Console like simplicity is good for most typical users, but it effectively excludes the more technical class of users who want more control. In that respect, current games consoles and ipad/iphone go too far one way, while something like windows that requires you to deal with updates, drivers and anti malware protection etc goes too far in the other.
A compromise more like the Amiga would be better - typical users could boot the machine directly into a game or specific apps either from floppy or cd on certain models, while more technically literate users could boot up into workbench etc.
Don't alienate the geeks when making products suitable for end users.
Linux only ever got this reputation for having issues with hardware changes, due to geeks always compiling their own customized kernels which would intentionally not have support for any hardware not present in their machines... Such kernels will simply fail to boot on any different hardware. But most people don't build their own kernels, and those that do are generally clued up enough to rebuild it to run on different hardware.
If you build an i586 image it will run just fine on x86_64, it can even support up to 64gb of memory on such systems. Most standard linux distro kernels include support for pretty much any IDE/SATA controller you might encounter anyway, it is rare to find a linux system which won't boot due to lack of storage drivers.
Linux detects hardware at boot and includes all the drivers by default, so will run just fine when you transport an identical image to non identical hardware... Windows tries to remember what hardware it was running on and install drivers when it encounters new hardware, so if you put an identical image on non identical hardware all kinds of things can happen such as needing to obtain and install additional drivers, windows requiring reactivation, blue screens etc.
But when you mention security updates for the customised rhel, you also need to security update the windows machines you use for managing esx (not to mention install/maintain av etc)... And you wouldn't want them to be virtual images - how would you recover them if they fail and you cant access the vm console?
Also, by requiring a proprietary windows client to manage it becomes somewhat less useful - i maintain a kvm based setup where all management is done over https, ssh or vnc and i can perform emergency maintenence/monitoring from my phone or over a similarly low bandwidth link if i need to.
ATI have released the specs, and the drivers are coming along... I have several machines with ATI chipsets using open source drivers and they function just fine. They might be slower than the binary drivers but they are improving all the time, and are already far more stable than the binary drivers ever were. People who need more performance than the current open drivers offer are a relatively small niche (mainly gamers)...
There is no additional reboot needed, your system reboots when you install the kernel update (and it asks your permission once for the kernel update - as it should).. The nvidia drivers are rebuilt during the next boot automatically - before X is started. Rebooting when you update the kernel is unavoidable, but it only does it once... You could also try ksplice, which lets you apply security patches to the kernel without rebooting (it works nicely on my ubuntu desktop box with nvidia gfx).
What happens if you take an image of your windows 7 system and put it on a completely different system? That's the issue he has, not doing an initial install.
1, This is a common misconception, and depends how you define "expertise"...
You can find people claiming to have MS expertise anywhere, but their actual knowledge will often be extremely poor and might be based on as little as "i installed windows myself on my own computer"... MS marketing says that you can run a network with such people, but in reality such a network will perform extremely poorly and have constant problems.
When it comes to unix knowledge, few people will claim to have any unless they really do. In reality the same barely it literate people would be able to pick up the quickstart guides for modern unixes and get a system barely functioning too (and it would probably perform better tho obviously not perfect), but they often don't want to try.
What you really need, for either setup, is people who actually know what they're doing, and such people are actually harder to find for windows because its more difficult to filter out the clueless people. Once you have clued up staff you will find that a windows setup becomes a LOT more expensive as lots of third party software and additional admin time is required to try and compensate for flaws in windows. (the clueless staff will do without things like binary whitelisting, privilege separation and patch management systems etc - and end up with a horribly insecure network)
2, the execs want their calendars and such working, secure and reliable, and don't care how that's done... exchange is a huge nightmare and is totally useless in any environment where you have non windows clients. active directory is also great fun if you're a hacker, google for "pass the hash" or "the windows auth model is broken"... i do pentesting for a living, and have been able to acquire domain admin privileges on every single active directory based network i have ever tested without being given anything other than an ethernet port.
3, really highlights flaws in the way these regulations are written... if you look at something like pci it is extremely windows focused, and actually getting unix boxes up to spec is much easier than windows.
Windows mobile probably has more of a backwards compatibility problem than the iphone... The core OS of the iphone is the same as normal OSX and it's only the interface APIs which are different - and rightly so, the whole interface is fundamentally different in how you interact with it. Windows mobile on the other hand is a whole different os with a completely different kernel.
You hit the nail on the head with MS... They took advantage of the opening of the hardware market to worm their way in with a closed part that was cheap enough compared to the hardware that it got overlooked until it was too late.
It's also how the market is heading, open source provides a gradual progression whereas closed source often has to reinvent the wheel... Just imagine trying to start a new entirely closed source unix compatible os to compete with linux and all the ancillary projects.. Without dirty tricks (lockin, bought legislation etc) closed source will inevitably be rendered unprofitable too as it is forced into ever smaller niches... It's already happened to a great degree, remember BSDi and SCO? It's no longer possible to offer a commercial unix to run on generic hardware, the only commercial unixes still available come bundled with hardware and even they include a lot of open source code with them.
And to answer the grandparent, IBM is mostly a services company - they have come to realise that hardware has been driven to extremely thin margins and software is going the same way with even further to fall due to the non tangible nature of software.
I have Clam installed on a mailserver, i update it whenever an update becomes available because it's a fairly critical piece of code (it directly interacts with malicious code received via email and performs some fairly complex analysis on it, plenty of scope for exploitation)...
A sales rep won't always sell you the best product for the job... They will sell you whichever gives them the most commission. And as for support, most of them employ a bunch of totally clueless morons who know little more than how to follow the quick start guide that comes with the products they install.
MS have never condoned modding the xbox, their stance on the matter has remained consistent right from the start. You knew before you bought the xbox that modding it is an unsupported action that carries a risk of bricking your console and getting you banned from xbox live.
Sony on the other hand intentionally provided the ability to run linux (and theoretically other operating systems too), and advertised this as a feature of the console. They have now taken away this feature from users who paid for it, and any user who wishes to retain the otheros feature gets the playstation network and the ability to play newer games taken away from them instead.
Sony are taking away advertised features of the console, features which were the deciding factor for some people when buying the console. MS are fixing bugs in the design which enabled users to make the console do things it was never designed to do.
Do they notify the users that they're rootkitted? If anything, a bluescreen is a good thing since the rootkitted machine is now offline and no longer sending spam or whatever other malicious things it might be doing.
Well, by refusing to patch an already compromised system they open that system up to getting further malware infections... If the system breaks at least it's now offline and will cease sending spam or whatever other malicious things its doing.
When you change your password, you are typically asked to enter your old password at the same time to prove your identity (and to stop people abusing a terminal left logged in)...
You could also take the newly entered password, and feed it through the various permutations john the ripper can do and compare these with your previous hashes... This includes among other things appending/prepending and stripping numbers and other symbols, converting common letters to numbers eg e->3, alternating the case of characters. It's the -rules option for john the ripper and makes a dictionary attack far more effective.
That's a flawed password strength algorithm then, since it doesn't check for common dictionary words... Try selecting those passwords on a linux system with cracklib enabled.
Well seeing as this is a prototype phone, you could assume that Apple is the owner and return it to them.
Console like simplicity is good for most typical users, but it effectively excludes the more technical class of users who want more control. In that respect, current games consoles and ipad/iphone go too far one way, while something like windows that requires you to deal with updates, drivers and anti malware protection etc goes too far in the other.
A compromise more like the Amiga would be better - typical users could boot the machine directly into a game or specific apps either from floppy or cd on certain models, while more technically literate users could boot up into workbench etc.
Don't alienate the geeks when making products suitable for end users.
Linux only ever got this reputation for having issues with hardware changes, due to geeks always compiling their own customized kernels which would intentionally not have support for any hardware not present in their machines... Such kernels will simply fail to boot on any different hardware.
But most people don't build their own kernels, and those that do are generally clued up enough to rebuild it to run on different hardware.
If you build an i586 image it will run just fine on x86_64, it can even support up to 64gb of memory on such systems.
Most standard linux distro kernels include support for pretty much any IDE/SATA controller you might encounter anyway, it is rare to find a linux system which won't boot due to lack of storage drivers.
Linux detects hardware at boot and includes all the drivers by default, so will run just fine when you transport an identical image to non identical hardware...
Windows tries to remember what hardware it was running on and install drivers when it encounters new hardware, so if you put an identical image on non identical hardware all kinds of things can happen such as needing to obtain and install additional drivers, windows requiring reactivation, blue screens etc.
But when you mention security updates for the customised rhel, you also need to security update the windows machines you use for managing esx (not to mention install/maintain av etc)... And you wouldn't want them to be virtual images - how would you recover them if they fail and you cant access the vm console?
Also, by requiring a proprietary windows client to manage it becomes somewhat less useful - i maintain a kvm based setup where all management is done over https, ssh or vnc and i can perform emergency maintenence/monitoring from my phone or over a similarly low bandwidth link if i need to.
Where does the virtual machine run? on the local hardware, or on a remote server?
ATI have released the specs, and the drivers are coming along... I have several machines with ATI chipsets using open source drivers and they function just fine. They might be slower than the binary drivers but they are improving all the time, and are already far more stable than the binary drivers ever were. People who need more performance than the current open drivers offer are a relatively small niche (mainly gamers)...
There is no additional reboot needed, your system reboots when you install the kernel update (and it asks your permission once for the kernel update - as it should).. The nvidia drivers are rebuilt during the next boot automatically - before X is started.
Rebooting when you update the kernel is unavoidable, but it only does it once...
You could also try ksplice, which lets you apply security patches to the kernel without rebooting (it works nicely on my ubuntu desktop box with nvidia gfx).
windows boxes do generally degrade over time, have you tried reinstalling it to see if its performance returns to what it was originally?
What happens if you take an image of your windows 7 system and put it on a completely different system?
That's the issue he has, not doing an initial install.
1, This is a common misconception, and depends how you define "expertise"...
You can find people claiming to have MS expertise anywhere, but their actual knowledge will often be extremely poor and might be based on as little as "i installed windows myself on my own computer"... MS marketing says that you can run a network with such people, but in reality such a network will perform extremely poorly and have constant problems.
When it comes to unix knowledge, few people will claim to have any unless they really do. In reality the same barely it literate people would be able to pick up the quickstart guides for modern unixes and get a system barely functioning too (and it would probably perform better tho obviously not perfect), but they often don't want to try.
What you really need, for either setup, is people who actually know what they're doing, and such people are actually harder to find for windows because its more difficult to filter out the clueless people. Once you have clued up staff you will find that a windows setup becomes a LOT more expensive as lots of third party software and additional admin time is required to try and compensate for flaws in windows. (the clueless staff will do without things like binary whitelisting, privilege separation and patch management systems etc - and end up with a horribly insecure network)
2, the execs want their calendars and such working, secure and reliable, and don't care how that's done... exchange is a huge nightmare and is totally useless in any environment where you have non windows clients. active directory is also great fun if you're a hacker, google for "pass the hash" or "the windows auth model is broken"... i do pentesting for a living, and have been able to acquire domain admin privileges on every single active directory based network i have ever tested without being given anything other than an ethernet port.
3, really highlights flaws in the way these regulations are written... if you look at something like pci it is extremely windows focused, and actually getting unix boxes up to spec is much easier than windows.
Windows mobile probably has more of a backwards compatibility problem than the iphone... The core OS of the iphone is the same as normal OSX and it's only the interface APIs which are different - and rightly so, the whole interface is fundamentally different in how you interact with it.
Windows mobile on the other hand is a whole different os with a completely different kernel.
You hit the nail on the head with MS... They took advantage of the opening of the hardware market to worm their way in with a closed part that was cheap enough compared to the hardware that it got overlooked until it was too late.
It's also how the market is heading, open source provides a gradual progression whereas closed source often has to reinvent the wheel... Just imagine trying to start a new entirely closed source unix compatible os to compete with linux and all the ancillary projects..
Without dirty tricks (lockin, bought legislation etc) closed source will inevitably be rendered unprofitable too as it is forced into ever smaller niches...
It's already happened to a great degree, remember BSDi and SCO? It's no longer possible to offer a commercial unix to run on generic hardware, the only commercial unixes still available come bundled with hardware and even they include a lot of open source code with them.
And to answer the grandparent, IBM is mostly a services company - they have come to realise that hardware has been driven to extremely thin margins and software is going the same way with even further to fall due to the non tangible nature of software.
Those users are rootkitted, they have by definition already been fucked over.
I have Clam installed on a mailserver, i update it whenever an update becomes available because it's a fairly critical piece of code (it directly interacts with malicious code received via email and performs some fairly complex analysis on it, plenty of scope for exploitation)...
It was telling you not to panic for a YEAR... If you'd updated it when it first started notifying you then it never would have broken anything.
A sales rep won't always sell you the best product for the job...
They will sell you whichever gives them the most commission. And as for support, most of them employ a bunch of totally clueless morons who know little more than how to follow the quick start guide that comes with the products they install.
The retailed might have contracted somalian pirates to hijack a ship load of ps3 consoles...
Much worse...
MS have never condoned modding the xbox, their stance on the matter has remained consistent right from the start. You knew before you bought the xbox that modding it is an unsupported action that carries a risk of bricking your console and getting you banned from xbox live.
Sony on the other hand intentionally provided the ability to run linux (and theoretically other operating systems too), and advertised this as a feature of the console. They have now taken away this feature from users who paid for it, and any user who wishes to retain the otheros feature gets the playstation network and the ability to play newer games taken away from them instead.
Sony are taking away advertised features of the console, features which were the deciding factor for some people when buying the console. MS are fixing bugs in the design which enabled users to make the console do things it was never designed to do.
Do they notify the users that they're rootkitted?
If anything, a bluescreen is a good thing since the rootkitted machine is now offline and no longer sending spam or whatever other malicious things it might be doing.
Well, by refusing to patch an already compromised system they open that system up to getting further malware infections...
If the system breaks at least it's now offline and will cease sending spam or whatever other malicious things its doing.
When you change your password, you are typically asked to enter your old password at the same time to prove your identity (and to stop people abusing a terminal left logged in)...
You could also take the newly entered password, and feed it through the various permutations john the ripper can do and compare these with your previous hashes... This includes among other things appending/prepending and stripping numbers and other symbols, converting common letters to numbers eg e->3, alternating the case of characters. It's the -rules option for john the ripper and makes a dictionary attack far more effective.
That's a flawed password strength algorithm then, since it doesn't check for common dictionary words...
Try selecting those passwords on a linux system with cracklib enabled.