I had to check Google to figure out who the hell he's talking about, so I figured I'd post it here for all the people who don't have a fixation with shortening people's names to three characters
ken = Ken Thompson dmr = Dennis Ritchie bwk = Brian Kernighan
I guess they're kind of obvious for Unix fanatics, but it's just a few more keystrokes, people...
If they advertise 10Mbps service, then they should at least have enough bandwidth to provide the *advertised service* to more than half their customers. If I pay for XMbps but I get hassled and threatened when I actually try to use that much, then there's something wrong. If they can't back it up, they shouldn't advertise.
Like most regular slashdotters, I've seen this come up a few times, and every time it's mentioned that Broadband over Power Lines (BPL) interferes with all kinds of radios and devices, including ham radios and military communications. My question is this: does anybody think that the military will actually let this happen? Especially given our current state of paranoia, I just can't see the FCC overruling the armed forces and saying, "Nah! Change all of your communication gear so we can speed up Billy Bob Hick's internet!"
It's not the forum. My little book of papers that I write people's names on and sign to give them money says "Checkbook" on it, the box I get the papers in says they're "Checks", and the papers themselves say "Check" several times. It's called an Americanism, which isn't surprising considering you're visiting a chiefly American run web site. Similarly, we say "color" instead of "colour", "flavor" instead of "flavour", and "television" instead of "telly".
Actually, I can't fix security holes in my server. I don't have the necessary time or skill, and if I did, I wouldn't trust myself to change a complex software application that I know next to nothing about. Assuming I found a vulnerability, I'd fire off an email to the appropriate people (author, maintainer, distro packager) and, if that doesn't get a fix, I'd also post about it on Bugtraq and/or Full Disclosure. Of course, this whole argument is a grey area... properly found, documented, and submitted bugs are probably about as easily fixed by proprietary software vendors or open source teams.
Do you have a link to a web page or anything that could help someone who wants to improve the privilege seperation in 2k/XP? I like to think my boxes are pretty secure, but I'd sleep safer if I could spend even less time logged in as Admin.
The Windows Messenger service has nothing to do with either the horribly named Windows Messenger client in WinXP or MSN Messenger. They're all quite badly named, so it's pretty easy to mix/fuse their capabilities. Used properly, the Windows Messenger service can be useful, but it should've been designed to only work on subnets or it should *always* be blocked at your border router. See if your Cisco PIX or broadband router cares about penis enlargement pills. That said, anybody who leaves any kind of PC outside a NAT or restrictive firewall deserves what they get.
The system admins usually don't know what they're doing, and the system gets broken into--it has nothing to do with the system itself.
and
The defaults for other systems are most probably simply safer than the defaults in Linux.
I fail to see how the defaults have nothing to do with the system itself. It's nice to be able to lay the blame on the admins for not changing the defaults, but shouldn't the defaults reflect how the average system *should* be configured? For example, I don't think it would be a bad idea to set the defaults to their most insanely secure, and tell the wannabe-administrator to read the appropriate documentation to learn how the features work, the trade offs in changing the settings, and, lastly, how to change the settings.
That's not even the OS's fault. Its stupid users and bad apps.
So? Think about the phrase "operating system". In this case, it's being applied to mean the software on a computer being used to perform operations. The Linux kernel is not an OS. A kernel with a system of software supporting it is. The thing with Linux is that *every* application is third party. If any applications are bundled with the kernel into a package we call the Linux OS, then it is indeed the OS's fault when security problems are found with those applications. By your logic, the only time a vulnerability would be properly the OS's fault is when a Linux box has a remote root vulnerability with *no* userland software of any kind running, and those are very very rare.
However, when you say stupid users... there you're right on. Too many people run servers either accidentally or just without the proper knowledge to secure them. As an example, a few months ago when I tried a new distribution (it might've been Fedora, I don't really remember) I was shocked to find that sendmail was installed and started at boot by default. A little investigation revealed that this was so alerts could be sent via email to root. Needless to say, that got turned off rather fast. I think distro makers need to think a little more about security in regards to defaults.
Well, if the light is held, it's not getting to your eyes, and thus not making a visible picture. So in that particular instance, I would think that this wouldn't help very much.
Care to back that up at all? I Googled around a bit, and could find very to back this up. "Heroin" doesn't mean "Drug of heroes" in any language. It's a trademark of Bayer, and is evidently the trade name for diacetylmorphine. It was manufactured in Germany around the turn of the century, but (rightfully) never for military uses. It was a cough remedy.
One TiVo aficionado, Pat Hughes, a software engineer in San Jose, Calif., dressed up his two-month-old daughter as the remote for Halloween in 2002. The costume, which took a week to make, was a painstakingly exact replica, complete with battery compartment in the back. "That's where she went in," he said.
Does anybody else think that this man has some issues? Liking your remote is one thing, but this seems above and beyond.
CD keygens are available for every Blizzard title, but none of them generate keys that work on Battle.net. Battle.net doesn't use an algorithm, it actually has a list of all shipped keys. Compared to the number of possible keys, the actual working Bnet keys are very much in the minority. The key algorithm when you install, however, is pathetic. With Starcraft, for example, you can usually guess a working install key within a few minutes.
Source code isn't always architecture independent. If you compile a program that was written for x86 on a MIPS or Sparc, there's a pretty good chance that it just won't work without some fixes. Not so with AMD64.
I'm not a processor architect or anything, but that would seem to make sense. If the registers are 64 bit by default, then wouldn't that possibly throw off some of the math that 32 bit programs use? 64 bit native programs would be compiled to use that prefix for everything, thus turning this into a compiler issue.
The reason for that is that the new dlls have different interfaces. By the MS standards i've seen, if a file is named msxml2.dll, it MUST have the exact same interfaces and behaviour as all other versions of that file. If a bug is fixed where the correct functioning of the dll isn't changed, then it's ok to keep the same file because it's backwards compatible. If someone wants to change an interface or the results of a function, then it needs a new dll so it won't break older applications.
Yeah, I did go through vbrun and msvcrt hell... about 6 years ago. What you refer to is not having the proper DLL, not having the wrong version of it. The runtime for VB6 is completely seperate from the runtime for VB5. They're not versions of the same library, like you imply.
You can have multiple versions of a DLL, as long as the application behaves. It's perfectly possible for an application to have a copy of zlib.dll or any other library in it's own folder, and use that with no conflicts with the system copy. However, due to the above strategy, you almost never need to.
In contrast, Linux's shared library support is horrible. You need a different version (and therefore actual seperate file) of each library for every program, because lots of them will only work with the specific version they were compiled against. In that case, why not just staticly link and save us all the trouble? Why can't I just use the newest version of libpng and not have to worry about older applications?
Actually, most of us *can't* see any higher than around 60hz. You might be able to, but you're the exception. Similar to people who have a better range of hearing. For most of us, 100hz televisions and moniters are completely unnecessary, not least because the input usually isn't 100hz anyways.
Thank you. Excellent comment. If I had read a few pages down instead of composing a lengthy diatribe of my own in response to Mr. Zealot, you would be modded up.
Yep. I'd even buy (for $100) a closed-source kernel and C compiler and associated tools if it was as supported as Windows.
Let's put it this way. I'm a developer. I write games in my spare time, and php-based web sites for work. If I really wanted to, I could probably learn enough about Linux to write my own device drivers and stuff. However, I want to use my computer, not tinker with Makefiles and XF86Config options to try to get the video card I just bought working. If you'd like to, that's nice. Go for it. Sell me the result, if you think it's good enough.
The reason you fail to understand why people want to use Linux is because you're missing a word in that sentence. Use. I want to use Linux. I don't want to have to fix Linux when it breaks. I don't want to have to know some bit of arcane syntax so I can do something that would take 2 mouse clicks if the interface was designed right. That's the job of the people I bought it from. Ideally, if they're doing their job, I should hardly see it break at all.
Actually, this is something Windows mostly just does right. In many cases you can run DOS or Win3.1 executables in Windows XP perfectly. Given, if they're written using version-specific hacks like some software was (and still is) written, then they might break. But on the whole programs are quite compatible.
Everybody talks about "DLL Hell" on Windows, but I've been using Windows since 3.1, and it just doesn't happen very much. Part of it is that Win32 programs usually either provide their own libraries, or only link with Windows standard libs. In regards to "apps frequently shipped with their own shared libraries causing other apps or even the whole system to break", the only app I've ever seen do that was Cygwin.
If you want to talk about a disaster of shared libraries, look at the current state of/usr/lib on a Linux system. For some reason, open source developers have a fetish for making everything into shared libraries, even if your program is the only program that will ever use it or if it'll cause some other program to break because you install an incompatible newer version.
It'd be nice if that was true in the real world, but it just isn't so. The key part of your statement is standard application accessing standard hardware. Unfortunately, there is no such thing, especially when you're talking about games. The closest you can get is to write for a portability toolkit like SDL and hope that it can do what you need.
The Legend of Zelda (a game with next to no story)
Explain. Unless my memory is horribly wrong, Zelda for the NES had a pretty damn good story for an adventure game. Given, it's a pretty standard "slash through the dungeons and rescue the princess", but it was done very well, and was head and shoulders above other games of it's genre. It wasn't an RPG by any stretch of the imagination, so it doesn't have the massive character development or arcing story. Saying Crystalis is better than Zelda is like saying Xenogears is better than Metal Gear Solid. There's just no basis for comparison.
Slashdot Mirror
I found a shell extension that seems to do that here. Not the easiest to install, but it does the job.
I had to check Google to figure out who the hell he's talking about, so I figured I'd post it here for all the people who don't have a fixation with shortening people's names to three characters
ken = Ken Thompson
dmr = Dennis Ritchie
bwk = Brian Kernighan
I guess they're kind of obvious for Unix fanatics, but it's just a few more keystrokes, people...
If they advertise 10Mbps service, then they should at least have enough bandwidth to provide the *advertised service* to more than half their customers. If I pay for XMbps but I get hassled and threatened when I actually try to use that much, then there's something wrong. If they can't back it up, they shouldn't advertise.
Like most regular slashdotters, I've seen this come up a few times, and every time it's mentioned that Broadband over Power Lines (BPL) interferes with all kinds of radios and devices, including ham radios and military communications. My question is this: does anybody think that the military will actually let this happen? Especially given our current state of paranoia, I just can't see the FCC overruling the armed forces and saying, "Nah! Change all of your communication gear so we can speed up Billy Bob Hick's internet!"
It's not the forum. My little book of papers that I write people's names on and sign to give them money says "Checkbook" on it, the box I get the papers in says they're "Checks", and the papers themselves say "Check" several times. It's called an Americanism, which isn't surprising considering you're visiting a chiefly American run web site. Similarly, we say "color" instead of "colour", "flavor" instead of "flavour", and "television" instead of "telly".
Actually, I can't fix security holes in my server. I don't have the necessary time or skill, and if I did, I wouldn't trust myself to change a complex software application that I know next to nothing about. Assuming I found a vulnerability, I'd fire off an email to the appropriate people (author, maintainer, distro packager) and, if that doesn't get a fix, I'd also post about it on Bugtraq and/or Full Disclosure. Of course, this whole argument is a grey area... properly found, documented, and submitted bugs are probably about as easily fixed by proprietary software vendors or open source teams.
Do you have a link to a web page or anything that could help someone who wants to improve the privilege seperation in 2k/XP? I like to think my boxes are pretty secure, but I'd sleep safer if I could spend even less time logged in as Admin.
The Windows Messenger service has nothing to do with either the horribly named Windows Messenger client in WinXP or MSN Messenger. They're all quite badly named, so it's pretty easy to mix/fuse their capabilities. Used properly, the Windows Messenger service can be useful, but it should've been designed to only work on subnets or it should *always* be blocked at your border router. See if your Cisco PIX or broadband router cares about penis enlargement pills. That said, anybody who leaves any kind of PC outside a NAT or restrictive firewall deserves what they get.
So? Think about the phrase "operating system". In this case, it's being applied to mean the software on a computer being used to perform operations. The Linux kernel is not an OS. A kernel with a system of software supporting it is. The thing with Linux is that *every* application is third party. If any applications are bundled with the kernel into a package we call the Linux OS, then it is indeed the OS's fault when security problems are found with those applications. By your logic, the only time a vulnerability would be properly the OS's fault is when a Linux box has a remote root vulnerability with *no* userland software of any kind running, and those are very very rare.
However, when you say stupid users... there you're right on. Too many people run servers either accidentally or just without the proper knowledge to secure them. As an example, a few months ago when I tried a new distribution (it might've been Fedora, I don't really remember) I was shocked to find that sendmail was installed and started at boot by default. A little investigation revealed that this was so alerts could be sent via email to root. Needless to say, that got turned off rather fast. I think distro makers need to think a little more about security in regards to defaults.
Well, if the light is held, it's not getting to your eyes, and thus not making a visible picture. So in that particular instance, I would think that this wouldn't help very much.
I like bold better. Italics make me have to slant my head.
Care to back that up at all? I Googled around a bit, and could find very to back this up. "Heroin" doesn't mean "Drug of heroes" in any language. It's a trademark of Bayer, and is evidently the trade name for diacetylmorphine. It was manufactured in Germany around the turn of the century, but (rightfully) never for military uses. It was a cough remedy.
CD keygens are available for every Blizzard title, but none of them generate keys that work on Battle.net. Battle.net doesn't use an algorithm, it actually has a list of all shipped keys. Compared to the number of possible keys, the actual working Bnet keys are very much in the minority. The key algorithm when you install, however, is pathetic. With Starcraft, for example, you can usually guess a working install key within a few minutes.
Source code isn't always architecture independent. If you compile a program that was written for x86 on a MIPS or Sparc, there's a pretty good chance that it just won't work without some fixes. Not so with AMD64.
I'm not a processor architect or anything, but that would seem to make sense. If the registers are 64 bit by default, then wouldn't that possibly throw off some of the math that 32 bit programs use? 64 bit native programs would be compiled to use that prefix for everything, thus turning this into a compiler issue.
The reason for that is that the new dlls have different interfaces. By the MS standards i've seen, if a file is named msxml2.dll, it MUST have the exact same interfaces and behaviour as all other versions of that file. If a bug is fixed where the correct functioning of the dll isn't changed, then it's ok to keep the same file because it's backwards compatible. If someone wants to change an interface or the results of a function, then it needs a new dll so it won't break older applications.
Yeah, I did go through vbrun and msvcrt hell... about 6 years ago. What you refer to is not having the proper DLL, not having the wrong version of it. The runtime for VB6 is completely seperate from the runtime for VB5. They're not versions of the same library, like you imply.
You can have multiple versions of a DLL, as long as the application behaves. It's perfectly possible for an application to have a copy of zlib.dll or any other library in it's own folder, and use that with no conflicts with the system copy. However, due to the above strategy, you almost never need to.
In contrast, Linux's shared library support is horrible. You need a different version (and therefore actual seperate file) of each library for every program, because lots of them will only work with the specific version they were compiled against. In that case, why not just staticly link and save us all the trouble? Why can't I just use the newest version of libpng and not have to worry about older applications?
Actually, most of us *can't* see any higher than around 60hz. You might be able to, but you're the exception. Similar to people who have a better range of hearing. For most of us, 100hz televisions and moniters are completely unnecessary, not least because the input usually isn't 100hz anyways.
Thank you. Excellent comment. If I had read a few pages down instead of composing a lengthy diatribe of my own in response to Mr. Zealot, you would be modded up.
Yep. I'd even buy (for $100) a closed-source kernel and C compiler and associated tools if it was as supported as Windows.
Let's put it this way. I'm a developer. I write games in my spare time, and php-based web sites for work. If I really wanted to, I could probably learn enough about Linux to write my own device drivers and stuff. However, I want to use my computer, not tinker with Makefiles and XF86Config options to try to get the video card I just bought working. If you'd like to, that's nice. Go for it. Sell me the result, if you think it's good enough.
The reason you fail to understand why people want to use Linux is because you're missing a word in that sentence. Use. I want to use Linux. I don't want to have to fix Linux when it breaks. I don't want to have to know some bit of arcane syntax so I can do something that would take 2 mouse clicks if the interface was designed right. That's the job of the people I bought it from. Ideally, if they're doing their job, I should hardly see it break at all.
Actually, this is something Windows mostly just does right. In many cases you can run DOS or Win3.1 executables in Windows XP perfectly. Given, if they're written using version-specific hacks like some software was (and still is) written, then they might break. But on the whole programs are quite compatible.
/usr/lib on a Linux system. For some reason, open source developers have a fetish for making everything into shared libraries, even if your program is the only program that will ever use it or if it'll cause some other program to break because you install an incompatible newer version.
Everybody talks about "DLL Hell" on Windows, but I've been using Windows since 3.1, and it just doesn't happen very much. Part of it is that Win32 programs usually either provide their own libraries, or only link with Windows standard libs. In regards to "apps frequently shipped with their own shared libraries causing other apps or even the whole system to break", the only app I've ever seen do that was Cygwin.
If you want to talk about a disaster of shared libraries, look at the current state of
It'd be nice if that was true in the real world, but it just isn't so. The key part of your statement is standard application accessing standard hardware. Unfortunately, there is no such thing, especially when you're talking about games. The closest you can get is to write for a portability toolkit like SDL and hope that it can do what you need.
Explain. Unless my memory is horribly wrong, Zelda for the NES had a pretty damn good story for an adventure game. Given, it's a pretty standard "slash through the dungeons and rescue the princess", but it was done very well, and was head and shoulders above other games of it's genre. It wasn't an RPG by any stretch of the imagination, so it doesn't have the massive character development or arcing story. Saying Crystalis is better than Zelda is like saying Xenogears is better than Metal Gear Solid. There's just no basis for comparison.