I'd say companies need to pay a yearly patent fee - only it multiplies by itself. Start it off at about $ 5. Year 2 = $ 25, Year 3 = $ 625 Year 4 = $ 390,625 Year 5 = $ 152,587,890,625 Year 6 = $ unafordable to anyone and not worth the price in any case.
This would put you and me at an equal footing with large corps: We can afford patents for at least 3 years. And it prevents ANYBODY hogging an idea more than 5 years.
In principal, they can go on for ever and ever though;-)
Maybe off topic for TFA, but not so much for the post.
I agree with you that the more popular a product is, the more it gets attacked. For example, virii needs a certain population density of infectable hosts to proliferate. Linux machines, for example, is not there. I dont think it is truly worth anyones time to write linux, or for that matter anything other that win32, virii.
However, having agreed with you, I also want to argue the security case for linux. Let us for example take writing a virus for linux:
To do some real damage in linux, a virus needs root access. People dont normaly run as root so yes, linux and for that matter *nix is designed more secure than win32.
Maybe I should clarify. In order for the virus to execute, it needs to load itself into memmory and/or infect an executable.
A memory only virus can be easily detected by a process list or something similar and killed by logging off or rebooting.
Infecting an executable is problematic since it needs write access to said executable, a privilege users dont generally have. There are two ways around this.
The first would be to create and executable with the appropriate privileges in the users home directory or/tmp/. This would be the easiest way, but the desructive potential would be limited to the specific user. Also, the virus needs to add a line to one of the users start up scripts to execute on login. Again, this would be trivial to detect and disinfect. If it becomes a problem, a system where MD5s are kept and checked periodically for startup scripts would be a good start.
The second is to gain root privileges by exploiting kernel vulns or software vulns running as root. This is definitely not easy as it seems. Any cracker should be able to testify to that. Also, with so many flavours of linux, some exploits present in some software and some in others, the probability of your virus working is relatively low. This option is definitely not your VB script-kiddie job as some of the high profile w32 virii was - you need to be good to do this, but you could trash the whole system if you can get this right.
OK, there is a third way. It involves tricking the user into actually giving root to the virus. I see that as the greatest threat if more computer semi-literates start using linux. This, IMO, is not an inherent problem of the OS, but the ignorance of the user and can only be fixed by education.
Also, the path of infection in *nix is more difficult. With explorer integrated in the OS, addware and virii are much easier to get in through malicious websites or emails.
To be honest though, the last Microsoft OS I used extensively was W2K which I only used to compile and test win32 versions of my code - usually after a lot of blood, sweat, tears, #defines and swearing;). I dont know much about their security model now. Could be quite good, but I doubt it since we still hear alot about virii and addware infecting the systems.
So, this is my (I think justified) opinion: The Linux security model, while not perfect is definitely better than the win32 model.
To get a bit on topic: Yes, I use firefox exclusively to browse. Once again I dont think it is perfect. I love the features - cant live without tabbed browsing + extentions, but sometimes I get anoyed at some of the quirks - slashdot bug has me pressing ctrl+;ctrl- on every page load for example. BTW yes, it IS firefox's fault.
Is firefox better/more secure/tighter coded than IE? Nobody that truly knows will ever tell - We probably wont trust them in any case;) -. I actually have my doubts. According to some posts I read on slashdot, valgrind spits out quite a few memory leaks. Cant be bothered to find those posts, but try for yourself: $firefox --debuger valgrind
Also, late last year there was another slashdot story http://it.slashdot.org/article.pl?sid=04/10 /19/023 6213 where firefox didnt do too good on broken html. IIRC there was a few buffer overruns inolved which COULD POSSIBLY indicate security vulns. and certainly some slightly less than tight code.
I agree with you on the ease of use. The modern Linux distro is, in my oppinion, MORE easy to use than the Windows.
I havent tried SUSE personally. Im posting this from Ubuntu Hoary. Ive never configured Samba - except to set my workgroup. Needless to say, I'm vissible and the rest of the network is vissible - and actually faster for me than for my MS-centric colleagues.
What I disagree with you about is getting Linux into schools. People keep on using what they are familiar with.
We have a project in South Africa, sponsored by Mark Shuttlewoth that does just that. See TuxLabs. More than 80 schools is already involved. People donate their old hardware to a pool that goes to the schools. Installation and setup is done by volunteers.
Microsoft, of course, tried to donate software. This didnt help them much, because most of these schools didnt have hardware to begin with and they would need to purchase the "donated" software after two years in any case. The result: South Africa use a lot of opensource in schools. Your average kid is familiar with Linux - not Windows. You stay with what you know.
Disclaimer: I live in South Africa. It is not exactly as third world as you would expect. Computers are commonplace, even for the relatively poor.
Granted. There is big problems with all FTL techniques but was that not true for a lot of currently used technologies (Electicity, space flight etc.) 200 years ago? At least general relativity implies that it is possible.
Negative mass: probably can't exist. There's no evidence to support it.
What about the Casimir Effect? Granted, this is not negative mass, but at least negative energy (AFAICR needed for opening stable wormholes, Warp Dirve) probably exists.
You dont need to break lightspeed. You could cheat. See this page for:
Worm Holes
Alcubierre's "Warp Drive"
Negative mass propulsion
Millis's hypothetical "Space Drives" WarpDrives
Your are correct, but this is a bit misleading... Uranium has two common isotopes: U235 and U238. U238 (99.3% of all occuring uranium) is not that dangerous! In fact, the longer a halflife is, the safer the material (take for instance common lead with an infinite halflife). U235 is what is used in Urianium bombs and reactors with a halflife of 700 Milion years. Still a long time, but the percentage is quite low (It is normally refined to about 3% U235 and then used as nuclear fuel).
The fuel pellets can even be handled without protection and no ill effects!
The alabaster parapets of Redmond's capital loom before you in the distance. The proud, defiant armies of Microsoft stand resolute in their final, fleeting moments. All that remains is the shrill, clarion call to battle and the fulfillment of our destiny. The tides of Linux are now at hand!
Which RFCs is that? rfc1034 seems to allow that (section 4.3.3)
I will grant you that this was not the intent of the RFC to allow a loophole which can break the DNS, but mistakes do happen.
Perhaps a case can be made that wildcarding is not allowed for gTLDs. This is open for interpretation.
My opinion is still that Verisign sucks and should be taken down.
Yes. I started using Linux about three years ago (slackware, 2.2 kernel) at work. Never could get the sound card going. Since then I've changed jobs and installed Debian at work (no soundcard here;().
At home I'm running Debian woody with a 2.4.18 kernel. Sound setup was quite easy (just had to load the sb kernel module), but the volume control does'nt work. Havent had time to play yet.
Everything else worked fine (except I had to change permissions for users to access the CD-ROM), even my mouse wheel worked first time!.
I would love to play with the 2.6 kernel since I heard that ALSA is built in.
In fact, scientists are theorising that there is only ONE force (the Grand Unified theory). They have already proved that weak/strong/electromagnetic forces is the same at high enough energy levels, but the predicted levels for unifying with gravity is currently out of reach of our best particle smashers. http://www.grandunifiedtheory.org.il/
Slashdot Mirror
I'd say companies need to pay a yearly patent fee - only it multiplies by itself. Start it off at about $ 5.
;-)
Year 2 = $ 25,
Year 3 = $ 625
Year 4 = $ 390,625
Year 5 = $ 152,587,890,625
Year 6 = $ unafordable to anyone and not worth the price in any case.
This would put you and me at an equal footing with large corps: We can afford patents for at least 3 years. And it prevents ANYBODY hogging an idea more than 5 years.
In principal, they can go on for ever and ever though
Hennie
What about GTK? And QT was also recently released under the GPL for Win32.
Maybe off topic for TFA, but not so much for the post.
/tmp/. This would be the easiest way, but the desructive potential would be limited to the specific user. Also, the virus needs to add a line to one of the users start up scripts to execute on login. Again, this would be trivial to detect and disinfect. If it becomes a problem, a system where MD5s are kept and checked periodically for startup scripts would be a good start.
;) -. I actually have my doubts. According to some posts I read on slashdot, valgrind spits out quite a few memory leaks. Cant be bothered to find those posts, but try for yourself:
0 /19/023 6213
I agree with you that the more popular a product is, the more it gets attacked. For example, virii needs a certain population density of infectable hosts to proliferate. Linux machines, for example, is not there. I dont think it is truly worth anyones time to write linux, or for that matter anything other that win32, virii.
However, having agreed with you, I also want to argue the security case for linux. Let us for example take writing a virus for linux:
To do some real damage in linux, a virus needs root access. People dont normaly run as root so yes, linux and for that matter *nix is designed more secure than win32.
Maybe I should clarify. In order for the virus to execute, it needs to load itself into memmory and/or infect an executable.
A memory only virus can be easily detected by a process list or something similar and killed by logging off or rebooting.
Infecting an executable is problematic since it needs write access to said executable, a privilege users dont generally have. There are two ways around this.
The first would be to create and executable with the appropriate privileges in the users home directory or
The second is to gain root privileges by exploiting kernel vulns or software vulns running as root. This is definitely not easy as it seems. Any cracker should be able to testify to that. Also, with so many flavours of linux, some exploits present in some software and some in others, the probability of your virus working is relatively low. This option is definitely not your VB script-kiddie job as some of the high profile w32 virii was - you need to be good to do this, but you could trash the whole system if you can get this right.
OK, there is a third way. It involves tricking the user into actually giving root to the virus. I see that as the greatest threat if more computer semi-literates start using linux. This, IMO, is not an inherent problem of the OS, but the ignorance of the user and can only be fixed by education.
Also, the path of infection in *nix is more difficult. With explorer integrated in the OS, addware and virii are much easier to get in through malicious websites or emails.
To be honest though, the last Microsoft OS I used extensively was W2K which I only used to compile and test win32 versions of my code - usually after a lot of blood, sweat, tears, #defines and swearing;). I dont know much about their security model now. Could be quite good, but I doubt it since we still hear alot about virii and addware infecting the systems.
So, this is my (I think justified) opinion:
The Linux security model, while not perfect is definitely better than the win32 model.
To get a bit on topic:
Yes, I use firefox exclusively to browse. Once again I dont think it is perfect. I love the features - cant live without tabbed browsing + extentions, but sometimes I get anoyed at some of the quirks - slashdot bug has me pressing ctrl+;ctrl- on every page load for example. BTW yes, it IS firefox's fault.
Is firefox better/more secure/tighter coded than IE? Nobody that truly knows will ever tell - We probably wont trust them in any case
$firefox --debuger valgrind
Also, late last year there was another slashdot story
http://it.slashdot.org/article.pl?sid=04/1
where firefox didnt do too good on broken html. IIRC there was a few buffer overruns inolved which COULD POSSIBLY indicate security vulns. and certainly some slightly less than tight code.
Just my opinion.
It is Eric Raymond!
I agree with you on the ease of use. The modern Linux distro is, in my oppinion, MORE easy to use than the Windows.
I havent tried SUSE personally. Im posting this from Ubuntu Hoary. Ive never configured Samba - except to set my workgroup. Needless to say, I'm vissible and the rest of the network is vissible - and actually faster for me than for my MS-centric colleagues.
What I disagree with you about is getting Linux into schools. People keep on using what they are familiar with.
We have a project in South Africa, sponsored by Mark Shuttlewoth that does just that. See TuxLabs. More than 80 schools is already involved. People donate their old hardware to a pool that goes to the schools. Installation and setup is done by volunteers.
Microsoft, of course, tried to donate software. This didnt help them much, because most of these schools didnt have hardware to begin with and they would need to purchase the "donated" software after two years in any case. The result: South Africa use a lot of opensource in schools. Your average kid is familiar with Linux - not Windows. You stay with what you know.
Disclaimer: I live in South Africa. It is not exactly as third world as you would expect. Computers are commonplace, even for the relatively poor.
Granted. There is big problems with all FTL techniques but was that not true for a lot of currently used technologies (Electicity, space flight etc.) 200 years ago? At least general relativity implies that it is possible.
Negative mass: probably can't exist. There's no evidence to support it.
What about the Casimir Effect? Granted, this is not negative mass, but at least negative energy (AFAICR needed for opening stable wormholes, Warp Dirve) probably exists.
You dont need to break lightspeed. You could cheat.
See this page for:
Worm Holes
Alcubierre's "Warp Drive"
Negative mass propulsion
Millis's hypothetical "Space Drives"
WarpDrives
Your are correct, but this is a bit misleading...
Uranium has two common isotopes: U235 and U238. U238 (99.3% of all occuring uranium) is not that dangerous! In fact, the longer a halflife is, the safer the material (take for instance common lead with an infinite halflife). U235 is what is used in Urianium bombs and reactors with a halflife of 700 Milion years. Still a long time, but the percentage is quite low (It is normally refined to about 3% U235 and then used as nuclear fuel).
The fuel pellets can even be handled without protection and no ill effects!
The alabaster parapets of Redmond's capital loom before you in the distance. The proud, defiant armies of Microsoft stand resolute in their final, fleeting moments. All that remains is the shrill, clarion call to battle and the fulfillment of our destiny. The tides of Linux are now at hand!
No, it is a giant super computer built by the Magaratheans.
Interesting...
That search result is to this article!
Which RFCs is that?
rfc1034 seems to allow that (section 4.3.3)
I will grant you that this was not the intent of the RFC to allow a loophole which can break the DNS, but mistakes do happen.
Perhaps a case can be made that wildcarding is not allowed for gTLDs. This is open for interpretation.
My opinion is still that Verisign sucks and should be taken down.
No, being ambigious, that one is out. It should be:
XML r00lz = about 147
or
XML r001z = about 3
Yes. I started using Linux about three years ago (slackware, 2.2 kernel) at work. Never could get the sound card going. Since then I've changed jobs and installed Debian at work (no soundcard here ;().
At home I'm running Debian woody with a 2.4.18 kernel. Sound setup was quite easy (just had to load the sb kernel module), but the volume control does'nt work. Havent had time to play yet.
Everything else worked fine (except I had to change permissions for users to access the CD-ROM), even my mouse wheel worked first time!.
I would love to play with the 2.6 kernel since I heard that ALSA is built in.
Sorry, forgot the link...
A nice explanation
A nice explanation
In fact, scientists are theorising that there is only ONE force (the Grand Unified theory). They have already proved that weak/strong/electromagnetic forces is the same at high enough energy levels, but the predicted levels for unifying with gravity is currently out of reach of our best particle smashers.
http://www.grandunifiedtheory.org.il/
The trojans profile you!
So, in the rest of the world too...