He has some points. I actually quite not believed - but I've tested it and it looks like he is not lying.;) But to be honest I've never run into any of these oddities - I just RTFM, configure it and it works...
Now maybe one point was invalid - you do not have to restart the server to make it reread config - you just send a signal to its process and it is in fact restarted - but practically it does no difference.
Re:Still a single point of failure
on
Basics of RAID
·
· Score: 1
> With RAID, you still have a single point of > failure. Instead of it being your hard drive, > it is now your RAID controller. So what is > the advantage?
What kind of failure you mean? You mean getting your data damaged due to RAID controller failure? I've never heard of something like that but maybe it may happen. But I can bet that it will happen less than harddrive failure - so still having N drives and one controller is less likely to fail than having one hd - means RAID has advantage here...
If you mean aviability - I think this is not the case here. We are talking about data safety. If your RAID controller fails - get a new one, plug it in and it should work. Or maybe get RRAIDC (Redundant Redundant Array Of Inexpensive Discs Controller). But then you will go to other place and find it is single point of failure, than another.:) It is not the case of having single point of failure (you will always find one) - it is the matter of probability of failure.
Now for usual Slashdot bashing - somebody knows how often it is that data is lost (we are talking here about home users) not due hardware failure but software (like you know - Windows bug) one?
> Since a RAID controller doesn't have > moving parts, is it less likely than a hard > drive to fail?
Seriously. How much will it cost? How much data you wish to backup over the Internet (you know - quite slow, AFAIR even 10mbps line is quite expensive)? How much time you wish to spend (and time == money) on reconfiguring everything to use other solution?
Is this broken RAID of yours really more expensive than all of above?
Geez. What for you need hardware RAID? An old box with 4 IDE drives (like 100GB each - I belive it will suffice - you don't want to backup 1TB of data over Internet don't you?) running some free operating system and some volume management application will do backups much better than anything which means backuping over Internet.
I recall some interviews with BG -- or was it SB? -- they stated something that LH is technology for next ten years so it would not be marketing-wise to call product with year. Because it will appear like "Bagnzooloo Linux 2009" is better (cause newer) than "Windows 2007".:)
Actually my point was about {any big company} doing it cause {another big company} did it...:)
I mean they must do it due to PR and shit. I more welcome smaller sites that implement such features in their sites (like come on - how hard it is to code search plugin and put a banner on site?) cause they really tend to belive Firefox is best. And I know few such sites that are non-techie and they did so.
When I think of something - anything, image, information whatever. I just pop up my browser (it is instant on during my computer session) - and type in "g {my interest}" and it gives me ideas. Or if not I try to reconsider my search. Come on. GOOGLE IS MY SIXTH SENSE (seroiusly). Nothing can beat that - and yes, I've tried other search engines. They simply do not work.
What is the news here? Yahoo did it because Google did it. And then also most of big players will - it is like race in features - we got that, they also etc. etc.
But actuall I find some smaller sites to be promoting FF. Like biggest polish dictionary providers (encyclopedia, dictionaries etc. etc. former communist monopoly) have provided search plugin for FF... That is interesting. It is like they really find FF more convinient themselves so they suggest it for use with their services - not "me too" stuff.
Just set up SSH auth only with pubkey method. It is more convinient and much safer (but you need to protrect your keys). Also if your system uses PAM you can use pam_tally module to limit login (via PAM - so it covers anything from SSH thru console, X11 and finishing on FTP) attempts to f.e. 3 tries per hour - it will render bruteforce attacks basically useless.
There is something I don't get in those graphs. Take look at them - Windows XP's last hole is dated on 2005-07-14, Red Hat's last hole is dated on 2004-05-03 - there *were* lot of holes in software that Red Hat was shipping after that date... I don't want to bother to check but the last security advisory for Red Hat is not ovelaping with end of line for RHL9? I mean those graphs are irrevelant since they measure different time peroids (Windows XP is longer than RHL9). I am all about Linux but this comparsion is not worth too much.
Linux servers vs. Windows servers - this is an issue here because Linux has some security problems (not that Windows hasn't) - there had been lot of holes in kernel (Linux) recently. But I don't really recall any mass histeria with Linux servers getting infected and DDoS entire country (Korea that was?) from Internet. There are some holes in f.e. Apache (but as I recall not serious ones - like exploitable in specific configurations - far more from default and even far more from common). Now somebody can go with instalation volume argument (that Windows is more widespread) - with server market it is not really an issue - Apache is most popular web server - even counting it running on Windows and other systems - it is in fact THE WEB SERVER;) - meaning it has market share like twice bigger than competitors - still no mass compromise was seen. Another example against this argument? Sure - OpenSSH - it is used in almost all major operating systems (despite MS) - Linux, BSD, MOX, Solaris, other-unices, appliances such as CISCO devices etc. etc. - still it happen to have few bugs but there was no mass compromise noted.
But servers are completely different than desktops (and should be measured so) -servers are usually operated by technical IT staff - servers do not face users directly. So now we come to desktops. And gues what... Linux does not have *any* problem with desktop security. Mind you - ANY PROBLEM AT ALL. This is the reality for now - no viruses, no adware, no worms, no need for firewall, no need for antivirus, no need for antispyware, no need for patching or instead your system dies in 2 minutes after connecting to Internet - no such stuff at all.:)
But with desktops I can agree that Linux was not tested "in real world yet" but given its experience on servers I don't know why it could be insecure on desktops? There will be some problems for sure - but we will overcome them even *before* they occur. Ever seen any modern Linux distro? Now we have tools like SELinux in place - it can be used to preety much secure any desktop (minimalize target surface, separate privileges/roles/tasks correctly, compartment Internet facing user apps like MUA and browser in sandboxes) - so really if anything like problems with Linux desktop security will happen we will be prepared for it. We are right now.
Try Drupal [http://drupal.org/%5D it is simple but powerfull CMS/Blog system. With easy user interface (at least I think so) and writen very well (meaning code) - it is clean, object oriented mostly, and modular. The tarball is just half megabyte.
Or maybe go with MediaWiki [http://wikipedia.sourceforge.net/%5D it is the engine behind WikiPedia - it uses simple wiki markup, supports images, stories and stuff. Also it has access control, revision control etc. - it should be suitable for such tasks.
And to be honest dont go with anythink with *nuke in name - this is spaghetti code shit. It is very awful for me. Unclean, not modular.
What you want these systems to do? Integrate into AD? Any Linux can do that... You *need* to pay for some kind of Linux? Well if you just *need* then toss the coin and decide...:)
> No it was working in FC2 and now it is not. > That's not unsupported, that's broken.
I've missed that. Of course you are right... But for me everything works...
> What do I mean, my console is not > working? If I am in X and I hit Ctl-Alt-F1, I > used to be able to log into a console, and > do stuff. I can't do that any more. I hit Ctl- > Alt-F1 and get a console login prompt, and > I enter username and password and it > resets the console. If I pass to the > command line init 3, when I get to the > console the same thing happens. I cannot > log in.
Never happened to me. You did fresh install or upgraded the system? Also have you analyzed logs after login attempt? They should give you a clue...
> I knew people who hated Linux and Used > FreeBSD for their desktops. They swore by > it.
Yes I know. I know people swearing even more arcane OSes for *their* desktops...;) Don't get me wrong - *BSD is OK for specific tasks (mostly server ones, but I am dissapointed with the direction FreeBSD has taken recently, in 5.x branch lot of things is broken) but for general use desktop *BSD is like 5 years ago...
By general use desktop I mean OS that you can take and deploy on f.e. 10 machines and let people work on it. *BSD (FreeBSD) are awkard here, no decent hardware detection, retarded installer etc.
> I think your inerpretation of what he is > saying is wrong. he default install is > GNOME/KDE. Not everyone will 'tweak' > their system. Out of the box, you are > saying that it is bloated too.
Yeah I know - that is why I've stated that I am honest that I've tweaked my system.
Fedora is compromise between functionality and speed. Of course default install will be slower and bloated since it tries to do all at once - to come against all user needs (f.e. printing enabled by default, file sharing enabled/installed etc.) - now I have my specific needs - f.e. I don't need bloated (but functional) CUPS spooler. I use LPRng since it is laptop and I only print to various networked printers. But common user will need printing...
But still if I look at default Fedora setup it is quite reasonable - I happen to administer 8 such desktops (mainly for data entry) and Fedora setup has everything in place - of course it is bloat. But in some situations it is better to have bloat and better management/less support calls than to tweak the system to maximum.
In this matter Fedora does it job decently. Like what is enabled in fedora that should not be for defaults?
> I've heard the argument that all your RAM > should be in use for 'good memory' > management.
If you have 512MB RAM and only 256MB is used what for you need 512MB?
> I can write a program with lots of memory > leaks that will use your RAM.
It is not applications which take memory, these are system buffers - system buffers I/O operations to free memory, it can speed up I/O a bit. Still it is better than have unused memory - in optimistic case buffers will speed up the system. In pesimistic they won't but also they dont slow down...
Presently in my system when I run free(1) it outputs 150MB of used memory. *But* only 35MB of this is actually used for applications, the rest are system buffers. So my Fedora presently (just after boot, no X11 running) takes 35MB - far from stated 240MB. I have tested it and default instalation (GNOME) with one user logged in takes about 130MB, but free(1) show 250MB used (but 120MB are in fact system buffers) - so yes. The author did wrongly interpreted the numbers.
(...)
> The real issue I have with FC, is each > release another peice of my hardware > stops working. In FC 3 my scsi cdr stopped > working and still doesn't. In FC4 now its > my web cam, and my console is in > accessable.
Well I think you will encounter similar problems with any Linux - it is like you own unsupported hardware.
> I have heard of having a secure system, > but my console is so secure, I can't even > use it.
What you mean?
> Thank's FC4. I'm now looking at other > distributions, and the BSD's for a desktop.
This is common newbie mistake -- "Why does my system takes entire RAM aviable?" -- Well RAM is in machine to be used. What for you need RAM if it stays unused? So it is actually a *Good* *Thing* that most of the RAM is used - it means that operating system is working good with memory management.
What was wrong? The interpretation. I've bet that author stated full memory usage but hasn't bother to check how much of this "used" RAM was taken by system buffers and how much by real applications? I use Fedora day to day on my laptop - I've tweaked it a bit (to be honest). Disabled services, use WindowMaker instead of bloated GNOME/KDE, Opera instead of Mozilla etc. After boot -- X11 with WindowMaker, few services (postgres, httpd for developement) -- the system (not buffers) takes ~50MB RAM, but of course free(1) shows ~240MB (with system buffers).
You always can take floppy image and burn it to CD and make it bootable. But I understand what you mean - as I've seen some manufacturers don't just provide floppy images. They provide some dumb program extracting data directly to floppy. I once owned old IBM ThinkPad which BIOS could be only controlled from Windows application or from crude dos prompt (PS2.EXE). And provided files could only extract directly to floppy. So I had to extract it on other machine, make image and burn it on CD:\... It was old laptop I know. But still kind of silly as one zip with image and rawrite.exe program in batch would do the trick also...
I guess it is because manufacturers are lazy and don't give a shit? After all flashing your mobo is stuff for geeks or tech shops...
> Microsoft has the right to restrict product > updates to only their paying customers.
Not everywhere. I mean that I don't know where you live but in my place it may be different. Like OK I fully understand that MS want to restrict its product. But under my local law it has no authority to f.e. gather my data. I've bought their software - and this is OK. It is not OK from them to require ME to supply some additional data. When I bought Windows I read license and it said I would get updates for some peroid of time *without* altering my license.
So I feel like clicking on their website and like inputing them data about f.e. my IP is not exactly legal.
Re:Can We Get Firefox Developers To Do This, Too?
on
Hackers, Meet Microsoft
·
· Score: 0, Troll
> And let's not forget that Netscape > provided Microsoft with some much- > appreciated help in taking over the Web, > by screwing up their own release schedule > so badly that there never was a Netscape > 5.0.
Lets not forget that MS laveraged their monopoly on operating systems to give their browser away for free and still being able to operate (financialy). Netscape was just killed by MS. The lack of 5 version release was an effect, not a cause.
> They are aiming to be the top of the heap > in security, and they've got drive, ambition > and aggression.
Too bad still they have serious problems here. Like things got better inside corporate networks etc. (but not like it is MS-only achievement - entire market was generated around windows lack-of-security). But it still *is* an issue.
> Make no mistake, this kind of event is > exactly what a company that wants to get > secure should be doing.
No, publishing some marketing stuff with phrases like "hackers are hacking Windows and everybody is happy" is like PR/marketing bullshit.
Face it - now the real crackers (I mean virus writing etc.) are working for profit - under wings of multinational organizations. This is no longer underapriciated-geek-thing - this whole security business is about money. Not some "blue hats" (WTF are they?) - it is like - you crack a system -> you get profit from it. Marketing stupid names like "blue hats" is not going to change much.
(...) > These things say to me that, within a few > years, we're going to see some really damn > secure stuff coming out of Microsoft.
Yeah - like say it gazilllion times and it will become truth. It is not like MS has not made any secure product. The opinion (MS -> insecure) comes from the fact that MS had done some unsecure products before. Yelling "WEEE ARE ALL ABOUT SECURITY DADADADA ETC." wont change much unless there will be noticable changes with their security practices. Right now I see a problem with MSIE (in general - entire system) - when you ask the video driver to draw very huge bitmap the system hangs... It works for +/-50% of systems (my research, even if it would be 5% it is still an issue). And guess what - you wont find MS talking about this *problem*. So how do they handle security?
> Ah well the thing is, usually at the sites > where I'm installing, the servers I'm > configuring have no access to the internet, > and getting even temporary access for > them involves going down on my hands > and knees to the site admins and waiting > for three days till they figure out how to > give me outbound internet access without > compromising their site's security, etc etc.
Seems way retarded (I mean those admins not you) - how do you install patches then?
> So, no apt-get for me.
You can create local apt repository and it works fine. Load all packages from instalation cd to one directory (name it core) in web server range, rsync your favourite additional repository to another dir, run one command, configure clients and it works via local network.
> I have installed FC3 on 10 servers this year, > and I always choose "custom" for package > selection
Usually go with minimal installation (it still loads tons of crap anyway), then I run script that removes (rpm -e) all unwanted (by me obviously) packages. Then it sets up apt (one repository, freshrpms is sufficent and very good quality), installs GPG keys (for apt), and generates me keys (for SSH) for given machine. Then it does apt-get update; apt-get upgrade. Runs some commands to disable unwanted services (chkconfig --del) and copies over my preffered configuration for most obvious stuff.
It works unattended so I just run it and after some time I have neat clean install to start configuring the system. If I need some functionality (like httpd, samba or smth.) I just install it with apt and it works.
Also you can pepare custom instalation discs but it is a bit more hassle. My script works for me. Too bad every release I need to tweak it a little and it is what I've done after writing my previous post.;)
> and I always uncheck sendmail because I > never use it, and it is always installed and > active.
It is active only locally to deliver system notifications (cron, atd, logwatch etc.) to local users. I *do* use SMTP daemon on every machine, but I don't want sendmail.
My point is that using standard CD installer in some cases there is *no* *way* of not installing certain packages. They will get installed whatever you click in instalator. They are mandatory and often stupid (for me) - like tape streamer operating utilities - I haven't used any streamers in like 7 years.;)
Slashdot Mirror
You know. Last time I've checked FreeBSD did not even had OpenOffice.org as binary package...
He has some points. I actually quite not believed - but I've tested it and it looks like he is not lying. ;) But to be honest I've never run into any of these oddities - I just RTFM, configure it and it works...
Now maybe one point was invalid - you do not have to restart the server to make it reread config - you just send a signal to its process and it is in fact restarted - but practically it does no difference.
> With RAID, you still have a single point of
:) It is not the case of having single point of failure (you will always find one) - it is the matter of probability of failure.
> failure. Instead of it being your hard drive,
> it is now your RAID controller. So what is
> the advantage?
What kind of failure you mean? You mean getting your data damaged due to RAID controller failure? I've never heard of something like that but maybe it may happen. But I can bet that it will happen less than harddrive failure - so still having N drives and one controller is less likely to fail than having one hd - means RAID has advantage here...
If you mean aviability - I think this is not the case here. We are talking about data safety. If your RAID controller fails - get a new one, plug it in and it should work. Or maybe get RRAIDC (Redundant Redundant Array Of Inexpensive Discs Controller). But then you will go to other place and find it is single point of failure, than another.
Now for usual Slashdot bashing - somebody knows how often it is that data is lost (we are talking here about home users) not due hardware failure but software (like you know - Windows bug) one?
> Since a RAID controller doesn't have
> moving parts, is it less likely than a hard
> drive to fail?
Yes.
Seriously. How much will it cost? How much data you wish to backup over the Internet (you know - quite slow, AFAIR even 10mbps line is quite expensive)? How much time you wish to spend (and time == money) on reconfiguring everything to use other solution?
Is this broken RAID of yours really more expensive than all of above?
Geez. What for you need hardware RAID? An old box with 4 IDE drives (like 100GB each - I belive it will suffice - you don't want to backup 1TB of data over Internet don't you?) running some free operating system and some volume management application will do backups much better than anything which means backuping over Internet.
Dealers also tend to use cell phones to make deals. They've also been spotted to use busses and maybe even cars to deal drugs.
Lets blame cell phone companies and car manufacturers for people who *like* to get high using something else than alcohol.
I recall some interviews with BG -- or was it SB? -- they stated something that LH is technology for next ten years so it would not be marketing-wise to call product with year. Because it will appear like "Bagnzooloo Linux 2009" is better (cause newer) than "Windows 2007". :)
Actually my point was about {any big company} doing it cause {another big company} did it... :)
I mean they must do it due to PR and shit. I more welcome smaller sites that implement such features in their sites (like come on - how hard it is to code search plugin and put a banner on site?) cause they really tend to belive Firefox is best. And I know few such sites that are non-techie and they did so.
When I think of something - anything, image, information whatever. I just pop up my browser (it is instant on during my computer session) - and type in "g {my interest}" and it gives me ideas. Or if not I try to reconsider my search. Come on. GOOGLE IS MY SIXTH SENSE (seroiusly). Nothing can beat that - and yes, I've tried other search engines. They simply do not work.
What is the news here? Yahoo did it because Google did it. And then also most of big players will - it is like race in features - we got that, they also etc. etc.
But actuall I find some smaller sites to be promoting FF. Like biggest polish dictionary providers (encyclopedia, dictionaries etc. etc. former communist monopoly) have provided search plugin for FF... That is interesting. It is like they really find FF more convinient themselves so they suggest it for use with their services - not "me too" stuff.
WTF is quasi-proprietary with RPM or DEB? You mean that output package is binary or what?
Just set up SSH auth only with pubkey method. It is more convinient and much safer (but you need to protrect your keys). Also if your system uses PAM you can use pam_tally module to limit login (via PAM - so it covers anything from SSH thru console, X11 and finishing on FTP) attempts to f.e. 3 tries per hour - it will render bruteforce attacks basically useless.
Just pay $50 to somebody that can fix the computer (f.e. a geek). I think $50 will do it if you are too dumb to install AV ans AS scaners.
There is something I don't get in those graphs. Take look at them - Windows XP's last hole is dated on 2005-07-14, Red Hat's last hole is dated on 2004-05-03 - there *were* lot of holes in software that Red Hat was shipping after that date... I don't want to bother to check but the last security advisory for Red Hat is not ovelaping with end of line for RHL9? I mean those graphs are irrevelant since they measure different time peroids (Windows XP is longer than RHL9). I am all about Linux but this comparsion is not worth too much.
I agree with you but I would add one point:
;) - meaning it has market share like twice bigger than competitors - still no mass compromise was seen. Another example against this argument? Sure - OpenSSH - it is used in almost all major operating systems (despite MS) - Linux, BSD, MOX, Solaris, other-unices, appliances such as CISCO devices etc. etc. - still it happen to have few bugs but there was no mass compromise noted.
:)
What was compared?
Linux servers vs. Windows servers - this is an issue here because Linux has some security problems (not that Windows hasn't) - there had been lot of holes in kernel (Linux) recently. But I don't really recall any mass histeria with Linux servers getting infected and DDoS entire country (Korea that was?) from Internet. There are some holes in f.e. Apache (but as I recall not serious ones - like exploitable in specific configurations - far more from default and even far more from common). Now somebody can go with instalation volume argument (that Windows is more widespread) - with server market it is not really an issue - Apache is most popular web server - even counting it running on Windows and other systems - it is in fact THE WEB SERVER
But servers are completely different than desktops (and should be measured so) -servers are usually operated by technical IT staff - servers do not face users directly. So now we come to desktops. And gues what... Linux does not have *any* problem with desktop security. Mind you - ANY PROBLEM AT ALL. This is the reality for now - no viruses, no adware, no worms, no need for firewall, no need for antivirus, no need for antispyware, no need for patching or instead your system dies in 2 minutes after connecting to Internet - no such stuff at all.
But with desktops I can agree that Linux was not tested "in real world yet" but given its experience on servers I don't know why it could be insecure on desktops? There will be some problems for sure - but we will overcome them even *before* they occur. Ever seen any modern Linux distro? Now we have tools like SELinux in place - it can be used to preety much secure any desktop (minimalize target surface, separate privileges/roles/tasks correctly, compartment Internet facing user apps like MUA and browser in sandboxes) - so really if anything like problems with Linux desktop security will happen we will be prepared for it. We are right now.
Try Drupal [http://drupal.org/%5D it is simple but powerfull CMS/Blog system. With easy user interface (at least I think so) and writen very well (meaning code) - it is clean, object oriented mostly, and modular. The tarball is just half megabyte.
Or maybe go with MediaWiki [http://wikipedia.sourceforge.net/%5D it is the engine behind WikiPedia - it uses simple wiki markup, supports images, stories and stuff. Also it has access control, revision control etc. - it should be suitable for such tasks.
And to be honest dont go with anythink with *nuke in name - this is spaghetti code shit. It is very awful for me. Unclean, not modular.
What you want these systems to do? Integrate into AD? Any Linux can do that... You *need* to pay for some kind of Linux? Well if you just *need* then toss the coin and decide... :)
l - cause now you ask like "Which is better?".
To be honest I don't quite get the problem. Maybe you should read: http://www.catb.org/~esr/faqs/smart-questions.htm
> No it was working in FC2 and now it is not.
;) Don't get me wrong - *BSD is OK for specific tasks (mostly server ones, but I am dissapointed with the direction FreeBSD has taken recently, in 5.x branch lot of things is broken) but for general use desktop *BSD is like 5 years ago...
> That's not unsupported, that's broken.
I've missed that. Of course you are right... But for me everything works...
> What do I mean, my console is not
> working? If I am in X and I hit Ctl-Alt-F1, I
> used to be able to log into a console, and
> do stuff. I can't do that any more. I hit Ctl-
> Alt-F1 and get a console login prompt, and
> I enter username and password and it
> resets the console. If I pass to the
> command line init 3, when I get to the
> console the same thing happens. I cannot
> log in.
Never happened to me. You did fresh install or upgraded the system? Also have you analyzed logs after login attempt? They should give you a clue...
> I knew people who hated Linux and Used
> FreeBSD for their desktops. They swore by
> it.
Yes I know. I know people swearing even more arcane OSes for *their* desktops...
By general use desktop I mean OS that you can take and deploy on f.e. 10 machines and let people work on it. *BSD (FreeBSD) are awkard here, no decent hardware detection, retarded installer etc.
> I think your inerpretation of what he is
:>
> saying is wrong. he default install is
> GNOME/KDE. Not everyone will 'tweak'
> their system. Out of the box, you are
> saying that it is bloated too.
Yeah I know - that is why I've stated that I am honest that I've tweaked my system.
Fedora is compromise between functionality and speed. Of course default install will be slower and bloated since it tries to do all at once - to come against all user needs (f.e. printing enabled by default, file sharing enabled/installed etc.) - now I have my specific needs - f.e. I don't need bloated (but functional) CUPS spooler. I use LPRng since it is laptop and I only print to various networked printers. But common user will need printing...
But still if I look at default Fedora setup it is quite reasonable - I happen to administer 8 such desktops (mainly for data entry) and Fedora setup has everything in place - of course it is bloat. But in some situations it is better to have bloat and better management/less support calls than to tweak the system to maximum.
In this matter Fedora does it job decently. Like what is enabled in fedora that should not be for defaults?
> I've heard the argument that all your RAM
> should be in use for 'good memory'
> management.
If you have 512MB RAM and only 256MB is used what for you need 512MB?
> I can write a program with lots of memory
> leaks that will use your RAM.
It is not applications which take memory, these are system buffers - system buffers I/O operations to free memory, it can speed up I/O a bit. Still it is better than have unused memory - in optimistic case buffers will speed up the system. In pesimistic they won't but also they dont slow down...
Presently in my system when I run free(1) it outputs 150MB of used memory. *But* only 35MB of this is actually used for applications, the rest are system buffers. So my Fedora presently (just after boot, no X11 running) takes 35MB - far from stated 240MB. I have tested it and default instalation (GNOME) with one user logged in takes about 130MB, but free(1) show 250MB used (but 120MB are in fact system buffers) - so yes. The author did wrongly interpreted the numbers.
(...)
> The real issue I have with FC, is each
> release another peice of my hardware
> stops working. In FC 3 my scsi cdr stopped
> working and still doesn't. In FC4 now its
> my web cam, and my console is in
> accessable.
Well I think you will encounter similar problems with any Linux - it is like you own unsupported hardware.
> I have heard of having a secure system,
> but my console is so secure, I can't even
> use it.
What you mean?
> Thank's FC4. I'm now looking at other
> distributions, and the BSD's for a desktop.
FreeBSD for desktop?
This is common newbie mistake -- "Why does my system takes entire RAM aviable?" -- Well RAM is in machine to be used. What for you need RAM if it stays unused? So it is actually a *Good* *Thing* that most of the RAM is used - it means that operating system is working good with memory management.
What was wrong? The interpretation. I've bet that author stated full memory usage but hasn't bother to check how much of this "used" RAM was taken by system buffers and how much by real applications? I use Fedora day to day on my laptop - I've tweaked it a bit (to be honest). Disabled services, use WindowMaker instead of bloated GNOME/KDE, Opera instead of Mozilla etc. After boot -- X11 with WindowMaker, few services (postgres, httpd for developement) -- the system (not buffers) takes ~50MB RAM, but of course free(1) shows ~240MB (with system buffers).
Just buy old one which suits your needs. Pack it up with decent enchancements (mainly bigger capacity batteries, they are aviable for cheap).
You always can take floppy image and burn it to CD and make it bootable. But I understand what you mean - as I've seen some manufacturers don't just provide floppy images. They provide some dumb program extracting data directly to floppy. I once owned old IBM ThinkPad which BIOS could be only controlled from Windows application or from crude dos prompt (PS2.EXE). And provided files could only extract directly to floppy. So I had to extract it on other machine, make image and burn it on CD :\ ... It was old laptop I know. But still kind of silly as one zip with image and rawrite.exe program in batch would do the trick also...
I guess it is because manufacturers are lazy and don't give a shit? After all flashing your mobo is stuff for geeks or tech shops...
> Microsoft has the right to restrict product
> updates to only their paying customers.
Not everywhere. I mean that I don't know where you live but in my place it may be different. Like OK I fully understand that MS want to restrict its product. But under my local law it has no authority to f.e. gather my data. I've bought their software - and this is OK. It is not OK from them to require ME to supply some additional data. When I bought Windows I read license and it said I would get updates for some peroid of time *without* altering my license.
So I feel like clicking on their website and like inputing them data about f.e. my IP is not exactly legal.
> And let's not forget that Netscape
> provided Microsoft with some much-
> appreciated help in taking over the Web,
> by screwing up their own release schedule
> so badly that there never was a Netscape
> 5.0.
Lets not forget that MS laveraged their monopoly on operating systems to give their browser away for free and still being able to operate (financialy). Netscape was just killed by MS. The lack of 5 version release was an effect, not a cause.
> They are aiming to be the top of the heap
> in security, and they've got drive, ambition
> and aggression.
Too bad still they have serious problems here. Like things got better inside corporate networks etc. (but not like it is MS-only achievement - entire market was generated around windows lack-of-security). But it still *is* an issue.
> Make no mistake, this kind of event is
> exactly what a company that wants to get
> secure should be doing.
No, publishing some marketing stuff with phrases like "hackers are hacking Windows and everybody is happy" is like PR/marketing bullshit.
Face it - now the real crackers (I mean virus writing etc.) are working for profit - under wings of multinational organizations. This is no longer underapriciated-geek-thing - this whole security business is about money. Not some "blue hats" (WTF are they?) - it is like - you crack a system -> you get profit from it. Marketing stupid names like "blue hats" is not going to change much.
(...)
> These things say to me that, within a few
> years, we're going to see some really damn
> secure stuff coming out of Microsoft.
Yeah - like say it gazilllion times and it will become truth. It is not like MS has not made any secure product. The opinion (MS -> insecure) comes from the fact that MS had done some unsecure products before. Yelling "WEEE ARE ALL ABOUT SECURITY DADADADA ETC." wont change much unless there will be noticable changes with their security practices. Right now I see a problem with MSIE (in general - entire system) - when you ask the video driver to draw very huge bitmap the system hangs... It works for +/-50% of systems (my research, even if it would be 5% it is still an issue). And guess what - you wont find MS talking about this *problem*. So how do they handle security?
> Ah well the thing is, usually at the sites
> where I'm installing, the servers I'm
> configuring have no access to the internet,
> and getting even temporary access for
> them involves going down on my hands
> and knees to the site admins and waiting
> for three days till they figure out how to
> give me outbound internet access without
> compromising their site's security, etc etc.
Seems way retarded (I mean those admins not you) - how do you install patches then?
> So, no apt-get for me.
You can create local apt repository and it works fine. Load all packages from instalation cd to one directory (name it core) in web server range, rsync your favourite additional repository to another dir, run one command, configure clients and it works via local network.
> I have installed FC3 on 10 servers this year,
;)
;)
> and I always choose "custom" for package
> selection
Usually go with minimal installation (it still loads tons of crap anyway), then I run script that removes (rpm -e) all unwanted (by me obviously) packages. Then it sets up apt (one repository, freshrpms is sufficent and very good quality), installs GPG keys (for apt), and generates me keys (for SSH) for given machine. Then it does apt-get update; apt-get upgrade. Runs some commands to disable unwanted services (chkconfig --del) and copies over my preffered configuration for most obvious stuff.
It works unattended so I just run it and after some time I have neat clean install to start configuring the system. If I need some functionality (like httpd, samba or smth.) I just install it with apt and it works.
Also you can pepare custom instalation discs but it is a bit more hassle. My script works for me. Too bad every release I need to tweak it a little and it is what I've done after writing my previous post.
> and I always uncheck sendmail because I
> never use it, and it is always installed and
> active.
It is active only locally to deliver system notifications (cron, atd, logwatch etc.) to local users. I *do* use SMTP daemon on every machine, but I don't want sendmail.
My point is that using standard CD installer in some cases there is *no* *way* of not installing certain packages. They will get installed whatever you click in instalator. They are mandatory and often stupid (for me) - like tape streamer operating utilities - I haven't used any streamers in like 7 years.