Re:MOD REVIEW DOWN! TROLL!
on
Pornified
·
· Score: 1
That's an interesting read, to be sure. I take issue with her characterization of the "debate" over porn as drawn upon clear political lines; regulating pornography is as much a libertarian/authoritarian issue as it is a Liberal/Conservative one (indeed, many vocal feminists are even quicker to condemn pornography as degrading to women as the Conservatives mentioned here). Ultimately, whether or not it is an interesting area of sociological study (I tend to think it's not, because I strongly suspect the motives and methedology of those involved), it doesn't even deserve a place at the table when discussing social policy. If anti-porn crusaders admit that it does not cause criminal behavior like sexual violence (and not all admit this, but Paul, to her credit, seems to), then they have no issue that the government should take interest in. Marriages, relationship counseling, or unrealistic sexual expectations are not something it is within our power to legislate.
Paul takes a fair number of cheap shots here, though. Calling out "progressives" as defending corporations is more than a little ridiculous; this is a First Amendment issue, and assuming all Liberals are knee-jerk anti-corporates makes me question Paul's supposed Liberal credentials.
But unfortunately, this bit doesn't touch on any of her supposed research, so I'm going to have to resort again to asking for the hard data. I guess perhaps I shouldn't trust the reviewers who say her methedology (interviewing 100 Fark users?) is flawed and just see if I can find this book at the library. I'd rather not buy it and give her my money.
Re:MOD REVIEW DOWN! TROLL!
on
Pornified
·
· Score: 1
I haven't read them (the studies, not the posts), so I can't accurately comment (and neither can you). If I get around to it, I will hit the library for some of these studies, because I'm curious. But my point before (as I noted in a previous post) was that the vast majority of "research" into the subject is so clearly politically motivated that it often seems doubtful any legitimate efforts are even being undertaken.
Like I said in that post, when a leading "expert" on the supposed malignant effects of pornography (Dr. Judith Reisman) has to turn to pseudo-science like "erototoxins" to make her point, I have to wonder why her argument would be so weak if there were really the evidence out the wazoo backing that position that anti-porn activists claim there is. In other words, if the apparent leaders of said movement can't come up with a good argument (and they're clearly the ones most incentivized to do so), there probably isn't a good argument to be made.
Re:MOD REVIEW DOWN! TROLL!
on
Pornified
·
· Score: 1
His point was that it was not a scientific study and therefore we can't draw any conclusions yet, I think. In fact, I don't know of any legitimate research that has found any seriously detrimental effects of pornography, which means it's just a tad early to start running around saying the sky is falling.
Re:MOD REVIEW DOWN! TROLL!
on
Pornified
·
· Score: 1
I think you need your eyes checked. The parent poster specifically said that nobody is condoning criminal rape. What your father allegedly did to you would be criminal. What your husband did to you may have been as well (though it doesn't sound like it).
What a male and a female pornstar engage in, however, is not criminal, and you're in no position to speculate (quite incorrectly, from what I've heard) about the supposed coercian of women in the porn industry.
Nobody is defending rape. What we are defending is consensual sex between adults, and consensual viewing of that sex by other adults. I hope you can overcome your own past personal experiences to realize that those crimes are not what anyone here is defending.
Re:Names have been changed, addiction is real...
on
Pornified
·
· Score: 1
You are of course right. I haven't read this book, and it's possible that it is the exception to the rule and actually contains real data. But I've read plenty of tripe by Judith Reisman et. al., and it's complete bunk.
It's like having an argument with a creationist (er, "Intelligent Design Theorist")--sure, I haven't read every book on the subject, but I've read the arguments by the supposed leaders--people like Michael Behe--and if a professor of biology at Lehigh can't come up with a real argument for it, then why should I listen to some joker in his mother's basement? So it is with this; if a doctor at Penn can't come up with anything more concrete than "erototoxins", why should I waste my time with a book that, even by the clearly biased review we read above, contains extremely flawed methedology (like, achem, interviews with Farkers).
When this becomes legitimate science, I'll give it a shot. Find me something published in Nature or The Lancet or somewhere similar. Don't bring me some political polemic aimed at revealing the secrets of "porn addiction" (a term that, as I said above, pretty much indicates that the writer is not a legitimate scientist).
And I realize the above comes off as what "ID"ers always characterize as scientific elitism. It's not. A good scientist never assumes he knows the right answer and considers all legitimate evidence. But a good scientist also tries to detach himself from politics and culture wars, something that these anti-porn activists clearly do not. That is why I doubt their motives, their methedology, and their claims.
Re:Names have been changed, addiction is real...
on
Pornified
·
· Score: 1
What you need to do to convince us is present some hard data. This book, despite the review (which itself seems more than a little biased), clearly doesn't--the reviewer notes that much of the "data" comes from interviews with Farkers. Well, fuck me, if that isn't the pinnacle of objective scientific empiricism!
All I ever hear from your side (because, let's not kid ourselves, this is about politics, not legitimate research) is apocryphal anecdotes like yours and pseudo-scientific buzzwords like "erototoxins" that appeal to the lowest common denominator in our voting public (and believe me, that's extremely low).
Slashdot claims to be the place for nerds and science geeks. Fine. Show us the data that shows that porn causes any of the above ills. Until then, I think I'll side with the First Amendment.
Re:Names have been changed, addiction is real...
on
Pornified
·
· Score: 1
First, you are, I think, wrong to assume your experience is a universal one. Surveys report numbers as high as 90% or more of men have used pornography, and nearly as many women. Yet the number of "addicts" (that term really isn't correct, I think, since there's no physical dependence) is clearly much lower (your warning that "PORN WILL CONTROL YOUR LIFE" is a bit odd, in light of the number of users who haven't experienced your supposed problems).
Second, so what if people enjoy softcore porn and then want to watch hardcore? So what if they want to try what they see in porn? If I and my partner want to try something other than straight up missionary sex, what's it to you? The fact that people wanting to deviate from the norm is, in your argument, one of the negative affects of pornography is a clear indicator that despite your disclaimer, you are a prude. If the worst consequence of pornography you can come up with is that people will want to engage in varied sex acts, I don't think you should expect to be taken too seriously.
And, yes, I realize you also say that porn hurt your marriage and your family life. Good for you. Like I said before, there's no reason to think your experience is universal, and for every dire anecdote of porn "addiction" and ruined relationships, I can find you two of a happy couple who enjoy a little porn during or in addition to healthy sex.
I do, however, find it quite alarming that the religious right have discovered a more insidious way to be taken seriously by the mainstream, by masquerading their morality as science. Show me the data or fuck off. Anecdotes don't mean shit.
Re:I concur. Troll, indeed.
on
Pornified
·
· Score: 1
I rarely post on (or even read) Slashdot anymore (I was linked here from Fark), but nice post. I was wondering how far down I'd have to scroll before finding someone who's not a raving lunatic.
I love anectodal evidence. It's completely meaningless, but because it forms a compelling, story-like narrative, it convinces people of the certainty of their positions.
Now, I've read a lot of studies evaluating the relative security of a lot of operating systems, including Linux and Windows. And I've seen a lot that come down one way and a lot the other--I recently read, with initial skepticism but, I admit, the methodology seemed sound, a compelling study that claimed a greater period of exposure on both serious and non-serious vulnerabilities in the Linux distributions analysed (RHEL, if I remember right) than on the Windows distribution (Win2K3, I think) analysed.
So, "Get The Facts" might be a lot of bullshit, but your anecdotes don't lend you a lot of credibility. Get the facts, eh?
Like I said, I haven't been reading that closely, and I'll probably investigate and buy Tiger at some point. And yes, it looks nice, but it doesn't look to be on the scale of some of the promised Longhorn features (if those ever happen).
My point was that Apple's secrecy is at best a double-edged sword, and that talk of ``doing it right'' is really akin to talk of ``appearance is all that counts,'' which was, for one thing, my big complaint with FileVault--it had the appearance of security, but not the actuality of it.
``It's just another sign of the difference between [Apple's] philosophy and Microsoft's philosophy.''
Right. Apple's philosophy being Steve Knows Best. Or, in more detail, don't tell customers any details that Apple deems irrelevant. Don't tell them about unfixed security vulnerabilities. Don't tell them how to fix the disk:// URI handler vulnerability, or even acknowledge that it exists. Don't tell them that FileVault in 10.3 is completely fucking useless because the swap files are unencrypted (Christ, talk about a silly mistake). Don't tell them when new products will be out, but make a whole lot of hype just to screw with the market.
Sure, we all love Apple because they're cool. I'm a big fan of my Powerbook, and a partial convert to OSX (from Linux). But I'm also happy to see Microsoft realizing the value of true computer security (before you laugh, check out the number of vulnerabilities in any of their recent products--go to Secunia and compare IIS6.0 with Apache, for instance). That doesn't mean they embrace full disclosure, but they embrace ``responsible disclosure'' (this is certainly a separate debate, but for what it's worth, I agree with them). They know that holes go public, and they try to make sure the best information is available to their customers once that happens.
Apple's philosophy? We'll tell you when there's a problem, and there's no problem (just don't look behind that curtain).
Of course, security isn't the only place that Apple has a problem, with respect to openness. You call it ``taking the time to do it right,'' but I call it ``suing loyal Apple fans who generate product buzz before a release.''
Anyway, no offense to you--assuming you are really an Apple employee--but the amount of new technology going into 10.4 isn't much compared to that which was (at least supposed) to go into Longhorn. Other than new developer APIs and some cool bundled applications--oh, and encrypted swap--are there any serious features added to the core OS? I haven't ordered Tiger yet, so forgive me if I'm wrong--but I haven't seen any hyped on Apple's website, either.
You say that Apple takes the time to do it right. I say they take the time to put the glitz on things, sometimes at the expense of ``doing it right.'' But you're right, it is all about priorities.
Re:Legitimate value in being almost bleeding-edge
on
Gentoo Ricer Comparison
·
· Score: 1, Redundant
You've got a great point. For production use, Gentoo is significantly more work than some of the alternatives (as a result, for a server that doesn't need to be terribly up-to-date, I'd likely choose Debian, and for a desktop, probably something like Fedora or SuSE).
But if you run a server farm (or even just one machine), you can avoid a lot of these issues. If you run a server farm, you already have a test machine for installing updates on prior to rolling them out to the critical infrastructure (or you should), so with Gentoo, you can use that machine in the same capacity, and distribute binary packages. This is admittedly more work than debs or rpms, but not a whole lot more.
Overlooked in this entire thread, though (as far as I saw), is Gentoo Hardened. The only other major distro to offer anything comparable is Debian, and since nobody provides binary packages with propolice, etc (as far as I know), you'll end up using debsrc or srpms anyway, if you want this on a Debian or RedHat system (in other words, the flexibility of Gentoo is the reason that these hardened features are so easily available).
Finally, while Gentoo may not guarantee stability in the way Debian does, Debian also takes a long time to backport fixes. I remember waiting for quite a few days over the summer for a patched Debian PHP (after there was a RCE vuln published for it). Gentoo, by not backporting fixes, was able to have a fixed version out as soon as the PHP team released it (with a small delay for it to be committed, marked stable, and sent out to the mirrors). A recent study (by Secunia, if I remember right) showed Gentoo releasing by far the most security advisories of any major distro. This wasn't because we issue needless advisories, but because we do our best to track every one of the thousands of packages in Portage.
So there are real advantages in areas that you probably care about more than a ``0.1% speed boost''. I don't use Gentoo because of any hyped performance gain. But I do still prefer it over much of the alternatives.
If KDE was installed (or kdelibs), I would guess you either have it in your USE flags or some poorly-written package chose to install it anyway (hey, it happens). Check out the man page for qpkg. It allows you to see which package installed which files on your system. If it turns out to be a package you don't want, emerge unmerge it.
...and it's stupid. It's insulting to the hard work by the Gentoo folks, and ignorant to imply that a) Gentoo is the only distribution that has a few vocal-but-clueless users mixed in with the friendly, intelligent, and helpful ones, and that b) just because these vocal-but-cluesless users don't have a good reason for using Gentoo means that there is none.
This is just great evidence for how far downhill Slashdot's gone.
Except that the United States never gave and WMD to Iraq. None whatsoever...It wasn't until the late 1980's when Saddam used WMD on his people, and by then relations with the U.S. had cooled.
Uh...
Don't take this the wrong way, but you're, objectively and factually, completely wrong.
Summary: throughout the '80s, the US provided, allowed the shipment from US companies, and funnelled through other nations in the region weapons (including Howitzers, helicopters, and missile technology), chemical and biological agents (including some that may have been used against US troops in the first Gulf War), and other ``dual use'' technologies to Iraq.
This persisted through the late '80s, long after Iraq initially used chemical weapons against Iran in the early part of the war and a fair amount after it became clear that Iraq was carrying out a campaign against Kurdish militants that included widespread use of chemical weapons.
During this time, US ambassadors and politicians insisted that Iraq and the US had a strong interest in each other and would have a long and rosy future ahead, and US military intelligence provided Iraq with intelligence that would play a key part in strategic planning for campaigns against both the Iranians and the Kurdish rebels that included widespread use of chemical weapons.
No. My argument is not about Linux versus Windows security. My argument is that the default Linux permissions scheme does not prevent a user from running software that spies on him and sends statistics over the internet, nor does it prevent a user from running a trojan that sends itself on to all his pals or nukes all his files. The Linux permissions architecture is largely sufficient, if quite limited, for multi-user protections. But it's completely ineffective at protecting a user from himself.
1. Linux is, to all intents and purposes, Unix. {OK, that's a bit like saying Sainsbury's own-brand cola drink is Coke. It isn't. But they are both brown-coloured sweetened carbonated drinks flavoured with plant extracts. Linux and Unix are both implementations of an ISO standard called POSIX.} The security of Unix is widely known, and has been improving over the years.
Um, relevance? My contention is that the Linux permissions scheme does not prevent a user from running spyware against himself. The above statement does not contest that in the slightest.
2. Linux is fragmentated. Different distributions have different ideas about where things belong. Distributors analyse packages and patch them slightly, so Apache2 compiled and packaged for Mandrake probably won't run properly on SuSE, even though both use RPM package files. They probably have different library versions and different directory structures. If you want to be sure of something working, the best guarantee is to compile it from source on the target machine; the more similarly-configured the compiling and target machines, the greater the likelihood of success. Spyware as source code would be detected instantly, so it would have to sneak in in binary form -- and then run up against dependency hell. {It doesn't just affect programmes you want to install!}
First off, it's pretty easy to write something, assuming it doesn't have really ludicrous dependencies, that will compile without any interaction on any standard Linux installation.
Second, do you know what it means to statically compile a binary?
3. Linux is based from the ground up on Open Source methodologies. Linux users actually expect to see the source code, as a matter of course. While many distributions provide pre-compiled binary packages, these are more for historical reasons of convenience -- compiling used to be a slow process in the Bad Old Days. But at least one popular distribution eschews binary packages altogether {except for a tiny installation system with a kernel and compiler, which themselves get overwritten over the course of the full install}, favouring "in-house" compilation on the user's own machine.
Again, two things. First, how many users actually *look* at the source code? Not many (if you install packages from your distro directly, you're a lot better off; at the very least, it's been tested thoroughly, and some distros, including Debian and Gentoo, have active or budding audit projects as well).
Second, binary packages are not just a hold-over from the ``Bad Old Days.'' Ever compile a large-ish desktop system from scratch? I'm a Gentoo user, so I'm very familiar with the pains of compilation.
4. Linux users are a community. We help one another out. Our developers simply aren't out to stab their own users in the back. Users would never stand for it anyway if they were -- there is a small but significant hard core of us who we would sooner write our own replacement for any bad software than use it.
Do you know, personally, the developers of every bit of software you've ever installed? Have you inspected the security of their CVS server to make sure they aren't allowing anonymous nasties to commit trojaned patches? Source code means nothing if you aren't going to read it.
5. Linux doesn't pretend not to be hard the way Windows does. It does not tolerate the kind of ignorance that Windows users routinely get away with {almost to the point of claiming ignorance as a virtue}. As a result, Linux users tend to be more clued-up. This is by no means a bad thing. It does you no harm to know what an IP address is, or that you can't install one piece of software without also installing another piece of software. It might even do you some good. People who know how what is under the bonnet of a car do tend to take better care of their cars, after all.
Apparently Linux users *can* be ignorant. Case in point.
You're right. I don't use Windows enough to appreciate it's lack of security, perhaps. I had assumed, for instance, that one could run as a restricted user without any applications not working (I've done this on public or other people's computers plenty of times; everything works fine--I really don't know what applications you are talking about here).
But as for Linux security features, most, if not all, are geared towards protecting the integrity of a multi-user system; none prevent a user from spying on himself, or overwriting his own files, or sending information about himself back to a server in China.
Let me ask you: as your user on your Linux box, can you open up sockets (say, for telnet)? Can you read all your own files? Can you run daemon processes unconnected to a terminal? Can you schedule cron jobs? Can you execute a set of commands on login?
I don't know how hard it is to remove spyware on Windows, you are right. I know I'd find it a fair bit easier on Linux (assuming we aren't talking something truly malicious, like trojans that corrupt binaries), but then, I know quite a lot more about Linux than Windows. But if you think the security features in a default Linux install save you from spyware, you're far too overconfident.
I do apologize for being insulting, I guess. I find fanboyism annoying. But if you believe yourself, or worse yet, advise other people, that Linux has features that would be effective at preventing a determined individual from writing spyware for that platform, you are giving bad advice.
OK, not to pick on you--you aren't the only one to post that here--but how the fuck does Linux prevent spyware?
The reason there's not much spyware on Linux is the same reason there isn't much in the way of viruses, worms, and popular commercial software: lack of market share.
Linux has the technological capability to be infected with spyware. I'm sure most, if not all spyware, is voluntarily installed. But the only thing I can think of that might make Linux marginally safer is the lack of an ActiveX browser.
And, yeah, I know that the average Linux user doesn't run as root, unlike on Windows. But you don't need to be root to open a socket and send back statistics on what's in the user's browser history.
I use Linux full-time. I push it when it makes sense, and even put plenty of spare hours back into my favorite distribution. But every once in a while, when I decide to revisit Slashdot, I'm just embarassed by the blind fanboy-ism. It's annoying. Get a fucking life.
Actually, I agree with you about the knee-jerk reaction. That was my point; that this is a joke and nothing to be at all concerned about.
But I stand by #3; the chances of the Mozilla Project doin that are slim-to-none, especially since anyone could simply undo it. Yes, the spirit of open source.
``adbar uses the `test' adsense mode, so advertisers don't pay Google and Google doesn't pay anyone.''
Always good to click the links. That's what they're there for.;)
Who was worse is a tough call, but I still think you're overestimating if you call Batista ``mediocre.'' Political dissent was, as far as I know, repressed under him, as well. Was it better or worse than Castro? Again, who can tell. But pre-Castro, Cuba was a gambling haven for wealthy Americans with no respect for the human rights of the people--who largely lived in neglected poverty, so long as they kept out of the way of tourists. Batista showed no interest in providing a livelihood for his people, and really no interest in anything but maintaining his own power.
Castro has continued to pay some interest to the ideals of Communism, as evinced by his unwillingness to privatise industry and exploit his people as the Chinese have, and by some of his, if I may say so, mediocre attempts at providing education, health care, and employment for his people. Perhaps this is just rhetoric to keep the masses in line, but I really don't see how he can be much worse than Batista, who showed no token interest in his people--so perhaps it wasn't so much that he allowed public opposition as he had no interest in a façade of humanitarianism--made no effort to better his country, locked up and murdered political opposition, and was nothing but a pawn for foreign powers (most of these attributes can be applied to Castro, as well; my point is that when people talk about Castro and how Communism hurt that country, they're blaming Communism for something that was around long before).
Slashdot Mirror
That's an interesting read, to be sure. I take issue with her characterization of the "debate" over porn as drawn upon clear political lines; regulating pornography is as much a libertarian/authoritarian issue as it is a Liberal/Conservative one (indeed, many vocal feminists are even quicker to condemn pornography as degrading to women as the Conservatives mentioned here). Ultimately, whether or not it is an interesting area of sociological study (I tend to think it's not, because I strongly suspect the motives and methedology of those involved), it doesn't even deserve a place at the table when discussing social policy. If anti-porn crusaders admit that it does not cause criminal behavior like sexual violence (and not all admit this, but Paul, to her credit, seems to), then they have no issue that the government should take interest in. Marriages, relationship counseling, or unrealistic sexual expectations are not something it is within our power to legislate.
Paul takes a fair number of cheap shots here, though. Calling out "progressives" as defending corporations is more than a little ridiculous; this is a First Amendment issue, and assuming all Liberals are knee-jerk anti-corporates makes me question Paul's supposed Liberal credentials.
But unfortunately, this bit doesn't touch on any of her supposed research, so I'm going to have to resort again to asking for the hard data. I guess perhaps I shouldn't trust the reviewers who say her methedology (interviewing 100 Fark users?) is flawed and just see if I can find this book at the library. I'd rather not buy it and give her my money.
I haven't read them (the studies, not the posts), so I can't accurately comment (and neither can you). If I get around to it, I will hit the library for some of these studies, because I'm curious. But my point before (as I noted in a previous post) was that the vast majority of "research" into the subject is so clearly politically motivated that it often seems doubtful any legitimate efforts are even being undertaken.
Like I said in that post, when a leading "expert" on the supposed malignant effects of pornography (Dr. Judith Reisman) has to turn to pseudo-science like "erototoxins" to make her point, I have to wonder why her argument would be so weak if there were really the evidence out the wazoo backing that position that anti-porn activists claim there is. In other words, if the apparent leaders of said movement can't come up with a good argument (and they're clearly the ones most incentivized to do so), there probably isn't a good argument to be made.
His point was that it was not a scientific study and therefore we can't draw any conclusions yet, I think. In fact, I don't know of any legitimate research that has found any seriously detrimental effects of pornography, which means it's just a tad early to start running around saying the sky is falling.
I think you need your eyes checked. The parent poster specifically said that nobody is condoning criminal rape. What your father allegedly did to you would be criminal. What your husband did to you may have been as well (though it doesn't sound like it).
What a male and a female pornstar engage in, however, is not criminal, and you're in no position to speculate (quite incorrectly, from what I've heard) about the supposed coercian of women in the porn industry.
Nobody is defending rape. What we are defending is consensual sex between adults, and consensual viewing of that sex by other adults. I hope you can overcome your own past personal experiences to realize that those crimes are not what anyone here is defending.
You are of course right. I haven't read this book, and it's possible that it is the exception to the rule and actually contains real data. But I've read plenty of tripe by Judith Reisman et. al., and it's complete bunk.
It's like having an argument with a creationist (er, "Intelligent Design Theorist")--sure, I haven't read every book on the subject, but I've read the arguments by the supposed leaders--people like Michael Behe--and if a professor of biology at Lehigh can't come up with a real argument for it, then why should I listen to some joker in his mother's basement? So it is with this; if a doctor at Penn can't come up with anything more concrete than "erototoxins", why should I waste my time with a book that, even by the clearly biased review we read above, contains extremely flawed methedology (like, achem, interviews with Farkers).
When this becomes legitimate science, I'll give it a shot. Find me something published in Nature or The Lancet or somewhere similar. Don't bring me some political polemic aimed at revealing the secrets of "porn addiction" (a term that, as I said above, pretty much indicates that the writer is not a legitimate scientist).
And I realize the above comes off as what "ID"ers always characterize as scientific elitism. It's not. A good scientist never assumes he knows the right answer and considers all legitimate evidence. But a good scientist also tries to detach himself from politics and culture wars, something that these anti-porn activists clearly do not. That is why I doubt their motives, their methedology, and their claims.
What you need to do to convince us is present some hard data. This book, despite the review (which itself seems more than a little biased), clearly doesn't--the reviewer notes that much of the "data" comes from interviews with Farkers. Well, fuck me, if that isn't the pinnacle of objective scientific empiricism!
All I ever hear from your side (because, let's not kid ourselves, this is about politics, not legitimate research) is apocryphal anecdotes like yours and pseudo-scientific buzzwords like "erototoxins" that appeal to the lowest common denominator in our voting public (and believe me, that's extremely low).
Slashdot claims to be the place for nerds and science geeks. Fine. Show us the data that shows that porn causes any of the above ills. Until then, I think I'll side with the First Amendment.
First, you are, I think, wrong to assume your experience is a universal one. Surveys report numbers as high as 90% or more of men have used pornography, and nearly as many women. Yet the number of "addicts" (that term really isn't correct, I think, since there's no physical dependence) is clearly much lower (your warning that "PORN WILL CONTROL YOUR LIFE" is a bit odd, in light of the number of users who haven't experienced your supposed problems).
Second, so what if people enjoy softcore porn and then want to watch hardcore? So what if they want to try what they see in porn? If I and my partner want to try something other than straight up missionary sex, what's it to you? The fact that people wanting to deviate from the norm is, in your argument, one of the negative affects of pornography is a clear indicator that despite your disclaimer, you are a prude. If the worst consequence of pornography you can come up with is that people will want to engage in varied sex acts, I don't think you should expect to be taken too seriously.
And, yes, I realize you also say that porn hurt your marriage and your family life. Good for you. Like I said before, there's no reason to think your experience is universal, and for every dire anecdote of porn "addiction" and ruined relationships, I can find you two of a happy couple who enjoy a little porn during or in addition to healthy sex.
I do, however, find it quite alarming that the religious right have discovered a more insidious way to be taken seriously by the mainstream, by masquerading their morality as science. Show me the data or fuck off. Anecdotes don't mean shit.
I rarely post on (or even read) Slashdot anymore (I was linked here from Fark), but nice post. I was wondering how far down I'd have to scroll before finding someone who's not a raving lunatic.
;)
And I like the "erototoxins" reference.
I love anectodal evidence. It's completely meaningless, but because it forms a compelling, story-like narrative, it convinces people of the certainty of their positions.
Now, I've read a lot of studies evaluating the relative security of a lot of operating systems, including Linux and Windows. And I've seen a lot that come down one way and a lot the other--I recently read, with initial skepticism but, I admit, the methodology seemed sound, a compelling study that claimed a greater period of exposure on both serious and non-serious vulnerabilities in the Linux distributions analysed (RHEL, if I remember right) than on the Windows distribution (Win2K3, I think) analysed.
So, "Get The Facts" might be a lot of bullshit, but your anecdotes don't lend you a lot of credibility. Get the facts, eh?
Like I said, I haven't been reading that closely, and I'll probably investigate and buy Tiger at some point. And yes, it looks nice, but it doesn't look to be on the scale of some of the promised Longhorn features (if those ever happen).
My point was that Apple's secrecy is at best a double-edged sword, and that talk of ``doing it right'' is really akin to talk of ``appearance is all that counts,'' which was, for one thing, my big complaint with FileVault--it had the appearance of security, but not the actuality of it.
``It's just another sign of the difference between [Apple's] philosophy and Microsoft's philosophy.''
Right. Apple's philosophy being Steve Knows Best. Or, in more detail, don't tell customers any details that Apple deems irrelevant. Don't tell them about unfixed security vulnerabilities. Don't tell them how to fix the disk:// URI handler vulnerability, or even acknowledge that it exists. Don't tell them that FileVault in 10.3 is completely fucking useless because the swap files are unencrypted (Christ, talk about a silly mistake). Don't tell them when new products will be out, but make a whole lot of hype just to screw with the market.
Sure, we all love Apple because they're cool. I'm a big fan of my Powerbook, and a partial convert to OSX (from Linux). But I'm also happy to see Microsoft realizing the value of true computer security (before you laugh, check out the number of vulnerabilities in any of their recent products--go to Secunia and compare IIS6.0 with Apache, for instance). That doesn't mean they embrace full disclosure, but they embrace ``responsible disclosure'' (this is certainly a separate debate, but for what it's worth, I agree with them). They know that holes go public, and they try to make sure the best information is available to their customers once that happens.
Apple's philosophy? We'll tell you when there's a problem, and there's no problem (just don't look behind that curtain).
Of course, security isn't the only place that Apple has a problem, with respect to openness. You call it ``taking the time to do it right,'' but I call it ``suing loyal Apple fans who generate product buzz before a release.''
Anyway, no offense to you--assuming you are really an Apple employee--but the amount of new technology going into 10.4 isn't much compared to that which was (at least supposed) to go into Longhorn. Other than new developer APIs and some cool bundled applications--oh, and encrypted swap--are there any serious features added to the core OS? I haven't ordered Tiger yet, so forgive me if I'm wrong--but I haven't seen any hyped on Apple's website, either.
You say that Apple takes the time to do it right. I say they take the time to put the glitz on things, sometimes at the expense of ``doing it right.'' But you're right, it is all about priorities.
You've got a great point. For production use, Gentoo is significantly more work than some of the alternatives (as a result, for a server that doesn't need to be terribly up-to-date, I'd likely choose Debian, and for a desktop, probably something like Fedora or SuSE).
But if you run a server farm (or even just one machine), you can avoid a lot of these issues. If you run a server farm, you already have a test machine for installing updates on prior to rolling them out to the critical infrastructure (or you should), so with Gentoo, you can use that machine in the same capacity, and distribute binary packages. This is admittedly more work than debs or rpms, but not a whole lot more.
Overlooked in this entire thread, though (as far as I saw), is Gentoo Hardened. The only other major distro to offer anything comparable is Debian, and since nobody provides binary packages with propolice, etc (as far as I know), you'll end up using debsrc or srpms anyway, if you want this on a Debian or RedHat system (in other words, the flexibility of Gentoo is the reason that these hardened features are so easily available).
Finally, while Gentoo may not guarantee stability in the way Debian does, Debian also takes a long time to backport fixes. I remember waiting for quite a few days over the summer for a patched Debian PHP (after there was a RCE vuln published for it). Gentoo, by not backporting fixes, was able to have a fixed version out as soon as the PHP team released it (with a small delay for it to be committed, marked stable, and sent out to the mirrors). A recent study (by Secunia, if I remember right) showed Gentoo releasing by far the most security advisories of any major distro. This wasn't because we issue needless advisories, but because we do our best to track every one of the thousands of packages in Portage.
So there are real advantages in areas that you probably care about more than a ``0.1% speed boost''. I don't use Gentoo because of any hyped performance gain. But I do still prefer it over much of the alternatives.
If KDE was installed (or kdelibs), I would guess you either have it in your USE flags or some poorly-written package chose to install it anyway (hey, it happens). Check out the man page for qpkg. It allows you to see which package installed which files on your system. If it turns out to be a package you don't want, emerge unmerge it.
Sorry. It's late and I was out drinking.
To clarify, I don't find it offensive. I just think it's silly, not the least bit funny, and I think distrowars are stupid as fuck.
Flame on. I'm going to bed.
...and it's stupid. It's insulting to the hard work by the Gentoo folks, and ignorant to imply that a) Gentoo is the only distribution that has a few vocal-but-clueless users mixed in with the friendly, intelligent, and helpful ones, and that b) just because these vocal-but-cluesless users don't have a good reason for using Gentoo means that there is none.
This is just great evidence for how far downhill Slashdot's gone.
Wow. That was great.
Except that the United States never gave and WMD to Iraq. None whatsoever...It wasn't until the late 1980's when Saddam used WMD on his people, and by then relations with the U.S. had cooled.
Uh...
Don't take this the wrong way, but you're, objectively and factually, completely wrong.
Summary: throughout the '80s, the US provided, allowed the shipment from US companies, and funnelled through other nations in the region weapons (including Howitzers, helicopters, and missile technology), chemical and biological agents (including some that may have been used against US troops in the first Gulf War), and other ``dual use'' technologies to Iraq.
This persisted through the late '80s, long after Iraq initially used chemical weapons against Iran in the early part of the war and a fair amount after it became clear that Iraq was carrying out a campaign against Kurdish militants that included widespread use of chemical weapons.
During this time, US ambassadors and politicians insisted that Iraq and the US had a strong interest in each other and would have a long and rosy future ahead, and US military intelligence provided Iraq with intelligence that would play a key part in strategic planning for campaigns against both the Iranians and the Kurdish rebels that included widespread use of chemical weapons.
Nice try, though.
No. My argument is not about Linux versus Windows security. My argument is that the default Linux permissions scheme does not prevent a user from running software that spies on him and sends statistics over the internet, nor does it prevent a user from running a trojan that sends itself on to all his pals or nukes all his files. The Linux permissions architecture is largely sufficient, if quite limited, for multi-user protections. But it's completely ineffective at protecting a user from himself.
1. Linux is, to all intents and purposes, Unix. {OK, that's a bit like saying Sainsbury's own-brand cola drink is Coke. It isn't. But they are both brown-coloured sweetened carbonated drinks flavoured with plant extracts. Linux and Unix are both implementations of an ISO standard called POSIX.} The security of Unix is widely known, and has been improving over the years.
Um, relevance? My contention is that the Linux permissions scheme does not prevent a user from running spyware against himself. The above statement does not contest that in the slightest.
2. Linux is fragmentated. Different distributions have different ideas about where things belong. Distributors analyse packages and patch them slightly, so Apache2 compiled and packaged for Mandrake probably won't run properly on SuSE, even though both use RPM package files. They probably have different library versions and different directory structures. If you want to be sure of something working, the best guarantee is to compile it from source on the target machine; the more similarly-configured the compiling and target machines, the greater the likelihood of success. Spyware as source code would be detected instantly, so it would have to sneak in in binary form -- and then run up against dependency hell. {It doesn't just affect programmes you want to install!}
First off, it's pretty easy to write something, assuming it doesn't have really ludicrous dependencies, that will compile without any interaction on any standard Linux installation.
Second, do you know what it means to statically compile a binary?
3. Linux is based from the ground up on Open Source methodologies. Linux users actually expect to see the source code, as a matter of course. While many distributions provide pre-compiled binary packages, these are more for historical reasons of convenience -- compiling used to be a slow process in the Bad Old Days. But at least one popular distribution eschews binary packages altogether {except for a tiny installation system with a kernel and compiler, which themselves get overwritten over the course of the full install}, favouring "in-house" compilation on the user's own machine.
Again, two things. First, how many users actually *look* at the source code? Not many (if you install packages from your distro directly, you're a lot better off; at the very least, it's been tested thoroughly, and some distros, including Debian and Gentoo, have active or budding audit projects as well).
Second, binary packages are not just a hold-over from the ``Bad Old Days.'' Ever compile a large-ish desktop system from scratch? I'm a Gentoo user, so I'm very familiar with the pains of compilation.
4. Linux users are a community. We help one another out. Our developers simply aren't out to stab their own users in the back. Users would never stand for it anyway if they were -- there is a small but significant hard core of us who we would sooner write our own replacement for any bad software than use it.
Do you know, personally, the developers of every bit of software you've ever installed? Have you inspected the security of their CVS server to make sure they aren't allowing anonymous nasties to commit trojaned patches? Source code means nothing if you aren't going to read it.
5. Linux doesn't pretend not to be hard the way Windows does. It does not tolerate the kind of ignorance that Windows users routinely get away with {almost to the point of claiming ignorance as a virtue}. As a result, Linux users tend to be more clued-up. This is by no means a bad thing. It does you no harm to know what an IP address is, or that you can't install one piece of software without also installing another piece of software. It might even do you some good. People who know how what is under the bonnet of a car do tend to take better care of their cars, after all.
Apparently Linux users *can* be ignorant. Case in point.
You are right that market share is not
You're right. I don't use Windows enough to appreciate it's lack of security, perhaps. I had assumed, for instance, that one could run as a restricted user without any applications not working (I've done this on public or other people's computers plenty of times; everything works fine--I really don't know what applications you are talking about here).
But as for Linux security features, most, if not all, are geared towards protecting the integrity of a multi-user system; none prevent a user from spying on himself, or overwriting his own files, or sending information about himself back to a server in China.
Let me ask you: as your user on your Linux box, can you open up sockets (say, for telnet)? Can you read all your own files? Can you run daemon processes unconnected to a terminal? Can you schedule cron jobs? Can you execute a set of commands on login?
I don't know how hard it is to remove spyware on Windows, you are right. I know I'd find it a fair bit easier on Linux (assuming we aren't talking something truly malicious, like trojans that corrupt binaries), but then, I know quite a lot more about Linux than Windows. But if you think the security features in a default Linux install save you from spyware, you're far too overconfident.
I do apologize for being insulting, I guess. I find fanboyism annoying. But if you believe yourself, or worse yet, advise other people, that Linux has features that would be effective at preventing a determined individual from writing spyware for that platform, you are giving bad advice.
OK, not to pick on you--you aren't the only one to post that here--but how the fuck does Linux prevent spyware?
The reason there's not much spyware on Linux is the same reason there isn't much in the way of viruses, worms, and popular commercial software: lack of market share.
Linux has the technological capability to be infected with spyware. I'm sure most, if not all spyware, is voluntarily installed. But the only thing I can think of that might make Linux marginally safer is the lack of an ActiveX browser.
And, yeah, I know that the average Linux user doesn't run as root, unlike on Windows. But you don't need to be root to open a socket and send back statistics on what's in the user's browser history.
I use Linux full-time. I push it when it makes sense, and even put plenty of spare hours back into my favorite distribution. But every once in a while, when I decide to revisit Slashdot, I'm just embarassed by the blind fanboy-ism. It's annoying. Get a fucking life.
Actually, I agree with you about the knee-jerk reaction. That was my point; that this is a joke and nothing to be at all concerned about.
But I stand by #3; the chances of the Mozilla Project doin that are slim-to-none, especially since anyone could simply undo it. Yes, the spirit of open source.
Um, it won't. Why would it?
Let's see...reasons it wont:
1) Not an official Mozilla Foundation project.
2) Not profitable (it earns no money for anybody).
3) Not at all in the spirit of an open source project like Mozilla.
Reasons it will:
1) Can't think of any. Want to help me out, here?
``adbar uses the `test' adsense mode, so advertisers don't pay Google and Google doesn't pay anyone.'' Always good to click the links. That's what they're there for. ;)
Castro has continued to pay some interest to the ideals of Communism, as evinced by his unwillingness to privatise industry and exploit his people as the Chinese have, and by some of his, if I may say so, mediocre attempts at providing education, health care, and employment for his people. Perhaps this is just rhetoric to keep the masses in line, but I really don't see how he can be much worse than Batista, who showed no token interest in his people--so perhaps it wasn't so much that he allowed public opposition as he had no interest in a façade of humanitarianism--made no effort to better his country, locked up and murdered political opposition, and was nothing but a pawn for foreign powers (most of these attributes can be applied to Castro, as well; my point is that when people talk about Castro and how Communism hurt that country, they're blaming Communism for something that was around long before).