supporter of the GPL" the most helpful thing he could do is throw away a bunch of money on legal fees and lose a court case attacking it.
He should lose, of course. He claims:
To download binaries or proceed into this site, you have to give up your rights under the GPL.
Whereas, the GPL claims one of the conditions of distributing binaries is:
b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License.
That's it. Either you distribute modified work under the same license or don't distribute at all.
Otherwise you make Carmack mad. And between the Quake player and the Linux advocate in my soul, there's some kind of sweet righteousness in the image of Carmack pouring a can of whoop-ass on a GPL violator.
The biggest complaint I hear about C++ (and agree with myself, depending on whose code I'm reading), is that it gives you enough rope to hang yourself, your company, and your close family.
Unfortunately, while it's easy to give a language new features without harming backwards compatibility, it's a lot harder to take things out. Are there any features that, in hindsight, you wouldn't have put into C++ to begin with? Are there particular features (templates keep coming to mind) that you would advise inexperienced programmers to avoid?
But the steganography in your .sig is hilarious. Now I'm tempted to hunt for the hidden data in that screenshot too...
And remove unnecessary services, of course, but simply keeping your system up to date is the most important way to avoid having it compromised. You didn't say which Unix you were using, but all the major Linux vendors have security mailing lists and I can't imagine the BSDs and proprietary Unices lacking the same.
Having a genuine hacker reverse-engineer a bug in a network service and turn it into a root exploit against your system is very rare; I've never seen it done. Having a script kiddie use that reverse engineering to automatically probe and attempt to crack entire blocks of IPs, on the other hand, that happens every day. The trick is to get the bugfix installed before the kiddies start trying to exploit it.
Start out by removing all network services you don't need and using TCP wrappers to limit access to the ones you do need. A firewall wouldn't hurt, but is probably overkill. Then get onto one of those security mailing lists and make sure that no alert goes by without you either disabling the compromisable program or installing a secured update.
That's about all you need to worry about. Most systems that get broken into are cracked simply because their owner never heard about an imapd exploit 6 months before, shouldn't have been running imapd in the first place, and so wasn't ready when the script kiddies started port scanning for it.
And look, you got knocked down to a zero yourself! It must be a conspiracy. I demand that the moderators mark me up to a 2 to make up for this outrage!
(Note: hit the link on the comment ID number and you can see it's moderation history.)
Since nobody else seems to have the full thing posted yet, and it's funny:
/etc/fstab
Tired of collecting Beanie Babies and Pokemon cards?
Christopher Robin called last night complaining about the lack of collectibles pertaining to the famous "Pooh" show. Eeyore, of course, said,
"I dooon't knooow aboouuut this".... But what does Eeyore know anyway?
The result:
PIGLET
This is no ordinary pig! Stand back folks, he's large and live and ready to rumble. This pig is knocking back CPU loads of 99 whilst having tea and crumpets with Pooh Bear. This bad boy eats Lizards for breakfast and spits out kernel patches. Approach with caution, he could be dangerous!
PIGLET: Your once in a lifetime chance to have this rare collection!
This is a limited time offer, when we run out of bits, they'll be gone forever. Don't miss out folks, the Internet lines are lighting up, they're going like hotcakes, and we can't guarantee availability on this item for very long! Similar items we have provided in the past are now going for over a ONE MILLION percent gain on the original price tag of $0.
PIGLET includes the following new features:
- A new and improved Anaconda [tm] installer
- Partitionless installs
- Improved X Configuration
- Additional GUI Partitioning tool
- Software RAID Configuration in Kickstart Installations
- RAID upgrades
- ATAPI Zip and Jaz Drive Recognition
- Rescue Disk Improvements
- It works!
- Rescue via the installation CD
- Pico on rescue disk
- mtools on rescue disk
- Kernel 2.2.15
- Enhanced Software RAID
- P III Enhancements
- New web based High Availability Configuration Utility
- Kerberos Integration
- New Window Managers
- New desktop backgrounds and themes
- Docbook tools
- Standard Samba mounts in
- Smaller minimal install
- Separate client/server packages for servers:
PIGLET, pick up this rare find at:
ftp://ftp.redhat.com/pub/redhat-6.2beta/
Or at a mirror near you! A list of Red Hat ftp mirrors can be had via your web browser of choice at:
http://www.redhat.com/download/mirror.ht ml
PIGLET is available now for Intel, Sparc and Alpha architectures. PIGLET is ONLY available through the Internet, and ONLY for a limited time!. This is a beta release of Red Hat Linux, and we don't encourage using this for mission critical applications. However, like most Red Hat beta collectibles, it is very usable for:
1) Testing those new holographic storage devices
2) Installing on all of the machines in your favorite lab
3) Seeing what that "Linux thing" is really all about
4) Preparing your thesis on "Works in progress"
We have created piglet-list for discussion of this beta release. To subscribe, merely send a message to piglet-list-request@redhat.com with the code word "subscribe" in the subject line, respond to the confirmation message request, and enjoy hours upon hours of entertaining and useful messages from hackers trying to make this thing fall down go *BOOM*...
(With a special thanks to home shopping channels everywhere!)
Will we see any "I didn't get MS Office, but $80 of my tuition went to subsidize this guy's copy" posts in response?
It's a beautiful setup for Microsoft. Lower the apparant price, and you reduce people's incentive not to buy MS software. But you've got a deal with the school, so you get paid for all that software anyway. Everybody wins, except for those people who still don't buy MS products.
What is the GPL but a very restrictive license then?
A very unrestrictive license.
Think about it. Every license starts at what you get with copyright law. Every EULA-esque license out there wants to *take* away those rights:
"You have a license to use this software, but:
You can't disclose performance benchmarks.
Or you can't make a backup copy.
Or you can't disassemble it.
Or you can't run it in an emulator or an unlicensed player/computer."
Or whatever they can think of to push the limits:
"You can't read it's files with a competitor's product.
You can't store it's files on a competitor's server.
You can't use it except in conjunction with the following list of other software.
We can remotely disable it if we believe you have broken this license.
You must succumb to the power of the Dark Side."
With the GPL, on the other hand,
"You have a license to use this software.
You have all rights copyright law gives you with this software.
In addition, you get these rights:
The right to modify or recompile the software and use the modified software.
The right to distribute the software or it's modifications under the GPL, as long as you distribute the source as well upon request.
The right to charge a fee for that distribution (not for the license or the source code, though)."
In other words, You don't even need to agree to the GPL to use GPL'ed software. However, if you don't agree to the GPL, you just have the ordinary copyright law restrictions to deal with, and you don't get the extra rights the GPL affords you; you can't modify or copy the software.
Granted, it's more restrictive than public domain software, but it's less restrictive than about every commercial license out there.
If the GPL were found to be legally invalid (which I don't expect to see), it wouldn't mean GPL'ed software suddenly became public domain; it would mean that GPL'ed software suddenly became restricted as per copyright law until it could be released by the authors under a different license.
1500+?
You must not have done much with it (or have gotten it pretty recently) if you still brag about it (and obnoxiously and insultingly at that). At Rice you learn to shut up about stuff like that pretty quickly when your mention of "I got a 1600" is met by "Really? You too?"
I'd go into the huge variance in the correlation between SAT scores and grades/salary/whatever, but that'd just be excessive.
...when the only thing stopping us from having an open source player is a backwards legal battle? Generally when people want to see Starcraft, Illustrator, or whatever ported to Linux it's because it's a mammoth software product that is the fruit of years of development by tens or hundreds of programmers, which we would rather pay $50-$500 for than try to reimplement.
A DVD player isn't in that category. We have free software mpeg2 players (albeit not optimized or hardware-accelerated yet; there's a short window where a commercial player would have a number of customers); we have free software DVD filesystem and lowlevel drivers... why should we be prohibited from using these things for legal, fair purposes just because the same software can also be used for (and isn't even required for) illegal, impractical DVD copying?
Outlawing unlicensed DVD players because they can be used to make copies is like outlawing non-General Motors cars on the excuse that "unsafe, unlicensed cars can kill people", when the reality is that "unlicensed cars have major legal uses, and our existing cars can be used to kill people, but unlicensed cars don't make us as much money."
Here's a hint for Mr. Valenti - it's not to pirate DVDs.
1. I want to play DVDs on Linux. I know that's semi-possible now with the css-auth code, but not on a K6II with no hardware decoding. I'm hoping that once the CSS cat is legally out of the bag we'll start to see the software that's already there blossom much faster than if further development is legally shackled.
2. I don't want to play DVDs on Windows or with a hardware DVD player. I don't like Windows, I don't use Windows, and I'm not about to change that. I don't have a standalone CD player, and never bought CDs until I had a CD-ROM. If I have to get a separate DVD player to hook straight to a TV, I'll just stick with VHS, thanks.
Oh, and I'm not too interested in closed source Linux players either. I buy closed source games for Linux, but something as basic as a video
decoder should be open source, for a number of reasons.
3. I want to archive movies someday. Analogy: I went through grades K-12 without buying a single audio CD (and just a couple tapes). After MP3s became popular, I started buying audio CDs, simply because it's infinitely more convenient to have my entire music collection ultra-accessible. I have an internet accessible (passworded) infinite
CD changer (of my own purchased music), in essence, and that's a very good thing. When hard drives get into the hundreds of GB, I want to
do the same thing with video.
4. I want to be able to play DVDs without a DVD player. Sounds oxymoronic, no? But in the not-too-distant future when Crusoe webpads are all the rage, I want to be able to upload a movie or two to my light notebook and watch them on the road. I shouldn't need more than an ethernet connection on said notebook to do this; I definitely shouldn't need an additional (and more expensive portable) DVD-ROM drive.
5. I don't think all software should be open source, but I do think all software should be possible to reimplement from scratch as open source, whenever people with the necessary skills gets up sufficient motivation. Microsoft gets enough flak for making obfuscated, poorly documented Office formats; what do you think the DoJ would do if all their file formats were *impossible* to read/write with other software because of some technically weak but legally bulwarked encryption scheme?
6. I want to be able to conveniently downsample, take still shots of, and edit DVD video. Yeah, yeah, you can do this pretty well with a Windows crack or piping the analog video to a capture card, but I want to do it on *my* system. Did nobody else get a kick out of the recent Matrix parody? Imagine more things like that, but add short dubbed clips, Gimpish effects, etc. Imagine taking a set of TV episode collections (I'm waiting for the Simpsons) on DVD and chopping out credits, bad episodes, etc. and putting just your favorites on a disk to lend to friends.
7. I want to be able to preserve my DVDs. The movie industry seems to be pining for the day when consumer video just wore out after a while, when technology made sure that people who paid for a piece of video didn't get that video forever. How many millions of dollars did media studios get from people who left a tape in the sun, who watched or listened to an analog tape too many times, etc. and wore down the quality but enjoyed the entertainment *they purchased* enough that
they bought a replacement? Even DVDs get scratched - and the horrid skips in a copy of Saving Private Ryan my friend rented demonstrated what happens then. I want to be able to make perfect copies of movies I buy, stick the originals in a closet, and just make a new perfect copy to watch if something happens to the first one.
8. I want to be able to move my DVDs to The Next Big Format. Sure, it's a nice coincidence that we're at just that moment in technological history when 1 movie of data == 1 disc of data, but does anyone really think we won't be able to fit a dozen movies on removable media in 10 years, or a hundred movies on a disc within our lifetime? If you can't make fair use copies of the movies you
purchased, and you want a library disc of your whole video collection, you're out of luck.
9. IT IS MY RIGHT. It was the DeCSS author's right to reverse-engineer software to make a compatible alternative. It is my right to make perfect copies of media I own a license for, for personal use. I made up this list because Mr. Valenti (and the judge in the court transcript I read) can't seem to understand that there might be normal reasons for normal people to want unfettered access to the media they purchased, but in reality I shouldn't need any excuse to legally exercise the rights that copyright law gives me.
I don't own a DVD player, and I don't plan on ever getting one if distributing this software is incomprehensibly ruled illegal. I would want to move this mirror offshore to somewhere it is legal, however.
I'd boycott them because I'll be sick of the DVD industry, not because I won't be able to use the software, mind you. I downloaded CSS source code from public court records, so I've got it legally; they can't retract that after the fact. I wouldn't be copying DVDs illegally, so they can't pick on me for that. Even if they rule that reverse engineering pitiful "encryption" is illegal, using a legally obtained product to exercise your license rights still won't be.
then i guess no operating system is ready for the desktop.
Not really. Win98 comes close, at least. All that missing network functionality at least means there's less to break, and Windows Update means you can get patches when something is found broken, whether you're a security expert or not. Sure, in Windows' history it's been susceptable to remote-crash attacks more often than not, but I can't recall more than a few times it's been possible to "root" a stock Windows box remotely (not counting third-party products like mirc and ftp servers).
With Linux there's so much stuff open to the net by default that it seems like there's a remote root exploit every year. If you're security aware you'll be able to install the fix as soon as the world knows about the problem, but if you're not you're just a target.
updates are the user's responsibility. why should everyone work double for the lazy ppl?
Because that way we don't have a ripe population of insecure Linux boxes for viruses and worms to spread through?
Because that way Linux looks better in the press?
Because lazy people buy things like Unreal Tournament and CivCTP, and thus get companies to port those things to Linux so we can buy them too?
Because we have lazy or non-computer-geek friends and family whom we'd like to stop using Windows (and stop bugging us when it crashes), and we can't personally see to the security of every one of their machines?
Because distributions who do work double for lazy people sell more copies and make more money.
So we can achieve world domination! Duh.
Because sometimes *we* are inadvertently the lazy people. Deadangel, I notice your computer may be on a new distribution with no security updates required (and ssh installed; good for you), but the fact that you've still got telnet and linuxconf ports open to the net doesn't bode well for the future. (Sorry for the nmap, BTW; I hope you don't have any paranoid TCP/IP logging enabled)
Finally, because having the operating system checking it's own security in a cron job means we have one more thing that the computer is doing for us, which is just technically better. Users shouldn't have to monitor a security mailing list when the computer can do that (and update programs from cryptographically signed packages) for us.
Perhaps InterNIC or whatever company replaces them could link disputed domain names to a list of the sites that have registered them.
First problem: For a $50 registration fee, by registering "diamond.com" you've just required InterNIC to put up a redirecting web server for a year. That'll run a lot more than $50.
Second problem: If this were allowed, how many people do you think would register "microsoft.com" and other well-hated sites in an attempt to bury the original site in a sea of alternate registrant links?
Third problem: You're thinking too web-centric. "diamond.com" may have a web server, or it may be the central domain for 10,000 net-connected computers at Diamond Multimedia's offices. You're going to conscript that domain and make a change costing Diamond thousands of dollars, just because someone else paid $50 for a cool domain name? What about email addresses? Where does mail to root@diamond.com get sent? What happens when someone else registers hotmail.com? What happens when some non-HTTP protocol becomes the most important thing on the net, or when diamond.com turns out to be running more FTP than web traffic, or when it's the domain name for some chat server or something else that needs a unique IP?
Fourth problem: What about preexisting links? For $50, you say I can register microsoft.com, require the site to change into a redirection page, and thus break every existing http://*.microsoft.com/* link? Sweet.
Well, there's more, but you get the picture. Anyone have any more ideas?
Frankly, I'd be fine with allowing companies to override previous registrants of existing trademarks (but even then, what if the domain name is a trademark for different companies in different industries?), but that's about as much as I'd stretch it. If you had your heart set on anonymouscoward.com, and whois tells you that Cybernet2000 has already registered it (damn!), then you'd better either suck it up and pay what they want, or get a new domain name.
In this article's particular case, I'd have been OK with it if Linus had decided to enforce his trademark and prohibit anyone else from "squatting"... but it's *his* choice. The original linux.net owner is an old time kernel developer, did a good job selling linux.com, and if Linus doesn't have a problem with his getting rich off the domain names then certainly nobody else has a right to.
I might have thought at one time that selling the linux* domain names would be a good way for Linus to make money himself while coding free software... but of course now that he's slated to become a bajillionaire over the next decade on Transmeta stock options that's not really necessary.
Exactly how would you register domain names? When a user types "diamond.com" (or the Real Name "diamond", or "diamond" in whatever dumbass scheme could replace DNS), it's got to go somewhere. How would you decide where it goes? Highest bidder? A government agency? I'm genuinely curious; I can't think of anything better than "first come first served". It seems to me like 50% of the complaints about the current "first come, first served" scheme come from clueless companies who didn't figure out that "that Internet thing" might be important until last year, by which time their name had been registered as a .com long ago.
I mean, honestly, "Security hole found in wu-ftpd" would be a lot more valuable headline to most people than "New minor release of the kernel", and would happen a lot less often.
Linux is going to get a bad name someday because millions of people out there have distributions which install with tons of (often unneeded) services on, and don't know enough to subscribe to a security mailing list or check for updated packages. It doesn't matter if Linux gets security fixes within 24 hours, if most people don't install them within 6 months. No Linux distribution that doesn't come configured to automatically check for, notify users of, and help users install software updates should be considered "ready for the desktop".
Win2K went gold already; this is what's getting shipped to users.
Or, at least, it does for me playing Starcraft; I really haven't tried it on any other DirectX stuff.
It's quite odd, it plays Starcraft flawlessly (and fast/faster than Windows, using DGA) for a random amount of time (seems to be a half-life of around an hour), then suddenly slows and hangs solid within a fraction of a second. You can play through the single player this way without getting too annoyed if you save often, but it's just unacceptable for multiplayer.
But anyway, the Wine people have had it working but buggy since at least this time last year, when it had horrible memory leaks and was slow over IPX, but ran.
Does anyone have Starcraft under Wine working and perfectly stable? If so, could I hear details?
Off topic: Does anyone know why DGA is so much faster than MIT-SHM, and why it needs root? I don't like running Starcraft as root, but it doesn't run as smoothly otherwise. For DGA, couldn't the X server create a file mmaped with the necessary I/O range on the graphics card, then set permissions on it to let the X client mmap that same file to write directly into that chunk of RAM without security concerns?
How about GNU Privacy Guard? It's only got 3DES, CAST5, Blowfish, Twofish, and (modular) IDEA for symmetric encryption, but how many do you need? And it does public key encryption, too, and it's PGP compatible.
I don't care so much if a game isn't free software (although having as many libre low level libraries as possible, as Loki's games and Unreal Tournament do, is a huge plus) because I don't depend on a game. If a game maker goes out of business next year, I don't care that their game will never again see another upgrade. If I'm feeling security conscious, I think it's crucial that my daemons running as root are open source, but I'm not so concerned about games running as a user account. And if a game crashes every so often, it doesn't worry me much as long as the save game files aren't corrupted.
Besides, games are (or should be) about *content*. Graphics, level designs, sounds and music, story line, character development, interactivity... these things are often aided by improved software engines, but they primarily aren't part of the software. In fact, I can't think of a game besides half-life that took an existing software engine and made it heavily better. Some games license an engine and use it to run new content, some games have an engine written from scratch, but how many games are subject to the steady, incremental improval process which free software so benefits?
And starting with Quake (to my knowledge; I'm probably wrong), a heavy component of game development has been driven by almost-open source: the code-level mods that the user community puts out so enthusiastically is made possible by the release of a significant chunk of source code for the base game.
For an operating system, on the other hand, having it crash every month, much less every week, is not acceptable. Security issues for OS and daemon software are critical, and ongoing, steady development on top of the same code base should be as fast as possible without compromising stability.
Any activist who feels threatened by Sandia has severe delusions of grandeur.
Hell, any activist who feels threatened by Sandia is welcome to come down to the Kirtland Air Force Base gates and tell them so. I've been working at Sandia the past couple summers, and there's been at least one underwhelming protest by people with more good intentions than good sense.
I remember in particular one sign to the effect of "do you feel good about your job?" I was tempted to stop, tell the person yes, and ask him what in his life has been as worthwhile as the GPS satellites and nuclear test ban monitoring satellites that my department was involved in.
But, hey, don't rule out crowd control entirely. Wasn't it Sandia or Los Alamos behind those "goop guns" that would spray sticky foam over a target and nonharmfully stop him in his tracks?
That's for when you send it the signal 11, the most random mode. It posts a comment to Slashdot, enters a wait state for two hours, then comes back, takes the moderation score and adds 1.
It's ironic, then, that this particular comment is 99% certain to be marked "-1, Offtopic" sometime within the next 10 minutes. Not very random, no?