Good points. In that context, the hetrogenuous network thing does make some sense.
As far as windows...sure more people use it, but how many people are auditing the code? Its certainly not going through the same process. So i guess i should have been more explicit and said "code auditors" or "bug fixers" instead of users.
Its nice that Linus has run PPC Linux, but that does not inherently make it secure. He may have reasons for running it that have nothing whatsoever to do with security. It may even just be that a friend gave him a nice shiny new dual-G5:) Just because hes the head kernel dev does not mean that security is his biggest priority...and in fact, there are many people hacking on the kernel who specialize in it, and likely know it a lot better than he does. In other words, its neat to know what the guy is running, but it probably has little bearing, other than knowing that PPC Linux isn't likely dying out anytime soon.
I'm also no expert on PPC linux. It may in fact be as or more secure than x86. I was just throwing out some observations.
You're just describing security through obscurity...which we all know is bad. Its also not entirely true in this case, its still Linux, and depending on their configuration, a lot of exploits would still be valid.
Furthermore, PPC Linux has a smaller userbase than x86. There are fewer people working on the code, fewer people testing it, and therefore fewer bugs getting worked out. In other words, one could make a pretty good case for why there is reason to believe it is a LESS secure platform.
I think that other posters are right on the mark with other good reasons why they would choose Linux PPC, power consumption and heat being on of them. I doubt they are running G5's.
IIRC, GAIM-encryption is still pretty weak, and passes its key in the clear at the beginning of the transaction. My preferred client(naim) does the same thing actually. I guess its still probably good enough for most things, as someone has to think you're important enough to be watching when the conversation begins and the key is sent. I don't generally disclose important information over aim anyways.
IIRC, you can set jabberd up to intermediate between a single jabber login, and multiple other protocols: AIM, MSN, Yahoo, etc.
I nearly set this up myself once so i could log in with jabber from wherever i was and have access to all accounts. Ultimately, i decided ssh+screen worked for me better
I will be really surprised if this is not what google plans to do: single single sign-on for all messaging services
my understanding is that like many systems, they have just borrowed the TCP/IP stack from BSD. Windows uses that too, so that tells you how different the rest of the system can be;)
I'm no expert in this area, but a few things that should probably be mentioned: The linux kernel is modular. It is very easy to strip away the "fat" and only run the small portions of it you actually need. A navigation system isn't going to need the driver for my wacom tablet, or subsystems to control Speedstep with, for example. And also, there are I belive several tweaked real-time versions of Linux, which are even MORE stripped down, and do exactly the sort of things you are describing...the kinds of things you want a RTOS for.
I'm not tryong to say Linux has its place everywhere. Its very possible, liekly even that this OS you have just mentioned is still superior to Linux for this application in a dozen different ways. I just felt the need to mention that two of your main points don't neccesarily apply to the Linux kernel.
People who write this kind of software can probably explain to me a multitude of reasons why it makes no sense at all to even use Linux as a starting point, and i trust anyone working on something so mission-critical to know what they're doing.
I was in Vegas a few weeks ago, and I didn't see a single machine that paid out coins. Not a one. It was also hard to find any that would take them, although they do exist.
The casinos do agree with you though: people like the sound of coins hitting the payout bin. So they have the machines play sound clips of coins hitting the metal bin when you win, or cashout.
It sucks at first, but the voucher idea really is a better idea. Instead of $20 worth of quarters, i have one piece of paper. I can feed that piece of paper back into any machine in the same casino and start right back up, or cash it in at the cashiers station.
What i found testing it out at defcon is that it worked intermittently. I couldn't make out the code in the tiny font on their slides, so i'm not sure how it was supposed to work. But we tried it, and it did keep it from showing in kismet scans maybe 50% or so of the time.
Photoshop actually runs pretty well in WINE, other than recent versions. And of course theres the GIMP, which is NOT really so bad.
Desktop users aren't running legal copies of photoshop anyways, so they might as well run something they don't need to pirate. The things they are missing from photoshop are mostly things only professional graphics people(i am one myself) care about.
I'm on my second Toshiba laptop, ran Slackware on both, and all pieces of hardware on each are supported, right down to 3D acceleration so i could game:)
Also worth mentioning...chipsets matter, not manufacturers. You mention Netgear as if its a shining example of stuff that works in Linux. I own two of their wireless nics...but only because they are PrismGT and Atheros respectively, chipsets that are well supported in linux. Whatever brand is slapped on those chipsets is incidental...and Netgear has put out several products, even other revisions of the SAME CARDS that i have which have totally different chipsets, which are poorly supported.
These days almost anything you're buying is just a brand name slapped on top of a chipset that may be in a dozen different products. Chipset + price > name on the box.
The usefulness, espcially once they get more memory inside it, would be in being able to carry all of the applicatons and data you need around with you, in your pocket, and be able to turn virtually any desktop computer you happen t be near into a workstation at a moments notice WITHOUT REBOOTING IT.
And of course this thing doers have a biometric fingerprint scanner built into it, if you're the type to actually trust those to protect your data.
I think their main problem is not having stuck a microdrive in it yet. Once they work that out it'll be great. I mean hell, I bought my first laptop while in college specifically because there were no linux machines in any of the computer labs, they didn't allow installation of new software on any of the windows machines, and i needed things that most any linux distro had to get my work done. This thing would have solved the same problem for less money. Sure a USB thumb drive might too...but not if they've taken away my ability to reboot the machine cleanly. Of course they likely turn off auto-run on the CD drive so...hm.
last i checked they didn't provide anything but a live cd upon initial release. The FTP and regular ISOs get updated later...this last time it was a month or two.
Of course the stuff is there on FTPs for people to get at for the most part if one wanted to roll your own...they just don't have them setup for a nice clean upgrade in Yast right away.
ah, but there are ways of keeping the SSID from showing up in passive scanners like kismet as well. Or perhaps you haven't seen Shmoo's talks from this year's defcon yet?
distrubingly, i discovered yesterday that FreeBSD apparently does NOT require a user to set a password for root. Not during install, not ever.
Sure, you need to have added a user to wheel...but most people will for the convenience. Now you've got a machine ready to be owned by the compromise of any user account thats in wheel.
OpenBSD on the other hand, not only required I set a password for root, but also refused anything that didn't have letter, numbers, and at least one special character!
you're aware that most people have switched to SSH2 because of big vulns discovered in SSH1 right? I believe it was a man in the middle attack which was pretty much unpreventable, IIRC.
i was skeptical as well..MCSE's are not particularly well regarded. However, the MCP exam she passed seems much more in depth than just getting certified in excel:
"She has created basic Windows applications, such as a calculator and a sorting program, primarily in the C# programming language. The certification she received was as a Microsoft Certified Application Developer. She says she plans to pursue a more advanced certification, as a Microsoft Certified Solution Developer, which involves building programs into a broader system for a business."
Thats C#, not VB! I'm not an MS expert, but I say thats pretty damn good for a nine year old!
you can configure virtually any piece of hardware, and install/upgrade/remove any piece of software with Yast in Suse. It is completely point-and-click.
I just took a job for a security consulting firm, and their normal contract specifically excludes them from rights to any software i write on my own time
There are defintly some enlightened people out there:)
thanks for the "do not call" link. i've been getting more and more calls during the day, and they seem shocked when i tell them that we are already on the do not call list...
I'm going to just taking down the company name and number, and telling them that i'm reporting them right at that moment:)
i believe the problem is that linux and all kernel developers had an agrement with bitkeeper that they would get their software for free, as long as they promised not to reverse engineer the bitkeeper software.
Slashdot Mirror
As far as windows...sure more people use it, but how many people are auditing the code? Its certainly not going through the same process. So i guess i should have been more explicit and said "code auditors" or "bug fixers" instead of users.
Its nice that Linus has run PPC Linux, but that does not inherently make it secure. He may have reasons for running it that have nothing whatsoever to do with security. It may even just be that a friend gave him a nice shiny new dual-G5 :) Just because hes the head kernel dev does not mean that security is his biggest priority...and in fact, there are many people hacking on the kernel who specialize in it, and likely know it a lot better than he does. In other words, its neat to know what the guy is running, but it probably has little bearing, other than knowing that PPC Linux isn't likely dying out anytime soon.
I'm also no expert on PPC linux. It may in fact be as or more secure than x86. I was just throwing out some observations.
Furthermore, PPC Linux has a smaller userbase than x86. There are fewer people working on the code, fewer people testing it, and therefore fewer bugs getting worked out. In other words, one could make a pretty good case for why there is reason to believe it is a LESS secure platform.
I think that other posters are right on the mark with other good reasons why they would choose Linux PPC, power consumption and heat being on of them. I doubt they are running G5's.
IIRC, GAIM-encryption is still pretty weak, and passes its key in the clear at the beginning of the transaction. My preferred client(naim) does the same thing actually. I guess its still probably good enough for most things, as someone has to think you're important enough to be watching when the conversation begins and the key is sent. I don't generally disclose important information over aim anyways.
I nearly set this up myself once so i could log in with jabber from wherever i was and have access to all accounts. Ultimately, i decided ssh+screen worked for me better
I will be really surprised if this is not what google plans to do: single single sign-on for all messaging services
my understanding is that like many systems, they have just borrowed the TCP/IP stack from BSD. Windows uses that too, so that tells you how different the rest of the system can be ;)
I'm no expert in this area, but a few things that should probably be mentioned: The linux kernel is modular. It is very easy to strip away the "fat" and only run the small portions of it you actually need. A navigation system isn't going to need the driver for my wacom tablet, or subsystems to control Speedstep with, for example. And also, there are I belive several tweaked real-time versions of Linux, which are even MORE stripped down, and do exactly the sort of things you are describing...the kinds of things you want a RTOS for.
I'm not tryong to say Linux has its place everywhere. Its very possible, liekly even that this OS you have just mentioned is still superior to Linux for this application in a dozen different ways. I just felt the need to mention that two of your main points don't neccesarily apply to the Linux kernel.
People who write this kind of software can probably explain to me a multitude of reasons why it makes no sense at all to even use Linux as a starting point, and i trust anyone working on something so mission-critical to know what they're doing.
What is it about roulette that you don't think is chance? Roulette is one of the most arbitary games in a casino.
To hold a legal boxing match anywhere, there are seperate licenses involved. I imagine this is what enables Casinos to hold these kinds of events.
I was in Vegas a few weeks ago, and I didn't see a single machine that paid out coins. Not a one. It was also hard to find any that would take them, although they do exist. The casinos do agree with you though: people like the sound of coins hitting the payout bin. So they have the machines play sound clips of coins hitting the metal bin when you win, or cashout. It sucks at first, but the voucher idea really is a better idea. Instead of $20 worth of quarters, i have one piece of paper. I can feed that piece of paper back into any machine in the same casino and start right back up, or cash it in at the cashiers station.
What i found testing it out at defcon is that it worked intermittently. I couldn't make out the code in the tiny font on their slides, so i'm not sure how it was supposed to work. But we tried it, and it did keep it from showing in kismet scans maybe 50% or so of the time.
Photoshop actually runs pretty well in WINE, other than recent versions. And of course theres the GIMP, which is NOT really so bad. Desktop users aren't running legal copies of photoshop anyways, so they might as well run something they don't need to pirate. The things they are missing from photoshop are mostly things only professional graphics people(i am one myself) care about.
I'm on my second Toshiba laptop, ran Slackware on both, and all pieces of hardware on each are supported, right down to 3D acceleration so i could game :)
Also worth mentioning...chipsets matter, not manufacturers. You mention Netgear as if its a shining example of stuff that works in Linux. I own two of their wireless nics...but only because they are PrismGT and Atheros respectively, chipsets that are well supported in linux. Whatever brand is slapped on those chipsets is incidental...and Netgear has put out several products, even other revisions of the SAME CARDS that i have which have totally different chipsets, which are poorly supported.
These days almost anything you're buying is just a brand name slapped on top of a chipset that may be in a dozen different products. Chipset + price > name on the box.
The usefulness, espcially once they get more memory inside it, would be in being able to carry all of the applicatons and data you need around with you, in your pocket, and be able to turn virtually any desktop computer you happen t be near into a workstation at a moments notice WITHOUT REBOOTING IT. And of course this thing doers have a biometric fingerprint scanner built into it, if you're the type to actually trust those to protect your data. I think their main problem is not having stuck a microdrive in it yet. Once they work that out it'll be great. I mean hell, I bought my first laptop while in college specifically because there were no linux machines in any of the computer labs, they didn't allow installation of new software on any of the windows machines, and i needed things that most any linux distro had to get my work done. This thing would have solved the same problem for less money. Sure a USB thumb drive might too...but not if they've taken away my ability to reboot the machine cleanly. Of course they likely turn off auto-run on the CD drive so...hm.
last i checked they didn't provide anything but a live cd upon initial release. The FTP and regular ISOs get updated later...this last time it was a month or two. Of course the stuff is there on FTPs for people to get at for the most part if one wanted to roll your own...they just don't have them setup for a nice clean upgrade in Yast right away.
ah, but there are ways of keeping the SSID from showing up in passive scanners like kismet as well. Or perhaps you haven't seen Shmoo's talks from this year's defcon yet?
distrubingly, i discovered yesterday that FreeBSD apparently does NOT require a user to set a password for root. Not during install, not ever. Sure, you need to have added a user to wheel...but most people will for the convenience. Now you've got a machine ready to be owned by the compromise of any user account thats in wheel. OpenBSD on the other hand, not only required I set a password for root, but also refused anything that didn't have letter, numbers, and at least one special character!
you're aware that most people have switched to SSH2 because of big vulns discovered in SSH1 right? I believe it was a man in the middle attack which was pretty much unpreventable, IIRC.
try putting your public keys on a usb thumb drive. Toss putty on there as well, and you've got what you need no matter where you're at ;)
i was skeptical as well..MCSE's are not particularly well regarded. However, the MCP exam she passed seems much more in depth than just getting certified in excel: "She has created basic Windows applications, such as a calculator and a sorting program, primarily in the C# programming language. The certification she received was as a Microsoft Certified Application Developer. She says she plans to pursue a more advanced certification, as a Microsoft Certified Solution Developer, which involves building programs into a broader system for a business." Thats C#, not VB! I'm not an MS expert, but I say thats pretty damn good for a nine year old!
you can configure virtually any piece of hardware, and install/upgrade/remove any piece of software with Yast in Suse. It is completely point-and-click.
i have my little sister running it at college.
incoming is NOT free on cingular in my area, and without a plan its about $.40 a message. I'm in NE Ohio.
I just took a job for a security consulting firm, and their normal contract specifically excludes them from rights to any software i write on my own time :)
There are defintly some enlightened people out there
I hate to be the grammar nazi, but it really harms your defense of fundamentalists if you can't spell the term right ;)
thanks for the "do not call" link. i've been getting more and more calls during the day, and they seem shocked when i tell them that we are already on the do not call list... I'm going to just taking down the company name and number, and telling them that i'm reporting them right at that moment :)
i believe the problem is that linux and all kernel developers had an agrement with bitkeeper that they would get their software for free, as long as they promised not to reverse engineer the bitkeeper software.