How many privilege escalation and code execution flaws in, for example, current RHEL?
With the default desktop, plug in any USB mass storage with a crafted filesystem. Even a simple filesystem like ext4 whose maintainer keeps religiously fuzzing it keeps popping up new exploitable flaws; no one bothers issuing CVEs nor even backporting patches to stable kernels for these (as the attack mode is known since forever, and there's only so much educating distro maintainers about security Tytso and co can do). Besides ext4, we have some ridiculously complex filesystems like btrfs or xfs, and plenty of unmaintained ones like qnx4/qnx6 that nevertheless have their modules enabled, including automount, on distro kernels.
Red Hat/Fedora's default is to automount any inserted removable media, at least in the desktop version, even if the screen is locked. This is exactly a case of flaw discussed in this very article; I guess other USB sub-protocols other than mass storage also might have similarly egregious flaws. Shutting down recognizing any new USB devices (other than possibly dumb chargers) while locked is a long overdue fix.
The big difference is the right to repair. When proprietary stuff breaks, all you can do is curse the vendor ("tech support" my ass). With OSS, as long as it's not a problem with lousy undocumented hardware (most of the woes these days), you always have the recourse of fixing it yourself, and then sharing your fix with others.
This by the way is my biggest beef with systemd: it's a big tangle of spaghetti code, with no pieces supposed to be user serviceable. Things done the Unix way are easy to fix by a sysadmin with working knowledge of shell and no special programming ability.
It's called "Open Document Format for Office Applications", not "Open Office XML".
Nope, these formats are very similar, but not the same. OpenDocument is based on Open Office XML. The latter is merely a newer version of StarOffice's format, backwards compatible and even shares its file extensions (.sxw,.sxc,...), the former went through lots of public feedback and did not keep old baggage.
That's just a mirror, the official repo is at kernel.org, while the real master is on Linus' disk. Anyone, Microsoft included, is allowed to mirror it all they want.
This. DNS in particular gives you complete metadata of the host name of every URL visited (stub resolvers don't do caching). As for https, the header also gives you the host name in plain text, thus having your site hosted on a shared server with a million others, contrary to common belief, doesn't hide where you connect to. And, for some "mysterious" reason all major browsers completely declined to implement DNSSEC+DANE which would prevent most kinds of active attacks while current CA-based SSL is trivial to subvert for any state-based adversary.
But even encryption is not enough. Traffic analysis goes a long way towards uncovering your tracks; for this reason no nosy govt agency must be ever allowed this data, nor ISPs+transit providers allowed to aggregate it.
If you have a machine not directly connected to the Internet, your ISP sucks and so does your ability to find an alternate way to obtain modern connectivity. Being enumerable is another matter, but those of us who want to connect back home keep at least one permanent IP. It might be reasonable to use a privacy-extension one for all outgoing connections and the permanent one only for incoming, but I for one never bothered to care enough (and radv is troublesome if you have many VMs of multiple types inside your desktop).
Obviously, most people run Steam on some smelly Windows, but 1. Steam works on Linux too (although x86 only), and 2. Windows laptops see hostile networks the moment you take them outside home anyway.
This system is more like: "person from a single-mother family: 4 years, person from a two-parent family: 2 years", with Blacks being enormously more likely to go into one of the categories than the other.
The categories were made based on non-racist characteristics that at the time appeared to be fair, but only then not only the fairness was put into question, but correlation with race was revealed.
But then, criminality and types of crimes committed are very strongly correlated with race, thus obviously any fair system will have such correlation as well.
Right. I paraphrased an inaccurate sound bite, but with the correction, the main point stands: there's a mandatory prison sentence for an action that in a country with sane privacy rules should be mandatory to perform. Just like MAC address when scanning WiFi endpoints, IMEI needs to be randomized or you can be accurately tracked at any time.
The problem is which do you choose? A company that locks you in to their platform, but generally respects your privacy (at least to our knowledge), or a company that's far less locked down, but pisses all over your privacy.
Choose neither. I'll put my N900 to rest literally today (unless the delivery critter with Gemini is delayed again), then there you have Sailfish and some other niche stuff. Or even some AOSP builds if you want near-Android.
Gemini ships dual-booting Android and Debian, but you can guess how many times I'm going to boot Google-Spyware before running mkfs on that partition (hint: I'm a honking DD, so I'm a wee bit biased towards one of these boot options).
and there's no personal information stored outside of payment information
There are many ways to top-up a pre-paid plan without a card. On the other hand, the "no personal information" thing is why in countries with a Nazi government (such as our current National-Socialist-Theocrat govt in Poland), you have to register your SIM card with the government, and trying to randomize/change the IMEI gets punished harsher than a rape.
But the question is, who is a Russian? I propose defining that anyone with more than one grandparent of Russian blood is to be considered a Russian. For personnel for high-security duties, no ancestors since 1750 may be Russian.
All Russians are white, too. You'd better avoid the Chinese as well, as both of these countries are economically hostile against the US. Thus, no whites or asians may be allowed for any trusted jobs. Also, as neither Russia nor China recognizes genders which don't exist in nature, you can avoid all such spies by disallowing males and females who identify as their birth gender. See, and the rightards claim that tech companies partake in racial and gender discrimination for no rational reason!
Well, you can use KVM if you want, but it's usually not a good idea. Containers are drastically more efficient than paravirtualization like Xen, and that in turn is drastically more efficient than dumb old virtualization. Yes, full-blown virtualization offers better separation of virtual machines, but for example the recent crop of Intel bugs allow breaking out of a VM just "fine".
There's the Windows Insider program. Too bad, most of severe regressions -- ones that prevent booting at all -- also make any automated error reporting impossible. Manual reports are of course ignored. Heck, I bet automated reports are ignored as well.
There's a fast track update every ~2 weeks; no release since then was able to boot twice for me (somehow, it works the first time after upgrading).
It's my only Windows 10 installation; it's small enough I can dd it from backup easily -- but if I actually needed it for something productive I'd be pissed.
I think it was a multi-stage process. Religious movements, usually limited to a single preacher and his followers, were about as abundant as bugs in Windows. People were more religious than they are today, and we're not exactly lacking in this department even by present day.
Thus, it is quite likely one was indeed run by a guy named Jehoshuah son of Pantera (perhaps even of that particular Tiberius Julius Abdes Pantera).
What I'm putting in doubt is the relationship between this itinerant preacher and the new cult. First, no verifiable facts about his life match -- everything we can check (the census, its rules, who governed, etc) is false; it looks to me as if it was just a ploy by a new group of demagogues to take over a bunch of vulnerable followers who just lost their guru. Heck, it's possible they got even the name wrong! Second, any doctrinal relationship looks too unlikely to me: a cult an illiterate laborer comes up with looks completely different from one designed by people with good knowledge of cults from far regions of the Empire.
The Old Testament is a very diverse mixture of many types of books: mythology, historic records, poetry and even porn (yes, this is how the ancients described sex, even when writing on the wall of a brothel). So tales of Moses and Abraham are 100% invented (heck, even Jah himself was adopted only in Kanaan), while parts from 1000BC get at least names of kings and major facts right. It's still greatly tampered by current wishes of priests of the day: for example, according to the Bible, the kings got the cult of Asherah completely eradicated by 1000BC while it's only by 800BC when we really get stelas dedicated to "Jahveh and his Asherah" (both deities were worshipped elsewhere much earlier). Dating of monotheism is disputed, but it hasn't even been introduced earlier than 500BC and hasn't been universal among Jews until around 100BC.
But that's the Old Testament, where people at least had some interest in tales of the past. Whoever invented Christianity and wanted to give it a veneer of legitimacy by picking a preacher of days past didn't bother to do even the most basic fact checking. An ordinary believer of the turn of 1st/2nd century did not care nor have the means to check a census of a hundred years past, the rules of that census, records of who governed the province by then, whether they did order any mass-scale atrocities such as murder of first-borns in a large area, etc. These tales were pretty tall but people were not used to fact checking (and, judging by spread of faux news, are not used to today).
A more interesting question is, "Why did Christianity spread so quickly? What was it that seemed so convincing to the Romans and others who heard it?" I don't really have an answer for that.
Because the new religion plagiarized elements of pretty much every popular cult of the day. Monotheism started to be in fashion (see Mithraism), the educated were all about platonism, the poor wanted a promise a paradise, etc. The new religion was masterfully engineered for the then-current audience.
Thus, for Jesus, it seems he wasn't a complete Comrade Ogilvy, but whoever designed Christianity didn't care -- or perhaps even know -- about Jesus' life nor what he preached. Plato-like philosophy in particular would be especially unlikely for an illiterate Jewish laborer.
My qualifications here are not any higher than those of an average Slashdot reader -- ie, basic reading comprehension -- but that already puts us above the vast majority of humankind.
What I'm claiming here, is that Bible scholars who are Christians are about as authoritative as cancer scientists who are sponsored by a tobacco company. The vast majority of available literature is produced by such scholars, and additionally, there's no mark of of the author's belief -- nor of who really paid for a given cancer study -- and even if there was, a Christian is capable of being honest, thus any arguments must be judged solely on their own merit rather on who says them. Ie, appeal to authority nor appeal against authority don't apply here.
Thus, the best I can do is to take the arguments and use my, very weak and unqualified, understanding, and try to make sense of them. It might be enlightening to take a look at a less controversial topic first.
You are disagreeing with most historians. When did you get your PhD?
You mean, the vast majority of Bible scholars are Christians and thus have a strong belief Jesus existed?
Note my words earlier in this thread: "Any documentation comes from 2nd century, and is very obviously tainted -- either comes from Christians themselves or is a copy of their works.". To which, the answer was Tacitus... who wrote in AD 116, had no knowledge about Jesus at all -- merely about some "Christus" whose name obviously came from the group itself. Additionally, the only surviving copy is medieval, and has suspicious details like Pilate's rank which suggest an ignorant tamperer.
Slashdot Mirror
How many privilege escalation and code execution flaws in, for example, current RHEL?
With the default desktop, plug in any USB mass storage with a crafted filesystem. Even a simple filesystem like ext4 whose maintainer keeps religiously fuzzing it keeps popping up new exploitable flaws; no one bothers issuing CVEs nor even backporting patches to stable kernels for these (as the attack mode is known since forever, and there's only so much educating distro maintainers about security Tytso and co can do). Besides ext4, we have some ridiculously complex filesystems like btrfs or xfs, and plenty of unmaintained ones like qnx4/qnx6 that nevertheless have their modules enabled, including automount, on distro kernels.
Red Hat/Fedora's default is to automount any inserted removable media, at least in the desktop version, even if the screen is locked. This is exactly a case of flaw discussed in this very article; I guess other USB sub-protocols other than mass storage also might have similarly egregious flaws. Shutting down recognizing any new USB devices (other than possibly dumb chargers) while locked is a long overdue fix.
OSS stuff can "break" also.
The big difference is the right to repair. When proprietary stuff breaks, all you can do is curse the vendor ("tech support" my ass). With OSS, as long as it's not a problem with lousy undocumented hardware (most of the woes these days), you always have the recourse of fixing it yourself, and then sharing your fix with others.
This by the way is my biggest beef with systemd: it's a big tangle of spaghetti code, with no pieces supposed to be user serviceable. Things done the Unix way are easy to fix by a sysadmin with working knowledge of shell and no special programming ability.
Second, he's a cheap-skate and didn't want to pay for real service. The idea of "free" always made him giddy
Funny that, the idea of "paying" for software makes me, well, not quite giddy. So who's falling for a scam here?
This particular kind of love has its name. And gets you 6 months to 10 years.
It's called "Open Document Format for Office Applications", not "Open Office XML".
Nope, these formats are very similar, but not the same. OpenDocument is based on Open Office XML. The latter is merely a newer version of StarOffice's format, backwards compatible and even shares its file extensions (.sxw, .sxc, ...), the former went through lots of public feedback and did not keep old baggage.
That's just a mirror, the official repo is at kernel.org, while the real master is on Linus' disk. Anyone, Microsoft included, is allowed to mirror it all they want.
"Not malicious", uh huh sure sure. Like Office Open XML when their direct competitor had Open Office XML.
There's no 1:1 relation between host names and IP addresses, either way.
This. DNS in particular gives you complete metadata of the host name of every URL visited (stub resolvers don't do caching). As for https, the header also gives you the host name in plain text, thus having your site hosted on a shared server with a million others, contrary to common belief, doesn't hide where you connect to. And, for some "mysterious" reason all major browsers completely declined to implement DNSSEC+DANE which would prevent most kinds of active attacks while current CA-based SSL is trivial to subvert for any state-based adversary.
But even encryption is not enough. Traffic analysis goes a long way towards uncovering your tracks; for this reason no nosy govt agency must be ever allowed this data, nor ISPs+transit providers allowed to aggregate it.
If you have a machine not directly connected to the Internet, your ISP sucks and so does your ability to find an alternate way to obtain modern connectivity. Being enumerable is another matter, but those of us who want to connect back home keep at least one permanent IP. It might be reasonable to use a privacy-extension one for all outgoing connections and the permanent one only for incoming, but I for one never bothered to care enough (and radv is troublesome if you have many VMs of multiple types inside your desktop).
Obviously, most people run Steam on some smelly Windows, but 1. Steam works on Linux too (although x86 only), and 2. Windows laptops see hostile networks the moment you take them outside home anyway.
And elections matter in Russa, why? The results are known months before the vote.
This system is more like: "person from a single-mother family: 4 years, person from a two-parent family: 2 years", with Blacks being enormously more likely to go into one of the categories than the other.
The categories were made based on non-racist characteristics that at the time appeared to be fair, but only then not only the fairness was put into question, but correlation with race was revealed.
But then, criminality and types of crimes committed are very strongly correlated with race, thus obviously any fair system will have such correlation as well.
"Uwaga, wlaczamy faze". Sorry for a foreign language only reference on an English-speaking site, but this just has to be said. :p
Right. I paraphrased an inaccurate sound bite, but with the correction, the main point stands: there's a mandatory prison sentence for an action that in a country with sane privacy rules should be mandatory to perform. Just like MAC address when scanning WiFi endpoints, IMEI needs to be randomized or you can be accurately tracked at any time.
The problem is which do you choose? A company that locks you in to their platform, but generally respects your privacy (at least to our knowledge), or a company that's far less locked down, but pisses all over your privacy.
Choose neither. I'll put my N900 to rest literally today (unless the delivery critter with Gemini is delayed again), then there you have Sailfish and some other niche stuff. Or even some AOSP builds if you want near-Android.
Gemini ships dual-booting Android and Debian, but you can guess how many times I'm going to boot Google-Spyware before running mkfs on that partition (hint: I'm a honking DD, so I'm a wee bit biased towards one of these boot options).
and there's no personal information stored outside of payment information
There are many ways to top-up a pre-paid plan without a card. On the other hand, the "no personal information" thing is why in countries with a Nazi government (such as our current National-Socialist-Theocrat govt in Poland), you have to register your SIM card with the government, and trying to randomize/change the IMEI gets punished harsher than a rape.
Same as other racists, your problem is that you asked "who" instead of "what."
Excuse me, please tell me how could I write my post in a tone even more mocking?
You know that, and so do the admins of govt networks. But without the whining, their departments won't get that hundred million bucks of extra budget.
But the question is, who is a Russian? I propose defining that anyone with more than one grandparent of Russian blood is to be considered a Russian. For personnel for high-security duties, no ancestors since 1750 may be Russian.
All Russians are white, too. You'd better avoid the Chinese as well, as both of these countries are economically hostile against the US. Thus, no whites or asians may be allowed for any trusted jobs. Also, as neither Russia nor China recognizes genders which don't exist in nature, you can avoid all such spies by disallowing males and females who identify as their birth gender. See, and the rightards claim that tech companies partake in racial and gender discrimination for no rational reason!
Looks like it only supports Linux containers
Well, you can use KVM if you want, but it's usually not a good idea. Containers are drastically more efficient than paravirtualization like Xen, and that in turn is drastically more efficient than dumb old virtualization. Yes, full-blown virtualization offers better separation of virtual machines, but for example the recent crop of Intel bugs allow breaking out of a VM just "fine".
There's the Windows Insider program. Too bad, most of severe regressions -- ones that prevent booting at all -- also make any automated error reporting impossible. Manual reports are of course ignored. Heck, I bet automated reports are ignored as well.
There's a fast track update every ~2 weeks; no release since then was able to boot twice for me (somehow, it works the first time after upgrading).
It's my only Windows 10 installation; it's small enough I can dd it from backup easily -- but if I actually needed it for something productive I'd be pissed.
I think it was a multi-stage process. Religious movements, usually limited to a single preacher and his followers, were about as abundant as bugs in Windows. People were more religious than they are today, and we're not exactly lacking in this department even by present day.
Thus, it is quite likely one was indeed run by a guy named Jehoshuah son of Pantera (perhaps even of that particular Tiberius Julius Abdes Pantera).
What I'm putting in doubt is the relationship between this itinerant preacher and the new cult. First, no verifiable facts about his life match -- everything we can check (the census, its rules, who governed, etc) is false; it looks to me as if it was just a ploy by a new group of demagogues to take over a bunch of vulnerable followers who just lost their guru. Heck, it's possible they got even the name wrong! Second, any doctrinal relationship looks too unlikely to me: a cult an illiterate laborer comes up with looks completely different from one designed by people with good knowledge of cults from far regions of the Empire.
The Old Testament is a very diverse mixture of many types of books: mythology, historic records, poetry and even porn (yes, this is how the ancients described sex, even when writing on the wall of a brothel). So tales of Moses and Abraham are 100% invented (heck, even Jah himself was adopted only in Kanaan), while parts from 1000BC get at least names of kings and major facts right. It's still greatly tampered by current wishes of priests of the day: for example, according to the Bible, the kings got the cult of Asherah completely eradicated by 1000BC while it's only by 800BC when we really get stelas dedicated to "Jahveh and his Asherah" (both deities were worshipped elsewhere much earlier). Dating of monotheism is disputed, but it hasn't even been introduced earlier than 500BC and hasn't been universal among Jews until around 100BC.
But that's the Old Testament, where people at least had some interest in tales of the past. Whoever invented Christianity and wanted to give it a veneer of legitimacy by picking a preacher of days past didn't bother to do even the most basic fact checking. An ordinary believer of the turn of 1st/2nd century did not care nor have the means to check a census of a hundred years past, the rules of that census, records of who governed the province by then, whether they did order any mass-scale atrocities such as murder of first-borns in a large area, etc. These tales were pretty tall but people were not used to fact checking (and, judging by spread of faux news, are not used to today).
A more interesting question is, "Why did Christianity spread so quickly? What was it that seemed so convincing to the Romans and others who heard it?" I don't really have an answer for that.
Because the new religion plagiarized elements of pretty much every popular cult of the day. Monotheism started to be in fashion (see Mithraism), the educated were all about platonism, the poor wanted a promise a paradise, etc. The new religion was masterfully engineered for the then-current audience.
Thus, for Jesus, it seems he wasn't a complete Comrade Ogilvy, but whoever designed Christianity didn't care -- or perhaps even know -- about Jesus' life nor what he preached. Plato-like philosophy in particular would be especially unlikely for an illiterate Jewish laborer.
My qualifications here are not any higher than those of an average Slashdot reader -- ie, basic reading comprehension -- but that already puts us above the vast majority of humankind.
What I'm claiming here, is that Bible scholars who are Christians are about as authoritative as cancer scientists who are sponsored by a tobacco company. The vast majority of available literature is produced by such scholars, and additionally, there's no mark of of the author's belief -- nor of who really paid for a given cancer study -- and even if there was, a Christian is capable of being honest, thus any arguments must be judged solely on their own merit rather on who says them. Ie, appeal to authority nor appeal against authority don't apply here.
Thus, the best I can do is to take the arguments and use my, very weak and unqualified, understanding, and try to make sense of them. It might be enlightening to take a look at a less controversial topic first.
You are disagreeing with most historians. When did you get your PhD?
You mean, the vast majority of Bible scholars are Christians and thus have a strong belief Jesus existed?
Note my words earlier in this thread: "Any documentation comes from 2nd century, and is very obviously tainted -- either comes from Christians themselves or is a copy of their works.". To which, the answer was Tacitus... who wrote in AD 116, had no knowledge about Jesus at all -- merely about some "Christus" whose name obviously came from the group itself. Additionally, the only surviving copy is medieval, and has suspicious details like Pilate's rank which suggest an ignorant tamperer.