Maybe this was intended as a joke, but it's a valid point. SELinux does not make anything more secure. Why? Because it's sufficiently complicated that most people are just going to turn it off. OpenBSD has a policy that security must be on by default, must not create a significant performance hit, and must be simple enough that people actually use it. This is the reason people trust it.
Indeed, something like http://pax.grsecurity.net/ is clearly useful, but breaks too many applications, is a kernel patch to the standard kernel that you have to apply yourself, so it's not so widely used. Neither SuSE nor RedHat supports it. OpenBSD does similar things, but they make sure that the ports and the system does not break. As a OpenBSD you don't have to do anything special, apart from installing OpenBSD, to take advantage of the security enhancements.
Blogs are turning into the second spam of the internet. Some of them are legitimate and interesting, but a vast majority are not.
In what way are the majority of blogs not legitimate? Oh wait, I'm sure there are positions available in some American company helping the Chinese government to stiffle free speech. Of course, this is entirely legitimate. But hey, Cash is King, and we won't let small things like common decency stop us for making a killing
... one of the first things that they teach you is that if somebody calls you an idiot, then duck the response. Don't stand up and loudly proclaim that you're not an idiot, you'll make a headline out of it.
KOffice, or anybody else for that matter would probably have better served their cause by not responding at all to this.
KOffice team quite simply pointed out a false statements made by a Microsoft executive about their applications, and in the process they grab some good PR as well. I think they payed better attention to the PR course than you did;-)
The current US administration has done much damage to various disarmament treaties and processes. Because of them the world is much less safer than it could be. USA has shown itself not to live by treaties it has signed, even though they insist other live by them. They attack Iraq to gain access to their oil, after first using UN to reduce Iraq to rubble.
So the sad truth is that US enemies knows they need WMD to protect themselves because USA will not feel constrained by International Law or treaties, including the ones theyve signed themselves. So now we have states hell bent on getting their own WMD for their own survival (Iran, for instance).
Only extremists (in USA and elsewhere) likes this situation.
hey see a nation that has previously sold chemical weapons to others to use,
Cite?
Precursors and dual-use technology are not the same thing as chemical weapons. The same thing applies to bacterial cultures and biological weapons.
USA sold chemical/bacteriological weapons and technology to Saddam during the Iran-Iraq war. You might have noticed that such weapons was used, including on Iraqi civil population by Saddam himself.
I guess since we've won the "war on terror", it's we can finally start to devote resources to fighting the war on free speech, expression and personal liberties.
The internationally renowned correspodent for The Independent -- the great British journalist Robert Fisk -- has been banned from entering the United States. Fisk has been covering war zones for decades, but is above all known for his incisive reporting from the Middle East for more than 20 years. His critical coverage of the Anglo-American invasion of Iraq, and the continuing occupation that has followed it, has repeatedly exposed U.S. and British government disinformation campaigns. He also has exposed how the bulk of the press reports from Iraq have been "hotel journalism" -- a phrase Fisk coined.
You have to unzip it first:). "Zip" files are well-understood and have a wealth of (portable) open-source implementations available. The extracted directories contain files that are either human-readable (the document text, plus styles and formatting) or files that were embedded in the document, kept in their original format (e.g. embed a PNG in your documents, and you can unzip your document and grab your PNG image back with nothing more than an unzipping utility!).
I whish the format would be more easily versioned in something like Subversion, except as a binary file. This would make it easier to have several persons working on the same document.
Re:Where GPL ends and propriety can start?
on
RMS Previews GPL3 Terms
·
· Score: 2, Interesting
In example if you use only MySQL, which is GPL, as database for you application, MySQL has defined this as linking, so making your own application also GPL.
Then access your MySQL database over TCP/IP or a socket. No linking involved at all, thus no problem with GPL.
Slashdot see's work as work. You got to work, come up with a new idea, change a very small pocket of the world, make a paycheck and go home.
You must have a very distorted view of what actually constitutes work for the average Slashdotter! You go to work, but the "work" is Mommy nagging the hell out of you to get out of bed before noon. Now, you get the same bright idea, as you do every morning, that relucantly following Mummy "advice" will provide you with two things:
1) Clean underwear (you're not smart enough to understand that you'll get that for free in any case), and
2) Food.
Now, the only pocket you change is your Mommies, but alas, it's only getting slimmer, but with no betterment for the human race since you may actually procreate by a pure bug (see relevant Security Advisory rated Extremely Critical)
Of course you are always home, unless you count leaving the basement to take your monthly shower into account.
Browser, shmouser..... What I want is a secure OS! Arguably, if the OS is secure enough, then you should not have problems with programs that can start executing code without permissions. Granted, it is a matter of balance, but an OS should never allow root control by an application without specific permission. Of course the default with Windows is root, but hey....
Why don't you just install
OpenBSD? Works very fine as a desktop, unless you require hardware accellerated 3D.
If this is the case, then honestly, what is the purpose of a BSD Certification? Obviously the goal of such a certification (in fact all "professional" certifications) is acceptence of BSD (or whatever the product) in the business sector. Think about it.
The BSD Certification "certifies" that you have a certain skill set level working with *BSD. This is about using an OS as distinct from creating one. So those making this BSD Certification has different goals than those creating the *BSD. See?
Have a look at the
OpenBSD Project Goals. Do you see any goal about "intended for business"? Here is the gist of it if you search the mailinglists: The OpenBSD developers develops for themselves, and that it incidentally is usefull for other is a nice bonus. They are not very interested in "markets" or "market share".
Ugh, you are so full of it... Complicated software like videocard drivers from NVIDIA are using a lot of things patented by other companies. NVIDIA pays royalties and licensing fees to these companies in order to be able to use said patented technology in their driver software. They do not have the authority to release their drivers as opensource, because that surely wouldn't fly with the companies that live off licensing their tech to companies like NVIDIA.
NVIDIA does not even release hardware documentation of their network part of their nforce chipset. The GP hit the nail : NVIDIA is opposed to release documentation/source so that alternatives may be developed.
Most contributions to open source projects nowadays come from major companies anyway: Redhat,Novell, IBM etc. etc. Complete commercially developed packages suddenly become open sourced.
Quite a few open source contributers are in effect unpaid contractors as some companies sees this as nifty way to reduce costs. There is a difference to contributing to a project like OpenBSD and a open source project with an agenda/direction set by enterprises.
Every year when I put our budget together, I cringe at the amount of dough we send to Redmond. But until FOSS gets its act together and treats the software business like a business instead of a hobby, we have little choice. Home users can get away with using half-baked stuff, but enterprises are far pickier.
I could not care less. I contribute to open source because I feel like it, and of course I work on whatever I choose to. If an enterprise want's me to do something specific that I just don't happen to be very interested in, they better pay me.
Certified, compatible implementations are available for just about any relevant platform you can imagine (yes, probably not for BSD's but that's because they are not relevant).
Hey, wasn't Java supposed to be cross platform or something? Those poor *BSD people don't have someone like IBM behind them to pay for the certification.
I don't know if there is something in Sun's licensing policies which prevent a fully GPL'ed SDK being done by someone, but I really couldn't care less about "open source" Java SDK or runtime environment. SDK's are essentially free anyway and they work well; whether they are open source or closed source is totally irrelevant.
So in which way is Sun Java policies any different in effect than Microsoft's.NET policies?
Is there a reasonable cost, relatively low power RAID-5 setup for home networks?
RAID-5 for home networks is a solution looking for a problem. RAID-5 is nice for minimizing down time, but for a home network that is very seldom the case.
You see, the problem is usually not that my harddisk failed, but that I need to get an older version of a file, or get a file I deleted by accident. RAID-5 is utterly useless for this. For most home users it's better to use something like
rsnapshot
and take daily/hourly snapshots of their main harddisk to other hardisks.
Funnily enough, in the responses to the upcoming BSD certifiction, some of the respondents said that skilled/expert administrators should not have to look in the man pages. But if this is the attitude, my guess is that they don't read man pages very often, and thus miss all the new fun stuff:-)
As far as I know, the computational overhead of the higher-bit keys isn't that significant, so it's probably not doing any actual harm. It'll slow down initial key negotiation and session setup, but it shouldn't affect traffic overhead, because that's encrypted with a symmetric cipher that was negotiated with the (very slow) public-key protocol.
The generation of server keys will take _much_ longer time on some architectures, and this was actually one of the arguments of not increasing the key length earier. Of course, 1024 was considered "safe enough", though.
I've met Stallman and de Raadt and they're both assholes. But the world needs a few people that are willing to be assholes.
He gets results. For example, giving out contact information isn't the nicest way to get hardware docs and firmware, but it works.
de Raadt only releases contact information when everything else has failed for several months. The latest incident with Adaptec is an example of this.
Re:Which idiot makes this insightfull?
on
OpenSSH 4.2 released
·
· Score: 0, Offtopic
So we must stop using one of the worlds best security software because somebody does not like Theo de Raadt?
Are you mod fucking insane?
There are also many moderators that abuse the moderation system by modding down posts they don't agree with. It's so rampant that I usually meta moderate troll/flamebait as unfair.
The mysql dual licence was actually hiding a deeper schizophrenia that has just now showed itself. Apparently, they never believed they could really make enough money with GPL'ed software, so now they are doing this.
Huh? Their software is still GPL so you can use it for free, but if you want to extend MySQL and keep the changes for yourself then you buy the commercial license. Same thing for the GUI toolkit Qt from Trolltech, or the 3D library
Coin3D for instance.
The owners of the software gives you a choice between two licenses : GPL or a commercial one. So why all these complaints for software that they let you use for free?
Slashdot Mirror
Maybe this was intended as a joke, but it's a valid point. SELinux does not make anything more secure. Why? Because it's sufficiently complicated that most people are just going to turn it off. OpenBSD has a policy that security must be on by default, must not create a significant performance hit, and must be simple enough that people actually use it. This is the reason people trust it.
Indeed, something like http://pax.grsecurity.net/ is clearly useful, but breaks too many applications, is a kernel patch to the standard kernel that you have to apply yourself, so it's not so widely used. Neither SuSE nor RedHat supports it. OpenBSD does similar things, but they make sure that the ports and the system does not break. As a OpenBSD you don't have to do anything special, apart from installing OpenBSD, to take advantage of the security enhancements.
In what way are the majority of blogs not legitimate? Oh wait, I'm sure there are positions available in some American company helping the Chinese government to stiffle free speech. Of course, this is entirely legitimate. But hey, Cash is King, and we won't let small things like common decency stop us for making a killing
KOffice, or anybody else for that matter would probably have better served their cause by not responding at all to this.
KOffice team quite simply pointed out a false statements made by a Microsoft executive about their applications, and in the process they grab some good PR as well. I think they payed better attention to the PR course than you did ;-)
So the sad truth is that US enemies knows they need WMD to protect themselves because USA will not feel constrained by International Law or treaties, including the ones theyve signed themselves. So now we have states hell bent on getting their own WMD for their own survival (Iran, for instance).
Only extremists (in USA and elsewhere) likes this situation.
USA sold chemical/bacteriological weapons and technology to Saddam during the Iran-Iraq war. You might have noticed that such weapons was used, including on Iraqi civil population by Saddam himself.
Go search http://www.zmag.org/ for articles about this.
The war on free speech is ongoing, as can be seen in U.S.BARS ROBERT FISK FROM ENTERING COUNTRY :
I whish the format would be more easily versioned in something like Subversion, except as a binary file. This would make it easier to have several persons working on the same document.
Then access your MySQL database over TCP/IP or a socket. No linking involved at all, thus no problem with GPL.
You must have a very distorted view of what actually constitutes work for the average Slashdotter! You go to work, but the "work" is Mommy nagging the hell out of you to get out of bed before noon. Now, you get the same bright idea, as you do every morning, that relucantly following Mummy "advice" will provide you with two things:
1) Clean underwear (you're not smart enough to understand that you'll get that for free in any case), and
2) Food.
Now, the only pocket you change is your Mommies, but alas, it's only getting slimmer, but with no betterment for the human race since you may actually procreate by a pure bug (see relevant Security Advisory rated Extremely Critical)
Of course you are always home, unless you count leaving the basement to take your monthly shower into account.
Why don't you just install OpenBSD? Works very fine as a desktop, unless you require hardware accellerated 3D.
The BSD Certification "certifies" that you have a certain skill set level working with *BSD. This is about using an OS as distinct from creating one. So those making this BSD Certification has different goals than those creating the *BSD. See?
Have a look at the OpenBSD Project Goals. Do you see any goal about "intended for business"? Here is the gist of it if you search the mailinglists: The OpenBSD developers develops for themselves, and that it incidentally is usefull for other is a nice bonus. They are not very interested in "markets" or "market share".
NVIDIA does not even release hardware documentation of their network part of their nforce chipset. The GP hit the nail : NVIDIA is opposed to release documentation/source so that alternatives may be developed.
Quite a few open source contributers are in effect unpaid contractors as some companies sees this as nifty way to reduce costs. There is a difference to contributing to a project like OpenBSD and a open source project with an agenda/direction set by enterprises.
I could not care less. I contribute to open source because I feel like it, and of course I work on whatever I choose to. If an enterprise want's me to do something specific that I just don't happen to be very interested in, they better pay me.
Hey, wasn't Java supposed to be cross platform or something? Those poor *BSD people don't have someone like IBM behind them to pay for the certification.
I don't know if there is something in Sun's licensing policies which prevent a fully GPL'ed SDK being done by someone, but I really couldn't care less about "open source" Java SDK or runtime environment. SDK's are essentially free anyway and they work well; whether they are open source or closed source is totally irrelevant.
So in which way is Sun Java policies any different in effect than Microsoft's .NET policies?
RAID-5 for home networks is a solution looking for a problem. RAID-5 is nice for minimizing down time, but for a home network that is very seldom the case.
You see, the problem is usually not that my harddisk failed, but that I need to get an older version of a file, or get a file I deleted by accident. RAID-5 is utterly useless for this. For most home users it's better to use something like rsnapshot and take daily/hourly snapshots of their main harddisk to other hardisks.
Funnily enough, in the responses to the upcoming BSD certifiction, some of the respondents said that skilled/expert administrators should not have to look in the man pages. But if this is the attitude, my guess is that they don't read man pages very often, and thus miss all the new fun stuff :-)
The generation of server keys will take _much_ longer time on some architectures, and this was actually one of the arguments of not increasing the key length earier. Of course, 1024 was considered "safe enough", though.
He gets results. For example, giving out contact information isn't the nicest way to get hardware docs and firmware, but it works.
de Raadt only releases contact information when everything else has failed for several months. The latest incident with Adaptec is an example of this.
Are you mod fucking insane?
There are also many moderators that abuse the moderation system by modding down posts they don't agree with. It's so rampant that I usually meta moderate troll/flamebait as unfair.
Huh? Their software is still GPL so you can use it for free, but if you want to extend MySQL and keep the changes for yourself then you buy the commercial license. Same thing for the GUI toolkit Qt from Trolltech, or the 3D library Coin3D for instance.
The owners of the software gives you a choice between two licenses : GPL or a commercial one. So why all these complaints for software that they let you use for free?
He is too busy looting Iraq.
For some reason there is no option to never trust certain certificates.
Erh, I guess that should be pennies :-)