You need to strip the security identifiers from NTFS before making an image... I suspect this is what the (obviously ignorant) author of the article didn't do and instead chose to write up this little FUD escapade. Microsoft has a little tool called "sysprep" that does just this.
From the article: Microsoft Windows 2000 and Windows XP have crippled file systems
Bullshit! That one statement shows that the article writer has a serious case of rectal-cranial inversion... For the uninformed, here is MS's definition of SIDs: "A security identifier (SID) is a unique value of variable length that is used to identify a security principal or security group in Microsoft(R) Windows(R) 2000 and Microsoft(R) Windows NT(R)." They are almost like *nix UIDs/GIDs, but a little bit more complex... NTFS is more complex in general. They actually contain information specific to the machine/domain/etc in the permission. To be more clear, an NT machine on a domain is treated as a leaf node in a tree... and each file in the filesystem of that leaf node can be assigned specific permissions relating to any user on any machine in that tree (domain). This allows very complex definition of file/registry/system permissions! Unix works in a similar way, but lacks those extra capabilities. What you need to do is strip the machine-specific parts of the SIDs out before you image the machine! (Here's a thought question for ya... ever tar a set of files on one unix machine, move them to another, untar and notice that the UIDs/GIDs are, as Strong Bad would say, "weirded out?")
Obviously the article writer is an amateur and knows nothing about how Windows or NTFS work... which makes me suspect he is not qualified to do his job. Assuming you can't image Windows machines based on the premise that Windows and NTFS are "fundamentally broken" is the most ludicrous thing I've ever heard. My university must have > 10,000 shiny brand new Dell computers, all running an identical version of Windows XP... and someone means to tell me they didn't image them, instead installing XP from scratch on each one? Please!
dd is great for quick-and-dirty imaging, but I'd be wary writing that image to a disk of a different size, etc... unless you hacked the partition table to make the new disk "think" it's smaller than the image, if the new disk is indeed bigger.
This can happen in Linux too, if you are interacting with ANY daemon that runs as root (e.g, SSHd, init, smbd, snmpd, lpd, getty, I can go on and on -- pretty much anything that executes setuid root) that happens to be interacting in some way with the local system but also interacting with users. The article you linked was a very specific occurence of a local root exploit (and most Linux people don't even consider those "exploits" at that!) that didn't handle input correctly... this is why people don't run ftp as root anymore; but some things inevitably have to run as root...
There was a version of Solaris/SunOS that had a local root exploit where all you would do is hold down the return key at the login prompt, and get root! That seems less complicated to do -- and in essence, how is it different?
Your message was worded in a FUDish manner... as if NO OTHER OSes have EVER had local root exploits, but Windows somehow is fundamentally broken by having this "feature?"
iTunes for Windows is my official new favorite MP3 player.
I am proceeding to rip all my 500+ CDs into iTunes. With one click.
Winamp has served me well for many, years, but it lacks the snazzy playlist/library editor, and the ability to transfer music from CD, to the hard drive, tag it, and add it to my playlist at the click of a button. Literally.
Sure, it's a little slow, but who cares. Its functionality is unmatched. The music store is snazzy, too.
Good move, Apple, with iTunes for Windows. You may see a future Mac / iPod customer soon...
had i really wanted an easy linux installation, i would have just burnt knoppix and stuffed it in my cd drive(and had a working desktop in mere minutes, including the burning time).
Minus the small detail that everything that is not/home is mounted read-only, and/home is really in ramdisk.... so toodles to installing any packages.
Funny, the biggest hurdle I had installing WinXP was finding something to do in the 35 minutes from the time I inserted the CD until it was done and asking me in which time zone I live...
Maybe you misunderstood the point I was trying to get across... just because you can go lower-level than someone else, DOESN'T automatically make you smarter, etc. The point is that there shouldn't really be a need to go lower-level unnecessarily, and doing so does NOT make you "hard-core" in the process... Just because you pick a different level of abstraction than I do doesn't make any difference in most cases; however, I think the article writer failed to see this.
That's not to say I don't know how to use Linux or the shell prompt (hint: I run a Linux server), but if someone constantly hounded you about driving a car with an automatic transmission, citing its "easiness" and your inability to "truely understand how cars work" since you don't drive a stick... well... you see where I'm going.
I had a boss with the same line of thinking. He always went on and on about how that was the reason he used Linux and not Windows, because for some reason if you can't do something in the most complicated way possible, you don't "truely understand how computers work" and are therefore stupid. Or something like that.
As you can infer from that, he was a complete asshole in general, which is why I quit.:D
That journalists, even "technical journalists," know jack shit about computers. Let this guy start hammering out all the x86 opcodes one by one then tell me his article makes sense...
The OpenBSD people HATE the GPL. The only GPLed package in OpenBSD is GCC... and that is slated for removal eventually.
When the maintainer of BSD's ipf pulled a 180 and changed the license to something more restrictive (I'm at a loss for details right now), the OpenBSD people told him to fuck off, and they wrote their own firewall, now known to everyone as pf. Pretty sad that it had to happen, since pf is now regarded as one of the best firewalls around...
Slashdot Mirror
You need to strip the security identifiers from NTFS before making an image... I suspect this is what the (obviously ignorant) author of the article didn't do and instead chose to write up this little FUD escapade. Microsoft has a little tool called "sysprep" that does just this.
From the article: Microsoft Windows 2000 and Windows XP have crippled file systems
Bullshit! That one statement shows that the article writer has a serious case of rectal-cranial inversion... For the uninformed, here is MS's definition of SIDs: "A security identifier (SID) is a unique value of variable length that is used to identify a security principal or security group in Microsoft(R) Windows(R) 2000 and Microsoft(R) Windows NT(R)." They are almost like *nix UIDs/GIDs, but a little bit more complex... NTFS is more complex in general. They actually contain information specific to the machine/domain/etc in the permission. To be more clear, an NT machine on a domain is treated as a leaf node in a tree... and each file in the filesystem of that leaf node can be assigned specific permissions relating to any user on any machine in that tree (domain). This allows very complex definition of file/registry/system permissions! Unix works in a similar way, but lacks those extra capabilities. What you need to do is strip the machine-specific parts of the SIDs out before you image the machine! (Here's a thought question for ya... ever tar a set of files on one unix machine, move them to another, untar and notice that the UIDs/GIDs are, as Strong Bad would say, "weirded out?")
Obviously the article writer is an amateur and knows nothing about how Windows or NTFS work... which makes me suspect he is not qualified to do his job. Assuming you can't image Windows machines based on the premise that Windows and NTFS are "fundamentally broken" is the most ludicrous thing I've ever heard. My university must have > 10,000 shiny brand new Dell computers, all running an identical version of Windows XP... and someone means to tell me they didn't image them, instead installing XP from scratch on each one? Please!
dd is great for quick-and-dirty imaging, but I'd be wary writing that image to a disk of a different size, etc... unless you hacked the partition table to make the new disk "think" it's smaller than the image, if the new disk is indeed bigger.
Uh, maybe you should stop spreading more FUD?
This can happen in Linux too, if you are interacting with ANY daemon that runs as root (e.g, SSHd, init, smbd, snmpd, lpd, getty, I can go on and on -- pretty much anything that executes setuid root) that happens to be interacting in some way with the local system but also interacting with users. The article you linked was a very specific occurence of a local root exploit (and most Linux people don't even consider those "exploits" at that!) that didn't handle input correctly... this is why people don't run ftp as root anymore; but some things inevitably have to run as root...
There was a version of Solaris/SunOS that had a local root exploit where all you would do is hold down the return key at the login prompt, and get root! That seems less complicated to do -- and in essence, how is it different?
Your message was worded in a FUDish manner... as if NO OTHER OSes have EVER had local root exploits, but Windows somehow is fundamentally broken by having this "feature?"
Please.
I steered clear of Winamp 3... brrr!
I downloaded one of the Winamp 5 alpha releases, but it was buggy and crash-prone... so far iTunes hasn't crashed on me... yet.
From where is the Winamp 5 beta available? Any better than Alpha 2?
Too bad iTunes ignores the data sessions on multisession CDs and rips from the audio part!
Except if you'd actually had a sense of humor, you'd realize that he was making fun of SCO's $699 "Linux tax."
On the same note, I guess it would be appropriate to ask the Gnome developers why Gnome needs five clocks...
I was just poking fun at the fact that all the models on there weighed about 60 lbs... apparently some people took it differently ;)
Glad to know the "it just works" philosophy is appreciated by more than one person :)
And they are, truely, "smart" -- they update in real-time. Flatfile text (m3u and friends) can't do that.
They are protecting themselves against credit card fraud.... see here to see what I'm talking about..
Its only fault seems to be that it doesn't come in sizes for women that actually eat solid food.
iTunes for Windows is my official new favorite MP3 player.
I am proceeding to rip all my 500+ CDs into iTunes. With one click.
Winamp has served me well for many, years, but it lacks the snazzy playlist/library editor, and the ability to transfer music from CD, to the hard drive, tag it, and add it to my playlist at the click of a button. Literally.
Sure, it's a little slow, but who cares. Its functionality is unmatched. The music store is snazzy, too.
Good move, Apple, with iTunes for Windows. You may see a future Mac / iPod customer soon...
Right. If I knew what a kisok was, I'd probably use Linux on it too ;)
had i really wanted an easy linux installation, i would have just burnt knoppix and stuffed it in my cd drive(and had a working desktop in mere minutes, including the burning time).
/home is mounted read-only, and /home is really in ramdisk.... so toodles to installing any packages.
Minus the small detail that everything that is not
Funny, the biggest hurdle I had installing WinXP was finding something to do in the 35 minutes from the time I inserted the CD until it was done and asking me in which time zone I live...
I'll take a secured NT4 kiosk over Linux any day.
for your courriel
Now THAT is funny!
Maybe you misunderstood the point I was trying to get across... just because you can go lower-level than someone else, DOESN'T automatically make you smarter, etc. The point is that there shouldn't really be a need to go lower-level unnecessarily, and doing so does NOT make you "hard-core" in the process... Just because you pick a different level of abstraction than I do doesn't make any difference in most cases; however, I think the article writer failed to see this.
That's not to say I don't know how to use Linux or the shell prompt (hint: I run a Linux server), but if someone constantly hounded you about driving a car with an automatic transmission, citing its "easiness" and your inability to "truely understand how cars work" since you don't drive a stick... well... you see where I'm going.
I had a boss with the same line of thinking. He always went on and on about how that was the reason he used Linux and not Windows, because for some reason if you can't do something in the most complicated way possible, you don't "truely understand how computers work" and are therefore stupid. Or something like that.
:D
As you can infer from that, he was a complete asshole in general, which is why I quit.
That journalists, even "technical journalists," know jack shit about computers. Let this guy start hammering out all the x86 opcodes one by one then tell me his article makes sense...
IPv6-enabled Windows Applications
Also, see see here
I find the article kind of strange saying that since Netcraft itself claims that NetSol's entire netblock is running Solaris...
The OpenBSD people HATE the GPL. The only GPLed package in OpenBSD is GCC... and that is slated for removal eventually.
When the maintainer of BSD's ipf pulled a 180 and changed the license to something more restrictive (I'm at a loss for details right now), the OpenBSD people told him to fuck off, and they wrote their own firewall, now known to everyone as pf. Pretty sad that it had to happen, since pf is now regarded as one of the best firewalls around...
I don't know where you come from, but "not exactly useable" and "lack of up to date documentation" doesn't equate to "very nice" in my book...