>You don't seriously think the Intel board sat down and said, "hey let's maliciously fuck-over the OLPC project"?
Maybe not in those exact words but basically, yes. FTFA: "She tried to persuade a Peruvian official to drop the country's commitment to buy a quarter-million of the organization's laptops in favor of Intel PCs."
> If I want to go to gmail, my bank, whatever, > I'm definitely not going to follow a link from some random website or e-mail.
The bigger picture is coupled with XSS (http://en.wikipedia.org/wiki/Cross-site_scripting) or a writeable web root*, you could be redirected without even knowing it. Malware could also drop a local web page on your computer and redirect you there to offer up the exploit. How about when you purchase things on Ebay and click "Continue to my PayPal account". For every person like yourself who is extra careful, there are 1000 people that are not**. This is why exploits like this are such a big deal.
It's hard to type on if you're used to regular sized keyboards, but it gets the job done. Three hours of battery life isn't that great considering the OLPC gets about 12, and better protected from the environment too. ftfa: "It's endless world of hardware modifications that smart people worldwide have embraced" Um.. what the hell is that supposed to mean?
And one that too many companies are willing to put gamble with. Many IT shops haven't got the experience in house to maintain security so they shop around for the doitallforyousecuritygizmo to do it for them. These gizmos are usually 90% snake oil with a hefty support contract. There is also a big lapse in education and awareness across all facets of the security realm. Programmers think security is up to Layer 1 and that they are free to break all the rules at layer 7. Windows admins think security means that if Bitdefender doesn't complain, everything must be peachy and that having software installed through ActiveX by a remote website is just a prank. Management is made up more of bean counters than technically savvy personnel. In the end, it seems management views a spin-of-the-wheel as being more cost effective than re-training a bunch of people that can't see past the Whack-a-Monkey javascript they just got in their inbox.
Don't ever forget that. When you install Fedora, it's understood that the software being installed may not be production software. Fedora exists to be a test bed for RHEL, and that equates to accepting that some stuff just ain't gonna' work. On the lighter side, you can run Fedora with this understanding and help file bug reports to make RHEL and CentOS a better product. Ubuntu, on the other hand, is not a test bed for anything. There may be a certain amount of bleeding-edge stuff in there, but the intent of the distribution is far different than that of Fedora. Fedora is a good way of giving back to the community if you choose to follow up with bug reports.
Since when is it acceptable for software to allow remote install of keystroke loggers and malware? How about vendor lockin? Forced hardware upgrades? This is acceptable too? Microsoft software is *not* acceptable and that's the whole point behind alternatives. The market is shifting, it's just that the U.S.A. is being left behind -- by their own doing.
I think the OLPC project is indeed about education as Negroponte keeps insisting. The magic isn't in the laptop hardware (ok, some of it is revolutionary, such as the display) but more in the potential for collaboration and learning. It's a laptop designed to be an education tool and designed for learning. The paradigm behind it is very different than what microsoft, intel and asus are in it for, and that changes the results significantly.
the dependcies for vim are out of control
on
Hacking VIM
·
· Score: 1, Redundant
vim (vi) used to be a nice lightweight editor but feature creep and bloat with dependencies on things like vim-common, vim-enhanced, x11 and athena have made it useless for anything lightweight.
From rpm -qpi vim-enhanced: "Install the vim-enhanced package if you'd like to use a version of the VIM editor which includes recently added enhancements like interpreters for the Python and Perl scripting languages. You'll also need to install the vim-common package."
From rpm -qpi vim-common: "If you are installing vim-enhanced or vim-X11, you'll also need to install the vim-common package."
> You're about to learn what the business world is really like.
I think you should add dishonest in front of business world. I've done a fair share of consulting with ethical businesses where they want to keep their street clean in regards to copied code. It's far better to catch this stuff before it heads off to production instead of years down the road. Some companies will have Policies regarding this type of incident also, so it may pay to look into that also. By and large, if you are working for a place that doesn't have a lot of regard for ethics, you'll probably be getting fired before you hit retirement age anyway. All that stuff comes full circle in the end.
> could just ignore Nigerian law and be just fine.
"a US-based, Nigerian-owned company has now filed a patent-infringement lawsuit"
For some reason, I don't think Nigerian law had as much to do with the lawsuit. We probably need to consult the lawbooks governing Redmond, Washington I suspect.
In 1976 they stated, "It is concluded that wind moves the stones when conditions are just right, that this normally happens at least every one to three years on Racetrack Playa, and that ice sheets are not necessary." (Sharp and Carey, 1976).
XP and Vista finish last in terms of stability and security. Eye candy, they are the front runners. Depending on the demographic, the competition will differ. Microsoft found out that people are sick of adopting garbage, that's why Vista will not fly unless it gets forced down the consumer's throat - which it will. For now however, I disagree that XP and Vista are competing on any kind of playing field other than Microsoft's own turf. The alternatives (linux, macintosh, bsd) are becoming more available and more widely adopted.
> Seems like Negreponte is letting his ego cloud his vision.
In the context of capitalism, you are correct, however that paradigm doesn't quite fit here. I don't believe monetary sustenance is what Negroponte has as the primary focus for the OLPC project. Businesses like Microsoft and Intel don't know how to function unless they have some kind of racketeering operation brooding to guarantee profits. I suspect MS and Intel will continue to play dirty until they get what they want; which is, they want sole proprietorship of the market share.
Electric cars are a nice thought, but I think it's too little, too late. Coal fired power plants will need to increase their output to make up for the energy demand lost to crude oil. Consumers will be more extravagant with their travel choices because "it's Ok, I have an electric car and not polluting". Meanwhile Big Energy reaps more dollars. There needs to be an alternative fuel source that is environmentally friendly and can produce a greater amount of energy than it takes to produce it. Would you spend 10 pounds of uranium to generate enough electricity to produce 8 pounds of hydrogen? In essence, electric cars are just a trade off that makes the consumer feel good. People need to start using less energy or things are going to get very difficult in the near future.
> I don't remember the last time I had a virus take down more than a couple of machines
Do you mean the last one you caught was a year ago, or that your metrics date back a year and show remediation and assesment has been effective?
A lot of the windows exploits have moved* beyond the brain-dead slammer worm that let you know something was hosed. From my experience, many IT shops haven't got the resources, software or experience to stay ahead of the technical level of the malware that is coming down the pike. It seems to me that the malware authors have been going to school while the IT industry has been playing hookey. I'm not picking on Windows even though it makes a great target; Linux, Mac and the other alternatives need to be thinking about how userland can be exploited by the same means - otherwise, we've merely traded one sinking ship for another.
> Four graphics cards! Now that sounds like a gamer's wet dream.
Yes, but unlike wet dreams, 4 gfx cards take a lot more power off the grid. At some point, people are going to have to get by without excessive dependency on energy. It's really just a matter of how bad things will get before people start thinking about conservative choices.
Sucking up mass jigawatts of power off the grid to juice 4 video cards for gaming is insane. The target groups for this rig are people with compensation problems or ones with no concept or care for energy conservation. We're moving in the wrong direction folks.
What does Kyocera get? The right to use patented Microsoft technology in its printers, copiers and "certain Linux-based embedded devices."
This seems to say that Kyocera will get it's ass in a sling putting Microsoft crap into an embedded linux cellphone or something. This is hardly what the article title seems to be suggesting. In fact, tfa seems to suggest the M$ is allowing certain linux embedded devices to employ it's IP. I hate M$ just as much as the next linux geek, but I call bullshit whichever side of the fence it's on.
> What do you mean by this?
I had read that Xen was not able to support GUI environments and could only be used with textmode/console based OS flavors. Perhaps I've misunderstood.
> For example, you may have a stand-alone java app at multiple locations that can query > the database directly, so you'd definitely open up the port.
Fine, but this is where ip filtering, along with service metrics, are prudent, responsible and a necessity. It seems there is a knowledge and motivation gap with much of this paradigm however; most people are simply too lazy, too time burdened, or haven't any interest in taking appropriate security precautions. This is why we have such large, commonplace data breaches where everyone stands around saying "how did this happen". Articles like this alert people to the larger problem and make them think.
Slashdot Mirror
>You don't seriously think the Intel board sat down and said, "hey let's maliciously fuck-over the OLPC project"?
Maybe not in those exact words but basically, yes. FTFA: "She tried to persuade a Peruvian official to drop the country's commitment to buy a quarter-million of the organization's laptops in favor of Intel PCs."
> If I want to go to gmail, my bank, whatever,
> I'm definitely not going to follow a link from some random website or e-mail.
The bigger picture is coupled with XSS (http://en.wikipedia.org/wiki/Cross-site_scripting) or a writeable web root*, you could be redirected without even knowing it. Malware could also drop a local web page on your computer and redirect you there to offer up the exploit. How about when you purchase things on Ebay and click "Continue to my PayPal account". For every person like yourself who is extra careful, there are 1000 people that are not**. This is why exploits like this are such a big deal.
[*] - http://blogs.zdnet.com/security/?p=15
[**] - http://en.wikipedia.org/wiki/Storm_botnet
It's hard to type on if you're used to regular sized keyboards, but it gets the job done. Three hours of battery life isn't that great considering the OLPC gets about 12, and better protected from the environment too. ftfa: "It's endless world of hardware modifications that smart people worldwide have embraced" Um.. what the hell is that supposed to mean?
And one that too many companies are willing to put gamble with. Many IT shops haven't got the experience in house to maintain security so they shop around for the doitallforyousecuritygizmo to do it for them. These gizmos are usually 90% snake oil with a hefty support contract. There is also a big lapse in education and awareness across all facets of the security realm. Programmers think security is up to Layer 1 and that they are free to break all the rules at layer 7. Windows admins think security means that if Bitdefender doesn't complain, everything must be peachy and that having software installed through ActiveX by a remote website is just a prank. Management is made up more of bean counters than technically savvy personnel. In the end, it seems management views a spin-of-the-wheel as being more cost effective than re-training a bunch of people that can't see past the Whack-a-Monkey javascript they just got in their inbox.
Don't ever forget that. When you install Fedora, it's understood that the software being installed may not be production software. Fedora exists to be a test bed for RHEL, and that equates to accepting that some stuff just ain't gonna' work. On the lighter side, you can run Fedora with this understanding and help file bug reports to make RHEL and CentOS a better product. Ubuntu, on the other hand, is not a test bed for anything. There may be a certain amount of bleeding-edge stuff in there, but the intent of the distribution is far different than that of Fedora. Fedora is a good way of giving back to the community if you choose to follow up with bug reports.
> They make *acceptable* products
Since when is it acceptable for software to allow remote install of keystroke loggers and malware? How about vendor lockin? Forced hardware upgrades? This is acceptable too? Microsoft software is *not* acceptable and that's the whole point behind alternatives. The market is shifting, it's just that the U.S.A. is being left behind -- by their own doing.
I wonder what hitting a duck at 10,000 mph would be like.
I think the OLPC project is indeed about education as Negroponte keeps insisting. The magic isn't in the laptop hardware (ok, some of it is revolutionary, such as the display) but more in the potential for collaboration and learning. It's a laptop designed to be an education tool and designed for learning. The paradigm behind it is very different than what microsoft, intel and asus are in it for, and that changes the results significantly.
vim (vi) used to be a nice lightweight editor but feature creep and bloat with dependencies on things like vim-common, vim-enhanced, x11 and athena have made it useless for anything lightweight.
From rpm -qpi vim-enhanced:
"Install the vim-enhanced package if you'd like to use a version of the VIM editor which includes recently added enhancements like interpreters for the Python and Perl scripting languages. You'll also
need to install the vim-common package."
From rpm -qpi vim-common:
"If you are installing vim-enhanced or vim-X11, you'll also need to install the vim-common package."
I think we've got a pretty good head start in that category already. Another one isn't really going to matter.
> I've seen him kick a piñata to pieces with a single roundhouse kick.
This was undoubtedly Chuck Norris with one leg tied behind his back.
> You're about to learn what the business world is really like.
I think you should add dishonest in front of business world. I've done a fair share of consulting with ethical businesses where they want to keep their street clean in regards to copied code. It's far better to catch this stuff before it heads off to production instead of years down the road. Some companies will have Policies regarding this type of incident also, so it may pay to look into that also. By and large, if you are working for a place that doesn't have a lot of regard for ethics, you'll probably be getting fired before you hit retirement age anyway. All that stuff comes full circle in the end.
> could just ignore Nigerian law and be just fine.
"a US-based, Nigerian-owned company has now filed a patent-infringement lawsuit"
For some reason, I don't think Nigerian law had as much to do with the lawsuit.
We probably need to consult the lawbooks governing Redmond, Washington I suspect.
> But it seems they have no real conclusion too.
In 1976 they stated, "It is concluded that wind moves the stones when conditions are just right, that this normally happens at least every one to three years on Racetrack Playa, and that ice sheets are not necessary." (Sharp and Carey, 1976).
XP and Vista finish last in terms of stability and security. Eye candy, they are the front runners. Depending on the demographic, the competition will differ. Microsoft found out that people are sick of adopting garbage, that's why Vista will not fly unless it gets forced down the consumer's throat - which it will. For now however, I disagree that XP and Vista are competing on any kind of playing field other than Microsoft's own turf. The alternatives (linux, macintosh, bsd) are becoming more available and more widely adopted.
> Seems like Negreponte is letting his ego cloud his vision.
In the context of capitalism, you are correct, however that paradigm doesn't quite fit here. I don't believe monetary sustenance is what Negroponte has as the primary focus for the OLPC project. Businesses like Microsoft and Intel don't know how to function unless they have some kind of racketeering operation brooding to guarantee profits. I suspect MS and Intel will continue to play dirty until they get what they want; which is, they want sole proprietorship of the market share.
Electric cars are a nice thought, but I think it's too little, too late. Coal fired power plants will need to increase their output to make up for the energy demand lost to crude oil. Consumers will be more extravagant with their travel choices because "it's Ok, I have an electric car and not polluting". Meanwhile Big Energy reaps more dollars. There needs to be an alternative fuel source that is environmentally friendly and can produce a greater amount of energy than it takes to produce it. Would you spend 10 pounds of uranium to generate enough electricity to produce 8 pounds of hydrogen? In essence, electric cars are just a trade off that makes the consumer feel good. People need to start using less energy or things are going to get very difficult in the near future.
> I don't remember the last time I had a virus take down more than a couple of machines
Do you mean the last one you caught was a year ago, or that your metrics date back a year and show remediation and assesment has been effective?
A lot of the windows exploits have moved* beyond the brain-dead slammer worm that let you know something was hosed. From my experience, many IT shops haven't got the resources, software or experience to stay ahead of the technical level of the malware that is coming down the pike. It seems to me that the malware authors have been going to school while the IT industry has been playing hookey. I'm not picking on Windows even though it makes a great target; Linux, Mac and the other alternatives need to be thinking about how userland can be exploited by the same means - otherwise, we've merely traded one sinking ship for another.
[*]
http://www.eweek.com/article2/0,1759,2205606,00.asp
http://www.zdnet.com.au/news/security/soa/Eighty-percent-of-new-malware-defeats-antivirus/0,130061744,139263949,00.htm
> Four graphics cards! Now that sounds like a gamer's wet dream.
Yes, but unlike wet dreams, 4 gfx cards take a lot more power off the grid. At some point, people are going to have to get by without excessive dependency on energy. It's really just a matter of how bad things will get before people start thinking about conservative choices.
Sucking up mass jigawatts of power off the grid to juice 4 video cards for gaming is insane. The target groups for this rig are people with compensation problems or ones with no concept or care for energy conservation. We're moving in the wrong direction folks.
> They better hurry up and pull their finger out of their asses and get Divx/Xvid support for the 360 then.
This is Microsoft. That's not a finger. It's *your* ass.
What does Kyocera get? The right to use patented Microsoft technology in its printers, copiers and "certain Linux-based embedded devices."
This seems to say that Kyocera will get it's ass in a sling putting Microsoft crap into an embedded linux cellphone or something. This is hardly what the article title seems to be suggesting. In fact, tfa seems to suggest the M$ is allowing certain linux embedded devices to employ it's IP. I hate M$ just as much as the next linux geek, but I call bullshit whichever side of the fence it's on.
I have five moderator points and I want to mod you +5 but there is no button for it.
> What do you mean by this? I had read that Xen was not able to support GUI environments and could only be used with textmode/console based OS flavors. Perhaps I've misunderstood.
> For example, you may have a stand-alone java app at multiple locations that can query
> the database directly, so you'd definitely open up the port.
Fine, but this is where ip filtering, along with service metrics, are prudent, responsible and a necessity. It seems there is a knowledge and motivation gap with much of this paradigm however; most people are simply too lazy, too time burdened, or haven't any interest in taking appropriate security precautions. This is why we have such large, commonplace data breaches where everyone stands around saying "how did this happen". Articles like this alert people to the larger problem and make them think.