If you are worried about using a US-based distribution, you should use Debian. It's as free as you can get.
I know, but the times I've tried to get Debian-stable to work, it always blows up trying to resolve some apt dependency on install. And even if you do get stable running, you are several generations out of date on just about everything.
I sort of consider Debian and Gentoo to be distros where installation is an odyssey rather than a processs, and since I actively maintain several servers and workstations, the difficulty level in installation is really beyond what I have time for. I've looked at Libranet, but quite frankly, I can't afford it.
I am curious about your reason to use Mandrake (a great distro IMHO).
My reasons to use a non-US distro are not political per se. Red Hat is crippled because they can't use MP3, various font enhancements, etc. etc. etc., due to problems with IP law in the US. Mandrake works a lot better because they are free to put in what they want.
Plus, Bluecurve has pissed me off more and more each day I've used it. Pure KDE works MUCH better.
I have used and do use OpenBSD for certain applications, but I find that it isn't flexible enough for use as a general purpose server, much less as a desktop.
Migrating away from Linux would be a mistake. This is probably the most concerted, well thought out, and dangerous attack against Linux that has ever been launched. It did not succeed. The people who are adopting Linux for the first time (corporate red-hatters), will not understand the vagaries of the constant gear-changing behavior of the open source community at large. We all use particular software, often for "religious" reasons, such as my use of Mandrake because it's not a US based Linux distro. If you go down the list of why people use BSD, Debian, etc., you'll have a laundry list of geopolitical, IP law, and every other sort of activism expressed in what is installed on our PCs and servers.
I realize that it may be distasteful to some of us to support something precisely because of popularity, but if we truly care about the freedom that open source represents, then we should try to make sure that as many people as possible get a chance to try the red pill. That means sustaining the open source revolution, which is, as far as the rest of humanity is concerned, a Linux revolution.
Indeed, if the open source community retracts from Linux, and kills its gathering market momentum, we will have accomplished what the world's most best IP attorneys bankrolled by the world's most evil corporation could not achieve. How does one defeat Fear, Uncertainty, and Doubt except by choosing to be unafraid?
The beginning of the end started when the equipment manufacturers started producing boxes that allowed VoIP calls to have the same quality as circuit-switched ones.
They did? I've recently been in some training where we discussed the problems of getting VOIP to work on networking gear. It was interesting to see scenarios where one slight change to MTUs, etc., caused a 180 degree reversal of QoS behavior. Nothing I've looked at, including carrier class boxes, handles VOIP worth a damn. Data boxes, and more importantly, the protocols that run on them, simply weren't designed to handle realtime media streams.
Even if QoS is working correctly, VOIP is a train wreck. I mean, this is worse than when we got the bright idea to centralize faxing onto a server with a brooktrout card in it.
Nice troll. I do have one bullet left in my mod gun right now, but I have decided to let you off with this warning.
Not everyone who uses p2p is illegally sharing copyrighted works. I have a p2p node that stays slammed offering completely legal and non-porn content. I host linux distros, stuff related to Orbiter space flight simulator (free), and stuff that gets slashdotted. (People still download the Starship Exeter videos).
The node runs slammed 24/7, and I've had to implement traffic control to be able to concurrently use my connection for other things. Why do I go to the trouble? Because p2p is the best hope of ordinary people to share information. The next Thomas Paine probably will not have access to a web server, and if he did post the 21st century version of "Common Sense", it would get DMCA'ed or shut down by the government. The only hope, then, of free speech is going to be p2p, particularly next generation encrypted/anonymous p2p networks.
If I'm smart enough to figure out how to shape traffic so that I can ssh over a 200k upstream connection swamped with p2p traffic, then I'm reasonably certain ISP managers can probably figure it out without finding new and creative ways to tax the first amendment.
I salute your superior nazism. Of course, it sounds like you're running a business network, so you are entitled. I would recommend, however, that you consider bandwidth management practices. Blocking ports is like stepping on ants, especially when most p2p lets you change ports. If you instead prioritize your key business traffic, you will be amazed at the results.
Security is unlike any technical discipline because it is not a technical discipline. When you try to make a web server work, your "enemy" is simply entropy. You learn what you need to know about how the technology works, and you are good to go.
In security, your enemy is another human being. This changes everything. What do you have to know? More than the best cracker you will go up against. The question is not, therefore, what do you have to know, but what don't you have to know. The only effective teacher of security is experience. If you try to play fresh out of college/certification mercenary in the security game, you will get your ass burned.
This is an interesting idea.... but its entire basis for movement -- the wind on Mars -- seems to limit its usefulness to gathering data only on the areas of Mars where winds blow the strongest.
Mars has worldwide sandstorms. Also, we don't suffer from an excess of data about "windy parts" of Mars. We've carefully analyzed about the same surface area as a couple of teepees would occupy. At this point, anywhere is fine.
I agree that Imperial probe droids would be more precise, but I don't think the War on Terror can spare the money, especially since blowing the probe thirty feet downrange doubles the scientific sample size we've enjoyed since 1976.
Although I don't think that MS^H^HSCO will win this, we need to be prepared to take Linux underground. Albeit desperate, this is a brilliant (if monstrously evil) move by Microsoft, and it is their best shot to take Linux down.
If they succeed, Linux will be an outlaw operating system in the United States. Therefore, switch your redhat boxen (and moneyen) to mandrake. (If the plan works, redhat will be a thing of the past unless they move overseas) Get rid of identifying banners and error messages in your linux based applications. Set up a node on one of the next generation P2P networks- something encrypted and anonymous, such as Freenet or Gnunet, and host as many Linux distros as space permits.
In the meantime, we need to find out where this courtroom is and plan to put our money where our mouth is when it comes to protecting freedom. If we understand this as a threat to the ability of mankind to freely share information, we have a debt to mankind to protect that freedom. If this doesn't get us off our collective ass to protest something, we may never get another opportunity. Thousands need to be protesting on the steps of this court.
Absolutely, but what this does show - in spades - is that companies need to be extremely circumspect when dealing with the GPL because if they're not, there might be long-ranging unintended ramifications to their business down the road.
Such as EULAs that change arbitrarily every time a new security update comes out? Or perhaps the threat of a BSA audit when you don't buy the latest round of MS stuff? If these examples are on one side of the table, and outrageous death throe law suits from outfits like SCO are on the other, I think open source is clearly the safer option.
The reality is, however, that this is not about finding the garden path of how to be a legally untroubled commercial IT consumer. It is about a collision between the ridiculous modern application of IP law and the idea of free exchange of information. One side wants freedom, and the other wants to take it away. Long after the business plans fail and the stock options bottom out, the legacy we leave by the outcome of this affair will define how future humans live out their lives. I humbly suggest that more is at stake here than a business plan.
While I agree in principle, the idea of ensuring more responsible code could also be used to support regulation of programmers in a similar fashion to the way some states regulate engineers.
Well, I didn't consider making this a matter of legislation, but consider the converse of what you are proposing. Do you really feel comfortable with the idea of laws requiring IT managers to patch their systems in an automated and rapid manner?
I don't think you can write laws to govern this sort of activity. HIPAA pretty much proves that. Because they couldn't figure out what security practices to dictate in the law, they instead told healthcare providers to basically come up with their own standards, and then adhere to them. (WTF?) The lesson is that I don't think the professional IT community needs "help" in the form of laws do "solve the virus problem". The first thing they need is the leeway in decisionmaking to truly address the issue, and the second thing they need is to be able to freely communicate with each other. With people like MS and Cisco going over the heads of IT managers to enforce their solutions, and then forcing the staff to sign NDAs when the shit hits the fan, I have a hard time believing that the world will be a better place if I automate the installation of their patches.
So to stop a worldwide automated intrusion from working, we need to set up a worldwide automated method of changing the core software of all of our systems very quickly.
In summary therefore, customers of IT must wait for months while a commercial software outfit fucks around with an as yet undisclosed vulnerability, but should be prepared to instantly and automatically apply whatever hack and munge job said company puts together at the last minute when the bad guys actually start exploiting the problem.
Why don't we start writing more responsible fucking code? I think that if as much time and effort were spent doing security evaluation of commercial software development as goes toward finding the most underpaid programmers the developing world has to offer, we wouldn't be asking underpaid adminstrators to automate patching.
Yeah, I can just see this search warrant go down:
We executed a search warrant against the subject, but his computer exploded before we could get anything. I guess we have to let him go.
Then again, there are illegal things (like mp3's) and illegal things (like child porn) and they are not created equal.
Well, yes and no. I do expert witness testimony in criminal defense cases, many involving accusations of child pornography. The reality is that the feds view kiddie porn as an effortless conviction machine. Here's how it works:
If you have ANY porn on your hard disk whatsoever, they print it all up poster size and show it to a jury. After about the 450th pic of a thirty year old in pig tails, cheerleading outfit, or with shaven nether regions, technicalities such as legal age disappear from the minds of most jurors. It's easy to say to yourself, oh, kiddie porn - fry the bastard. It is quite another to consider the ramifications of having every image ever stored on any part of your system's hard drive (including deleted files, file slack, ram buffer slack, swapfile contents, etc.) and shown to 12 church ladies. And that's if the case even goes to trial. Most defense firms have no idea how to challenge electronic evidence, and often simpily do a plea bargain. In the cases I've dealt with, I have yet to see one instance of actual, real child pornography. Furthermore, of the computers I've worked on which were ever used to view pornography of any kind on the Internet, I've found enough of what passes for "evidence" these days to put the owner in prison.
Simple rules: if you like your money, don't download mp3s. If you like your freedom, don't surf porn. And don't participate in the 3 minutes hate. You may not know how finely the line is drawn beteween yourself and "those evil bastards".
Slashdot Mirror
Who are you and what are you doing posting AC?
This is one of the most brilliant comments I've seen in a long time.
If you are worried about using a US-based distribution, you should use Debian. It's as free as you can get.
I know, but the times I've tried to get Debian-stable to work, it always blows up trying to resolve some apt dependency on install. And even if you do get stable running, you are several generations out of date on just about everything.
I sort of consider Debian and Gentoo to be distros where installation is an odyssey rather than a processs, and since I actively maintain several servers and workstations, the difficulty level in installation is really beyond what I have time for. I've looked at Libranet, but quite frankly, I can't afford it.
I am curious about your reason to use Mandrake (a great distro IMHO).
My reasons to use a non-US distro are not political per se. Red Hat is crippled because they can't use MP3, various font enhancements, etc. etc. etc., due to problems with IP law in the US. Mandrake works a lot better because they are free to put in what they want.
Plus, Bluecurve has pissed me off more and more each day I've used it. Pure KDE works MUCH better.
I have used and do use OpenBSD for certain applications, but I find that it isn't flexible enough for use as a general purpose server, much less as a desktop.
Migrating away from Linux would be a mistake. This is probably the most concerted, well thought out, and dangerous attack against Linux that has ever been launched. It did not succeed. The people who are adopting Linux for the first time (corporate red-hatters), will not understand the vagaries of the constant gear-changing behavior of the open source community at large. We all use particular software, often for "religious" reasons, such as my use of Mandrake because it's not a US based Linux distro. If you go down the list of why people use BSD, Debian, etc., you'll have a laundry list of geopolitical, IP law, and every other sort of activism expressed in what is installed on our PCs and servers.
I realize that it may be distasteful to some of us to support something precisely because of popularity, but if we truly care about the freedom that open source represents, then we should try to make sure that as many people as possible get a chance to try the red pill. That means sustaining the open source revolution, which is, as far as the rest of humanity is concerned, a Linux revolution.
Indeed, if the open source community retracts from Linux, and kills its gathering market momentum, we will have accomplished what the world's most best IP attorneys bankrolled by the world's most evil corporation could not achieve. How does one defeat Fear, Uncertainty, and Doubt except by choosing to be unafraid?
Please forgive this descent into sheer nastiness, but I am pleased beyond words to watch SCO react to this.
Squirm, you putrescent, feces eating, blood sucking bastards. SQUIRM!
The beginning of the end started when the equipment manufacturers started producing boxes that allowed VoIP calls to have the same quality as circuit-switched ones.
They did? I've recently been in some training where we discussed the problems of getting VOIP to work on networking gear. It was interesting to see scenarios where one slight change to MTUs, etc., caused a 180 degree reversal of QoS behavior. Nothing I've looked at, including carrier class boxes, handles VOIP worth a damn. Data boxes, and more importantly, the protocols that run on them, simply weren't designed to handle realtime media streams.
Even if QoS is working correctly, VOIP is a train wreck. I mean, this is worse than when we got the bright idea to centralize faxing onto a server with a brooktrout card in it.
Obviously didn't question the article's conclusions, did we?
Nice troll. I do have one bullet left in my mod gun right now, but I have decided to let you off with this warning.
Not everyone who uses p2p is illegally sharing copyrighted works. I have a p2p node that stays slammed offering completely legal and non-porn content. I host linux distros, stuff related to Orbiter space flight simulator (free), and stuff that gets slashdotted. (People still download the Starship Exeter videos).
The node runs slammed 24/7, and I've had to implement traffic control to be able to concurrently use my connection for other things. Why do I go to the trouble? Because p2p is the best hope of ordinary people to share information. The next Thomas Paine probably will not have access to a web server, and if he did post the 21st century version of "Common Sense", it would get DMCA'ed or shut down by the government. The only hope, then, of free speech is going to be p2p, particularly next generation encrypted/anonymous p2p networks.
If I'm smart enough to figure out how to shape traffic so that I can ssh over a 200k upstream connection swamped with p2p traffic, then I'm reasonably certain ISP managers can probably figure it out without finding new and creative ways to tax the first amendment.
I salute your superior nazism. Of course, it sounds like you're running a business network, so you are entitled. I would recommend, however, that you consider bandwidth management practices. Blocking ports is like stepping on ants, especially when most p2p lets you change ports. If you instead prioritize your key business traffic, you will be amazed at the results.
Well, do remember, when I say your enemy is another human being, that statement is inclusive of users. :)
Security is unlike any technical discipline because it is not a technical discipline. When you try to make a web server work, your "enemy" is simply entropy. You learn what you need to know about how the technology works, and you are good to go.
In security, your enemy is another human being. This changes everything. What do you have to know? More than the best cracker you will go up against. The question is not, therefore, what do you have to know, but what don't you have to know. The only effective teacher of security is experience. If you try to play fresh out of college/certification mercenary in the security game, you will get your ass burned.
This is an interesting idea.... but its entire basis for movement -- the wind on Mars -- seems to limit its usefulness to gathering data only on the areas of Mars where winds blow the strongest.
Mars has worldwide sandstorms. Also, we don't suffer from an excess of data about "windy parts" of Mars. We've carefully analyzed about the same surface area as a couple of teepees would occupy. At this point, anywhere is fine.
I agree that Imperial probe droids would be more precise, but I don't think the War on Terror can spare the money, especially since blowing the probe thirty feet downrange doubles the scientific sample size we've enjoyed since 1976.
A bike also weighs less, costs less, and can go down stairs, on grass and dirt.
Are you actually suggesting that the health of the average slashdot reader would be well served by attempting to ride a bike down a flight of stairs?
My earnest hope is that it was stolen in connection with the making of the next Jackass Movie.
Hi, I'm Johnny Knoxville. This is Segway joyride.
IIRC, at least one of the Segway keys is speed-limited, for "valet parking" etc.
Ok, wait a minute...
Valet parking?...!
So you are saying that the theft of the Segway is an attempt to circumvent copyright protection. Call out the hounds!
Pleasing the unwashed masses is not my task. Yes, that means you, with the mod points.
You have the best sig on slashdot. I wish to discuss licensing terms.
Although I don't think that MS^H^HSCO will win this, we need to be prepared to take Linux underground. Albeit desperate, this is a brilliant (if monstrously evil) move by Microsoft, and it is their best shot to take Linux down.
If they succeed, Linux will be an outlaw operating system in the United States. Therefore, switch your redhat boxen (and moneyen) to mandrake. (If the plan works, redhat will be a thing of the past unless they move overseas) Get rid of identifying banners and error messages in your linux based applications. Set up a node on one of the next generation P2P networks- something encrypted and anonymous, such as Freenet or Gnunet, and host as many Linux distros as space permits.
In the meantime, we need to find out where this courtroom is and plan to put our money where our mouth is when it comes to protecting freedom. If we understand this as a threat to the ability of mankind to freely share information, we have a debt to mankind to protect that freedom. If this doesn't get us off our collective ass to protest something, we may never get another opportunity. Thousands need to be protesting on the steps of this court.
Absolutely, but what this does show - in spades - is that companies need to be extremely circumspect when dealing with the GPL because if they're not, there might be long-ranging unintended ramifications to their business down the road.
Such as EULAs that change arbitrarily every time a new security update comes out? Or perhaps the threat of a BSA audit when you don't buy the latest round of MS stuff? If these examples are on one side of the table, and outrageous death throe law suits from outfits like SCO are on the other, I think open source is clearly the safer option.
The reality is, however, that this is not about finding the garden path of how to be a legally untroubled commercial IT consumer. It is about a collision between the ridiculous modern application of IP law and the idea of free exchange of information. One side wants freedom, and the other wants to take it away. Long after the business plans fail and the stock options bottom out, the legacy we leave by the outcome of this affair will define how future humans live out their lives. I humbly suggest that more is at stake here than a business plan.
While I agree in principle, the idea of ensuring more responsible code could also be used to support regulation of programmers in a similar fashion to the way some states regulate engineers.
Well, I didn't consider making this a matter of legislation, but consider the converse of what you are proposing. Do you really feel comfortable with the idea of laws requiring IT managers to patch their systems in an automated and rapid manner?
I don't think you can write laws to govern this sort of activity. HIPAA pretty much proves that. Because they couldn't figure out what security practices to dictate in the law, they instead told healthcare providers to basically come up with their own standards, and then adhere to them. (WTF?) The lesson is that I don't think the professional IT community needs "help" in the form of laws do "solve the virus problem". The first thing they need is the leeway in decisionmaking to truly address the issue, and the second thing they need is to be able to freely communicate with each other. With people like MS and Cisco going over the heads of IT managers to enforce their solutions, and then forcing the staff to sign NDAs when the shit hits the fan, I have a hard time believing that the world will be a better place if I automate the installation of their patches.
So to stop a worldwide automated intrusion from working, we need to set up a worldwide automated method of changing the core software of all of our systems very quickly.
In summary therefore, customers of IT must wait for months while a commercial software outfit fucks around with an as yet undisclosed vulnerability, but should be prepared to instantly and automatically apply whatever hack and munge job said company puts together at the last minute when the bad guys actually start exploiting the problem.
Why don't we start writing more responsible fucking code? I think that if as much time and effort were spent doing security evaluation of commercial software development as goes toward finding the most underpaid programmers the developing world has to offer, we wouldn't be asking underpaid adminstrators to automate patching.
Yeah, I can just see this search warrant go down:
We executed a search warrant against the subject, but his computer exploded before we could get anything. I guess we have to let him go.
Then again, there are illegal things (like mp3's) and illegal things (like child porn) and they are not created equal.
Well, yes and no. I do expert witness testimony in criminal defense cases, many involving accusations of child pornography. The reality is that the feds view kiddie porn as an effortless conviction machine. Here's how it works:
If you have ANY porn on your hard disk whatsoever, they print it all up poster size and show it to a jury. After about the 450th pic of a thirty year old in pig tails, cheerleading outfit, or with shaven nether regions, technicalities such as legal age disappear from the minds of most jurors. It's easy to say to yourself, oh, kiddie porn - fry the bastard. It is quite another to consider the ramifications of having every image ever stored on any part of your system's hard drive (including deleted files, file slack, ram buffer slack, swapfile contents, etc.) and shown to 12 church ladies. And that's if the case even goes to trial. Most defense firms have no idea how to challenge electronic evidence, and often simpily do a plea bargain. In the cases I've dealt with, I have yet to see one instance of actual, real child pornography. Furthermore, of the computers I've worked on which were ever used to view pornography of any kind on the Internet, I've found enough of what passes for "evidence" these days to put the owner in prison.
Simple rules: if you like your money, don't download mp3s. If you like your freedom, don't surf porn. And don't participate in the 3 minutes hate. You may not know how finely the line is drawn beteween yourself and "those evil bastards".
What is VAT?
Well, I can certainly imagine that. Let's see, 98 cents, that's two 40ct pieces and one 18ct piece. Easy.
Well, I've got you beat. I can do it in two coins. One fifty-three and seven elevenths coin, and one forty four and four elevenths piece. Voila!