NeXTStep for sure and I believe also Darwin/Mac OS X (though I haven't seen their code since Rhapsody) operate by running a monolithic kernel atop a microkernel architecture, which does little but impair performance. It's always been a bad idea, it was a bad idea when MkLinux did it, and it's not getting to be any better idea because SCO (wrongly) asserts that they own ELF.
You are, unfortunately, really speaking out of ignorance here. The very structure of the kernel should change if executing atop a Mach (or any other) microkernel, since the microkernel provides services that should be offered directly to executing applications, rather than funneled through a monolithic kernel running on top of the microkernel. You should probably read up on the topic, if you really want to know. (I make no guarantees about that link; it's just what google popped up this morning.)
Uh. Are you familiar with what is involved with running under a Mach framework?
It means running, like MkLinux did, as a client process atop a Mach microkernel architecture. This is diametrically opposite to the way that the Linux kernel functions, which is largely because Linus (and many other people, myself included) thinks that microkernel architectures are a waste of resources in the real world (though they're certainly very pretty for OS research).
This would also destroy the usefulness of all the binary packages in distribution now, which would be a major financial blow that would quite probably put all of the commercial Linux vendors out of business.
Also, this wouldn't affect OpenBSD, since they still use a.out. (Hey, refusing to change finally paid off for Theo! Good going!)
Perhaps David Aucsmith would care to explain this then?
Though eEye (purposely) doesn't describe the vulnerabilities that they list there, it's been indicated (on mailing lists like Full-Disclosure) that several of them are being actively exploited.
The initial security advisories did include a "vendor response" section. Across the board that said "upgrade to 10.3", without any mention of a forthcoming patch for earlier releases.
That's the only thing that had Bugtraq up in arms: the lack of assurance that earlier versions would see a patch. And most of the people worried about that were worried because they want Apple to suceed as a Unix vendor, not because they want to see it crash and burn. (I don't know about the Slashdot comments, because I only read more than the highest rated couple of comments when I've got moderator points, but I'd guess that at least some of them were along the same lines.)
I don't know if it was merely a typographical oversight, or if Apple really didn't have any plans to release patches for earlier releases. In the first case they should have been more clear initially (and now they will), in the latter case they were making a huge mistake. I'm inclined to believe it's the former.
This isnot the first time that Apple's security PR has been less than impeccable. They've rebounded pretty well each time, and I haven't seen them make the same mistake twice.
It's only reasonable to expect them to get harshly criticized, especially with Mac OS X: they're jumping from a very soft, easy-going market (desktop publishing and education) into an insanely security-conscious market (Unix enterprise servers). They're actually doing quite well, but there are still more entrance pains to come. The security community is, to an extent, xenophobic, and certainly disinclined to believe that a vendor with a relatively small amount of experience in the market can be relied upon to do the right thing. So Apple has to prove themselves a bit. So far, they're doing pretty well. It doesn't matter if you make mistakes like this, as long as you admit to them, patch things up, and then don't keep making them (hey Microsoft, you listening here?).
And Apple really is doing a good job: I've seriously considered bringing Mac OS X (and the related hardware) in as a replacement for aging Sun hardware running Solaris. Sun seems to be falling apart, and (especially with the G5) Apple seems to be a reasonable replacement in the mid-range compute + high I/O line of work without the vendor/service problems you get from Linux (which isn't so hot on the I/O front, since it's hampered by the IA32 architecture's crappy I/O design... other architectures don't matter, because Red Hat doesn't support them commercially).
Whoever modded this up needs a does of reality, as edwdig has entirely missed the point of what he's quoting.
Storage is not addressed in a way that makes it particularly convenient to use base-2 units.
Yes it is. The smallest addressable unit of a hard disk is a sector - which is 512 bytes.
Who cares what the smallest addressable unit of a hard disk is?
The point is that, when you're addressing memory, you're doing it through a fix sized array stored in a very much base 2 variable. When you're addressing disk sectors, you're doing it through your operating system of choice's virtual file system interface which is a linked list of structs (or something functionally equivialent). There's no need for base 2 addressing even to address individual blocks from within an operating system (which is something that you almost never do anyway).
This layout is (imho) a bit more interesting.
SCOX falls off the deep end and IBM... stays right where they are?
Guess frivolous suits can lose you stock value, but not gain it for you.
1) I had a very common system (Inspiron 8000 which sold millions). I couldn't find a 5.0 configuration file which allowed me to use X (Nvidia driver incompatable). Even in the mid 1990s I could always get Linux X to run 640x480 on a machine.
What has the operating system to do with the XFree86 driver for your laptop? It's exactly the same code under FreeBSD as it is under Linux, provided you're using the same version of X.
Is your problem really which version of XF86 ships with FreeBSD 5?
2) Slight errors in syntax when using ports results in ports trying to compile everything. Good system which needs a better safety.
Without a bit more specification, I can't speak to that particularly well, especially since I'm speaking mostly from NetBSD pkgsrc experience, but if ports is still what it was the last time I looked, it's pretty similar to pkgsrc, and is essentially just a bunch of Makefiles. If you don't want to build things, don't use the source version. On NetBSD, that means "instead of doing a make in pkgsrc/<utility type>/<package name>, do pkg_add <package name>". I have to assume that the FreeBSD ports commands are functionally similar since they're approaching the same problem the same way...
3) The configuration system doesn't allow for small changes easily (like getting rid of an IP).
Again, without a bit more detail, I can't comprehend how this was a problem. Is it a complaint against (POSIX standard, where Linux's is not) ifconfig(8) syntax? Is it a complaint against/etc/ifconfig.* files (whoops, maybe that's NetBSD-specific... though/etc/ifconfig.* matches the functionality of Solaris's/etc/hostname.*)? Or is it a complaint about removing some non-standard addition to a configuration file on a specific system?
Linux now has: autohardware detection,
... if you're using Red Hat.
good drivers,
Oh, that must be why the BroadCom Tigon3 gigabit Ethernet chipsets in my Dell PowerEdge 2650s work so well. (The choices are: use BroadCom's closed-source bcm5700 driver, which is stable but runs at about one fifth the actual throughput you'd expect out of a gigabit ethernet connection, and, for bonus points, pads packets with random bits of kernel memory rather than 0s as it should; or use the community supported tg3 driver, which has really great performance, but will randomly, when under load for more than 24 hours, start passing only one in about one hundred packets.)
sample configs for virtually every system,
Aside from being a virtual impossibility, I doubt Linux provides much in the way of sample config files for, say, a Shark DNard. Or did you mean software system, not computer system?
lots and lots and lots of documentation.
... which is held to no particular standard and, especially on the web, varies from quite good to wrong-headed to flat out wrong, distinctions the beginner has no hope of making ("Gee, this guy's web page is pretty, his advice must be right!").
How is BSD "friendlier"?
Let's have a look at the comment to which your little flamefest here is intended to reply, shall we?
I have found FreeBSD more friendly than any of the so-called friendly linuxes out there.
I don't see any overall value judgement that any operating system is friendlier than any other there. It seems pretty clear that that is a personal opinion. That's what "I have found" means. Sheesh.
So we know we hate this guy and he'd never be our official representative, but who *is*?
Working from Perens's:
it does not appear that he has any engagement with Open Source projects and developers, or that he brought this matter up with representative organizations such as the Free Software Foundation, the Open Source Initiative, and Software in the Public Interest.
it would seem reasonable to say that anyone who's setting out to represent open source and Free software at large probably ought to be in touch with gnu@gnu.org, osi@opensource.org, and the individuals listed as members of the SPI board of directors here.
But generalizing your point is scary. The implication is that supporters of open source and Free software are effectively a mob that couldn't be represented by an individual (or even a small group of individuals), and that anyone who tries will be crucified for screwing up in whatever small way they did. I don't think that's happening here (software patents are one of those things that no human individuals could possibly like but that the corporate individual absolutely adores), but, depending on the results Perens's article, it sets a disturbing standard that stepping out of the (very much unclear ) Party Line enough that some respected member of the Community points out how you stepped out is enough to kill any notoriety and usefulness you may have had politically. It's a good way for the Movement to self-destruct.
The way around this amorphous mob problem, of course, is to have clearly-defined Leaders, which is what groups like the EFF and OSI are ostensibly trying to do, but they don't seem to be doing a wonderful job of it if/. editors refuse to state an opinion on the point and/. posters have to ask the question you did.
Since we're enumerating, the circuit destruction sound is all over the place (many major motion pictures, can't think of a particular example off the top of my head).
The Marthon's Story site has a page that covers this topic (I think; there's a lot there and I haven't reread all of it just now).
For showing that a game can have a more complex plot than "There are 5 billion demons trying to kill you". There's more going on in those games than a lot of novels.
Ditto, with two additional points.
First, the one-player missions successfully produce a sci-fi feeling, like that in a (cinematographically good, not necessarily overall good) sci-fi movie (Aliens, 2001, The Matrix). This isn't through imitation of special effects, it's through a whole variety of stimulus that affects the mood (layout of maps, background music, what's actually on the screen, the apparent--though obviously lacking once you get to know the game--intelligence of enemies).
Second, the multi-player combat carried balanced weapons I've only seen replicated in the original Unreal (UT and beyond threw the balance way out of whack, much to the detriment of actual fun for all those playing the game) and maybe in Bungie's own Halo (haven't played it networked much; it's a touch more difficult to scrape together multiple Xboxes than it is multiple Macs). Halo's pretty good on the "I'm really in a sci-fi movie" front too. Too bad it falls flat on its face on your original (and, for many people, more important point). Not because it doesn't try, but because it's so obviously trying, rather than just doing.
this is funny AND true. ever stepped into the huge conglomerate music stores of late? same music they were selling last year, just with different band names, and song titles......
The state of music today would certainly allow Indy to take over, just because of creativity alone.
Um, you sure?
Do you think the megastores would keep selling the same thing as last year with a fresh coat of varnish if it weren't, you know, selling?
Are you sure this crap isn't exactly what the market wants, even if it's not what you and I want? That creativity doesn't actually make sales in the music biz?
Because it sure looks that way to me...
(Consider not just music stores, but also just what it was actually possible to find on Napster, for instance. Creative, new, indy music? Not really. The latest Eminem & Britney Spears collaboration piece? For sure!)
1) Most of these "home servers" don't have a PTR record at all.
Mine does:
99.234.92.66.IN-ADDR.ARPA domain name pointer uriel.eclipsed.net
2) Those that do, almost NEVER have one pointing to the domain they claim to be recieving for.
Ditto:
eclipsed.net mail is handled (pri=100) by mail.eclipsed.net
3) All these residential users should be using their ISP as a relay. That's what the ISP is there for.
Really? You think Speakeasywants me hammering my (fairly large) number of outgoing emails through their SMTP server on a daily basis, when I can use my local, securely-configured Postfix server instead and save them some processor cycles? Are you sure?
4) Since there's no reason for them to need to send it out *not* through the ISP as a relay host, the majority of these users are spammers or just ignorant. In the first case, it's good to block them. In the second, maybe they will get a clue.
Well, at the least, there's no reason for me not to send mail using my own SMTP server, and it sure makes things easier for other people (like, say, my girlfriend, who can use her college campus's SMTP server to send email... to addresses in their domain and no others unless she's at an on-campus IP address, which our apartment is certainly not; whereas since she can use TLS to authenticate to my SMTP server, I can always relay for her system, no matter whose network it's in).
There are very legitimate reasons for maintaining your own SMTP server. The problem is with the people who do so without understanding how to do so correctly (and they're just as ignorant of the RFCs as AOL is showing themselves to be).
reading it I got the feeling you do when somewhere just republishes a press release.
Well, being as Jay's responsible for writing at least some of Wasabi's press releases, that makes sense.:^>
As for the/. interview... it'd be sort of be mindless evangelism on my part. I use NetBSD on all of my own computers, interned with Wasabi for a summer during college, know those people I mentioned (some even personally), and take active part in the NetBSD mailing lists. I certainly don't have questions that I can't get answered on my own time.
So you're using 0.90rc2 and I'm using 0.90rc14, and this particular feature was added in between. No shocker. Your complaint about the missing feature should go to the Debian package maintainer (who, one presumes, will eventually be upgrading to 0.90 when it's through its release candidate cycle).
(The "nb1" on my mplayer package version implies that there were some significant patches made in the NetBSD package for purposes other than localization that aren't in the distribution; that's either backporting from a new version of the distribution that the package maintainer didn't want to upgrade to for other reasons or local changes that the package maintainer anticipates will be accepted by the distribution, but are really necessary on NetBSD to make things work right. My guess is that it's the latter and that it has to do with the growing pains pthreads is experiencing right now under NetBSD-current.
The "2.95.4" hanging off the end of your package version smells like a gcc version identification, or maybe a glibc one. I'm not too familiar with the semantics of Debian package version numbering though, so that's just a guess.)
Slashdot Mirror
I fear you've got me confused with someone else. (My name is not, nor have I ever been called, "Gray".)
Haha. Touché.
NeXTStep for sure and I believe also Darwin/Mac OS X (though I haven't seen their code since Rhapsody) operate by running a monolithic kernel atop a microkernel architecture, which does little but impair performance. It's always been a bad idea, it was a bad idea when MkLinux did it, and it's not getting to be any better idea because SCO (wrongly) asserts that they own ELF.
You are, unfortunately, really speaking out of ignorance here. The very structure of the kernel should change if executing atop a Mach (or any other) microkernel, since the microkernel provides services that should be offered directly to executing applications, rather than funneled through a monolithic kernel running on top of the microkernel. You should probably read up on the topic, if you really want to know. (I make no guarantees about that link; it's just what google popped up this morning.)
I've been informed that OpenBSD in fact does use ELF now. Oh well, so much for that.
Uh. Are you familiar with what is involved with running under a Mach framework?
It means running, like MkLinux did, as a client process atop a Mach microkernel architecture. This is diametrically opposite to the way that the Linux kernel functions, which is largely because Linus (and many other people, myself included) thinks that microkernel architectures are a waste of resources in the real world (though they're certainly very pretty for OS research).
This would also destroy the usefulness of all the binary packages in distribution now, which would be a major financial blow that would quite probably put all of the commercial Linux vendors out of business.
Also, this wouldn't affect OpenBSD, since they still use a.out. (Hey, refusing to change finally paid off for Theo! Good going!)
... with the intention of "growing" the economy, no doubt.
It popped up randomly based on a randomly set cookie. You could also switch it on manually in preferences for maybe about a month now.
Perhaps David Aucsmith would care to explain this then? Though eEye (purposely) doesn't describe the vulnerabilities that they list there, it's been indicated (on mailing lists like Full-Disclosure) that several of them are being actively exploited.
I transfer music to my Karma through the Java client running under Linux syscall emulation on NetBSD. So, yes.
That's okay.
I'm pretty sure they don't like you either, based on what they were saying on IRC about the music requests at the FBSD party...
The initial security advisories did include a "vendor response" section. Across the board that said "upgrade to 10.3", without any mention of a forthcoming patch for earlier releases.
That's the only thing that had Bugtraq up in arms: the lack of assurance that earlier versions would see a patch. And most of the people worried about that were worried because they want Apple to suceed as a Unix vendor, not because they want to see it crash and burn. (I don't know about the Slashdot comments, because I only read more than the highest rated couple of comments when I've got moderator points, but I'd guess that at least some of them were along the same lines.)
I don't know if it was merely a typographical oversight, or if Apple really didn't have any plans to release patches for earlier releases. In the first case they should have been more clear initially (and now they will), in the latter case they were making a huge mistake. I'm inclined to believe it's the former.
This is not the first time that Apple's security PR has been less than impeccable. They've rebounded pretty well each time, and I haven't seen them make the same mistake twice.
It's only reasonable to expect them to get harshly criticized, especially with Mac OS X: they're jumping from a very soft, easy-going market (desktop publishing and education) into an insanely security-conscious market (Unix enterprise servers). They're actually doing quite well, but there are still more entrance pains to come. The security community is, to an extent, xenophobic, and certainly disinclined to believe that a vendor with a relatively small amount of experience in the market can be relied upon to do the right thing. So Apple has to prove themselves a bit. So far, they're doing pretty well. It doesn't matter if you make mistakes like this, as long as you admit to them, patch things up, and then don't keep making them (hey Microsoft, you listening here?).
And Apple really is doing a good job: I've seriously considered bringing Mac OS X (and the related hardware) in as a replacement for aging Sun hardware running Solaris. Sun seems to be falling apart, and (especially with the G5) Apple seems to be a reasonable replacement in the mid-range compute + high I/O line of work without the vendor/service problems you get from Linux (which isn't so hot on the I/O front, since it's hampered by the IA32 architecture's crappy I/O design... other architectures don't matter, because Red Hat doesn't support them commercially).
- buggy
- insecure
- its maintainers evidently lack either the will or the ability to fix it
with regard to BIND 9.Whether or not 9's over-complicated is entirely a judgement call, and not really a metric worthy of objective discussion.
Who cares what the smallest addressable unit of a hard disk is?
The point is that, when you're addressing memory, you're doing it through a fix sized array stored in a very much base 2 variable. When you're addressing disk sectors, you're doing it through your operating system of choice's virtual file system interface which is a linked list of structs (or something functionally equivialent). There's no need for base 2 addressing even to address individual blocks from within an operating system (which is something that you almost never do anyway).
This layout is (imho) a bit more interesting. SCOX falls off the deep end and IBM... stays right where they are? Guess frivolous suits can lose you stock value, but not gain it for you.
Is your problem really which version of XF86 ships with FreeBSD 5? Without a bit more specification, I can't speak to that particularly well, especially since I'm speaking mostly from NetBSD pkgsrc experience, but if ports is still what it was the last time I looked, it's pretty similar to pkgsrc, and is essentially just a bunch of Makefiles. If you don't want to build things, don't use the source version. On NetBSD, that means "instead of doing a make in pkgsrc/<utility type>/<package name>, do pkg_add <package name>". I have to assume that the FreeBSD ports commands are functionally similar since they're approaching the same problem the same way... Again, without a bit more detail, I can't comprehend how this was a problem. Is it a complaint against (POSIX standard, where Linux's is not) ifconfig(8) syntax? Is it a complaint against
But generalizing your point is scary. The implication is that supporters of open source and Free software are effectively a mob that couldn't be represented by an individual (or even a small group of individuals), and that anyone who tries will be crucified for screwing up in whatever small way they did. I don't think that's happening here (software patents are one of those things that no human individuals could possibly like but that the corporate individual absolutely adores), but, depending on the results Perens's article, it sets a disturbing standard that stepping out of the (very much unclear ) Party Line enough that some respected member of the Community points out how you stepped out is enough to kill any notoriety and usefulness you may have had politically. It's a good way for the Movement to self-destruct.
The way around this amorphous mob problem, of course, is to have clearly-defined Leaders, which is what groups like the EFF and OSI are ostensibly trying to do, but they don't seem to be doing a wonderful job of it if
Since we're enumerating, the circuit destruction sound is all over the place (many major motion pictures, can't think of a particular example off the top of my head).
The Marthon's Story site has a page that covers this topic (I think; there's a lot there and I haven't reread all of it just now).
First, the one-player missions successfully produce a sci-fi feeling, like that in a (cinematographically good, not necessarily overall good) sci-fi movie (Aliens, 2001, The Matrix). This isn't through imitation of special effects, it's through a whole variety of stimulus that affects the mood (layout of maps, background music, what's actually on the screen, the apparent--though obviously lacking once you get to know the game--intelligence of enemies).
Second, the multi-player combat carried balanced weapons I've only seen replicated in the original Unreal (UT and beyond threw the balance way out of whack, much to the detriment of actual fun for all those playing the game) and maybe in Bungie's own Halo (haven't played it networked much; it's a touch more difficult to scrape together multiple Xboxes than it is multiple Macs). Halo's pretty good on the "I'm really in a sci-fi movie" front too. Too bad it falls flat on its face on your original (and, for many people, more important point). Not because it doesn't try, but because it's so obviously trying, rather than just doing.
Do you think the megastores would keep selling the same thing as last year with a fresh coat of varnish if it weren't, you know, selling?
Are you sure this crap isn't exactly what the market wants, even if it's not what you and I want? That creativity doesn't actually make sales in the music biz?
Because it sure looks that way to me...
(Consider not just music stores, but also just what it was actually possible to find on Napster, for instance. Creative, new, indy music? Not really. The latest Eminem & Britney Spears collaboration piece? For sure!)
99.234.92.66.IN-ADDR.ARPA domain name pointer uriel.eclipsed.net
Ditto:
eclipsed.net mail is handled (pri=100) by mail.eclipsed.net
Really? You think Speakeasy wants me hammering my (fairly large) number of outgoing emails through their SMTP server on a daily basis, when I can use my local, securely-configured Postfix server instead and save them some processor cycles? Are you sure?
Well, at the least, there's no reason for me not to send mail using my own SMTP server, and it sure makes things easier for other people (like, say, my girlfriend, who can use her college campus's SMTP server to send email... to addresses in their domain and no others unless she's at an on-campus IP address, which our apartment is certainly not; whereas since she can use TLS to authenticate to my SMTP server, I can always relay for her system, no matter whose network it's in).
There are very legitimate reasons for maintaining your own SMTP server. The problem is with the people who do so without understanding how to do so correctly (and they're just as ignorant of the RFCs as AOL is showing themselves to be).
As for the
Hrm.
:^>
Well, then NetBSD's versioning out of pkgsrc is totally whacked.
I don't have to supply a command line flag to get the behavior you describe. Go fig.
So you're using 0.90rc2 and I'm using 0.90rc14, and this particular feature was added in between. No shocker. Your complaint about the missing feature should go to the Debian package maintainer (who, one presumes, will eventually be upgrading to 0.90 when it's through its release candidate cycle).
(The "nb1" on my mplayer package version implies that there were some significant patches made in the NetBSD package for purposes other than localization that aren't in the distribution; that's either backporting from a new version of the distribution that the package maintainer didn't want to upgrade to for other reasons or local changes that the package maintainer anticipates will be accepted by the distribution, but are really necessary on NetBSD to make things work right. My guess is that it's the latter and that it has to do with the growing pains pthreads is experiencing right now under NetBSD-current.
The "2.95.4" hanging off the end of your package version smells like a gcc version identification, or maybe a glibc one. I'm not too familiar with the semantics of Debian package version numbering though, so that's just a guess.)