And nuking them wouldn't be equally devastating to the south ? Even if the radiation didn't reach that far (it's a reasonable assumption that a good part of the entrenched artillery is pretty close to the border), the fallout would still threaten both South Korea and other neighbouring and close nations. China and Russia share borders with North Korea, and neither is gonna be particularly happy.
I fully agree, and had I modpoints I'd simply add a +1 insightful to your score.
Since I haven't, though, I'd like to point out that while it is true that you can't simply equate security with a piece of software, you *can* compare how well two teams of developers (try to) adhere to those practices and policies.
I have a feeling that Linus and the people who verify kernel patches have a better track record in that than the people at Microsoft who decide that a given feature WILL BE in the next release, regardless of developers pointing out that it's not quite finished yet.
> Are you saying that Solaris has or has not "Patch Management"?
Given that I responded to someone going on about how great Solaris is, I meant that it's quite the pain in the ass.
I agree that Microsoft uses the closest thing to actual patches, that is, differentials from the original binary. On the other hand, and as you point out, any service pack is of the order of gigabytes, these days. Why is are those "a new revision to the underlying OS" when the regular patches also include updates for that ? Why not do service packs with binary diffs, too ?
Linux indeed mostly does full packages. There's no technical hurdle in supplying diffs, so I assume there's some convenience in doing so. One thing that comes to mind, is not having to follow every step of the upgrade path as you have to with MS patches - you just install the latest package if you skipped a few versions. Also, keep in mind that with Linux (and, indeed, most *nix) package management (nobody claims *patch* management there) is not only to the OS (kernel and basic utilities), but also a whole host of third-party applications ranging from Apache to Zope, whereas MS' gigabyte SPs are *only* for Windows and some -not even all- of their own software.
AIX, I'm not familiar with, so I can't comment.
Solaris patches are theoretically pretty manageable, especially with zones and ZFS snapshots. In reality, it literally takes hours to upgrade a large system. No fun, indeed.
Nice. Now tell us about the *internal* metalink, which contains fixes for problems that never make it to the public metalink, and allow you to sell weeks of consultancy for tickets that take half a day to fix.
It's true, unfortunately, you *do* understand the market all too well.
Agreed with your general point, but getting tested is no 100% certainty. Take into account both incubation periods (for HIV currently 3 to 6 months), and the possibility that $other hasn't quite enough with you alone.
The people who got 419ed didn't just operate their mail client (or browser, more likely), but actively responded, repeatedly, to an obviously too-good-to-be-true offer from someone they didn't know in a country they may not even have ever heard of, and then enacted one or more banking transactions to the same unknown factor.
It's like I'm driving my car on the highway, and I suddenly decide to follow an arrow that says "Promised Land" and points into a dark, foggy gravel road that goes in the direction of where there clearly was a ravine a few hundred yards earlier.
You mean, like the "Install security updates without confirmation" option that's in my two-versions-behind Ubuntu ? Oh, right, you mean the "reboot for nearly every patch" kind of seamless, yeah, you're right, that's missing from Ubuntu.
Including the ones where, say, something falls off a truck and onto the road ? The ones where kids drop blocks of cement off bridges ? Yes, the latter happened, too.
Granted, they're a very small subset compared to the driver-caused ones, but claiming 100% is just silly.
That answer isn't acceptable, because it is per definition also the answer to "what if my employee dies and I can't get to his data".
The general direction of an answer that's both acceptable and secure, is the fact that GPG/PGP and other public/private key implementations, allow encryption using multiple public keys, so that any one associated private key may decrypt the data. That's how you send encrypted mail to multiple recipients, for example.
Maybe the reaction to online griping is harsher because, unlike griping in the cafetaria, it's not visible to ten inside people, but to pretty much the world ? How do you think your boss would react if you badmouthed him in on the frontpage of a newspaper ?
Memcache is highly useful (and indeed, designed) for serving volatile key/value type data. It would be plain stupid to use it as the main store for your non-volatile data.
Slashdot Mirror
And nuking them wouldn't be equally devastating to the south ? Even if the radiation didn't reach that far (it's a reasonable assumption that a good part of the entrenched artillery is pretty close to the border), the fallout would still threaten both South Korea and other neighbouring and close nations. China and Russia share borders with North Korea, and neither is gonna be particularly happy.
I fully agree, and had I modpoints I'd simply add a +1 insightful to your score.
Since I haven't, though, I'd like to point out that while it is true that you can't simply equate security with a piece of software, you *can* compare how well two teams of developers (try to) adhere to those practices and policies.
I have a feeling that Linus and the people who verify kernel patches have a better track record in that than the people at Microsoft who decide that a given feature WILL BE in the next release, regardless of developers pointing out that it's not quite finished yet.
SELinux / AppArmor, but more so, then ?
Well, Altair *did* kill quite a lot of templars.
"Awesome bar". It's a plugin that integrates the search box into your address bar. I'm running it, because I like the convenience.
"no more dangerous", as in, they're a menace even when they're not distracted ?
The way you'd expect: right-click on the notification icon and click preferences.
Well, on my 8.10, that is - I assume it won't have changed much.
How exactly have you seen this game in person if it isn't out yet ?
:-)
If you actually know the guy developing it, get us a damn demo
> Are you saying that Solaris has or has not "Patch Management"?
Given that I responded to someone going on about how great Solaris is, I meant that it's quite the pain in the ass.
I agree that Microsoft uses the closest thing to actual patches, that is, differentials from the original binary. On the other hand, and as you point out, any service pack is of the order of gigabytes, these days. Why is are those "a new revision to the underlying OS" when the regular patches also include updates for that ? Why not do service packs with binary diffs, too ?
Linux indeed mostly does full packages. There's no technical hurdle in supplying diffs, so I assume there's some convenience in doing so. One thing that comes to mind, is not having to follow every step of the upgrade path as you have to with MS patches - you just install the latest package if you skipped a few versions.
Also, keep in mind that with Linux (and, indeed, most *nix) package management (nobody claims *patch* management there) is not only to the OS (kernel and basic utilities), but also a whole host of third-party applications ranging from Apache to Zope, whereas MS' gigabyte SPs are *only* for Windows and some -not even all- of their own software.
AIX, I'm not familiar with, so I can't comment.
Solaris patches are theoretically pretty manageable, especially with zones and ZFS snapshots. In reality, it literally takes hours to upgrade a large system. No fun, indeed.
Nice. Now tell us about the *internal* metalink, which contains fixes for problems that never make it to the public metalink, and allow you to sell weeks of consultancy for tickets that take half a day to fix.
It's true, unfortunately, you *do* understand the market all too well.
I have two words for you: Patch Management.
Agreed with your general point, but getting tested is no 100% certainty. Take into account both incubation periods (for HIV currently 3 to 6 months), and the possibility that $other hasn't quite enough with you alone.
More on the same level, I'd like to see data on the number of proprietary projects that get started and never make it to market.
I agree that there is stuff that doesn't work in anything else, but it can be argued that the stuff needs fixing, then.
If my car were to work only on Belgian roads, I would be rather quick to either get it fixed or swap it for one that works on all roads.
The people who got 419ed didn't just operate their mail client (or browser, more likely), but actively responded, repeatedly, to an obviously too-good-to-be-true offer from someone they didn't know in a country they may not even have ever heard of, and then enacted one or more banking transactions to the same unknown factor.
It's like I'm driving my car on the highway, and I suddenly decide to follow an arrow that says "Promised Land" and points into a dark, foggy gravel road that goes in the direction of where there clearly was a ravine a few hundred yards earlier.
You mean, like the "Install security updates without confirmation" option that's in my two-versions-behind Ubuntu ? Oh, right, you mean the "reboot for nearly every patch" kind of seamless, yeah, you're right, that's missing from Ubuntu.
So why *is* it morally wrong, if it doesn't cause harm ?
Also, beautiful how it's modded offtopic, and not troll :-)
Including the ones where, say, something falls off a truck and onto the road ? The ones where kids drop blocks of cement off bridges ? Yes, the latter happened, too.
Granted, they're a very small subset compared to the driver-caused ones, but claiming 100% is just silly.
Well, no. Between his post and yours, the universe has already split into infinite paths again.
That answer isn't acceptable, because it is per definition also the answer to "what if my employee dies and I can't get to his data".
The general direction of an answer that's both acceptable and secure, is the fact that GPG/PGP and other public/private key implementations, allow encryption using multiple public keys, so that any one associated private key may decrypt the data. That's how you send encrypted mail to multiple recipients, for example.
Maybe the reaction to online griping is harsher because, unlike griping in the cafetaria, it's not visible to ten inside people, but to pretty much the world ? How do you think your boss would react if you badmouthed him in on the frontpage of a newspaper ?
You got a syntax error, there. You probably meant XML text files all the way! .
Serve out of, yes. Permanently store in, no.
Memcache is highly useful (and indeed, designed) for serving volatile key/value type data. It would be plain stupid to use it as the main store for your non-volatile data.
True, but that doesn't mean that it can't be useful in any well-designed app, too. One of the things that come to mind, is a session store.