...I can't run an AMTP server off my DSL unless I pay for a CA?
Actually, it might be more difficult than that. If you have dynamic IP from your ISP, or (in my case) you have static IP but the ISP won't change the reverse lookup to my domain, then I can't run an useful AMTP server. You can kiss DynDNS a long kiss goodnight. Even mail to your domain will be affected, so it'll be hard to be RFC compliant respective to some domain e-mail accounts (like abuse@example.com).
The relevant quote from section 4.1 :
The Subject of the certificate MUST have a fully-qualified domain
name in the Common Name (CN) field that matches the PTR record
found by a DNS query of the associated IPv4 address in the
IN-ADDR.ARPA zone.
Can a certificate authority be influenced by a government or large corporate entity to revoke a certificate?
DMCA could easily be used here to block e-mails from any domain using USA based CA's.
Just pretend I'm a German citizen living Germany, having a.de domain, and have a few mailinglists. One of the mailinglist is about how to exercise my legal fair use rights in Germany, which sometimes relates to some products from USA based companies.
Now, imagine that my CA is VeriSign. This beeing an US based company, it can be slapped with a DMCA for my mailinglist. Suddenly I got real problems sending e-mail at all.
Trying to secure a Windows box is not quite as easy as one would like. Installing a patch may silently turn on services that I've disabled (and that has happened to me), and the EULA for SP4 for Win 2000 also states that they may do so. God knows what other obscure registry settings that have been altered as well. I know, securing any operating system involves quite a bit of work, but I'm not sure how to do that on a Windows box whithout making it unusable.
...its an agreement that you have to accept which is part of their BIOS - first time you switch the machine on it comes up with a whole bunch of T&C's which you have to 'hit any key' to accept..
They have had this for at least the two years we have been buying their workstations & servers.
Not in Sweden, they don't. And we do buy quite a few of double Xeon workstations each year at my work place. But then USA comsumer "rights" are pretty strange.
When it comes time that someone actually tries to enforce one in court, the fact that no one ever reads them will make a good case for them being invalid
And those MS EULAs are quite often presented in a scrollable window where no more than 10 lines by 40 characters are visible at any time. This makes reading the EULA a real chore, and would hopefully be counted against MS in a trial.
If 80% of the computers on the Internet were running OS X or Linux don't you think there'd be more Mac and *nix malware?
I find it much easier to secure a Linux/*BSD box than a Windows one. Even though I use Win 2000 daily as a programmer. I'm pretty sure I'm not alone in that predicament.
Just keep in mind that a large part of the internet infrastructure does not run Windows, but they (the servers) still seems to do okay, apart from the odd sendmail/bind/openssh bug;-)
Not so innocent if they let themselves be infected by Blaster and haven't had the presence of mind to clean it up and patch their system.
Translation: You are running MS Windows, too dumb to know anything better while I'm the all knowing uber geek of Slashdot! Besides, I've got TONS of experience running a LARGE network of two PC from my mom's basement.
My point was just that the two errata link could give a somewhat wrong impression to the casual slashdotter.
And, yeah, I was a bit sloppy with my wording about OpenBSD "kernel" security fix. The realpath.c off-by-one buffer flaw is not part of OpenBSD kernel, and was easy fixed without any reboot:-)
Your errata link to OpenBSD is a bit misleading, but if you include the errata for
packages it's more comparable to Redhat errata.
On the other hand, Redhat 9 has 3 kernel security updates containing multipe security issues each, while OpenBSD has just one....
Re:Why can't it be more like Linux?
on
Absolute OpenBSD
·
· Score: 1
It does have the stripped down emacs clone mg as part of the default install, so bad luck for you;-)
Re:Why can't it be more like Linux?
on
Absolute OpenBSD
·
· Score: 2, Informative
The default install doesn't include emacs, so you'll have to suffer through vi.
Just use the 'mg' that is part of the default install. mg is like a stripped down emacs.
Re:I found this book to be valuable
on
Absolute OpenBSD
·
· Score: 2, Informative
Part of the problem I have had with OpenBSD is a lot of people in the OpenBSD community are strict RTFMA about any help,
If you follow the OpenBSD mailinglists you'll see that it's not quite the case. On the other hand, if you have not read the online FAQ they'll tell you so.
Note that the man-pages in OpenBSD is very good, which is not quite the case for several Linux distros.
As an example, try 'man starttls' on you favorite Linux distro, and compare it with
man starttls. Now, which one gives you the best information about how to setup starttls on your mail-server, including how to generate certificates?
I use SuSE on my desktop, but still refer to the OpenBSD man-pages for Linux work.
.... how boring for a/.-dotter. But thx for the link, so now I may use this link as my "contact my page" to important and urgent proposals from Nigeria.
Personally, I think it was the aliens that cracked GNU's FTP server. That's why I wear a tin foil hat! Thinking that SCO did it is just crazy! Everybody knows it was the greys!:)
At least this makes sense; in an out-of-body-experience LSD inspired weird way;-)
That's just ignorant. Any device driver running on the system has complete control of the system.
Yup, but the average acne-infested/.-dotter will just ignore you. Linux is God, Microsoft Windows is just an acronym for 666, and besides, *BSD is dead since GNAA rules the world.
A KDE desktop does indeed have some usability issues that should be dealt with. The test rapport is very good, and a lot of resources was put into the test to make it useful.
Incidentally, K3B was mentioned due to poor naming of it in the menu. The testers was of the opinion that a description of K3B function should be included (page 13). Actually, they made some changes in the KDE configuration (page 22) :
We would advise against using a default KDE "out of the box". The solutions described above are not part of the default configuration, but they contributed considreably to the usability of the test system.
Actually, using open source software is probably a good idea for ANY govt., since it not only gives them the opportunity to inspect the code, but also make changes.
It is also necessary to make it clear that the aim of the Bill we are discussing is not directly related to the amount of direct savings that can by made by using free software in state institutions. That is in any case a marginal aggregate value, but in no way is it the chief focus of the Bill. The basic principles which inspire the Bill are linked to the basic guarantees of a state of law, such as:
Free access to public information by the citizen.
Permanence of public data.
Security of the State and citizens.
So cost in economic terms is marginal for this gentleman. Linux Journal interviewed him.
You see, it's hard not to see that SuSE stuff as largely influenced by nationalism.
Lufthansa is a German company that have chosen to make a deal with a local German company named SuSE Gmbh. For similar reasons that US companies make similar deals. I'm pretty sure that SuSE can offer excellent Linux solutions.
This is not to day it's a bad choice, presumably the clients like the fact that the SuSE folks speak fluent German, which you probably can't say for Mandrake, RedHat, or Redflag.
Dead on.
But, you know, it still has that aura of "help our boys, damn those 3v1l feriners."
It might also help to chose a partner that does not have a great risk running afoul against US legal system (hint : SCO was in Germany told to show the evidence or shut up). Yes, SuSE does business in USA, but the company is based in EU and is doing fairly well there.
So to a large extent, buying from the local business is a sound economic decision, as it prevents you from getting locked in to a monopolist.
I would guess that Microsoft is local to US companies? Besides, quite a few monopolies are fairly local in nature, and having opportunity to buy services/goods non-locally is a boon to many a company.
If perfect competition could be insured, a policy of buying locally would be folly.
There are no such thing as a perfect competition in business, except only in the minds of some economists that are reducing every human interaction to a supply/demand model of rational agents having complete and total information.
Plase mod parent down, it does not deserve Score 4, Insightful.
Re:Ahh the justice system ...
on
Linking Dangerously
·
· Score: 4, Insightful
Glad to see the REAL criminals being put where they belong, hey aren't ALL the Enron executives still free?
Snuffing out pension funds are more than compensated by campaign contributions, in addition to handsomely paid do-nothing retirement consultancy postitions.
You are right to be concerned, as should all of us, what these new laws makes possible.
One does not need to be a fringe paranoid to concede that professor Jim Cornehls in
The USA PATRIOT ACT has a point :
If another power were to occupy the United States and institute the policies provided for in the USA PATRIOT Act--secret arrests, secret trials, secret investigations, secret deportations--the United States would be considered a police state.
Slashdot Mirror
Actually, it might be more difficult than that. If you have dynamic IP from your ISP, or (in my case) you have static IP but the ISP won't change the reverse lookup to my domain, then I can't run an useful AMTP server. You can kiss DynDNS a long kiss goodnight. Even mail to your domain will be affected, so it'll be hard to be RFC compliant respective to some domain e-mail accounts (like abuse@example.com).
The relevant quote from section 4.1 :
DMCA could easily be used here to block e-mails from any domain using USA based CA's.
Just pretend I'm a German citizen living Germany, having a .de domain, and have a few mailinglists. One of the mailinglist is about how to exercise my legal fair use rights in Germany, which sometimes relates to some products from USA based companies.
Now, imagine that my CA is VeriSign. This beeing an US based company, it can be slapped with a DMCA for my mailinglist. Suddenly I got real problems sending e-mail at all.
Trying to secure a Windows box is not quite as easy as one would like. Installing a patch may silently turn on services that I've disabled (and that has happened to me), and the EULA for SP4 for Win 2000 also states that they may do so. God knows what other obscure registry settings that have been altered as well. I know, securing any operating system involves quite a bit of work, but I'm not sure how to do that on a Windows box whithout making it unusable.
They have had this for at least the two years we have been buying their workstations & servers.
Not in Sweden, they don't. And we do buy quite a few of double Xeon workstations each year at my work place. But then USA comsumer "rights" are pretty strange.
When it comes time that someone actually tries to enforce one in court, the fact that no one ever reads them will make a good case for them being invalid
And those MS EULAs are quite often presented in a scrollable window where no more than
10 lines by 40 characters are visible at any time. This makes reading the EULA a real chore, and would hopefully be counted against MS in a trial.
I find it much easier to secure a Linux/*BSD box than a Windows one. Even though I use Win 2000 daily as a programmer. I'm pretty sure I'm not alone in that predicament.
Just keep in mind that a large part of the internet infrastructure does not run Windows, but they (the servers) still seems to do okay, apart from the odd sendmail/bind/openssh bug ;-)
Translation: You are running MS Windows, too dumb to know anything better while I'm the all knowing uber geek of Slashdot! Besides, I've got TONS of experience running a LARGE network of two PC from my mom's basement.
Oh my, this is modded up to +5 Insightful.
And, yeah, I was a bit sloppy with my wording about OpenBSD "kernel" security fix. The realpath.c off-by-one buffer flaw is not part of OpenBSD kernel, and was easy fixed without any reboot :-)
On the other hand, Redhat 9 has 3 kernel security updates containing multipe security issues each, while OpenBSD has just one....
It does have the stripped down emacs clone mg as part of the default install, so bad luck for you ;-)
Just use the 'mg' that is part of the default install. mg is like a stripped down emacs.
If you follow the OpenBSD mailinglists you'll see that it's not quite the case. On the other hand, if you have not read the online FAQ they'll tell you so.
Note that the man-pages in OpenBSD is very good, which is not quite the case for several Linux distros.
As an example, try 'man starttls' on you favorite Linux distro, and compare it with man starttls. Now, which one gives you the best information about how to setup starttls on your mail-server, including how to generate certificates?
I use SuSE on my desktop, but still refer to the OpenBSD man-pages for Linux work.
.... how boring for a /.-dotter. But thx for the link, so now I may use this link as my "contact my page" to important and urgent proposals from Nigeria.
Is the admittion tax deductible, and will you indemnify me for any infringement of my possible admittance?
He He, I've not read "Mote in Gods Eye" for quite some time. Methink I should go hunting for the book in my bookshelves.
At least this makes sense; in an out-of-body-experience LSD inspired weird way ;-)
Yup, but the average acne-infested /.-dotter will just ignore you. Linux is God, Microsoft Windows is just an acronym for 666, and besides, *BSD is dead since GNAA rules the world.
If beeing informed makes me a geek, I plead guilty as charged.
Hmm odd...one day they speak of taking sco support out of gcc, the next their ftp server gets comprised, interesting.
There are many bad things one may rightly say about SCO, but to suggest that they have anything to do with the compromise is just plain stupid!
Incidentally, K3B was mentioned due to poor naming of it in the menu. The testers was of the opinion that a description of K3B function should be included (page 13). Actually, they made some changes in the KDE configuration (page 22) :
We would advise against using a default KDE "out of the box". The solutions described above are not part of the default configuration, but they contributed considreably to the usability of the test system.
In rebuttal of letter from Microsoft Peru by Peruan Congressman Dr. Edgar Villanueva contends that :
So cost in economic terms is marginal for this gentleman. Linux Journal interviewed him.
Lufthansa is a German company that have chosen to make a deal with a local German company named SuSE Gmbh. For similar reasons that US companies make similar deals. I'm pretty sure that SuSE can offer excellent Linux solutions.
This is not to day it's a bad choice, presumably the clients like the fact that the SuSE folks speak fluent German, which you probably can't say for Mandrake, RedHat, or Redflag.
Dead on.
But, you know, it still has that aura of "help our boys, damn those 3v1l feriners."
It might also help to chose a partner that does not have a great risk running afoul against US legal system (hint : SCO was in Germany told to show the evidence or shut up). Yes, SuSE does business in USA, but the company is based in EU and is doing fairly well there.
So to a large extent, buying from the local business is a sound economic decision, as it prevents you from getting locked in to a monopolist.
I would guess that Microsoft is local to US companies? Besides, quite a few monopolies are fairly local in nature, and having opportunity to buy services/goods non-locally is a boon to many a company.
If perfect competition could be insured, a policy of buying locally would be folly.
There are no such thing as a perfect competition in business, except only in the minds of some economists that are reducing every human interaction to a supply/demand model of rational agents having complete and total information.
Plase mod parent down, it does not deserve Score 4, Insightful.
Snuffing out pension funds are more than compensated by campaign contributions, in addition to handsomely paid do-nothing retirement consultancy postitions.
One does not need to be a fringe paranoid to concede that professor Jim Cornehls in The USA PATRIOT ACT has a point :