"I wish ID would go back to their roots and stop making these single player tech demos:("
Doom co-op in the day was a blast, to get my fix today I run a Quake 3 Arena server with the Urban Terror mod and 8 bots on 2 bots in team death match so my friends and I can join up on the same team and do a little co-op bot slaughtering.
If your ever interested Quake 3 Arena can be purchased cheap, the Urban Terror mod is a free download from urbanterror.net, and then look for the Bot Hell game server.
"I think Netscape was quoted as saying something similar shortly before Internet Explorer utterly destroyed their marketshare."
Interesting choice of analogy.
Obviously there is one significant factor which makes it a poor choice, that is the monopoly Microsoft has on the desktop and their ability to preload their competing product, Internet Explorer, on every PC that ships with Windows in their monopoly controlled desktop market.
And also note how significant work went into developing IE until Netscape was pushed out of the market, at which time development on IE pretty much died and innovation was taken on by competing browsers which are now challenging IE even in the monopoly market.
But I have a couple of analogies I'd like to share.
Microsoft's IIS vs Apache. We saw a few years back where Microsoft made some major deals that gave them a big jump in web server market share over Apache. Who knows why the sudden change of heart for the companies that suddenly switched thousands of servers to IIS, but what is interesting is how quickly the IIS market share that was gained eroded. We see the same thing happening again with web servers and I suspect the results will be exactly the same. The sudden move up in market share and the follow up erosion makes me suspicious of foul play and back room deals. But so far it hasn't helped Microsoft take over the competitive web server market.
And the other analogy is Windows NT vs Unix. It was Microsoft's plan to take over the Unix market by providing a lower cost alternative. It was a very good plan considering the events that were taking place with cost and performance of commodity x86 hardware, but what Microsoft didn't plan for was the rise of linux. If you follow the world wide server market reports from IDC you will notice that while Windows servers have experienced growth in revenue it is no where near the growth of linux which has shown double digit revenue growth for several years now and likely holds 30% or more of the market in installed units. It has been several years since Microsoft annouced their plans to take over the Unix market and while they have a presence they are far from crushing the competition.
And one last point to consider, Windows has had clustering capabilities for years and is used in HPC, this is not a new entry into a market it is a renewed effort. I have a Windows cluster here and it is hilarious seeing a cluster with a mess of cables to a KVM switch so you can get to the GUI on each node. Yeah, I know there are remote desktop tools but those are just as absurd as KVM spaghetti cables because it eats up significant network resources to display a pretty picture, what a waste.
So I'd have to say that based on past Microsoft performance in entering markets where their monopoly provides no benefit has proved to be difficult and in some cases futile. Perhaps at some point Microsoft may present a competitive challenge in HPC but they still need to prove themselves. Bringing up their successes in a monopoly market they control seems pointless when there are more valid comparisons where they are forced to actually compete.
" so these kids can grow up into the next generation of outsourced tech support reps "
Your commenting on the wrong program. Your thinking of the $600 Microsoft Windows laptop strapped to every child in a third world country sweat shop working as outsourced tech support reps.
While OLPC is about teaching children how to learn and not about the laptop the Gates version is about the laptop and teaching children how to use MS Office for their future careers as clueless drones.
Yes I know, you were just being facetious and my post is flamebait.:P
Its only a drawback because you are assuming that competitors will be able to sabotage a patent.
If you read the article it states that "The peer initiative focuses on so-called prior art, the scientific papers and previous patents that could render claims invalid." So there is not much room for sabotage as I'm sure the prior art would will require some verification.
It is already possible for anyone to submit prior art submissions to stop a patent but it is much more formal and expensive and slower than this peer review system. If each patent is flooded with a bunch of nonsense prior art submissions I suppose it could create additional burden for the already burdened examiners, however, it also has the potential to speed things up if they can start denying patents faster because the peer review is faster at providing valid prior art.
I hope it proves to be a benefit and they expand the peer review to obviousness tests as I think between 60% and 80% of patents would be denied for either prior art or obviousness.
"It's not like the PCs weren't made in China when the division was owned by IBM."
That truely is the ironic part of Wolf's concern. As if the upper management, the part of IBM PCs that changed when they were pruchased by Lenovo, would have ever noticed if the Chinese made PCs were bugged before leaving the factory.
That said, there should be proper due diligence for any equipment that is purchased and used in sensitive work. In the 1960s the Soviet embassy in Washington purchased/leased a Xerox copier and didn't realize that it was bugged with a CIA camera that took pictures of every document they copied. When the Xerox repairman came in to do routine maintenance on the equipment he would replace the film and take the exposed roll to the CIA.:)
From TFA "These massive assaults harness the power of thousands of hacked PCs to swamp sites with so much bogus traffic that they can no longer accommodate legitimate visitors."
The problem is the thousands of hacked PCs that are used in these attacks. The internet is working exactly the way it was designed and the bot nets take advantage of bottlenecks in the system.
What is being done to take out these bot nets? I've perused a few of these bot squads on IRC and while there are many zombied Windows machines there are also many *nix boxes which succumbed to the brute force ssh password attacks because they had user accounts with stupid passwords.
Aside from locating and neutralizing the individual boxes in the squads shouldn't we be creating and deploying self immunizing tools in our infrastructure that detects these boxes and quarantines them?
Shouldn't we also be holding people accountable for having vulnerable boxes connected to the net? Perhaps a bandwidth restriction will help for repeat offenders.
"None of the prominent desktop applications that can create and save documents in OpenDocument currently work well with screen readers, magnifiers and other assistive technologies -- at least at a level comparable to that of products from Microsoft, whose 40-person Accessibility Technology Group is now widely praised by disabilities advocates"
I'm curious. I am not disabled but I've noticed many system wide accessibility features in linux in the various installs I've performed and a google of the web shows significant commitment and development to achieve accessibility in linux.
I'd like to hear some specifics on what is wrong with the current state of accessibility in linux and what is wrong with the current commitment.
The current argument is accessibility in ODF capable linux applications. Some of the accessibility projects are designed from the OS level up so I find it hard to believe there is no support in the applications when it is provided by the OS, so what is specifically wrong with what is there?
I also find it interesting that Windows accessibility required "kicking and screaming" to get 40 developers inside a multi-billion dollar corporation and yet the FOSS community appears to have a significant number of accessibility developers and the kicking and screaming just started. Is the whining justified or did Winske get an earful from the local MS rep?
"Cut your losses. Take the blackberry service out of the US."
Better yet, open source the software, open up the blackberry to community developers, sell the hardware as an empty shell if necessary, flood the market with the devices and still provide subscription services but let the community provide the software.
What a load of crap. I see two issues here which don't appear to be addressed by the authorities levying the taxes.
1) No justification for the taxation is provided. There should be some underlying benefit to "We the people" for any taxation. i.e. I pay a hefty tax every month on my communication bill for various services provided to society, two of which are funding for communication access for the disabled and funding for communication access to rural areas. Levying a tax on downloaded media just because they can is not justification and depending on what they are considering a download it could be construed as double taxation since I already pay several taxes on the communication itself.
2) One of the concepts which jump started the United States of America was the concept of "No taxation without representation". Now I realize we have representatives in government who were voted into their positions by the people, however, if these representatives are not representing the interests of the people who voted them in and instead are representing the interests of the government or corporations then they are no longer representatives of the people. Before the American Revolutionary War the British argued that Americans did have "virtual" representation in parliament and therefore there was no need for American representatives to participate in the British government. We all know how that one turned out and virtual representation is no excuse today either.
I actually don't mind paying taxes, I think I enjoy many benefits from taxation here in the States, but I'd like to have some justification for new taxes beyond creative interpretation of existing laws.
"Perhaps the Symantec marketing trolls have embarked on a subtle campaign to undermind the general public's trust in Micro$oft's ability to deliver secure products"
I suspect there is little public trust in the security of Microsoft's products that is worth undermining. Most people have been beaten into submission and have simply accepted their fate of dealing with the maladies which accompany Microsoft's products. At the same time everyone has also accepted that open source offerings are much more secure than Microsoft products but are beyond their technical skills.
It is more likely that the Symantec marketing trolls are merely attacking their new enemy, Microsoft. Before the enemy was open source because of its public perception as a secure solution that does not need Symantec services, now Microsoft is the enemy because they are competing directly with Symantec. By scaring people away from products which don't require Symantec's services by refuting wide spread beliefs they hoped to maintain their market of installed Microsoft products which require their service, but now their greatest risk is that of losing their market directly to Microsoft.
I'm with you in that Symantec's sudden change of heart concerning the security of IE verus Firefox appears rather disingenuous and loaded with ulterior motives, but I doubt there is a general feeling of trust between Microsoft and their customers which Symantec needs to break. Symantic is merely adding fuel to a long raging fire of mistrust of Microsoft and a perception of a need for protection against Microsoft's security failures. One could hardly say the negative perception of security in Microsoft's products is undeserving, to the contrary they made the mess they are in, but that doesn't mean that Symantec is suddenly devoid of malice towards Microsoft these days.
It is also possible that the people at Symantec are truely printing what they believe to be the truth, its always good to give people the benefit of the doubt, but it does seem rather suspicious considering the circumstances.
Sometimes posts are deserving of the flames they attract.
"free software is NOT always the best solution for every problem, especially when it comes to security"... ramble ramble ramble... "open source security depends on people admitting that bugs exist. If they act all high-and-mighty, nothing happens and it's just as bad as whatever software product is out there nowadays that people just love to hate"
The start and end of your rant suggested you had some issue with security in open source software, yet you failed to mention a single point in the entire rant about security in open source software. There is some validity to some of your statements by themselves, but not one of them had any relevance to security.
While I'll admit that I have a low opinion of various closed source vendors there are many valid reasons for prefering open source software to closed source other than "people just love to hate".
My top reasons for using open source software: 1) The best licensing available as an end user. 2) By far the most secure solutions available. 3) Unbeatable cost of ownership. 4) Unmatched flexibility in hardware support, feature set, and resource footprint. 5) And my favorite, it just works, unlike many of the closed source offerings which have claims of just working and great interoperability, they usually turn out to have bizarre and unpredictable reliability issues and tend to have good interoperability as long as your interoperating with the same vendors software and the same revision level.
"How can software truly be free (as in speech) when you place these sorts of restrictions on people who want to use it?"
How? By placing restrictions that make sure it stays free. Thre great thing about the GPL and its restrictions is that there is a large pool of good code out there and all you have to do to utilize and participate is adhere to the rules which say you keep the software free.
If your a scum sucking leech who wants to profit from other peoples work the GPL is a bad thing. That's pretty harsh but no more harsh than the attacks the GPL is enduring from the scum bags.
"The big difference here is that MS say they will stand up for any user that has a MS license and fight to the death over IP issues"
I think your over dramitizing Microsoft's position. Actually what they will do is whatever is necessary to mitigate the situation, go to court, license the technology, or develop a work around for their customers.
For open source software the licensing may not be an option, however, they will go to court if necessary and developing around IP issues is something that has already been discussed. But first there needs to be an IP issue.
Anyone who followed the SCO debacle knows that several times people from the community asked where the infringement was so they could mititgate the issue however necessary. In the end no infringement was shown probably because there is none.
Until there is an IP issue to deal with the creeps at Microsoft are just talking out their rears.
"Whether the Intel box has Windows or Linux makes no difference - we pay for both, and it is an insignificant slice of the cost."
I suppose that statement is true, however, there are many factors which should be included in the cost which generally are not when people claim Windows and Linux cost the same and the cost is insignificant. The initial cost of just the OS is insignificant, however, the OS by itself is useless.
The initial cost usually includes licenses for additional software applications and in the case of proprietary offerings such as Microsoft the costs are significant. If it is a linux system with a Red Hat Network subscription it includes service for the open source applications that come with the Red Hat distro, web server, database, mail server, etc. So with a Windows solution as you add to the proprietary software stack the costs soar, with an open source software stack the cost remains the same. So when considering the total purchase cost the Windows box will likely have a significant software licensing price tag.
And then what is often missed in the cost of a system is the costs related to damage to the business. I could care less about all the studies and reports explaining how Windows is more secure than other offerings or even the same. I have seen first hand how the security issues in Windows can take down an operation for significant lengths of time and cause lost revenue and angry customers. The risk level for relying on Windows is several magnitudes higher than the *nix offerings.
" Rob Enderle is telling the truth when he attacks the OSDL study on statistical grounds,"
Actually no, he is not telling the truth, he is merely following a predictable pattern of attacking everything open source.
I find it quite suspect that someone can suddenly doubt the integrity of an organization when it appears they have always had a rather low opinion of the actions, philosophy, and intent of the organization.
The OSDL supported TCO study is just that, a study. And it is a study of businesses who have learned how to successfully implement open source software in their business and have reaped the benefits. No statistical befuddlement will ever change the facts.
"Autocad is, for better or for worse, the standard. Right now, there are no comparable products "
AutoCAD as the standard is probably for worse.;)
I currently use AutoCAD but I watched a demonstration of Solidworks and it makes AutoCAD look like the ancient design tools concept that it is.
But I would also go so far as to say that VariCAD could replace a large percentage of the work that is done with AutoCAD. I've used VariCAD a bit, until the demo license ran out, and other than learning a different interface it seemed to be a very powerful and fully featured linux CAD program.
Another possibility is Pro/E, which I have only read about and heard others talk about. There is a linux version and from what I've learned it sounds like it can be difficult to learn but it is very powerful.
Leucochloridium paradoxum is a worm which infects snails and turns them into zombies as well. The zombie snail crawls up vegitation where it can be seen by birds and the parasite causes the snails eye stalks to extend and pulsate to atract birds.
The birds then eat the eye stalks and become infected themselves. The worms lay eggs in the bird's digestive system and they are then spread by the birds excrement which the snails eat thus repeating the cycle of life for the parasite.
"Um... Actually, that's exactly what it was intended for. Give someone an artificial monopoly on their idea"
No, try reading the constitution of the United States. The objective was not to establish monopolies. Exclusive rights are granted to inventors and authors for limited times on the specific work of the inventor or author. The objective of these exclusive rights is to promote the progress of science and useful arts in the United States.
Article 1 Section 8; To promote the Progress of Science and useful Arts, by securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries;
At first I was angered by these companies trying to charge twice for internet connectivity, once for the connection and again each time you use it.
But now I'm having second thoughts. Perhaps this tiered market is a good idea. I'm thinking that I'll introduce tiered service levels for access to the easement on my property, and I think as a citizen I will request a new tiered system for corporate access to public property. Perhaps something like this would work:
Silver Level, for a minimal fee of say $100 USD per foot per year I'll allow telecom's to lay cable through my backyard.
Gold Level, I'll actually let the telecom's use their cable they laid in my backyard for a minimal licensing fee of 20% of all revenues related to any data which traverses the lines in my backyard.
Platinum Level, for a minimal fee of $10 per connection I'll allow the telecom company to make data connections from their cable in my backyard to cables in the neighbors backyards.
The tiered program for public property will be similar but will require that all revenue from the program is paid back to all tax paying citizens.
This is just my first rough draft, it will need much more refining, but you know I really should have more control over how my property is used and I should be allowed to participate in the capitalization of said property.
"would last only 4 years from date of first commercial product"
This part I can buy, and I would go further and change the entire patent system to limit to 4 years on ALL patents from date of first commercial product. After all, the original objective of the patent system was to advance science, industry, etc. in the United States, it was not intended as a means of leeching cash from a productive industry or building monopolies. Shorter terms would force the hand of patent holders to put up or shut up.
I would also implement stricter rules on acceptance of patents. Today we hear over and over the excuse that lame patents are accepted because the office is overworked. I've read the rules on the uspto.gov website and several of the questionable patents that have been in the news and from what I've seen every one of them should have been rejected in the first 5 minutes of reading the abstract and claims.
The rules are simple and most patents don't pass muster. The patent office should be pushing back on those who file patents to submit applications which easily pass the initial tests:
"The patent law specifies that the subject matter must be "useful." The term "useful" in this connection refers to the condition that the subject matter has a useful purpose and also includes operativeness, that is, a machine which will not operate to perform the intended purpose would not be called useful, and therefore would not be granted a patent.
Interpretations of the statute by the courts have defined the limits of the field of subject matter that can be patented, thus it has been held that the laws of nature, physical phenomena, and abstract ideas are not patentable subject matter.
A patent cannot be obtained upon a mere idea or suggestion. The patent is granted upon the new machine, manufacture, etc., as has been said, and not upon the idea or suggestion of the new machine. A complete description of the actual machine or other subject matter for which a patent is sought is required."
And from these basic rules it becomes obvious that SOFTWARE IS NOT PATENTABLE, you use copyrights for software. And just to add to the rant, a reimplementation of a concept or idea by someone else is not infringement of a copyright. I suspect that is why we have this big mess with software patents. I also suspect that part of the problem is interference from lawyers and lawmakers who have beaten the USPTO into submission, but at some point we need to stop all this stupidity.
"They started this patent war, they were the ones who were suing a bunch of smaller firms "
Absolutely true, and RIM should be lambasted continually until they apologize for their unethical business behaviour.
But it is also important to remember that this is a victory for true technology companies, inventors, and innovators. While RIM did use the same tactics as NTP there is a core difference between RIM and NTP. RIM is a company that makes and sells a product, they have individuals within the company who invent and innovate and are building upon the inventions and innovations of others. NTP on the other hand is simply a technology leech that produces nothing and, as evidenced by five of their patents being thrown out, don't even invent or innovate.
RIM should repent and change their evil ways so they will be a constructive force in our technology dependant societies, but NTP is a scourge which should be litigated into oblivion.
Do you believe that focusing marketing, press releases, and internal/external studies on comparisons of Windows security versus linux security is beneficial to Windows security or the perception of Windows security?
Aside from the fact that many of the reports we read seem seriously flawed it appears to me that focusing too much effort on the marketing aspect of Windows security has a tendency to backfire and just make linux look that much better in the eyes of consumers. Shouldn't the market speak for itself if Windows is adequately secure?
"Microsoft Corp. seems to be moving away from focusing on the actual number of security patches and updates... But of course they are"
It is also interesting to read between the lines and see what appears to be an admission:
Microsoft is more concerned about how secure their products APPEAR to be thus it is more important to release patches and updates in a way that makes it appear that they have fewer exploitable holes in their code. Its funny how they are still not focused on the issue which is the exploitable code, not the ease of patching for the end user.
Obviously you need to have a good system for end users to acquire and install patches but from my experience with Windows, Red Hat Linux, Fedora Core, and OSX the means have been there for years.
So far this follow up article is similar to the first in that they both try to draw attention away from an important fact about Windows.
In the first article they admit that Windows does not work well on legacy hardware and then pick linux installs which they know will produce the same results and intentionally avoid the truth which is that linux flexibility creates opportunities to save capital by using legacy hardware in various support roles which would not be feasible with Windows.
Now in this second article we are supposed to believe that its ease of installing patches that is important, not the fact your OS has exploitable code that will result in your machine participating in a botnet.
What ever, keep up the illusion there Bill, I'm sure you have some people fooled.
"We use Symantec's IDS and AV/anti-spam appliances, both of which are just i386 linux boxes with some proprietary software"
And therein lies the rub. Since I am paying Symantec with my tax dollars does that mean the results of their work will be open sourced and freely available, or will it be a proprietary product for which I have to pay a second time?
" if for instance, an ISP sees a shit load of traffic from a customer's address directed at another address to start blocking that traffic? Or at the very least notifying the customer "
Notification is fine, but I would be very pissed if my ISP decided on their own to block traffic from my address based on an incorrect assumption that the traffic from my address was from an exploited host. My ISP actually did notify me once about their concern for traffic volume from my address and after I explained the situation to them I've never received another notification.
I have some sympothy for the vast majority of the internet population who lack the knowledge or skill to lock down the crap shoot of an OS most of them run, but there are better solutions that will not impact those of us who utilize large amounts of bandwidth and are not host to malware.
1) If you can't lock down your Windows box yourself or install and use linux, buy a Mac.
2) If an ISP wants to help their customers with malware issues by blocking traffic, create an opt in program rather than assume all customers are clueless.
Slashdot Mirror
"I wish ID would go back to their roots and stop making these single player tech demos :("
Doom co-op in the day was a blast, to get my fix today I run a Quake 3 Arena server with the Urban Terror mod and 8 bots on 2 bots in team death match so my friends and I can join up on the same team and do a little co-op bot slaughtering.
If your ever interested Quake 3 Arena can be purchased cheap, the Urban Terror mod is a free download from urbanterror.net, and then look for the Bot Hell game server.
burnin
"I think Netscape was quoted as saying something similar shortly before Internet Explorer utterly destroyed their marketshare."
Interesting choice of analogy.
Obviously there is one significant factor which makes it a poor choice, that is the monopoly Microsoft has on the desktop and their ability to preload their competing product, Internet Explorer, on every PC that ships with Windows in their monopoly controlled desktop market.
And also note how significant work went into developing IE until Netscape was pushed out of the market, at which time development on IE pretty much died and innovation was taken on by competing browsers which are now challenging IE even in the monopoly market.
But I have a couple of analogies I'd like to share.
Microsoft's IIS vs Apache. We saw a few years back where Microsoft made some major deals that gave them a big jump in web server market share over Apache. Who knows why the sudden change of heart for the companies that suddenly switched thousands of servers to IIS, but what is interesting is how quickly the IIS market share that was gained eroded. We see the same thing happening again with web servers and I suspect the results will be exactly the same. The sudden move up in market share and the follow up erosion makes me suspicious of foul play and back room deals. But so far it hasn't helped Microsoft take over the competitive web server market.
And the other analogy is Windows NT vs Unix. It was Microsoft's plan to take over the Unix market by providing a lower cost alternative. It was a very good plan considering the events that were taking place with cost and performance of commodity x86 hardware, but what Microsoft didn't plan for was the rise of linux. If you follow the world wide server market reports from IDC you will notice that while Windows servers have experienced growth in revenue it is no where near the growth of linux which has shown double digit revenue growth for several years now and likely holds 30% or more of the market in installed units. It has been several years since Microsoft annouced their plans to take over the Unix market and while they have a presence they are far from crushing the competition.
And one last point to consider, Windows has had clustering capabilities for years and is used in HPC, this is not a new entry into a market it is a renewed effort. I have a Windows cluster here and it is hilarious seeing a cluster with a mess of cables to a KVM switch so you can get to the GUI on each node. Yeah, I know there are remote desktop tools but those are just as absurd as KVM spaghetti cables because it eats up significant network resources to display a pretty picture, what a waste.
So I'd have to say that based on past Microsoft performance in entering markets where their monopoly provides no benefit has proved to be difficult and in some cases futile. Perhaps at some point Microsoft may present a competitive challenge in HPC but they still need to prove themselves. Bringing up their successes in a monopoly market they control seems pointless when there are more valid comparisons where they are forced to actually compete.
" so these kids can grow up into the next generation of outsourced tech support reps "
:P
Your commenting on the wrong program. Your thinking of the $600 Microsoft Windows laptop strapped to every child in a third world country sweat shop working as outsourced tech support reps.
While OLPC is about teaching children how to learn and not about the laptop the Gates version is about the laptop and teaching children how to use MS Office for their future careers as clueless drones.
Yes I know, you were just being facetious and my post is flamebait.
Its only a drawback because you are assuming that competitors will be able to sabotage a patent.
If you read the article it states that "The peer initiative focuses on so-called prior art, the scientific papers and previous patents that could render claims invalid." So there is not much room for sabotage as I'm sure the prior art would will require some verification.
It is already possible for anyone to submit prior art submissions to stop a patent but it is much more formal and expensive and slower than this peer review system. If each patent is flooded with a bunch of nonsense prior art submissions I suppose it could create additional burden for the already burdened examiners, however, it also has the potential to speed things up if they can start denying patents faster because the peer review is faster at providing valid prior art.
I hope it proves to be a benefit and they expand the peer review to obviousness tests as I think between 60% and 80% of patents would be denied for either prior art or obviousness.
"It's not like the PCs weren't made in China when the division was owned by IBM."
:)
That truely is the ironic part of Wolf's concern. As if the upper management, the part of IBM PCs that changed when they were pruchased by Lenovo, would have ever noticed if the Chinese made PCs were bugged before leaving the factory.
That said, there should be proper due diligence for any equipment that is purchased and used in sensitive work. In the 1960s the Soviet embassy in Washington purchased/leased a Xerox copier and didn't realize that it was bugged with a CIA camera that took pictures of every document they copied. When the Xerox repairman came in to do routine maintenance on the equipment he would replace the film and take the exposed roll to the CIA.
http://www.parascope.com/articles/0197/xerox.htm
From TFA "These massive assaults harness the power of thousands of hacked PCs to swamp sites with so much bogus traffic that they can no longer accommodate legitimate visitors."
The problem is the thousands of hacked PCs that are used in these attacks. The internet is working exactly the way it was designed and the bot nets take advantage of bottlenecks in the system.
What is being done to take out these bot nets? I've perused a few of these bot squads on IRC and while there are many zombied Windows machines there are also many *nix boxes which succumbed to the brute force ssh password attacks because they had user accounts with stupid passwords.
Aside from locating and neutralizing the individual boxes in the squads shouldn't we be creating and deploying self immunizing tools in our infrastructure that detects these boxes and quarantines them?
Shouldn't we also be holding people accountable for having vulnerable boxes connected to the net? Perhaps a bandwidth restriction will help for repeat offenders.
"None of the prominent desktop applications that can create and save documents in OpenDocument currently work well with screen readers, magnifiers and other assistive technologies -- at least at a level comparable to that of products from Microsoft, whose 40-person Accessibility Technology Group is now widely praised by disabilities advocates"
c essibilitySoftware#OperatingSystemEnhancements
I'm curious. I am not disabled but I've noticed many system wide accessibility features in linux in the various installs I've performed and a google of the web shows significant commitment and development to achieve accessibility in linux.
I'd like to hear some specifics on what is wrong with the current state of accessibility in linux and what is wrong with the current commitment.
The current argument is accessibility in ODF capable linux applications. Some of the accessibility projects are designed from the OS level up so I find it hard to believe there is no support in the applications when it is provided by the OS, so what is specifically wrong with what is there?
I also find it interesting that Windows accessibility required "kicking and screaming" to get 40 developers inside a multi-billion dollar corporation and yet the FOSS community appears to have a significant number of accessibility developers and the kicking and screaming just started. Is the whining justified or did Winske get an earful from the local MS rep?
http://larswiki.atrc.utoronto.ca/wiki/LinuxUnixAc
http://developer.gnome.org/projects/gap/
http://accessibility.kde.org/
"Cut your losses. Take the blackberry service out of the US."
Better yet, open source the software, open up the blackberry to community developers, sell the hardware as an empty shell if necessary, flood the market with the devices and still provide subscription services but let the community provide the software.
What a load of crap. I see two issues here which don't appear to be addressed by the authorities levying the taxes.
1) No justification for the taxation is provided. There should be some underlying benefit to "We the people" for any taxation. i.e. I pay a hefty tax every month on my communication bill for various services provided to society, two of which are funding for communication access for the disabled and funding for communication access to rural areas. Levying a tax on downloaded media just because they can is not justification and depending on what they are considering a download it could be construed as double taxation since I already pay several taxes on the communication itself.
2) One of the concepts which jump started the United States of America was the concept of "No taxation without representation". Now I realize we have representatives in government who were voted into their positions by the people, however, if these representatives are not representing the interests of the people who voted them in and instead are representing the interests of the government or corporations then they are no longer representatives of the people. Before the American Revolutionary War the British argued that Americans did have "virtual" representation in parliament and therefore there was no need for American representatives to participate in the British government. We all know how that one turned out and virtual representation is no excuse today either.
I actually don't mind paying taxes, I think I enjoy many benefits from taxation here in the States, but I'd like to have some justification for new taxes beyond creative interpretation of existing laws.
burnin
"Perhaps the Symantec marketing trolls have embarked on a subtle campaign to undermind the general public's trust in Micro$oft's ability to deliver secure products"
I suspect there is little public trust in the security of Microsoft's products that is worth undermining. Most people have been beaten into submission and have simply accepted their fate of dealing with the maladies which accompany Microsoft's products. At the same time everyone has also accepted that open source offerings are much more secure than Microsoft products but are beyond their technical skills.
It is more likely that the Symantec marketing trolls are merely attacking their new enemy, Microsoft. Before the enemy was open source because of its public perception as a secure solution that does not need Symantec services, now Microsoft is the enemy because they are competing directly with Symantec. By scaring people away from products which don't require Symantec's services by refuting wide spread beliefs they hoped to maintain their market of installed Microsoft products which require their service, but now their greatest risk is that of losing their market directly to Microsoft.
I'm with you in that Symantec's sudden change of heart concerning the security of IE verus Firefox appears rather disingenuous and loaded with ulterior motives, but I doubt there is a general feeling of trust between Microsoft and their customers which Symantec needs to break. Symantic is merely adding fuel to a long raging fire of mistrust of Microsoft and a perception of a need for protection against Microsoft's security failures. One could hardly say the negative perception of security in Microsoft's products is undeserving, to the contrary they made the mess they are in, but that doesn't mean that Symantec is suddenly devoid of malice towards Microsoft these days.
It is also possible that the people at Symantec are truely printing what they believe to be the truth, its always good to give people the benefit of the doubt, but it does seem rather suspicious considering the circumstances.
burnin
"I know that people are going to flame me"
... ramble ramble ramble ... "open source security depends on people admitting that bugs exist. If they act all high-and-mighty, nothing happens and it's just as bad as whatever software product is out there nowadays that people just love to hate"
Sometimes posts are deserving of the flames they attract.
"free software is NOT always the best solution for every problem, especially when it comes to security"
The start and end of your rant suggested you had some issue with security in open source software, yet you failed to mention a single point in the entire rant about security in open source software. There is some validity to some of your statements by themselves, but not one of them had any relevance to security.
While I'll admit that I have a low opinion of various closed source vendors there are many valid reasons for prefering open source software to closed source other than "people just love to hate".
My top reasons for using open source software:
1) The best licensing available as an end user.
2) By far the most secure solutions available.
3) Unbeatable cost of ownership.
4) Unmatched flexibility in hardware support, feature set, and resource footprint.
5) And my favorite, it just works, unlike many of the closed source offerings which have claims of just working and great interoperability, they usually turn out to have bizarre and unpredictable reliability issues and tend to have good interoperability as long as your interoperating with the same vendors software and the same revision level.
burnin
"How can software truly be free (as in speech) when you place these sorts of restrictions on people who want to use it?"
How? By placing restrictions that make sure it stays free. Thre great thing about the GPL and its restrictions is that there is a large pool of good code out there and all you have to do to utilize and participate is adhere to the rules which say you keep the software free.
If your a scum sucking leech who wants to profit from other peoples work the GPL is a bad thing. That's pretty harsh but no more harsh than the attacks the GPL is enduring from the scum bags.
"The big difference here is that MS say they will stand up for any user that has a MS license and fight to the death over IP issues"
I think your over dramitizing Microsoft's position. Actually what they will do is whatever is necessary to mitigate the situation, go to court, license the technology, or develop a work around for their customers.
For open source software the licensing may not be an option, however, they will go to court if necessary and developing around IP issues is something that has already been discussed. But first there needs to be an IP issue.
Anyone who followed the SCO debacle knows that several times people from the community asked where the infringement was so they could mititgate the issue however necessary. In the end no infringement was shown probably because there is none.
Until there is an IP issue to deal with the creeps at Microsoft are just talking out their rears.
"Whether the Intel box has Windows or Linux makes no difference - we pay for both, and it is an insignificant slice of the cost."
I suppose that statement is true, however, there are many factors which should be included in the cost which generally are not when people claim Windows and Linux cost the same and the cost is insignificant. The initial cost of just the OS is insignificant, however, the OS by itself is useless.
The initial cost usually includes licenses for additional software applications and in the case of proprietary offerings such as Microsoft the costs are significant. If it is a linux system with a Red Hat Network subscription it includes service for the open source applications that come with the Red Hat distro, web server, database, mail server, etc. So with a Windows solution as you add to the proprietary software stack the costs soar, with an open source software stack the cost remains the same. So when considering the total purchase cost the Windows box will likely have a significant software licensing price tag.
And then what is often missed in the cost of a system is the costs related to damage to the business. I could care less about all the studies and reports explaining how Windows is more secure than other offerings or even the same. I have seen first hand how the security issues in Windows can take down an operation for significant lengths of time and cause lost revenue and angry customers. The risk level for relying on Windows is several magnitudes higher than the *nix offerings.
" Rob Enderle is telling the truth when he attacks the OSDL study on statistical grounds,"
Actually no, he is not telling the truth, he is merely following a predictable pattern of attacking everything open source.
I find it quite suspect that someone can suddenly doubt the integrity of an organization when it appears they have always had a rather low opinion of the actions, philosophy, and intent of the organization.
Time and again Enderle has suggested that the open source movement is disingenous and ran by nuts who intimidate and threaten, and lacks mature leadership, and when an IT department chooses open source Enderle suggests that an investigation is in order to determine if policies were followed and whether sound judgement was used.
The OSDL supported TCO study is just that, a study. And it is a study of businesses who have learned how to successfully implement open source software in their business and have reaped the benefits. No statistical befuddlement will ever change the facts.
"Autocad is, for better or for worse, the standard. Right now, there are no comparable products "
;)
AutoCAD as the standard is probably for worse.
I currently use AutoCAD but I watched a demonstration of Solidworks and it makes AutoCAD look like the ancient design tools concept that it is.
But I would also go so far as to say that VariCAD could replace a large percentage of the work that is done with AutoCAD. I've used VariCAD a bit, until the demo license ran out, and other than learning a different interface it seemed to be a very powerful and fully featured linux CAD program.
Another possibility is Pro/E, which I have only read about and heard others talk about. There is a linux version and from what I've learned it sounds like it can be difficult to learn but it is very powerful.
burnin
Leucochloridium paradoxum is a worm which infects snails and turns them into zombies as well. The zombie snail crawls up vegitation where it can be seen by birds and the parasite causes the snails eye stalks to extend and pulsate to atract birds.
d oxum.htm
The birds then eat the eye stalks and become infected themselves. The worms lay eggs in the bird's digestive system and they are then spread by the birds excrement which the snails eat thus repeating the cycle of life for the parasite.
Rather creepy stuff.
http://people.smu.edu/eheise/Leucochloridium_para
burnin
"Um... Actually, that's exactly what it was intended for. Give someone an artificial monopoly on their idea"
n ce/charters/constitution_transcript.html
No, try reading the constitution of the United States. The objective was not to establish monopolies. Exclusive rights are granted to inventors and authors for limited times on the specific work of the inventor or author. The objective of these exclusive rights is to promote the progress of science and useful arts in the United States.
http://www.archives.gov/national-archives-experie
Article 1 Section 8;
To promote the Progress of Science and useful Arts, by securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries;
At first I was angered by these companies trying to charge twice for internet connectivity, once for the connection and again each time you use it.
But now I'm having second thoughts. Perhaps this tiered market is a good idea. I'm thinking that I'll introduce tiered service levels for access to the easement on my property, and I think as a citizen I will request a new tiered system for corporate access to public property. Perhaps something like this would work:
Silver Level, for a minimal fee of say $100 USD per foot per year I'll allow telecom's to lay cable through my backyard.
Gold Level, I'll actually let the telecom's use their cable they laid in my backyard for a minimal licensing fee of 20% of all revenues related to any data which traverses the lines in my backyard.
Platinum Level, for a minimal fee of $10 per connection I'll allow the telecom company to make data connections from their cable in my backyard to cables in the neighbors backyards.
The tiered program for public property will be similar but will require that all revenue from the program is paid back to all tax paying citizens.
This is just my first rough draft, it will need much more refining, but you know I really should have more control over how my property is used and I should be allowed to participate in the capitalization of said property.
burnin
"would last only 4 years from date of first commercial product"
i ndex.html#whatpat
This part I can buy, and I would go further and change the entire patent system to limit to 4 years on ALL patents from date of first commercial product. After all, the original objective of the patent system was to advance science, industry, etc. in the United States, it was not intended as a means of leeching cash from a productive industry or building monopolies. Shorter terms would force the hand of patent holders to put up or shut up.
I would also implement stricter rules on acceptance of patents. Today we hear over and over the excuse that lame patents are accepted because the office is overworked. I've read the rules on the uspto.gov website and several of the questionable patents that have been in the news and from what I've seen every one of them should have been rejected in the first 5 minutes of reading the abstract and claims.
The rules are simple and most patents don't pass muster. The patent office should be pushing back on those who file patents to submit applications which easily pass the initial tests:
"The patent law specifies that the subject matter must be "useful." The term "useful" in this connection refers to the condition that the subject matter has a useful purpose and also includes operativeness, that is, a machine which will not operate to perform the intended purpose would not be called useful, and therefore would not be granted a patent.
Interpretations of the statute by the courts have defined the limits of the field of subject matter that can be patented, thus it has been held that the laws of nature, physical phenomena, and abstract ideas are not patentable subject matter.
A patent cannot be obtained upon a mere idea or suggestion. The patent is granted upon the new machine, manufacture, etc., as has been said, and not upon the idea or suggestion of the new machine. A complete description of the actual machine or other subject matter for which a patent is sought is required."
http://www.uspto.gov/web/offices/pac/doc/general/
And from these basic rules it becomes obvious that SOFTWARE IS NOT PATENTABLE, you use copyrights for software. And just to add to the rant, a reimplementation of a concept or idea by someone else is not infringement of a copyright. I suspect that is why we have this big mess with software patents. I also suspect that part of the problem is interference from lawyers and lawmakers who have beaten the USPTO into submission, but at some point we need to stop all this stupidity.
burnin
"They started this patent war, they were the ones who were suing a bunch of smaller firms "
Absolutely true, and RIM should be lambasted continually until they apologize for their unethical business behaviour.
But it is also important to remember that this is a victory for true technology companies, inventors, and innovators. While RIM did use the same tactics as NTP there is a core difference between RIM and NTP. RIM is a company that makes and sells a product, they have individuals within the company who invent and innovate and are building upon the inventions and innovations of others. NTP on the other hand is simply a technology leech that produces nothing and, as evidenced by five of their patents being thrown out, don't even invent or innovate.
RIM should repent and change their evil ways so they will be a constructive force in our technology dependant societies, but NTP is a scourge which should be litigated into oblivion.
burnin
Do you believe that focusing marketing, press releases, and internal/external studies on comparisons of Windows security versus linux security is beneficial to Windows security or the perception of Windows security?
Aside from the fact that many of the reports we read seem seriously flawed it appears to me that focusing too much effort on the marketing aspect of Windows security has a tendency to backfire and just make linux look that much better in the eyes of consumers. Shouldn't the market speak for itself if Windows is adequately secure?
burnin
"Microsoft Corp. seems to be moving away from focusing on the actual number of security patches and updates ...
But of course they are"
It is also interesting to read between the lines and see what appears to be an admission:
Microsoft is more concerned about how secure their products APPEAR to be thus it is more important to release patches and updates in a way that makes it appear that they have fewer exploitable holes in their code. Its funny how they are still not focused on the issue which is the exploitable code, not the ease of patching for the end user.
Obviously you need to have a good system for end users to acquire and install patches but from my experience with Windows, Red Hat Linux, Fedora Core, and OSX the means have been there for years.
So far this follow up article is similar to the first in that they both try to draw attention away from an important fact about Windows.
In the first article they admit that Windows does not work well on legacy hardware and then pick linux installs which they know will produce the same results and intentionally avoid the truth which is that linux flexibility creates opportunities to save capital by using legacy hardware in various support roles which would not be feasible with Windows.
Now in this second article we are supposed to believe that its ease of installing patches that is important, not the fact your OS has exploitable code that will result in your machine participating in a botnet.
What ever, keep up the illusion there Bill, I'm sure you have some people fooled.
burnin
"We use Symantec's IDS and AV/anti-spam appliances, both of which are just i386 linux boxes with some proprietary software"
And therein lies the rub. Since I am paying Symantec with my tax dollars does that mean the results of their work will be open sourced and freely available, or will it be a proprietary product for which I have to pay a second time?
burnin
" if for instance, an ISP sees a shit load of traffic from a customer's address directed at another address to start blocking that traffic? Or at the very least notifying the customer "
Notification is fine, but I would be very pissed if my ISP decided on their own to block traffic from my address based on an incorrect assumption that the traffic from my address was from an exploited host. My ISP actually did notify me once about their concern for traffic volume from my address and after I explained the situation to them I've never received another notification.
I have some sympothy for the vast majority of the internet population who lack the knowledge or skill to lock down the crap shoot of an OS most of them run, but there are better solutions that will not impact those of us who utilize large amounts of bandwidth and are not host to malware.
1) If you can't lock down your Windows box yourself or install and use linux, buy a Mac.
2) If an ISP wants to help their customers with malware issues by blocking traffic, create an opt in program rather than assume all customers are clueless.
Leave my net alone,
burnin