For $330 (wonder what the street price is?), that ain't bad. If they update it to the color version that's supposed to be out next year, that would be even sweeter...
I don't think this linkage could be created, because although open source has definitely had a banner year, as a fraction of the GDP (and especially GWP, since OS is an international movement), it's not going to be that great. In fact, programming in general is only a portion of this.
I would be interested, however, in any studies linking more hours worked per week with the low unemployment/inflation of the last few years.
Not all hacking/cracking (no flames, please) is done through the Internet. Dial-in access modems are very common for utility equipment like phone/electricity (I wouldn't know about water and other infrastructure). These are susceptible. There are other ways into other networks as well, especially if you've compromised the telecom infrastructure in general. Example: They're using a leased line? Fine, the attackers "own" the switch and deal with it from another angle.
Linux needs to focus on what it does well, and how to improve the things it wants to do well but hasn't reached yet. All this focus on "anti-M$" really tends to take away credibility from the OS and the community.
This is a horrific idea. I have a cousin who, when born, had a cerebral palsy-like condition due to his mother being clinically dead for several minutes during birth and the ensuing lack of ocygen to his brain for that time. For the first several years of his life, no one knew what exactly this would mean for him, since he had obvious motor coordination problems and appeared to have some sort of mental retardation.
He's now in his mid-20's, holds a B.S in Accounting (from a real university, not a mail-it-in type), lifts weights, serves as a deacon in his congregation, and is a useful, productive member of society, not to mention a hell of a guy (he was the best man in my wedding). He's not Stephen Hawking, in either direction, but I'd venture to guess that there are a lot more folks like him than like Hawking. And by this prof's lights, he should have been killed before finishing his first month.
We are not the same as animals. Humans have inherent value. If the word "humanity" has so little meaning for someone, then I for one am ashamed to have them as part of my species.
C'mon folks, let's be realistic. Language is a living, dynamic system, one which is not determined by the opinions of a few, but by the general usage. And although in our minds, there is a difference between the terms hacker and cracker, the common usage has passed us by. It's pretty much impossible to stem this tide.
It's one thing to keep using the term cracker; it's quite another to get so upset when someone uses hacker to mean the same thing.
Then again, where I come from, cracker is an extremely offensive term to refer to white people.
I'm not sure it's all about just surfing the net while I'm walking down the street. I can think of a lot of times when I'm in a situation where I don't have my laptop and suddenly need access. PDA's don't cut it for many of these tasks (I do security support for a large telecom company), and a wearable would be perfect. Now if I can just get my IPSec client working on it...
When software is just written as a tool or to accomplish a general task, OS works beautifully. Just as peer review in science tends to result in research that withstands scrutiny and means something, peer review in software development tends to result in higher-quality, more secure software (I definitely fall into the "pragmatic" group in the article).
But it doesn't work for everything. In-house applications whose structure must reflect internal processes may not work as open source, because it reveals too much internal information. Additionally, as many have pointed out in the past, games have too short a life-cycle to really work as open source. The engines fit the model, but the game as a whole really doesn't.
This isn't a slam on open source software. I prefer it in almost every arena, especially when I'm concerned about security. But we need to recognize that there are situations where it doesn't work. Closed software is not the same as slavery, folks: there are times when keeping the source hidden does work and is appropriate.
You're right. It serves no purpose to ignore one box. But at the same time, for both Linux and WinNT, the statement regarding the administrator holds true. What you want is to get an absolute NT security guru to configure one box, and a UNIX/Linux security guru for the other, hopefully equalizing that portion of the test.
It's more common for Linux users to notice the box has been cracked. Windows users who suffer BO and similar attacks may not realize that it was due to a network intrusion, and just chalk it up to the notorious unreliability of Windows. Additionally, the type of users who are "experimenting" with Linux are more likely to be interested in security (and doing things that could risk their machines!) than the average Windows user who just wants to surf the Web.
You should not believe that merely un-checking file&print sharing will secure a Windows machine. While the rules of the contest don't count DoS attacks (since that's not the purpose of this particular evaluation), for actual consideration that would have to be a factor. Additionally, remember that this isn't just putting a Win9x or even a WinNT-WS box on the net -- it's a web server, which comes with a whole different set of challenges. With more power comes more complexity. This is true of programming, networking, race car driving, and most things in life.
I agree with you: this should not be viewed as an "either/or" proposition, but as an ongoing process. That's the way the world works, and any test should try to reflect reality in a controlled way. IOW, control is just to take out variances by converting a variable into a constant.
OK, I'll correct you. They will release the source at a later date, thereby "complying" with your opinion (and that of many other Linux users).
Personally, I feel that even though open source is the way to go, it's Corel's business (quite literally) if they choose to keep it closed. It then becomes the users' choice whether or not we support their distribution. I don't really plan to ever use Corel, but if a company wants to keep its apps' source "close to the vest", I don't have a problem with that -- all software doesn't have to be open to be good.
Now, while whether or not it matters is open to debate, it is definitely "news for nerds". As for whether it matters, given that a lot of the stories are for fun, I would submit that while it's not as important as an earthquake or school shooting, it's probably something of interest to the average/.er. Including myself.
I gotta admit, I'm absolutely intrigued by this company refusing to hype its product. "Don't believe the hype!" Well, in this case, there isn't any. Everyone has their own ideas (although in all honesty there are some pretty good clues) and so what normally would be another ho-hum startup has got the entire techie world waiting with baited breath to find out what it is.
'Course, we're not gonna find out in November, either. As Linus said, "The company has considered saying something at Comdex, or at least saying when we will announce something." (italics added - duh!)
That said, if there are any Transmeta employees out there, please torment Rob with the most vague, ambiguous comments to increase his pain!:)
Come on. This stuff goes on every day on commercial websites here by the k1dd13s. I'm personally relatively unconcerned about this insofar as it being a "cyberwar".
I am concerned, however, about two neighboring nuclear powers involved in essentially a religious war. And things like this may only serve to incense the people more -- not something we want to see.
That's why this is a little more important than one Quake clan hacking another's website -- they typically don't have control over medium-range nuclear missiles.:)
BTW, did anyone else notice the severe pro-India slant? I personally have no real feelings for or against either government, but that writer sure seemed to favor India. Who actually believes that either one of these countries is somehow acting more 'mature' than the other?
...until John Vranvrroom figures out that Securify is really nothing but a bunch of pimple-faced intruders who are perpetrating massive breakins and distributing pornography, then provides his "evidence" to law enforcement and essentially libeling his competitors.
I'm glad to see Packet Storm back, but the thought of seeing another mudslinging attack by the AntiOnline Homies makes me cringe...
It's all about widespread acceptance
on
CNN On IPv6
·
· Score: 4
IPv6 (which, as the article pointed out, offers more than just a larger address space) won't achieve widespread acceptance until (strangely) it has widespread acceptance. In other words, nobody wants to move to a standard until everyone else is.
As I understand it, IPv6 devices can still handle IPv4. So what we really need is for a few of the real leaders to come out and boldly adopt IPv6. I hate to say this, but: Are you listening, Microsoft? IBM? Cisco? Transition your products and services to IPv6, and the world will follow.
Now if we can just get everybody to strongly encrypt ALL IPv6 traffic...
In case you didn't notice all the comments, it turned out to be user error by the/. admin posting the story (she posted it before she had finished editing it)./. is still in a "beta frame of mind", things happen. Bad things happening are often not the result of malice but rather of mistakes.
Microsoft, a large technology company based in Redmond, WA, today announced Independent2000, a new suite designed to objectively evaluate Microsoft products and corporate moves.
Steve Ballmer, president of Microsoft, stated, "We feel that it is in the best interests of our customers to do a truly objective self-analysis. This should prove to any and all critics that Microsoft is dedicated to improving competition in the marketplace."
The new program suite will monitor MSN.com, Microsoft.com, and other web sites for news about the technology giant and condense product reviews found there for a fair, unbiased comparison. The product will be hitting shelves with an estimated street price of around US$249.
I've never used *BSD extensively, but I respect it (I'm much more accustomed to both Linux and Solaris). And I'm glad to see an article espousing the benefits of *BSD over Linux (gasp! shock! horror!)
This is because the whole goal of Linux is choice, which having a viable *BSD option provides. One more good Unix OS is always a good thing.
So, fellow Linux users/admins, please don't flame the dude. Respect him as a colleague.
Anal retentive? I don't think so
on
Moderation Ideas
·
· Score: 3
In response to the people who are upset about/. getting "anal" and the users needing to "get over themselves":
Look, I usually have neither the time nor inclination to read a bunch of "m1cr0s0ft sux" posts, nor "First!", nor posts that are nothing but flamebait. Sometimes I do, and I read the comments with my threshold set at -1. It's at 4 most of the time, but I still go to -1 when I can to get the flavor.
But I'm not being anal. This isn't about what I should or shouldn't read, though I do skip posts I find useless. This is about trying to filter the massive amounts of information that come my way every day. If you have the time and desire to read it all, have at it! I'm actually jealous, since Lord knows I would like to do so.
Sadly, I can't, and neither can a lot of other/.'ers. If Rob et al. have the time and desire to improve the system for us, great. If not, I'll live. I'll still read/., post when I can, and continue with my life when I can't. But for cryin' out loud, don't act like somebody stepped on your toes when the end result of all this can be totally turned off, or even selectively turned off, by anyone who so chooses.
Which is good... choices, always we need more choices!:)
Seriously, can anyone explain the difference between the two distros, other than the fact that on RedHat you have to explicitly tell it to use KDE instead of GNOME?
Excellent article on secure installation of Linux
on
Linux Lite?
·
· Score: 1
Check out this article on installing Linux securely. It focuses on RH5.x, but can be applied to just about any distro.
This is a very good idea. Forthwith, a few thoughts:
The users do need to know that there is a root account, and know the password. They need to be educated at least to the extent not to stay logged in as root. Many NT users have been able to grasp this; Linux users should, too. And as someone already pointed out, otherwise there will be known default root passwords, which is a Bad Thing, Man (tm).
In reality, all distributions should come with the default configurations a bit more secure. Maybe not to the level of extreme paranoia, but to a reasonable degree. Let's be honest, we sysadmins aren't perfect (although we want our users to think so). It's possible that we could forget to configure something when installing a new system, or erroneously assume that some option is already set in a secure manner when in fact it's not.
This will have another, non-technical effect. Once the mainstream media picks up on such a distribution or effort, that's going to entice more users (and corporate managers) to consider it a viable desktop option. I'm all for users learning more about what they're doing, but I've met too many customers who asked me, "What's 'double-click' mean?" to believe that this could ever happen.
I'm right there with you. But in fact, many other techies/geeks/nerds/etc. need to realize that we're not all alike, either. I have a normal life, too -- at least to me. I watch football, am happily married, am involved with my family and congregation, listen to country music. OTOH, I majored in math, do network engineering & security, and spend much of my spare time upgrading my home LAN or reading technical books. The fact that I do those first things doesn't change the fact that I'm a techie.
Being geeky doesn't make you totally socially inept, it makes you different. While I don't doubt that some are mildly autistic, to conclude that most geeks are is to conclude that most geeks have no social skills. Marty McFly is not a stereotype that fits everyone, just like not all people who play sports (of which I am not one) are the typical jocks.
All that aside, I have to say that most of the really interesting people I know are geeks themselves. We tend to think before we speak, and be educated enough (formally or informally) to actually have something to say.
Slashdot Mirror
For $330 (wonder what the street price is?), that ain't bad. If they update it to the color version that's supposed to be out next year, that would be even sweeter...
I don't think this linkage could be created, because although open source has definitely had a banner year, as a fraction of the GDP (and especially GWP, since OS is an international movement), it's not going to be that great. In fact, programming in general is only a portion of this.
I would be interested, however, in any studies linking more hours worked per week with the low unemployment/inflation of the last few years.
Umm, sounds like you're saying that
(A -> B) -> (A -> !B)
which is incorrect.
This ran on /. last spring; CmdrTaco should get a memory upgrade for his implanted Itanium... :)
That said, it's a fine article. I sure wish some old bosses of mine had read and applied it...
Not all hacking/cracking (no flames, please) is done through the Internet. Dial-in access modems are very common for utility equipment like phone/electricity (I wouldn't know about water and other infrastructure). These are susceptible. There are other ways into other networks as well, especially if you've compromised the telecom infrastructure in general. Example: They're using a leased line? Fine, the attackers "own" the switch and deal with it from another angle.
Linux needs to focus on what it does well, and how to improve the things it wants to do well but hasn't reached yet. All this focus on "anti-M$" really tends to take away credibility from the OS and the community.
This is a horrific idea. I have a cousin who, when born, had a cerebral palsy-like condition due to his mother being clinically dead for several minutes during birth and the ensuing lack of ocygen to his brain for that time. For the first several years of his life, no one knew what exactly this would mean for him, since he had obvious motor coordination problems and appeared to have some sort of mental retardation.
He's now in his mid-20's, holds a B.S in Accounting (from a real university, not a mail-it-in type), lifts weights, serves as a deacon in his congregation, and is a useful, productive member of society, not to mention a hell of a guy (he was the best man in my wedding). He's not Stephen Hawking, in either direction, but I'd venture to guess that there are a lot more folks like him than like Hawking. And by this prof's lights, he should have been killed before finishing his first month.
We are not the same as animals. Humans have inherent value. If the word "humanity" has so little meaning for someone, then I for one am ashamed to have them as part of my species.
C'mon folks, let's be realistic. Language is a living, dynamic system, one which is not determined by the opinions of a few, but by the general usage. And although in our minds, there is a difference between the terms hacker and cracker, the common usage has passed us by. It's pretty much impossible to stem this tide.
It's one thing to keep using the term cracker; it's quite another to get so upset when someone uses hacker to mean the same thing.
Then again, where I come from, cracker is an extremely offensive term to refer to white people.
I'm not sure it's all about just surfing the net while I'm walking down the street. I can think of a lot of times when I'm in a situation where I don't have my laptop and suddenly need access. PDA's don't cut it for many of these tasks (I do security support for a large telecom company), and a wearable would be perfect. Now if I can just get my IPSec client working on it...
When software is just written as a tool or to accomplish a general task, OS works beautifully. Just as peer review in science tends to result in research that withstands scrutiny and means something, peer review in software development tends to result in higher-quality, more secure software (I definitely fall into the "pragmatic" group in the article).
But it doesn't work for everything. In-house applications whose structure must reflect internal processes may not work as open source, because it reveals too much internal information. Additionally, as many have pointed out in the past, games have too short a life-cycle to really work as open source. The engines fit the model, but the game as a whole really doesn't.
This isn't a slam on open source software. I prefer it in almost every arena, especially when I'm concerned about security. But we need to recognize that there are situations where it doesn't work. Closed software is not the same as slavery, folks: there are times when keeping the source hidden does work and is appropriate.
You're right. It serves no purpose to ignore one box. But at the same time, for both Linux and WinNT, the statement regarding the administrator holds true. What you want is to get an absolute NT security guru to configure one box, and a UNIX/Linux security guru for the other, hopefully equalizing that portion of the test.
It's more common for Linux users to notice the box has been cracked. Windows users who suffer BO and similar attacks may not realize that it was due to a network intrusion, and just chalk it up to the notorious unreliability of Windows. Additionally, the type of users who are "experimenting" with Linux are more likely to be interested in security (and doing things that could risk their machines!) than the average Windows user who just wants to surf the Web.
You should not believe that merely un-checking file&print sharing will secure a Windows machine. While the rules of the contest don't count DoS attacks (since that's not the purpose of this particular evaluation), for actual consideration that would have to be a factor. Additionally, remember that this isn't just putting a Win9x or even a WinNT-WS box on the net -- it's a web server, which comes with a whole different set of challenges. With more power comes more complexity. This is true of programming, networking, race car driving, and most things in life.
I agree with you: this should not be viewed as an "either/or" proposition, but as an ongoing process. That's the way the world works, and any test should try to reflect reality in a controlled way. IOW, control is just to take out variances by converting a variable into a constant.
OK, I'll correct you. They will release the source at a later date, thereby "complying" with your opinion (and that of many other Linux users).
Personally, I feel that even though open source is the way to go, it's Corel's business (quite literally) if they choose to keep it closed. It then becomes the users' choice whether or not we support their distribution. I don't really plan to ever use Corel, but if a company wants to keep its apps' source "close to the vest", I don't have a problem with that -- all software doesn't have to be open to be good.
Reason?
/.er. Including myself.
"News for Nerds. Stuff that Matters."
Now, while whether or not it matters is open to debate, it is definitely "news for nerds". As for whether it matters, given that a lot of the stories are for fun, I would submit that while it's not as important as an earthquake or school shooting, it's probably something of interest to the average
I gotta admit, I'm absolutely intrigued by this company refusing to hype its product. "Don't believe the hype!" Well, in this case, there isn't any. Everyone has their own ideas (although in all honesty there are some pretty good clues) and so what normally would be another ho-hum startup has got the entire techie world waiting with baited breath to find out what it is.
:)
'Course, we're not gonna find out in November, either. As Linus said, "The company has considered saying something at Comdex, or at least saying when we will announce something." (italics added - duh!)
That said, if there are any Transmeta employees out there, please torment Rob with the most vague, ambiguous comments to increase his pain!
Come on. This stuff goes on every day on commercial websites here by the k1dd13s. I'm personally relatively unconcerned about this insofar as it being a "cyberwar".
:)
I am concerned, however, about two neighboring nuclear powers involved in essentially a religious war. And things like this may only serve to incense the people more -- not something we want to see.
That's why this is a little more important than one Quake clan hacking another's website -- they typically don't have control over medium-range nuclear missiles.
BTW, did anyone else notice the severe pro-India slant? I personally have no real feelings for or against either government, but that writer sure seemed to favor India. Who actually believes that either one of these countries is somehow acting more 'mature' than the other?
...until John Vranvrroom figures out that Securify is really nothing but a bunch of pimple-faced intruders who are perpetrating massive breakins and distributing pornography, then provides his "evidence" to law enforcement and essentially libeling his competitors.
I'm glad to see Packet Storm back, but the thought of seeing another mudslinging attack by the AntiOnline Homies makes me cringe...
IPv6 (which, as the article pointed out, offers more than just a larger address space) won't achieve widespread acceptance until (strangely) it has widespread acceptance. In other words, nobody wants to move to a standard until everyone else is.
As I understand it, IPv6 devices can still handle IPv4. So what we really need is for a few of the real leaders to come out and boldly adopt IPv6. I hate to say this, but: Are you listening, Microsoft? IBM? Cisco? Transition your products and services to IPv6, and the world will follow.
Now if we can just get everybody to strongly encrypt ALL IPv6 traffic...
In case you didn't notice all the comments, it turned out to be user error by the /. admin posting the story (she posted it before she had finished editing it). /. is still in a "beta frame of mind", things happen. Bad things happening are often not the result of malice but rather of mistakes.
For immediate release
Microsoft, a large technology company based in Redmond, WA, today announced Independent2000, a new suite designed to objectively evaluate Microsoft products and corporate moves.
Steve Ballmer, president of Microsoft, stated, "We feel that it is in the best interests of our customers to do a truly objective self-analysis. This should prove to any and all critics that Microsoft is dedicated to improving competition in the marketplace."
The new program suite will monitor MSN.com, Microsoft.com, and other web sites for news about the technology giant and condense product reviews found there for a fair, unbiased comparison. The product will be hitting shelves with an estimated street price of around US$249.
I've never used *BSD extensively, but I respect it (I'm much more accustomed to both Linux and Solaris). And I'm glad to see an article espousing the benefits of *BSD over Linux (gasp! shock! horror!)
This is because the whole goal of Linux is choice, which having a viable *BSD option provides. One more good Unix OS is always a good thing.
So, fellow Linux users/admins, please don't flame the dude. Respect him as a colleague.
In response to the people who are upset about /. getting "anal" and the users needing to "get over themselves":
/.'ers. If Rob et al. have the time and desire to improve the system for us, great. If not, I'll live. I'll still read /., post when I can, and continue with my life when I can't. But for cryin' out loud, don't act like somebody stepped on your toes when the end result of all this can be totally turned off, or even selectively turned off, by anyone who so chooses.
:)
Look, I usually have neither the time nor inclination to read a bunch of "m1cr0s0ft sux" posts, nor "First!", nor posts that are nothing but flamebait. Sometimes I do, and I read the comments with my threshold set at -1. It's at 4 most of the time, but I still go to -1 when I can to get the flavor.
But I'm not being anal. This isn't about what I should or shouldn't read, though I do skip posts I find useless. This is about trying to filter the massive amounts of information that come my way every day. If you have the time and desire to read it all, have at it! I'm actually jealous, since Lord knows I would like to do so.
Sadly, I can't, and neither can a lot of other
There, I feel so much better now.
Which is good... choices, always we need more choices! :)
Seriously, can anyone explain the difference between the two distros, other than the fact that on RedHat you have to explicitly tell it to use KDE instead of GNOME?
Check out this article on installing Linux securely. It focuses on RH5.x, but can be applied to just about any distro.
The users do need to know that there is a root account, and know the password. They need to be educated at least to the extent not to stay logged in as root. Many NT users have been able to grasp this; Linux users should, too. And as someone already pointed out, otherwise there will be known default root passwords, which is a Bad Thing, Man (tm).
In reality, all distributions should come with the default configurations a bit more secure. Maybe not to the level of extreme paranoia, but to a reasonable degree. Let's be honest, we sysadmins aren't perfect (although we want our users to think so). It's possible that we could forget to configure something when installing a new system, or erroneously assume that some option is already set in a secure manner when in fact it's not.
This will have another, non-technical effect. Once the mainstream media picks up on such a distribution or effort, that's going to entice more users (and corporate managers) to consider it a viable desktop option. I'm all for users learning more about what they're doing, but I've met too many customers who asked me, "What's 'double-click' mean?" to believe that this could ever happen.
I'm right there with you. But in fact, many other techies/geeks/nerds/etc. need to realize that we're not all alike, either. I have a normal life, too -- at least to me. I watch football, am happily married, am involved with my family and congregation, listen to country music. OTOH, I majored in math, do network engineering & security, and spend much of my spare time upgrading my home LAN or reading technical books. The fact that I do those first things doesn't change the fact that I'm a techie.
Being geeky doesn't make you totally socially inept, it makes you different. While I don't doubt that some are mildly autistic, to conclude that most geeks are is to conclude that most geeks have no social skills. Marty McFly is not a stereotype that fits everyone, just like not all people who play sports (of which I am not one) are the typical jocks.
All that aside, I have to say that most of the really interesting people I know are geeks themselves. We tend to think before we speak, and be educated enough (formally or informally) to actually have something to say.