Yeah, and he's right, we need a good alternative to BIND. Too bad djbdns is just Bernstein's tool for trying to shape the Internet to his liking.
It isn't RFC-compliant and DJB takes the typical attitude of the cocky security programmer. For instance, he doesn't really care about implementing such unnecessary protocol add-ons as notify or ixfr, but advocates rsync - with a straight face.
Well, the problem is a bit more difficult than that. IPSec can be used with VoIP, but it isn't particularly efficient. There are special IPSec for VoIP specifications, so the problem isn't encryption, but the lack of certificates. Public key encryption is always vulnerable to man-in-the-middle attacks, be it SSH or SSL web traffic.
I'm guessing this might hold VoIP back for a little while, but when VoIP will be deployed large-scale, we will for sure see people having personal certificates. Right now, a real non-test certificate from verisign for a company web server costs 895 $ but I could see the prices going down for personal certificates, when markets for those would start to appear.
Or then there's the Finnish model, where you can get an electronic ID just like you can get a regular ID from the government. The electronic ID is the regular plastic ID card with a smart card chip. You get two certificates from the government-operated CA. All this for the measley price of 40 euros. This would be a viable choice for private persons too.
There is also a SIM card version (a WIM card) designed that will come out in the future.
But, what you or Bill think doesn't matter. What matters is the public opinion of the people buying it. I don't know whether Bill is a genius or a moron, but people are buying his product, so we really can't complain about what he's doing with it!
much more promising (supports some neat things too like drop shadows and translucent menus),
And why on earth is that promising? Where, oh where are you trying to take Linux? I thought Linus said this was the year Linux is going to break through to the desktop - if so, I think we should mainly focus on finishing up the user interface and making it more robust, not on stupid interface modification like shadows and transparency that only make it more difficult to do anything remotely useful, but look cool.
OSS isn't really a fair proposition if you don't have something to contribute.... or at least meet the developer half-way.
Eh, well isn't that exactly what ESR said? If we ever want open source to spread to user bases outside of the tweakers and engineers, we need to finish our programs.
If you turn off all non-essential services in Windows and do the same in Linux, keep your users with low privileges etc on both, and keep both systems up-to-date with patches, they're equally secure.
But break-ins don't happen through the OS-specific TCP/IP stack code, they happen through network services. You don't need to patch the OS that much - you need to patch the services.
And Apache is more secure than IIS, Sendmail more secure than Exchange (and Postfix or qmail even more secure than that). Then again IIS's ftp service is more secure than wu-ftpd, probably more secure than pro-ftpd but not as secure as OpenBSD's ftpd.
You can't judge security by OS - it all depends on the network services you choose to use. This of course explains why BSDs are at the top. The default services installed with, say OpenBSD, are more secure than the default services that come with a Fedora linux.
How can we measure how secure some software is? Well, their security history gives some pointers.
Morse code is the primary communication method during harsh conditions. From the 12 months I was in the navy, about 4 we practised morse code. The same goes for national emergencies, when cell phone networks and other electrical communications networks would be down.
Even in extremely bad radio wheather, and when all other communications networks are down, morse code is audible behind all the hiss and crackle (with good equipment).
Here in Finland, where extreme distances are a problem (our country is twice as big as England with a population of 6 million) radio amateurs have arranged a peer-to-peer network for emergencies. They have a yearly test of the network. Basically even the authorities have to trust this voluntary network when a bigger chrisis occurs.
No, the inter-symbol pause really doesn't take that much time. It actually takes only marginally longer than the pause between dots/dashes, because once you get to real morse speeds (>100 cpm) you don't really listen to the signs, you listen for the "rhythm".
However, what does take long, is the pause between words, that you have to leave to make the letters a and t stand out as a word, especially since they are both so short.
So all and all, this will speed things quite a lot.
An application that runs pretty much everywhere (Linux, Windows AND MacOSX)
GTK also run natively, without any fuss, on OSX and Windows.
A modern C++ based toolkit
What's not "modern" about GTK? You know, in most cases, programming in plain C is also the better solution, being more simple and effective.
You have only a tiny fraction of potential customers
Why? GTK runs just as easily on any OS and in any environment - besides, who even uses Gtk/QT on Windows or OSX?
You have to confront the pains of GTK+ which are lack of tools, documentation and an modern API
Well, I simply disagree on that. There are so many different helping libraries that are part of GTK/GNOME and tools like Guile that I've never felt the need for anything more. I have found the documentation, from man pages to the GTK tutorial, to be right on the spot.
It seems to me you're just a C++ programmer that likes Qt more than GTK - the points you are making aren't factual or analytic - they're just your sore feelings on the issue.
"Now that apple is beginning to behave badly, maybe it's time a free project showed what it can do with the BSD core. I'm all for this. I just wish I had more spare time!"
Slashdot Mirror
Yeah, and he's right, we need a good alternative to BIND. Too bad djbdns is just Bernstein's tool for trying to shape the Internet to his liking.
It isn't RFC-compliant and DJB takes the typical attitude of the cocky security programmer. For instance, he doesn't really care about implementing such unnecessary protocol add-ons as notify or ixfr, but advocates rsync - with a straight face.
Well, the problem is a bit more difficult than that. IPSec can be used with VoIP, but it isn't particularly efficient. There are special IPSec for VoIP specifications, so the problem isn't encryption, but the lack of certificates. Public key encryption is always vulnerable to man-in-the-middle attacks, be it SSH or SSL web traffic.
I'm guessing this might hold VoIP back for a little while, but when VoIP will be deployed large-scale, we will for sure see people having personal certificates. Right now, a real non-test certificate from verisign for a company web server costs 895 $ but I could see the prices going down for personal certificates, when markets for those would start to appear.
Or then there's the Finnish model, where you can get an electronic ID just like you can get a regular ID from the government. The electronic ID is the regular plastic ID card with a smart card chip. You get two certificates from the government-operated CA. All this for the measley price of 40 euros. This would be a viable choice for private persons too.
There is also a SIM card version (a WIM card) designed that will come out in the future.
But, what you or Bill think doesn't matter. What matters is the public opinion of the people buying it. I don't know whether Bill is a genius or a moron, but people are buying his product, so we really can't complain about what he's doing with it!
And why on earth is that promising? Where, oh where are you trying to take Linux? I thought Linus said this was the year Linux is going to break through to the desktop - if so, I think we should mainly focus on finishing up the user interface and making it more robust, not on stupid interface modification like shadows and transparency that only make it more difficult to do anything remotely useful, but look cool.
Eh, well isn't that exactly what ESR said? If we ever want open source to spread to user bases outside of the tweakers and engineers, we need to finish our programs.
But break-ins don't happen through the OS-specific TCP/IP stack code, they happen through network services. You don't need to patch the OS that much - you need to patch the services.
And Apache is more secure than IIS, Sendmail more secure than Exchange (and Postfix or qmail even more secure than that). Then again IIS's ftp service is more secure than wu-ftpd, probably more secure than pro-ftpd but not as secure as OpenBSD's ftpd.
You can't judge security by OS - it all depends on the network services you choose to use. This of course explains why BSDs are at the top. The default services installed with, say OpenBSD, are more secure than the default services that come with a Fedora linux.
How can we measure how secure some software is? Well, their security history gives some pointers.
Morse code is the primary communication method during harsh conditions. From the 12 months I was in the navy, about 4 we practised morse code. The same goes for national emergencies, when cell phone networks and other electrical communications networks would be down.
Even in extremely bad radio wheather, and when all other communications networks are down, morse code is audible behind all the hiss and crackle (with good equipment).
Here in Finland, where extreme distances are a problem (our country is twice as big as England with a population of 6 million) radio amateurs have arranged a peer-to-peer network for emergencies. They have a yearly test of the network. Basically even the authorities have to trust this voluntary network when a bigger chrisis occurs.
What, concatenated? A and T morse code concated is .-- which stands for W.
No, the inter-symbol pause really doesn't take that much time. It actually takes only marginally longer than the pause between dots/dashes, because once you get to real morse speeds (>100 cpm) you don't really listen to the signs, you listen for the "rhythm". However, what does take long, is the pause between words, that you have to leave to make the letters a and t stand out as a word, especially since they are both so short. So all and all, this will speed things quite a lot.
"Now that apple is beginning to behave badly, maybe it's time a free project showed what it can do with the BSD core. I'm all for this. I just wish I had more spare time!"
I'm all hot about it too. Guess what? The best Linux, Debian, is being ported to other kernels as we speak!