Don't know if this has been mentioned yet but this post is from last October.
MLB.tv did something similar a year or so ago where they switched from something that is actually meant to play video (WMP) to something that I can't really tell what it's meant to do (Silverlight). They had a similar deal where once you opted in you couldn't change back to WMP. They had (have?) all the same kinds of problems with it not working for people or just being worse quality.
Now this has happened a second time with a completely separate content provider and I don't know what to think other than that Silverlight is synonymous with crummy picture quality and choppy playback.
Don't fret, I'm sure MLBAM is hard at work coming up with new ways to hassle their customers.
Like removing the "classic player" for no other reason than to shove Silverlight down peoples' throats before it was ready (even on Windows).
Interesting, you admit you're outside the bell curve and then expect corporations to learn from your example? I think it'd be more worth it to them to pay attention to the middle of that bell curve.:-)
You know well why they'll keep doing stuff like the rootkit thing. Most people don't care, and the ones who do aren't present in large enough numbers for them to change their strategy.
It's because unless you are using a master password (in which case you'd need to enter it correctly after clicking "show passwords"), the data is stored unencrypted on disk anyway, just base64 encoded (obfuscated). You could go to the Firefox profile directly and un-base64 the file and see all the passwords. Having that option in the UI prevents the user from having a false sense of security that passwords are somehow safe even without a master password.
Ubuntu may not have something called "shadow copy", but if you use LVM, you can create snapshots to get the same effect. I don't know if the Ubuntu installer lets you install to LVM partitions, but it's definitely possible with Linux. It's how I do my backups.
Users shouldn't be able to get root access on their own machines? Users shouldn't be able to reboot their machines and get into single-user mode? At that point they can become whatever user ID they want and not even LDAP or Kerberos can help you. Maybe that could help you with v4 but as someone stated earlier, it's a mess. Plus, who uses it? Anything that is marked "experimental" in big letters in the kernel config is not gonna get the stamp of approval.
If you let people plug their own laptops into your network, this very real issue will screw you even harder.
First of all, Windows does support NFS. Secondly, NFS security is a joke. All you have to do is change the user ID of your user on your machine to the user ID of the person you want to steal files from on the file server. Gods help your server admin if he doesn't have root_squash enabled. Then all you have to do is su to root on your machine, and you have access to everything on the file server.
SMB has actual security and checks on the server side. Hence you have to type a password with mount -t smb, but not with mount -t nfs. Doesn't it seem kind of suspect when you don't have to enter a password with NFS?
Binary blobs with an open-source shim. People get a bad taste in their mouth because of difficulties getting nvidia or ati (specifically ati) binary drivers to work. However, I think that if the binary drivers were prepared by someone who actually knows what he's doing (say, a Linux kernel dev) instead of a corporation that treats Linux users like second-class customers (and who in all fairness wants to focus on the hardware), users would have a lot easier time getting them to work.
Linux devs could also insist on a no-BS distribution agreement that allows them to ship the binary driver with distros without the hassles you see with proprietary drivers today, if not the kernel itself somehow (not sure of the policy on binary stuff in the kernel). I know the old pwc driver was like this; it was removed I think mostly for political reasons, you can see for yourself: http://www.smcc.demon.nl/webcam/
Thanks for the heads up, this definitely is something to look forward to.
I have a question, or rather just a comment, regarding the footnote on page 5 of the document, where they explain why they can't use extended attributes because they're not supported everywhere. It's just too bad. I personally have them enabled (so I can use ACL's) and whenever I use a system that doesn't have them enabled, I feel like I'm in the dark ages. rdiff-backup can already handle extended attributes, and it seems so much cleaner than storing them in the file contents. Of course, I'm sure the file format wasn't designed by monkeys. Still, it's too bad.
The footnote goes on to say that EA's are used for caching (when available), which seems to agree with my (mostly unfounded) assumption that EA's would be better for performance. I would not be so bold as to assume that using EA's exclusively on filesystems where they are supported was something that hadn't been considered, so I wonder what was the technical reason that it isn't done in this way?
How does this compare to dm-crypt and LUKS? Their page doesn't make any mention of either, and it seems like reinventing the wheel. dm-crypt is already in kernel and uses the idea of stacked block devices (/dev/hda1 is encrypted but/dev/mapper/hda1 is unencrypted). With LUKS, key information is stored in a standard format in the partition header. Things like multiple passwords, etc., are supported.
Actually, when I run OOo 2.0 on KDE, there is rudimentary support for KIO slaves. But as long as they both use OpenDocument, they both have equal right to exist.
Let me know when they provide RSS feeds for tracking shipments. The thing they just added for searching for tracking numbers is a step in the right direction, though.
Make it so when the user hits the Page Down key, a horizontal line appears for a few seconds where the old bottom of the page was, then fades away. So when you're reading long sections of text and hit Page Down, your eye can quickly scan to where you left off.
Slashdot Mirror
They should do that and also stamp DECEASED in red block letters diagonally across the picture, like you see on someone's file in the movies.
Don't know if this has been mentioned yet but this post is from last October.
MLB.tv did something similar a year or so ago where they switched from something that is actually meant to play video (WMP) to something that I can't really tell what it's meant to do (Silverlight). They had a similar deal where once you opted in you couldn't change back to WMP. They had (have?) all the same kinds of problems with it not working for people or just being worse quality.
Now this has happened a second time with a completely separate content provider and I don't know what to think other than that Silverlight is synonymous with crummy picture quality and choppy playback.
Don't fret, I'm sure MLBAM is hard at work coming up with new ways to hassle their customers. Like removing the "classic player" for no other reason than to shove Silverlight down peoples' throats before it was ready (even on Windows).
No comment on the Times' own slight of Brooklyn, as they mysteriously listed it last, as opposed to immediately following New York?
Interesting, you admit you're outside the bell curve and then expect corporations to learn from your example? I think it'd be more worth it to them to pay attention to the middle of that bell curve. :-)
You know well why they'll keep doing stuff like the rootkit thing. Most people don't care, and the ones who do aren't present in large enough numbers for them to change their strategy.
cat (base64 it in your head) | base64 -d > a.out
It'd be crazy to assume they aren't already doing this.
It's because unless you are using a master password (in which case you'd need to enter it correctly after clicking "show passwords"), the data is stored unencrypted on disk anyway, just base64 encoded (obfuscated). You could go to the Firefox profile directly and un-base64 the file and see all the passwords. Having that option in the UI prevents the user from having a false sense of security that passwords are somehow safe even without a master password.
Ubuntu may not have something called "shadow copy", but if you use LVM, you can create snapshots to get the same effect. I don't know if the Ubuntu installer lets you install to LVM partitions, but it's definitely possible with Linux. It's how I do my backups.
Users shouldn't be able to get root access on their own machines? Users shouldn't be able to reboot their machines and get into single-user mode? At that point they can become whatever user ID they want and not even LDAP or Kerberos can help you. Maybe that could help you with v4 but as someone stated earlier, it's a mess. Plus, who uses it? Anything that is marked "experimental" in big letters in the kernel config is not gonna get the stamp of approval.
If you let people plug their own laptops into your network, this very real issue will screw you even harder.
sshfs has been good to me lately. It needs fuse, but OSX has that now. Windows clients should should just connect to a Samba server.
First of all, Windows does support NFS. Secondly, NFS security is a joke. All you have to do is change the user ID of your user on your machine to the user ID of the person you want to steal files from on the file server. Gods help your server admin if he doesn't have root_squash enabled. Then all you have to do is su to root on your machine, and you have access to everything on the file server.
SMB has actual security and checks on the server side. Hence you have to type a password with mount -t smb, but not with mount -t nfs. Doesn't it seem kind of suspect when you don't have to enter a password with NFS?
The article mentions an "ionice".
Binary blobs with an open-source shim. People get a bad taste in their mouth because of difficulties getting nvidia or ati (specifically ati) binary drivers to work. However, I think that if the binary drivers were prepared by someone who actually knows what he's doing (say, a Linux kernel dev) instead of a corporation that treats Linux users like second-class customers (and who in all fairness wants to focus on the hardware), users would have a lot easier time getting them to work.
Linux devs could also insist on a no-BS distribution agreement that allows them to ship the binary driver with distros without the hassles you see with proprietary drivers today, if not the kernel itself somehow (not sure of the policy on binary stuff in the kernel). I know the old pwc driver was like this; it was removed I think mostly for political reasons, you can see for yourself: http://www.smcc.demon.nl/webcam/
Thanks for the heads up, this definitely is something to look forward to.
I have a question, or rather just a comment, regarding the footnote on page 5 of the document, where they explain why they can't use extended attributes because they're not supported everywhere. It's just too bad. I personally have them enabled (so I can use ACL's) and whenever I use a system that doesn't have them enabled, I feel like I'm in the dark ages. rdiff-backup can already handle extended attributes, and it seems so much cleaner than storing them in the file contents. Of course, I'm sure the file format wasn't designed by monkeys. Still, it's too bad.
The footnote goes on to say that EA's are used for caching (when available), which seems to agree with my (mostly unfounded) assumption that EA's would be better for performance. I would not be so bold as to assume that using EA's exclusively on filesystems where they are supported was something that hadn't been considered, so I wonder what was the technical reason that it isn't done in this way?
How does this compare to dm-crypt and LUKS? Their page doesn't make any mention of either, and it seems like reinventing the wheel. dm-crypt is already in kernel and uses the idea of stacked block devices (/dev/hda1 is encrypted but /dev/mapper/hda1 is unencrypted). With LUKS, key information is stored in a standard format in the partition header. Things like multiple passwords, etc., are supported.
It seems like I can already find just about every music video I want on there. Certainly beats launch.com and their 1:1 video to ad ratio.
Actually, when I run OOo 2.0 on KDE, there is rudimentary support for KIO slaves. But as long as they both use OpenDocument, they both have equal right to exist.
Exactly. Last time I tried KOffice, its OOo import support was really bad. Hopefully now with OpenDocument that's changed.
Let me know when they provide RSS feeds for tracking shipments. The thing they just added for searching for tracking numbers is a step in the right direction, though.
As pointed out in other areas of the thread, it seems only to "work" when opening in a new window, not a new tab.
No problem on Konqueror 3.3.1. On their site though, they said the Konqueror version they found the problem in was a 3.2 version.
I'm pretty sure you can hit Ctrl+L in the file selector to bring up a location box.
Do a search for Bill Gates from the front page. Only thing that shows up is a death record :-/.
Make it so when the user hits the Page Down key, a horizontal line appears for a few seconds where the old bottom of the page was, then fades away. So when you're reading long sections of text and hit Page Down, your eye can quickly scan to where you left off.