What Google has done is completely different because it didn't come from Microsoft. Microsoft has been operating a sweatshop of coding gnomes. They pay them only in fractions of a farthing per month! Whereas Google employs a crack team of trained code sphinxes who test their search technology daily with vexing questions. Google pays their sphinxes well and because of that the sphinxes coded this new technology that is quite superior to Microsoft's magic links technology. So don't fear the sphinxes for they are your friends. Microsoft abuses gnomes. They are evil.
It is my belief that eff is a place where defunked professors of law go...
So... do you mean that they smell less bad or something? I think the word you wanted was "defunct" as in obsolete or in Unix parlance: "deprecated". Hehehe "defunked". That's just too good.;p
...I never said I was a master debater.:) I know I lost the argument with you a while back.;P Off to try out OpenBSD once again and see if it suits my needs. It hasn't been ported to Xen yet.:(
So it's irrelevant that a typical admin (ie. not as capable as a BSD admin) can't install OpenBSD? And you expect that admin to be able to set up a USABLE and SECURE web server using OpenBSD? I think the assumption that I made that maybe you aren't making is that a capabale admin should not be platform specific. The capable admin should be able to install any OS and get it working and secure it. This is why the OS doesn't matter any more than the admin. 50/50. What's so hard to grasp about that?
The OS DOES NOT matter to security if the admin knows what he is doing. This applies to ALL OSes even OpenBSD. What good is all the security of OpenBSD unless the admin has the skill to use it as it is needed (webserver or otherwise)? In order to implement OpenBSD for any task, the admin needs to have a far greater skillset than a Windows or Linux admin. Therefore, setting up a (read carefully now) *USABLE, SECURE* OS is dependent on the admin. If I take the Windows jockey from down the hall and give him an OpenBSD boot floppy and install intructions, do you honestly think he will have a *USABLE, SECURE* set up? I don't. I think he'll have a migraine and hate me for recommending it.
And for the record, I'm not spreading FUD. The *BSDs are probably fine OSes. I try them every once in a while to see if they've caught up on the functionality end. Remember, having a secure OS means nothing if you can't easily implement what you need. The last time I tried a BSD (I think it was OpenBSD but they all look the same to me) was 2002. I did the floppy install over FTP using a DSL connection. I installed it on a 486-33. It worked. It took me a few hours to get it installed and to get Apache working on it. Once it was working though, I found that it couldn't server out my content because it didn't seem to have support for SSI configured. I didn't have the time or energy to waste on figuring out how to set it up so I left the box alone. I'm a pretty capable guy but that BSD just didn't give me what I wanted. Before that I tried FreeBSD on a laptop in 1999. It sucked royally. I was very new to *nix at the time so I didn't understand the concept of permissions outside of Windows NT 4. Today, I probably could make that work a little better but again... I'm not typical. Face it... the majority of people who are setting up webservers these days are people who only know the Windows OS. They want GUI configuration screens. They don't want to mess with text editors and config files. I don't mind that, but... I'm not typical. So yes, the admin's skills DO matter no matter which OS you are talking about. My skillset back in 1999 wasn't what it is now. Back then there was little hope of me setting up a BSD to be USABLE and SECURE. Today, I can probably do it, but it's still going to be more of a pain in the ass than Linux.
Screw what the discussion was about. I specifically said that the OS doesn't matter if you have a capable admin. This is truth. 50% admin skills + 50% OS = security. That's it. You are arguing that this formula would work (which it wouldn't):
OpenBSD + capable admin = security
That's not true. You might have a secure but unusable system with that combo. So what good is your secure system if it doesn't do the job?
I never said that OpenBSD couldn't be used as a web server. Sure it can. But you are stilll going to need to secure it just as much as you would need to secure Apache running on a Linux box. Frankly, unless I download sources and compile things myself, I don't feel secure.
There are many reasons for picking an OS. You seem to be hung up on the idea that OpenBSD is the ONLY secure platform for computing (and webserving) and I'm calling you out on the table for it. It's not. It's a decent platform but it has a steep learning curve and moronic advocates like you. And you wonder why people aren't interested.
Face it, the OS plays just as much a role in security as the admin. If you use hardened debian instead of plain old debian, you are going to be more secure. So quit pretending all OSs are equally secure and its only the admin that matters. And quit pretending openbsd is too limiting to be a webserver.
I never said anything to the contrary. I said that the skills of the admin will determine how secure your set up is. This is true no matter which OS we're talking about. OpenBSD demands that you have a greater skillset than most Linux or Windows admins have. The very fact that there are no ISOs and no Live CDs is one element that proves this. If I want to try out OpenBSD I have to commit myself to it.
There is also no GUI based installer. This doesn't bother me, but it's sure going to bother most Windows admins who want to give it a try as well as newer Linux users who never dealt with character based installs. Without a GUI install an OS is useless for most admins. I can deal with it, but I'm not typical.
The configuration of the network interfaces was a pain the last time I tried a BSD. It took a while to figure out where the configuration file was and again... no GUI to set it up. I can deal with it, but I'm not typical. I think you'd be hard pressed to find a lot of Windows admins who would be willing to deal with this level of complexity. Most of them (even the good ones) gripe when they have to write a CMD script. They're certainly not going to want to hunt down some obscure configuration file just to get a network interface or two working.
Face it. You're all wet. OpenBSD is probably decent but it doesn't provide what is needed in a modern OS to get a foot in the door in most shops. Until it doesn't require that strong of a skillset, it's always going to take a back seat to other OSes.
And BTW... my primary statement was that it's really about 50% admin skill and 50% OS that determines the security of a platform in general. It's nice that you personally find OpenBSD to be the perfect OS, but you can't deny that it takes a lot more skill to actually customize it to a realworld environment. Just flipping the switch to start Apache isn't the whole story if you want WebDAV, SSL or other modules. No matter which platform you are on, you are going to need to configure Apache beyond just turning it on. And since security is such a strong goal for OpenBSD, they are always going to be behind on the featureset. If that doesn't affect what the user wants to do, great! But if it does, then OpenBSD is not the right choice.
I'm not always connected to the internet. It's so much nicer to have a CD with everything on it. FTP/HTTP installs suck. I did install one of the BSDs that way in the past. It's not as fast as a CD-ROM install. And it may be opinion but I'm not of the view that there is "one true OS" like you seem to be. I believe that each OS has it's pros and cons and I pick and choose what I need when I need it. I'm not going to be selling Linux or *BSD to my in-laws since they've NEVER used computers before. Instead I got them to go with Windows XP Pro even though it does ethically bother me deep down. I just knew it would allow them to do the things they want to do with a minimum of intervention from me. My folks, I moved to a custom Linux build and they've never been happier although they still have trouble grasping the idea that nearly any application they want is either included or free. I think my approach is more honest and fairer than your approach because I don't advocate for a specific OS for every need. If I was going to be that pigheaded I'd probably recommend Mac OS X anyway. This has gotten so far off topic that I will open a JE if you want to discuss this further. Since you're being so pushy, I'm going to try OpenBSD out of spite in order to nit-pick it to death. Congratulate yourself for making me possibly hate what could be a decent OS if it weren't for the idiot advocacy.
It's a toss up. These days you can do things that you couldn't easily do in the past. But you have a lot less fun getting there. So if you miss the fun had in actualy doing things the "hard way", today's aproaches leave a lot to be desired. But there building your own laser in the past was not something that just anyone could do. So having today's laser LEDs available at a low cost is also a benefit.
Where are the ISOs? ISOs are the standard these days. I don't want to have to do an install with FTP or RSYNC and I certainly don't want to pay for a free OS. It looks like the only option I have is to mirror an FTP site and then figure out how to make my own ISO. This is EASIER than Linux? Feh!
Some specifics that apply to me BTW. I want to build a PVR. OpenBSD for that? No. I have the Happaugue PVR-250 card which is well supported under Linux but appears to be missing from OpenBSD's supported hardware list. I WANT the hardware based MPEG encoding that the PVR-250 offers. I don't want to have to buy a new box with enough CPU to do the encoding for me, so the BT series chipsets don't work for me even though they are supported in OpenBSD.
I want to use X.org for my X server. I don't want XFree86. Ports haven't caught up yet, so that's a no go.
As I've stated elsewhere before, the only reason to ever touch a computer is to make music or visual art, everything else is incidental. With that said, I have the Echo Layla digital audio interface for my audio work. It's supported with additional drivers for ALSA. I don't see any drivers for it listed on the OpenBSD site. And I don't think ALSA works with OpenBSD.
I don't see why you have such an axe to grind in favor of OpenBSD. It's almost like you have something against all other OSes but OpenBSD. Personally, I find that pretty sad. I have nothing against OpenBSD myself. I've tried it in the past and am considering trying it again in the future. In the past it didn't do anything for me as it required too much work to get going compared to RedHat Linux. If the installer has improved any, then kudos. But I have to say that with advocates like you, OpenBSD isn't going to gain friends anytime soon. You'd be much better off being more multiplatform and accepting that each one does some things well and doesn't do well at other things.
Cool. I remember dying to find a used Mega ST with the detachable KB. I considered doing the same as you, but I never got around to it. There is definitely something nice about having a separate KB from the rest of the computer. What I was always entertained by was the fact that the adults around me at the time thought I was "breaking" stuff. But when they saw what I managed to accomplish, they stopped complaining.:)
Schizophrenia may be related, but I think this is a whole new subset unto it's own. The people mentioned in the previous article don't exhibit schizophrenia. They just seem to have strong urges to transpose their video game habits onto real life situations while letting reason fly out the door. The story of the woman who grabbed the steering wheel while her husband was driving so she could score some extra points. That's what I'm talking about. Maybe you didn't see that story and I don't have time to find the link, but she definitely has mental issues. But they aren't strong enough to exclude her from living a fairly normal life. However, by obsessively playing video games, she increased the manifestation of those desires and superimposed them onto her real life. She knows that's not right, but she can't resist doing it. Sure sounds like a mental problem to me. And it sure sounds like virtual environments are the primary trigger. The same story also mentioned someone who works with a photo editing program all day who tried to "undo" a spill in her car. Definitely a new kind of mental problem if you ask me. Again, possibly a subset of schizophernia, but not strong enough to affect the person in other facets of life.
Back when I was a kid, I used to love to read Radio Electronic and Popular Electronics magazines from cover to cover. I'd read all the project ideas, I'd look over the ads, everything. I remembered seeing the Altair ads in my really old back issues and dreamt of the day when I could have my own computer. I built my own Timex-Sinclair ZX81 computer about the time you were born. It was all great fun. Unfortunately it seems that as electronics have become more and more minaturized, DIY has become somewhat harder. However, with the advent of PICs, Stix and SBDs, I think that computing and hobbyist electronics can be joined together. The neatest thing about DIY is that you can always put yourself ahead of the curve by having stuff that most people won't have at home for another five to ten years.:)
Specifically being able to do anything you want with the minimum of effort. Windows is extremely easy to do most things with at the cost of not being that secure out of the box. But I would challenge anyone to hack a well configured Windows box sitting behind a firewall with AV protection (which should be de rigeur these days). Linux is comparatively easier than the BSDs and supports far more applications and drivers. Not having access to apps and hardware is the major limitation of OpenBSD. OpenVMS won't run most of the apps that people want to run and it's very expensive. But it's secure as hell. More secure than OpenBSD in fact. That's still not a reason to use it if it won't host your application or use the hardware you want to use.
Yeah. I also read the article and it sounds like they went with limited configuration to secure the Apache and IIS installs. I guess this was done to make the point that IIS is more secure with less fiddling than Apache. But aso someone else in the thread earlier mentioned, it's difficult to compare both platforms fairly considering how different they really are.
God I miss the days when being into technology meant actually building and designing your own gear. I still do it to an extent, but some of it has moved into the "virtual" arena. I wonder how many Slashdot readers actually ever made their own crystal radios as kids? Or how many of us "modded" our cheapo TVs and stereos back in the late 70s and early 80s to give us pseudo stereo and then eventually real stereo TV? Or... how many of us handwired and built our own SIMM memory expanders for our Amigas and Atari STs? Those are all things I did, but a lot of times I feel like I'm one of the only ones here who ever did this kind of thing. Kind of like my old theory that musicians make the best computer tech folks.
...to use an OS that has special features. But it sure is limiting compared to using more mainstream OSes. The comparison of the article was Windows vs. Linux. My point is that it doesn't matter which OS you use as long as you know how to secure it. If your OS has special features and you don't mind the restrictions that come with them, then have at it. But the discussion is still Windows vs. Linux. If it was All OSes vs. All OSes, then you would have a point.
I didn't say that. I use Linux pretty much exclusively both at home and at work. But I also know enough about both OSes to be able to secure them well. I just prefer Linux because it's less expensive for me to run. All the money I save on software I can put into hardware. My friends wonder how I can have gigs of RAM in my systems and terabytes of hard drive space... if I don't have to pay for applications to do anything I want to, there's plenty of money left over for hardware. All those $39.95 apps add up over time.
Additionally, I've been running a Linux box at home with nothing but custom updates since it's original install back in 2001. It was a RedHat 7 box, but now it's nearly 95% custom compiled stuff. And it's been directly on the internet since 2001. Conversely, during the blackout in August 2003 in the northeast U.S. I wanted to use my laptop, my DSL line and a UPS to access the net. I hooked them up and within 20 seconds that Windows XP Pro laptop was infected with a worm. (The one that did the 45 second shutdown warning) But, if I was given Windows 2003 Server media and an SUS server, I am confident that I could install it and secure it for use directly on the internet without any problems at all and keep it secure.
Until features like that are implemented on all OSes, I don't think you can even bring them into the discussion. Sorry, but everyone not running OpenBSD or OpenVMS has a sow's ear compared to those silk purses. It's not even a fair comparison.
Sure. Different platforms are always going to be targetted in different ways. It still doesn't change the fact that the person who is supposed to secure the box is half of the problem if they aren't competent. I have a few Windows using friends who are positive that their systems are secure. But darn it all if I don't get a call from them every once in a while asking why their system is so slow, or why the hard drive is constantly running.:) When I used to take the time to inform them, they would always ask why anyone would be interested in their machine. When I explained the zombie army concept, they usually find it quite creepy, unacceptable and kind of unbelievable. In some cases they learned enough to keep their systems secured (even the less technically inclined ones). But once they stopped seeing "bad stuff" happening on their systems, they tended to become lazy and their systems would get owned again. I think the best thing I've ever done for my broadband using Windows using friends is recommend that they put their systems behind a hardware gateway of some kind and install AV software. In nearly every case, even the ones who haven't kept up to date, the calls have decreased dramatically. Are their systems secure? Hell no. But the more obvious forms of trouble have been cut down. The only thing that's been creeping up recently is the whole spyware problem.
Now... my Linux using friends? Well... I don't know more than one person in real life who uses Linux besides myself. And that other person has learned enough about Linux that he doesn't ask me questions anymore. But his system also tends to be up and running 24x7 just like mine.:)
Sure it's nice that OpenBSD was developed in that way, but it doesn't apply to the conversation any more than OpenVMS on DEC Alpha does. Buffer overflows are impossible in OpenVMS on Alpha, but that doesn't help a Windows or Linux shop, now does it? The reality is that most sites are heterogenous. So, maybe there are a handful of *BSD boxes running Apache but I'll guarantee you that there are far more boxes running Windows/IIS, Solaris/SunOne or Linux/Apache for web services. And every one of those boxes can be just as secure as the *BSD boxes as long as the admin is able to configure them properly. Odd features aside (like the no buffer overflow factor), it really is about a 50/50 split: OS distributor/Admin.
Slashdot Mirror
What Google has done is completely different because it didn't come from Microsoft. Microsoft has been operating a sweatshop of coding gnomes. They pay them only in fractions of a farthing per month! Whereas Google employs a crack team of trained code sphinxes who test their search technology daily with vexing questions. Google pays their sphinxes well and because of that the sphinxes coded this new technology that is quite superior to Microsoft's magic links technology. So don't fear the sphinxes for they are your friends. Microsoft abuses gnomes. They are evil.
;P
Yes. Laugh... it's absurdist!
So... do you mean that they smell less bad or something? I think the word you wanted was "defunct" as in obsolete or in Unix parlance: "deprecated". Hehehe "defunked". That's just too good.
...I never said I was a master debater. :) I know I lost the argument with you a while back. ;P Off to try out OpenBSD once again and see if it suits my needs. It hasn't been ported to Xen yet. :(
So it's irrelevant that a typical admin (ie. not as capable as a BSD admin) can't install OpenBSD? And you expect that admin to be able to set up a USABLE and SECURE web server using OpenBSD? I think the assumption that I made that maybe you aren't making is that a capabale admin should not be platform specific. The capable admin should be able to install any OS and get it working and secure it. This is why the OS doesn't matter any more than the admin. 50/50. What's so hard to grasp about that?
And for the record, I'm not spreading FUD. The *BSDs are probably fine OSes. I try them every once in a while to see if they've caught up on the functionality end. Remember, having a secure OS means nothing if you can't easily implement what you need. The last time I tried a BSD (I think it was OpenBSD but they all look the same to me) was 2002. I did the floppy install over FTP using a DSL connection. I installed it on a 486-33. It worked. It took me a few hours to get it installed and to get Apache working on it. Once it was working though, I found that it couldn't server out my content because it didn't seem to have support for SSI configured. I didn't have the time or energy to waste on figuring out how to set it up so I left the box alone. I'm a pretty capable guy but that BSD just didn't give me what I wanted. Before that I tried FreeBSD on a laptop in 1999. It sucked royally. I was very new to *nix at the time so I didn't understand the concept of permissions outside of Windows NT 4. Today, I probably could make that work a little better but again... I'm not typical. Face it... the majority of people who are setting up webservers these days are people who only know the Windows OS. They want GUI configuration screens. They don't want to mess with text editors and config files. I don't mind that, but... I'm not typical. So yes, the admin's skills DO matter no matter which OS you are talking about. My skillset back in 1999 wasn't what it is now. Back then there was little hope of me setting up a BSD to be USABLE and SECURE. Today, I can probably do it, but it's still going to be more of a pain in the ass than Linux.
Screw what the discussion was about. I specifically said that the OS doesn't matter if you have a capable admin. This is truth. 50% admin skills + 50% OS = security. That's it. You are arguing that this formula would work (which it wouldn't):
OpenBSD + capable admin = security
That's not true. You might have a secure but unusable system with that combo. So what good is your secure system if it doesn't do the job?
There are many reasons for picking an OS. You seem to be hung up on the idea that OpenBSD is the ONLY secure platform for computing (and webserving) and I'm calling you out on the table for it. It's not. It's a decent platform but it has a steep learning curve and moronic advocates like you. And you wonder why people aren't interested.
Face it, the OS plays just as much a role in security as the admin. If you use hardened debian instead of plain old debian, you are going to be more secure. So quit pretending all OSs are equally secure and its only the admin that matters. And quit pretending openbsd is too limiting to be a webserver.
I never said anything to the contrary. I said that the skills of the admin will determine how secure your set up is. This is true no matter which OS we're talking about. OpenBSD demands that you have a greater skillset than most Linux or Windows admins have. The very fact that there are no ISOs and no Live CDs is one element that proves this. If I want to try out OpenBSD I have to commit myself to it.
There is also no GUI based installer. This doesn't bother me, but it's sure going to bother most Windows admins who want to give it a try as well as newer Linux users who never dealt with character based installs. Without a GUI install an OS is useless for most admins. I can deal with it, but I'm not typical.
The configuration of the network interfaces was a pain the last time I tried a BSD. It took a while to figure out where the configuration file was and again... no GUI to set it up. I can deal with it, but I'm not typical. I think you'd be hard pressed to find a lot of Windows admins who would be willing to deal with this level of complexity. Most of them (even the good ones) gripe when they have to write a CMD script. They're certainly not going to want to hunt down some obscure configuration file just to get a network interface or two working.
Face it. You're all wet. OpenBSD is probably decent but it doesn't provide what is needed in a modern OS to get a foot in the door in most shops. Until it doesn't require that strong of a skillset, it's always going to take a back seat to other OSes.
And BTW... my primary statement was that it's really about 50% admin skill and 50% OS that determines the security of a platform in general. It's nice that you personally find OpenBSD to be the perfect OS, but you can't deny that it takes a lot more skill to actually customize it to a realworld environment. Just flipping the switch to start Apache isn't the whole story if you want WebDAV, SSL or other modules. No matter which platform you are on, you are going to need to configure Apache beyond just turning it on. And since security is such a strong goal for OpenBSD, they are always going to be behind on the featureset. If that doesn't affect what the user wants to do, great! But if it does, then OpenBSD is not the right choice.
I'm not always connected to the internet. It's so much nicer to have a CD with everything on it. FTP/HTTP installs suck. I did install one of the BSDs that way in the past. It's not as fast as a CD-ROM install. And it may be opinion but I'm not of the view that there is "one true OS" like you seem to be. I believe that each OS has it's pros and cons and I pick and choose what I need when I need it. I'm not going to be selling Linux or *BSD to my in-laws since they've NEVER used computers before. Instead I got them to go with Windows XP Pro even though it does ethically bother me deep down. I just knew it would allow them to do the things they want to do with a minimum of intervention from me. My folks, I moved to a custom Linux build and they've never been happier although they still have trouble grasping the idea that nearly any application they want is either included or free. I think my approach is more honest and fairer than your approach because I don't advocate for a specific OS for every need. If I was going to be that pigheaded I'd probably recommend Mac OS X anyway. This has gotten so far off topic that I will open a JE if you want to discuss this further. Since you're being so pushy, I'm going to try OpenBSD out of spite in order to nit-pick it to death. Congratulate yourself for making me possibly hate what could be a decent OS if it weren't for the idiot advocacy.
It's a toss up. These days you can do things that you couldn't easily do in the past. But you have a lot less fun getting there. So if you miss the fun had in actualy doing things the "hard way", today's aproaches leave a lot to be desired. But there building your own laser in the past was not something that just anyone could do. So having today's laser LEDs available at a low cost is also a benefit.
Where are the ISOs? ISOs are the standard these days. I don't want to have to do an install with FTP or RSYNC and I certainly don't want to pay for a free OS. It looks like the only option I have is to mirror an FTP site and then figure out how to make my own ISO. This is EASIER than Linux? Feh!
Some specifics that apply to me BTW. I want to build a PVR. OpenBSD for that? No. I have the Happaugue PVR-250 card which is well supported under Linux but appears to be missing from OpenBSD's supported hardware list. I WANT the hardware based MPEG encoding that the PVR-250 offers. I don't want to have to buy a new box with enough CPU to do the encoding for me, so the BT series chipsets don't work for me even though they are supported in OpenBSD.
I want to use X.org for my X server. I don't want XFree86. Ports haven't caught up yet, so that's a no go.
As I've stated elsewhere before, the only reason to ever touch a computer is to make music or visual art, everything else is incidental. With that said, I have the Echo Layla digital audio interface for my audio work. It's supported with additional drivers for ALSA. I don't see any drivers for it listed on the OpenBSD site. And I don't think ALSA works with OpenBSD.
I don't see why you have such an axe to grind in favor of OpenBSD. It's almost like you have something against all other OSes but OpenBSD. Personally, I find that pretty sad. I have nothing against OpenBSD myself. I've tried it in the past and am considering trying it again in the future. In the past it didn't do anything for me as it required too much work to get going compared to RedHat Linux. If the installer has improved any, then kudos. But I have to say that with advocates like you, OpenBSD isn't going to gain friends anytime soon. You'd be much better off being more multiplatform and accepting that each one does some things well and doesn't do well at other things.
Fine. OpenBSD is the greatest and mostest secure OS evar! Happy?
Funny you should mention that. So was I! :) "Losing it" at 16 is a lot of fun.
Cool. I remember dying to find a used Mega ST with the detachable KB. I considered doing the same as you, but I never got around to it. There is definitely something nice about having a separate KB from the rest of the computer. What I was always entertained by was the fact that the adults around me at the time thought I was "breaking" stuff. But when they saw what I managed to accomplish, they stopped complaining. :)
Schizophrenia may be related, but I think this is a whole new subset unto it's own. The people mentioned in the previous article don't exhibit schizophrenia. They just seem to have strong urges to transpose their video game habits onto real life situations while letting reason fly out the door. The story of the woman who grabbed the steering wheel while her husband was driving so she could score some extra points. That's what I'm talking about. Maybe you didn't see that story and I don't have time to find the link, but she definitely has mental issues. But they aren't strong enough to exclude her from living a fairly normal life. However, by obsessively playing video games, she increased the manifestation of those desires and superimposed them onto her real life. She knows that's not right, but she can't resist doing it. Sure sounds like a mental problem to me. And it sure sounds like virtual environments are the primary trigger. The same story also mentioned someone who works with a photo editing program all day who tried to "undo" a spill in her car. Definitely a new kind of mental problem if you ask me. Again, possibly a subset of schizophernia, but not strong enough to affect the person in other facets of life.
...as much as it is a hyped up rear projection screen. Neat. But still not true holography.
Back when I was a kid, I used to love to read Radio Electronic and Popular Electronics magazines from cover to cover. I'd read all the project ideas, I'd look over the ads, everything. I remembered seeing the Altair ads in my really old back issues and dreamt of the day when I could have my own computer. I built my own Timex-Sinclair ZX81 computer about the time you were born. It was all great fun. Unfortunately it seems that as electronics have become more and more minaturized, DIY has become somewhat harder. However, with the advent of PICs, Stix and SBDs, I think that computing and hobbyist electronics can be joined together. The neatest thing about DIY is that you can always put yourself ahead of the curve by having stuff that most people won't have at home for another five to ten years. :)
Specifically being able to do anything you want with the minimum of effort. Windows is extremely easy to do most things with at the cost of not being that secure out of the box. But I would challenge anyone to hack a well configured Windows box sitting behind a firewall with AV protection (which should be de rigeur these days). Linux is comparatively easier than the BSDs and supports far more applications and drivers. Not having access to apps and hardware is the major limitation of OpenBSD. OpenVMS won't run most of the apps that people want to run and it's very expensive. But it's secure as hell. More secure than OpenBSD in fact. That's still not a reason to use it if it won't host your application or use the hardware you want to use.
Yeah. I also read the article and it sounds like they went with limited configuration to secure the Apache and IIS installs. I guess this was done to make the point that IIS is more secure with less fiddling than Apache. But aso someone else in the thread earlier mentioned, it's difficult to compare both platforms fairly considering how different they really are.
God I miss the days when being into technology meant actually building and designing your own gear. I still do it to an extent, but some of it has moved into the "virtual" arena. I wonder how many Slashdot readers actually ever made their own crystal radios as kids? Or how many of us "modded" our cheapo TVs and stereos back in the late 70s and early 80s to give us pseudo stereo and then eventually real stereo TV? Or... how many of us handwired and built our own SIMM memory expanders for our Amigas and Atari STs? Those are all things I did, but a lot of times I feel like I'm one of the only ones here who ever did this kind of thing. Kind of like my old theory that musicians make the best computer tech folks.
...to use an OS that has special features. But it sure is limiting compared to using more mainstream OSes. The comparison of the article was Windows vs. Linux. My point is that it doesn't matter which OS you use as long as you know how to secure it. If your OS has special features and you don't mind the restrictions that come with them, then have at it. But the discussion is still Windows vs. Linux. If it was All OSes vs. All OSes, then you would have a point.
I didn't say that. I use Linux pretty much exclusively both at home and at work. But I also know enough about both OSes to be able to secure them well. I just prefer Linux because it's less expensive for me to run. All the money I save on software I can put into hardware. My friends wonder how I can have gigs of RAM in my systems and terabytes of hard drive space... if I don't have to pay for applications to do anything I want to, there's plenty of money left over for hardware. All those $39.95 apps add up over time.
Additionally, I've been running a Linux box at home with nothing but custom updates since it's original install back in 2001. It was a RedHat 7 box, but now it's nearly 95% custom compiled stuff. And it's been directly on the internet since 2001. Conversely, during the blackout in August 2003 in the northeast U.S. I wanted to use my laptop, my DSL line and a UPS to access the net. I hooked them up and within 20 seconds that Windows XP Pro laptop was infected with a worm. (The one that did the 45 second shutdown warning) But, if I was given Windows 2003 Server media and an SUS server, I am confident that I could install it and secure it for use directly on the internet without any problems at all and keep it secure.
Until features like that are implemented on all OSes, I don't think you can even bring them into the discussion. Sorry, but everyone not running OpenBSD or OpenVMS has a sow's ear compared to those silk purses. It's not even a fair comparison.
Sure. Different platforms are always going to be targetted in different ways. It still doesn't change the fact that the person who is supposed to secure the box is half of the problem if they aren't competent. I have a few Windows using friends who are positive that their systems are secure. But darn it all if I don't get a call from them every once in a while asking why their system is so slow, or why the hard drive is constantly running. :) When I used to take the time to inform them, they would always ask why anyone would be interested in their machine. When I explained the zombie army concept, they usually find it quite creepy, unacceptable and kind of unbelievable. In some cases they learned enough to keep their systems secured (even the less technically inclined ones). But once they stopped seeing "bad stuff" happening on their systems, they tended to become lazy and their systems would get owned again. I think the best thing I've ever done for my broadband using Windows using friends is recommend that they put their systems behind a hardware gateway of some kind and install AV software. In nearly every case, even the ones who haven't kept up to date, the calls have decreased dramatically. Are their systems secure? Hell no. But the more obvious forms of trouble have been cut down. The only thing that's been creeping up recently is the whole spyware problem.
:)
Now... my Linux using friends? Well... I don't know more than one person in real life who uses Linux besides myself. And that other person has learned enough about Linux that he doesn't ask me questions anymore. But his system also tends to be up and running 24x7 just like mine.
Sure it's nice that OpenBSD was developed in that way, but it doesn't apply to the conversation any more than OpenVMS on DEC Alpha does. Buffer overflows are impossible in OpenVMS on Alpha, but that doesn't help a Windows or Linux shop, now does it? The reality is that most sites are heterogenous. So, maybe there are a handful of *BSD boxes running Apache but I'll guarantee you that there are far more boxes running Windows/IIS, Solaris/SunOne or Linux/Apache for web services. And every one of those boxes can be just as secure as the *BSD boxes as long as the admin is able to configure them properly. Odd features aside (like the no buffer overflow factor), it really is about a 50/50 split: OS distributor/Admin.