The per-folder limit in TB is a hell of a lot better then the total mailbox size limit that was prevalent in versions of Outlook prior to 2003 (where the PST file would silently corrupt itself once you went past 2GB).
I'm not sure what my largest mailbox would be, I've always archived off large folders into sub-folders (by year).
The account creator tool is a real pain in the ass. There's no simple option to just create a regular IMAP account. The menus kept resetting on me.
Yeah, it looks like a race-condition. There's some sort of background task that tries to verify that the settings will work, but it doesn't grey out the UI boxes while it does that.
It works well enough if:
- You prefer IMAP
- Your account domain matches up with the mail server domain
But I could regularly get it confused.
They're already working on 3.0.1. Figure out how to make it happen repeatedly, then submit a bug report.
The last time I looked into thunderbird 3 all the mail was no going to be stored in an mbox format and wouldn't be stored in anything close to plain text.
The problem with plain text (as in, individual files) is that it would bury the file system once you get mailboxes with a few thousand messages. Especially on NTFS which starts to choke at around 10k to 20k files in a single folder.
(And on my system, the MBOX files are basically plain text, including headers. The only thing that is going to look binary-ish would be mime-encoded base64 stuff.)
I personally monitor about a dozen mailboxes at work (IMAP shared mailboxes, project specific mailboxes, sysadmin type mailboxes that are shared via IMAP)...
It took me about a month to finally get comfortable with "smart folders". It was there in TB v2, but wasn't as prominent. Once I rearranged my folder structure a bit in the individual accounts, I'm actually quite happy with Smart Folders. I'm happy with all the inboxes clumped together at the top of the window.
Although sometimes I'll click the little arrows at the top of the folder list (that point left/right and are really tiny and easy to miss) to switch to classic view. Or I'll switch to only looking at "favorite" folders.
The UI design choice of using those tiny arrows to switch folder views is a poor one. Or at least I should be able to right-click up there and change to a different view, which is what I tried a few times with no luck.
How Thunderbird has gotten this far without integrated calendaring (not just via plugin) I have no idea.
The developers are (still) stuck on the mantra of "calendars and tasks have nothing to do with email"? They don't grasp the concept that email, calendars, and tasks go hand-in-glove with each other?
Which is an attitude from like 1980...
(Frankly, lumping calendar and task handling into Outlook is one of the reasons that it's rather popular. I would never have switched over to TB if it wasn't for the Lightning addon. Well, that and BirdieSync so that I can get my address book, calendar and tasks into my smartphone.)
It ate 40 gigs? You have over 40 gigs of email in an IMAP account? Or was it buggy and downloading multiple copies of each message?
My 4GB of email on the server tends to result in an 8GB local Thunderbird folder. And it gets worse as time goes on if it fails to compact the MBOX files. Plus the indexes...
It's not too bad at the moment, but that's because I started with a brand new profile for RC2 testing last week.
By and large it does just fine, but every once in a while it just chokes and becomes unresponsive.
(evil chuckle)
You're going to LOVE Thunderbird v3 then...
Anything over a trivial sized IMAP mailbox with less then 5k messages in each folder and you will see frequent UI stalls and hangs of a few seconds at a time. Usually because TB is trying to download messages in the background, or the indexer is doing something.
(The early release candidates and late beta versions were excessively annoying.)
Wow...that would so completely break the entire purpose of having folders and using filter rules. Wonder how well TB3 would handle my 3 GB of data on Yahoo! mail in a single folder...or my 20+GB of back e-mail I have on CDs...
Not well... TB 3 is a step backwards from TB 2 on handling large mail folders (over 20,000 messages). Especially if those mail folders are housed on an IMAP server.
TB 2 was much better about dealing with some of the obnoxiously large folders that I'd throw at it (50,000-200,000 messages in a single IMAP folder).
One of my IMAP mailboxes (that I use for subscribing to mailing lists) is 4GB of server space, while my primary mailbox is only around 2GB at the moment.
Over and over I hear how important this is. Why is it important?
Just how many two-week-long vacations on desert islands do you take in a year? Otherwise, how hard is it to plug in your e-book reader overnight? Surely a lot of people read books in bed and would have no trouble putting their reader into a cradle before rolling over and going to sleep?
1) Less muss and fuss. I can leave my ebook reader (a Sony PRS-505) on the nightstand for weeks at a time, read it when I want, but generally not worry about the battery going dead. I don't get surprised by a low battery condition that prevents me from reading, because even at 1/4 battery I still have a few thousand page views before it goes completely dead.
2) Batteries don't last forever. Most modern Lithium batteries can only be charged N times, so if you charge it up constantly, you kill the longevity of the device. I only charge my reader about 12-15 times per year.
But ultimately, the exceptional efficiency makes the device more predictable and user friendly. When battery life is measured in weeks, you can reasonably assume that when you pick up the device to interact with it, it will be ready. When battery life is measured in hours, or at most a day or two, you have to constantly babysit it in order to ensure that it will be ready when you need it.
It's one of the interesting things about the modern PC scene. You can now trade-off power / performance / cost and end up anywhere from a tiny notebook that has to hustle to draw 15W to those power-hungry beasts under the desk that are pulling 1500W.
Personally, I specifically chose the NVIDIA GeForce 8800 GT w/ 512MB of RAM because it offered excellent performance yet drew fewer watts then a lot of the other cards at the time. When we look at CPUs for our desktops, we'll often choose the 45W part because it's easier to keep it cool without making a lot of noise.
The current crop of ebook readers are excellent for cover-to-cover reading (fiction, novels, etc.).
They're not so good at random-access type reading with lots of page-flipping or fast navigation. Some of that is lack of a good keyboard (although newer readers have such) to do searching, but the rest of it is the pause due to the e-ink technology.
I've had a Sony PRS-505 for 2 years. For leisure reading, it's hands-down excellent. The unit is lightweight and easy to hold. I've done more reading in the past 2 years then in the previous 5-6 years because the reader gives me uniform fonts, uniform text sizes (which I can enlarge if needed) and basically gets the hell out of my way so I can focus on the text.
I jumped in once they dropped below $300. Now you can get basic readers for under $200 (the Sony PRS-300 series). Loaded it up with dozens of free books from Project Gutenberg and a few dozen purchased zero-DRM novels from Baen.
As often as not, the only hits you get are posts in forums where someone is asking the exact same question you need answered... and getting no replies. Since 2005. And that person is me.
Some days the google-fu is simply not very strong...
It's also one of the reasons that I started posting all of my technical problems and solutions to a public blog. Mostly so that I can refer back if I run across the problem again, but also because it frustrates me to find no information on a particular error.
When I can, I try to write to the middle of the class. It's not just do XY&Z, but I'll try to explain the rationale behind commands XY&Z without bogging the post down in trivial details.
And forums are the bane of searches. Locked up content in a proprietary format that may vanish without notice. Yes, they're easy to use, but their interface sucks if you want your messages presented in some other fashion. I much prefer mailing lists...
GNU info needs to just die. Preferably in a horrible, painful fashion, with lots of screaming and blood.
The bigger sin is that it fragmented the documentation. Some programs put everything in man pages, others force you to use info pages. Some split the middle.
As a result, we end up with the worst of both worlds.
Microsoft announcing that they'd be the absolute gatekeeper for software installs would probably be like dropping an atom bomb on a lot of legitimate software companies along with a lot of illegitimate companies that produce badware. They had a little experience with this already, what with Palladium and Trustworthy Computing. Didn't go over too well, did it?
If Microsoft had been split into multiple companies a few years ago, Microsoft Operating Systems announcing such a thing would make a lot of sense. If they handled the payment side of the equation (similar to what SoftwareReg does), they could've easily swept up most or all the shareware software in addition to the big commercial software. Setting up a central repository for free and pay software, vetted by Microsoft, could've been a huge step up. They could've done the iPhone's "Apple Store" 5-8 years ago.
The problem is, of course, since Microsoft is a huge company that tries to compete in every possible market, there's no way in hell that ISVs would sign up for such a thing. Sure, it would make it easier for end-users to install your product, but you can pretty much make a sure bet that Microsoft would at some point cut you out of the equation. Probably by buying up a competitor and then competing against you in a channel that Microsoft controls at prices that only Microsoft can afford.
The sad thing? I'm pretty sure that Microsoft tried this back in the Win98/Win2k days. I can remember a built-in screen that would take you to a Microsoft online store where you could buy non-Microsoft software.
Silliness aside, I wonder if botnets might not serve a semi-useful function for serious noobs -- a botnetted machine might ultimately be more stable than just a virused-and-malwared machine, inasmuch as the botnet operator has a vested interest in keeping the box up and running. I dimly recall reading here on/. about research showing some botnets aggressively removing malware from newly captured machines.
Eh... why put the effort into making the box more stable when you could put that effort into breaking into more boxes? Although I guess keeping the machine stable could be seen as "avoiding detection".
I'm not sure the botnet operator cares much about stability. Their goals are more likely:
- infect as many machines as possible
- avoid detection
- make it difficult to remove
- eliminate competitors
Although I'm not sure why you'd want to prioritize the last option. Unless the competitors aren't playing nice and are breaking your botnet. Which may be happening (a bit of a turf war).
We're not yet to the point where the pace of technology improvements with regards to CPU performance, memory, cost have tailed off yet. (Although we're getting closer.) As computers stop becoming doorstops after a few short years, I think we'll see a shift in the upper-end of the market towards competition on quality & longevity.
(You can sort of get that today with laptops if you stick with the models that have an affordable 5yr warranty and you avoid the bottom half of the market. Eventually, I expect that warranty period to extend to 7 and then 10 years.)
The lower-end of the market will drive, as always, towards least cost. Witness all of the really crappy typewriters that were sold before the 1980s. Most of them are gone or only lasted a few years.
I think the vCJD policy is way, way, way excessive and basically making any European immigrant ineligible to donate blood is extremely shortsighted, also considering how far out of the way CBC goes with advertising and campaigns to get people to donate blood.
Probably. But such policies do get adjusted from time to time. Either new science or cheap testing will make it safer to take blood from what was previously considered a too high risk group - or else their exclusions will put too much pressure on the supply. In which case, they'll have to loosen up the criteria and/or add new tests in order to meet needs.
Take advantage of the efficiency. Instead of a supposed 45W replacement CFL, go with a 60W or 75W equivalent. Or even the really bright 100W CFLs (which only use around 25-30W). It's still going to use less power and you'll get more light out of it.
The other trick is to find a bulb color that you like. Then add in some ambient light with a different temperature CFL in a 2nd fixture. For the office, I prefer the brighter blue CFLs. But for the L/R, I prefer the cooler and yellower CFLs.
I have tried CFLs many times (in the two condos I have lived in for the last few years), and they have never lasted as long as incandescent bulbs. Our house isn't that strange, so I have to assume that CFLs have some pretty serious problems.
I'd bet either dirty power, crappy light switches, or heat. All of which do a number on CFLs (and usually toast incandescent bulbs as well).
I had a 3-way switch for the stairs in the last place where I lived. That circuit would eat incandescent bulbs about once every few months. So I went and got a 100W CFL. It was not an enclosed fixture (it was the old type where the shade clips onto the bulb) and it was one of the better CFLs at the time (probably a $10 or $15 bulb back in the late 90s).
That bulb was still working 8 years later when I moved out.
In my current place, I only have 2 fixtures with incandescent bulbs. One is outside on the porch, and the other is in the bathroom's ceiling fixture. When you have good quality bulbs, they tend to last for years and years.
(I've had a few cheap ones die early. So I try to avoid the no-name, bottom-price, bulk-packed bulbs.)
SELinux, in a lot of cases, is basically file system permissions on steroids. Daemons run inside a domain, files and ports get labeled with SELinux labels. Then you define what and how the domain is allowed to touch. (And it's more fine grained then just "read / write".)
Sorta like how you define what a user is allowed to touch on the file system by assigning group membership and file permissions.
If the SELinux policies are very tight and the service is well behaved and you can easily define the allowed actions, things work well. It just gets trickier when daemons are not well defined and tend to talk to random ports and touch random files. Just like coming up with a reasonable set of permissions and group membership for a user that allows them to get their job done without constantly pestering you, it can be a bit of an art form to define SELinux policies.
(There's probably more to it then describing it as file permissions on steroids, but it gets the general idea across. The system is only as secure as the labeling and policies.)
Permissive does nothing for security (other then logging the first violation).
Targeted *should* work fairly well. If the policies are properly defined and the file system, ports, and processes are all properly labeled. And in a large part it does. Especially on the server side where you typically set the machine up, then don't add software willy-nilly. So you deal with the exceptions once, then things work fine for years at a time.
Strict is for the masochists... or those who *really* need security. Think "big iron" type systems where all changes go through a change committee that meets once a week and plans everything down to the last keystroke.
The tools are getting better. The documentation is still a bit weak. There needs to be more help / info type documents out there by people who understand the principles behind the thing. (Dan Walsh does a good job, but we need more.)
(sigh) That's a fallacy that needs to die. Yes, drive-by exploits are more common in the dark corners of the internet (warez, porn, etc. sites). But you're also quite likely to find regular websites that have been hacked to serve up exploits and infections. Not to mention the constant problems where ad networks serve up malicious content.
You can no longer assume that just because you don't go visit the dark corners of the internet that you're safe.
The last infection that I tracked down by reviewing our squid transparent proxy logs came from a hobby site. I don't remember if it was sewing, cooking, or some other benign type hobby. But it was nothing that would get you fired if someone saw you browsing it. The site's pages had been all altered to serve up a Javascript exploit which would infect the machine.
Slashdot Mirror
Most of the spam I get these days is for Russians, by Russians. I have no idea what the hell it's advertising.
I have a custom SpamAssassin rule that bumps russian language mails up a few points. I do the same for the chinese language messages.
The chinese spammers *really* like sending chinese spam to my webmaster@ address...
The per-folder limit in TB is a hell of a lot better then the total mailbox size limit that was prevalent in versions of Outlook prior to 2003 (where the PST file would silently corrupt itself once you went past 2GB).
I'm not sure what my largest mailbox would be, I've always archived off large folders into sub-folders (by year).
The account creator tool is a real pain in the ass. There's no simple option to just create a regular IMAP account. The menus kept resetting on me.
Yeah, it looks like a race-condition. There's some sort of background task that tries to verify that the settings will work, but it doesn't grey out the UI boxes while it does that.
It works well enough if:
- You prefer IMAP
- Your account domain matches up with the mail server domain
But I could regularly get it confused.
They're already working on 3.0.1. Figure out how to make it happen repeatedly, then submit a bug report.
The last time I looked into thunderbird 3 all the mail was no going to be stored in an mbox format and wouldn't be stored in anything close to plain text.
The problem with plain text (as in, individual files) is that it would bury the file system once you get mailboxes with a few thousand messages. Especially on NTFS which starts to choke at around 10k to 20k files in a single folder.
(And on my system, the MBOX files are basically plain text, including headers. The only thing that is going to look binary-ish would be mime-encoded base64 stuff.)
Smart folders are an acquired taste.
I personally monitor about a dozen mailboxes at work (IMAP shared mailboxes, project specific mailboxes, sysadmin type mailboxes that are shared via IMAP)...
It took me about a month to finally get comfortable with "smart folders". It was there in TB v2, but wasn't as prominent. Once I rearranged my folder structure a bit in the individual accounts, I'm actually quite happy with Smart Folders. I'm happy with all the inboxes clumped together at the top of the window.
Although sometimes I'll click the little arrows at the top of the folder list (that point left/right and are really tiny and easy to miss) to switch to classic view. Or I'll switch to only looking at "favorite" folders.
The UI design choice of using those tiny arrows to switch folder views is a poor one. Or at least I should be able to right-click up there and change to a different view, which is what I tried a few times with no luck.
How Thunderbird has gotten this far without integrated calendaring (not just via plugin) I have no idea.
The developers are (still) stuck on the mantra of "calendars and tasks have nothing to do with email"? They don't grasp the concept that email, calendars, and tasks go hand-in-glove with each other?
Which is an attitude from like 1980...
(Frankly, lumping calendar and task handling into Outlook is one of the reasons that it's rather popular. I would never have switched over to TB if it wasn't for the Lightning addon. Well, that and BirdieSync so that I can get my address book, calendar and tasks into my smartphone.)
It ate 40 gigs? You have over 40 gigs of email in an IMAP account? Or was it buggy and downloading multiple copies of each message?
My 4GB of email on the server tends to result in an 8GB local Thunderbird folder. And it gets worse as time goes on if it fails to compact the MBOX files. Plus the indexes...
It's not too bad at the moment, but that's because I started with a brand new profile for RC2 testing last week.
By and large it does just fine, but every once in a while it just chokes and becomes unresponsive.
(evil chuckle)
You're going to LOVE Thunderbird v3 then...
Anything over a trivial sized IMAP mailbox with less then 5k messages in each folder and you will see frequent UI stalls and hangs of a few seconds at a time. Usually because TB is trying to download messages in the background, or the indexer is doing something.
(The early release candidates and late beta versions were excessively annoying.)
Wow...that would so completely break the entire purpose of having folders and using filter rules. Wonder how well TB3 would handle my 3 GB of data on Yahoo! mail in a single folder...or my 20+GB of back e-mail I have on CDs...
Not well... TB 3 is a step backwards from TB 2 on handling large mail folders (over 20,000 messages). Especially if those mail folders are housed on an IMAP server.
TB 2 was much better about dealing with some of the obnoxiously large folders that I'd throw at it (50,000-200,000 messages in a single IMAP folder).
One of my IMAP mailboxes (that I use for subscribing to mailing lists) is 4GB of server space, while my primary mailbox is only around 2GB at the moment.
Over and over I hear how important this is. Why is it important?
Just how many two-week-long vacations on desert islands do you take in a year? Otherwise, how hard is it to plug in your e-book reader overnight? Surely a lot of people read books in bed and would have no trouble putting their reader into a cradle before rolling over and going to sleep?
1) Less muss and fuss. I can leave my ebook reader (a Sony PRS-505) on the nightstand for weeks at a time, read it when I want, but generally not worry about the battery going dead. I don't get surprised by a low battery condition that prevents me from reading, because even at 1/4 battery I still have a few thousand page views before it goes completely dead.
2) Batteries don't last forever. Most modern Lithium batteries can only be charged N times, so if you charge it up constantly, you kill the longevity of the device. I only charge my reader about 12-15 times per year.
But ultimately, the exceptional efficiency makes the device more predictable and user friendly. When battery life is measured in weeks, you can reasonably assume that when you pick up the device to interact with it, it will be ready. When battery life is measured in hours, or at most a day or two, you have to constantly babysit it in order to ensure that it will be ready when you need it.
It's one of the interesting things about the modern PC scene. You can now trade-off power / performance / cost and end up anywhere from a tiny notebook that has to hustle to draw 15W to those power-hungry beasts under the desk that are pulling 1500W.
Personally, I specifically chose the NVIDIA GeForce 8800 GT w/ 512MB of RAM because it offered excellent performance yet drew fewer watts then a lot of the other cards at the time. When we look at CPUs for our desktops, we'll often choose the 45W part because it's easier to keep it cool without making a lot of noise.
The current crop of ebook readers are excellent for cover-to-cover reading (fiction, novels, etc.).
They're not so good at random-access type reading with lots of page-flipping or fast navigation. Some of that is lack of a good keyboard (although newer readers have such) to do searching, but the rest of it is the pause due to the e-ink technology.
I've had a Sony PRS-505 for 2 years. For leisure reading, it's hands-down excellent. The unit is lightweight and easy to hold. I've done more reading in the past 2 years then in the previous 5-6 years because the reader gives me uniform fonts, uniform text sizes (which I can enlarge if needed) and basically gets the hell out of my way so I can focus on the text.
I jumped in once they dropped below $300. Now you can get basic readers for under $200 (the Sony PRS-300 series). Loaded it up with dozens of free books from Project Gutenberg and a few dozen purchased zero-DRM novels from Baen.
As often as not, the only hits you get are posts in forums where someone is asking the exact same question you need answered... and getting no replies. Since 2005. And that person is me.
Some days the google-fu is simply not very strong...
It's also one of the reasons that I started posting all of my technical problems and solutions to a public blog. Mostly so that I can refer back if I run across the problem again, but also because it frustrates me to find no information on a particular error.
When I can, I try to write to the middle of the class. It's not just do XY&Z, but I'll try to explain the rationale behind commands XY&Z without bogging the post down in trivial details.
And forums are the bane of searches. Locked up content in a proprietary format that may vanish without notice. Yes, they're easy to use, but their interface sucks if you want your messages presented in some other fashion. I much prefer mailing lists...
GNU info needs to just die. Preferably in a horrible, painful fashion, with lots of screaming and blood.
The bigger sin is that it fragmented the documentation. Some programs put everything in man pages, others force you to use info pages. Some split the middle.
As a result, we end up with the worst of both worlds.
Microsoft announcing that they'd be the absolute gatekeeper for software installs would probably be like dropping an atom bomb on a lot of legitimate software companies along with a lot of illegitimate companies that produce badware. They had a little experience with this already, what with Palladium and Trustworthy Computing. Didn't go over too well, did it?
If Microsoft had been split into multiple companies a few years ago, Microsoft Operating Systems announcing such a thing would make a lot of sense. If they handled the payment side of the equation (similar to what SoftwareReg does), they could've easily swept up most or all the shareware software in addition to the big commercial software. Setting up a central repository for free and pay software, vetted by Microsoft, could've been a huge step up. They could've done the iPhone's "Apple Store" 5-8 years ago.
The problem is, of course, since Microsoft is a huge company that tries to compete in every possible market, there's no way in hell that ISVs would sign up for such a thing. Sure, it would make it easier for end-users to install your product, but you can pretty much make a sure bet that Microsoft would at some point cut you out of the equation. Probably by buying up a competitor and then competing against you in a channel that Microsoft controls at prices that only Microsoft can afford.
The sad thing? I'm pretty sure that Microsoft tried this back in the Win98/Win2k days. I can remember a built-in screen that would take you to a Microsoft online store where you could buy non-Microsoft software.
Silliness aside, I wonder if botnets might not serve a semi-useful function for serious noobs -- a botnetted machine might ultimately be more stable than just a virused-and-malwared machine, inasmuch as the botnet operator has a vested interest in keeping the box up and running. I dimly recall reading here on /. about research showing some botnets aggressively removing malware from newly captured machines.
Eh... why put the effort into making the box more stable when you could put that effort into breaking into more boxes? Although I guess keeping the machine stable could be seen as "avoiding detection".
I'm not sure the botnet operator cares much about stability. Their goals are more likely:
- infect as many machines as possible
- avoid detection
- make it difficult to remove
- eliminate competitors
Although I'm not sure why you'd want to prioritize the last option. Unless the competitors aren't playing nice and are breaking your botnet. Which may be happening (a bit of a turf war).
We're not yet to the point where the pace of technology improvements with regards to CPU performance, memory, cost have tailed off yet. (Although we're getting closer.) As computers stop becoming doorstops after a few short years, I think we'll see a shift in the upper-end of the market towards competition on quality & longevity.
(You can sort of get that today with laptops if you stick with the models that have an affordable 5yr warranty and you avoid the bottom half of the market. Eventually, I expect that warranty period to extend to 7 and then 10 years.)
The lower-end of the market will drive, as always, towards least cost. Witness all of the really crappy typewriters that were sold before the 1980s. Most of them are gone or only lasted a few years.
Does it finally make him a decent author?
The man has great ideas... but his sense of plot and wrapping up loose ends leaves a lot to be desired.
I think the vCJD policy is way, way, way excessive and basically making any European immigrant ineligible to donate blood is extremely shortsighted, also considering how far out of the way CBC goes with advertising and campaigns to get people to donate blood.
Probably. But such policies do get adjusted from time to time. Either new science or cheap testing will make it safer to take blood from what was previously considered a too high risk group - or else their exclusions will put too much pressure on the supply. In which case, they'll have to loosen up the criteria and/or add new tests in order to meet needs.
(A regular donor since '02.)
There's an old saw we had back in the 90s at UPS.
Don't just computerize a process (or blindly apply technology to replicate an existing process) and expect to see savings.
Take advantage of the efficiency. Instead of a supposed 45W replacement CFL, go with a 60W or 75W equivalent. Or even the really bright 100W CFLs (which only use around 25-30W). It's still going to use less power and you'll get more light out of it.
The other trick is to find a bulb color that you like. Then add in some ambient light with a different temperature CFL in a 2nd fixture. For the office, I prefer the brighter blue CFLs. But for the L/R, I prefer the cooler and yellower CFLs.
I have tried CFLs many times (in the two condos I have lived in for the last few years), and they have never lasted as long as incandescent bulbs. Our house isn't that strange, so I have to assume that CFLs have some pretty serious problems.
I'd bet either dirty power, crappy light switches, or heat. All of which do a number on CFLs (and usually toast incandescent bulbs as well).
I had a 3-way switch for the stairs in the last place where I lived. That circuit would eat incandescent bulbs about once every few months. So I went and got a 100W CFL. It was not an enclosed fixture (it was the old type where the shade clips onto the bulb) and it was one of the better CFLs at the time (probably a $10 or $15 bulb back in the late 90s).
That bulb was still working 8 years later when I moved out.
In my current place, I only have 2 fixtures with incandescent bulbs. One is outside on the porch, and the other is in the bathroom's ceiling fixture. When you have good quality bulbs, they tend to last for years and years.
(I've had a few cheap ones die early. So I try to avoid the no-name, bottom-price, bulk-packed bulbs.)
SELinux, in a lot of cases, is basically file system permissions on steroids. Daemons run inside a domain, files and ports get labeled with SELinux labels. Then you define what and how the domain is allowed to touch. (And it's more fine grained then just "read / write".)
Sorta like how you define what a user is allowed to touch on the file system by assigning group membership and file permissions.
If the SELinux policies are very tight and the service is well behaved and you can easily define the allowed actions, things work well. It just gets trickier when daemons are not well defined and tend to talk to random ports and touch random files. Just like coming up with a reasonable set of permissions and group membership for a user that allows them to get their job done without constantly pestering you, it can be a bit of an art form to define SELinux policies.
(There's probably more to it then describing it as file permissions on steroids, but it gets the general idea across. The system is only as secure as the labeling and policies.)
Permissive does nothing for security (other then logging the first violation).
Targeted *should* work fairly well. If the policies are properly defined and the file system, ports, and processes are all properly labeled. And in a large part it does. Especially on the server side where you typically set the machine up, then don't add software willy-nilly. So you deal with the exceptions once, then things work fine for years at a time.
Strict is for the masochists... or those who *really* need security. Think "big iron" type systems where all changes go through a change committee that meets once a week and plans everything down to the last keystroke.
The tools are getting better. The documentation is still a bit weak. There needs to be more help / info type documents out there by people who understand the principles behind the thing. (Dan Walsh does a good job, but we need more.)
browsing some porn sites
(sigh) That's a fallacy that needs to die. Yes, drive-by exploits are more common in the dark corners of the internet (warez, porn, etc. sites). But you're also quite likely to find regular websites that have been hacked to serve up exploits and infections. Not to mention the constant problems where ad networks serve up malicious content.
You can no longer assume that just because you don't go visit the dark corners of the internet that you're safe.
The last infection that I tracked down by reviewing our squid transparent proxy logs came from a hobby site. I don't remember if it was sewing, cooking, or some other benign type hobby. But it was nothing that would get you fired if someone saw you browsing it. The site's pages had been all altered to serve up a Javascript exploit which would infect the machine.