This would not be a problem if the dominant coercive monopoly platform was not such a security dissaster. Windows is easy to break and hard to fix and will be as long as it's not free software.
Nothing is new with the Vista security model. Check out boot kits
So while M$ contemplates fixing ancient flaws, the virus writers have discovered brand new ways to 0wn Windoze. Great, they are running circles around them.
Look at what they did to Twitter. I count no fewer than 10 modpoints blowing him off the discussion within 12 hours. He must have struck a nerve.
The issue was completely burried in the open source part of the driver. If you look at the original report and the actual fix that would be quite easy to spot. I fail to see why not having access to the source of not even involved parts of the driver would have helped to solve this issue easier and faster.
Are you telling me that there's no additional complexity to not having all of the source code? That a rigid API is something that has no coding cost? Would it be easier if the whole thing was free or not?
This has got to be the first Windows centric article I've enjoyed. That is said as someone who remembers the transition of Byte from a computer magazine to a Windoze product review. In other words, Windows centric articles have bothered me from the very beginning.
I mean, I've had this 20 meg MFD drive for like 15 years now, why can't modern computers keep up with something so simple!?
The last time I tried that, the 2.2 kernel saw and used the drive. I'm glad it did, because that made the final backup a single 20 mb file instead of a bunch of floppies.
I don't mind hardware makers abandoning hardware, so long as they are not secretive about the new hardware. Unfortunately, SATA makers have been not shared and there are many problems with SATA for GNU/Linux. This secrecy is a M$ move to make free software that much more difficult, just like winmodems, wifi cards and ACPI, the next BIOS and many other barriers to your software freedom.
This issue has nothing to do with non-free. The fix was in the free portion of the code, according to this link. Moreover, the bug was not found due to it being open source. It was found by testing. So just by virtue of being FOSS, software does not become miraculously bug-free.
First, a diff file to the free section does not prove much because you won't see changes in the non free side. Not being intimately familiar with the code, I can't tell what's going on and no one without access to all the relevent code could ever be completely familiar with it. Even still, you are right about beating as a method of finding problems. That's the way people do it. The difference here is that a fix would have been easier and faster if all of the code was available. I'll also say that the flaw would have been less likely to occur if all of the code was available.
You are also right about there being no magic to free software - peer review is science, not magic. Getting things right with binary blobs is luck or magic and that's part of the reason there's a problem and we are having this little conversation.
When this happens with a free driver, you can put it in my face. Until then, the score is non free -1, again.
For the driver to be completely free, Atheros would have to create a chip incapable of violating FCC regulations,...
If this is true, how is it that any free drivers exist?
What part of "the flaw was in the open portion of the driver" did you manage to miss?
A link. I don't trust you. Even if what you said were true, it's wrong. Bugs happen less and are easier to fix on projects that are completely free. Building against binary blobs leaves you in the dark, you know helpless and divided, that kind of thing.
I bet you'll follow up with a nice long post (under your twitter alias) where you rant about me, dedazo, Macthorpe, Keith Russell and various other people about 1,000,000 times less unhinged than you are.
Why are you wasting so much of your time harassing Twitter and now me?
"This is why it's important to distinguish between "Linux" and "Free Software".... nonsense like the popularity argument and other FUD presented in PC World."
I don't see how this is relevant or even how it makes any sense at all.
That's because you have not gotten your head around the fact that peer review makes for better code.
I'll give you a quick hint: there are no digital restrictions in free software.
The consensus opinion is that Vista's digital restrictions set it up for failure. Really, it even annoys fanboys to the point where no one wants it. My opinion is that they just make obvious M$ intentions but don't represent any change of attitude.
DRM is snakeoil, much like Windows itself. All digital restriction schemes have the same attitude and end goal. The way M$ does it now represents the absurd lengths required make them even look like they could work. Big publishers want to control your digital media in a way that they could not with paper or even broadcast. It's not going to work but we need to fight it every step of the way. The easiest way to avoid it is to not buy things filled with such obvious contempt for the customer.
Finally, note that free software distributions like Debian, clearly label n binary blobs required by the Madwifi drivers as non free and these are not included by default.
The point that PC World misses is that non free has problems in both the Linux and Windoze world. The magic of GNU/Linux is that it's Free Software. When you mix in binary blobs, you are once again a helpless user. Others have noticed that Atheros does not release specifications required to build drivers. That's too bad, but they are not the least friendly wireless company.
I should point out that the driver in question is MadWifi; it's mostly closed source.
Indeed, we've been here before. Stuff like this makes me feel better about the few inconveniences I've had to put up with to use Debian. It is difficult to find hardware that works, but that's nothing next to getting nailed like a Windoze user.
This is why it's important to distinguish between "Linux" and "Free Software". Sooner or later the message will get through over nonsense like the popularity argument and other FUD presented in PC World.
The madwifi howto is here. It seems that you can type, "lsmod | grep ath_pci" to find out if you are running the supposedly exploited module. My simple Etch system does not have this or wlanconfig tools by default, though those tools look very nice and I'm sure this little problem will be fixed quickly.
I have to agree with you about the uselessness of the PC World article. Besides not having any useful information, it's filled with FUD about free software wifi and confused "popularity argument" babble. In short it's more of a, "everyone else has these problems too, so Windoze away," pacifier than it is a news article.
and the guy still has a broken laptop. What I get out of that is avoid Toshiba.
Only someone with their head firmly buried could think there is nothing wrong with BIOS. They are not free and the companies that make them work closely with M$, a company famous for sabotaging their competitors. This makes all new equipment a crap shoot. The author may have pussed out of his original sentiment, but things have not changed at all since he wrote the article:
convicted monopolist Microsoft should stop trying to push the hardware and BIOS industries into sentencing alternative operating systems to a second-rate electronic Siberia. Customers should take note and hope that competing BIOS manufacturers, such as American Megatrends, have a clearer vision than the people running Phoenix.
ACPI and APM before it were royal pains that took years for free software to master. Hardware that can only be manipulated with Windoze only software adds further insult to those who would avoid non free software. Finally, there are plenty of stores that won't take your laptop back if you have installed free software on it. Finally the author admits, "Toshiba's BIOS download page indicates that their BIOS is only designed for Windows Vista," but then blames the user for his misfortune when it did not work. Let's hear it for choice.
The upshot to all of this is that I won't buy any computer unless I've booted it and seen all of it work or read a page where someone has made it work.
Chess only has a real problem and a real gripe. His laptop does not work and no one has stepped up to the plate with a solution. Insults like, " I suspect that chessonly's problem is somewhere between the chair and the keyboard" are shameful. Screw you Network Computing, I hope you get forced onto Vista next week.
An AC directs me to the rotten.com article on Bill Gates. Thanks, AC, that's a very funny page. Oh yeah, it's also more reliable than anything from M$.
Wrong - Linux and Mac are completely vulnerable to this type of attack. You go to install something that you were told to do so and it prompts for the root password. The user then types it in and the machine is wide open.... Why bother with less than 5% when you can get 95% in a single effort?
Have you ever done anything with free software or a Mac? Neither works that way and there are multiple barriers, technical and social. Only someone without any Linux or Mac use could believe differently.
In the Windoze world you seem used to, all you have to do is click on things and the machine is off to the races. Why the M$ people don't fix this is beyond me but I don't really care.
In the Linux and Mac world nothing that comes through email has an execute bit set, nothing from email can do anything. The user will have to pull up a command line, change the execute bit and then provide a root password.
The social barrier comes from knowing where software comes from and the ability to share. No Mac software is ever distributed as a zip file like this. In the non free world, software comes from dozzens of sources in dozzens of annoyingly different and incompatible ways. In the free software world, everything comes from your distribution through a single program. In both the Linux and Mac world, the user will ask around before installing random software, especially one junk from the mail, because they have been trained to think that way. In the non free world, people are trained to push every button because they are trained to "do as I say". It's a byproduct of a greedy and broken distribution and development model.
I think Stallman is a good counter-balance to the 'earn money at all costs' types out there.
You might have noticed that big and small companies are earning lots of money without taking away your software freedom, so this is no longer a business discussion it's a moral one. It is now cheaper and more profitable to develop, use and vend free software than it is to do the same with non free software. The biggest clue for you is the collapse of the non free software world to a small number of very large and abusive companies.
Freedom + slavery = slavery, you can't balance a little of one with the other. This is the message the FSF is trying to get through to people. You have the right to use their computer as you see fit, it's as simple as that. As the big publishers try to push digital restrictions down your throat, the goals of non free software are more obvious than ever.
It's news because some idiots will tell you there's not business model that will work at all. To them, and many others, the fact that small and large businesses are not only possible but exist and are thriving is the kind of news that contradicts previous lies.
Thanks for copying that here. I thought those specifics were important. The editors found another group of specifics that are interesting and I'm sure there's room for all sorts of nasties in the original.
Really, what do you expect someone in that position to want?
I expect them to uphold their oath of office, "do solemnly swear (or affirm) that I will support and defend the Constitution of the United States against all enemies, foreign or domestic." OK, that's not really his oath, it's for an officer and does not mention obeying the president. The president himself is bound by a similar oath. Violating the Bill of Rights is not expected behavior, it's disgraceful behavior and borders on treason.
Those who seek absolute power, even though they seek it to do what they regard as good, are simply demanding the right to enforce their own version of heaven on earth. And let me remind you, they are the very ones who always create the most hellish tyrannies. Absolute power does corrupt, and those who seek it must be suspect and must be opposed. Their mistaken course stems from false notions of equality, ladies and gentlemen. Equality, rightly understood, as our founding fathers understood it, leads to liberty and to the emancipation of creative differences. Wrongly understood, as it has been so tragically in our time, it leads first to conformity and then to despotism..... Extremism in the defense of liberty is no vice... moderation in the pursuit of justice is no virtue.
What an Empty Promise.
on
AMD's New DRM
·
· Score: 1
The author blatantly contradicts himself here:
If they perfect that unbreakable link between the media and the delivery end point, if theres never another DVD image splattered all over the Internet, then IT will be able to make a promise that, to date, it couldnt: Nobody can view or copy your data without authorization.
and here, where he points out the long list of people who will be able to view or copy your data without authorization:
There is a short list of parties who will be unauthorized to access your frame buffer: You. There is a long list of parties who are authorized to access your frame buffer, and that list includes Microsoft, Apple, AMD, Intel, ATI, NVidia, Sony Pictures, Paramount, HBO, CBS, Macrovision, and all other content owners and enablers that want your machine to themselves whenever youre watching, listening to, reading, or shooting monsters with their products.
The only thing he gets wrong above is that it's still your machine. With systems like this, the computer on your desk is more the property of the your software's owners than it ever was yours.
I'll only be concerned if hardware changes can lock out "unauthorized" software and the adoption of stupid file formats that won't work with free software. The futility of such measures is demonstrated by taking a screen shot with a pocket camera. Widespread adoption by the ignorant and coerced will perpetuate and encourage non free computing without any benefit.
Asymptototic Death: Arrogance and Stupidity.
on
The End is Nigh for XP
·
· Score: 4, Insightful
That's about all one could ever say in favor of a Microsoft product. They will always asymptotically approach useability.
That's true if you consider "dumb" usable. The trend I've noticed is less control, less flexibility, fewer 3rd party vendors (aka choice) and more annoyance and auto-wrong features. Security and stability have remained poor and have trended down.
They have pulled out the stops in their breakage of XP though. Today I watched someone try to rebuild an XP laptop. He'd done it manytimes before because someone stuck him with admin responsibility for 15 of them. The process had changed on him this time and it failed. The usual tedious process of manually downloading "updates" fell apart and the automatic process took over and could not be stopped. A couple hours later, I stuck my head in to see how it was going and he was reading a M$ support page about "silent failures". Better him than me.
This "upgrade" cycle has the feeling 95 to 98 did but worse. Eerything fell apart at once and the answer was to buy a new one. This time the "new one" is a computer with about 4 times the hardware. BadVista's got the scoop on this one, Vista - Arrogance & Stupidity, "No sane person wants Vista, so Microsoft is making sure they have no choice."
Slashdot Mirror
This would not be a problem if the dominant coercive monopoly platform was not such a security dissaster. Windows is easy to break and hard to fix and will be as long as it's not free software.
Nothing is new with the Vista security model. Check out boot kits
So while M$ contemplates fixing ancient flaws, the virus writers have discovered brand new ways to 0wn Windoze. Great, they are running circles around them.
Look at what they did to Twitter. I count no fewer than 10 modpoints blowing him off the discussion within 12 hours. He must have struck a nerve.
The issue was completely burried in the open source part of the driver. If you look at the original report and the actual fix that would be quite easy to spot. I fail to see why not having access to the source of not even involved parts of the driver would have helped to solve this issue easier and faster.
Are you telling me that there's no additional complexity to not having all of the source code? That a rigid API is something that has no coding cost? Would it be easier if the whole thing was free or not?
and there's a good reason for that.
This has got to be the first Windows centric article I've enjoyed. That is said as someone who remembers the transition of Byte from a computer magazine to a Windoze product review. In other words, Windows centric articles have bothered me from the very beginning.
I mean, I've had this 20 meg MFD drive for like 15 years now, why can't modern computers keep up with something so simple!?
The last time I tried that, the 2.2 kernel saw and used the drive. I'm glad it did, because that made the final backup a single 20 mb file instead of a bunch of floppies.
I don't mind hardware makers abandoning hardware, so long as they are not secretive about the new hardware. Unfortunately, SATA makers have been not shared and there are many problems with SATA for GNU/Linux. This secrecy is a M$ move to make free software that much more difficult, just like winmodems, wifi cards and ACPI, the next BIOS and many other barriers to your software freedom.
but it does not prove what you say:
This issue has nothing to do with non-free. The fix was in the free portion of the code, according to this link. Moreover, the bug was not found due to it being open source. It was found by testing. So just by virtue of being FOSS, software does not become miraculously bug-free.
First, a diff file to the free section does not prove much because you won't see changes in the non free side. Not being intimately familiar with the code, I can't tell what's going on and no one without access to all the relevent code could ever be completely familiar with it. Even still, you are right about beating as a method of finding problems. That's the way people do it. The difference here is that a fix would have been easier and faster if all of the code was available. I'll also say that the flaw would have been less likely to occur if all of the code was available.
You are also right about there being no magic to free software - peer review is science, not magic. Getting things right with binary blobs is luck or magic and that's part of the reason there's a problem and we are having this little conversation.
When this happens with a free driver, you can put it in my face. Until then, the score is non free -1, again.
For the driver to be completely free, Atheros would have to create a chip incapable of violating FCC regulations, ...
If this is true, how is it that any free drivers exist?
What part of "the flaw was in the open portion of the driver" did you manage to miss?
A link. I don't trust you. Even if what you said were true, it's wrong. Bugs happen less and are easier to fix on projects that are completely free. Building against binary blobs leaves you in the dark, you know helpless and divided, that kind of thing.
I bet you'll follow up with a nice long post (under your twitter alias) where you rant about me, dedazo, Macthorpe, Keith Russell and various other people about 1,000,000 times less unhinged than you are.
Why are you wasting so much of your time harassing Twitter and now me?
That's because you have not gotten your head around the fact that peer review makes for better code.
And why are they stalking you?
Do digital restrictions in OSX or Linux:
I'll give you a quick hint: there are no digital restrictions in free software.
The consensus opinion is that Vista's digital restrictions set it up for failure. Really, it even annoys fanboys to the point where no one wants it. My opinion is that they just make obvious M$ intentions but don't represent any change of attitude.
DRM is snakeoil, much like Windows itself. All digital restriction schemes have the same attitude and end goal. The way M$ does it now represents the absurd lengths required make them even look like they could work. Big publishers want to control your digital media in a way that they could not with paper or even broadcast. It's not going to work but we need to fight it every step of the way. The easiest way to avoid it is to not buy things filled with such obvious contempt for the customer.
Finally, note that free software distributions like Debian, clearly label n binary blobs required by the Madwifi drivers as non free and these are not included by default.
The point that PC World misses is that non free has problems in both the Linux and Windoze world. The magic of GNU/Linux is that it's Free Software. When you mix in binary blobs, you are once again a helpless user. Others have noticed that Atheros does not release specifications required to build drivers. That's too bad, but they are not the least friendly wireless company.
I should point out that the driver in question is MadWifi; it's mostly closed source.
Indeed, we've been here before. Stuff like this makes me feel better about the few inconveniences I've had to put up with to use Debian. It is difficult to find hardware that works, but that's nothing next to getting nailed like a Windoze user.
This is why it's important to distinguish between "Linux" and "Free Software". Sooner or later the message will get through over nonsense like the popularity argument and other FUD presented in PC World.
For further peace of mind, you can check this list of devices and "lspci" to see if further action is required.
The madwifi howto is here. It seems that you can type, "lsmod | grep ath_pci" to find out if you are running the supposedly exploited module. My simple Etch system does not have this or wlanconfig tools by default, though those tools look very nice and I'm sure this little problem will be fixed quickly.
I have to agree with you about the uselessness of the PC World article. Besides not having any useful information, it's filled with FUD about free software wifi and confused "popularity argument" babble. In short it's more of a, "everyone else has these problems too, so Windoze away," pacifier than it is a news article.
the article is one big "nothing happened"
and the guy still has a broken laptop. What I get out of that is avoid Toshiba.
Only someone with their head firmly buried could think there is nothing wrong with BIOS. They are not free and the companies that make them work closely with M$, a company famous for sabotaging their competitors. This makes all new equipment a crap shoot. The author may have pussed out of his original sentiment, but things have not changed at all since he wrote the article:
ACPI and APM before it were royal pains that took years for free software to master. Hardware that can only be manipulated with Windoze only software adds further insult to those who would avoid non free software. Finally, there are plenty of stores that won't take your laptop back if you have installed free software on it. Finally the author admits, "Toshiba's BIOS download page indicates that their BIOS is only designed for Windows Vista," but then blames the user for his misfortune when it did not work. Let's hear it for choice.
The upshot to all of this is that I won't buy any computer unless I've booted it and seen all of it work or read a page where someone has made it work.
Chess only has a real problem and a real gripe. His laptop does not work and no one has stepped up to the plate with a solution. Insults like, " I suspect that chessonly's problem is somewhere between the chair and the keyboard" are shameful. Screw you Network Computing, I hope you get forced onto Vista next week.
You turds trolled the BRLUG and got this. Ha ha, I missed that one, thanks again.
An AC directs me to the rotten.com article on Bill Gates. Thanks, AC, that's a very funny page. Oh yeah, it's also more reliable than anything from M$.
Wrong - Linux and Mac are completely vulnerable to this type of attack. You go to install something that you were told to do so and it prompts for the root password. The user then types it in and the machine is wide open. ... Why bother with less than 5% when you can get 95% in a single effort?
Have you ever done anything with free software or a Mac? Neither works that way and there are multiple barriers, technical and social. Only someone without any Linux or Mac use could believe differently.
In the Windoze world you seem used to, all you have to do is click on things and the machine is off to the races. Why the M$ people don't fix this is beyond me but I don't really care.
In the Linux and Mac world nothing that comes through email has an execute bit set, nothing from email can do anything. The user will have to pull up a command line, change the execute bit and then provide a root password.
The social barrier comes from knowing where software comes from and the ability to share. No Mac software is ever distributed as a zip file like this. In the non free world, software comes from dozzens of sources in dozzens of annoyingly different and incompatible ways. In the free software world, everything comes from your distribution through a single program. In both the Linux and Mac world, the user will ask around before installing random software, especially one junk from the mail, because they have been trained to think that way. In the non free world, people are trained to push every button because they are trained to "do as I say". It's a byproduct of a greedy and broken distribution and development model.
I think Stallman is a good counter-balance to the 'earn money at all costs' types out there.
You might have noticed that big and small companies are earning lots of money without taking away your software freedom, so this is no longer a business discussion it's a moral one. It is now cheaper and more profitable to develop, use and vend free software than it is to do the same with non free software. The biggest clue for you is the collapse of the non free software world to a small number of very large and abusive companies.
Freedom + slavery = slavery, you can't balance a little of one with the other. This is the message the FSF is trying to get through to people. You have the right to use their computer as you see fit, it's as simple as that. As the big publishers try to push digital restrictions down your throat, the goals of non free software are more obvious than ever.
It's news because some idiots will tell you there's not business model that will work at all. To them, and many others, the fact that small and large businesses are not only possible but exist and are thriving is the kind of news that contradicts previous lies.
Thanks for copying that here. I thought those specifics were important. The editors found another group of specifics that are interesting and I'm sure there's room for all sorts of nasties in the original.
Really, what do you expect someone in that position to want?
I expect them to uphold their oath of office, "do solemnly swear (or affirm) that I will support and defend the Constitution of the United States against all enemies, foreign or domestic." OK, that's not really his oath, it's for an officer and does not mention obeying the president. The president himself is bound by a similar oath. Violating the Bill of Rights is not expected behavior, it's disgraceful behavior and borders on treason.
Once upon an time, Republicans did not act this way.
The author blatantly contradicts himself here:
and here, where he points out the long list of people who will be able to view or copy your data without authorization:
The only thing he gets wrong above is that it's still your machine. With systems like this, the computer on your desk is more the property of the your software's owners than it ever was yours.
I'll only be concerned if hardware changes can lock out "unauthorized" software and the adoption of stupid file formats that won't work with free software. The futility of such measures is demonstrated by taking a screen shot with a pocket camera. Widespread adoption by the ignorant and coerced will perpetuate and encourage non free computing without any benefit.
That's about all one could ever say in favor of a Microsoft product. They will always asymptotically approach useability.
That's true if you consider "dumb" usable. The trend I've noticed is less control, less flexibility, fewer 3rd party vendors (aka choice) and more annoyance and auto-wrong features. Security and stability have remained poor and have trended down.
They have pulled out the stops in their breakage of XP though. Today I watched someone try to rebuild an XP laptop. He'd done it manytimes before because someone stuck him with admin responsibility for 15 of them. The process had changed on him this time and it failed. The usual tedious process of manually downloading "updates" fell apart and the automatic process took over and could not be stopped. A couple hours later, I stuck my head in to see how it was going and he was reading a M$ support page about "silent failures". Better him than me.
This "upgrade" cycle has the feeling 95 to 98 did but worse. Eerything fell apart at once and the answer was to buy a new one. This time the "new one" is a computer with about 4 times the hardware. BadVista's got the scoop on this one, Vista - Arrogance & Stupidity, "No sane person wants Vista, so Microsoft is making sure they have no choice."