Man-in-the-middle attacks are still (theoretically) possible against quantum encryption.
No they are not. QC is resistent against man-in-the-middle-attacks. See this post for explanation.
what is Inkscape going to do to get marketshare from Illustrator that the GIMP hasn't already tried and failed to do when attempting to grab Photoshop marketshare?
1) There is no GIMP marketshare because GIMP is free. This might change with the buyable version at WinGimp.com.
2) This is one tool less missing on a linux desktop. The list of "missing apps" got rather short recently....
It's hard to install,
True. has a very poor user interface
Which user interface? I think Sancho is great. while it supports more networks than Shareaza, it generally doesn't support them as well.
Not in my experience with mldonkey 2.5.16...
Shareaza is, for now, the only application that support multiple network swarming downloads.
Wrong! A new MLdonkey unstable core has also been released last night, bumping it up to version 2-5-devel-6, featuring full multinet swarming support and lots of other improvements. source
well it has support for four file sharing protocols (Gnutella, Gnutella 2, ED2K, and Bit Torrent)
add opennap, soulseek, fasttrack (kazaa), directconnect, http, ftp and ssh downloads and you end up with mldonkey - supports multiple GUIs too...
Why should anybody? (Beyond the "because I can"-nature of geeks)
There are far superior p2p-clients for Linux available: mldonkey for example supports donkey, overnet, fasttrack, gnutella, directconnect, soulseek, opennap, bittorrent, http, ftp and ssh file transfers. And it has a webinterface and multiple GUI-clients (Linux and Windows) available...
They might get some ideas by looking at the Shareaza sourcecode for improvements though.
This is actually quite a good idea:
1) Let the EFF of The FSF file a few rediculous general patents.
2) When a lawsuit comes down on a OSS project, countersue the rediculous patent with a rediculous patent.
3) media coverage, cheap out-of-court agreement
4)...
5) Profit!
The patent portfolio acts as a insureance for OSS. If a company sues, the only thing they get is bad media. And more people will see how stupid software patents really are...
maybe this is only a small point of contention, but Gentoo technically hasn't taken the plunge yet either.
Well, they have. There is no XFree 4.4 in portage and because developers decided once it isnt worth it there propably never will be one.
there was *some guy* who placed some code into a compiler once, so that even if there was no malicious code in the actual souce, once compiled, the executable had a block of code enabling the original author to do things (i.e. a backdoor).
You are talking about Ken Thompsons backdoor in early unix... more of the story
to deal with only 100,000 emails an hour
The original (german) article states they had a queue of 30000 undelivered mails on Tuesday growing to 100000 undelivered mails on Friday - the amount of incoming spam is probably much bigger, so thier setup isnt that bad...
so you're saying they both appear screwed up, or they both appear OK?
The CSS is b0rked or intented to look ugly - i used wget like they did here:
Why doesn't MSN work with Opera? and did get the broken CSS when masq'ing as IE...
Or maybe the author used a old version of IE screwing up CSS completely and making it look somehow better...
plenty of custom software that users need that isn't provided by either Windows OR Linux.
I personally havent had any need for any software that is not provided with standard linux distros for work. Corporate Desktops often have nothing more than MS Office installed and this can be provided by standard linux distro software as well. So I don't see why everyone keeps thinking that a couple CDs full of free software is so amazing, considering that you can just download it before you make the corporate disk image.
It is not amazing. But what is amazing about Windows XP? Your original point was that XP has advantages over linux on the corporate desktop. Migration issues aside, where are these? What you mean is it's more secure.
Yes, Right. But it is a huge difference if your system is crackable by a knowledgeable hacker seeking the sweet spot or if it is subject to automated cracks like worms that are not interested in you data for the most part, but just want to use you as a spam host. Microsoft will let you download a copy of XP that works with AMD-64 Please note that in either case, the pre-release software is time-limited and will expire in 360 days.
Sorry for being so trollish last time - I came to/. directly from a troll side and conserved the momentum...
Greetz, Bjoern
True, but with linux you either:
- buy something (SuSE) and dont have to download anything
- download a distro (debian, gentoo, SuSE-ftp) for free
Both options are better then the XP Home way (buy and download stuff).
Irrelevant, as the original poster's link points to what is touted as a "desktop" version of SuSE, not a server version. But, if you really want, you can get Apache.
Right, here we go for a corporate desktop. Just download it.
Bzz. Wrong. I can "just dowload" debain or gentoo too. This is about a ready-to-go solution - XP Home does not provide this. with third-party software as you want.
Bzz. Wrong. See above. Linux doesn't provide you with one either, so this isn't really a good point for you to be
Bzz. We are not taking about Linux. We talk about SuSE - and SuSE provides a secure, virus-free work environment for the corporate desktop. ... but how compatible the OS is with common hardware.
Linux has no issue with common hardware, windows has - Windows on AMD64 is still a no-go for example, while it is quite possible with linux. You dont need webcams and mp3-players on a corporate desktop. End of Story. ...you would most likely be installing full disk images, complete with all the software you need (and patches) to the client machines,
So you wipe out the hdd and install the same image on all machines. How do you get this right license-wise without loosing OEM licenses/doublelicensing?
So just arrange for one end to go down, or for some obvious break in the cable to happen somewhere else, and then secretly install your tap-relay while they are fixing things. Or just get in before the link goes live.
This is just wrong. a tap-relay will get noticed if sender and reciever can communicate via a public unencrypted channel.
see my other post
Ok. Example:
The sender can send binary data in two polarisations.
polarisation 1: |- polarisation 2:/\
The sender chooses a random polarisation for each bit, but keeps it secret. The reciever uses random polarisations for each bit too. If polarisations dont match, the reciever doesnt get a result.
Enter man-in-th-middle in a multi-bit authentification. In the case sender and reciever use the same polarisation, but the man-in-the-middle the other one he will not be able to reproduce the bit to to reciever. The reciever sends the first half of his data and all his used polarisations to the sender via the public channel. If the data is wrong, there is a man in the middle. If there are two people sending back data there is a man in the middle. The second part of data send via the QC channel (only the bits where polarisations between sender and reciever match) serves as a key for a encrytion on the public channel. The transmission is then save, if the man-in-the-middle cannot intercept the reply from the reciever on the public channel. And since it is hard to suppress radio-transmissions unnoticed, for example, there is a huge advantage in QC.
So if you want to tap it you do it at the relays.
Right. QC doesn't even prevent a man-in-the-middle attack. All you need to do is splice your tap in to the fibre (or whatever) and do QC with the two ends.
Wrong. If sender and reciever can authentificate via a public channel (which is not too hard to achive) they can communicate data (like a key for a symetric encryption via the public channel) via the QC that is save from a man in the middle attack.
Slashdot Mirror
Man-in-the-middle attacks are still (theoretically) possible against quantum encryption.
No they are not. QC is resistent against man-in-the-middle-attacks. See this post for explanation.
what is Inkscape going to do to get marketshare from Illustrator that the GIMP hasn't already tried and failed to do when attempting to grab Photoshop marketshare? ....
1) There is no GIMP marketshare because GIMP is free. This might change with the buyable version at WinGimp.com.
2) This is one tool less missing on a linux desktop. The list of "missing apps" got rather short recently
It's hard to install, ...
True.
has a very poor user interface
Which user interface? I think Sancho is great.
while it supports more networks than Shareaza, it generally doesn't support them as well.
Not in my experience with mldonkey 2.5.16
Shareaza is, for now, the only application that support multiple network swarming downloads.
Wrong!
A new MLdonkey unstable core has also been released last night, bumping it up to version 2-5-devel-6, featuring full multinet swarming support and lots of other improvements.
source
well it has support for four file sharing protocols (Gnutella, Gnutella 2, ED2K, and Bit Torrent) ...
add opennap, soulseek, fasttrack (kazaa), directconnect, http, ftp and ssh downloads and you end up with mldonkey - supports multiple GUIs too
I use the webinterface here, but sancho is a very good mldoney GUI.
mldonkey has it all - and more ...
gtk-gnutella isnt exactly the most powerful p2p-client for linux. I think right now mldonkey is - and mldonkey has more to offer than Shareaza.
Why should anybody? (Beyond the "because I can"-nature of geeks) ...
There are far superior p2p-clients for Linux available: mldonkey for example supports donkey, overnet, fasttrack, gnutella, directconnect, soulseek, opennap, bittorrent, http, ftp and ssh file transfers. And it has a webinterface and multiple GUI-clients (Linux and Windows) available
They might get some ideas by looking at the Shareaza sourcecode for improvements though.
about this here. And it also has a collection of stupid disclaimers ..
This is actually quite a good idea: ... ...
1) Let the EFF of The FSF file a few rediculous general patents.
2) When a lawsuit comes down on a OSS project, countersue the rediculous patent with a rediculous patent.
3) media coverage, cheap out-of-court agreement
4)
5) Profit!
The patent portfolio acts as a insureance for OSS. If a company sues, the only thing they get is bad media. And more people will see how stupid software patents really are
maybe this is only a small point of contention, but Gentoo technically hasn't taken the plunge yet either.
Well, they have. There is no XFree 4.4 in portage and because developers decided once it isnt worth it there propably never will be one.
there was *some guy* who placed some code into a compiler once, so that even if there was no malicious code in the actual souce, once compiled, the executable had a block of code enabling the original author to do things (i.e. a backdoor). ...
You are talking about Ken Thompsons backdoor in early unix
more of the story
I'm running Apache, sshd, sendmail, proftpd, mysql..
Fine.
And now you switch to relaying your mail trough your ISP and everything is good again.
to deal with only 100,000 emails an hour ...
The original (german) article states they had a queue of 30000 undelivered mails on Tuesday growing to 100000 undelivered mails on Friday - the amount of incoming spam is probably much bigger, so thier setup isnt that bad
so you're saying they both appear screwed up, or they both appear OK? ...
Or maybe the author used a old version of IE screwing up CSS completely and making it look somehow better ...
The CSS is b0rked or intented to look ugly - i used wget like they did here: Why doesn't MSN work with Opera? and did get the broken CSS when masq'ing as IE
I think gpart is available on knoppix and perhaps also Gentoo LiveCDs.
Dunno about that, but it is definitly available on SystemRescueCd
gentoo: cvs and subversion
It is not mentioned on glsa up to now, however.
I don't. Why did you think I did?
Because the bug affects only the pserver.
plenty of custom software that users need that isn't provided by either Windows OR Linux.
/. directly from a troll side and conserved the momentum...
I personally havent had any need for any software that is not provided with standard linux distros for work. Corporate Desktops often have nothing more than MS Office installed and this can be provided by standard linux distro software as well.
So I don't see why everyone keeps thinking that a couple CDs full of free software is so amazing, considering that you can just download it before you make the corporate disk image.
It is not amazing. But what is amazing about Windows XP? Your original point was that XP has advantages over linux on the corporate desktop. Migration issues aside, where are these?
What you mean is it's more secure.
Yes, Right. But it is a huge difference if your system is crackable by a knowledgeable hacker seeking the sweet spot or if it is subject to automated cracks like worms that are not interested in you data for the most part, but just want to use you as a spam host.
Microsoft will let you download a copy of XP that works with AMD-64
Please note that in either case, the pre-release software is time-limited and will expire in 360 days.
Sorry for being so trollish last time - I came to
Greetz, Bjoern
True, but with linux you either:
- buy something (SuSE) and dont have to download anything
- download a distro (debian, gentoo, SuSE-ftp) for free
Both options are better then the XP Home way (buy and download stuff).
Irrelevant, as the original poster's link points to what is touted as a "desktop" version of SuSE, not a server version. But, if you really want, you can get Apache.
... but how compatible the OS is with common hardware.
...you would most likely be installing full disk images, complete with all the software you need (and patches) to the client machines,
Right, here we go for a corporate desktop.
Just download it.
Bzz. Wrong. I can "just dowload" debain or gentoo too. This is about a ready-to-go solution - XP Home does not provide this.
with third-party software as you want.
Bzz. Wrong. See above.
Linux doesn't provide you with one either, so this isn't really a good point for you to be
Bzz. We are not taking about Linux. We talk about SuSE - and SuSE provides a secure, virus-free work environment for the corporate desktop.
Linux has no issue with common hardware, windows has - Windows on AMD64 is still a no-go for example, while it is quite possible with linux. You dont need webcams and mp3-players on a corporate desktop. End of Story.
So you wipe out the hdd and install the same image on all machines. How do you get this right license-wise without loosing OEM licenses/doublelicensing?
So just arrange for one end to go down, or for some obvious break in the cable to happen somewhere else, and then secretly install your tap-relay while they are fixing things. Or just get in before the link goes live.
This is just wrong. a tap-relay will get noticed if sender and reciever can communicate via a public unencrypted channel.
see my other post
The sender can send binary data in two polarisations.
The sender chooses a random polarisation for each bit, but keeps it secret. The reciever uses random polarisations for each bit too. If polarisations dont match, the reciever doesnt get a result.
Enter man-in-th-middle in a multi-bit authentification. In the case sender and reciever use the same polarisation, but the man-in-the-middle the other one he will not be able to reproduce the bit to to reciever. The reciever sends the first half of his data and all his used polarisations to the sender via the public channel. If the data is wrong, there is a man in the middle. If there are two people sending back data there is a man in the middle. The second part of data send via the QC channel (only the bits where polarisations between sender and reciever match) serves as a key for a encrytion on the public channel. The transmission is then save, if the man-in-the-middle cannot intercept the reply from the reciever on the public channel. And since it is hard to suppress radio-transmissions unnoticed, for example, there is a huge advantage in QC.
So if you want to tap it you do it at the relays.
Right.
QC doesn't even prevent a man-in-the-middle attack. All you need to do is splice your tap in to the fibre (or whatever) and do QC with the two ends.
Wrong. If sender and reciever can authentificate via a public channel (which is not too hard to achive) they can communicate data (like a key for a symetric encryption via the public channel) via the QC that is save from a man in the middle attack.