To the contrary, SPF can be very effective. Earthlink, for instance, would set email from @earthlink.net to only be authorized from its own mail servers. As is the current case, mail users have to send email through Earthlink's SMTP. Most viruses, however, send directly from the infected machine. Less opportunity for for spam filtering or getting shut down that way. This requires that viruses must either send through official servers for the ISP (which they *don't* want to do), or forging a non-SPF domain.
You're assuming that code is static. New bugs are introduced with every release, and with every commit. Just because a group of Quality Assurance folks have been scanning the code for decades doesn't mean they'll catch the new bugs within a few hours.
I have family in several states in education and most agree that we're turning out fewer problem solvers than in the past. No-one seems to have a solution...
...if a Hafnium bomb could be built, it is thought that a golf ball sized chunk could produce the energy equivalent of 10 tons of conventional explosives.
Christ. With that much power, imagine how devastating a Holmium bomb would be.
And of course, there would be little reason to run Testing soon after a release. So the fact that it's unstable at the start and middle of the development cycle is fairly moot.
I see a lot of people are asking Debian to just throw Sarge out the door, and then worry about complying with the Debian Free Software Guidelines and the Social Contract.
This is not possible. What was recently voted on is a new social contract which forbids releasing any software, documentation or other product that isn't free. It's not just a decision that was made, or simply that a large number of people wanted it so that it's done. It's an actual contract upheld to its users by the entire Debian team. Doing a quick release of Sarge would not only be a violation of that contract, but it would be a violation of the entire spirit of Debian.
"the Debian system itself" is the key phrase, here.
When Debian refers to its own release, it does not refer to packages in contrib and non-free. They're there, they're updated, they're maintained by Debian Developers, they've got mailing lists, they've got bug reporting pages, and they're available through apt. However, they're not an official part of the Debian distribution.
Support for this hardware will still be there--you'll just need to add a single word to your apt configuration: "non-free".
How is this wrong? It is what would be considered stable by other distributions. If you don't mind having feature updates for software and packages added to the tree, you might as well use Sarge. What, then, is the difference between that and releases by other distributions?
Yeah, that's not its "official" purpose, but that doesn't negate the reality of the situation.
Debian only provides the security fix for its stable branch...
Thanks to lack of semantic intonation on the web, this implies something other than it meant to. I intended to say that Debian provides only the security fix for the stable branch, and explicitly goes out of its way to avoid inserting any new features or upgrades into software in the "stable" branch.
My company could never have put up with such a slow and unreliable release schedule.
I'd say the release schedule is quite reliable. "Never" is about as reliable as you can get. Joking aside, I don't see what the big problem is. Does your company actually *need* bleeding edge features provided by many packages? The truth is usually no, and that the unmatched stability and reliability of having older packages with fewer features is a better investment. If the answer is yes, it's very rarely for anything but a few packages, which can be upgraded easily through apt pinning.
The only updates that are absolutely critical are security patches. And thankfully, unlike some Operating Systems and distributions, Debian only provides the security fix for its stable branch, and doesn't require you to update the package to a newer version. This means that less bugs have a chance of being introduced in a security patch, which in turn allows companies to install patches with less worrying about whether or not it will break a current installation. It's still possible, but massively less likely.
In fact, when you get down to it, Sarge is pretty much completely usable as it is. The servers I administer which *do* happen to need those newer features are all running Sarge problem-free.
Really, for all the complaining about Debian, almost none of it is founded on anything rational. Think it's outdated? Run sarge or sid--you lose nothing. Think they're being too pedantic about code and documentation released under non-free licenses? Point apt at the contrib and non-free branches. They're even included into the Debian architecture, including bug reports, mailing lists, and apt entries, so you don't have to go out of your way to do anything special. It's literally no more than changing one word in a configuration file to fix both of these "problems".
And even better, all you have to do to keep Debian at the latest official release is to point to the "stable" branch. When sarge is release, you'll get all the updates automatically--and you have the reassurance that the migration path has been tested and retested ad nauseum.
This is what contrib and non-free are for. Debian's new social contract simply says that it will not depend upon non-free goods of any sort--not that it won't be provided.
Send me an email (ste phe n@t ous et. org) so I can find out if you go to the same University I do--the description matches perfectly. If so, the both of us will probably have better chances of changing something. Especially considering I know most of the Student Government and IT folks there.
When I asked the #debian folks for the location of an testing/unstable net install CD it took ten minutes of people asking why I didn't want to use floppies to install stable and then dist-upgrade. I don't have a floppy.
I'll admit that it's confusingly named, but the Debian removable media install is called "boot-floppies", irregardless of whether or not you use a floppy or CD to install it. For instance, you can find the netinst boot-floppies ISO images on the Debian website
I had no end of trouble with debian and SID/Sarge installer BECAUSE the installation-time kernel had the right modules but the installed kernel didn't!
The Debian installer installs the same kernel that it boots from...
If you actually look at Debian's website, you'll notice that there are ISOs available via FTP. This includes netinstall images, which are what I use entirely.
2) Recent updates. Something from the 21st century would be nice. Debian's "stable" is positively ancient.
That's because "stable" is supposed to be rock-solid, and only concerned with bugfixes and security patches. If you're running a production environment, this kind of guarantee can be priceless. However, if you're in need of newer packages, for God's sake use "testing" or "unstable". That's what they're there for! I've been running unstable for nearly two years now without problems--it's certainly no "riskier" than running Gentoo.
I still cannot understand why people still criticize Debian for being "ancient", while they actively ignore the fact that the "testing" and "unstable" distributions are there exactly for the people who want newer packages.
I've heard people complain that they shouldn't be forced to use beta software just to get features released a year and a half ago, but this neglects the obvious point that "beta" is just an arbitrary classification. It doesn't mean the software is dangerous to use or contains broken functionality--just that it's not ready for release yet. And I think we all know what Debian's quality standards of "ready for release" are.
3) If Debian wants more participants, then take a page from Linus -- lose the attitude. I want Linux, not a freakin' religion. We're peers, not apostles.
Debian is a distribution. You're confusing the users with the distribution itself. Yes, there are many Debian evangelists and purists, but it doesn't mean you have to be one, too. There's no contract you have to sign that says you must blindly support it, or that you even have to pay attention to the users who aggravate you.
Under Debian, I haven't ever had to create my own package--there are over ten thousand, and I have yet to find a package that I need which isn't in the Debian repository. And due to their policies, there are official and active maintainers for every package, which means that there's somebody to go to for bugfixes and policy violations, and it's being updated on a fairly regular basis.
If you do need to create a package, it's not at all hard to create a.deb file. The only thing required of you to become a Debian developer beyond what Gentoo requires is essentially a committment to work on the package and a signature on your GPG key from another Debian developer, ensuring to some extent that you are who you say you are. If you're not willing to take those steps, I doubt I'd feel secure in using your packages.
...but what about Debian? With Debian, the focus is on managed packages, but you still have the option of compiling from source, whereas Gentoo seems to be the opposite (compilation, with an option for packages). In fact, apt-build is far easier to use, in my opinion, than RedHat's system for compiling source RPMs.
Packages were invented to ease your workload, automatically handle dependencies for you, and allow for easier, faster, and standard deployments of software. If you absolutely have to compile from source (which, to be honest, is not that often), then at least have the sense to create a package for your specific build, such as apt-build does for you. There is no reason nowadays to avoid the use of packages, even when compiling from source.
Slashdot Mirror
Right. Because right-wingers condone thievery and looting, and left-wingers uphold all that is true and good in the world.
Could somebody please explain to me how this is biased in favor of either political leaning?
To the contrary, SPF can be very effective. Earthlink, for instance, would set email from @earthlink.net to only be authorized from its own mail servers. As is the current case, mail users have to send email through Earthlink's SMTP. Most viruses, however, send directly from the infected machine. Less opportunity for for spam filtering or getting shut down that way. This requires that viruses must either send through official servers for the ISP (which they *don't* want to do), or forging a non-SPF domain.
You're assuming that code is static. New bugs are introduced with every release, and with every commit. Just because a group of Quality Assurance folks have been scanning the code for decades doesn't mean they'll catch the new bugs within a few hours.
I believe their official reason was that they were afraid the weapons might suddenly go "boom", without anyone asking them to.
Who would mod this guy up? There was a great opportunity for a joke here, and he completely missed the existence of Holmium!
Hit escape, or select cancel.
Right. And no member of any other political party would even consider such a thing, right?
And of course, there would be little reason to run Testing soon after a release. So the fact that it's unstable at the start and middle of the development cycle is fairly moot.
I see a lot of people are asking Debian to just throw Sarge out the door, and then worry about complying with the Debian Free Software Guidelines and the Social Contract.
This is not possible. What was recently voted on is a new social contract which forbids releasing any software, documentation or other product that isn't free. It's not just a decision that was made, or simply that a large number of people wanted it so that it's done. It's an actual contract upheld to its users by the entire Debian team. Doing a quick release of Sarge would not only be a violation of that contract, but it would be a violation of the entire spirit of Debian.
"the Debian system itself" is the key phrase, here.
When Debian refers to its own release, it does not refer to packages in contrib and non-free. They're there, they're updated, they're maintained by Debian Developers, they've got mailing lists, they've got bug reporting pages, and they're available through apt. However, they're not an official part of the Debian distribution.
Support for this hardware will still be there--you'll just need to add a single word to your apt configuration: "non-free".
How is this wrong? It is what would be considered stable by other distributions. If you don't mind having feature updates for software and packages added to the tree, you might as well use Sarge. What, then, is the difference between that and releases by other distributions?
Yeah, that's not its "official" purpose, but that doesn't negate the reality of the situation.
Thanks to lack of semantic intonation on the web, this implies something other than it meant to. I intended to say that Debian provides only the security fix for the stable branch, and explicitly goes out of its way to avoid inserting any new features or upgrades into software in the "stable" branch.
I'd say the release schedule is quite reliable. "Never" is about as reliable as you can get. Joking aside, I don't see what the big problem is. Does your company actually *need* bleeding edge features provided by many packages? The truth is usually no, and that the unmatched stability and reliability of having older packages with fewer features is a better investment. If the answer is yes, it's very rarely for anything but a few packages, which can be upgraded easily through apt pinning.
The only updates that are absolutely critical are security patches. And thankfully, unlike some Operating Systems and distributions, Debian only provides the security fix for its stable branch, and doesn't require you to update the package to a newer version. This means that less bugs have a chance of being introduced in a security patch, which in turn allows companies to install patches with less worrying about whether or not it will break a current installation. It's still possible, but massively less likely.
In fact, when you get down to it, Sarge is pretty much completely usable as it is. The servers I administer which *do* happen to need those newer features are all running Sarge problem-free.
Really, for all the complaining about Debian, almost none of it is founded on anything rational. Think it's outdated? Run sarge or sid--you lose nothing. Think they're being too pedantic about code and documentation released under non-free licenses? Point apt at the contrib and non-free branches. They're even included into the Debian architecture, including bug reports, mailing lists, and apt entries, so you don't have to go out of your way to do anything special. It's literally no more than changing one word in a configuration file to fix both of these "problems".
And even better, all you have to do to keep Debian at the latest official release is to point to the "stable" branch. When sarge is release, you'll get all the updates automatically--and you have the reassurance that the migration path has been tested and retested ad nauseum.
This is what contrib and non-free are for. Debian's new social contract simply says that it will not depend upon non-free goods of any sort--not that it won't be provided.
Send me an email (ste phe n@t ous et. org) so I can find out if you go to the same University I do--the description matches perfectly. If so, the both of us will probably have better chances of changing something. Especially considering I know most of the Student Government and IT folks there.
If you actually look at Debian's website, you'll notice that there are ISOs available via FTP. This includes netinstall images, which are what I use entirely.
That's because "stable" is supposed to be rock-solid, and only concerned with bugfixes and security patches. If you're running a production environment, this kind of guarantee can be priceless. However, if you're in need of newer packages, for God's sake use "testing" or "unstable". That's what they're there for! I've been running unstable for nearly two years now without problems--it's certainly no "riskier" than running Gentoo.
I still cannot understand why people still criticize Debian for being "ancient", while they actively ignore the fact that the "testing" and "unstable" distributions are there exactly for the people who want newer packages.
I've heard people complain that they shouldn't be forced to use beta software just to get features released a year and a half ago, but this neglects the obvious point that "beta" is just an arbitrary classification. It doesn't mean the software is dangerous to use or contains broken functionality--just that it's not ready for release yet. And I think we all know what Debian's quality standards of "ready for release" are.
Debian is a distribution. You're confusing the users with the distribution itself. Yes, there are many Debian evangelists and purists, but it doesn't mean you have to be one, too. There's no contract you have to sign that says you must blindly support it, or that you even have to pay attention to the users who aggravate you.
It does?
.deb file. The only thing required of you to become a Debian developer beyond what Gentoo requires is essentially a committment to work on the package and a signature on your GPG key from another Debian developer, ensuring to some extent that you are who you say you are. If you're not willing to take those steps, I doubt I'd feel secure in using your packages.
Under Debian, I haven't ever had to create my own package--there are over ten thousand, and I have yet to find a package that I need which isn't in the Debian repository. And due to their policies, there are official and active maintainers for every package, which means that there's somebody to go to for bugfixes and policy violations, and it's being updated on a fairly regular basis.
If you do need to create a package, it's not at all hard to create a
"Hrm, the free software tax didn't go through. You wanna try taxing meat instead?"
If you don't know much about Poland, don't bother modding this comment.
Just because you post AC doesn't mean they don't have your IP, CowboyNeal.
...but what about Debian? With Debian, the focus is on managed packages, but you still have the option of compiling from source, whereas Gentoo seems to be the opposite (compilation, with an option for packages). In fact, apt-build is far easier to use, in my opinion, than RedHat's system for compiling source RPMs.
Packages were invented to ease your workload, automatically handle dependencies for you, and allow for easier, faster, and standard deployments of software. If you absolutely have to compile from source (which, to be honest, is not that often), then at least have the sense to create a package for your specific build, such as apt-build does for you. There is no reason nowadays to avoid the use of packages, even when compiling from source.
Packages make your life easier, plain and simple.