For free I can turn a Linux box into a webserver, domain server, ftp server, irc server, database server and such.
You don't really do it for free. It takes your time to recompile your kernal if you don't want a swiss-army-knife operating system like Windows.
Not to nitpick, but there are a few points that need to be addressed here.
1)Every operating system requires time. Its just a matter of how much. Of course, MS says that W2k3S requires less, but I disagree. MS likes to talk all about TCO, but the fact is, in DOLLARS, windows is damn expensive and GNU/Linux is free.
2)The linux kernel by nature is always a "swiss-army-knife" kernel due to its modularity. Though the default install of my favorite distro (Debian) is very nicely trimmed, I can still compile modules against my kernel headers and load them (still during my linux session). Generally speaking, it takes about 15 seconds of my time to type "make && make install && modprobe xxx" in the module directory. If it takes you longer, feel free to copy my command (just remember to replace 'xxx' with your module name). By the way, the "swiss-army-knife" nature of the linux kernel (or the winNT kernel) is not problematic to security. Its the applications level integration that gets MS in trouble.
3)None of the operations the grandparent post described require any kind of kernel rebuild (unless you absolutely MUST have apache kernel hooks, and I really don't know how useful they are).
I understand your argument, but I disagree. The fact that linux is free (money wise) is and always will be a huge advantage
Don't buy into the MS Total-Cost-Ownership theory. The fact is, if you want to use that as a benchmark for software value, you have weigh more than just time and money; you also weigh the cost of supporting a monopolistic standard-defying unscroupulous company like Microsoft.
I suppose it is folly to make a serious reponse to a post modded "funny", but I should point out that the OS that Google uses to run their servers (a *highly* modified GNU/Linux variant) is usually reffered to as the Google OS since it was designed by them specifically for their server farms (I think anyway). Also, I believe there is a GFS (Google File System, or Gordon Food Services - an entirely unrelated business) which is the distributed file system run at - of course - their server farms.
Backers hope WiMAX could be used as a replacement for T1 lines for business, become a backhaul for 802.11 hotspots, provide Internet access for consumers and get integrated along with.11 into notebook computers some day.
Well, your theory makes a lot more sense, but it looks like it disagrees with the article; I'm just curious, where did you get your information?
First of all, This will probably not substantially increase bandwidth to target users. Though it might have a higher theoretical maximum, they simply cannot afford to offer more bandwidth than your average cable ISP already provides.
Second of all, I don't think this will necessarily have a lower cost than existing connections. Cable and telephone infrastructure already exists necessarily because of other technologies; that means that cable and dsl providers really don't have much overhead on those technologies (beyond the bandwidth and the routers, which they would need anyway).
Finally, I don't think we have to "hope" that Intel gets sufficient funding; I mean, feel free to donate, but they have enough funding to develop wimax or any other technology for the next millenium.
Beyond all that, this could be a very nice innovation for one reason; Convenience.
I'm an American, and I love the US, but the imbalance of the internet towards the US has always bothered me. To me, it always has seemed that it should be a completely global venture, and be supported fairly evenly throughout the globe.
DNS servers are probably a good indicator of internet usage/participation and the fact that other countries are catching up is a good thing; however, just shy of half of the DNS servers are still in the US. That's pretty sad considering we represent less than 5% of the global population. Here's to hoping other countries continue to grow in their participation.
Also, I hope Babelfish improves as globalizations continues.....
Under ideal conditions with well-written daemons, that is true. However, many daemons run as root (either due to badly designed distributions or foolish users).
Also, by the time you have user-level access to a system, there are usually sneaky things you can do screw up the system; including but not limited to exploiting kernel bugs in pre-2.4.24 kernels that give users root access...
I love *nix. I hate Windows. But really, I don't have any delusions that my Debian box would be so much better off than Windows if it were actually being targeted by hackers.
I'm really not sure if "better" code is what is needed here (because I think the existing code is technically correct), but people are generally considering this a hole; apparently, the executable is able to display a deceptive icon in order to fool the user into opening it. Anyway, I think it will be patched, so it goes without saying if they had written the code differently (the way they'll write it for the patch), then the trojan wouldn't have been so effective (and fewer trojans is always better, right?).
There is no doubt that in this case and most other cases, deversification would have helped; my contention is only that when the world does become diversified, diversity will probably not help as much as people think (cross-platform viri, etc).
Eventually, that might not help.
on
More MyDoom Gloom
·
· Score: 2, Interesting
Many worms nowadays are capable of traveling along multiple protocols and containing multiple payloads. Of course, worm writers generally don't bother because there are indeed far more copies of Windows out in the wild than anything else. However, if we began to see a more substantial plurality of OSes, I suspect multiple-architecture worms would become more common place; just pick your favorite exploit from each os, and make a separate payload for each. The worm might double or triple in size (depending on the number of architectures supported), but authors won't care.
Further more, universal binaries like those associated with Java or.NET/Mono might eventually make it so worm writers don't even have to include multiple payloads; just multiple exploits.
Maybe diversifying will help a little for a short while, but the real solution to this problem is to write better code.
To me, the content of the story is not the interesting item here; it's the fact that a well known publication in Microsoft's own stomping grounds is publishing a story like this; I for one am very proud of them.
FreeBSD is nice, but it has a substantially bigger learning curve than your average GNU/Linux distro. Gentoo, however, probably has an even bigger learning curve than FreeBSD. I tried Gentoo for a while, and had the same experience that you had. There were just some things that I never got working (including some severe corruption in the portage repository). I use Debian on all my machines now and I find it to be incredibly easy to use (and Debian is also misrepresented as being one of the more difficult studies), and a very nice desktop OS (take that OSNews).
I agree with your sentiments, just don't discount GNU/Linux because of Gentoo.
The Windows base is hardly rock solid, unless you understand "Rock Solid" to mean "Full of Holes". Consider the RPC worms that came out last year (remember MSBlast?). These problems are win32 API level (something I would consider part of the base). And, this is not an isolated case; all the time, there are new holes being found in code written in the early days of NT that have propagated through today; many of them don't even get publicized because they aren't all neccessarily appropriate for spreading worms, but there are tons.
Even Linux in this department takes a back seat to FreeBSD; FreeBSD release versions have always been truly rock solid.
And even if the Linux community wasn't getting a bad reputation over this, I'm still not sure there would be anything to cheer about. I mean, who really visits the SCO website anyway (other than DDOSers)?
Maybe one or two really lonely/bored/pathetic people won't be able to get their daily scoop of SCO goodness on February first; big deal.
His assessment of the situation here was about as dead on as your assessment of his gender.
He, like most other people, is only reading highly modded posts; they are, have been, and always will be the only ones that truly matter (that's the beauty of slashcode). The people who post are not really that key to the process; everything gets said at least once - EVERYTHING - and most things get said far more often than that. What DOES matter is the moderation, and that is what best reflects the intelligent sentiments of the slashdot community.
And judging by that standard, I very much agree with the creator of this thread. The highly modded comments which had a non-"funny" qualifier were generally NOT condoning the worm, and that is very important. So important that it should have been taken into account in the article.
I've not helped to design an operating system or really any part of an operating system, but I can damn well tell you that Windows ME was a shitty OS. It doesn't take any experience for me to tell this; I can determine this by simple observation.
When the tire of my car explodes in an open road, it would not take much expertise on my part to diagnose it as a problem with my tire (they really aren't supposed to explode). And, when it happens to many other people with the same tire, it wouldn't take any expertise on my part to determine that it is probably a flaw in that tire design.
If indeed long pipelines make non-predictable/chaotic software cause more mispredicts, and I notice that those applications do indeed run more slowly (or fail to see a speed improvement) on a new, more expensive, Intel processor, then I can assume without expertise that the design of the processor is not fitting for those applications.
Also, when Intel's experienced engineers make a design decision, it might not be with the purpose of speed. In fact, I think few decisions there are. Intel, like Microsoft, is a marketing company. They like big numbers because they attract customers. Customers don't necessarily want really fast matlab, they want to be able to say "4 Ghz" because it makes them feel special.
So, please don't be frustrated with people for making simple, astute observations. Intel engineers (with over 30 years' experience) don't neccessarily have our best interests in mind.
How about the ethics of....
on
Mice In Space
·
· Score: 1
I would like to see the effectiveness of mouse traps in a Mars environment. Maybe they should send some loaded traps up as well...
Yea, the whole article can be summed up with that quote, but I think they are WAY off on data interpretation. I know, for me, I don't hate my cell phone; I hate other people's cell phones. I hate when people in front of me at a checkout line take 3 times longer because they're boyfriend/girlfriend is having an emotional crisis. I hate stupid drivers who can't multitast nearly run me off the road while trying to conduct a business meeting in their car. I hate when I'm in a quiet relaxing environment like the library and I suddenly start hearing the "O Danny Boy" at full volume (not that I don't like all the songs that are played, I just want to choose when to listen to them). Anyway, people like being able to call people and being connected to the world. They just don't like other people being connected.
Well, that's just about the most ridiculous thing I've ever heard on Slashdot. Are you saying that a publication shouldn't defend the actions of an individual or corporation when they are acting outside the law? I think many people here at Slashdot might have opinions about, for instance, file sharing that would run contrary to the law. And Forbes has as much right to express their viewpoints (however contrary to the law that they might be) as does a slashdot user. In fact, sometimes laws are unjust, and then it it a citizen's (or corporation's) responsibility to engage people on the matter and try to rethink the law. Now, I'm not saying that the laws which convict fax.com are unjust (most people seem to think they are just, if not soft), but I think Forbes should speak out on any law that they think is unjust (or at least show both sides as they have), no matter what the public opinion. That takes a lot of guts.
If you check the records, I think you'll find that "Maid in Manhatten" actually beat it the first weekend. We're talking the same actress who did Gigli.... out-grossed Nemesis. It would have flopped no matter what came before, after, or during its release.
Security Experts expect Security Problems??
on
The Future of Security
·
· Score: 5, Insightful
Yes, and mechanics expect broken cars, teachers expect ignorant people, and doctors expect injuries. Of course, just by explaining what they "expect," security experts create more business for themselves by instilling fear in the public. Whatever.
In reference to your first point, is it your contention that nobody can be in violation of GPLed Java source code? It seems to me, no matter how trivial it is to decompile the binary, a company is in violation of the GPL if they don't release the source code themselves.
I would consider Debian Stable to be one of the few server-performance-oriented GNU/Linux distros out there, so I would probably try to compare it to FreeBSD, Solaris[x86], and Windows Server. Honestly, as far as they go, the installation really isn't very bad at all. As long as you're somewhat familiar with the unixesque command-line (and you really ought to be if you're running a server), its actually a very easy installation by comparison (and by installation, I mean from CD-Bootup to deployment). Even Windows Server can be very annoying if you're working with the more advances services and you don't know what you're doing.
Well, Debian hasn't screwed up KDE either, but that's besides the point.
I'm not arguing that Red Hat should be held as the quintessential RPM-based distro because they are the best, I'm saying they were the first and are therefore the representative of the group.
I don't think you are identifying problems with.deb vs.rpm, you are just dissatified with the debian installer. Red Hat just groups their packages into catagories and puts icons next to them (undoubtedly, this is what you would need in order for selection tool to not be "awkward". Plus, they have a much smaller repository (perhaps there would be less "agony" if Debians was smaller).
In the end, the.deb system is as easy or hard as the installer makes it. Just look at Lindows and Xandros, both.deb based; the Xandros installer makes Red Hat's look difficult by comparison. However the Debian people usually count on their user-base preffering choice and precision during installation (isn't that what GNU/Linux is all about?).
Yes Yes, there are many distros; everybody who reads/. knows that. But in the long run, distros boil down to rpm-based (named for Red Hat which designed it), deb-based (debian and all derivitives), and source-based (slackware, gentoo; neither of which are in competition for the mass market though they do have a loyal following). So really, if you don't want to wait hours for things to compile, you have two major option to choose from; debian based or red-hat based package management. Thus, the assertion that debian is the "other-option" is still mostly true even in the presence of so many choices.
Slashdot Mirror
For free I can turn a Linux box into a webserver, domain server, ftp server, irc server, database server and such.
You don't really do it for free. It takes your time to recompile your kernal if you don't want a swiss-army-knife operating system like Windows.
Not to nitpick, but there are a few points that need to be addressed here.
1)Every operating system requires time. Its just a matter of how much. Of course, MS says that W2k3S requires less, but I disagree. MS likes to talk all about TCO, but the fact is, in DOLLARS, windows is damn expensive and GNU/Linux is free.
2)The linux kernel by nature is always a "swiss-army-knife" kernel due to its modularity. Though the default install of my favorite distro (Debian) is very nicely trimmed, I can still compile modules against my kernel headers and load them (still during my linux session). Generally speaking, it takes about 15 seconds of my time to type "make && make install && modprobe xxx" in the module directory. If it takes you longer, feel free to copy my command (just remember to replace 'xxx' with your module name). By the way, the "swiss-army-knife" nature of the linux kernel (or the winNT kernel) is not problematic to security. Its the applications level integration that gets MS in trouble.
3)None of the operations the grandparent post described require any kind of kernel rebuild (unless you absolutely MUST have apache kernel hooks, and I really don't know how useful they are).
I understand your argument, but I disagree. The fact that linux is free (money wise) is and always will be a huge advantage
Don't buy into the MS Total-Cost-Ownership theory. The fact is, if you want to use that as a benchmark for software value, you have weigh more than just time and money; you also weigh the cost of supporting a monopolistic standard-defying unscroupulous company like Microsoft.
I suppose it is folly to make a serious reponse to a post modded "funny", but I should point out that the OS that Google uses to run their servers (a *highly* modified GNU/Linux variant) is usually reffered to as the Google OS since it was designed by them specifically for their server farms (I think anyway). Also, I believe there is a GFS (Google File System, or Gordon Food Services - an entirely unrelated business) which is the distributed file system run at - of course - their server farms.
From the article:
.11 into notebook computers some day.
Backers hope WiMAX could be used as a replacement for T1 lines for business, become a backhaul for 802.11 hotspots, provide Internet access for consumers and get integrated along with
Well, your theory makes a lot more sense, but it looks like it disagrees with the article; I'm just curious, where did you get your information?
First of all, This will probably not substantially increase bandwidth to target users. Though it might have a higher theoretical maximum, they simply cannot afford to offer more bandwidth than your average cable ISP already provides.
Second of all, I don't think this will necessarily have a lower cost than existing connections. Cable and telephone infrastructure already exists necessarily because of other technologies; that means that cable and dsl providers really don't have much overhead on those technologies (beyond the bandwidth and the routers, which they would need anyway).
Finally, I don't think we have to "hope" that Intel gets sufficient funding; I mean, feel free to donate, but they have enough funding to develop wimax or any other technology for the next millenium.
Beyond all that, this could be a very nice innovation for one reason; Convenience.
I'm an American, and I love the US, but the imbalance of the internet towards the US has always bothered me. To me, it always has seemed that it should be a completely global venture, and be supported fairly evenly throughout the globe.
DNS servers are probably a good indicator of internet usage/participation and the fact that other countries are catching up is a good thing; however, just shy of half of the DNS servers are still in the US. That's pretty sad considering we represent less than 5% of the global population. Here's to hoping other countries continue to grow in their participation.
Also, I hope Babelfish improves as globalizations continues.....
Under ideal conditions with well-written daemons, that is true. However, many daemons run as root (either due to badly designed distributions or foolish users).
Also, by the time you have user-level access to a system, there are usually sneaky things you can do screw up the system; including but not limited to exploiting kernel bugs in pre-2.4.24 kernels that give users root access...
I love *nix. I hate Windows. But really, I don't have any delusions that my Debian box would be so much better off than Windows if it were actually being targeted by hackers.
I'm really not sure if "better" code is what is needed here (because I think the existing code is technically correct), but people are generally considering this a hole; apparently, the executable is able to display a deceptive icon in order to fool the user into opening it. Anyway, I think it will be patched, so it goes without saying if they had written the code differently (the way they'll write it for the patch), then the trojan wouldn't have been so effective (and fewer trojans is always better, right?).
There is no doubt that in this case and most other cases, deversification would have helped; my contention is only that when the world does become diversified, diversity will probably not help as much as people think (cross-platform viri, etc).
Many worms nowadays are capable of traveling along multiple protocols and containing multiple payloads. Of course, worm writers generally don't bother because there are indeed far more copies of Windows out in the wild than anything else. However, if we began to see a more substantial plurality of OSes, I suspect multiple-architecture worms would become more common place; just pick your favorite exploit from each os, and make a separate payload for each. The worm might double or triple in size (depending on the number of architectures supported), but authors won't care.
.NET/Mono might eventually make it so worm writers don't even have to include multiple payloads; just multiple exploits.
Further more, universal binaries like those associated with Java or
Maybe diversifying will help a little for a short while, but the real solution to this problem is to write better code.
To me, the content of the story is not the interesting item here; it's the fact that a well known publication in Microsoft's own stomping grounds is publishing a story like this; I for one am very proud of them.
Keep up the good work SeatlePI and Todd Bishop.
FreeBSD is nice, but it has a substantially bigger learning curve than your average GNU/Linux distro. Gentoo, however, probably has an even bigger learning curve than FreeBSD. I tried Gentoo for a while, and had the same experience that you had. There were just some things that I never got working (including some severe corruption in the portage repository). I use Debian on all my machines now and I find it to be incredibly easy to use (and Debian is also misrepresented as being one of the more difficult studies), and a very nice desktop OS (take that OSNews).
I agree with your sentiments, just don't discount GNU/Linux because of Gentoo.
The Windows base is hardly rock solid, unless you understand "Rock Solid" to mean "Full of Holes". Consider the RPC worms that came out last year (remember MSBlast?). These problems are win32 API level (something I would consider part of the base). And, this is not an isolated case; all the time, there are new holes being found in code written in the early days of NT that have propagated through today; many of them don't even get publicized because they aren't all neccessarily appropriate for spreading worms, but there are tons.
Even Linux in this department takes a back seat to FreeBSD; FreeBSD release versions have always been truly rock solid.
And even if the Linux community wasn't getting a bad reputation over this, I'm still not sure there would be anything to cheer about. I mean, who really visits the SCO website anyway (other than DDOSers)?
Maybe one or two really lonely/bored/pathetic people won't be able to get their daily scoop of SCO goodness on February first; big deal.
His assessment of the situation here was about as dead on as your assessment of his gender.
He, like most other people, is only reading highly modded posts; they are, have been, and always will be the only ones that truly matter (that's the beauty of slashcode). The people who post are not really that key to the process; everything gets said at least once - EVERYTHING - and most things get said far more often than that. What DOES matter is the moderation, and that is what best reflects the intelligent sentiments of the slashdot community.
And judging by that standard, I very much agree with the creator of this thread. The highly modded comments which had a non-"funny" qualifier were generally NOT condoning the worm, and that is very important. So important that it should have been taken into account in the article.
I've not helped to design an operating system or really any part of an operating system, but I can damn well tell you that Windows ME was a shitty OS. It doesn't take any experience for me to tell this; I can determine this by simple observation.
When the tire of my car explodes in an open road, it would not take much expertise on my part to diagnose it as a problem with my tire (they really aren't supposed to explode). And, when it happens to many other people with the same tire, it wouldn't take any expertise on my part to determine that it is probably a flaw in that tire design.
If indeed long pipelines make non-predictable/chaotic software cause more mispredicts, and I notice that those applications do indeed run more slowly (or fail to see a speed improvement) on a new, more expensive, Intel processor, then I can assume without expertise that the design of the processor is not fitting for those applications.
Also, when Intel's experienced engineers make a design decision, it might not be with the purpose of speed. In fact, I think few decisions there are. Intel, like Microsoft, is a marketing company. They like big numbers because they attract customers. Customers don't necessarily want really fast matlab, they want to be able to say "4 Ghz" because it makes them feel special.
So, please don't be frustrated with people for making simple, astute observations. Intel engineers (with over 30 years' experience) don't neccessarily have our best interests in mind.
I would like to see the effectiveness of mouse traps in a Mars environment. Maybe they should send some loaded traps up as well...
Yea, the whole article can be summed up with that quote, but I think they are WAY off on data interpretation. I know, for me, I don't hate my cell phone; I hate other people's cell phones. I hate when people in front of me at a checkout line take 3 times longer because they're boyfriend/girlfriend is having an emotional crisis. I hate stupid drivers who can't multitast nearly run me off the road while trying to conduct a business meeting in their car. I hate when I'm in a quiet relaxing environment like the library and I suddenly start hearing the "O Danny Boy" at full volume (not that I don't like all the songs that are played, I just want to choose when to listen to them). Anyway, people like being able to call people and being connected to the world. They just don't like other people being connected.
There *is* only one side. The side The Law is on.
Well, that's just about the most ridiculous thing I've ever heard on Slashdot. Are you saying that a publication shouldn't defend the actions of an individual or corporation when they are acting outside the law? I think many people here at Slashdot might have opinions about, for instance, file sharing that would run contrary to the law. And Forbes has as much right to express their viewpoints (however contrary to the law that they might be) as does a slashdot user. In fact, sometimes laws are unjust, and then it it a citizen's (or corporation's) responsibility to engage people on the matter and try to rethink the law. Now, I'm not saying that the laws which convict fax.com are unjust (most people seem to think they are just, if not soft), but I think Forbes should speak out on any law that they think is unjust (or at least show both sides as they have), no matter what the public opinion. That takes a lot of guts.
If you check the records, I think you'll find that "Maid in Manhatten" actually beat it the first weekend. We're talking the same actress who did Gigli.... out-grossed Nemesis. It would have flopped no matter what came before, after, or during its release.
Yes, and mechanics expect broken cars, teachers expect ignorant people, and doctors expect injuries. Of course, just by explaining what they "expect," security experts create more business for themselves by instilling fear in the public. Whatever.
In reference to your first point, is it your contention that nobody can be in violation of GPLed Java source code? It seems to me, no matter how trivial it is to decompile the binary, a company is in violation of the GPL if they don't release the source code themselves.
Ahh, thank you for clarifying. Actually, I've not used Slackware, and I made an (obviously incorrect) assumption that they were source-tarballs.
I would consider Debian Stable to be one of the few server-performance-oriented GNU/Linux distros out there, so I would probably try to compare it to FreeBSD, Solaris[x86], and Windows Server. Honestly, as far as they go, the installation really isn't very bad at all. As long as you're somewhat familiar with the unixesque command-line (and you really ought to be if you're running a server), its actually a very easy installation by comparison (and by installation, I mean from CD-Bootup to deployment). Even Windows Server can be very annoying if you're working with the more advances services and you don't know what you're doing.
Well, Debian hasn't screwed up KDE either, but that's besides the point.
I'm not arguing that Red Hat should be held as the quintessential RPM-based distro because they are the best, I'm saying they were the first and are therefore the representative of the group.
I don't think you are identifying problems with .deb vs .rpm, you are just dissatified with the debian installer. Red Hat just groups their packages into catagories and puts icons next to them (undoubtedly, this is what you would need in order for selection tool to not be "awkward". Plus, they have a much smaller repository (perhaps there would be less "agony" if Debians was smaller).
.deb system is as easy or hard as the installer makes it. Just look at Lindows and Xandros, both .deb based; the Xandros installer makes Red Hat's look difficult by comparison. However the Debian people usually count on their user-base preffering choice and precision during installation (isn't that what GNU/Linux is all about?).
In the end, the
Yes Yes, there are many distros; everybody who reads /. knows that. But in the long run, distros boil down to rpm-based (named for Red Hat which designed it), deb-based (debian and all derivitives), and source-based (slackware, gentoo; neither of which are in competition for the mass market though they do have a loyal following). So really, if you don't want to wait hours for things to compile, you have two major option to choose from; debian based or red-hat based package management. Thus, the assertion that debian is the "other-option" is still mostly true even in the presence of so many choices.