I completely missed the significance of "application bundle" in my original reply; my bad! I'm not familiar with App bundles or their OpenStep bundle lineage. But my original point still stands; on a POSIX machine a user can install apps in her home folder and then run them with her account's privileges. Maybe you use OpenStep bundles, or App Bundles, or just compile the damn thing with GCC, but the result is the same from a security standpoint. This avoids forcing you to install apps with admin privileges, which is apparently the case in Windows Vista.
a Mac concept that has been replicated on Linux about a dozen times but has never taken.
A user has had the ability to install stuff in her home directory on POSIX machines for oh... probably since POSIX machines have been around. This isn't a "Mac concept". At most Apple has polished the idea to make it easy for non-geeks. And don't forget that OS X a.k.a Darwin is a POSIX-like implementation.
Seriously....since I don't really want to use Sun hardware or Solaris, tell me again, why would I want to leave the "L" (Linux) out of the Apache/MySql/Php stack? Especially given the fact that most of the security and bug fixes --at least for Php and MySql -- which pop up are first dealt with in the Linux end of the stack.
Solaris is a pretty darn good product. And if Sun starts providing full time support for the "AMP" part of the stack, you can probably bet that bug fixes for Solaris won't be far behind those for Linux. And if Sun follows through and GPLv3's Solaris, things really start to get interesting...
If only there was a platform that offered such a simple an effective solution.
To the non-geeks: Why are you reading Slashdot?!?!?
Oh, and he is referring to just about any POSIX(-like) implementation: Unix, Solaris, Linux, etc.
Re:Opposite way of thinking?
on
PHP 5 in Practice
·
· Score: 2, Insightful
Congratulations, you have discovered the difference between "experienced software developers" and computer scientists. Computer scientists know what they need to do and how to do it, so long as they can express it in the language they're using. Experienced software developers often know incredible amounts of detail about programming languages, but not necessarily about advanced algorithms and data structures.
If GPL3 is ugly, they will probably simply keep using the regular GPL version.
If the FSF decides to only distribute future versions of its software under the GPLv3+, then Novell may be stuck with 2007 versions of GNU. That won't sit well with customers.
Exactly! I think Greg made a tongue-in-cheek post on his blog and the submitter and/. editor unwittingly took it at face value (no big surprise there). It will be wonderful/funny if some corporate shills also take the blog post at face value and actually start feeding the kernel developers the information they need.
This is true; however whereas binary package distributions tend to work-or-not-work, Gentoo provides you with pretty much everything you need to fix something when it doesn't.
There is nothing preventing you from rolling your own RPM or DEB. At some level, distro wars become silly and meaningless; in the end you're running pretty much the same applications and underlying operating system.
I've been using GNU/Linux since about 1998, and I used Gentoo for approximately 3+ years. I've even written and submitted an ebuild or two. It definitely has some advantages over other distros and definitely has disadvantages. But it (like all man-made things) is far from perfect. Statements like these simply aren't true:
1. Best distro when compared with Fedora Core 5/6 or Yellow Dog Linux because of no RPM/dependency/repository hell
In Gentoo packages are installed using scripts called ebuilds which are intended to contain all of the dependency information for the packages. People write the ebuilds. People (all of them) occasionally make mistakes. Its not unheard of to have a dependency bug in Gentoo.
2. Easy to install ANY application - emerge . It will download source of all dependencies, install and setup everything.
The ease of installation also depends on the quality of the ebuild. Were all possible combos of USE flags even tested for a particular ebuild? Do those combinations actually work? Again, ebuild aren't magic and they contain to contain errors. Also, portage only gives you a default configuration file. You have to make (and test) any configuration file changes yourself. So the statement that portage will "setup everything" is misleading.
3. Will get the latest updates first, and you will be able to download and install it without any problems.
This definitely isn't always true. As the Gentoo devs struggled to get a handle on quality, packages began to take a substantial amount of time to work their way into the stable arches. I'm not sure if this is still the case, but at one point new ebuilds had to sit in ~arch status (sort of like test repository in other distros) for one month without complaint before being marked as stable. It didn't seem to matter if anyone actually tested or even looked at the ~arch ebuild during that month. It was just a mandatory waiting period in which the dev hoped that some users bothered to test the ebuild and complain if it broke. I think the quality of the ebuilds are improving with the refinement of Gentoo's architecture herds, but with more process and more people comes delays. Quality and speed are almost always at odds in development.
4. It won't take time to install applications since hundreds of binaries already available through Portage Overlays. Thus, you will get applications compiled specially for the PS3, not just a regular PPC computer. The advantages of this will be big once GCC is optimised for the Cell processor.
Performing work always takes time, even installing binary packages, and the default behavior of Portage is to install from source.
5. You can ask for help while installation through irc, or ask someone to install it for you remotely!
As an experiment, I'd like to see everyone interested in Linux on PS3 to log onto IRC and ask somebody to install Gentoo for them remotely. Report back here with the results.;)
Basically Gentoo can be great if it fits your needs, but pretending that Gentoo is perfect and problem free isn't going to change the reality that it isn't.
No, this isn't VoIP-specific, but I can see how it might be made *easier* if the person uses VoIP.
The difference is that with a VoIP system, the system actually uses your computerized address book to do the dialing. Even more troubling is the possibility of modifying the VoIP such that when you (or your address book) dial the correct number for your bank, it actually dials a number that the hacker owns.
User or phonebook dials bank: (123) 456-7890
VoIP system displays 'dialed' number: (123) 456-7890
VoIP system actually dials hacker's number: (987) 654-3210
I, for one, am getting pretty tired of people whining that Microsoft gets unfairly bashed here on Slashdot too often. I regularly read plenty of responses that defend Microsoft that get modded +5 Insightful.
Its called astroturfing. The truth hurts, but that doesn't mean that the MS fanboys and the MS marketing department are going to take it laying down...
Just the same, the HSD has yet to dictate how exactly the cards will work.
The Revelation, Chapter 13:
16 And he causeth all, both small and great, rich and poor, free and bond, to receive a mark in their right hand, or in their foreheads:
17 and that no man might buy or sell, save he that had the mark, or the name of the beast, or the number of his name.
Strange then that artificial intelligence research is almost as old as computing itself.
Despite what its relative age may be, AI has by far the largest hype-to-actual-results ratio of any computer science field. You should read Neville Holme's article Artificial Intelligence: Arrogance or Ignorance if you're interested in the subject. A well thought out response to Holme's article is available online.
Slashdot Mirror
You mean patents like these..? :(
I think he was referring to graphical file managers like Nautilus or Konqueror (which do prompt you before deleting files).
I completely missed the significance of "application bundle" in my original reply; my bad! I'm not familiar with App bundles or their OpenStep bundle lineage. But my original point still stands; on a POSIX machine a user can install apps in her home folder and then run them with her account's privileges. Maybe you use OpenStep bundles, or App Bundles, or just compile the damn thing with GCC, but the result is the same from a security standpoint. This avoids forcing you to install apps with admin privileges, which is apparently the case in Windows Vista.
A user has had the ability to install stuff in her home directory on POSIX machines for oh... probably since POSIX machines have been around. This isn't a "Mac concept". At most Apple has polished the idea to make it easy for non-geeks. And don't forget that OS X a.k.a Darwin is a POSIX-like implementation.
Solaris is a pretty darn good product. And if Sun starts providing full time support for the "AMP" part of the stack, you can probably bet that bug fixes for Solaris won't be far behind those for Linux. And if Sun follows through and GPLv3's Solaris, things really start to get interesting...
To the non-geeks: Why are you reading Slashdot?!?!?
Oh, and he is referring to just about any POSIX(-like) implementation: Unix, Solaris, Linux, etc.
And true software engineers know both. :)
If the FSF decides to only distribute future versions of its software under the GPLv3+, then Novell may be stuck with 2007 versions of GNU. That won't sit well with customers.
Exactly! I think Greg made a tongue-in-cheek post on his blog and the submitter and /. editor unwittingly took it at face value (no big surprise there). It will be wonderful/funny if some corporate shills also take the blog post at face value and actually start feeding the kernel developers the information they need.
Wait for the baby-boomers to die off. Suddenly energy, housing, and jobs will become plentiful. ;)
At least one security expert agrees:
In the interest of full disclosure, Clare Boothe Luce said that. :)
There is nothing preventing you from rolling your own RPM or DEB. At some level, distro wars become silly and meaningless; in the end you're running pretty much the same applications and underlying operating system.
I've been using GNU/Linux since about 1998, and I used Gentoo for approximately 3+ years. I've even written and submitted an ebuild or two. It definitely has some advantages over other distros and definitely has disadvantages. But it (like all man-made things) is far from perfect. Statements like these simply aren't true:
In Gentoo packages are installed using scripts called ebuilds which are intended to contain all of the dependency information for the packages. People write the ebuilds. People (all of them) occasionally make mistakes. Its not unheard of to have a dependency bug in Gentoo.
The ease of installation also depends on the quality of the ebuild. Were all possible combos of USE flags even tested for a particular ebuild? Do those combinations actually work? Again, ebuild aren't magic and they contain to contain errors. Also, portage only gives you a default configuration file. You have to make (and test) any configuration file changes yourself. So the statement that portage will "setup everything" is misleading.
This definitely isn't always true. As the Gentoo devs struggled to get a handle on quality, packages began to take a substantial amount of time to work their way into the stable arches. I'm not sure if this is still the case, but at one point new ebuilds had to sit in ~arch status (sort of like test repository in other distros) for one month without complaint before being marked as stable. It didn't seem to matter if anyone actually tested or even looked at the ~arch ebuild during that month. It was just a mandatory waiting period in which the dev hoped that some users bothered to test the ebuild and complain if it broke. I think the quality of the ebuilds are improving with the refinement of Gentoo's architecture herds, but with more process and more people comes delays. Quality and speed are almost always at odds in development.
Performing work always takes time, even installing binary packages, and the default behavior of Portage is to install from source.
As an experiment, I'd like to see everyone interested in Linux on PS3 to log onto IRC and ask somebody to install Gentoo for them remotely. Report back here with the results. ;)
Basically Gentoo can be great if it fits your needs, but pretending that Gentoo is perfect and problem free isn't going to change the reality that it isn't.
It's all so confusing!!
The difference is that with a VoIP system, the system actually uses your computerized address book to do the dialing. Even more troubling is the possibility of modifying the VoIP such that when you (or your address book) dial the correct number for your bank, it actually dials a number that the hacker owns.
The Revelation, Chapter 13:
16 And he causeth all, both small and great, rich and poor, free and bond, to receive a mark in their right hand, or in their foreheads:
17 and that no man might buy or sell, save he that had the mark, or the name of the beast, or the number of his name.
John Dvorak is a troll. Nuf' said.
They shouldn't have to listen; the system should be designed for security from the ground up.
Relying on user education is #5 on the Six Dumbest Ideas in Computer Security.Sort of like this post and oh, maybe this one. :)