I don't necessarily agree with your argument either.
Build it and they will come. Is true for the most part, but I do believe that because firefox is removed from the OS, that its bugs wont be able to infect the rest of the system as readily as IE bugs will.
Now if Microsoft removed IE from the kernel(Who knows if its actually in there, they say it is) and make it an application which works on top of Windows, like the old Mac version did, then I don't think it would be as bad for security as it is.
There are a basic differences between how some open source things are coded and how proprietary things are coded. I know when I'm writing something for my job, first I want it to work, then if I have time I want it to make sure its secure. However When i'm writing something on my own time which will be open source or a website, I take the time to make sure everything is secure, as I don't have deadlines looming in front of me...now I know somoene will say "code securely your first time" and I agree with that, but often when created something from scratch you want to add features first to show the boss, then have to play catchup to fix bugs and security issues.
So there's a little difference between how software is developed when its done for pay (often proprietary) and when its done for fun (often open source)...of course with open source other people can point out your flaws, even if its done for profit in a company, hopefully leading to safer code.
"I don't know the first thing about spyware or Active X or Windows, so I certainly don't care. But since this isn't Windows we're talking about here, I fail to see how this is applicable."
He means that any scumware that would eventually be written for Linux/MacOSx will only be able to run as the user who unknowingly (knowingly) installed it. Thus if you can't remove the offending software bc it hides, all you have to do is copy documents and data, them remove that users home directory then its gone because it can't copy itself to the systems program directories
and how is "rm -Rf / as nonroot will make you give a sigh of relief."
"a design flaw in the command-line interface to me."
If your root then you should be able to do whatever you want. It has happend to before that I did chmod 700/* and left out the . infront of the/. However since I was running as a restricted user I got a bunch of errors about not having permission. If your running as root by default, then no errors about permissions, it just does it.
And finally "I think you'd have a hard time convincing anybody that things like "rm -Rf/" and "users SHOULD learn" and "limit the login / password for my MySQL account to only allow row INSERTs and SELECTs" and "home directory chmodded to 700" is the best of anything."
While it is a sad fact that people still need to know a little bit about computer to use them, thats how I think it will be for a while. I don't know how many computers I have fixed and set up so that they (hopefully) can't destroy it again. I do however try to teach them a little about computers and tell them how spyware/viruses can get on their system. Whether they follow my advice or not is up to them. Telling someone to chmod their home directory to 700 wont accomplish much I agree, but telling them that running as administrator is is not fine. While I don't use Windows, that is one of my major gripes...I do think that longhorn will finally have true priveleges for users so that you don't need to be admin to do everything.
LinuxAppeal.net is a good site to appeal to companies to release linux products. It is not a site where users bitch about companies, but rather people can find well written petitions, write their own (and add them to the site) and submit them to companies.
I figure the more people who petition companies the better so I've written a few petitions of my own on the site in hope that others will find them via google when searching for linux support for a product and petition the company as well.
I have been using the HP PSC 1315 for a semester or so of college. Haven't needed to switch catridges yet (Engineering school allows us to print for free). I was wondering if someone know if this is a) even true, b) hard coded into the printer or c) hardcoded into the printer drivers.
I'm assuming that B would make the most money for HP. However, maybe if it is true, they might just stick it into the windows driver, as I think that the drivers for cups are open source, or atleast viewable with a text editor and not binary (someone correct me if I'm wrong).
I strung a cable between my house and my neighbors house. He paid half of the bill. If you do that with one or two neighbors, its not really that unethical (all though it is illegal), but I don't see the huge problem with sharing it with one or two people. Most people don't need all the bandwidth they get with cable so distributing makes sense. If you want to be legal, purchase the Pro package from the cable company, then you can share it with as many people as your want...
Yea, for all who listened to what I said, and use firefox, they have been spyware free and no revisites in a week to remove spyware. So I did my job, to fix the problem and to have the computer work for a while. I installed all the plugins I thought were needed so they shouldn't get constant plugin requests. Firefox will only automatically install the plugins it knows about (flash, java...) so a thirst party "plugin" would needed to be downloaded manually from some website and require a lot of user intervention, not the automatic installtion in IE. So yes most users wont be infected as nothing installs itself automatically in firefox.
A person who knows nothing about security running IE will quickly run into trouble. A person who knows nothing about security running Firefox is going to run into trouble in the long term..
That is exactly what I'm trying to do. Keep their computer running smoothly for another half year.
And if in 6 months some flaw allows some malicious website to infect a computer through firefox, the problem will not be associated with me (as it would if it was in 1 week after I "fixed" it) and thus I retain my good name, and get called over again. I have given up on teaching good computer usage as no user actually runs as non admin. They often isntall stupid programs...nothing I can do about that no matter how often I tell em, so why not just help em for a few months by installing firefox.
I don't think that its always true that they will install spyware. If you make it loud and clear to users that their credit card information could be stolen without them knowing by spyware, then they tend to listen. Thats when you tell them no kazaa EVER!. That is also when you hide the Internet Explorer button, and install firefox. Sometimes I rename it to Internet so that they know to click on Internet.
When i've made a big stink about people using internet explorer, they tent to not use it, even the 60+ year olds who live in Old Folks homes. Its just a matter of letting them know how serious it is. Most people aren't dumb. If you tell them not to hit the button that will blow them up, they wont hit it. You just have to tell them (a couple of times)!
Please head over to LinuxAppeal.net to send a petition to Adobe. The more users that do this, the more likely that they will port something to Linux. Let our voices be heard and show adobe that there are people using Linux on the desktop who want their products.
I have recommended to all my clients to ditch IE, and only use it on websites that have activeX or VB on them, other otherwise don't work well with Firefox. This tends to stop most forms of adware/spyware in their tracks. None of the clients use p2p or other freeware programs which might bring them onto the system in the first place.
Of course I have ad aware and spybot installed, just in case, but if people really don't use IE, then I find that I usually don't have to clean their pcs.
my clients save lots of money at my expense because I installed firefox with the "view in IE" plugin. They are only allowed to use IE for the websites that require activeX, VB or just don't render correctly. I would be making a lot more money if I just fixed spyware every week, but that gets mundane and boring.
I agree with the post. I send them a friendly e-mail saying thank you for having a native Linux Port. this allows me to talk for free with my brother and dad in Germany.
Also just because it sais from the makers of kazaa, dosn't mean that it has spyware. If i remember correctly, these guys sold kazaa to the current company. The current company then put in all the spyware. I could be wrong but I think thats what happened.
I also use gaim and log conversations. I don't do it to use it against someone but more along the lines. Someone tells me where to meet them and where, and I accidentally close the screen before I write it down. So I just grep through my logs and get the needed info.
However couldn't there be a header sent in IMs saying allow loggin of my conversation or not. This could then be set in the preferences.
I agree with all of your statement except for the outsourcing part. Do you mean that its more likely that someone in another country will look at your e-mail than someone in America? Or do you mean that laws in other countries don't protect privacy like the laws in america? Not a flame, just want to understand comment more.
Slashdot Mirror
in the mean time try http://redirect.stefangeorg.net/
Now if Microsoft removed IE from the kernel(Who knows if its actually in there, they say it is) and make it an application which works on top of Windows, like the old Mac version did, then I don't think it would be as bad for security as it is.
There are a basic differences between how some open source things are coded and how proprietary things are coded. I know when I'm writing something for my job, first I want it to work, then if I have time I want it to make sure its secure. However When i'm writing something on my own time which will be open source or a website, I take the time to make sure everything is secure, as I don't have deadlines looming in front of me...now I know somoene will say "code securely your first time" and I agree with that, but often when created something from scratch you want to add features first to show the boss, then have to play catchup to fix bugs and security issues.
So there's a little difference between how software is developed when its done for pay (often proprietary) and when its done for fun (often open source)...of course with open source other people can point out your flaws, even if its done for profit in a company, hopefully leading to safer code.
He means that any scumware that would eventually be written for Linux/MacOSx will only be able to run as the user who unknowingly (knowingly) installed it. Thus if you can't remove the offending software bc it hides, all you have to do is copy documents and data, them remove that users home directory then its gone because it can't copy itself to the systems program directories
and how is "rm -Rf / as nonroot will make you give a sigh of relief." "a design flaw in the command-line interface to me." /* and left out the . infront of the /. However since I was running as a restricted user I got a bunch of errors about not having permission. If your running as root by default, then no errors about permissions, it just does it.
If your root then you should be able to do whatever you want. It has happend to before that I did chmod 700
And finally "I think you'd have a hard time convincing anybody that things like "rm -Rf /" and "users SHOULD learn" and "limit the login / password for my MySQL account to only allow row INSERTs and SELECTs" and "home directory chmodded to 700" is the best of anything."
While it is a sad fact that people still need to know a little bit about computer to use them, thats how I think it will be for a while. I don't know how many computers I have fixed and set up so that they (hopefully) can't destroy it again. I do however try to teach them a little about computers and tell them how spyware/viruses can get on their system. Whether they follow my advice or not is up to them. Telling someone to chmod their home directory to 700 wont accomplish much I agree, but telling them that running as administrator is is not fine. While I don't use Windows, that is one of my major gripes...I do think that longhorn will finally have true priveleges for users so that you don't need to be admin to do everything.
LinuxAppeal.net is a good site to appeal to companies to release linux products. It is not a site where users bitch about companies, but rather people can find well written petitions, write their own (and add them to the site) and submit them to companies.
I figure the more people who petition companies the better so I've written a few petitions of my own on the site in hope that others will find them via google when searching for linux support for a product and petition the company as well.
I have been using the HP PSC 1315 for a semester or so of college. Haven't needed to switch catridges yet (Engineering school allows us to print for free). I was wondering if someone know if this is a) even true, b) hard coded into the printer or c) hardcoded into the printer drivers. I'm assuming that B would make the most money for HP. However, maybe if it is true, they might just stick it into the windows driver, as I think that the drivers for cups are open source, or atleast viewable with a text editor and not binary (someone correct me if I'm wrong).
I strung a cable between my house and my neighbors house. He paid half of the bill. If you do that with one or two neighbors, its not really that unethical (all though it is illegal), but I don't see the huge problem with sharing it with one or two people. Most people don't need all the bandwidth they get with cable so distributing makes sense. If you want to be legal, purchase the Pro package from the cable company, then you can share it with as many people as your want...
Yea, for all who listened to what I said, and use firefox, they have been spyware free and no revisites in a week to remove spyware. So I did my job, to fix the problem and to have the computer work for a while. I installed all the plugins I thought were needed so they shouldn't get constant plugin requests. Firefox will only automatically install the plugins it knows about (flash, java...) so a thirst party "plugin" would needed to be downloaded manually from some website and require a lot of user intervention, not the automatic installtion in IE. So yes most users wont be infected as nothing installs itself automatically in firefox.
A person who knows nothing about security running IE will quickly run into trouble. A person who knows nothing about security running Firefox is going to run into trouble in the long term..
That is exactly what I'm trying to do. Keep their computer running smoothly for another half year. And if in 6 months some flaw allows some malicious website to infect a computer through firefox, the problem will not be associated with me (as it would if it was in 1 week after I "fixed" it) and thus I retain my good name, and get called over again. I have given up on teaching good computer usage as no user actually runs as non admin. They often isntall stupid programs...nothing I can do about that no matter how often I tell em, so why not just help em for a few months by installing firefox.
I don't think that its always true that they will install spyware. If you make it loud and clear to users that their credit card information could be stolen without them knowing by spyware, then they tend to listen. Thats when you tell them no kazaa EVER!. That is also when you hide the Internet Explorer button, and install firefox. Sometimes I rename it to Internet so that they know to click on Internet. When i've made a big stink about people using internet explorer, they tent to not use it, even the 60+ year olds who live in Old Folks homes. Its just a matter of letting them know how serious it is. Most people aren't dumb. If you tell them not to hit the button that will blow them up, they wont hit it. You just have to tell them (a couple of times)!
good point, but patents only last 17 years : ) so change 25 years to 16 and your good
Please head over to LinuxAppeal.net to send a petition to Adobe. The more users that do this, the more likely that they will port something to Linux. Let our voices be heard and show adobe that there are people using Linux on the desktop who want their products.
I have recommended to all my clients to ditch IE, and only use it on websites that have activeX or VB on them, other otherwise don't work well with Firefox. This tends to stop most forms of adware/spyware in their tracks. None of the clients use p2p or other freeware programs which might bring them onto the system in the first place. Of course I have ad aware and spybot installed, just in case, but if people really don't use IE, then I find that I usually don't have to clean their pcs.
my clients save lots of money at my expense because I installed firefox with the "view in IE" plugin. They are only allowed to use IE for the websites that require activeX, VB or just don't render correctly. I would be making a lot more money if I just fixed spyware every week, but that gets mundane and boring.
I agree with the post. I send them a friendly e-mail saying thank you for having a native Linux Port. this allows me to talk for free with my brother and dad in Germany. Also just because it sais from the makers of kazaa, dosn't mean that it has spyware. If i remember correctly, these guys sold kazaa to the current company. The current company then put in all the spyware. I could be wrong but I think thats what happened.
I also use gaim and log conversations. I don't do it to use it against someone but more along the lines. Someone tells me where to meet them and where, and I accidentally close the screen before I write it down. So I just grep through my logs and get the needed info. However couldn't there be a header sent in IMs saying allow loggin of my conversation or not. This could then be set in the preferences.
I agree with all of your statement except for the outsourcing part. Do you mean that its more likely that someone in another country will look at your e-mail than someone in America? Or do you mean that laws in other countries don't protect privacy like the laws in america? Not a flame, just want to understand comment more.