Debian installs require a few too many floppies for my likeing. Where "too many" is more then one. Hence I make bootable CDs with drivers.tgz and basedebs.tgz. I would prefer if Debian.org supplied a minimal boot cd so that it would be tested with the rest of the installer. (However I am not willing to become the maintainer so I can't complain.)
OpenBSD does have one of the best installers going.
A general concensus seems to be that your first OpenBSD install will be a throw away. Your second will be good, Your 3rd and nth (n>=4) will be painless.
The best part about the OpenBSD installer is that a default install has everything that should be part of a Unix install and nothing more. The rest can be added painlessly from binary packages, source packages (ports), or compiled and installed by hand. (The worst part is disklabel.)
I have written this before: If you are a unix sysadmin make the time and learn how to install OpenBSD. It is not hard, and it will help you proffesionally. Even if you can't use OpenBSD officially. A quick OpenBSD install may be exactly what you need to tftp the backups to the primary database server that crashed hard 15 minutes before running the payroll. I am sure you can think of other, more mundane, issues that a quick Unix install can help solve.
not really. You can certify a brick to EAL7. You just have to be choosey about the features you certify. This is the core of CC and the biggest misunderstanding. A rating of EAL4 is meaningless without understanding what was tested. The whole program was not tested and does not need to be for the CC certification.
Under the CC program a vendor supplies the security target to the customer. The customer matches that target against the customer's own target (requirements).
That is what has happened with win2k. MS set out a list of features which were certified to EAL4. The CC is very objective, testing only things which are specified. The number of bugs is irrelevant. The history or poorly written code is irrelevant. These were not features specified in the CC security target for Win2k.
CC does not require "oodles of timestamps, everywhere." Timestamps are only required if certain parts of audit are included in the security target. Although as auditing is a current marketing check box item, audit is usually included in the CC certification.
I don't really understand just how he can justify recommending that others use it.
Linus has answered this question several times: Bitkeeper works. No opensource project aproaches the functionality of Bitkeeper. Remember that Linus cares more about functional software then open source software. Opensource software is just a means to an ends.
At the time I could not find the word in a dictionary. I agree it seems valid. However as you may have guessed English is not my strong point. The [sic] was on me. As in: "This word might not exists, but I am going to use it anyway. My english teacher be damned!"
Cost is always part of the doability [sic]. When designing a secure system part of the equation is how hard it would be to crack the system. It is possible to brute force RSA, but that does not make RSA any less secure. The same concept applies here. If it would cost more to crack the system then it would to buy an insider, then the system is, for most purposes, secure.
You can't protect anything that user has physical access to
I think that the designers of the IBM 4758 cryptographic coprocessors might disagree. The IBM4732 is supposed to be tampre proof.
Ofcourse if you were to say that you can't protect anything that users have access to at a reasonable price. Then you would be correct. You would also be correct to say that security is hard and must be integrated into the system from the first design stages and not hacked on later.
I like gentoo. I am using it right now. The ports system has some advantages. Being able to apply your own patches and still have the software integreate nicely with the rest of the distro is nice. Compiling with better optimizations can't hurt. Gentoo is usually on the cutting edge in terms of features.
There are some rough spots. There are broken ports in 1.2. Emerge is tediously slow. The ports systems found in FreeBSD and OpenBSD are much better. But Gentoo should catch up as it matures.
The init files are stupid half perl. It looks like a sysV init. It should be a sysV init with real shell scripts. I can understand why the developers would want to do something different. But then they should have made the init system different.
The init system is part of a larger problem. The developers seem to change some little things for changes sake. Unfortunately I can't think of an example off hand. This should tell you that most of the changes are minor. However there have been times when a config file or command didn't behave the way one would expect.
The stupid._cfg000 prefix! Those files are a pain in the ass to work with! Why not a._cfg0000 postfix??
I will give 1.4 a whirl when it comes out. There are enough little bugs with 1.2 that it is time for an upgrade anyway. If Gentoo 1.4 has worked out most the rough edges I will stick with Gentoo.
I've always considered myself part of the "Generation X" generation, but... according to this I'm not.
If you feel you are Gen X then you probably are. I have always had a problem with hard and fast dates on Gen X. It varies from region to region. In some places Gen X didn't happen. The underlying theme to Gen X is living in the shadow of you parents, and, in some cases, your older siblings. This is not strickly an economic shadow it is a cultural shadow as well. From yet another 'nostalgia' show on tv, to finding a decent music station on the radio, there is a lack of gen X culture in the media.
Re:OT: VPNs
on
Wartrapping?
·
· Score: 2, Informative
This method was used in parts of Ontario (Canada) with mixed results. IIRC some of the scanners failed, and there were issues with user education. As the process was different some voters were not clear how to properly handle their ballots. This is understanable. Unfortunately some polling station workers didn't quite know how to handle the ballots or machines either. Overall I think that it was a good first run of the system and hope to see such a system used in the future.
The paper scanned ballot is by far my favourite form of electronic voting. It has the advantage of very quick vote couting, and a nice solid audit trail for recounts.
Entrust tried and failed to sell PKI to any one. Until 2000 PKI was Entrust's primary (only) focus. Unfortunately PKI is a solution looking for a problem. There are other problems as well. (Link curtosey of the July 15 2002 Cryptogram)
It is too bad really. Where PKI works, it works well. MS's Passport and Sun's thing are really PKIs waiting to happen.
A year off is going to cost you in the future. There is no doubt about this. Read the other posts. But if there is somehting that you really need to do. Something that is going to take more then a couple of months. Now is the time to do it. You will not have the opportunity to take a year off after uni. You will need to be working or finding work then. Taking a year off durring university could work, but it most cases I have seen people don't return. So if you have a plan that is going to last a year. Now is the time to do it.
You need a plan. Remember that a year off is going to cost you. If you don't have a solid plan then you are going to waste your time off. In years to come you will regret it. Bumming around Europe is not a plan. Learning Spanish in Spain is a plan. Your plan can be all travel. This is fine as long as you plan it.
If your plan does not require a whole year then don't take the year off. It is not hard to take a month off in the summer to travel. Unless you have to work, there are four months you can take. Even if you have to work you can grab 3 or four weeks at the end of summer by leaving work a little early, and skipping the first week of class. (Skipping a week of class is recommended for professional students only.)
You don't have to decide now. The decision can wait almost until the day you start classes at university. As several posters have written many or most universities will allow you to deferr you admission for a year or more. What ever you do you must apply for university as if you were not going to take a year off. It is much harder to aplly for university if you are not in high school. Once you have been accepted, then ask for a deferral. One of the universities will grant it to you.
A year off between high school and university is an opportunity to do something really increndible. Most people won't have such an opportunity after university. A year off does come at a cost. Unless you make your year off really worth while then you will waste it for nothing. Remember that you will always have the opportunity to take a few months off in the summer between classes and travel.
Slashdot Mirror
This is what I *love* about OpenBSD: One OpenBSD user blasting another user for supporting OpenBSD, but mentioning some of the rough spots.
For the record: I am a big fan of OpenBSD.
OpenBSD is missing a stable Mozilla. For many workstations users this is a problem.
Debian installs require a few too many floppies for my likeing. Where "too many" is more then one. Hence I make bootable CDs with drivers.tgz and basedebs.tgz. I would prefer if Debian.org supplied a minimal boot cd so that it would be tested with the rest of the installer. (However I am not willing to become the maintainer so I can't complain.)
OpenBSD does have one of the best installers going.
A general concensus seems to be that your first OpenBSD install will be a throw away. Your second will be good, Your 3rd and nth (n>=4) will be painless.
The best part about the OpenBSD installer is that a default install has everything that should be part of a Unix install and nothing more. The rest can be added painlessly from binary packages, source packages (ports), or compiled and installed by hand. (The worst part is disklabel.)
I have written this before: If you are a unix sysadmin make the time and learn how to install OpenBSD. It is not hard, and it will help you proffesionally. Even if you can't use OpenBSD officially. A quick OpenBSD install may be exactly what you need to tftp the backups to the primary database server that crashed hard 15 minutes before running the payroll. I am sure you can think of other, more mundane, issues that a quick Unix install can help solve.
This brings EAL4 into dis-repute.
not really. You can certify a brick to EAL7. You just have to be choosey about the features you certify. This is the core of CC and the biggest misunderstanding. A rating of EAL4 is meaningless without understanding what was tested. The whole program was not tested and does not need to be for the CC certification.
Under the CC program a vendor supplies the security target to the customer. The customer matches that target against the customer's own target (requirements).
That is what has happened with win2k. MS set out a list of features which were certified to EAL4. The CC is very objective, testing only things which are specified. The number of bugs is irrelevant. The history or poorly written code is irrelevant. These were not features specified in the CC security target for Win2k.
CC does not require "oodles of timestamps, everywhere." Timestamps are only required if certain parts of audit are included in the security target. Although as auditing is a current marketing check box item, audit is usually included in the CC certification.
I don't really understand just how he can justify recommending that others use it.
Linus has answered this question several times: Bitkeeper works. No opensource project aproaches the functionality of Bitkeeper. Remember that Linus cares more about functional software then open source software. Opensource software is just a means to an ends.
At the time I could not find the word in a dictionary. I agree it seems valid. However as you may have guessed English is not my strong point. The [sic] was on me. As in: "This word might not exists, but I am going to use it anyway. My english teacher be damned!"
It just means it is secure as practicable.
This is all security has ever meant. Whether it be computers or bank vaults.
What they needed is a...
What they needed was a market. This seems to be a hard lesson for many technical people to understand.
just some times seems easier to buy a coke than find drinkable water
In North America it is often easier and cheaper to buy a bottle of Coke then a bottle of water. I think this is a sad statement of our society.
Don't European banks issue cheques?
Very expensive process, but doable.
Cost is always part of the doability [sic]. When designing a secure system part of the equation is how hard it would be to crack the system. It is possible to brute force RSA, but that does not make RSA any less secure. The same concept applies here. If it would cost more to crack the system then it would to buy an insider, then the system is, for most purposes, secure.
You can't protect anything that user has physical access to
I think that the designers of the IBM 4758 cryptographic coprocessors might disagree. The IBM4732 is supposed to be tampre proof.
Ofcourse if you were to say that you can't protect anything that users have access to at a reasonable price. Then you would be correct. You would also be correct to say that security is hard and must be integrated into the system from the first design stages and not hacked on later.
So call the contiuency office of your choice and ask for a lift. You don't even have to vote for the party that drove you there!
I like gentoo. I am using it right now. The ports system has some advantages. Being able to apply your own patches and still have the software integreate nicely with the rest of the distro is nice. Compiling with better optimizations can't hurt. Gentoo is usually on the cutting edge in terms of features.
._cfg000 prefix! Those files are a pain in the ass to work with! Why not a ._cfg0000 postfix??
There are some rough spots. There are broken ports in 1.2. Emerge is tediously slow. The ports systems found in FreeBSD and OpenBSD are much better. But Gentoo should catch up as it matures.
The init files are stupid half perl. It looks like a sysV init. It should be a sysV init with real shell scripts. I can understand why the developers would want to do something different. But then they should have made the init system different.
The init system is part of a larger problem. The developers seem to change some little things for changes sake. Unfortunately I can't think of an example off hand. This should tell you that most of the changes are minor. However there have been times when a config file or command didn't behave the way one would expect.
The stupid
I will give 1.4 a whirl when it comes out. There are enough little bugs with 1.2 that it is time for an upgrade anyway. If Gentoo 1.4 has worked out most the rough edges I will stick with Gentoo.
I've always considered myself part of the "Generation X" generation, but... according to this I'm not.
If you feel you are Gen X then you probably are. I have always had a problem with hard and fast dates on Gen X. It varies from region to region. In some places Gen X didn't happen. The underlying theme to Gen X is living in the shadow of you parents, and, in some cases, your older siblings. This is not strickly an economic shadow it is a cultural shadow as well. From yet another 'nostalgia' show on tv, to finding a decent music station on the radio, there is a lack of gen X culture in the media.
Linux: FreeSwan
OpenBSD: builtin (read FAQ)
Windows: PgPNet seems to work
you yanks
:-)
Watch the insults. I am a canuck
This method was used in parts of Ontario (Canada) with mixed results. IIRC some of the scanners failed, and there were issues with user education. As the process was different some voters were not clear how to properly handle their ballots. This is understanable. Unfortunately some polling station workers didn't quite know how to handle the ballots or machines either. Overall I think that it was a good first run of the system and hope to see such a system used in the future.
The paper scanned ballot is by far my favourite form of electronic voting. It has the advantage of very quick vote couting, and a nice solid audit trail for recounts.
/. really needs a punny rating. I'm just not sure if it should be +1 or -5.
Theft.
1 tonne is 10% larger then 1 ton.
Entrust tried and failed to sell PKI to any one. Until 2000 PKI was Entrust's primary (only) focus. Unfortunately PKI is a solution looking for a problem. There are other problems as well. (Link curtosey of the July 15 2002 Cryptogram)
It is too bad really. Where PKI works, it works well. MS's Passport and Sun's thing are really PKIs waiting to happen.
The 'old' SunOS was a BSD system true to the BSD name. I doubt there is a Sun admin out there that didn't hate the change from BSD to SysV.
A year off is going to cost you in the future. There is no doubt about this. Read the other posts. But if there is somehting that you really need to do. Something that is going to take more then a couple of months. Now is the time to do it. You will not have the opportunity to take a year off after uni. You will need to be working or finding work then. Taking a year off durring university could work, but it most cases I have seen people don't return. So if you have a plan that is going to last a year. Now is the time to do it.
You need a plan. Remember that a year off is going to cost you. If you don't have a solid plan then you are going to waste your time off. In years to come you will regret it. Bumming around Europe is not a plan. Learning Spanish in Spain is a plan. Your plan can be all travel. This is fine as long as you plan it.
If your plan does not require a whole year then don't take the year off. It is not hard to take a month off in the summer to travel. Unless you have to work, there are four months you can take. Even if you have to work you can grab 3 or four weeks at the end of summer by leaving work a little early, and skipping the first week of class. (Skipping a week of class is recommended for professional students only.)
You don't have to decide now. The decision can wait almost until the day you start classes at university. As several posters have written many or most universities will allow you to deferr you admission for a year or more. What ever you do you must apply for university as if you were not going to take a year off. It is much harder to aplly for university if you are not in high school. Once you have been accepted, then ask for a deferral. One of the universities will grant it to you.
A year off between high school and university is an opportunity to do something really increndible. Most people won't have such an opportunity after university. A year off does come at a cost. Unless you make your year off really worth while then you will waste it for nothing. Remember that you will always have the opportunity to take a few months off in the summer between classes and travel.