Slashdot Mirror


User: Tom

Tom's activity in the archive.

Stories
0
Comments
10,601
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 10,601

  1. Re:Drivers on Why UNIX is better than Windows... By Microsoft · · Score: 2

    Better hardware detection. Setting up UNIX on a new PC is difficult, requiring a more intimate knowledge of how the hardware is built.

    Actually, not at all. The failure of Unix systems here is to not use what is available. The recently mentioned Knoppix shows how it can be done. Most current distributions also autodetect hardware very good.

  2. Re:Wait a Minute! on Indian State Switches to Linux · · Score: 2

    Move to India. Leave this country.

    You may not realize it, but the "like it or leave it" bullshit is not a "witty aphorism", it's a tool to sentence critics. It takes more courage to stay and fight an abusive regime than to pack up and go elsewhere. And without people who have the guts to stay and do something about whatever it is that's wrong, we'd probably all be living in caves still.

    So if you don't like people speaking their mind, then leave. ;-)

  3. Re:Free beer or speech? on Indian State Switches to Linux · · Score: 2

    Either way, I wish our own government would use linux. As it would be a great push away from the monopoly [microsoft.com] that they "punished".

    Yeah, funny isn't it? You'd think they don't deal with convicted felons or the likes of them.

    Shows you how much power the government really has. Just enough to bully a few tiny foreign nations (Iraq has 16 mio. people - that is what? twice LA ?) but not enough to take a stand against found-guilty corporations within their own borders.

  4. Re:A Question of Monopoly on Indian State Switches to Linux · · Score: 2

    All the public infrastructure is publicly owned (trains, electricity)

    Which, as any economist not blinded by neoliberal capitalism will tell you, can be a good thing. It all depends on how its run. Public transport especially tends to be best where it's publicly owned.

  5. Re:A good reminder.. on University of Twente NOC Destroyed · · Score: 2

    absolutely. A local power company I sometimes work with has the following simple policy:

    It is not considered a backup until it's stored in two locations at least 10 miles apart.

  6. Re:Timlock puzzles on Controversy Surrounds Huge IE Hole · · Score: 2

    The idea is nice. One problem is that even though I've been looking for ready-made software for this and several other "crypto tricks", I couldn't find anything so far.

    Obviously, you can't ask someone to cook up a new crypto tool before he can publish an exploit.

    If you have any links, post away.

  7. Re:I once "discovered" a virus... on Controversy Surrounds Huge IE Hole · · Score: 2

    MS will prettymuch HAVE to deal with this one.

    Which is pretty much the whole point. M$ has a history of completely ignoring, then denying and/or downplaying, then acknowledging but still not patching (and so on) security problems.
    Full disclosure is the only thing that works with M$. Sad but true.

    Well, at least this time it's a problem that affects only them. I still get bloody virus mails every day. Feature request to the next Klez/loveyou/whatever author: Please check the remote mailserver and don't send copies to non-M$ systems.

  8. hack update.microsoft.com on Controversy Surrounds Huge IE Hole · · Score: 3, Insightful

    Now if only someone could break into update.microsoft.com and put the exploit there...

    (The windos update program uses IE. Good design decision to use your most insecure piece of code for security updates, isn't it?)

  9. Re:Yawn on Controversy Surrounds Huge IE Hole · · Score: 2, Interesting

    No problem, just visit the IT department of any company near you that is using windos for their corporate LAN.

    I'm a Unix admin, but I've often worked closely with the NT admins. I know that a considerable part of their day (which for the company means: salaries) is spent on all kinds of busywork that essentially compresses to damage control.

  10. Re:Irresponsible? on Controversy Surrounds Huge IE Hole · · Score: 2

    If Linux had an exploit that allowed someone to ssh into your box, su to root, then fsck your harddrive, and a patch wasn't released yet, would you be pissed off that bugtraq posted the code to exploit the bug?

    Fallacity one: You assume that the script kiddies (not to even mention the pros) get their exploits from bugtraq. Nothing could be more wrong.

    Fallacity two: You compare Linux and OpenSSH, where exploits exist, are acknowledged and usually patched in hours or days, with Micro$oft, where exploits are regularily played down and left unpatched for months. Why is that important? Because someone submitting a bug report to, say, the OpenSSH team, can expect a reply and likely a patch within a day or two. Bugtraq is fully of advisories starting along the lines of "Micro$oft was informed on (insert date > 1 month ago)".

  11. Re:All comments so far should be modded "-1 RTFA" on Controversy Surrounds Huge IE Hole · · Score: 2

    if I can run commands on your system, I can format the hard drive, provided I have the necessary access rights.
    Who ever said I have to use the bundled format tool? On any 9x system I could just rawrite to the disk. Other IE holes allow me to download my own software. I could use my own format program, or a simple expect-like script to go past the "safeguards".

  12. pleeaase... on Controversy Surrounds Huge IE Hole · · Score: 3, Informative

    Not the whole full-disclosure discussion again. The topic has been discussed to death on pretty much every security-related mailing list, newsgroup, whatever for the past years.

    And frankly, if you surf with IE, which has known security holes that have been unpatched for well over a year, you simply deserve whatever you get.

  13. blows you away on Klaus Knopper, Creator of Knoppix Talks to DistroWatch · · Score: 2

    Me, and everyone I've shown it to, was simply blown away by Knoppix. And the deeper you look, the more impressed you are:

    * On the surface, it's just a perfectly user-friendly demo disk. Power on, CD in, KDE up. Now you may or may not like KDE (I don't like it), but it gives an instant "slick" interface that can easily hold its own against the whole windos world.

    * Then you realize it had a full-blown hardware autodetection, that works incredibly well - I've yet to see a machine where it doesn't come up fully automated and well-configured.

    * It also includes everything you need to go online, no matter what your connection is. It does DHCP, PPP, ISDN (very common in Germany), PPPoE for the ADSL people, even wireless if you want.

    * Then you start to wonder how all this stuff (900 packages, including all of OpenOffice, KOffice, more than a dozen small games, etc.) fits on the CD, and you learn that the guy wrote a compressed loop kernel module and everything is transparently decompressed when it's read from the CD!

    * Finally, it's 100% GPL. All of it is Free Software tools bolted together intelligently.

  14. games? on Xbox Live Goes Online · · Score: 2

    So, are there any games that are worth playing online on the billybox? Halo is certainly responsible for half the billybox sales so far (i.e. that half of the Halo fans they didn't piss off when they scraped the PC, Mac and Linux versions), but what title will pull the live system?

    Remember: Consoles are nothing without the games. Contrary to general purpose computers, there isn't really anything else you could use it for, so if the box has no games, it has no sales.

    So far, I haven't seen anything that is not either available on other platforms, or well below average. Where's the exclusive killer title?

  15. its an illusion on What's Keeping You On Windows? · · Score: 2

    For many people, there is nothing really keeping them on windos, except the fact that everyone, even the Linux fans, is telling you how painful the switch is and that you still need windos for many things.

    I kept a dual-boot system for many years, telling me the same stuff - need windows for games, need windows for this, need windows for that.
    Like some nicotin or other drug addicts, one day I just decided to do it. I removed windows from lilo and never looked back. Yeah, there is software that doesn't run under Linux and there isn't an equivalent, but as with smoking, you gotta get away from it before you know if you really need it or not.

    So, what's keeping people on windows? Habit, of course, and the Fear, Uncertainty and doubt tripplet.
    My estimate is that maybe 10% of the windows users really need windows. Everyone else could switch if they only wanted to. That they don't means that billy hasn't pissed off his users enough, yet. Smart guy, I give him that, knows his limits.

  16. give TLDs meaning again on Using Your Own Name May Be Infringement, Part 2 · · Score: 2

    Why not make a simple deal: The corporations can have .com (it was made for them) if and only if they keep their greedy claws off .org

  17. Re:Not interested... on Doom 3 Alpha Leaked · · Score: 2

    ID *IS* the company that pushes FPS technology to it's fullest.

    Right, their technology has always been top of the line. Now when it comes to storyline, gameplay, replayability, creativity and the other elements of a great game, that varies a lot and is usually in the medium segment.

  18. get it right on Doom 3 Alpha Leaked · · Score: 2

    Next time, at least leak the Linux version and only that. Bet that'd get the "most-people-converted-to-Linux-in-one-day" record?

  19. Re:oh great on SuSE Linux will run Microsoft Office · · Score: 2

    Read any paper written by someone with a clue about interface design - windows and office are nightmares. Just because you've become used to it doesn't mean that it's good. Humans have adapted to tyranny, hunger, disease, religion and a billion other bad things, so windows is by far not alone there.

    And no, emacs isn't my idea of a good UI.

    There are a lot of resources out there about good interfaces and interface design. Spend ten minutes with google if you actually care.

  20. oh great on SuSE Linux will run Microsoft Office · · Score: 1, Flamebait

    The death of office productivity finally available for Linux users, too.
    Will the paperclip work, too, or will we just have to put up with virus-prone macros, proprietary and bloated document formats, the crappy user-interface and memory-hogging sluggishness?

    Oh, wait. Now Linux users can pay Microsoft money so they can continue fighting Linux wherever they can.
    Go left, everyone just one crucifix.

  21. Re:Yea!!! on RC5-64 Success · · Score: 3

    I don't know why the parent was modded up as funny, but:

    There is a difference between saying "in theory, we could do this and that" and actually doing it.

    Cryptography specifically is a realm of arbitrary large numbers, theoretical math way, way beyond what 99% of people ever learn in both school and university, and lots of guesswork, estimates, approximations, you name it.

    I don't think anyone is really surprised by the outcome, but nevertheless, the only real proof that something can be done is and always will be to actually do it.

  22. Re:Reasons on New Linux Worm Found in the Wild · · Score: 2

    Good point, and true. However, the difference is not an order of magnitude, and as such doesn't matter much. If Slapper has 2% or 5% of the CodeRed impact is not an issue. If it had 20% instead of 2%, it would.

    You can find figures on SSL servers at netcraft, unfortunately only if you pay for their SSL report.

  23. Re:comparison on New Linux Worm Found in the Wild · · Score: 4, Informative

    Yes, I actually do believe that we are somewhere near the peak. Maybe not quite yet, maybe we've already passed it.

    Why? Because of worm propagation history. Slapper is old news by now.

    Compare this graph:
    http://www.caida.org/analysis/security/code-red/co deredv2_analysis.xml#infectionrate

    It shows that CodeReds growth was exponential at the critical time, which measured only a few hours. Days have passed since Slapper hit the 10k mark, and we haven't seen any considerably higher estimates.

  24. Re:Reasons on New Linux Worm Found in the Wild · · Score: 3, Informative

    No, you are actually wrong on that. If you compare the number of IIS servers (they're all windos) and the number of Apache/Linux servers, then Apache/Linux is up front.
    Even if you double the number to account for people running IIS on their home-desktop, you get nowhere near the "infected-to-unaffected" ratio.

    Remember that all the "95% market share" babble is about desktop systems, while both Slapper and CodeRed are targetting server systems, where windos is one among many, and by far not the leader.

  25. comparison on New Linux Worm Found in the Wild · · Score: 4, Insightful

    To all those who will no doubt post "see, CodeRed can happen to Linux, too" - here is some enlightenment:

    There are currently an estimated 10,000 hosts infected with Slapper (any variant).

    According to DShield's CodeRed history page, around 25,000 windos hosts are still estimated as CodeRed infected, one year after the event.
    According to news.com, at the peak we had over 350,000 infected machines.

    10,000 is about 2% of 350,000. No, Slapper is in not even comparable to CodeRed when it comes to spread, neither speed nor coverage.

    It does, however, proof two things:

    a) The Linux world is susceptible to the same generic diseases
    b) For various reasons (more variety, better sysadmins, better security in general), it coped much better with an actual outbreak.