When I typed my previous message, I assumed that I would get flamed by rabid OSSers for dissin their religion, not get tweaked by a M$ apologist for agreeing with them.
As I see it, there are as many vulnerabilities found in OSS as there are in microsofts offerings, BUT with MS, there is one organisation responsible for all of them, but with OSS there are lots of different people responsible.
So no single OSS org/group is responsible for having a vuln. every week or so as microsoft is.
The other thing is when vulns. are found in OSS, there is quicker response.
Whose fault is it when a box is breached?
well you have to take into account that keeping anything fully patched these days is a full time job. There IS such a thing as patch fatigue...
For instance, for a home setup, how many evenings in a month would YOU Be happy to set aside for patching? 1, 2? 10? at some point you just get sick of it and decide that if you are breached, you will THEN strip down the machine and re-install...
I must admit to this behaviour myself. Ensure that all binaries are installed off the root partition/bin/usr/bin etc, and wipe this partition at each re-install...
It does make removing rootkits much easier on Linux than it is to remove all spyware from a windows install.
for 30squid, that keyboard betta be a NICE CLICKY one like those old IBM keyboards...
None of that spongy rubber sheet business...
Having said that, if I am shopping for a kbd, and there are two nice cherry click keyboards, one with a windows logo, the other with Tux... well there is no choice...:-)
Forgetting the obvious bias that the authors of this article have.
Lets turn the logic of this argument around for a while.
Why should any non-US government trust M$ o/s or tools for this very same reason. And indeed because the source is closed, how would we know.
If opensource software is not safe for US companies, then closed source software is not safe for ANYONE but MS to use.
There have been significant conspiracy theories in the past about how lightly M$ got off after being found culpable by the DOJ. Could there be some deal to undermine other countries by embedding spyware into the Operating System?
Sounds like the plot for "Pelican Brief II" (I want my part to be played by Jack Black!)
Indeed, and what troubles me is the possibility that government policy will be influenced by these statistics with no real guarantee that this is a problem.
Also, do they class a visit as a single HTTP conversation or an access to a base HTML document or what?
does a single page with 20-30 images (frame edging etc) constitute 21-31 individual statistics?
lies, damned lies and statistics.
Please, there are no WMD here, get the "intelegence" right before you start waging war.
All they need to to force through the principle that all software must be signed with an authenticated signature.
then, when someone puts the install disk for redhat into a system to install it they get "executable not authenticated, push off".
No user experience, nothing.
they have been moving in this direction at WINHEC for ages... one small step at a time.
And if they can use the RIAA/MPAA as the scapegoat for locking everyone else out of their hardware, then so much the better.
Even if redhat gets an authentication key, you will never again be able to compile your own apps.
so there goes most OSS development. the barrier for entry will be just that little bit too high.
The sad thing is that microsoft and all other software vendors have been able to grow and prosper using the staff who learned programming at home themselves, but it looks like they are pushing for a situation where the only people allowed to program will have to have licenses and be taught only in formal schools.
It will severely curtail the rate of innovation and higher the cost of staff.
DRM is not something that Microsoft is trying to promote because it wants to safeguard hollywood content.
It is a technology they are trying to force on everyone because it allows them a greater level of control over their market, and they are using the Hollywood lobby to push their own agenda.
As such, Corys talk can be used to unmask their real plans by debunking the "spin"
In the end it does not matter, turing will out!
what happens when Moores Law cranks a couple of more notches and we can use MS Excel as a media player by scripting it with VBA?
"innovations such as human flight, refrigeration, electrification, the telephone, automobiles, television, computers, space travel and the Internet"
Lets just take the last 3...
Computers - Manchester Mark 1, Manchester ENGLAND Space Travel - Von Braun (sp?), GERMAN Internet - what most people perceive as the internet is embodied in the world wide web... Tim Bernes Lee - British working at CERN.
So America has a corner on innovation? twaddle.
I am sick of Americans re-writing history to show that they did everything.
Slashdot Mirror
And that was what I was trying to get at.
:-)
When I typed my previous message, I assumed that I would get flamed by rabid OSSers for dissin their religion, not get tweaked by a M$ apologist for agreeing with them.
Still, some people are never satisfied!
To a degree, no.
/bin /usr/bin etc, and wipe this partition at each re-install...
As I see it, there are as many vulnerabilities found in OSS as there are in microsofts offerings, BUT with MS, there is one organisation responsible for all of them, but with OSS there are lots of different people responsible.
So no single OSS org/group is responsible for having a vuln. every week or so as microsoft is.
The other thing is when vulns. are found in OSS, there is quicker response.
Whose fault is it when a box is breached?
well you have to take into account that keeping anything fully patched these days is a full time job. There IS such a thing as patch fatigue...
For instance, for a home setup, how many evenings in a month would YOU Be happy to set aside for patching? 1, 2? 10? at some point you just get sick of it and decide that if you are breached, you will THEN strip down the machine and re-install...
I must admit to this behaviour myself.
Ensure that all binaries are installed off the root partition
It does make removing rootkits much easier on Linux than it is to remove all spyware from a windows install.
Hmmmm,
OSS has more developers than Microsoft as a whole.
Microsoft has more developers than Mono alone.
Mono is tracking Microsoft APIs.
Would microsoft choose to generate a mass of APIs, wait to see which one MONO follows and then deprecate it?
Nahhh... couldnt possibly do that!
That would be mean!
Whats important in a keyboard is the feel....
:-)
Nothing else....
do YOU look at the keyboard when you type?
for 30squid, that keyboard betta be a NICE CLICKY one like those old IBM keyboards...
None of that spongy rubber sheet business...
Having said that, if I am shopping for a kbd, and there are two nice cherry click keyboards, one with a windows logo, the other with Tux... well there is no choice...
Quantel paintbox, mozaic, overlays (custom wallpapers, clock display, stock market ticker (for those who care))
the ultimate (secure) display system for on the move computing...
Its nice to see DaVinci designing again...
This bears a striking resemblance to his design for a "helicopter"
As they say, "nothing new under the sun".
Radio contact broken when the rover hides under a rock...
How are these jobs to be gained?
Are they projections of the number of staff to be gained due to outsourcing deals.
If it is, what is the longterm prognosis for these staff, will they be offshored quickly?
Lies, Damned Lies and statistics.
Sometimes the numbers are not the whole truth.
Yep, this is pretty bad, as you can register a patent pretty much for anything, there is not much supervision/oversight.
But once registered it can be a powerful force for fear without every actually being tested.
If you wanted to design something to create the most FUD for the least action, you couldnt do much better than this.
On arteries? and so, less chance of a stroke, or a blood vessel tearing?
Blood pressure monitors would not work as you would not have the two readings?
Would your bodys sense of rhythm be altered? no internal metronome?
Forgetting the obvious bias that the authors of this article have.
Lets turn the logic of this argument around for a while.
Why should any non-US government trust M$ o/s or tools for this very same reason. And indeed because the source is closed, how would we know.
If opensource software is not safe for US companies, then closed source software is not safe for ANYONE but MS to use.
There have been significant conspiracy theories in the past about how lightly M$ got off after being found culpable by the DOJ. Could there be some deal to undermine other countries by embedding spyware into the Operating System?
Sounds like the plot for "Pelican Brief II" (I want my part to be played by Jack Black!)
Any unfounded claims to yet again churn the media and fuel another cycle of funding (either misguided or selfserving).
Anything to prolong the story.
This is all they have, there is no sustainable business plan, no ongoing investment, no hope of a true future.
All there is is short-term stock inflation and lawyers fees.
And for some, that is enough.
Indeed, and what troubles me is the possibility that government policy will be influenced by these statistics with no real guarantee that this is a problem.
Also, do they class a visit as a single HTTP conversation or an access to a base HTML document or what?
does a single page with 20-30 images (frame edging etc) constitute 21-31 individual statistics?
lies, damned lies and statistics.
Please, there are no WMD here, get the "intelegence" right before you start waging war.
Arghlll... Houmus!
I am sorry, but project looking glass...
"a revolutionary evolution"! come on people.
I started this message very critical of the system as it currently stands, but in writing this comment, I have reviewed the ultimate goals.
There are ways to crack or spoof this system. It is far from secure and should not be considered by anyone as foolproof.
It is a compromise between security and personal freedom and as such may serve neither.
No, No, NO, NO, *NO*...
NEVER EVER have data used for authentication physically ON the security token...
The black hats just write their own details to a card and have done with it.
You should only have an identifier on the card that is used only for keying a record from a (supposedly) secure database.
This identifier should be used nowhere else, so as to limit the data exposed if a card falls into the wrong hands.
As has been said before, any move by Microsoft to open their source have to be viewed with extreme caution.
What guarantee do we have that this code will remain "open"? will anything that a developer does once having looked at the code be tainted?
Even if the code is open, what is the consequence if the code implements a feature covered by a patent?
Could this be a ploy to attempt to taint OSS projects with patent encumbered methods?
They don't even need that.
All they need to to force through the principle that all software must be signed with an authenticated signature.
then, when someone puts the install disk for redhat into a system to install it they get "executable not authenticated, push off".
No user experience, nothing.
they have been moving in this direction at WINHEC for ages... one small step at a time.
And if they can use the RIAA/MPAA as the scapegoat for locking everyone else out of their hardware, then so much the better.
Even if redhat gets an authentication key, you will never again be able to compile your own apps.
so there goes most OSS development. the barrier for entry will be just that little bit too high.
The sad thing is that microsoft and all other software vendors have been able to grow and prosper using the staff who learned programming at home themselves, but it looks like they are pushing for a situation where the only people allowed to program will have to have licenses and be taught only in formal schools.
It will severely curtail the rate of innovation and higher the cost of staff.
DRM is not something that Microsoft is trying to promote because it wants to safeguard hollywood content.
It is a technology they are trying to force on everyone because it allows them a greater level of control over their market, and they are using the Hollywood lobby to push their own agenda.
As such, Corys talk can be used to unmask their real plans by debunking the "spin"
In the end it does not matter, turing will out!
what happens when Moores Law cranks a couple of more notches and we can use MS Excel as a media player by scripting it with VBA?
Where is your DRM then...
SCO will continue to exist until the court cases show that they have no case, at which point they will implode.
long before that there will not really be much left other than a CEO, company accountant and liason to the law firm.
Any suggestion which prolongs this or other lawsuits will just prolong the problem. We really want this sorted as quickly as possible.
The longer this continues, the longer we are focused on this and away from other things...
1) development effort
2) notice that another company is quietly (or not so quietly) trying to patent everything under the sun (pun intended)
SCO are an irrelevent distraction that everyone involved should be working to eradicate as an issue as quickly as possible.
Well, not really, thats how it USED to work...
0 4. html
Now (post dotcom bubble) the game is different.
http://www.pbs.org/cringely/pulpit/pulpit200403
Cheers, FG.
"innovations such as human flight, refrigeration, electrification, the telephone, automobiles, television, computers, space travel and the Internet"
Lets just take the last 3...
Computers - Manchester Mark 1, Manchester ENGLAND
Space Travel - Von Braun (sp?), GERMAN
Internet - what most people perceive as the internet is embodied in the world wide web... Tim Bernes Lee - British working at CERN.
So America has a corner on innovation? twaddle.
I am sick of Americans re-writing history to show that they did everything.
Lets not forget that from the information in this article, they are applying for patents for ideas generated within the IETF.
So unless the proposing member of the IETF is an employee of Cisco this is theft.
If they are, arent you meant to keep an innovation secret prior to being granted a patent?
Not evil, just selfserving...
Microsoft tell the customer that what they do is in the customers interests.
This is untrue, in fact a lie. EVERYTHING they do is in MICROSOFTS interests.
XAML? what about XSLT?
It is not that XAML is not here, but it IS that it is an encumbered artifact that will only be available on a single vendor platform.
This is not in the customers interests, but Microsofts.
It is this act of deception, this lie that is most annoying.
Microsoft, stop lying, stand up, be honest.
hehe, sorry, what was I thinking.