Actually, it's the GPL with a specific clause changed, and a clear definition of what is a "derivative work". The COPYING file in the linux tarballs all say essentially, "using standard operating system calls isn't linking", and that the upgrade of the GPL from the version it was originally written under to the new one is not allowed.
As far as I know, every part of the stock Linux kernel includes source, it's the source distribution. I think a handful of binary firmware's (like Adaptec SCSI cards), have some binary crapola in them.
Specifically it is different then the standard General Public License as published by the good folks at the FSF.
I've always used rsync, and just sucked the files down. I've found that SSH is considerable slower then FTP or RSYNC on 100Mbit/sec. Granted that was on a dual processor PIII-700 Xeon (both to and from). I used that stock redhat cipher, and then switched to blowfish, while that helped, it still sucked. There are a few interesting tidbits mentioned in the threading about it could possibly be OpenSSH buffering, and flow control that is causing issues.
I pegged the box about about 60-80% CPU utilization also, which was more then a minor nusince when I was using it to transfer backup copies of my 120GB production database.
I'm assuming your intentionally posting mis-information. Linus has never been willing to work for a Linux distributor. Right now, he is on a leave of absence from Transmeta, and working for the an industry consortium. The name escapes me at the moment. Ahh, a bit of googling turns up he left for OSDL (Open Source Development Lab?). He announced that on the Jun 17th of this year.
Uhhh, if you had liquid helium, that means you'd be sucking off a lot of heat, which means lots of heat is generated, which means lots of energy was put into the system. Which means it used more then
3Watts.
More likely, it only uses 3W while in the low power mode, making no calculations or some such...:-)
I'm going to be an ass now, you can stop reading if you'd like:
I've read the GPL, the LGPL, and the COPYING file of the Linux source carefully before. It's pretty clear you've never bothered to read the one for Linux.
Follow the instructions in my message. Specifically, read the message in COPYING from the linux source tree. You would then see a program that says only v2.
From the/usr/src/linux/COPYING, second paragraph:
Also note that the only valid version of the GPL as far as the kernel
is concerned is _this_ particular version of the license (ie v2, not
v2.2 or v3.x or whatever), unless explicitly otherwise stated.
Yeah, Microsoft would never venture into hardware, making say a sound card (Ancient Microsoft Sound cards exist), joysticks (they've made a ton of these, the original sidewinder being one of the better ones), network equipment (I see Microsoft branded wireless equipment at CompUSA all the time), a PVR (Ultimate TV or replayTV is their stuff), or a home console (The multi-billion dollar investment into the XBox is a sign they really, really, really want into hardware). Nope, MS would have nothing to do with hardware, given that they predict that the XBox is where they plan the bulk of their future growth. I remember reading about a "Microsoft PC", at one point they actually made a real honest to goodness PC, if I remember correctly, it was short lived and a long time ago.
Microsoft does software, because it has the highest margin. It pretty much has one time manufacturing costs (writting the original software), and then selling it. Then you charge for upgrades, fixes, and support. They damn near created the shrinkwrap software market, and it was a stroke of genious from a money making aspect.
Microsoft however, would like to get into the hardware market. It will give them more control over the environment, and the experience of the user. It will allow them to make better products, that have tighter integration, and are more reliable. Oh, and they will be able to extract more money out of our pockets. (Sound like the run down on Apple's Business plan?)
Oh, and Microsoft makes the best damn keyboards and mice in my opinion.
Actually, Linux as a specific instance, couldn't be re-released under the GPL v3 automatically. Read the code in the the COPYING file in the linux source code. It specifically states that it is under GPL version 2, and only version 2 unless otherwise specifically stated.
Until they could identify all the original copyright holders, and get them to sign off on version 3 of the GPL they would unable to release the software under it. It would mean large sections of the Linux kernel (mainly drivers) would have to be re-written. As far as I know several very important things like ext2 were written by people who fell off the face of the planet. People have been looking for Remy Card for a long time, he was the original author of most of the ext2 filesystem. Maybe he turned up, but last I knew he was still MIA.
Linus Torvalds intentionally doesn't hold all of the original copyright. He doesn't want to be seen as someone who could be co-opted into "stealing" Linux. If he held all of the original copyright. He could literally sell it to the highest bidder under any licensing agreement they want (the FSF could do the same with Emacs or GCC). Linus could sell the copyright to IBM or Microsoft for a big wad of sweaty money if he so chose under those conditions. To build trust with everyone, he decided that that everybody who wrote some retaining their copyright gave everyone a legal hold on the Linux. That build up a lot of trust. However, it is an anchor when it comes to relicening the Linux kernel.
Mozilla had similar problems when they went to a tri-license, so clearly it can be done. However, there are still parts of Mozilla that haven't been relicensed.
Computers don't need to lie, or bluff. This isn't a game of chance. It's a deterministic game, that involves no chance. If you make a foolish move, you won't confuse the computer. The computer will make the best counter it can find, and proceed to crush you.
Intimidation, and bluffing work against other humans, but it'd never work against a computer. That's like saying you'll trick an omnicient being by doing something they won't expect you to. If they are omnicient, they KNOW what you are doing. Computers a pretty close to being omnisient at the game of chess.
This isn't about playing poker where you know something your opposing player doesn't. It's a full knowledge, deterministic two player game. Game trees, alpha/beta pruning, and configuration ranking are what it's all about.
The only reason a computer can't just crush a human every single time they play, is that humans teach the computer how to rank configuration of the board. There is known single "perfect" algorithm to do that (it's not like doing sorting strings). The greatest of the grandmasters are better then the best programs can currently do. It might be that tweaking the configuration ranking will always expose a different weakness of the computer, and the humans just have to find it. It might be at some point, the computers ability to figure out which of two similiar board configuration has a larger advantage will exceed any humans ability to intuitiely see it.
In theory, there is nothing to stop computer from just pre-computing every possibility of every single game, and do the perfect move every single time. Nothing, except that it's estimated that there are more board configurations then there are atoms in the Universe. If you want to see what I mean, play a computer at Tic-Tac-Toe. I can easily write a program you'll never, ever beat no matter how much you bluff, or do something unexpected. The only difference between Tic-Tac-Toe and chess is that Chess is a much harder game to rank the various positions, and it's a much larger search space.
Finally, your assertion that computers cannot lie, and cannot bluff is absolutely blantantly wrong. Computers can do anything you can program them to do. I could easily write a program that estimates it has a very good chance of losing, and teach it to bet in exactly the same way it would if it had a Royal Flush in poker. If I thought that would intimidate you into folding. However, that is then taking into consideration things outside of the statistically predictable. I'd have to model the specific player I was playing, and how well they understood the program to correctly setup the game theory matrix to maximize my chances of winning. It'd be very difficult to do, but it could be done.
In my experience, there are 3 critical things to do:
1. Download all of the documentation locally, especially for all networking equipment. Keep all patches/firmware upgrades locally so that in the event of a failure you have everything you need onsite to solve the problem. I once had a router go down, and the only copy of the docs we knew of was online... Good thinking guys...:-)
2. Do an analysis of what would happen for each piece of equipment if it failed. A list of steps to detect the symptoms. Essentially, a list of things to help trouble shoot it. Do this, also for major configuration settings that could be wrong (Gateways, DNS, firewall rules, routing rules). So essentially list what you think it would act like if a switch broke. If the router broke. If the DNS server went down. What it would be like if the proxy server crashed. What would happen if the firewall settings got mis-configured. How they could tell the tape backups didn't work. Things like that.
3. Put in place a system that will help to pull the configuration off the machines. Creative use of SNMP, nmap and something like NetSaint (now Naigos) will help you pull the configuration off the running network to see if you can identify failures or changes in configuration. Document how the configuration should be, and check it using those tools with alerts sent out when something looks wrong.
Best way is to switch to Linux (Sorry, this is Slashdot, and I stopped running Windows 3.5 years ago, and never looked back. I still game on Windows, but I'm not an FPS type any more).
The only thing I could see if they finally added the things to the property screen. In Win95, there used to be a way to disable magic keystrokes that were running in DOS sessions (because the DOS application used them). I'm not sure why I never used that in Duke. Maybe I finally did. It might have been that you couldn't disable the Windows Key modifier, as it wasn't available to DOS apps prior to the release of Win95. I don't remember, it's been at least 5 or 6 years since I ran Duke.
Alternatively, file a bug. It runs under windows. They should be able to figure it out, and either disable it (via a Win32 call, or by handling whatever it is they aren't doing).
I believe our mail server sends an alert 4 hours after an e-mail is non-deliverable, and retries at regular intervals for up to 4 days I believe. I think delivery is either every 1 hour, or every 4 hours. Not sure what the Sendmail defaults are.
That said, even if your e-mail server doesn't send you the outage, that doesn't mean the e-mail actually got there. It could have been received by a secondary MX, not the primary one that delivers it.
I'm sure everybody and their brother will mention that read receipts, and receive receipts are a good idea in this case (even those are reliable, but it's better then nothing). Oh, and that if the message was this important, at the very least a confirmation call. You might look like a character out of a Dilbert strip, but it sounds like confirmation would have been worth the embarrassment in this case.
They are slightly different. While Alt-Esc, and the Windows key do the same thing. In Windows 95, under Duke Nukem, pressing the Windows key would task switch you out, and the game would never work if you task switched back. Pressing alt-esc would do exactly the same thing, but you could task switch back to Duke. It took a lot of habit breaking to fix hitting the Windows key accidently. And even more to use alt esc to switch back to windows temporarily.
Not sure if that is was a Win95 bug, a Duke bug or what. However, clearly it is possible to detect the difference between the two keys.
Hmmm, that might have been Ctl-Esc, but I remember the bug in Duke was like that.
Run the network enabled system under the VM? The VM can't access the underlying system (or shouldn't be able to). You want to search the web looking for the best AI algorithm for capture the flag, do it under the VM. You want to build and test the software? Do it under the real machine.
Implementing it in the DNS isn't "bonkers". Implementing in the _root_ DNS servers, with no warning, no RFC, no discussion, and no debate is bonkers. While I agree that the most appropriate way to do that is in the user agent.
I mean if AOL wanted to put this sort of rule in their DNS server, more power to them. If cox.net wanted to do it, great. If my work wanted to do it fine. If they are prepared to suffer the consequences, and will allow me to route around it, I'm fine with it.
The people who run the core of the DNS system for the two most commonly typed domain names? Gosh darn irresponsible. Just insane. Bonkers. Foolish. Strange. Inappropriate.
I don't mind others breaking their perspective of the internet. However, I have serious issues with people who break my corner of the internet.
Dock yourself one point for thinking that rm -rf/* is the same as rm -rf / in all shells./* will not remove any dot files from the root directory. I'm not sure I know of a shell where rm -rf/* will do the same thing in the presense of a dot file, but goodness knows that some ancient version of korn shell might have done it.
Depending on the shell globing in use "rm -rf/*" and "rm -rf/" will remove two different sets of files. If you want to remove everthing the current directory, the correct way to do that I believe is:
rm -rf .
Not
rm -rf *
I know this to be the case in the one true shell, bash using GNU's rm.
That being said, it would be much faster on a filesystem with a reasonable large number of files (think ~1000 or more depending on the filesystem) to just reformat the filesystem then to delete every file individually.
Giving myself one point for being incredibly pedantic to someone who was already being pedantic.:-)
Well,
The author has two fundamentally weak points. First, the one that concerns "newbies will be indoctrinated with security training". If that was the case just sending out e-mails saying that you should be very careful what have run, should be enough to stop Windows virus problems. Or at least put a great deal of problems in them.
Secondly, the author assumes that a regular user can't do damage other then "delete your home directory". Last time I checked, most people can do a huge amount of damage as regular user on Linux. From your garden variety DoS (you don't need to be root to just send lots of packets). Yes a reboot will probably solve the problem. However, just altering your.bash_profile or.bash_rc scripts could make it possible to create problems for you when you log back in. I could use this as a launching point for any remote exploit that will get me an account, so I can then download a local root exploit.
Finally, the author assumes that a regular users couldn't run a program which downloads a local root exploit to give him pretty much full access to the machine. So any given local root exploit could
potentionally be exploited by the virus.
The points he is correct on, are that if the mail programs stay secure by default, or written so they can't be configured to be insecure, then he has a point. However, writting a great e-mail client, or just writting a secure version of Outlook is a complete possiblility, that could lead to most of his argument appling to a monoculture.
As a tangental point to all this, the author assumes that under Linux/MacOS there will not be a monoculture. I believe that point to be relatively incorrect. In the sense, that I think there will be a critical mass of a specific version of a specific distribution, running a specific subset of software that will be available to a virus writer. So if say, RedHat 9.0 users running Evolution, that have Mozilla installed. If Linux we're on 25% of the corporate desktops in world, that, and only 40% of those have that configuration, we are still talking about a large portion of the corporate world having that liability. I'd further venture to say, that RedHat, Suse, Gentoo, and Debian don't differ that much on the software versions that are available. The differences are more in the integration, the installation, and the management tools. It isn't in the bulk of the software itself that differentiates one Linux distribution from another. Thus I believe even if there isn't a mono culture, a critical mass will exist, and that's all it takes to successfully disrupt the portions of Internet, and any single business.
I also think he skipped the fact that under Linux, worms instead of viruses are the primary cause problems. So worm writters can have a great time with all that Linux software. So you merely traded one set of security problems for another.
Linux will in fact have security problems for as long as it is turned on. So will MacOS, OS X, BeOS, Windows, QNX, or any other OS. I love my Linux, I think it has great security, and much better potential for not being as easy to exploit. However, you are deluding yourself if you believe that critical mass of a given mail client with an exploit won't exist, or if you believe that Linux won't be the cause of internet wide security problems in the future.
Well there are a lot of problems with this. First and foremost is having the machine maintain a list of known installed software. That means no custom installs for anything. So if you built sendmail and installed it in/usr/local, you have problems building an off the shelf solution. For a variety of reasons.
For linux you can mostly rely on either RPM or apt to know what you have installed assuming you stay with the vendor released binaries.
However, for windows, how do you get a list of installed software? Got me, I have no idea. How do you get a list of features you have enabled, or installed?
Just getting a reliable list of installed software is tricky. Now you have to do it while running remotely. Even more fun. If your terribly clever you'd do this with SNMP somehow to query the hardware/software for it's current configuration for inventory of both hardware and software to ensure compliance with all your license, and to ensure no one has swiped any hardware from you.
Now once you get that done, you have to feed it a list of known buggy software. This is also trickier then it seems. For Windows, as far as I know, the patches don't have versions, they aren't software. They are windows updates. With say RedHat software, OpenSSH 2.5 has some security flaw, but the redhat patched OpenSSH 2.5-p5 won't. So you have to be pretty darn specific.
It'd probably be easier to have each tool setup to query the security tool of choice and send out an SNMP alert saying that something is out of date. How exactly to do that on Windows I don't know. How to do it on redhat is easy. Use rhn-applet-tui, it will tell you. You send out an SNMP alert to you SNMP monitor, which converts that into an e-mail.
Then each machine monitors itself. You also setup the monitoring to send out a positive alert that everything is up to date once in a while (1 per day, 1 per week or 1 per month, depending on how many machines you have).
There, is a difference between, it's registered and no one is allowed to send, and it's not registered at all (I haven't read the article or the RFC's, this is just the Engineer in me thinking of the obvious solution). I would say, that the default for a non-registered e-mail is to say: "E-mail can come from any IP in the world". Then people who get hit by nasty spoofing, will lookup how to deal with the problem. Come across a site the references this RFC, and will register. Thus, I believe you concern can be mitigated.
However, I have two concerns, I can't obviously solve. First, how widely distributed is this, and how much load can it afford to take? Clearly somebody who has an interest in anti-spam utilities not working has taken to DDos'ing them off the net. I'd be concerned about this.
Second, how much "identity theft" will happen? It's relatively easy to steal a block of IP's or a domain name by faking headers/company stationary/company letter head. Actually authenticating the user is authorized to send from.
Ahhh, okay, I see, it's a DNS hack essentially. You set some txt into a DNS records.
I can see some issues with this. I send mail from all over the place, with my from address not from any given SMTP. I have from time to time been stuck on a college campus that won't allow me to send mail thru my SMTP host on the internet. However, it will let me send mail as them. However, I don't see how I can my foobar.com domain, so that it will allow mail to be sent from goofy_college.edu. It seems odd to me either way. Not sure if I like it or not. I wish it was "built from the ground up", not a hack onto a DNS server. It also means I have to VPN back to my home network to send mail, rather then use the handy SMTP, or run my own on my machine.
Actually, you are correct, that paragraph doesn't refer to binaries. It follows section 2, which is about the "Work". They don't discuss binaries being released until section 3. However, section 3 says you have to follow all the rules in 1 and 2. I'm not sure if that paragraph also means binaries. You are correct in that, I might have misintrepreted what is a work and what isn't. I'm guessing that both the source and object code are what they mean by "Work" (if that's true my I believe my interpretation to be correct).
I believe, the paragraph I quoted is means that even if your work is extractable from the larger work, and you can legally license it under something other then the GPL, however, the copy you distributed as a part of the larger work, should be GPL'ed or you are commiting copyright violation.
However, what you raise as a doubt dealing with CD-ROM's is a frequently raised point. In fact, it has an entry in the FSF's GPL FAQ:
What you are discussing, is mere aggregation. Just because something happens to be on the CD, doesn't mean it's a derived work. However, because it is distributed as a part of the larger work, and it is clearly part of the same "work", the code should be GPL'ed, or it is in violation of copyright. I believe that the Linksys code fits that description, such that even if it is possible to extract it into a non-GPL'ed license, because of the way it is distributed, that at least a copy of it should be GPL'ed to be compliant with the license of the Linux GPL.
glibc is actually released under the LGPL. Which means that those goofy programs are allowed to link statically with them (only if they made modifications to the glibc itself would that be a problem). The concept of plugins are weird. I believe there is a legal tangle with it. However, I believe that Sun found a novel way around it at one point, because they distributed a the linux driver source and a toolkit to compile with. You created the binaries yourself, thus you could link GPL's binaries with the proprietary kernel. As long as it was never distributed in binary form, it was legal I believe (because they gave you the source you could edit, and they didn't distribute binaries).
Just as a point of order. The GPL is *NOT* viral. It isn't. Never has been. The worst any thing anyone can make you do is to stop distributing the original GPL software, and be sued for copyright violation (also note that only the copyright holder has the legal grounds to do so, so Joe random user can't just demand the code from you). No one can force you to give up the original code, not even in a court of law (at least the judge shouldn't be able you to force you to change a license). That's no worse then anything Microsoft could do to you for distributing a copy of MS Word or Office illegally. If you distribute something you are not the creator of, you should be very, very careful to check all of the licensing terms of it. The GPL just gives pretty clear instructions on how to be compliant, that nearly anybody could do barring any intellectual property problems. At least the GPL gives you an easy out that doesn't involve a legal settlement with the original copyright holder.
You're clearly not understanding about LinkSys and what they have clearly done, that it is IMPOSSIBLE for them to do anything of the that involves new symbols in the kernel and not have it be a GPL violation. Symbols are the basic unit of linking. Linking is the most directly described form of "derivative work" in the GPL, and the GPL FAQ's. The most similar thing I can describe is this: If an object moved from point A to point B in a given frame of reference, it had to have a force applied to it. Objects don't move without forces being applied (barring quantum affects). New symbols don't appear in code, without linking going on. Linking is a sure sign of a derivative work. Thus GPL had to have been violated,
Here, let me cite the appropriate words for you so you can see the bouncing ball:
Find your copy of the Linux source. On my machine, that's/usr/src/linux (it's a RH 9.0 machine). Now, open COPYING in your favorite editor. This is Linux's license. You are free to use the license under these terms.
The pertinate terms are, the definition of a derived work. Specifically, anything that uses the kernel via normal system calls is not a derived work. Anything that is developed externally to the linux kernel, and is linkable to a variety of versions of the kernel (like the NVIDIA drivers are).
A derived work is anything that isn't "not a derived work". So if as the e-mail says, they have introduced new symbols into the kernel proper it's clearly a derived work of the Linux kernel (they didn't even release those sections). Section 1 of the GPL explains what it and isn't a derived work. Linus Torvald has supplemented what he believes to be a derived work of the Linux kernel in various e-mails and usenet postings over the years.
A good rule of thumb is that if you can't compile it separately from the kernel, it's a derived work. In this case, there is code statically linked, and the version of linux they distribute is fixed. There is no glue layer that allows you to pick which kernel you want this module inserted into (very unlike the NVIDIA drivers, it's my understanding that the core of the NVIDIA libraries is pretty much the same on Win32 or Linux its just the glue that connects that that differs).
Furthermore, they are following paragraph from the GPL applies:
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Program,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based
on the Program, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote it.
Which futher deliniates the point, that if you are distribing the entire Linux binary, you are a derived work. Period. End of story. If you are distribing a patch to the Linux kernel, you are a derived work. If you are distributing a binary module, and you are not distributing a linux kernel, they you can have seperate terms from the GPL. In this case, they are in fact distributing things that are both a derived work because of the modifications to the kernel. They are also distributing integrated with a Linux kernel, which even if it was a binary only module, because they are distributing it embedded inside of a binary of the GPL, it must be GPL'ed, or they are in violation.
In the end, that means, the object code distributed with the AP is a derived work. They are not prominately displaying that there is GPL'ed software involved, or that you can download such a copy. They are not distributing the softare vertaim in machine readable form, in the preferred format (ie they can't run the it thru a code obfusicator). They are in violation of the letter of the GPL, and in violation of the spirit of the GPL in a several different ways.
If the accounting was done, I'd be pretty surprised if in an accurate accoutning Spammers don't do more harm to the economy then they do good themselves. That is, they are a net loser for the economy. (Maybe not, if I account for all the money the ISP's are charging, but that should be relatively zero sum game there). I know we have extra bandwidth around at work because of the sheer volume of junk mail we get. I'd be surprised if the drain spammers create isn't at least as much as virus and worm writers create. Granted on a per capita basis, that means spammers are better, but in aggregate they sure aren't. However, because they make a living at it they don't go away.
People who construct a virus and a worm are generally bad people. However, they have a positive side affect. They bring security to the forefront, and get people to update patches, and keep other maintience on there machines done. Things like backups. Updates to anti-virus software. Patches to the OS. Those are all good things. Other then the Anti-virus software, those should be done even assuming viruses and worms didn't exist (hardware failure and bugs exist so you need patches, and backups).
Who knows, maybe Spammers do for bandwith and internet infrastructure what Pornography and gamers do for home theater and personal computer equipment. They are a driving force to create more and better innovation. They drive costs down, and move things from low production runs into high volume production runs. I've heard the conjecture that most of the early adopters of VHS, DVD, big screen TV's, flat screen TV's, projector TV's, home theaters, rental stores, CD burners, DVD Burners, and digital video, and home video cameras are all pretty much either pornography creators or consumers. That a lot of the drive to bring out newer faster home computers, computer CD players, and almost the entire consumer 3D video card market was driven by early adopters from the gaming community.
It's weird to think that Pornography and Gamers have driven a *LOT* of the technology development for at least the past 20 years (gamers didn't start until later, but they've done their part). If it really is true that half of all internet traffic is SPAM (I find it hard to believe, but I suppose it it possible), then maybe spammers are doing us a favor in terms of driving the backbone of the internet providers to give us more cost effective bandwidth. Unfortuantely, spammers keep using up a great deal of the innovation they helped to create.
No, they haven't avoided those taxes. It is the responsiblity of the purchaser to pay the sales tax in their home state. It is not a liability of the business. A friend of mine's step father worked in the State gov't for the tax collections. At least in a the state of Nebraska, you are supposed to drive down to the local tax collector (possible it's only in the state capital), and file the mail order items value, and pay the sales taxes on it. I also believe that according the the current law, internet sales aren't taxed even when the buyer and the seller are in the same state.
He said his Mom always paid the taxes, just to avoid a scandal because it was her husband's job to enforce that law. In the end, they end up collecting what is given to them, but the prospect of collecting that money is more expensive most of the time, then the total value of the money collected.
I've got not issues with the gov't collecting taxes. No real issues with the gov't collecting taxes on Internet sales. I've got some issues with them attempting to regulate VoIP. I think that's wrong on so many levels (if you are going to do that, tax by the byte/packet, it's just data at that point VoIP isn't special on the internet, however, that's for a different rant).
When money moves around, the gov't wants a piece of it (they figure if you are spending money, you can afford to give some of it to the gov't, and generally they try and not tax neccessities, hence no taxes on food). The gov't has to aquire revenue to provide the services it does. The gov't doesn't need to provide a lot of things it does. So I don't think they truly need the revenue. However, if they decided to tax it, I've got no problem with that in particular. I do have a problem with them never cutting back services during lean years, and never saving money during the boom years. When they expand gov't services during the boom years, and then try continue will all the same services during the lean years, that's a problem. They needed to be either, returning the money to the citizens, or they needed to be saving it away.
I'm curious to see what will happen if the real estate market ever collapses, that'll directly affect revenue of the state gov't, in property taxes. That'll be a serious problem around here.
Yeah, but in the end, I'm really only worried about getting it fixed for me. I figure they know about it, and they will solve it if they want to (I fixed my own DNS a year ago, just because Cox's DNS was constantly giving me problems)...:-)
I see your point. Call their support line, e-mail their abuse, or customer support address. Switch up providers if you can, saying that one of the reasons is you don't appreciate them not being receptive to solving this problem for their customers.
Hmmm, setup your own DNS server? I know that BIND 8 had releases and builds for Win32, I haven't played with DNS on Win32 since BIND 9 came out. If you are run anything that even approximates a UNIX-like OS, BIND should run on it without problems. I have a Cox Cable modem, and there DNS servers used to be pathetic, so I just setup my own caching only nameserver, and have never been happier about it.
Sorry, I edited that sentence one too many times. I knew what it was supposed to say. In the 3 years, no security fix ever, ever lead to an actual upgrade problem. If it was a security fix, you type rpm -Uhv foo.rpm, and the worst case was you had to reboot to get it to take affect (glibc, pam, upgrades to other libraries used by long running processes, or kernel upgrades). Best case, you we're done after tying the command. I've seen lots of cases where Microsoft upgrades do in fact break other software.
If Microsoft wants to argue the other way, I'll happily take that bet. There are easy to find documented cases of bugs that went years, and years. Now that they are more security aware. Microsoft says publically, that it takes them on the order of a week in order to release a bug patch (so they can do all the testing they want). They claim they can't release a patch in less then about a week, and that's why they request that after you tell them, you don't go public with an exploit in less then 30 days. That's also to get people time to patch there servers. However, Microsoft cannot honestly claim they release a patch in less then 24 hours. It's part of their anti-public disclosure argument that isn't the case. Thanks, for playing.
The truth is, that the reason Unix doesn't catch as much heat as MS products, is that when MS has a security problem, the entire Internet has a serious problem as a rule. I still get 50-100 e-mails about viruses. My mail server is still slow because of it. Some sites seem slow when the security worms are moving around. It has pretty nasty splash damage. Where as Linux problems aren't like that (probably due to critical mass).
Finally, the one thing I truely like about OS security fixes, is that I can evaluate what it is thats going on, and come up with several possible fixes myself, because I have full information. With MS, I can either patch, or turn it off. Possible firewall it from the outside.
At Microsoft, I'll bet the security memo can't move from the people who handle possible security alerts to the coders who write the software in less 6 hours. It's a major multi-national corporation, information just doesn't move that quickly in an institution that large. They are a buercratic company with what 50,000 employees. They aren't as nimble as a core group of 5-10 guys with their e-mail address in the source you used to build the binaries.
Slashdot Mirror
As far as I know, every part of the stock Linux kernel includes source, it's the source distribution. I think a handful of binary firmware's (like Adaptec SCSI cards), have some binary crapola in them.
Specifically it is different then the standard General Public License as published by the good folks at the FSF.
Kirby
I pegged the box about about 60-80% CPU utilization also, which was more then a minor nusince when I was using it to transfer backup copies of my 120GB production database.
Kirby
http://kerneltrap.org/node/view/669
Kirby
More likely, it only uses 3W while in the low power mode, making no calculations or some such... :-)
Kirby
I've read the GPL, the LGPL, and the COPYING file of the Linux source carefully before. It's pretty clear you've never bothered to read the one for Linux.
Follow the instructions in my message. Specifically, read the message in COPYING from the linux source tree. You would then see a program that says only v2.
From the /usr/src/linux/COPYING, second paragraph:
Kirby
Microsoft does software, because it has the highest margin. It pretty much has one time manufacturing costs (writting the original software), and then selling it. Then you charge for upgrades, fixes, and support. They damn near created the shrinkwrap software market, and it was a stroke of genious from a money making aspect.
Microsoft however, would like to get into the hardware market. It will give them more control over the environment, and the experience of the user. It will allow them to make better products, that have tighter integration, and are more reliable. Oh, and they will be able to extract more money out of our pockets. (Sound like the run down on Apple's Business plan?)
Oh, and Microsoft makes the best damn keyboards and mice in my opinion.
Kirby
Until they could identify all the original copyright holders, and get them to sign off on version 3 of the GPL they would unable to release the software under it. It would mean large sections of the Linux kernel (mainly drivers) would have to be re-written. As far as I know several very important things like ext2 were written by people who fell off the face of the planet. People have been looking for Remy Card for a long time, he was the original author of most of the ext2 filesystem. Maybe he turned up, but last I knew he was still MIA.
Linus Torvalds intentionally doesn't hold all of the original copyright. He doesn't want to be seen as someone who could be co-opted into "stealing" Linux. If he held all of the original copyright. He could literally sell it to the highest bidder under any licensing agreement they want (the FSF could do the same with Emacs or GCC). Linus could sell the copyright to IBM or Microsoft for a big wad of sweaty money if he so chose under those conditions. To build trust with everyone, he decided that that everybody who wrote some retaining their copyright gave everyone a legal hold on the Linux. That build up a lot of trust. However, it is an anchor when it comes to relicening the Linux kernel.
Mozilla had similar problems when they went to a tri-license, so clearly it can be done. However, there are still parts of Mozilla that haven't been relicensed.
Kirby
Intimidation, and bluffing work against other humans, but it'd never work against a computer. That's like saying you'll trick an omnicient being by doing something they won't expect you to. If they are omnicient, they KNOW what you are doing. Computers a pretty close to being omnisient at the game of chess.
This isn't about playing poker where you know something your opposing player doesn't. It's a full knowledge, deterministic two player game. Game trees, alpha/beta pruning, and configuration ranking are what it's all about.
The only reason a computer can't just crush a human every single time they play, is that humans teach the computer how to rank configuration of the board. There is known single "perfect" algorithm to do that (it's not like doing sorting strings). The greatest of the grandmasters are better then the best programs can currently do. It might be that tweaking the configuration ranking will always expose a different weakness of the computer, and the humans just have to find it. It might be at some point, the computers ability to figure out which of two similiar board configuration has a larger advantage will exceed any humans ability to intuitiely see it.
In theory, there is nothing to stop computer from just pre-computing every possibility of every single game, and do the perfect move every single time. Nothing, except that it's estimated that there are more board configurations then there are atoms in the Universe. If you want to see what I mean, play a computer at Tic-Tac-Toe. I can easily write a program you'll never, ever beat no matter how much you bluff, or do something unexpected. The only difference between Tic-Tac-Toe and chess is that Chess is a much harder game to rank the various positions, and it's a much larger search space.
Finally, your assertion that computers cannot lie, and cannot bluff is absolutely blantantly wrong. Computers can do anything you can program them to do. I could easily write a program that estimates it has a very good chance of losing, and teach it to bet in exactly the same way it would if it had a Royal Flush in poker. If I thought that would intimidate you into folding. However, that is then taking into consideration things outside of the statistically predictable. I'd have to model the specific player I was playing, and how well they understood the program to correctly setup the game theory matrix to maximize my chances of winning. It'd be very difficult to do, but it could be done.
Kirby
1. Download all of the documentation locally, especially for all networking equipment. Keep all patches/firmware upgrades locally so that in the event of a failure you have everything you need onsite to solve the problem. I once had a router go down, and the only copy of the docs we knew of was online... Good thinking guys... :-)
2. Do an analysis of what would happen for each piece of equipment if it failed. A list of steps to detect the symptoms. Essentially, a list of things to help trouble shoot it. Do this, also for major configuration settings that could be wrong (Gateways, DNS, firewall rules, routing rules). So essentially list what you think it would act like if a switch broke. If the router broke. If the DNS server went down. What it would be like if the proxy server crashed. What would happen if the firewall settings got mis-configured. How they could tell the tape backups didn't work. Things like that.
3. Put in place a system that will help to pull the configuration off the machines. Creative use of SNMP, nmap and something like NetSaint (now Naigos) will help you pull the configuration off the running network to see if you can identify failures or changes in configuration. Document how the configuration should be, and check it using those tools with alerts sent out when something looks wrong.
Kirby
The only thing I could see if they finally added the things to the property screen. In Win95, there used to be a way to disable magic keystrokes that were running in DOS sessions (because the DOS application used them). I'm not sure why I never used that in Duke. Maybe I finally did. It might have been that you couldn't disable the Windows Key modifier, as it wasn't available to DOS apps prior to the release of Win95. I don't remember, it's been at least 5 or 6 years since I ran Duke.
Alternatively, file a bug. It runs under windows. They should be able to figure it out, and either disable it (via a Win32 call, or by handling whatever it is they aren't doing).
Kirby
That said, even if your e-mail server doesn't send you the outage, that doesn't mean the e-mail actually got there. It could have been received by a secondary MX, not the primary one that delivers it.
I'm sure everybody and their brother will mention that read receipts, and receive receipts are a good idea in this case (even those are reliable, but it's better then nothing). Oh, and that if the message was this important, at the very least a confirmation call. You might look like a character out of a Dilbert strip, but it sounds like confirmation would have been worth the embarrassment in this case.
Kirby
Not sure if that is was a Win95 bug, a Duke bug or what. However, clearly it is possible to detect the difference between the two keys.
Hmmm, that might have been Ctl-Esc, but I remember the bug in Duke was like that.
Kirby
Kirby
I mean if AOL wanted to put this sort of rule in their DNS server, more power to them. If cox.net wanted to do it, great. If my work wanted to do it fine. If they are prepared to suffer the consequences, and will allow me to route around it, I'm fine with it.
The people who run the core of the DNS system for the two most commonly typed domain names? Gosh darn irresponsible. Just insane. Bonkers. Foolish. Strange. Inappropriate.
I don't mind others breaking their perspective of the internet. However, I have serious issues with people who break my corner of the internet.
Kirby
Depending on the shell globing in use "rm -rf /*" and "rm -rf /" will remove two different sets of files. If you want to remove everthing the current directory, the correct way to do that I believe is:
rm -rf .
Not
rm -rf *
I know this to be the case in the one true shell, bash using GNU's rm.
That being said, it would be much faster on a filesystem with a reasonable large number of files (think ~1000 or more depending on the filesystem) to just reformat the filesystem then to delete every file individually.
Giving myself one point for being incredibly pedantic to someone who was already being pedantic. :-)
Kirby
Secondly, the author assumes that a regular user can't do damage other then "delete your home directory". Last time I checked, most people can do a huge amount of damage as regular user on Linux. From your garden variety DoS (you don't need to be root to just send lots of packets). Yes a reboot will probably solve the problem. However, just altering your .bash_profile or .bash_rc scripts could make it possible to create problems for you when you log back in. I could use this as a launching point for any remote exploit that will get me an account, so I can then download a local root exploit.
Finally, the author assumes that a regular users couldn't run a program which downloads a local root exploit to give him pretty much full access to the machine. So any given local root exploit could potentionally be exploited by the virus.
The points he is correct on, are that if the mail programs stay secure by default, or written so they can't be configured to be insecure, then he has a point. However, writting a great e-mail client, or just writting a secure version of Outlook is a complete possiblility, that could lead to most of his argument appling to a monoculture.
As a tangental point to all this, the author assumes that under Linux/MacOS there will not be a monoculture. I believe that point to be relatively incorrect. In the sense, that I think there will be a critical mass of a specific version of a specific distribution, running a specific subset of software that will be available to a virus writer. So if say, RedHat 9.0 users running Evolution, that have Mozilla installed. If Linux we're on 25% of the corporate desktops in world, that, and only 40% of those have that configuration, we are still talking about a large portion of the corporate world having that liability. I'd further venture to say, that RedHat, Suse, Gentoo, and Debian don't differ that much on the software versions that are available. The differences are more in the integration, the installation, and the management tools. It isn't in the bulk of the software itself that differentiates one Linux distribution from another. Thus I believe even if there isn't a mono culture, a critical mass will exist, and that's all it takes to successfully disrupt the portions of Internet, and any single business.
I also think he skipped the fact that under Linux, worms instead of viruses are the primary cause problems. So worm writters can have a great time with all that Linux software. So you merely traded one set of security problems for another.
Linux will in fact have security problems for as long as it is turned on. So will MacOS, OS X, BeOS, Windows, QNX, or any other OS. I love my Linux, I think it has great security, and much better potential for not being as easy to exploit. However, you are deluding yourself if you believe that critical mass of a given mail client with an exploit won't exist, or if you believe that Linux won't be the cause of internet wide security problems in the future.
Kirby
For linux you can mostly rely on either RPM or apt to know what you have installed assuming you stay with the vendor released binaries.
However, for windows, how do you get a list of installed software? Got me, I have no idea. How do you get a list of features you have enabled, or installed?
Just getting a reliable list of installed software is tricky. Now you have to do it while running remotely. Even more fun. If your terribly clever you'd do this with SNMP somehow to query the hardware/software for it's current configuration for inventory of both hardware and software to ensure compliance with all your license, and to ensure no one has swiped any hardware from you.
Now once you get that done, you have to feed it a list of known buggy software. This is also trickier then it seems. For Windows, as far as I know, the patches don't have versions, they aren't software. They are windows updates. With say RedHat software, OpenSSH 2.5 has some security flaw, but the redhat patched OpenSSH 2.5-p5 won't. So you have to be pretty darn specific.
It'd probably be easier to have each tool setup to query the security tool of choice and send out an SNMP alert saying that something is out of date. How exactly to do that on Windows I don't know. How to do it on redhat is easy. Use rhn-applet-tui, it will tell you. You send out an SNMP alert to you SNMP monitor, which converts that into an e-mail.
Then each machine monitors itself. You also setup the monitoring to send out a positive alert that everything is up to date once in a while (1 per day, 1 per week or 1 per month, depending on how many machines you have).
However, I have two concerns, I can't obviously solve. First, how widely distributed is this, and how much load can it afford to take? Clearly somebody who has an interest in anti-spam utilities not working has taken to DDos'ing them off the net. I'd be concerned about this.
Second, how much "identity theft" will happen? It's relatively easy to steal a block of IP's or a domain name by faking headers/company stationary/company letter head. Actually authenticating the user is authorized to send from.
Ahhh, okay, I see, it's a DNS hack essentially. You set some txt into a DNS records.
I can see some issues with this. I send mail from all over the place, with my from address not from any given SMTP. I have from time to time been stuck on a college campus that won't allow me to send mail thru my SMTP host on the internet. However, it will let me send mail as them. However, I don't see how I can my foobar.com domain, so that it will allow mail to be sent from goofy_college.edu. It seems odd to me either way. Not sure if I like it or not. I wish it was "built from the ground up", not a hack onto a DNS server. It also means I have to VPN back to my home network to send mail, rather then use the handy SMTP, or run my own on my machine.
Kirby
I believe, the paragraph I quoted is means that even if your work is extractable from the larger work, and you can legally license it under something other then the GPL, however, the copy you distributed as a part of the larger work, should be GPL'ed or you are commiting copyright violation.
However, what you raise as a doubt dealing with CD-ROM's is a frequently raised point. In fact, it has an entry in the FSF's GPL FAQ:
http://www.fsf.org/licenses/gpl-faq.html#MereAggre gation
What you are discussing, is mere aggregation. Just because something happens to be on the CD, doesn't mean it's a derived work. However, because it is distributed as a part of the larger work, and it is clearly part of the same "work", the code should be GPL'ed, or it is in violation of copyright. I believe that the Linksys code fits that description, such that even if it is possible to extract it into a non-GPL'ed license, because of the way it is distributed, that at least a copy of it should be GPL'ed to be compliant with the license of the Linux GPL.
glibc is actually released under the LGPL. Which means that those goofy programs are allowed to link statically with them (only if they made modifications to the glibc itself would that be a problem). The concept of plugins are weird. I believe there is a legal tangle with it. However, I believe that Sun found a novel way around it at one point, because they distributed a the linux driver source and a toolkit to compile with. You created the binaries yourself, thus you could link GPL's binaries with the proprietary kernel. As long as it was never distributed in binary form, it was legal I believe (because they gave you the source you could edit, and they didn't distribute binaries).
Just as a point of order. The GPL is *NOT* viral. It isn't. Never has been. The worst any thing anyone can make you do is to stop distributing the original GPL software, and be sued for copyright violation (also note that only the copyright holder has the legal grounds to do so, so Joe random user can't just demand the code from you). No one can force you to give up the original code, not even in a court of law (at least the judge shouldn't be able you to force you to change a license). That's no worse then anything Microsoft could do to you for distributing a copy of MS Word or Office illegally. If you distribute something you are not the creator of, you should be very, very careful to check all of the licensing terms of it. The GPL just gives pretty clear instructions on how to be compliant, that nearly anybody could do barring any intellectual property problems. At least the GPL gives you an easy out that doesn't involve a legal settlement with the original copyright holder.
You're clearly not understanding about LinkSys and what they have clearly done, that it is IMPOSSIBLE for them to do anything of the that involves new symbols in the kernel and not have it be a GPL violation. Symbols are the basic unit of linking. Linking is the most directly described form of "derivative work" in the GPL, and the GPL FAQ's. The most similar thing I can describe is this: If an object moved from point A to point B in a given frame of reference, it had to have a force applied to it. Objects don't move without forces being applied (barring quantum affects). New symbols don't appear in code, without linking going on. Linking is a sure sign of a derivative work. Thus GPL had to have been violated,
Find your copy of the Linux source. On my machine, that's /usr/src/linux (it's a RH 9.0 machine). Now, open COPYING in your favorite editor. This is Linux's license. You are free to use the license under these terms.
The pertinate terms are, the definition of a derived work. Specifically, anything that uses the kernel via normal system calls is not a derived work. Anything that is developed externally to the linux kernel, and is linkable to a variety of versions of the kernel (like the NVIDIA drivers are).
A derived work is anything that isn't "not a derived work". So if as the e-mail says, they have introduced new symbols into the kernel proper it's clearly a derived work of the Linux kernel (they didn't even release those sections). Section 1 of the GPL explains what it and isn't a derived work. Linus Torvald has supplemented what he believes to be a derived work of the Linux kernel in various e-mails and usenet postings over the years.
A good rule of thumb is that if you can't compile it separately from the kernel, it's a derived work. In this case, there is code statically linked, and the version of linux they distribute is fixed. There is no glue layer that allows you to pick which kernel you want this module inserted into (very unlike the NVIDIA drivers, it's my understanding that the core of the NVIDIA libraries is pretty much the same on Win32 or Linux its just the glue that connects that that differs).
Furthermore, they are following paragraph from the GPL applies:
Which futher deliniates the point, that if you are distribing the entire Linux binary, you are a derived work. Period. End of story. If you are distribing a patch to the Linux kernel, you are a derived work. If you are distributing a binary module, and you are not distributing a linux kernel, they you can have seperate terms from the GPL. In this case, they are in fact distributing things that are both a derived work because of the modifications to the kernel. They are also distributing integrated with a Linux kernel, which even if it was a binary only module, because they are distributing it embedded inside of a binary of the GPL, it must be GPL'ed, or they are in violation.
In the end, that means, the object code distributed with the AP is a derived work. They are not prominately displaying that there is GPL'ed software involved, or that you can download such a copy. They are not distributing the softare vertaim in machine readable form, in the preferred format (ie they can't run the it thru a code obfusicator). They are in violation of the letter of the GPL, and in violation of the spirit of the GPL in a several different ways.
People who construct a virus and a worm are generally bad people. However, they have a positive side affect. They bring security to the forefront, and get people to update patches, and keep other maintience on there machines done. Things like backups. Updates to anti-virus software. Patches to the OS. Those are all good things. Other then the Anti-virus software, those should be done even assuming viruses and worms didn't exist (hardware failure and bugs exist so you need patches, and backups).
Who knows, maybe Spammers do for bandwith and internet infrastructure what Pornography and gamers do for home theater and personal computer equipment. They are a driving force to create more and better innovation. They drive costs down, and move things from low production runs into high volume production runs. I've heard the conjecture that most of the early adopters of VHS, DVD, big screen TV's, flat screen TV's, projector TV's, home theaters, rental stores, CD burners, DVD Burners, and digital video, and home video cameras are all pretty much either pornography creators or consumers. That a lot of the drive to bring out newer faster home computers, computer CD players, and almost the entire consumer 3D video card market was driven by early adopters from the gaming community.
It's weird to think that Pornography and Gamers have driven a *LOT* of the technology development for at least the past 20 years (gamers didn't start until later, but they've done their part). If it really is true that half of all internet traffic is SPAM (I find it hard to believe, but I suppose it it possible), then maybe spammers are doing us a favor in terms of driving the backbone of the internet providers to give us more cost effective bandwidth. Unfortuantely, spammers keep using up a great deal of the innovation they helped to create.
Kirby
He said his Mom always paid the taxes, just to avoid a scandal because it was her husband's job to enforce that law. In the end, they end up collecting what is given to them, but the prospect of collecting that money is more expensive most of the time, then the total value of the money collected.
I've got not issues with the gov't collecting taxes. No real issues with the gov't collecting taxes on Internet sales. I've got some issues with them attempting to regulate VoIP. I think that's wrong on so many levels (if you are going to do that, tax by the byte/packet, it's just data at that point VoIP isn't special on the internet, however, that's for a different rant).
When money moves around, the gov't wants a piece of it (they figure if you are spending money, you can afford to give some of it to the gov't, and generally they try and not tax neccessities, hence no taxes on food). The gov't has to aquire revenue to provide the services it does. The gov't doesn't need to provide a lot of things it does. So I don't think they truly need the revenue. However, if they decided to tax it, I've got no problem with that in particular. I do have a problem with them never cutting back services during lean years, and never saving money during the boom years. When they expand gov't services during the boom years, and then try continue will all the same services during the lean years, that's a problem. They needed to be either, returning the money to the citizens, or they needed to be saving it away.
I'm curious to see what will happen if the real estate market ever collapses, that'll directly affect revenue of the state gov't, in property taxes. That'll be a serious problem around here.
Kirby
I see your point. Call their support line, e-mail their abuse, or customer support address. Switch up providers if you can, saying that one of the reasons is you don't appreciate them not being receptive to solving this problem for their customers.
Kirby
Thanks,
Kirby
If Microsoft wants to argue the other way, I'll happily take that bet. There are easy to find documented cases of bugs that went years, and years. Now that they are more security aware. Microsoft says publically, that it takes them on the order of a week in order to release a bug patch (so they can do all the testing they want). They claim they can't release a patch in less then about a week, and that's why they request that after you tell them, you don't go public with an exploit in less then 30 days. That's also to get people time to patch there servers. However, Microsoft cannot honestly claim they release a patch in less then 24 hours. It's part of their anti-public disclosure argument that isn't the case. Thanks, for playing.
The truth is, that the reason Unix doesn't catch as much heat as MS products, is that when MS has a security problem, the entire Internet has a serious problem as a rule. I still get 50-100 e-mails about viruses. My mail server is still slow because of it. Some sites seem slow when the security worms are moving around. It has pretty nasty splash damage. Where as Linux problems aren't like that (probably due to critical mass).
Finally, the one thing I truely like about OS security fixes, is that I can evaluate what it is thats going on, and come up with several possible fixes myself, because I have full information. With MS, I can either patch, or turn it off. Possible firewall it from the outside.
At Microsoft, I'll bet the security memo can't move from the people who handle possible security alerts to the coders who write the software in less 6 hours. It's a major multi-national corporation, information just doesn't move that quickly in an institution that large. They are a buercratic company with what 50,000 employees. They aren't as nimble as a core group of 5-10 guys with their e-mail address in the source you used to build the binaries.
Kirby