Slashdot Mirror


User: nine-times

nine-times's activity in the archive.

Stories
0
Comments
11,859
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 11,859

  1. Re:Vista... Microsoft's "New Coke" on Making the Switch To Windows "Workstation" 2008 · · Score: 1

    Ok, you say yes, I say no, you say yes, I say no. Are we going anywhere? I'm going to say "no" again. If security profiles which allow admins to have full control of the machine is dangerous, then you're doing something else wrong. You have the wrong security elsewhere, and perhaps it as simple as who you're allowing to have access to your machines and the training they're receiving.

    To put it another way, if you're giving admin access on your servers to a bunch of malicious morons and relying on a security profile to lock them out from causing trouble, then *that* is bad security.

  2. Re:Vista... Microsoft's "New Coke" on Making the Switch To Windows "Workstation" 2008 · · Score: 1

    You can recognize 'dumb design' but your reaction is to lower the security of your server?

    Didn't say I'd lower the security, I said I'd disable those security policies. Specifically because those policies are poorly designed and aren't actually making my server more secure.

  3. Re:Vista... Microsoft's "New Coke" on Making the Switch To Windows "Workstation" 2008 · · Score: 1

    If it's primary role is that of a server, why would you want someone logging in and doing anything at all?

    Depends on the environment, doesn't it? Maybe I want to make some changes to AD, run a backup, etc. Maybe I'm using it as a TS server for a specific application, or for remote access. The point is, when admin explicitly tells the OS to do something, the OS ought to do it. It might be a great idea for the OS to ask, "Are you sure?", but stupid for it to say "No."

    Because the person who's logged in as admin should know something about what they're doing. If the admin knows what he's doing, then the OS shouldn't be refusing orders.

    And you might ask, what about people who don't know what they're doing? Well, often enough they'll see the absurd level of security, get frustrated, and disable *all* of the security and probably open some extra holes for good measure. In that sense, reasonable security measures can be far more effective than super-paranoid security settings that have to be disabled in order to get things done.

    That's what TFA is about -- the settings you need to tweak.

    Yes, and my part in this conversation began when I explained that the reason TFA advised disabling IE security is because it's absurdly tight by default.

  4. Re:IBM PC on Apple Suit Demands That Psystar Recall OpenMacs · · Score: 1

    Yes, you can do that. But I can't buy copies of the latest Harry Potter book, rewrite the ending, reprint it, and sell those reprints. Well, I *could*, but if I did it without a license from the original publisher, then no one would be surprised when I got sued.

  5. Re:IBM PC on Apple Suit Demands That Psystar Recall OpenMacs · · Score: 1

    The thing with the steak/restaurant analogy is that the product (the steak) isn't a platform that ties later purchases to it

    Nope, it is-- it's a prix fixe menu, and steak is just the first course.

    Apple is effectively tying an entire market (the Mac OS application market) to its hardware.

    Not exactly... Developers are free to develop cross-platform, meaning their applications don't have to be tied to the Apple OS. All they're doing is tying their OS to their hardware, because they market their systems as integrated systems. In other words, they aren't really marketing hardware and software separately. Hardware+software=platform, and they're marketing a platform.

    And again, it's not a monopoly for a business to be the only one able to develop their own product. Their product is the platform. But people can develop alternate platforms if they wish, but no, they can't sell Apple's platform. Apple is doing nothing to prevent others from developing alternate platforms, and in fact releases major parts of their own products under a license that would aid another company in producing their own platorm.

  6. Re:Vista... Microsoft's "New Coke" on Making the Switch To Windows "Workstation" 2008 · · Score: 1

    If the settings appear to be 'random poorly-labelled' settings, then you're just not very experienced with the platform.

    Or else I am experienced but can still recognize poor design.

  7. Re:If The Shoe Were on the Other Foot... on Apple Suit Demands That Psystar Recall OpenMacs · · Score: 2, Interesting

    If this were a story about Microsoft trying to stop vendors from building machines that can run their OS, there would be a million typical comments about them being an evil monopoly, etc.

    Well, the story isn't that Apple is preventing someone from building machines that can run their OS. Anyone can build machines capable of running OSX. It's not hard-- Apple is using normal Intel hardware in their computers.

    Instead Apple is suing someone for blatant copyright infringement-- distributing an altered version of their OS without a license to do so. If someone were selling a hacked version of Windows without any special arrangement with MS, I would expect Microsoft to sue.

    But hey, maybe you're right. Maybe people here would complain about "Microsoft the evil monopolist", but they would be doing so unfairly. If I made proprietary changes to the Linux kernel and started distributing an altered binary-only version of Debian without source code, you'd better believe that the people here at Slashdot would be screaming for my head on a platter. Why? Because I had no license to distribute the altered code.

    Hell, when Debian started distributing a patched version of Firefox, Mozilla asked them to stop using the name "Firefox". Apparently the trademark license on the name and icon only allowed for distribution of unaltered code. That's a slightly different issue, but it shows that distribution can be a touchy subject even among open source software developers.

    It doesn't seem to me that slashdotters have a bias in favor of Apple when it comes to this issue. If anything, people here have a tendency to think that OSX should be sold on generic hardware, or even have the source code for Aqua released under a FOSS license. And there are plenty of people who side with you and think that all praise of Apple is due to misleading advertising.

  8. Re:IBM PC on Apple Suit Demands That Psystar Recall OpenMacs · · Score: 1

    The argument I would make is that Apple has a monopoly in the relevant market of hardware that runs Mac OS X operating systems de jure (by virtue of copyright, trademark, patent, and trade secrets), as well as a de facto monopoly just looking at the ~100% share.

    Doesn't make much sense to me. Say I run a restaurant, and I say there's only a prix fixe menu. So essentially I say, "You can't just buy my steak. You have to buy my whole multi-course meal, including the french fries." Are you telling me someone could sue me for having a "monopoly" on my steak, and trying to leverage that monopoly to unreasonably constrain competition against my fries?

    Ok, maybe not the best analogy, but people have been throwing around some doozies. So the obvious immediate problem (though there may be others) is that other people can sell steak. It won't be my steak, but it doesn't seem like a monopoly just because no one else is allowed to sell my product.

    And likewise, you can't just take OSX and distribute it however you want, but you can make your own OS and distribute it, and Apple is doing absolutely nothing to unreasonably constrain competition there. Hell, even the OS itself (Darwin) is released under the BSD license, right? So I can make a completely interoperable and nearly identical OS and distribute it. It's no monopoly just because they're only licensing their OS to run on their own hardware.

  9. Re:Vista... Microsoft's "New Coke" on Making the Switch To Windows "Workstation" 2008 · · Score: 1

    I have no problem with the complexity requirements, but I think the default policy for how often it changes and how many passwords it remembers is a bad default-- meaning it's inappropriate for most environments. I changed my policies immediately, so I don't remember all the details off-hand, but isn't it 42 days w/reminders starting 2 weeks before expiration? So users actually start getting requests to change their passwords every 28 days?

    If you do not have a lockout policy, a modern computer can break a six letter password in a matter of hours. (I once cracked 350 of 1500 passwords in 15 minutes, using the 2k3 password file.) - Of course, if you have a lockout policy .. it may take a number of years...

    And a lockout policy paired with sufficiently complex 10 character passwords? Yeah, it'll take a while. And then rotate passwords once a year, remembering the past 2 passwords, and you have a policy that sufficiently secure for most situations, without being tremendously annoying.

    Of course, leave it configurable so people can require 50 character passwords rotated daily, remembering the past 100 passwords-- if someone actually wants to do that. Just don't make that the default.

  10. Re:IBM PC on Apple Suit Demands That Psystar Recall OpenMacs · · Score: 1

    IANAL, but it doesn't seem to me that an installation of software could necessarily be called a "backup copy", particularly not if it had been altered from the original version for the purpose of circumventing licensing restrictions.

  11. Re:IBM PC on Apple Suit Demands That Psystar Recall OpenMacs · · Score: 1

    They probably could, so long as it was determined not to break any other laws (DMCA?). But then they couldn't sell it pre-installed, negating some of the appeal.

  12. Re:IBM PC on Apple Suit Demands That Psystar Recall OpenMacs · · Score: 1

    Of course under the doctrine of first sale it should be legit regardless of special OEM licensing.

    That applies to selling the actual DVD Psystar bought from Apple, and AFAIK no one is arguing that Psystar cant' act as a reseller for those discs. But wouldn't the *copy* that's been pre-installed on their systems be a different issue?

    Like, if I buy a book, I can resell that book. If I buy a book, copy it, and sell the copy, then that's copyright infringement, pure and simple. By installing a copy and then selling the installed copy to someone, they should need some kind of license, right?

  13. Re:IBM PC on Apple Suit Demands That Psystar Recall OpenMacs · · Score: 1

    They have plenty of competition. Their market is "personal computers", and don't tell me that Dell and HP aren't competitive.

  14. Re:IBM PC on Apple Suit Demands That Psystar Recall OpenMacs · · Score: 1

    Sorry, but modifying software is NOT copyright infringement

    Sorry, but selling modified copies of copyrighted material most certainly is copyright infringement, unless you have a license to do so. It doesn't matter if it's OSX or FOSS.

    Imagine if I took Debian, modified it to include my own hacks and customizations, and sold the binary packages pre-installed on computers without providing source code. Would I not be violating the GPL? Note that the GPL is not a EULA, it's a distribution license. And damned skippy that'd be violating the GPL.

  15. Re:IBM PC on Apple Suit Demands That Psystar Recall OpenMacs · · Score: 1

    Well an even better analogy would be if Honda sold cars with built-in GPS navigation, OnStar-like services, and a bunch of other stuff. And then at some point they start distributing an update to all that software, and some other manufacturer hacks the upgrade to run in other cars, puts it on their car, and advertised their cars, "Now with Honda software!"

  16. Re:IBM PC on Apple Suit Demands That Psystar Recall OpenMacs · · Score: 1

    For instance, I could start a small computer business where I will build a computer for you and install Windows on it.

    IANAL, but I would guess that you can do that because the Windows license allows it. Again, IANAL, but it seems to me that it might be possible that a developer could make their license so as to allow installation by the end-user but forbid selling it pre-installed by a third party.

    The doctrine of first sale applies to the copy you buy-- so Psystar can buy the Apple-pressed DVDs from Apple and then resell them. However, making a copy (by installing it) and then selling that copy is a different matter. Even more so if they're modifying it, which probably makes it a "derivative work".

  17. Re:IBM PC on Apple Suit Demands That Psystar Recall OpenMacs · · Score: 5, Insightful

    The only thing is, it's not really the same thing since Psystar isn't an End User. So Honda might not be able to able to make you sign an agreement saying you'll only drive on Honda approved roads (but I don't know, maybe they can?), but Honda could probably make their dealerships sign an agreement saying they won't engage in certain business practices. The analogy isn't perfect, but analogies rarely are.

    Because the thing is that Psystar is installing altering the software, copying it, and then distributing the copies. Hence, this isn't an issue of EULAs, but blatant copyright infringement unless they have a license. If the EULA specifically allowed this, they could try to use the EULA to protect themselves, but the EULA makes no provisions that allow them to do this.

    Of course, IANAL, so I could be wrong.

  18. Re:Vista... Microsoft's "New Coke" on Making the Switch To Windows "Workstation" 2008 · · Score: 1

    Dude. If it's a server OS, and it's actually being used on a production server, then the admin account shouldn't be given to anyone that's planning using that access to install Bonzai Buddy anyway. If I have the admin account and I want to download some software and install it, and my OS has security policies to prevent me from doing that, then I'm going to disable those security policies. Because it's a dumb design.

    If you want someone to be able to log in and not install software, then give them a restricted account. But if I have the full monty on the machine, then the OS should just keep out of my way and not try to block me from doing things that I obviously want to do.

    Dude.

  19. Re:Vista... Microsoft's "New Coke" on Making the Switch To Windows "Workstation" 2008 · · Score: 1

    Yes, as a geek it's your duty to fiddle but not with my machine ok.

    It depends-- i'm fine with fiddling a bit in abstract. The problem is that (a) Microsoft is designing their software so that you have to fiddle with it before it will work; and (b) their settings are poorly labelled and poorly laid out, so if you're looking to do something in particular, it's hard to know where it will be located, and if you're looking at a particular setting, it's difficult to know quite what it will do.

    Put those two things together, and you have some god-awful design. I'm a bit careful and generally do my research, so the results are generally ok. But it's still bad design.

  20. Re:Vista... Microsoft's "New Coke" on Making the Switch To Windows "Workstation" 2008 · · Score: 1

    If I'm setting up a Linux server, I don't toss Firefox on there just so I can download things. I'm not saying I haven't popped into IE on a Windows server to grab something, but every time I do I think that it's not really a great idea.

    Then why have IE on their servers at all? I mean, when I'm installing Linux servers, I don't even install a GUI. But still, it lets me fetch and install updates and additional software packages from the Internet.

    The problem is that Microsoft expressly makes it so you're supposed to use the GUI and IE in order to get things done, and then proceed to make them a PITA to use. If I could manage the get my Windows system running as easily as "apt-get update; apt-get upgrade; apt-get install [whatever]", I'd be happy.

  21. Re:Vista... Microsoft's "New Coke" on Making the Switch To Windows "Workstation" 2008 · · Score: 1

    I wouldn't necessarily say that. If you know what you're doing, you can set up Windows in a way that's both secure and useable.

    However, I would say that Microsoft's notion of "increasing security" (at least in regard to some of their default settings) seems to be to throw up incessant roadblocks and warnings in front of users that prevent them from doing what they intend to do, encouraging them to disable those default security settings in order to be able to work efficiently.

  22. Re:Vista... Microsoft's "New Coke" on Making the Switch To Windows "Workstation" 2008 · · Score: 1

    Enhanced security mode -- you can turn it off from the server manager. But then again -- this is supposed to be a server OS so it makes sense to disallow such risky behavior (by default) on a server OS.

    What "risky behavior"? Allowing the administrator of the machine to install the software that they want? My frustration comes about because, if I've just installed Windows Server fresh, I can't go to the Internet and download drivers that I might need. I can't go download my backup software and install it. I basically can't do much of anything without reconfiguring the security settings first, even if I'm the administrator. And it doesn't just prompt, "This might be bad, do you really want to do this?" I doesn't allow it.

    The reason it isn't true: go to Tools > Internet Options > Security > Custom Level. IE's security options are actually extremely fine-grained -- it's pretty far from an all-or-nothing approach.

    Great, so i should go mucking around in list of random poorly-labelled security settings in order to do things I should be able to do by default, and hope that I'm disabling the right things, and not doing something even dumber? Why not just have reasonable security settings from the outset?

  23. Re:Vista... Microsoft's "New Coke" on Making the Switch To Windows "Workstation" 2008 · · Score: 1

    Maybe they've fixed it in 2008. I've only used 2003, which doesn't just throw up warnings, but actually won't allow you to do things without changing the security settings.

  24. Re:Vista... Microsoft's "New Coke" on Making the Switch To Windows "Workstation" 2008 · · Score: 2, Funny

    Except (again, IIRC), Microsoft's own update service, for example, uses an ActiveX control. So if, for some reason, you want to visit Windows Update to update your OS, or install drivers, etc. you're in trouble.

  25. Re:How to download freely in Server 2008 on Making the Switch To Windows "Workstation" 2008 · · Score: 1
    That's actually what I did on the last server I set up. Except I had to add:

    0. Go to another computer because IE wouldn't let me download Firefox

    2.5. copy the installer over to the server