FreeBSD and NetBSD seem to get a lot done without a benevolent dictator. One reason for their success may be that there aren't as many 'developers' with commit access - they don't have a 'developer' for every two or three programs in the archive as Debian does.
On a different scale, the Apache project is quite successful without a benevolent dictator, and it's just one of many.
RTFA - he was using a dongle which attaches between the keyboard and the case and is about the size of a USB->PS/2 converter. Anyone can get them on ThinkGeek - no software required. It's small, it attaches in an out-of-the-way place - unless you're locking the computers up in a large case and only letting the power, mouse, keyboard, and monitor cables out, it's beyond any off-the-shelf computer to prevent and difficult to stumble on.
"But seriously, does a policy like this do anything but encourace people to write down their passwords?"
It depends where you write it down. If you write it down in some sort of password safe that's encrypted, and keep that only on your hard disk and PDA, that's a heck of a lot safer than the post-it note, and I'd go so far as to call that secure - provided you make sure to keep the encrypted copies in your posession and keyed with a "good" password (longer than 8 characters, who is the story poster kidding).
Seriously, if you're in IT, don't you already have a bunch of passwords you need to keep track of? Do you really expect to keep those in memory? Why *don't* you have some sort of password vault by now?
"They say that if one of the master servers goes down that the accounts held there become unavailable immediately. The other big problem is that while the Steam network is down even the offline games are unplayable. There was no sign of responses from Valve staff or forum moderators."
You're getting what you paid for - the ability to play a game when and where Valve can (and can't) approve you doing so. You've already paid for the game, and Valve doesn't exactly have a pressing incentive to hurry up and allow you to play it, now do they?
There was a thread on netbsd-advocacy a few weeks ago about NetBSD having image problems, and it pointed to this "rule of thumb" as a major example of the misperception of the BSDs. Many people do exactly what you did - "I have no need for portability, and FreeBSD didn't appeal to me, so OpenBSD it was" - or some variation - without actually evaluating reality.
(I'm not as familiar with FreeBSD as I am the others, and I'm happy with NetBSD right now)
Portability: OpenBSD lists 15 different platforms. [0] FreeBSD lists 9. [1] NetBSD boasts some rediculous number, whether you are counting processor types or variations. (For comparison, Debian supports 11 [2]) All of the BSDs are portable.
Security: OpenBSD has a deserved reputation for focus on security. However, don't think they're the be-all-end-all - I would consider several of the 'reliability fixes' in the 3.5 errata [3] to be security issues, particularly #16 and #27. Weaknesses is the encrypted volume support have been discussed on the misc@ list, and it has been suggested that the cgd found in FreeBSD and NetBSD is much stronger; there are no current plans to port that to OpenBSD. NetBSD 2.0 has a new feature, Verified Exec [4] that looks like a very strong tool to counter rootkits; I don't have any experience with it.
Performance: Although more than a year old, take a look at fefe's scalability benchmarks. [5] FreeBSD and Linux 2.6 came out on top by quite a margin. I believe there was work on all fronts after the benchmarks were published, but NetBSD's catches the eye most - in two weeks they pushed scalability beyond FreeBSD. A more recent series of microbenchmarks between FreeBSD 5.3 and NetBSD 2.0 [6] compare the two and are relatively close. When reading those benchmarks, you should keep in mind that it was a uniprocessor system, and there's been a lot of talk about FreeBSD's SMPng.
One thing you didn't mention were packages and ports; OpenBSD's are more limited in number than FreeBSD or NetBSD's. OpenBSD ports follow releases; FreeBSD's don't; NetBSD's have quarterly stable branches independent of the operating system.
One other note of mention is the RIPOFF file [7] maintained by Hubert Feyrer of NetBSD. It's not really about performance, scalability, security, or ports, but it's an interesting read. I haven't verified its accuracy nor do I know if other people keep similar accounts.
"The only sticky part is the licensing of free software - total freedom would allow me to fork the source for profit yet that would then restrict the freedom of others in using said free software thus making the software not free anymore. So to remain free I cant do certain things to software restricting my own freedom."
Read a 3-clause BSD license some time, or one of the Apache licenses. You've said it yourself - GNU's "free" isn't "free as in do whatever you want with it".
"3. More Outlook like features: calendaring, contacts, to-do lists, syncing with Palm, etc. These could all be separate modules that all work together. We can never get business people to use Mozilla Mail because Outlook, which eats their mail and gives them viruses, has a few features that Mozilla doesn't."
I'm writing this in Mozilla 1.7.5. There are a calendar (with the option for integrating remote calendars), contacts, and a to-do list. I don't see an option to sync to Palm, however.
"Fully featured, responsive, and with the new security built into SP2, practically invulnerable to virii or hacker intrusion. (God help you if you want to run with the firewall down, but that goes for anything, don't it?)"
You have got to be kidding me. Three vulnerabilities were announced _today_. You are a troll and should be moderated as such.
MS does something good. How many people will still insult this statement just outta spite for MS? How many will reply to me saying I'm out of my mind?"
You _are_ out of your mind. Microsoft was notified in October. Sitting on an "extremely critical security vulnerability" for over three months isn't quick by any definition.
"Bulletin MS05-001 (HTML Help) is the Extremely Critical vulnerability (Demonstration) that Secunia warned about last week - nice to see a quick move from MS."
Michael, are you kidding me? Read the advisory and the discussion from last week. Microsoft was notified at the beginning of October and has only now gotten around to fixing it.
"Until then, it's Linux 2.4 and Solaris - both slow compared to 2.6 maybe, but at least they stay up over night:)"
Why not try one of the BSDs? The latest stable releases have scalability and performance on the level of Linux 2.6 but don't have the messy development cycle.
" First of all, I liked debian and run it for years, but. Yes but. Its become something like Qmail or djbdns. It became unmaintained, it became a nightmare. It has software what is over 30 months old and most software isn't even supported anymore by upstream."
Debian is most certainly not unmaintained in any sense of the word. Debian backports security fixes to the version in stable.
"Even simple programs that require very simple configuraiton store it in random places and formats."
I disagree. Most programs I encounter have systemwide configuration files and per-user configuration files. The systemwide ones live in/etc, and the per-user ones live as dotfiles (or dotdirectories) in the user's home directory. There's nothing random about that.
"Not to mention things that require some serious config files, like sendmail, apache or X. Creating a cross-platform powerful configuration language would help."
I don't think it would help. Choosing a standard syntax doesn't help writing modelines or virtual hosts. Well-commented example configurations do - apache and sendmail both come with them. Better yet is the autoconfiguration of X - seriously, when's the last time you had to manually write out an XF86Config or xorg.conf?
"Perhaps it would be wiser to adopt something Open Source such as OpenBSD instead; it's a text-only environment, so the lack of graphical support would be a minor problem at best..."
When did OpenBSD not have 'graphical support'? I'm writing this from OpenBSD with X.org.
For example, if you're running Debian stable, most security updates require two commands: 'apt-get update && apt-get dist-upgrade'. Because it's 'stable', Debian guarantees that the security fixes will not change the functionality of the program.
I don't know if Microsoft guarantees that its fixes won't screw things up (or even work), but there track history would make me hesitant before deploying 'fixes'.
That's why you have encrypted swap. On OpenBSD it's as simple as setting the sysctl 'vm.swapencrypt.enable=1'; there are HOWTOs for other operating systems. Look for the device mapper on Linux, for example.
As to taking up more space than CVS, well, yes it does, but that's because it stores more information that lets the user do basic operations like rename a file - operations that are not present in CVS and are hacked around.
As to being slow compared to CVS, it is slower on some operations (such as the initial get) because it retrieves more information than the server, but consequently other operations are quicker because it already has the information.
As to database corruption and an alternate backend, there's been an alternate backend for months now.
VMWare ESX server, the subject of this article, is a complete operating system for running multiple virtual machines through VMWare. It's based on a 2.4 version of the Linux kernel.
Slashdot Mirror
FreeBSD and NetBSD seem to get a lot done without a benevolent dictator. One reason for their success may be that there aren't as many 'developers' with commit access - they don't have a 'developer' for every two or three programs in the archive as Debian does.
On a different scale, the Apache project is quite successful without a benevolent dictator, and it's just one of many.
RTFA - he was using a dongle which attaches between the keyboard and the case and is about the size of a USB->PS/2 converter. Anyone can get them on ThinkGeek - no software required. It's small, it attaches in an out-of-the-way place - unless you're locking the computers up in a large case and only letting the power, mouse, keyboard, and monitor cables out, it's beyond any off-the-shelf computer to prevent and difficult to stumble on.
"But seriously, does a policy like this do anything but encourace people to write down their passwords?"
It depends where you write it down. If you write it down in some sort of password safe that's encrypted, and keep that only on your hard disk and PDA, that's a heck of a lot safer than the post-it note, and I'd go so far as to call that secure - provided you make sure to keep the encrypted copies in your posession and keyed with a "good" password (longer than 8 characters, who is the story poster kidding).
Seriously, if you're in IT, don't you already have a bunch of passwords you need to keep track of? Do you really expect to keep those in memory? Why *don't* you have some sort of password vault by now?
"They say that if one of the master servers goes down that the accounts held there become unavailable immediately. The other big problem is that while the Steam network is down even the offline games are unplayable. There was no sign of responses from Valve staff or forum moderators."
You're getting what you paid for - the ability to play a game when and where Valve can (and can't) approve you doing so. You've already paid for the game, and Valve doesn't exactly have a pressing incentive to hurry up and allow you to play it, now do they?
There was a thread on netbsd-advocacy a few weeks ago about NetBSD having image problems, and it pointed to this "rule of thumb" as a major example of the misperception of the BSDs. Many people do exactly what you did - "I have no need for portability, and FreeBSD didn't appeal to me, so OpenBSD it was" - or some variation - without actually evaluating reality.
] http://www.openbsd.org/errata35.html# chap-whatsnew-2-0-veriexec
(I'm not as familiar with FreeBSD as I am the others, and I'm happy with NetBSD right now)
Portability: OpenBSD lists 15 different platforms. [0] FreeBSD lists 9. [1] NetBSD boasts some rediculous number, whether you are counting processor types or variations. (For comparison, Debian supports 11 [2]) All of the BSDs are portable.
Security: OpenBSD has a deserved reputation for focus on security. However, don't think they're the be-all-end-all - I would consider several of the 'reliability fixes' in the 3.5 errata [3] to be security issues, particularly #16 and #27. Weaknesses is the encrypted volume support have been discussed on the misc@ list, and it has been suggested that the cgd found in FreeBSD and NetBSD is much stronger; there are no current plans to port that to OpenBSD. NetBSD 2.0 has a new feature, Verified Exec [4] that looks like a very strong tool to counter rootkits; I don't have any experience with it.
Performance: Although more than a year old, take a look at fefe's scalability benchmarks. [5] FreeBSD and Linux 2.6 came out on top by quite a margin. I believe there was work on all fronts after the benchmarks were published, but NetBSD's catches the eye most - in two weeks they pushed scalability beyond FreeBSD. A more recent series of microbenchmarks between FreeBSD 5.3 and NetBSD 2.0 [6] compare the two and are relatively close. When reading those benchmarks, you should keep in mind that it was a uniprocessor system, and there's been a lot of talk about FreeBSD's SMPng.
One thing you didn't mention were packages and ports; OpenBSD's are more limited in number than FreeBSD or NetBSD's. OpenBSD ports follow releases; FreeBSD's don't; NetBSD's have quarterly stable branches independent of the operating system.
One other note of mention is the RIPOFF file [7] maintained by Hubert Feyrer of NetBSD. It's not really about performance, scalability, security, or ports, but it's an interesting read. I haven't verified its accuracy nor do I know if other people keep similar accounts.
[0] http://www.openbsd.org/plat.html
[1] http://www.freebsd.org/platforms/index.html
[2] http://www.debian.org/devel/debian-installer/
[3
[4] http://www.netbsd.org/guide/en/chap-whatsnew.html
[5] http://bulk.fefe.de/scalability/
[6] http://www.feyrer.de/NetBSD/gmcgarry/
[7] http://www.feyrer.de/NetBSD/RIPOFF.txt
'and it is stored in a file cabinet in the basement with a sign on the door "Beware of Leopard".'
If that didn't stop someone like Arthur Dent, is that security?
"The only sticky part is the licensing of free software - total freedom would allow me to fork the source for profit yet that would then restrict the freedom of others in using said free software thus making the software not free anymore. So to remain free I cant do certain things to software restricting my own freedom."
Read a 3-clause BSD license some time, or one of the Apache licenses. You've said it yourself - GNU's "free" isn't "free as in do whatever you want with it".
"3. More Outlook like features: calendaring, contacts, to-do lists, syncing with Palm, etc. These could all be separate modules that all work together. We can never get business people to use Mozilla Mail because Outlook, which eats their mail and gives them viruses, has a few features that Mozilla doesn't."
I'm writing this in Mozilla 1.7.5. There are a calendar (with the option for integrating remote calendars), contacts, and a to-do list. I don't see an option to sync to Palm, however.
"Fully featured, responsive, and with the new security built into SP2, practically invulnerable to virii or hacker intrusion. (God help you if you want to run with the firewall down, but that goes for anything, don't it?)"
You have got to be kidding me. Three vulnerabilities were announced _today_. You are a troll and should be moderated as such.
"nice to see a quick move from MS
MS does something good. How many people will still insult this statement just outta spite for MS? How many will reply to me saying I'm out of my mind?"
You _are_ out of your mind. Microsoft was notified in October. Sitting on an "extremely critical security vulnerability" for over three months isn't quick by any definition.
"Bulletin MS05-001 (HTML Help) is the Extremely Critical vulnerability (Demonstration) that Secunia warned about last week - nice to see a quick move from MS."
Michael, are you kidding me? Read the advisory and the discussion from last week. Microsoft was notified at the beginning of October and has only now gotten around to fixing it.
Hear hear.
"Until then, it's Linux 2.4 and Solaris - both slow compared to 2.6 maybe, but at least they stay up over night :)"
Why not try one of the BSDs? The latest stable releases have scalability and performance on the level of Linux 2.6 but don't have the messy development cycle.
" First of all, I liked debian and run it for years, but. Yes but. Its become something like Qmail or djbdns. It became unmaintained, it became a nightmare. It has software what is over 30 months old and most software isn't even supported anymore by upstream."
Debian is most certainly not unmaintained in any sense of the word. Debian backports security fixes to the version in stable.
Abiword does as well.
"Even simple programs that require very simple configuraiton store it in random places and formats."
/etc, and the per-user ones live as dotfiles (or dotdirectories) in the user's home directory. There's nothing random about that.
I disagree. Most programs I encounter have systemwide configuration files and per-user configuration files. The systemwide ones live in
"Not to mention things that require some serious config files, like sendmail, apache or X. Creating a cross-platform powerful configuration language would help."
I don't think it would help. Choosing a standard syntax doesn't help writing modelines or virtual hosts. Well-commented example configurations do - apache and sendmail both come with them. Better yet is the autoconfiguration of X - seriously, when's the last time you had to manually write out an XF86Config or xorg.conf?
Who marked this insightful? It's called a package manager, and it's existed for quite a long time.
"Perhaps it would be wiser to adopt something Open Source such as OpenBSD instead; it's a text-only environment, so the lack of graphical support would be a minor problem at best..."
When did OpenBSD not have 'graphical support'? I'm writing this from OpenBSD with X.org.
For example, if you're running Debian stable, most security updates require two commands: 'apt-get update && apt-get dist-upgrade'. Because it's 'stable', Debian guarantees that the security fixes will not change the functionality of the program.
I don't know if Microsoft guarantees that its fixes won't screw things up (or even work), but there track history would make me hesitant before deploying 'fixes'.
That's why you have encrypted swap. On OpenBSD it's as simple as setting the sysctl 'vm.swapencrypt.enable=1'; there are HOWTOs for other operating systems. Look for the device mapper on Linux, for example.
As to taking up more space than CVS, well, yes it does, but that's because it stores more information that lets the user do basic operations like rename a file - operations that are not present in CVS and are hacked around.
As to being slow compared to CVS, it is slower on some operations (such as the initial get) because it retrieves more information than the server, but consequently other operations are quicker because it already has the information.
As to database corruption and an alternate backend, there's been an alternate backend for months now.
OpenCVS isn't trying to improve version control techniques, it's trying to provide an alternate implementation of CVS.
VMWare ESX server, the subject of this article, is a complete operating system for running multiple virtual machines through VMWare. It's based on a 2.4 version of the Linux kernel.
"it's a total waste of time. These people are very talented... drop this and join the Linux movement!"
The same could have been said to the early Linux developers about Minix and BSD.
You're right. lynx is not affected.