Apologies for replying to my own post, but I found the list in this PDF document:
Cuba, Iran, Iraq, Libya, North Korea, Serbia, Sudan, Syria, and Talisman-controlled (sic) (Taliban-controlled?) areas of Afghanistan as of January 2000.
(Although there are nine -- counting "Talisman-controlled areas of Afghanistan" -- listed, not 7.)
From the "Early History" section of the Wikipedia entry on PGP:
"PGP encryption no longer meets the definition of a non-exportable weapon, and can be exported internationally except to 7 specific countries and a named list of groups and individuals."
Which are the 7 specific countries?
I think I can guess a few pretty easily, but I'd like to know them all for sure, since my organization is planning on rolling out encryption for some of our sensitive mailing lists. Don't want to get our subscribers in trouble, you know;)
Wow! Supporters of this course of action might find this link useful r.e. the success of some previous attempts to implement this kind of "justice":
http://en.wikipedia.org/wiki/Final_solution
"This article explains how to get an even better mobile Internet experience, without having to do business with either AT&T or Apple--with no contracts and no $60 per month bill just to surf the Net."
Because they removed that quote, apparently after a lot of slashdotters ripped them a new asshole for it.
Yesterday, that same article quoted Laura Didio as saying, "With the open source community, there are a large percentage of tinkers and 'ankle biters' who are trying their hand at hacking. Some are even communicating with each other. So it only takes one or two of these groups sharing information to be able to pull something off. When you have this type of passion, it's hard to fight because these people are like virtual suicide car bombers."
I think a post right above yours already pointed this out.
Or maybe my posting to slashdot generated enough email to the editor to get the quote pulled, which my own letter alone probably would not have accomplished, making it the more useful action for the OSS community;)
But seriously, you make a valid point. A poster to the follow up "leaked source" article suggested that Didio's car bomber comments demand Yankee Group make a public apology. Since they've already been pulled from the article I chose to write to Kim Vranas (kvranas@yankeegroup.com) at Yankee Group, listed as the Media Relations contact, instead and request Yankee Group publicy apologize and retract Didio's comments.
No, one reason Linux/*BSD/etc. are more secure is because the source code has always been available, and has been reviewed and hacked by thousands of people for 10 years. The source didn't just show up on the Internet yesterday.
If Linux's source had been developed in secret for the last ten years, you better believe its sudden revelation would lead to the discovery of new vulnerabilities and exploits, and that's exatly what will happen to NT/2000/XP if there are any substantive pieces of the OS in the partical source that has been released.
The funniest part of this whole thing has been the industry pundits explaining the ramifications of the source release in various media outlets.
The best I've seen today is on crn.com by some joker named Winell from Econium. He manages to say with a straight face:
"Unlike Linux desktops, which is like the wild wild west and not controlled and enhanced all the time, Windows users have come to take a quality controlled operating system for granted and not have to worry about a bad release," Winell said. "We hope that Microsoft can swiftly identify how the code got released, prosecute the perpetrator and build a barrier/security patch to protect against intrusions."
Mr. Winell has obviously never used Windows ME if he thinks Microsoft quality control prevents "bad releases". You know Econium must be a real player when the title of their home page is "Welcome to Econium who is a solutions provider."
Except that she's not a journalist, she's a source (and ostensibly an expert) quoted in the article and a "senior analyst" with Yankee Group -- which bills itself as "the most trusted name for communications and networking research and consulting."
It's her job to be not just familiar, but expert, about the technology industry. I'm not sure if her comments represent incompetence in the form of lack of familiarity with a paradigm shifting movement in that industry, or simply hostility toward the OSS movement.
Either way, I'm not particularly interested in doing her job for her by correcting her. Even the most cursory investigation of the OSS movement's motivations would clearly reveal her characterization of OSS hackers as terrorists attacking Microsoft (and what else are we to make of calling them "virtual suicide car bombers"?) as absurd in the extreme.
My point in posting the quote is not to sit on slashdot and bitch, but to point out to slashdot readers the misinformation about OSS sometimes propogated by mainstream media and analysts. The motivations behind same are up to you to decide for yourself.
Yankee Group senior analyst (sic) Laura Didio has these alarming thoughts on internetnews.com about who might now be able to get their hands on the Windows source:
"With the open source community, there are a large percentage of tinkers and 'ankle biters' who are trying their hand at hacking. Some are even communicating with each other. So it only takes one or two of these groups sharing information to be able to pull something off. When you have this type of passion, it's hard to fight because these people are like virtual suicide car bombers."
So Microsoft is the defender of truth and justice in the free world, and OSS hackers are like suicide car bombers?
She then went on to warn of the dangers of hackers using the several hundred megabytes worth of leaked source code to compile their own pirated copies of Windows 2000. What a dumbass.
What was the point of that? To me the most significant facet of Faramir's character was his wisdom in recognizing the folly of taking the ring, to resist it, and to just let Frodo and Sam go. Why he had to screw that up I don't know.
Maybe there will be a 5.2-STABLE, according to the early adopter's guide. In any case, 5.1-CURRENT is still not a good indicator of FreeBSD stability and polish. The parent should give 5.1-RELEASE a try. Or of course 4.8-RELEASE if he wants something that really won't ever crash.
The whole -CURRENT branch thing seems to be a constant source of confusion for Linux folks trying out FreeBSD for the first time, thinking they are getting the latest and greatest, when it's actually just the latest.
Maybe you should get together and troubleshoot with this guy who had the exact same problem with his Mac back in 1998. Maybe he can tell you how he fixed it.
Please make some kind of token effort to learn at least something about the operating system before trying to run it:
As you read this, keep in mind that FreeBSD-CURRENT is the ``bleeding edge'' of FreeBSD development. FreeBSD-CURRENT users are expected to have a high degree of technical skill, and should be capable of solving difficult system problems on their own. If you are new to FreeBSD, think twice before installing it.
Let's see, you installed the bleeding edge branch of the most experimental version of FreeBSD and, oh my gosh, it crashed. Go figure. FreeBSD 5.1-RELEASE is not a snapshot of your -CURRENT after two more days of development! -CURRENT is the ongoing development branch.
If you would like to try FreeBSD (and please do!), for god's sake get a copy of 5.1-RELEASE, or at least 5.1-STABLE. And be prepared to have to learn a bit about how it works, and its release cycle. FreeBSD is not Linux, nor does it always work the same or follow the same development and naming conventions.
FreeBSD 4.8 is more stable than 4.7. And 4.9 will likely be more stable than 4.8.
I'm sure 5.1 is more stable than 5.0 but 5.1 is not intended to be more stable than the 4.x series (yet), and nobody working on it claims that it is. That's why it's called a "new technology" release. And 4.8 is called the "production" release. That's also why I run 4.8 on my servers at work, but will consider putting 5.1 on my home PC.
FreeBSD 5.x will eventually be better and more stable than the 4.x series, maybe at 5.2, maybe later. Until then, I'm sure the FreeBSD project will continue to recommend all over the place the 4.x series to anyone who needs an absolutely rock-solid release:
FreeBSD 5.X marks the first new major version of FreeBSD in over two years. Besides a number of new features, it also contains a number of major developments in the underlying system architecture. Along with these advances, however, comes a system that incorporates a tremendous amount of new and not-widely-tested code. Compared to the existing line of 4.X releases, the first few 5.X releases may have regressions in areas of stability, performance, and occasionally functionality.
For these reasons, the Release Engineering Team specifically discourages users from updating from older FreeBSD releases to 5.1-RELEASE unless they are aware of (and prepared to deal with) possible regressions in the newer releases. Specifically, for more conservative users, we recommend running 4.X releases (such as 4.8-RELEASE) for the near-term future. We feel that such users are probably best served by upgrading to 5.X only after a 5-STABLE development branch has been created; this may be around the time of 5.2-RELEASE.
That's from the Early Adopter's Guide if you would like to learn what the actual release cycle for FreeBSD is, and which versions are recommended for whom.
It would be nice to read some interesting comments about a FreeBSD article occassionally, rather than the endless "FreeBSD is dying" and "I installed FreeBSD 5.0 and it crashed a lot" drivel. Those are literally about the only comments posted under every FreeBSD article on Slashdot.
FreeBSD isn't Linux. Some things about FreeBSD are different than Linux. FreeBSD doesn't use Linux version numbers and schemes; it uses FreeBSD version numbers and schemes. Some releases of FreeBSD are extremely stable. Some are development versions and have bugs and crash. Figure out which one you need and use it. Or don't. I don't care. I think it's a great, well organized, rock-solid OS and I use it on my servers because I think those characteristics are important. I could care less if Linux is more popular than FreeBSD. My servers aren't in high school, for gods sake, trying to get a prom date.
I think Linux is also a great OS, although not as good as FreeBSD in my humble opinion. If you think Linux meets your needs beter, use it. But don't download the latest CVS version of the latest experimental version of FreeBSD, expect it to be crash proof, and then go rip on BSD on Slashdot. For that, I stick my tongue out at you, sir. Phtttttt.
Since the STABLE and CURRENT branches are getting thrown around a lot when talking about FreeBSD's (awesome) stability, anyone thinking of giving it a try should understand that these are *both* development branches.
Again, STABLE is a development branch, as is CURRENT. If you want a *really* stable production FreeBSD box, track the RELEASE branch.
FreeBSD-CURRENT is the latest working sources for FreeBSD. This includes work in progress, experimental changes, and transitional mechanisms that might or might not be present in the next official release of the software. While many FreeBSD developers compile the FreeBSD-CURRENT source code daily, there are periods of time when the sources are not buildable. These problems are resolved as expeditiously as possible, but whether or not FreeBSD-CURRENT brings disaster or greatly desired functionality can be a matter of which exact moment you grabbed the source code in!
FreeBSD-STABLE is our development branch from which major releases are made. Changes go into this branch at a different pace, and with the general assumption that they have first gone into FreeBSD-CURRENT for testing. This is still a development branch, however, and this means that at any given time, the sources for FreeBSD-STABLE may or may not be suitable for any particular purpose. It is simply another engineering development track, not a resource for end-users.
Slashdot Mirror
Apologies for replying to my own post, but I found the list in this PDF document:
Cuba, Iran, Iraq, Libya, North Korea, Serbia, Sudan, Syria, and Talisman-controlled (sic) (Taliban-controlled?) areas of Afghanistan as of January 2000.
(Although there are nine -- counting "Talisman-controlled areas of Afghanistan" -- listed, not 7.)
-- Glenn
From the "Early History" section of the Wikipedia entry on PGP:
"PGP encryption no longer meets the definition of a non-exportable weapon, and can be exported internationally except to 7 specific countries and a named list of groups and individuals."
Which are the 7 specific countries?
I think I can guess a few pretty easily, but I'd like to know them all for sure, since my organization is planning on rolling out encryption for some of our sensitive mailing lists. Don't want to get our subscribers in trouble, you know ;)
-- Glenn
Wow! Supporters of this course of action might find this link useful r.e. the success of some previous attempts to implement this kind of "justice": http://en.wikipedia.org/wiki/Final_solution
> These cover mainly technical aspects of implementation whereas this book introduces the strategical thinking behind the whole Web 2.0 movement
The iPhone alternative (for freedom lovers)
"This article explains how to get an even better mobile Internet experience, without having to do business with either AT&T or Apple--with no contracts and no $60 per month bill just to surf the Net."
(Surveillance State blog)
More likely the Federación de Trabajadores Arubanos (Aruban Workers' Federation).
Best article quote:
Yikes! Er, um, wait, isn't that how the Internet is now?err...didn't they just steal that from SCO?
hmmm...http://www.mozilla.org/start/1.5/faq/mail -news.html#multiple-smtp
That's the Mozilla FAQ for setting up multiple SMTP servers. That feature has been in there since at least 1.0, probably much longer.
I saw someone earlier write it as "Didiot". I'm not sure if it was intentional or a Freudian slip.
Because they removed that quote, apparently after a lot of slashdotters ripped them a new asshole for it.
Yesterday, that same article quoted Laura Didio as saying, "With the open source community, there are a large percentage of tinkers and 'ankle biters' who are trying their hand at hacking. Some are even communicating with each other. So it only takes one or two of these groups sharing information to be able to pull something off. When you have this type of passion, it's hard to fight because these people are like virtual suicide car bombers."
I think a post right above yours already pointed this out.
Or maybe my posting to slashdot generated enough email to the editor to get the quote pulled, which my own letter alone probably would not have accomplished, making it the more useful action for the OSS community ;)
But seriously, you make a valid point. A poster to the follow up "leaked source" article suggested that Didio's car bomber comments demand Yankee Group make a public apology. Since they've already been pulled from the article I chose to write to Kim Vranas (kvranas@yankeegroup.com) at Yankee Group, listed as the Media Relations contact, instead and request Yankee Group publicy apologize and retract Didio's comments.
Cheers
Here's some general contact information for Yankee Group off their website:
Media Relations and
General Inquiry
Kim Vranas
Director of Marketing
kvranas@yankeegroup.com
Voice: 617.880.0214
Fax: 617.210.0014
No, one reason Linux/*BSD/etc. are more secure is because the source code has always been available, and has been reviewed and hacked by thousands of people for 10 years. The source didn't just show up on the Internet yesterday.
If Linux's source had been developed in secret for the last ten years, you better believe its sudden revelation would lead to the discovery of new vulnerabilities and exploits, and that's exatly what will happen to NT/2000/XP if there are any substantive pieces of the OS in the partical source that has been released.
Microsoft is downplaying the whole situation as an intellecutal property issue, but I don't believe it. It will likely result in more vulnerabilities and exploits against Windows. Microsoft execs have been saying for years that revealing Windows source code would make the OS more vulnerable to attacks.
The funniest part of this whole thing has been the industry pundits explaining the ramifications of the source release in various media outlets.
The best I've seen today is on crn.com by some joker named Winell from Econium. He manages to say with a straight face:Mr. Winell has obviously never used Windows ME if he thinks Microsoft quality control prevents "bad releases". You know Econium must be a real player when the title of their home page is "Welcome to Econium who is a solutions provider."
The classic yesterday was Laura Didio from Yankee Group comparing OSS hackers to suicide car bombers.
Nothing like an embarassing Microsoft moment to get the "experts" out from under their rocks.
Except that she's not a journalist, she's a source (and ostensibly an expert) quoted in the article and a "senior analyst" with Yankee Group -- which bills itself as "the most trusted name for communications and networking research and consulting."
It's her job to be not just familiar, but expert, about the technology industry. I'm not sure if her comments represent incompetence in the form of lack of familiarity with a paradigm shifting movement in that industry, or simply hostility toward the OSS movement.
Either way, I'm not particularly interested in doing her job for her by correcting her. Even the most cursory investigation of the OSS movement's motivations would clearly reveal her characterization of OSS hackers as terrorists attacking Microsoft (and what else are we to make of calling them "virtual suicide car bombers"?) as absurd in the extreme.
My point in posting the quote is not to sit on slashdot and bitch, but to point out to slashdot readers the misinformation about OSS sometimes propogated by mainstream media and analysts. The motivations behind same are up to you to decide for yourself.
Yankee Group senior analyst (sic) Laura Didio has these alarming thoughts on internetnews.com about who might now be able to get their hands on the Windows source:
So Microsoft is the defender of truth and justice in the free world, and OSS hackers are like suicide car bombers?
She then went on to warn of the dangers of hackers using the several hundred megabytes worth of leaked source code to compile their own pirated copies of Windows 2000. What a dumbass.
And what exactly is a "tinker", anyway?
AMEN!
What was the point of that? To me the most significant facet of Faramir's character was his wisdom in recognizing the folly of taking the ring, to resist it, and to just let Frodo and Sam go. Why he had to screw that up I don't know.
Whoops, good point ;)
Maybe there will be a 5.2-STABLE, according to the early adopter's guide. In any case, 5.1-CURRENT is still not a good indicator of FreeBSD stability and polish. The parent should give 5.1-RELEASE a try. Or of course 4.8-RELEASE if he wants something that really won't ever crash.
The whole -CURRENT branch thing seems to be a constant source of confusion for Linux folks trying out FreeBSD for the first time, thinking they are getting the latest and greatest, when it's actually just the latest.
Maybe you should get together and troubleshoot with this guy who had the exact same problem with his Mac back in 1998. Maybe he can tell you how he fixed it.
Gosh, as a courtesy, you should really give Yahoo, NetCraft and the rest of these folks this important advice.
The last time I compiled 5.1-CURRENT
Please make some kind of token effort to learn at least something about the operating system before trying to run it:
As you read this, keep in mind that FreeBSD-CURRENT is the ``bleeding edge'' of FreeBSD development. FreeBSD-CURRENT users are expected to have a high degree of technical skill, and should be capable of solving difficult system problems on their own. If you are new to FreeBSD, think twice before installing it.
Let's see, you installed the bleeding edge branch of the most experimental version of FreeBSD and, oh my gosh, it crashed. Go figure. FreeBSD 5.1-RELEASE is not a snapshot of your -CURRENT after two more days of development! -CURRENT is the ongoing development branch.
If you would like to try FreeBSD (and please do!), for god's sake get a copy of 5.1-RELEASE, or at least 5.1-STABLE. And be prepared to have to learn a bit about how it works, and its release cycle. FreeBSD is not Linux, nor does it always work the same or follow the same development and naming conventions.
I find that Windows XP supports a wider range of applications
Like Blaster, Nimda and Code Red? Despite numerous posts to freebsd-questions I still can't get that shit to run correctly on my BSD box.
FreeBSD 4.8 is more stable than 4.7. And 4.9 will likely be more stable than 4.8.
I'm sure 5.1 is more stable than 5.0 but 5.1 is not intended to be more stable than the 4.x series (yet), and nobody working on it claims that it is. That's why it's called a "new technology" release. And 4.8 is called the "production" release. That's also why I run 4.8 on my servers at work, but will consider putting 5.1 on my home PC.
FreeBSD 5.x will eventually be better and more stable than the 4.x series, maybe at 5.2, maybe later. Until then, I'm sure the FreeBSD project will continue to recommend all over the place the 4.x series to anyone who needs an absolutely rock-solid release:
FreeBSD 5.X marks the first new major version of FreeBSD in over two years. Besides a number of new features, it also contains a number of major developments in the underlying system architecture. Along with these advances, however, comes a system that incorporates a tremendous amount of new and not-widely-tested code. Compared to the existing line of 4.X releases, the first few 5.X releases may have regressions in areas of stability, performance, and occasionally functionality.
For these reasons, the Release Engineering Team specifically discourages users from updating from older FreeBSD releases to 5.1-RELEASE unless they are aware of (and prepared to deal with) possible regressions in the newer releases. Specifically, for more conservative users, we recommend running 4.X releases (such as 4.8-RELEASE) for the near-term future. We feel that such users are probably best served by upgrading to 5.X only after a 5-STABLE development branch has been created; this may be around the time of 5.2-RELEASE.
That's from the Early Adopter's Guide if you would like to learn what the actual release cycle for FreeBSD is, and which versions are recommended for whom.
It would be nice to read some interesting comments about a FreeBSD article occassionally, rather than the endless "FreeBSD is dying" and "I installed FreeBSD 5.0 and it crashed a lot" drivel. Those are literally about the only comments posted under every FreeBSD article on Slashdot.
FreeBSD isn't Linux. Some things about FreeBSD are different than Linux. FreeBSD doesn't use Linux version numbers and schemes; it uses FreeBSD version numbers and schemes. Some releases of FreeBSD are extremely stable. Some are development versions and have bugs and crash. Figure out which one you need and use it. Or don't. I don't care. I think it's a great, well organized, rock-solid OS and I use it on my servers because I think those characteristics are important. I could care less if Linux is more popular than FreeBSD. My servers aren't in high school, for gods sake, trying to get a prom date.
I think Linux is also a great OS, although not as good as FreeBSD in my humble opinion. If you think Linux meets your needs beter, use it. But don't download the latest CVS version of the latest experimental version of FreeBSD, expect it to be crash proof, and then go rip on BSD on Slashdot. For that, I stick my tongue out at you, sir. Phtttttt.
Since the STABLE and CURRENT branches are getting thrown around a lot when talking about FreeBSD's (awesome) stability, anyone thinking of giving it a try should understand that these are *both* development branches.
Again, STABLE is a development branch, as is CURRENT. If you want a *really* stable production FreeBSD box, track the RELEASE branch.
From the FreeBSD handbook, 21.2 FreeBSD-CURRENT vs. FreeBSD-STABLE:
FreeBSD-CURRENT is the latest working sources for FreeBSD. This includes work in progress, experimental changes, and transitional mechanisms that might or might not be present in the next official release of the software. While many FreeBSD developers compile the FreeBSD-CURRENT source code daily, there are periods of time when the sources are not buildable. These problems are resolved as expeditiously as possible, but whether or not FreeBSD-CURRENT brings disaster or greatly desired functionality can be a matter of which exact moment you grabbed the source code in!
FreeBSD-STABLE is our development branch from which major releases are made. Changes go into this branch at a different pace, and with the general assumption that they have first gone into FreeBSD-CURRENT for testing. This is still a development branch, however, and this means that at any given time, the sources for FreeBSD-STABLE may or may not be suitable for any particular purpose. It is simply another engineering development track, not a resource for end-users.