...but it won't change the fact that we owe RMS and his principles an incredible amount, and should be very glad of his continued strict adherence to those principles.
No, we owe his principles an incredible amount. RMS is just a very poor vehicle to express those principles.
The idea of free/open source software is important. RMS is just a whiny child who helps support a good idea. We owe him thanks for whatever actual work that he has done to help, but at the same time he could use a kick in the pants for making an entire movement look childish and petty.
The windows server has had all sorts of networking issuse that keeps a tech visiting the office once a week.(granted its doing more but still).
Well, if the networking issues are software based then you have to figure out if the fact that the server does more plays a role in the problems they are seeing.
If it is hardware based then the operating system probably does not matter.
Although I agree with your conclusion the comparison you are drawing it from is pretty much irrelevant.
That is like me building a wooden bridge to cross a stream on foot, then trying to shove rush hour traffic on a one lane concrete bridge and concluding that the wooden one is better because it does not buckle under the strain.
Now if you could prove that linux would either solve their networking problems or do a better job of handling this more complex server config we would be looking at a valid argument.
How about free text messaging so they don't have to take a herd of 40 in there just so one can go to the bathroom? Either that or they need sharp sticks so they don't have to go as a group to fight off the monsters.
However, all these vulnerabilities can be corrected by a sysadmin who knows what he's doing and applies patches, tunrs of unnecessary services and locks permissions down. Note: bolding added by me for emphasis.
That applies to windows, linux, and basically anything else that is put in front of people who may want to trash it.
Windows, by design, has to allow certain applications full access to the system.
No, Windows by business model has to allow certain applications full access to the system. It's called legacy support, and windows goes a whole lot further back with it than linux does.
If one of the critical features of linux was support for as much of the past linux software as possible it would have many of the same problems. Especially if linux development had started at the same time DOS was being kicked around, and linux had to support the design practices of that time period too.
a good UNIX sysadmin has much more chance of predicting and preventing attacks than a good Windows sysadmin does.
No. A good windows sysadmin will know as much about securing windows as a good unix one does about securiting unix. The first thing I do on any fresh windows install is start up the firewall (if required) and explicitly deny tcp/udp 135, 137, 138, 139, and 445. That one action right there stops the majority of worms on the net, and has zero impact to most home users.
My point is that the majority of windows' problem lies in supporting legacy code (and the poor design methods all code at that time relied on) and a low knowledge barrier to entry for basic windows administrative actions. (You have to know less about windows to get anything done with windows). Fix those two as best as possible and a windows box can be just as secure.
A lot of the "better security stuff" arguments i've seen tend to boil down to "NTFS permissions are more granular" and various arguments about active directory. At least when compared to default file permission handling in linux NTFS can do a whole lot more.
Combined with active directory it lets you set access controls on anything in your domain down to a per-user basis if you decide to be that anal. The fact that you can set a complex folder permissions policy, apply it through active directory, and have it update automagically is a nice touch too.
I'm not saying that either system has inherently better security. I think "out of the box security" arguments are a load of crap. Who cares if it is insecure by default, that is why we have the ability to change default settings.
Anyways, expect to see something about the following when you go in for this little argument.
NTFS
AD
The combination of the above two
Group Policy
The word "granular" or phrase "more granular" a lot in relation to any of the above items
XP Service Pack 2, possible 2003 Service Pack 1, and how either/both are a sign of a "Strong security commitment by microsoft"
Arguments I would suggest as points against windows security:
Lack of established areas for installation files or the "Every app expects to be able to install itself in any directory no matter how critical" issue.
The IE lack of true separation between browser and OS nightmare
Further the above point with the fact that almost everything microsoft that works on the internet uses this code that is tied into the OS, so security issues with outlook, office, and IE all become security issues for the entire operating system
Low knowledge barrier to entry for windows admins. They can make the system do more with less brains
Either way you won't win anyone over. The argument is all fine and good but in the end people will not admit that the only thing they are trained to work on is less secure even if they believe it is.
What does ActiveX do that XPCOM and Java are incapable of performing?
Work with an already developed in-house ActiveX plugin used for a critical business purpose.
Not using the plugin is a non-option, and there is (according to management) not enough value in FF/Mozilla to warrant all the effort required to make the switch in the first place.
Actually your answer here brings up another point. ActiveX works in IE and Office. Which means that, theoretically at least, the same plugin could be used in both applications. AFAIK XPCOM objects are written in C/C++. That would mean parallel development if you needed to use both applications. Hell even if you could write XPCOM in java the hooks are entirely different, which still means at least partial duplication of effort.
You are asking people to give up a known working solution in favor of TWO ways to do the same thing that will have to be developed, debugged, and implemented. If either FF or OO are going to take off they have to start by providing what people already have, and extend on it with better features. If you don't have the first part the switch will not happen in the corporate world.
Only on slashdot could the guy that avoids half another person's points be the one that does not get troll votes.
Silly me thinking they put in a +1 funny mod option so people could joke around here.
Evidently having anything good to say about MS puts me in with the thurrott crowd. I suppose black and white thinking makes advocacy easier. My question is if apple is such a high profile competitor why is their market share A)Listed in relation to hardware vendors, and B) only around 2.88% in the US and that is the larger number.
I suppose if you compare them to the number of computers sold by MS they are in a huge lead, but that is about it.
Feel free to correct my grammar then try to refute my arguments with your own definitions.
Maybe you should browser through some of the updates to XP between now and sp2 release. If you did (this is slashdot, so that is a huge if) you would notice that there are a significant number of updates that do not affect sp2.
Fundamental changes about the way code runs will fix some of the bugs. Built in buffer overflow checking can do a lot, but there are other ways that code can be broken. Hell if that was the only protection required it would have been done YEARS ago.
New bugfixes do not say anything about the effectiveness of sp2. These bugs are different from what sp2 was intended to fix.
but the server side is where the real work probably gets done and getting access to that source in any meaningful way is not going to be possible.
Although I will agree on the "getting access to that source" part, much of the work for all of this is done client side.
Most of the "server work" is reformatting database query responses in something meaningful to the client. If your server responds with XML then all you need is some XSLT to reformat it and JS to toss it into the page. All of the behavior is handled by client side javascript. Basically the server still does what web servers have always done, serve text and images. If anything the server does LESS processing here than it normally would.
Speaking of Monk, whenever I watch it I have a hard time not seeing him as the whiny head-regenerating-alien from men in black. Not even sure it's the same actor but that is what I see.
"It is more an excuse than anything else. Yes, some directors will try to typecast actors but it has nothing to do with what the public perceives. If you make a good impression in subsequent work then people tend to remember you for that latest and greatest."
Look at Patrick Stuart for this. Although he has not really broken out of the sci-fi realm his work with the X-Men films kind of throws off any typecasting he would get from his star trek days.
Well, maybe it does not entirely do it, and maybe he is just trading in his picard suit for an xavier model, but another hit movie or two and he probably will get out of it entirely.
Well, logical enough to make it through the first few steps of our legal system.
Which is usually enough to at least cost the other side a lot of money. In a sense you can create a monetary war of attrition and destroy the other person financially just by stalling on an argument that was frivilous to begin with.
When will legislators realize that it's time for serious legal reforms to end these types of frivolous, baseless lawsuits that are intended only to intimidate and harass?
Probably when they stop getting something valuable out of them. The prevailing idea is that it takes big money to win an election. Big money is easier to get from one source (corporations/wealthy individuals) than it is from many (not-so-wealthy individuals in groups). This is even more true when there is some kind of implied return on "investment" for those making the donations.
In short, when politicians stop acting in their OWN self interest, we may see some reform here. Until then the law will chase the dollar.
So where again does "users admin their own systems" imply "everyone runs as root"? One would hope that in a room full of programmers specialized in the design and implementation of operating systems at least a small majority would not run as root.
Well, they do have videos now, but they only get played late at night. Also the tool that they have hosting the show cuts in over the last twenty seconds or so of the song. That always irritates the hell out of me. Its just as bad as the self-loving djs who talk over the end of a song that I like.
Then again it could be worse.... but any specific description of how escapes me at the moment.
I get so pissed when I hear that some third party application requires admin to run... now I find out the people writing the OS are running it as admins.
*Bolding added for emphasis.
So....tell me again where the third party applications needing admin rights have anything to do with OS developers? Now if this story was about some major third party software developer that is notorious for apps needing admin rights working exclusively from admin-accounts at the workstation then I would understand the comparison. As it is you seem to be blaming the engineer because an end-user doesn't understand how the product should work.
I've always thought we had particularly evil network admins here...
Yeah, because stopping you from circumventing measures they put in place to protect the system is somehow evil. Learn to make strong passwords then you and the sysadmins will be happy.
Slashdot Mirror
lawyersharks? I thought the liger as a fearsome and dangerous creature. When the hell did someone make these? (I don't event want to ask or know how)
Hey, just be happy it isn't giving you goatse.
No, we owe his principles an incredible amount. RMS is just a very poor vehicle to express those principles.
The idea of free/open source software is important. RMS is just a whiny child who helps support a good idea. We owe him thanks for whatever actual work that he has done to help, but at the same time he could use a kick in the pants for making an entire movement look childish and petty.
Which is why people are unable to hit cars they did not see/hear, and thus could not believe existed.
Well, if the networking issues are software based then you have to figure out if the fact that the server does more plays a role in the problems they are seeing.
If it is hardware based then the operating system probably does not matter.
Although I agree with your conclusion the comparison you are drawing it from is pretty much irrelevant.
That is like me building a wooden bridge to cross a stream on foot, then trying to shove rush hour traffic on a one lane concrete bridge and concluding that the wooden one is better because it does not buckle under the strain.
Now if you could prove that linux would either solve their networking problems or do a better job of handling this more complex server config we would be looking at a valid argument.
Damn, I wish I could substitute half a sentance with whatever the hell I wanted and believe that to be reality.
How about free text messaging so they don't have to take a herd of 40 in there just so one can go to the bathroom? Either that or they need sharp sticks so they don't have to go as a group to fight off the monsters.
Note: bolding added by me for emphasis.
That applies to windows, linux, and basically anything else that is put in front of people who may want to trash it.
Windows, by design, has to allow certain applications full access to the system.
No, Windows by business model has to allow certain applications full access to the system. It's called legacy support, and windows goes a whole lot further back with it than linux does.
If one of the critical features of linux was support for as much of the past linux software as possible it would have many of the same problems. Especially if linux development had started at the same time DOS was being kicked around, and linux had to support the design practices of that time period too.
a good UNIX sysadmin has much more chance of predicting and preventing attacks than a good Windows sysadmin does.
No. A good windows sysadmin will know as much about securing windows as a good unix one does about securiting unix. The first thing I do on any fresh windows install is start up the firewall (if required) and explicitly deny tcp/udp 135, 137, 138, 139, and 445. That one action right there stops the majority of worms on the net, and has zero impact to most home users.
My point is that the majority of windows' problem lies in supporting legacy code (and the poor design methods all code at that time relied on) and a low knowledge barrier to entry for basic windows administrative actions. (You have to know less about windows to get anything done with windows). Fix those two as best as possible and a windows box can be just as secure.
Combined with active directory it lets you set access controls on anything in your domain down to a per-user basis if you decide to be that anal. The fact that you can set a complex folder permissions policy, apply it through active directory, and have it update automagically is a nice touch too.
I'm not saying that either system has inherently better security. I think "out of the box security" arguments are a load of crap. Who cares if it is insecure by default, that is why we have the ability to change default settings.
Anyways, expect to see something about the following when you go in for this little argument.
Arguments I would suggest as points against windows security:
Either way you won't win anyone over. The argument is all fine and good but in the end people will not admit that the only thing they are trained to work on is less secure even if they believe it is.
Work with an already developed in-house ActiveX plugin used for a critical business purpose.
Not using the plugin is a non-option, and there is (according to management) not enough value in FF/Mozilla to warrant all the effort required to make the switch in the first place.
Actually your answer here brings up another point. ActiveX works in IE and Office. Which means that, theoretically at least, the same plugin could be used in both applications. AFAIK XPCOM objects are written in C/C++. That would mean parallel development if you needed to use both applications. Hell even if you could write XPCOM in java the hooks are entirely different, which still means at least partial duplication of effort.
You are asking people to give up a known working solution in favor of TWO ways to do the same thing that will have to be developed, debugged, and implemented. If either FF or OO are going to take off they have to start by providing what people already have, and extend on it with better features. If you don't have the first part the switch will not happen in the corporate world.
Only on slashdot could the guy that avoids half another person's points be the one that does not get troll votes.
Evidently having anything good to say about MS puts me in with the thurrott crowd. I suppose black and white thinking makes advocacy easier. My question is if apple is such a high profile competitor why is their market share A)Listed in relation to hardware vendors, and B) only around 2.88% in the US and that is the larger number.
I suppose if you compare them to the number of computers sold by MS they are in a huge lead, but that is about it.
Feel free to correct my grammar then try to refute my arguments with your own definitions.
Leading brand? I am not sure that slashdot reader's who zealously tout a commercial OS is a strong enough demographic to really worry about it.
Fundamental changes about the way code runs will fix some of the bugs. Built in buffer overflow checking can do a lot, but there are other ways that code can be broken. Hell if that was the only protection required it would have been done YEARS ago.
New bugfixes do not say anything about the effectiveness of sp2. These bugs are different from what sp2 was intended to fix.
Although I will agree on the "getting access to that source" part, much of the work for all of this is done client side.
Most of the "server work" is reformatting database query responses in something meaningful to the client. If your server responds with XML then all you need is some XSLT to reformat it and JS to toss it into the page. All of the behavior is handled by client side javascript. Basically the server still does what web servers have always done, serve text and images. If anything the server does LESS processing here than it normally would.
Line forms to the left. Take this pager and we will buzz you when your turn comes. Expected wait time: ~2-3 years.
Speaking of Monk, whenever I watch it I have a hard time not seeing him as the whiny head-regenerating-alien from men in black. Not even sure it's the same actor but that is what I see.
Look at Patrick Stuart for this. Although he has not really broken out of the sci-fi realm his work with the X-Men films kind of throws off any typecasting he would get from his star trek days.
Well, maybe it does not entirely do it, and maybe he is just trading in his picard suit for an xavier model, but another hit movie or two and he probably will get out of it entirely.
Which is usually enough to at least cost the other side a lot of money. In a sense you can create a monetary war of attrition and destroy the other person financially just by stalling on an argument that was frivilous to begin with.
Probably when they stop getting something valuable out of them. The prevailing idea is that it takes big money to win an election. Big money is easier to get from one source (corporations/wealthy individuals) than it is from many (not-so-wealthy individuals in groups). This is even more true when there is some kind of implied return on "investment" for those making the donations.
In short, when politicians stop acting in their OWN self interest, we may see some reform here. Until then the law will chase the dollar.
Well, but, I have to have linux on the sundial though, so I can express what I am doing as 'mv / /dev/null'
Yeah, I probably did that wrong, but it isn't too bad of a linux joke for a windows admin.
The code is:
1
2
3
4
5
The same as on my luggage.
So where again does "users admin their own systems" imply "everyone runs as root"? One would hope that in a room full of programmers specialized in the design and implementation of operating systems at least a small majority would not run as root.
Then again it could be worse .... but any specific description of how escapes me at the moment.
*Bolding added for emphasis.
So....tell me again where the third party applications needing admin rights have anything to do with OS developers? Now if this story was about some major third party software developer that is notorious for apps needing admin rights working exclusively from admin-accounts at the workstation then I would understand the comparison. As it is you seem to be blaming the engineer because an end-user doesn't understand how the product should work.
Yeah, because stopping you from circumventing measures they put in place to protect the system is somehow evil. Learn to make strong passwords then you and the sysadmins will be happy.