I known it's probably a waste of time arguing with AC, but there's one thing I have to point out: I never said that Linux is invulnerable. I didn't because it's not. It is, however, much better at security than Windows and far, far faster at plugging security holes once they're found. If nothing else, not having to wait for Patch Tuesday to distribute things makes it more efficient. And, I might add, the only FUD in this discussion is the straw-men people like you keep coming up with to "prove" me wrong.
I'm quite familiar with SELinux, TYVM. AIUI, SELinux was developed when it became apparant that the original security scheme was no longer adaquate. And, although it's only supposed to be watching for security threats, most of the alerts I've had to deal with have had to do with real stupid bugs, such as a program trying to walk all of/proc for no good reason.
Interesting. Thank you. Wikipedia mentions that there are about 850 known Linux viruses, mostly obsolete because the vulnerabilities they exploited have been patched. And, I gather, none of them are currently known to be in the wild. How many Windows viruses are there currently known of and active?
What I find most interesting, however, is the cross-platform attacks. Please note, that I never said that Linux malware is completely impossible, I said that it's nowhere near as much of a danger to Linux as it is to Windows. (Or, if I didn't exactly say that, it's what I meant to say.)
Not completely, of course, but I'm comming to think it's an important factor. One of the reasons the Potato Blight devistated Ireland so thoroughly, you know, is that almost all of the farmers were growing the same breed of potato, which happened to be exceptionally suseptable to the disease. It's the same thing with Windows. Since most Windows users use the same programs for their work, they're all wide open to the same malware. Just using Firefox, Thunderbird and/or LiberOffice can make Windows safer simply because whatever security holes they have aren't the ones being targetted.
FUD? Are you denying, then, that well over 90% of all the viruses found "in the wild" target MS Windows and that the rest target the Mac OS? Are you claiming that there is, currently, malware out there designed to target Linux? If so, I'd like to know about it because I've never heard of it.
As far as root kits go, you either need to have access to a machine to install one or you need to trick somebody into giving your installer root access, just as you need to get Administrator rights under Windows. Unlike Windows, however, people running Linux aren't in the habit of installing programs they found on random websites; we get our software from distro-specific repositories where everything's been checked out before it's made available.
Windows has anti virus scanners that actually block malware and shield. Linux does not.
That's because Windows needs them. At the present time, Linux doesn't. Some day, probably, it will, and they'll be written, distributed and used. For the time being, however, I don't need to waste disk space or CPU cycles on them.
Interesting, but the key word here is "experimental." You need crew to keep the automation working, crew to repair it when the ship takes a hit and more crew to take care of the techs so that they have time to do their jobs. And, I'll believe that the DDX is practical if and when they go into service. Not that I think that the idea can't work, I'm just reserving judgement.
Linux isn't some magic bullet that is immune to trojans
Of course it isn't. However, unlike any OS that Microsoft has ever sold, security is part of the basic design, not something that's tacked on later as an afterthought. And, as others have pointed out, Linux isn't a monoculture, the way Windows is. There are only a few versions of Windows out there, all of them, almost without exception, using the same file manager and desktop environment. Most of them use the same email client and office suite, as well as the same web browser. Find a vulnerability in any of them and you've got a way to take over millions of PCs. Not only is each Linux distro different, but you have a number of different Desktop Environments in use, each with a different set of potential security issues, along with several popular browsers, different office/productivity programs and a number of email clients. From the perspective of the people running these botnets, Linux is just more work to hack than it's worth to them.
Moving to nuke-powered destroyers would be a great idea for a number of reasons. Having ample power for laser-based weapons is just one of them. Not needing to refuel every few days is another one. And, of course, if you don't need the oil tanks, you've got lots more room for food and other supplies, meaning that ships can stay on station longer without having to worry about having enough to eat. I don't think automation's going to happen very much, however, because in the long run, you need people who can take over when the machine's get damaged in battle and can do emergency repairs. And, of course, if you've got that big a crew, you don't need most of the automation in the first place.
Yes, but what do you take out (or leave out, in new construction) to make room for that generator? Space is always at a premium in a warship because it's a waste of resources and money to make them any larger than they have to be.
and I'm sure a 500' destroyer could find some place to stash this generator
I wouldn't be too sure of that. I served on a Knox Class Frigate back in '72, when they were still called Destrolyer Escorts. At 438' long, they're about the size you're talking about and there was very little of that space that wasn't already in use for something important.
Actually, if you can find out what port they're using (and it's not the same port as they use for legitimate data) you can simply block the port completely. And of course, you can also block incoming requests on the ports they use making it hard, if not impossible for them to control any spyware.
Once somethng new's been discovered, astronmers take another look at recent observations to see if they found it too. It's not at all uncommon to find images of it in photos taken before the official discovery. The discoverer isn't the first person to see it but the first person to recognize it as something new and report it.
And, of course, the real expense is getting to High Earth Orbit. After that, as some hard SF writer put it, you are half way to anywhere. At least in delta-V terms.
That was Jerry Pournelle, the SF author and Byte coloumnist. He's said it quite a number of times over the years.
AIUI, the rationale for having all denominations the same color goes like this: if each denomination is a different color, most people will only look at the color, and if that's right they'll accept the bill without looking closely at it. If they're all the same color, you have to pay attention to what the bill looks like and you're more likely to spot a counterfit. The same principle applies, of course, if you're thinking of making them in different sizes. I don't know if the idea's right or not, but it's the reason I've always heard for making them all the same color.
Let me ask you this: given the choice, would you rather have cool cars or clean air? I grew up in LA during the '50s and '60s, and remember what the smog used to be like and I can assure you that it's much better now. Yes, cars cost more and so does gas, but the air is clean and people don't suffer from lung problems. If you'd like to see what things here would be like without the CARB, go down to Mexico City and try to take a deep breath.
I take liberal to mean progressive and I'm not seeing any significant progress in calif.
Just because you conflate the terms "liberal" and "progressive" doesn't mean that it's correct. And, btw, the term "progressive" begs the question by assuming without evidence that their program will produce progress.
Why do I stay here? I like the climate, almost all of my friends and family are out here and the air is clean.
...since you think calif is *too* progressive?
Don't put words in my mouth. Just because I dislike some of the policies the liberals here are forcing down our throats doesn't mean that I hate what you consider progress. Personally, I'd rather vote against politicians I dislike than leave the state and let them do what they want without opposition.
I live in the People's Republic of California, and I couldn't possibly agree with you more. This state is run by liberals who get their rocks off by telling other people how to run their lives. Not only that, the only part of the state that's mostly Democrat is the Pacific Coast, with almost all of the inland parts strongly Republican. However, most of the population is on or near the coast, so the rest of us suffer under the Tyranny of the Majority.
Hole only needs to be about three feet wide... precision guided bomb can hit that. Furthermore shaped charges can have very specific blast patterns.
AIUI, the Air Force isn't very big on sitting over a target trying to drop one bomb after another into exactly the same place; they'd rather do it right the first time. And, the more blast that you use to make the hole wider, the less you have to make it deeper. If I had to guess, your idea wouldn't be cost effective, especially when you consider how much less it costs just to collapse the enterances and cut the electronics.
We did that during the first gulf war when we made it look like we were going to invade Iraq by sea. It was a feint.
Not completely. If the Iraquis had caught on and withdrawn the forces watching the Marines, there would have been a landing.
There's only so much energy available. The wider the hole, the less deep it goes and by the time it got wide enough to be a reasonable target, you'd have a very shallow crater that wasn't at all effective.
The problem is that penetrators don't make big craters, they make long, thin holes. If the first one doesn't get through, it's almost impossible to drop another one right into the hole the first one left. As an example, think of a shaped charge, such as a WW II bazooka used. Now, if the tank's armor were thick enough to withstand a hit, imagine trying to hit the tank (even if it wren't moving) in exactly the same place so that the second shot could take advantage of the damage the first one did. Essentially, that's what you're suggesting, and I don't think our smart bomb guidence is anywhere near good enough for that.
Personally, I'd prefer the use of "functionally defeating" the position by cutting off its communications and sealing the enterances. It's kinda like what the Marines did in the Pacific when they found a Japanese strong point in a cave: they drove back or killed the enemy defending the cave's mouth, then used a satchel charge to collapse the cave, sealing in the survivors.
Slashdot Mirror
"Linux != invulnerable"?
I known it's probably a waste of time arguing with AC, but there's one thing I have to point out: I never said that Linux is invulnerable. I didn't because it's not. It is, however, much better at security than Windows and far, far faster at plugging security holes once they're found. If nothing else, not having to wait for Patch Tuesday to distribute things makes it more efficient. And, I might add, the only FUD in this discussion is the straw-men people like you keep coming up with to "prove" me wrong.
I'm quite familiar with SELinux, TYVM. AIUI, SELinux was developed when it became apparant that the original security scheme was no longer adaquate. And, although it's only supposed to be watching for security threats, most of the alerts I've had to deal with have had to do with real stupid bugs, such as a program trying to walk all of /proc for no good reason.
Interesting. Thank you. Wikipedia mentions that there are about 850 known Linux viruses, mostly obsolete because the vulnerabilities they exploited have been patched. And, I gather, none of them are currently known to be in the wild. How many Windows viruses are there currently known of and active?
What I find most interesting, however, is the cross-platform attacks. Please note, that I never said that Linux malware is completely impossible, I said that it's nowhere near as much of a danger to Linux as it is to Windows. (Or, if I didn't exactly say that, it's what I meant to say.)
Not completely, of course, but I'm comming to think it's an important factor. One of the reasons the Potato Blight devistated Ireland so thoroughly, you know, is that almost all of the farmers were growing the same breed of potato, which happened to be exceptionally suseptable to the disease. It's the same thing with Windows. Since most Windows users use the same programs for their work, they're all wide open to the same malware. Just using Firefox, Thunderbird and/or LiberOffice can make Windows safer simply because whatever security holes they have aren't the ones being targetted.
I am sick and tired of this MS FUD.
FUD? Are you denying, then, that well over 90% of all the viruses found "in the wild" target MS Windows and that the rest target the Mac OS? Are you claiming that there is, currently, malware out there designed to target Linux? If so, I'd like to know about it because I've never heard of it.
As far as root kits go, you either need to have access to a machine to install one or you need to trick somebody into giving your installer root access, just as you need to get Administrator rights under Windows. Unlike Windows, however, people running Linux aren't in the habit of installing programs they found on random websites; we get our software from distro-specific repositories where everything's been checked out before it's made available.
Windows has anti virus scanners that actually block malware and shield. Linux does not.
That's because Windows needs them. At the present time, Linux doesn't. Some day, probably, it will, and they'll be written, distributed and used. For the time being, however, I don't need to waste disk space or CPU cycles on them.
Interesting, but the key word here is "experimental." You need crew to keep the automation working, crew to repair it when the ship takes a hit and more crew to take care of the techs so that they have time to do their jobs. And, I'll believe that the DDX is practical if and when they go into service. Not that I think that the idea can't work, I'm just reserving judgement.
Linux isn't some magic bullet that is immune to trojans
Of course it isn't. However, unlike any OS that Microsoft has ever sold, security is part of the basic design, not something that's tacked on later as an afterthought. And, as others have pointed out, Linux isn't a monoculture, the way Windows is. There are only a few versions of Windows out there, all of them, almost without exception, using the same file manager and desktop environment. Most of them use the same email client and office suite, as well as the same web browser. Find a vulnerability in any of them and you've got a way to take over millions of PCs. Not only is each Linux distro different, but you have a number of different Desktop Environments in use, each with a different set of potential security issues, along with several popular browsers, different office/productivity programs and a number of email clients. From the perspective of the people running these botnets, Linux is just more work to hack than it's worth to them.
Moving to nuke-powered destroyers would be a great idea for a number of reasons. Having ample power for laser-based weapons is just one of them. Not needing to refuel every few days is another one. And, of course, if you don't need the oil tanks, you've got lots more room for food and other supplies, meaning that ships can stay on station longer without having to worry about having enough to eat. I don't think automation's going to happen very much, however, because in the long run, you need people who can take over when the machine's get damaged in battle and can do emergency repairs. And, of course, if you've got that big a crew, you don't need most of the automation in the first place.
Yes, but what do you take out (or leave out, in new construction) to make room for that generator? Space is always at a premium in a warship because it's a waste of resources and money to make them any larger than they have to be.
and I'm sure a 500' destroyer could find some place to stash this generator
I wouldn't be too sure of that. I served on a Knox Class Frigate back in '72, when they were still called Destrolyer Escorts. At 438' long, they're about the size you're talking about and there was very little of that space that wasn't already in use for something important.
Actually, if you can find out what port they're using (and it's not the same port as they use for legitimate data) you can simply block the port completely. And of course, you can also block incoming requests on the ports they use making it hard, if not impossible for them to control any spyware.
There already is a personal firewall that can do exactly that: iptables. Of course, you have to be running a real OS to take advantage of it.
Once somethng new's been discovered, astronmers take another look at recent observations to see if they found it too. It's not at all uncommon to find images of it in photos taken before the official discovery. The discoverer isn't the first person to see it but the first person to recognize it as something new and report it.
Checking, the Comet first flew less than two months before I was born and didn't go into commercial use until mid-1952. Close, but no cigar.
A lot of people don't realize that the plane they're flying in very possibly was designed and built before they were born.
Really? That's very interesting. I didn't know they were building jet airliners during WWII.
And, of course, the real expense is getting to High Earth Orbit. After that, as some hard SF writer put it, you are half way to anywhere. At least in delta-V terms.
That was Jerry Pournelle, the SF author and Byte coloumnist. He's said it quite a number of times over the years.
AIUI, the rationale for having all denominations the same color goes like this: if each denomination is a different color, most people will only look at the color, and if that's right they'll accept the bill without looking closely at it. If they're all the same color, you have to pay attention to what the bill looks like and you're more likely to spot a counterfit. The same principle applies, of course, if you're thinking of making them in different sizes. I don't know if the idea's right or not, but it's the reason I've always heard for making them all the same color.
Let me ask you this: given the choice, would you rather have cool cars or clean air? I grew up in LA during the '50s and '60s, and remember what the smog used to be like and I can assure you that it's much better now. Yes, cars cost more and so does gas, but the air is clean and people don't suffer from lung problems. If you'd like to see what things here would be like without the CARB, go down to Mexico City and try to take a deep breath.
I take liberal to mean progressive and I'm not seeing any significant progress in calif.
...since you think calif is *too* progressive?
Just because you conflate the terms "liberal" and "progressive" doesn't mean that it's correct. And, btw, the term "progressive" begs the question by assuming without evidence that their program will produce progress.
Why do I stay here? I like the climate, almost all of my friends and family are out here and the air is clean.
Don't put words in my mouth. Just because I dislike some of the policies the liberals here are forcing down our throats doesn't mean that I hate what you consider progress. Personally, I'd rather vote against politicians I dislike than leave the state and let them do what they want without opposition.
Fuck CA.
I live in the People's Republic of California, and I couldn't possibly agree with you more. This state is run by liberals who get their rocks off by telling other people how to run their lives. Not only that, the only part of the state that's mostly Democrat is the Pacific Coast, with almost all of the inland parts strongly Republican. However, most of the population is on or near the coast, so the rest of us suffer under the Tyranny of the Majority.
Hole only needs to be about three feet wide... precision guided bomb can hit that. Furthermore shaped charges can have very specific blast patterns.
AIUI, the Air Force isn't very big on sitting over a target trying to drop one bomb after another into exactly the same place; they'd rather do it right the first time. And, the more blast that you use to make the hole wider, the less you have to make it deeper. If I had to guess, your idea wouldn't be cost effective, especially when you consider how much less it costs just to collapse the enterances and cut the electronics.
We did that during the first gulf war when we made it look like we were going to invade Iraq by sea. It was a feint.
Not completely. If the Iraquis had caught on and withdrawn the forces watching the Marines, there would have been a landing.
There's only so much energy available. The wider the hole, the less deep it goes and by the time it got wide enough to be a reasonable target, you'd have a very shallow crater that wasn't at all effective.
I live in Southern California, just north of LA. Earthquake country. I'd like to know how good this is at resisting temblors.
The problem is that penetrators don't make big craters, they make long, thin holes. If the first one doesn't get through, it's almost impossible to drop another one right into the hole the first one left. As an example, think of a shaped charge, such as a WW II bazooka used. Now, if the tank's armor were thick enough to withstand a hit, imagine trying to hit the tank (even if it wren't moving) in exactly the same place so that the second shot could take advantage of the damage the first one did. Essentially, that's what you're suggesting, and I don't think our smart bomb guidence is anywhere near good enough for that.
Personally, I'd prefer the use of "functionally defeating" the position by cutting off its communications and sealing the enterances. It's kinda like what the Marines did in the Pacific when they found a Japanese strong point in a cave: they drove back or killed the enemy defending the cave's mouth, then used a satchel charge to collapse the cave, sealing in the survivors.
Yes, I know. I was pointing out to the OP that not all distros use the Debian package manager like he was suggesting.