Start with a strong black tea, loaded with caffene, then work in green tea until that's all you drink.
Green tea:
Has been proven to boost your immune system response
Has anti-cancer properties (esp. prostate cancer in men, but also eat tomato products regularly and "exercise/use" your prostate daily if you are concerned with this)
Has the highest antioxidant concentrations (along with red wine, oregano, and I think chocolate).
I banished the mountain dew for green tea six months ago. I never suffered withdrawl from anything, nor do I on weekends or vacation from tea.
Remember, the original SCO is now Tarantella, Inc., and a SCO employee of 5 years ago has absolutely nothing to do with the actions of the current SCaldera. Do such people deserve the opprobrium anyway? Similarly, should Ransom Love be blamed for the actions taken by Darl McBride?
MCI/Worldcom was one of the early corporate adopters of PHP. If you were interviewing for an IT position and wanted a forward-thinking individual, would you pass over an ex-Worldcom employee based on the ethics problems of Bernard Ebbers and his (probably small) cabal?
A single individual can rarely take credit for large corporate efforts (i.e. implementing an ERP system, etc.). Similarly, outside of situations where corporate officers are legally responsible, individuals should not be blamed for corporate wrongdoings.
You challenge me to find an architecuture that has a non-power-of-2 word size? You haven't been around very long, have you?
Quick scan of google: PDP-10 emulator. The PDP-11 also had some interesting word size limitations: PDP-11 addresses were 16 bits, limiting program space to 64K, though an MMU could be used to expand total address space (18-bits and 22-bits in different PDP-11 versions). I see that an early design by Seymour Cray was 60-bit. You probably also know that the Itanium has a variable instruction bundle size.
Here is a link on porting gcc, including a warning on the word size. Not the best evidence, but it will have to do.
IIR, A number of dual Opteron boards attach all the memory to one of the CPUs. The other CPU has no attached memory, and must make Hypertransport requests of the other processor for all memory accesses.
There are a number of architectures that do not fit the C language very well. I also understand that processors that do not have a "power of two" word size (32, 64 bit) present extreme difficulty for gcc.
...or the equivalent number of ethernet cards, SCSI controllers, supported chipsets, etc. OSX can be stable because the hardware platform is under control.
Apple is also organized as a hardware company. They would have to sell much, much more software to stay alive.
They would probably die in the conversion to x86, and they would end up producing an OS than ran on a small subset of the available systems anyway.
And as you can get an OSX-capable system for under $100, why complain? The cost to try it out is negligable.
Execute the following in a terminal on your OSX system, and you will see:
% ls -ld/ drwxrwxr-t 29 root admin 986 Dec 11 16:25/
At least on 10.2, the root directory is writable by the admin group.
Furthermore, when the OSX installer creates the first user on the system, this user is automatically added to said admin group. This means that a Joe Blow (l)user can write to the root directory (bearing the sticky bit limitations in mind).
Apple has circumvented the traditional UNIX security mechanisms, and added this "admin" functionality that really doesn't fit within the BSD environment. UNIX has already been vulnerable to an avalanche of buffer overflow vulnerabilities over the years; weakening a security model that has already had significant difficulties is a questionable practice.
Apple's policies on OS upgrades and patches are also not entirely to my liking.
Personally, I would avoid OSX on a critical system. Sun would be roasted alive if they tried something like a writable root directory in Solaris.
Macs are usually single user systems. A single-user system should use/etc/passwd, and the single user should give up all privileges when they are not needed.
What I am trying to say is simple... inexperienced user buys an imac at best buy and installs the OS. This user is in the admin group. When this user accesses the machine, they have more power over it than they should.
This is not as bad as Lindows, but it cannot be trusted. Would they ever try this in Solaris?
Perhaps actually doing the test would be helpful...
[Charles-Fishers-Computer:~] cfisher% echo this is totally >/insecure [Charles-Fishers-Computer:~] cfisher% cat/insecure this is totally
Partially correct... / is writable by group admin
on
PC Mag - Mac OS X Insecure
·
· Score: 0, Insightful
Fresh install. I am not root. Observe:
Last login: Thu Dec 11 16:26:19 on console Welcome to Darwin! [Charles-Fishers-Computer:~] cfisher% id uid=502(cfisher) gid=20(staff) groups=20(staff), 80(admin) [Charles-Fishers-Computer:~] cfisher% uname -a Darwin Charles-Fishers-Computer.local. 6.8 Darwin Kernel Version 6.8: Wed Sep 10 15:20:55 PDT 2003; root:xnu/xnu-344.49.obj~2/RELEASE_PPC Power Macintosh powerpc [Charles-Fishers-Computer:~] cfisher% ls -ld/ drwxrwxr-t 29 root admin 986 Dec 11 16:25/ [Charles-Fishers-Computer:~] cfisher% uname -a Darwin Charles-Fishers-Computer.local. 6.8 Darwin Kernel Version 6.8: Wed Sep 10 15:20:55 PDT 2003; root:xnu/xnu-344.49.obj~2/RELEASE_PPC Power Macintosh powerpc
Combined with the following brain damage:
## # User Database # # Note that this file is consulted when the system is running in single-user # mode. At other times this information is handled by lookupd. By default, # lookupd gets information from NetInfo, so this file will not be consulted # unless you have changed lookupd's configuration. ## nobody:*:-2:-2:Unprivileged User:/nohome:/noshell root:*:0:0:System Administrator:/var/root:/bin/tcsh daemon:*:1:1:Sy stem Services:/var/root:/noshell smmsp:*:25:25:Sendmai l User:/private/etc/mail:/noshell www:*:70:70:World Wide Web Server:/Library/WebServer:/noshell mysql:*:74:74: MySQL Server:/nohome:/noshell sshd:*:75:75:sshd Privilege separation:/var/empty:/noshell unknown:*:99:99:Un known User:/nohome:/noshell
Makes OSX into a version of UNIX that no seasoned administrator would EVER let into production.
p.s. I know how to use sudo, you gibbering cretin.
...then by default the only directories that a non-root (l)user could write to would be ~ and/tmp.
AFAIK, Joe Blow can write to / on a new 10.2 install. This is madness.
There is a stub (non-standard)/etc/passwd file under OSX, and getpwent (and friends) are dealt with in libc by some crazy Apple authentication daemon. My point here is that Apple has deliberately circumvented the "UNIX way" and has weakened the system in the process.
There was simply no point to purchasing redhat boxed sets when the isos were freely available. Redhat never tried to simply sell cds a la cheapbytes. I would have bought them if they had.
I would have gladly paid for continued up2date support for 6.2, 7, etc. What I would not tolerate was the sudden cut of 6.2 combined with the surveyware in up2date. I migrated a long time ago.
Redhat had no other products that interested me or my organization(s).
I would have loved to have thrown a few hundred dollars at redhat over the last few years. They walked away from the table.
...has a complete copy of Red Hat Enterprise Advanced Server v3 available for download via bittorrent.
You're not supposed to distribute RedHat products unless you remove all their logos, but otherwise there are no redistribution restrictions (but the suprnova copy does appear to be in violation).
In the security context, Kazaa is actually much more to blame than Microsoft. Kazaa installs New.Net and other intrusive applications that compromise the privacy of their users. It is true that Microsoft Media Player and Windows Update also collect data on the habits of the userbase, but AFAIK their software isn't quite so intrusive.
In the context of preserving intellectual property, Kazaa is to blame to some extent, but perhaps less so than Microsoft, Cisco, the phone companies and other infrastructure providers. Kazaa couldn't exist without a high-speed digital network with pervasive, ubiquitous connectivity. Kazaa is really only the "last mile" of a journey across a continent - because the infrastructure exists, destroying Napster and its derivatives simply causes the network to evolve a more rugged replacement - because the effort to evolve a new Napster is almost trivial.
In any case, Microsoft could do some very public things to improve security:
Use Mozilla Gecko (or KHTML) as the core of Internet Explorer 7 (which also solves W3C compliance issues).
Hire Theo de Raadt & company to review and repair the Windows source code.
Offer $100,000 for any Windows exploit that is delivered to Microsoft no less than one month before general release on the internet.
To date, Microsoft has done nothing more than some enthusiastic chest-thumping about security. They have not seriously engaged a solution, and they are losing sales as a consequence.
Instead of all of this unintelligble claptrap, HP needs to devote a decent amount of concentration to their Enterprise systems division, and make some hard choices.
HP is no longer saying "bet the company" on Itanium, but currently HP-UX and VMS are totally wagered on Intel's unproven architecture.
The Alpha base has been easy pickings for Solaris and Linux, and the rest of the HP Enterprise customer base is watching as HP "burns the boats" and our systems investments vaporize.
I realize that HP believes it has sound reasons for sending PA-RISC and Alpha to sleep with the fishes, but there is currently no backup for these OS environments if Itanium fails (which looks likely).
You can't bring back the dead, but HP needs to immediately and publicly port HP-UX and VMS to the AMD Opteron, and let the customers determine which architecture will survive.
HP has been willing to engage AMD in the PC market for mostly no good purpose (the margins on these products are razor thin). If HP has braved Intel's wrath for this useless gesture, then HP should take a risk that really counts and let the market decide the fate of Itanium vs. Opteron.
In Oracle, I can "recover database until time mm/dd/yy:hh:mm:ss" (or at least the syntax is close). Assuming that you have all the backups and archived logs, you can bring the database back to any point in time. This is a very well documented procedure, and quite handy for recovering a dropped table.
PostgreSQL has some similar feature (called Write Ahead Logging). I don't know much about it, but the Postgres people would be jumping up and down about it if it were as rock solid as Oracle.
Oracle also has lots of other technologies that add bonus points to the database (plsql, the new flashback, RAC, decode), but point-in-time recovery is the clincher.
Slashdot Mirror
Start with a strong black tea, loaded with caffene, then work in green tea until that's all you drink.
Green tea:
I banished the mountain dew for green tea six months ago. I never suffered withdrawl from anything, nor do I on weekends or vacation from tea.
Remember, the original SCO is now Tarantella, Inc., and a SCO employee of 5 years ago has absolutely nothing to do with the actions of the current SCaldera. Do such people deserve the opprobrium anyway? Similarly, should Ransom Love be blamed for the actions taken by Darl McBride?
MCI/Worldcom was one of the early corporate adopters of PHP. If you were interviewing for an IT position and wanted a forward-thinking individual, would you pass over an ex-Worldcom employee based on the ethics problems of Bernard Ebbers and his (probably small) cabal?
A single individual can rarely take credit for large corporate efforts (i.e. implementing an ERP system, etc.). Similarly, outside of situations where corporate officers are legally responsible, individuals should not be blamed for corporate wrongdoings.
You challenge me to find an architecuture that has a non-power-of-2 word size? You haven't been around very long, have you?
Quick scan of google: PDP-10 emulator. The PDP-11 also had some interesting word size limitations: PDP-11 addresses were 16 bits, limiting program space to 64K, though an MMU could be used to expand total address space (18-bits and 22-bits in different PDP-11 versions). I see that an early design by Seymour Cray was 60-bit. You probably also know that the Itanium has a variable instruction bundle size.
Here is a link on porting gcc, including a warning on the word size. Not the best evidence, but it will have to do.
IIR, A number of dual Opteron boards attach all the memory to one of the CPUs. The other CPU has no attached memory, and must make Hypertransport requests of the other processor for all memory accesses.
There are a number of architectures that do not fit the C language very well. I also understand that processors that do not have a "power of two" word size (32, 64 bit) present extreme difficulty for gcc.
...or the equivalent number of ethernet cards, SCSI controllers, supported chipsets, etc. OSX can be stable because the hardware platform is under control.
Apple is also organized as a hardware company. They would have to sell much, much more software to stay alive.
They would probably die in the conversion to x86, and they would end up producing an OS than ran on a small subset of the available systems anyway.
And as you can get an OSX-capable system for under $100, why complain? The cost to try it out is negligable.
Execute the following in a terminal on your OSX system, and you will see:
At least on 10.2, the root directory is writable by the admin group.
Furthermore, when the OSX installer creates the first user on the system, this user is automatically added to said admin group. This means that a Joe Blow (l)user can write to the root directory (bearing the sticky bit limitations in mind).
Apple has circumvented the traditional UNIX security mechanisms, and added this "admin" functionality that really doesn't fit within the BSD environment. UNIX has already been vulnerable to an avalanche of buffer overflow vulnerabilities over the years; weakening a security model that has already had significant difficulties is a questionable practice.
Apple's policies on OS upgrades and patches are also not entirely to my liking.
Personally, I would avoid OSX on a critical system. Sun would be roasted alive if they tried something like a writable root directory in Solaris.
Macs are usually single user systems. A single-user system should use /etc/passwd, and the single user should give up all privileges when they are not needed.
What I am trying to say is simple... inexperienced user buys an imac at best buy and installs the OS. This user is in the admin group. When this user accesses the machine, they have more power over it than they should.
This is not as bad as Lindows, but it cannot be trusted. Would they ever try this in Solaris?
like I said,
What on earth were they thinking?
Perhaps actually doing the test would be helpful...
Fresh install. I am not root. Observe:
Combined with the following brain damage:
Makes OSX into a version of UNIX that no seasoned administrator would EVER let into production.
p.s. I know how to use sudo, you gibbering cretin.
...then by default the only directories that a non-root (l)user could write to would be ~ and /tmp.
AFAIK, Joe Blow can write to / on a new 10.2 install. This is madness.
There is a stub (non-standard) /etc/passwd file under OSX, and getpwent (and friends) are dealt with in libc by some crazy Apple authentication daemon. My point here is that Apple has deliberately circumvented the "UNIX way" and has weakened the system in the process.
The holes are no surprise.
Granted, it is a Compaq Contura laptop, but I thought that Transmeta systems were supposed to be conservative on power?!
I would have loved to have thrown a few hundred dollars at redhat over the last few years. They walked away from the table.
AFAIK, ext3 can't, so when you run out, you get to backup, recreate the filesystem with more, then restore.
It says quite clearly in the firstboot app when you load RHE that redistribution of RHE is allowed as long as you remove all Red Hat logos.
I downloaded RHE from suprnova.org. I like the new LVM changes very much.
...has a complete copy of Red Hat Enterprise Advanced Server v3 available for download via bittorrent.
You're not supposed to distribute RedHat products unless you remove all their logos, but otherwise there are no redistribution restrictions (but the suprnova copy does appear to be in violation).
I guess that tells you where I stand.
Saw rhas3 there a few days ago.
In the security context, Kazaa is actually much more to blame than Microsoft. Kazaa installs New.Net and other intrusive applications that compromise the privacy of their users. It is true that Microsoft Media Player and Windows Update also collect data on the habits of the userbase, but AFAIK their software isn't quite so intrusive.
In the context of preserving intellectual property, Kazaa is to blame to some extent, but perhaps less so than Microsoft, Cisco, the phone companies and other infrastructure providers. Kazaa couldn't exist without a high-speed digital network with pervasive, ubiquitous connectivity. Kazaa is really only the "last mile" of a journey across a continent - because the infrastructure exists, destroying Napster and its derivatives simply causes the network to evolve a more rugged replacement - because the effort to evolve a new Napster is almost trivial.
In any case, Microsoft could do some very public things to improve security:
To date, Microsoft has done nothing more than some enthusiastic chest-thumping about security. They have not seriously engaged a solution, and they are losing sales as a consequence.
Instead of all of this unintelligble claptrap, HP needs to devote a decent amount of concentration to their Enterprise systems division, and make some hard choices.
HP is no longer saying "bet the company" on Itanium, but currently HP-UX and VMS are totally wagered on Intel's unproven architecture.
The Alpha base has been easy pickings for Solaris and Linux, and the rest of the HP Enterprise customer base is watching as HP "burns the boats" and our systems investments vaporize.
I realize that HP believes it has sound reasons for sending PA-RISC and Alpha to sleep with the fishes, but there is currently no backup for these OS environments if Itanium fails (which looks likely).
You can't bring back the dead, but HP needs to immediately and publicly port HP-UX and VMS to the AMD Opteron, and let the customers determine which architecture will survive.
HP has been willing to engage AMD in the PC market for mostly no good purpose (the margins on these products are razor thin). If HP has braved Intel's wrath for this useless gesture, then HP should take a risk that really counts and let the market decide the fate of Itanium vs. Opteron.
HP, the choice is yours, adapt or die.
Recap:
This list is beginning to get lengthy.
Most software is produced by organizations that you probably shouldn't trust, staffed by people that you probably wouldn't like.
I'll believe it when I see it.
In Oracle, I can "recover database until time mm/dd/yy:hh:mm:ss" (or at least the syntax is close). Assuming that you have all the backups and archived logs, you can bring the database back to any point in time. This is a very well documented procedure, and quite handy for recovering a dropped table.
PostgreSQL has some similar feature (called Write Ahead Logging). I don't know much about it, but the Postgres people would be jumping up and down about it if it were as rock solid as Oracle.
Oracle also has lots of other technologies that add bonus points to the database (plsql, the new flashback, RAC, decode), but point-in-time recovery is the clincher.