It would be great, if Solaris 10 came with a preinstalled, recent GNU environment suite (gcc, binutils, autoconf, GNUmake and the whole enchilada). It is painful to have to add this from backups or external web sites/CDs. Sun, please put this on the installation CDs as [optional] packages.
Another wish for Solaris 10 would be some kind of port (portage) system like in the BSDs or Gentoo. If Sun maintained such a port collection, it would be a great incentive to use Solaris not only on big servers, but also on desktop machines.
Supposedly Solaris10 will be using a totally new kernel [...] something of a mish-mash of Linux kernel, BSD, and Solaris.
While BSD folks won't object if Solaris 10 contained BSD code (all previous Solaris and SunOS releases did), Linux folks will have to enforce compliance to the GPL if Solaris used parts of the Linux kernel. If the rumors were true, Solaris kernel will be GPLed, and we'll soon be able to look at their sources! Great!
VeriSign running a bogus SMTP server was very bad from a privacy point of view.
Even if they didn't accept the message body (did they? I don't remember), they
collected a lot of information that could've been used for traffic analysis.
It's none of VeriSign's business to know that I mistyped an email address:
they could find out what the real address was. It's none of VeriSign's business
to know that I mistyped a URL: they could find out what the real URL was
(hamming distance usually 1 or 2). Why should they collect so much information
about my email or surfing habits anyway? If I believed in conspiracy theories,
I'd suspect that they may be in cahoots with the NSA
(I don't think so).
www.united-nations.nyc.ny.us for the HQ.
Oh, wait, they have dependencies elsewhere: www.united-nations.wien.at www.united-nations.geneva.ch, www.united-nations.geneve.ch, www.united-nations.genf.ch,...
Or how's about, say, www.apache.org, slashdot.org,...?
Many multinational organizations and companies wouldn't be happy to
be forced to use ccTLDs. Heck, even some individuals would be upset,
because they see themselves as world citizens, rather than belonging
to a country (and I'm not even talking about people with multiple
nationalities). Forcing ccTLDs as IMHO a Bad Thing(tm).
This thing isnt going to go away for 5 to 10 years, and I can see it ruining a lot of productive time and effort on the opensource side.
With a little luck, the big company behind SCO's litigation machinery (and we all know who they are, don't we?) would finally see the light, and decide to go Linux. They'll probably buy out SCO and shut down their litigation department altogether, in an effort to gain sympathy among the Open Source user base.
Am I dreaming? Gone nuts? Think about it this way: a lot of corporate sysadmins and IT personnel in the future will be acquainted (and sympathetic) to Linux, and they'll have big purchasing power. If M$ still exists, it will have to foster good relations with those people, if they want to be able to sell anything. Killing this SCO parody now would generate a lot of good Karma in tomorrow's IT world.
If MyDoom was written by Linux zealots, wouldn't it be GPLed?
I'd like to see its source code! Any.deb or SRPM out there?
Is it on sourceforge? Where's the CVS repo? Can we collectively improve it? Nah...
Of course they can exist. I remember once a Perl module form CPAN which upon
make install issued a big warning that it was a virus and that admins
should be careful about the software they download and install. Of course
it wasn't a virus, but it could have been. But we're all scrutinizing the
source code of every package that we install on our boxes, right? Yeah,
right.
Restoring from backup is also a great way to add viruses
that you eliminated in the meantime. Most backups are
done automatically, and not necessarily after a virus
scan. Scary, isn't it?
Maybe people in the security community didn't forget
about DARPA's decision not to fund OpenBSD
anymore. It doesn't pay to mix politics with research...
it's not hard to build an email server with virus filtering built into it.
Think of back-scatter: when a virus hits a mail server, and the server bounces the message (to the forged sender address), innocent bystanders will get the virus too. And since big MTAs with lots of traffic run on Unix, they can potentially generate a lot of back-scatter... So very indirectly, poorly configured virus filters can worsen the virus problem; wether they're running on Unix or not.
As soon as Linux runs Windows binaries smoothly enough (including games!),
there won't be any reason to stick to M$. It's beyond me why this should
be so difficult. After all, FreeBSD happily runs Linux binaries too.
Operating a mail server carries special responsibilities with it. You have to make sure that you're not operating
an open relay (even inadvertantly), you must monitor your outgoing mail(logs), to make sure that your server is not
being abused as a spam source, and you should react to problems such as mail-loops etc., e.g. by assuming the
role of postmaster.
While most of us/.-ers are technically savvy enough to do this, a whole lot of Windows-PC owners are not.
Their machines are constantly being hijacked by viruses, and then they become spam zombies from hell. I can
understand why ISPs are reluctant to keep port 25 open to such people. OTOH, I don't like this collective
punishment meted out by some ISPs who don't discriminate between responsible and irresponsible users.
It is quite common for ISPs to block port 25 for dial-up users, but they won't do so if they assign
to you a static IP. In most cases, people with static IPs are more responsible (and technically savvy)
than Joe Sixpack, and there's often no need to block them. Of course, in an ideal world, the ACLs on ISPs
routers would be configured dynamically for every user who logs in. It is easy to implement a whitelist/
blacklist of users and block only those who don't act responsibly, open everything for users who have a
good history of fixing bugs or keeping a tight ship, and giving everyone else the benefit of the doubt.
Why should the Open Source community be afraid of this? We're not competing in this area.
We're not PR hungry, and we don't need the good will of mis-informed journalists, management or politics.
We're writing _and_ using Open Source, because we like it, because it is superior, and
because it gives us a sense of community that pays off all efforts that we put in it.
The only people who would be afraid of bad publicity, like what's happening now, are the commercial outfits that
depend on Linux and who make $$$ by selling Linux(-services) to the enterprise. These outfits aren't doing
their homework, which consists of paying PR representatives who would lobby journalists and politicians
in favor of our movement. Those companies are all too happy to make money from Linux, but are they
willing to help defend its image in the general public? With real money? Nope, thought so...
Mod me down for this, but I'm really disappointed with the lack of support from within the
(commercial) Open Source community. The attacks from SCO, Microsoft etc... are not really
surprising, nor are they relevant to the existance and survival of Open Source. We are just not yet
mature enough to conduct a full-scale PR campaign in our favor, that would, once and for
all, help stamp out all this FUD that the other side is all too happy to spread. Or, to put
it differently: We're not even trying to defend ourselves!
Why should a Linux business help fund Microsoft by offering a
bounty to catch a _Windows_ virus writer? That's Microsoft's
business after all. And they (Microsoft) have enough cash to even
catch Bin Laden, if they really wanted to.
Oh yeah, please! Let's have him ruin those Windows outfits just as effectively as he's
destroying SCO right now. It would be fun to stand by and watch...
1. Get to talk to the Queen.
2. Buy your Knighthood title.
3....
4. PROFIT!
With MS-Knighthood 1.0, you don't need to browne-nose anymore.
Get your own title for o<!-- fohw wef -->nly $199.99!
System requirements:
Wind</gnfplm>ows XP (to print the certificate), any Microsoft-supported
GDI printer and a Passport account. Please note that MS-Knighthood
does not run on Linux!
Also available from the Microsoft/Buckingham joint venture: MS-Diploma 1.0 (Get U n i v e r s i t y
D i p l o m a s without taking a<!-- xysfoijef -->ny exams.
No-one turned down. Discr<!-- foijwef -->eet and reliable.
seems like there's nothing to stop the government from censoring a website it really doesn't like with a spook so close to the "A" root server.
It's not the job of the NSA to censor websites.
The NSA has better things to do like inventing new codes and breaking foreign codes. Monitoring communications links is their main concern, but this is mainly for traffic analysis (and capture of encrypted data), not for local law enforcement, which is handled by the FBI and other agencies.
To capture traffic, the NSA doesn't have to monitor the DNS root. That's quite boring traffic, because all the DNS server sees is a query for, gTLD and ccTLD servers. These are widely known, and there is no need to sniff all those queries at the source.
Traffic is more easily captured at major CIXen, and other backbone interconnection points. This has nothing to do with DNS. It acts at the IP level. Does the NSA monitor MayWest, MayEast or other major interconnects? Probable. Do they monitor international links? Very likely. Do they monitor satellite links? Almost certainly yes.
How could government censor a website by having access to the "A" root server? Difficult, to say the least, but possible:
Since root servers only point to gTLD, ccTLD servers, not to web sites, government would need to duplicate those servers, and then point root to them, instead of the current servers. On the duplicated DNS servers, they could e.g. censor websites by deleting their entries.
Changing a single root server's links is not enough. Because all DNS roots get their data from "A", that is the server that will need to be modified.
Duplicating all gTLD and ccTLD servers requires considerable resources. Not only the CPU and bandwidth needs to be provided, those servers must synchronize with the official (original) servers very frequently (at least twice daily), so that registries can add/delete/update domains. This requires administrative changes in the original servers (they must allow zone transfers!), all of them not always under the control of the US Government (no ccTLD server, save.us, is under their control!). Government could use proxies, which relay queries to the original servers, after filtering them, but this won't go unnoticed by the original server's admins! ("Hey, all our traffic comes now from a few proxies! What's that? Diplomatic trouble!")
While the required resources are enormous, governments do have them, if they really choose to go this way. But spending hundreds of millions of dollars just to be able to censor a few websites, is even for governments a silly thing to do. They'd rather order registrars (or the registry) to edit the official gTLD servers (and they'll have to be diplomatic, if they want to censor websites from foreign ccTLD servers anyway).
So, in principle, yes. Anyone who controls "A", can also, in principle, manipulate the whole DNS system, and censor websites.
But let's remember that there's nothing inherently important with "A". We choose to give "A" the status of the root dns server. If we don't like to use this root, we could always switch to an alternate root. Of course, migrating millions of computers, most of them poorly administered Windows machines, to an alternate, non-censored root (should this censorship ever happen) won't happen, so the government could still censor the Net...
We're too naive here! It's too hard to hide their source code (IP?) with perl. They'd be more likely to use Litigation++ (also known as Lit++). Some experts speculate that they may be using Brainf*ck
after all...
Slashdot Mirror
It would be great, if Solaris 10 came with a preinstalled, recent GNU environment suite (gcc, binutils, autoconf, GNUmake and the whole enchilada). It is painful to have to add this from backups or external web sites/CDs. Sun, please put this on the installation CDs as [optional] packages.
Another wish for Solaris 10 would be some kind of port (portage) system like in the BSDs or Gentoo. If Sun maintained such a port collection, it would be a great incentive to use Solaris not only on big servers, but also on desktop machines.
Supposedly Solaris10 will be using a totally new kernel [...] something of a mish-mash of Linux kernel, BSD, and Solaris.
While BSD folks won't object if Solaris 10 contained BSD code (all previous Solaris and SunOS releases did), Linux folks will have to enforce compliance to the GPL if Solaris used parts of the Linux kernel. If the rumors were true, Solaris kernel will be GPLed, and we'll soon be able to look at their sources! Great!
Perhaps Microsoft will finally decide to go open source, like Netscape and Apple?
VeriSign running a bogus SMTP server was very bad from a privacy point of view. Even if they didn't accept the message body (did they? I don't remember), they collected a lot of information that could've been used for traffic analysis. It's none of VeriSign's business to know that I mistyped an email address: they could find out what the real address was. It's none of VeriSign's business to know that I mistyped a URL: they could find out what the real URL was (hamming distance usually 1 or 2). Why should they collect so much information about my email or surfing habits anyway? If I believed in conspiracy theories, I'd suspect that they may be in cahoots with the NSA (I don't think so).
You mean a SAN, not a single disk...
Agreed! :-)
So let's find out the UN's new URL:
www.united-nations.nyc.ny.us for the HQ. ...
Oh, wait, they have dependencies elsewhere:
www.united-nations.wien.at
www.united-nations.geneva.ch, www.united-nations.geneve.ch, www.united-nations.genf.ch,
Or how's about, say, www.apache.org, slashdot.org, ...?
Many multinational organizations and companies wouldn't be happy to be forced to use ccTLDs. Heck, even some individuals would be upset, because they see themselves as world citizens, rather than belonging to a country (and I'm not even talking about people with multiple nationalities). Forcing ccTLDs as IMHO a Bad Thing(tm).
Ever noticed that vir.us is owned by a certain McBride? Coincidence?
This thing isnt going to go away for 5 to 10 years, and I can see it ruining a lot of productive time and effort on the opensource side.
With a little luck, the big company behind SCO's litigation machinery (and we all know who they are, don't we?) would finally see the light, and decide to go Linux. They'll probably buy out SCO and shut down their litigation department altogether, in an effort to gain sympathy among the Open Source user base.
Am I dreaming? Gone nuts? Think about it this way: a lot of corporate sysadmins and IT personnel in the future will be acquainted (and sympathetic) to Linux, and they'll have big purchasing power. If M$ still exists, it will have to foster good relations with those people, if they want to be able to sell anything. Killing this SCO parody now would generate a lot of good Karma in tomorrow's IT world.
If MyDoom was written by Linux zealots, wouldn't it be GPLed? I'd like to see its source code! Any .deb or SRPM out there?
Is it on sourceforge? Where's the CVS repo? Can we collectively improve it? Nah...
Of course they can exist. I remember once a Perl module form CPAN which upon make install issued a big warning that it was a virus and that admins should be careful about the software they download and install. Of course it wasn't a virus, but it could have been. But we're all scrutinizing the source code of every package that we install on our boxes, right? Yeah, right.
Restoring from backup is also a great way to add viruses that you eliminated in the meantime. Most backups are done automatically, and not necessarily after a virus scan. Scary, isn't it?
Maybe people in the security community didn't forget about DARPA's decision not to fund OpenBSD anymore. It doesn't pay to mix politics with research...
it's not hard to build an email server with virus filtering built into it.
Think of back-scatter: when a virus hits a mail server, and the server bounces the message (to the forged sender address), innocent bystanders will get the virus too. And since big MTAs with lots of traffic run on Unix, they can potentially generate a lot of back-scatter... So very indirectly, poorly configured virus filters can worsen the virus problem; wether they're running on Unix or not.
As soon as Linux runs Windows binaries smoothly enough (including games!), there won't be any reason to stick to M$. It's beyond me why this should be so difficult. After all, FreeBSD happily runs Linux binaries too.
Operating a mail server carries special responsibilities with it. You have to make sure that you're not operating an open relay (even inadvertantly), you must monitor your outgoing mail(logs), to make sure that your server is not being abused as a spam source, and you should react to problems such as mail-loops etc., e.g. by assuming the role of postmaster.
While most of us /.-ers are technically savvy enough to do this, a whole lot of Windows-PC owners are not.
Their machines are constantly being hijacked by viruses, and then they become spam zombies from hell. I can
understand why ISPs are reluctant to keep port 25 open to such people. OTOH, I don't like this collective
punishment meted out by some ISPs who don't discriminate between responsible and irresponsible users.
It is quite common for ISPs to block port 25 for dial-up users, but they won't do so if they assign to you a static IP. In most cases, people with static IPs are more responsible (and technically savvy) than Joe Sixpack, and there's often no need to block them. Of course, in an ideal world, the ACLs on ISPs routers would be configured dynamically for every user who logs in. It is easy to implement a whitelist/ blacklist of users and block only those who don't act responsibly, open everything for users who have a good history of fixing bugs or keeping a tight ship, and giving everyone else the benefit of the doubt.
Relaying through the ISP's MTA is not always possible, esp. if you have some virtual domains of your own on your machine.
Why should the Open Source community be afraid of this? We're not competing in this area.
We're not PR hungry, and we don't need the good will of mis-informed journalists, management or politics. We're writing _and_ using Open Source, because we like it, because it is superior, and because it gives us a sense of community that pays off all efforts that we put in it.
The only people who would be afraid of bad publicity, like what's happening now, are the commercial outfits that depend on Linux and who make $$$ by selling Linux(-services) to the enterprise. These outfits aren't doing their homework, which consists of paying PR representatives who would lobby journalists and politicians in favor of our movement. Those companies are all too happy to make money from Linux, but are they willing to help defend its image in the general public? With real money? Nope, thought so...
Mod me down for this, but I'm really disappointed with the lack of support from within the (commercial) Open Source community. The attacks from SCO, Microsoft etc... are not really surprising, nor are they relevant to the existance and survival of Open Source. We are just not yet mature enough to conduct a full-scale PR campaign in our favor, that would, once and for all, help stamp out all this FUD that the other side is all too happy to spread. Or, to put it differently: We're not even trying to defend ourselves!
Why should a Linux business help fund Microsoft by offering a bounty to catch a _Windows_ virus writer? That's Microsoft's business after all. And they (Microsoft) have enough cash to even catch Bin Laden, if they really wanted to.
Who's patented this technique? Surely the USPTO must have something on file...
Oh yeah, please! Let's have him ruin those Windows outfits just as effectively as he's destroying SCO right now. It would be fun to stand by and watch...
Next from Sir Bill of Gates, MS-Knighthood 1.0!
What do you want to be called today?
1. Get to talk to the Queen. ...
2. Buy your Knighthood title.
3.
4. PROFIT!
With MS-Knighthood 1.0, you don't need to browne-nose anymore. Get your own title for o<!-- fohw wef -->nly $199.99! System requirements: Wind</gnfplm>ows XP (to print the certificate), any Microsoft-supported GDI printer and a Passport account. Please note that MS-Knighthood does not run on Linux!
Also available from the Microsoft/Buckingham joint venture: MS-Diploma 1.0 (Get U n i v e r s i t y D i p l o m a s without taking a<!-- xysfoijef -->ny exams. No-one turned down. Discr<!-- foijwef -->eet and reliable.
woefij woeif we adsl kasd g lasghsowifhew efoij
seems like there's nothing to stop the government from censoring a website it really doesn't like with a spook so close to the "A" root server.
How could government censor a website by having access to the "A" root server? Difficult, to say the least, but possible:
So, in principle, yes. Anyone who controls "A", can also, in principle, manipulate the whole DNS system, and censor websites.
But let's remember that there's nothing inherently important with "A". We choose to give "A" the status of the root dns server. If we don't like to use this root, we could always switch to an alternate root. Of course, migrating millions of computers, most of them poorly administered Windows machines, to an alternate, non-censored root (should this censorship ever happen) won't happen, so the government could still censor the Net...
We're too naive here! It's too hard to hide their source code (IP?) with perl. They'd be more likely to use Litigation++ (also known as Lit++). Some experts speculate that they may be using Brainf*ck after all...