Primarily I got lucky and happened to reload/. just as this story was posted and before it had comments. I took the opportunity to blow the whistle a bit.
It's still on topic, though, since this story purports to be an interview of an individual's experiences in that arena. The individual in question can't be trusted to give accurate information, in my experience and the experience of others. Therefore it's questionable that the interview iteslf is about the actual current state of Linux acceptance or momentum in state and local government. If that issue is of interest to you, please fact-check anything in that interview before you accept it as true.
And of course I'm bitter. That doesn't it isn't behind us. I hadn't given it a thought for a good year until this story popped up.
Yes, but there's a serious difference between normal people making money and the kind of stuff SCO/etc. are into. The groklaw story from earlier today summed it up pretty well when it noted the absolute lack of morals it takes for a firm to suggest that they don't care if all of OSS goes down the tubes if it makes them a little more money, nevermind the demonstrable loss to the world economy/etc. that would be.
Believe me, I'm not remotely opposed to people making money for providing services. I'm not a pie-in-the-sky FSF type. Tom's aspirations were a lot more... I won't use the word "malicious", but the above reference to writing his own interviews to generate press for himself, without disclosure, should get the point across.
What Redhat and IBM are doing to get my money are (mostly) fine by me. What SCO is trying to do to get my money is categorically not fine by me. There's a big difference, and it's at the root a difference of morals. IBM could certainly get away with some of the SCO tactics if they tried, but they don't try. Yes, it's probably self-serving morality which recognizes better the long term effects of making enemies vs. making friends, but it's still a difference, and society still benefits from one and is harmed by the other.
Thanks. My first thought also was that he wrote and submitted this himself, but I didn't bother saying it, partly because it's been long enough I couldn't remember names like Consulting Times (one of my wife's tasks while at Bynari was some web work on an early rendition of that site).
I'm not looking to gun for him either. We put this behind us a long time ago. But I really would like for people to know what he's like, lest he ever manage to suceed in digging himself deep enough that he can cause real damage ala Caldera/SCO.
Shortly after he started Bynari, she got a job working for them with their then business model of acting as a US support center for Mandrake. It looked like a good opportunity at the time, but it went sour pretty fast.
I spent some time talking to Tom and was shocked to find out he didn't apparently care all that much about OSS. He mostly cared about finding ways to make money off it. He was positively giddy when describing to me various turnkey vendors he was talking to who were building net appliances (consumer firewalls, etc.) which ran GNU/Linux but were themselves closed systems. They were pretty upfront when talking to investors that they were able to do this legally by making sure all of their mods were routed through kernel modules which were written in such a way they could stay proprietary. A lot of big vendors do this without trouble, it was more these guys' attitude that they were so clever for getting a free ride on Linux this way. It disgusted me.
Anyway, Adelstein continually was trying to change Bynari's business model to find something that would make the big money. He reminds me of nothing so much as the Loki top brass fiasco stories or the Caldera/SCO stuff. He loves to talk himself up and position himself as a big name Linux consultant, but in my experience cares very little about software freedom for it's own sake or has any kind of deep technical understanding of what's even going on.
But then maybe I'm just bitter because he fired my wife less than a week after finding out she was pregnant (draw your own conclusions), based on (foundless and unsupported) claims that she had been actively working to impair and destroy their systems. Then he refused to pay us the moving expenses he owed us until we got lawyers involved and reached a settlement. A few months after that was over we got contacted by the former Bynari CIO who had been fired after Tom reportedly claimed he was selling company secrets to the Japanese. I really tried to lose track of him after that.
The most important problem with whitelist systems is that the whitelists themselves become a commodity. People who are now selling their internal distribution lists on the sly will start selling their company whitelists as well. Have a business partner you *always* accept mail from? Expect more and more of your spam to look like it's coming from that domain. Spammers are already doing it. On the individual level they're crawling for "good" mail routes into given mail boxes along with the mail addresses for those boxes; e.g., if they find foo@bar.com in a mailing list archive on the web, they'll also note that that person probably accepts mail from that mailing list, and forge their spam to that person accordingly.
Whitelists were routed around by spammers and obsoleted within weeks of becoming a fad. Adaptive content-based filters are the only thing that stand a chance in the long term.
The whitelist could be IP address list based (e.g., amazon's IP range would be whitelisted rather than Amazon's domain name). Also, the threat of tangling with, say, Amazon.com's attorney's would make most spammers hesitate to forge "customerservice@amazon.com".
IP address based just means they'll forge the headers to show the IP address. Unless you mean you're going to configure your MX to only accept mail from the IPs on your whitelist, which would turn into a supreme pain in the ass.
As for "amazon.com's attorney"... er, something makes me wonder how much you've actually dealt with fighting spam. They've been forging those kinds of headers for years. They couldn't care less (spammers or amazon).
And then all the spammers have to do is send mail with headers forged to make it look like it came from "the big guys". They're already doing this, actually.
Actually, they require spam (for UCE) vs. SPAM (tm). And yeah, it's only fair we go along, since they've been such good sports, despite the association between their brand and such a despicable group of sub-humans.
Because you aren't free to just make any work you want that includes someone elses copyrighted material and get away with it on the grounds that you claim it's parody. Works which incorporate someone else's IP are derivative works, and they're what copyright law in the old-fashioned sense makes illegal. There are exceptions, such as parody, where people can make derivative works for the purposes of exercising their maintained right to criticize something. Copyright is basically a legal restriction on free speech, but is itself restricted from banning speech that's expressive/critical/etc. as opposed to commercial in nature.
For the SS cartoon to be free from a charge of being an unauthorized derivative work of the Strawberry Shortcake(R) property, it needs to actually be making a protected statement about SS, American Greetings, etc. It really isn't. It's making a statement about American McGee.
This is why it's not a clear cut case of parody. Unfortunately people are being so quick to yell foul that they're missing this pretty obvious point.
screen does, though. the "small tools" philosophy way of doing things that both vi and screen adhere to says vi is the text editor and screen is the terminal handler. so you can do this kind of collaboration using your editor, your mail client, your web browser... anything that runs from a console. and your editor can stick to adding editing features.
Yeah. I can stop my hiccups just by concentrating on it. I discovered this a few years ago and it's worked consistently since then, except for a couple times when I was really too tired to concentrate hard enough.
A lot of people are recommending "Running Linux", but I never found that one I wanted to refer to most of the people who ask me.
Sobell's "Practical Linux" is good, as someone noted. Lasser's "Think Unix" is also excellent, and the only text I know of that does such a good job of explaining why Unix is *different*, not just in command names but in philosophy and structure. It's the grammer to Unix, where most other texts are only the vocabulary.
I also used to recommend the install and reference guides for Mandrake's distro, as I found it one of the better newbie guides around. I haven't read it over in a few major versions, though, so I don't know if this is still true.
Re:TCP syslogging already available
on
SDSC Secure Syslog
·
· Score: 4, Informative
secure-syslog isn't just about TCP, it's about 100% reliability in high high volume environments. Nothing out there right now can do that. When I talked to these guys at the 2002 Usenix Security Conference, they were targeting environments that wanted to run IIS/Apache weblogs over syslog for hundreds or thousands of hosts, without ever dropping a line. The regex stuff is left out because a) other tools can already do it better (the Unix way) and b) it doesn't directly help the goal of reliability in high-volume environments (which requires speed among other things) and therefore is bloat that would likely hurt that goal.
I've been anxiously waiting for this announcement since then. Too bad about the license; hopefully they get it fixed soon.
No, 'me' is _M_ichael _E_lkins, the original author of Mutt.
People make this mistake pretty often, though. I mostly just maintain the web page, though I have contributed some doc and other patches here and there, and am as active in the user community as RL allows.
As I noted elsewhere, "they" *are* CVS, for all practical purposes. CVS is very old and showing its age and it's time for a rewrite. Updating has reached the end of where it can be useful, considering even CVS's networking layer was added as an afterthought/extension. Subversion is intended to supplant CVS.
It would be more accurate to say subversion:CVS::mozilla:netscape4. Subversion is intended to replace CVS, and it's core team is made up many of the people that currently maintain CVS. CVS has really reached the end of its life cycle; its really showing its age, and it just doesn't make sense to extend it anymore. No, this is not a "CVS is dying" post, but anyone who has adminned it has been frustrated with it from time to time, and Subversion aims to remedy that. They're keeping what's good about CVS and replacing the bad with better things based on decades of experience with CVS and improvements in the SCM field in general.
This is intended to be a replacement for CVS. No less, and no more (for the "more", see some of the more experimental SCM stuff like Tom Lord's arch).
No one ever notes this, but Mandrake isn't just for newbies. It's actually a very good distribution for experienced sysadmins. Yeah, I know the've made their big rep on the "user friendly" front, and most people assume that a distro can't cater to both newbies and sysadmins... I used to think that, and never cared about giving Mandrake a look.
Then I got tired enough of trying to find a distro that really was what I as a sysadmin wanted (after trying redhat, slackware, debian, and suse, which back then were the main options), so I went ahead and gave Mandrake a whirl. I was very pleasantly surprised. Not only have they made sure the experienced users can disable the GUI stuff and not have it break the distro, they actually do active development in the areas that sysadmins care about. And their cooker development area is full of lots of good action for the bleeding edge types, whether you care about the latest GNOME & KDE or just ncurses & xterms.
Not to be flamebait, but I found in a nutshell that they contained all the source-y and sensible goodness I expected to get from Debian's policies and package management (the meatspace components of it, not dpkg itself), without some of the stuff I didn't like (which will remain here unnamed to avoid a distro war).
Mandrake was good enough that when I switched years ago I was able to use it as a base to compile everything on my home box from scratch and go from there ("why?" because it was there). Now that Gentoo & others are around, I'm planning to check those out and probably move on, but at least time when I switch distros it won't be because the one(s) I'm leaving behind are inadequate for someone that wants lots of control over their system.
Ok, Gav replied to my email to quickly note it IS available without the click through, if you go to About Us | Business Model. I still think it's too hidden, but that's mostly a web usability issue.
It's important to note that you can't even see that bit right now without clicking "I Agree" to their source license. I saw the old version of their site, which had a very prominent mention of their experiment with the Street Performer Protocol, and I had a lot of trouble finding the bit you quoted this time around. I was afraid it was perhaps gone until I saw the comments here and figured it out. Someone who didn't know it was there already would not likekly find it, especially if their initial reaction was offense and then they were presented with a license they didn't like.
I'm going to send them an email and suggest they make that bit more prominent again... they're going to need general community support to survive, the gamers alone won't do it. I think their experiment is a great one and I've heard several people say they signed up even though they don't play games because they support the development model. But people need to know about this experiment to support it... I can't imagine why they made it so less prominent than it was before, it's their entire business model.
All of the hits I'm getting are coming from 64.x.x.x machines. Most are coming from 64.90.x.x. My own subnet falls within 64.90.x.x, so maybe the worm attacks near machines first. Of course,/. is also inside 64.x.x.x...
Slashdot Mirror
Primarily I got lucky and happened to reload /. just as this story was posted and before it had comments. I took the opportunity to blow the whistle a bit.
It's still on topic, though, since this story purports to be an interview of an individual's experiences in that arena. The individual in question can't be trusted to give accurate information, in my experience and the experience of others. Therefore it's questionable that the interview iteslf is about the actual current state of Linux acceptance or momentum in state and local government. If that issue is of interest to you, please fact-check anything in that interview before you accept it as true.
And of course I'm bitter. That doesn't it isn't behind us. I hadn't given it a thought for a good year until this story popped up.
Wow, it took over an hour for someone to make an unoriginal derogatory remark about my wife. What is slashdot coming to?
Yes, but there's a serious difference between normal people making money and the kind of stuff SCO/etc. are into. The groklaw story from earlier today summed it up pretty well when it noted the absolute lack of morals it takes for a firm to suggest that they don't care if all of OSS goes down the tubes if it makes them a little more money, nevermind the demonstrable loss to the world economy/etc. that would be.
... I won't use the word "malicious", but the above reference to writing his own interviews to generate press for himself, without disclosure, should get the point across.
Believe me, I'm not remotely opposed to people making money for providing services. I'm not a pie-in-the-sky FSF type. Tom's aspirations were a lot more
What Redhat and IBM are doing to get my money are (mostly) fine by me. What SCO is trying to do to get my money is categorically not fine by me. There's a big difference, and it's at the root a difference of morals. IBM could certainly get away with some of the SCO tactics if they tried, but they don't try. Yes, it's probably self-serving morality which recognizes better the long term effects of making enemies vs. making friends, but it's still a difference, and society still benefits from one and is harmed by the other.
Thanks. My first thought also was that he wrote and submitted this himself, but I didn't bother saying it, partly because it's been long enough I couldn't remember names like Consulting Times (one of my wife's tasks while at Bynari was some web work on an early rendition of that site).
I'm not looking to gun for him either. We put this behind us a long time ago. But I really would like for people to know what he's like, lest he ever manage to suceed in digging himself deep enough that he can cause real damage ala Caldera/SCO.
Shortly after he started Bynari, she got a job working for them with their then business model of acting as a US support center for Mandrake. It looked like a good opportunity at the time, but it went sour pretty fast.
I spent some time talking to Tom and was shocked to find out he didn't apparently care all that much about OSS. He mostly cared about finding ways to make money off it. He was positively giddy when describing to me various turnkey vendors he was talking to who were building net appliances (consumer firewalls, etc.) which ran GNU/Linux but were themselves closed systems. They were pretty upfront when talking to investors that they were able to do this legally by making sure all of their mods were routed through kernel modules which were written in such a way they could stay proprietary. A lot of big vendors do this without trouble, it was more these guys' attitude that they were so clever for getting a free ride on Linux this way. It disgusted me.
Anyway, Adelstein continually was trying to change Bynari's business model to find something that would make the big money. He reminds me of nothing so much as the Loki top brass fiasco stories or the Caldera/SCO stuff. He loves to talk himself up and position himself as a big name Linux consultant, but in my experience cares very little about software freedom for it's own sake or has any kind of deep technical understanding of what's even going on.
But then maybe I'm just bitter because he fired my wife less than a week after finding out she was pregnant (draw your own conclusions), based on (foundless and unsupported) claims that she had been actively working to impair and destroy their systems. Then he refused to pay us the moving expenses he owed us until we got lawyers involved and reached a settlement. A few months after that was over we got contacted by the former Bynari CIO who had been fired after Tom reportedly claimed he was selling company secrets to the Japanese. I really tried to lose track of him after that.
The most important problem with whitelist systems is that the whitelists themselves become a commodity. People who are now selling their internal distribution lists on the sly will start selling their company whitelists as well. Have a business partner you *always* accept mail from? Expect more and more of your spam to look like it's coming from that domain. Spammers are already doing it. On the individual level they're crawling for "good" mail routes into given mail boxes along with the mail addresses for those boxes; e.g., if they find foo@bar.com in a mailing list archive on the web, they'll also note that that person probably accepts mail from that mailing list, and forge their spam to that person accordingly.
Whitelists were routed around by spammers and obsoleted within weeks of becoming a fad. Adaptive content-based filters are the only thing that stand a chance in the long term.
The whitelist could be IP address list based (e.g., amazon's IP range would be whitelisted rather than Amazon's domain name). Also, the threat of tangling with, say, Amazon.com's attorney's would make most spammers hesitate to forge "customerservice@amazon.com".
IP address based just means they'll forge the headers to show the IP address. Unless you mean you're going to configure your MX to only accept mail from the IPs on your whitelist, which would turn into a supreme pain in the ass.
As for "amazon.com's attorney"... er, something makes me wonder how much you've actually dealt with fighting spam. They've been forging those kinds of headers for years. They couldn't care less (spammers or amazon).
And then all the spammers have to do is send mail with headers forged to make it look like it came from "the big guys". They're already doing this, actually.
Actually, they require spam (for UCE) vs. SPAM (tm). And yeah, it's only fair we go along, since they've been such good sports, despite the association between their brand and such a despicable group of sub-humans.
http://www.spam.com/ci/ci_in.htm
Because you aren't free to just make any work you want that includes someone elses copyrighted material and get away with it on the grounds that you claim it's parody. Works which incorporate someone else's IP are derivative works, and they're what copyright law in the old-fashioned sense makes illegal. There are exceptions, such as parody, where people can make derivative works for the purposes of exercising their maintained right to criticize something. Copyright is basically a legal restriction on free speech, but is itself restricted from banning speech that's expressive/critical/etc. as opposed to commercial in nature.
For the SS cartoon to be free from a charge of being an unauthorized derivative work of the Strawberry Shortcake(R) property, it needs to actually be making a protected statement about SS, American Greetings, etc. It really isn't. It's making a statement about American McGee.
This is why it's not a clear cut case of parody. Unfortunately people are being so quick to yell foul that they're missing this pretty obvious point.
screen does, though. the "small tools" philosophy way of doing things that both vi and screen adhere to says vi is the text editor and screen is the terminal handler. so you can do this kind of collaboration using your editor, your mail client, your web browser... anything that runs from a console. and your editor can stick to adding editing features.
Yeah. I can stop my hiccups just by concentrating on it. I discovered this a few years ago and it's worked consistently since then, except for a couple times when I was really too tired to concentrate hard enough.
I was a Linux newbie once. If someone had started me with a GUI and I'd not realized the CLI was there, I would never have bothered.
Newbie != point and drooler.
A lot of people are recommending "Running Linux", but I never found that one I wanted to refer to most of the people who ask me.
Sobell's "Practical Linux" is good, as someone noted. Lasser's "Think Unix" is also excellent, and the only text I know of that does such a good job of explaining why Unix is *different*, not just in command names but in philosophy and structure. It's the grammer to Unix, where most other texts are only the vocabulary.
I also used to recommend the install and reference guides for Mandrake's distro, as I found it one of the better newbie guides around. I haven't read it over in a few major versions, though, so I don't know if this is still true.
secure-syslog isn't just about TCP, it's about 100% reliability in high high volume environments. Nothing out there right now can do that. When I talked to these guys at the 2002 Usenix Security Conference, they were targeting environments that wanted to run IIS/Apache weblogs over syslog for hundreds or thousands of hosts, without ever dropping a line. The regex stuff is left out because a) other tools can already do it better (the Unix way) and b) it doesn't directly help the goal of reliability in high-volume environments (which requires speed among other things) and therefore is bloat that would likely hurt that goal.
I've been anxiously waiting for this announcement since then. Too bad about the license; hopefully they get it fixed soon.
No, 'me' is _M_ichael _E_lkins, the original author of Mutt.
People make this mistake pretty often, though. I mostly just maintain the web page, though I have contributed some doc and other patches here and there, and am as active in the user community as RL allows.
mutt.org's provider has been having some bandwidth issues for a couple weeks now.
The most current stable release is Mutt 1.4.
As I noted elsewhere, "they" *are* CVS, for all practical purposes. CVS is very old and showing its age and it's time for a rewrite. Updating has reached the end of where it can be useful, considering even CVS's networking layer was added as an afterthought/extension. Subversion is intended to supplant CVS.
It would be more accurate to say subversion:CVS::mozilla:netscape4. Subversion is intended to replace CVS, and it's core team is made up many of the people that currently maintain CVS. CVS has really reached the end of its life cycle; its really showing its age, and it just doesn't make sense to extend it anymore. No, this is not a "CVS is dying" post, but anyone who has adminned it has been frustrated with it from time to time, and Subversion aims to remedy that. They're keeping what's good about CVS and replacing the bad with better things based on decades of experience with CVS and improvements in the SCM field in general.
This is intended to be a replacement for CVS. No less, and no more (for the "more", see some of the more experimental SCM stuff like Tom Lord's arch).
No one ever notes this, but Mandrake isn't just for newbies. It's actually a very good distribution for experienced sysadmins. Yeah, I know the've made their big rep on the "user friendly" front, and most people assume that a distro can't cater to both newbies and sysadmins... I used to think that, and never cared about giving Mandrake a look.
Then I got tired enough of trying to find a distro that really was what I as a sysadmin wanted (after trying redhat, slackware, debian, and suse, which back then were the main options), so I went ahead and gave Mandrake a whirl. I was very pleasantly surprised. Not only have they made sure the experienced users can disable the GUI stuff and not have it break the distro, they actually do active development in the areas that sysadmins care about. And their cooker development area is full of lots of good action for the bleeding edge types, whether you care about the latest GNOME & KDE or just ncurses & xterms.
Not to be flamebait, but I found in a nutshell that they contained all the source-y and sensible goodness I expected to get from Debian's policies and package management (the meatspace components of it, not dpkg itself), without some of the stuff I didn't like (which will remain here unnamed to avoid a distro war).
Mandrake was good enough that when I switched years ago I was able to use it as a base to compile everything on my home box from scratch and go from there ("why?" because it was there). Now that Gentoo & others are around, I'm planning to check those out and probably move on, but at least time when I switch distros it won't be because the one(s) I'm leaving behind are inadequate for someone that wants lots of control over their system.
except that you opened a nested whore tag before you closed his, so there's still one open.
</comment>
</whore>
Ok, Gav replied to my email to quickly note it IS available without the click through, if you go to About Us | Business Model. I still think it's too hidden, but that's mostly a web usability issue.
It's important to note that you can't even see that bit right now without clicking "I Agree" to their source license. I saw the old version of their site, which had a very prominent mention of their experiment with the Street Performer Protocol, and I had a lot of trouble finding the bit you quoted this time around. I was afraid it was perhaps gone until I saw the comments here and figured it out. Someone who didn't know it was there already would not likekly find it, especially if their initial reaction was offense and then they were presented with a license they didn't like.
I'm going to send them an email and suggest they make that bit more prominent again... they're going to need general community support to survive, the gamers alone won't do it. I think their experiment is a great one and I've heard several people say they signed up even though they don't play games because they support the development model. But people need to know about this experiment to support it... I can't imagine why they made it so less prominent than it was before, it's their entire business model.
All of the hits I'm getting are coming from 64.x.x.x machines. Most are coming from 64.90.x.x. My own subnet falls within 64.90.x.x, so maybe the worm attacks near machines first. Of course, /. is also inside 64.x.x.x...
It is. My wife worked at Bynari* and did some stuff with the Consulting Times site.
(*She got fired a few days after informing them she was pregnant. Draw your own conclusions.)