Just be DAMN SURE your sabotage will go undetected.
In fact, with any sane backup strategy that keeps a track of the history of vital system scripts, the proof needed to sue you into oblivion will be right there. On the other hand, since it's you who's implementing backups, with a bit of thinking it's easy to make sure the proof will not be anywhere.
Also, taking some ideas from the Underhanded C Contest would be insightful, too.
Just above all, do not get caught. Even if you would have to castrate your trojan in order to be safer.
I meant that knowing how to set up and care for a firewall is trivial, but I forgot that not everyone deals with firewalls on a professional or skilled-amateur level. And even more, it is not a shame -- just like I spent a lot of time today researching basic cooking concepts, something completely trivial for any cook or a housewife.
If you already care for a number of boxes, adding a yet another one has a really negligible cost. If it's the only box, you need to invest the time and effort, something that could be better spent doing other things. Just as long as your prepackaged appliance is good enough.
That "good enough" can make professionals wince, but I guess a good gardener would say the same if he saw your plants in a pot.
Using the wheel for the primary mode of movement is pretty clumsy.
But, speaking of ways of 3D navigation people are really accustomed with... WSAD anyone?
Back in the days, I once wrote a quick hack to visualise a 3D structure. Everyone had problems navigating around the view, until I changed it to something Descent-like (it was the only fully-3D game at the time, nothing else had 6 degrees of freedom).
No matter whether it's a pretty web browser with bells and whistles or a crude tool for viewing a protein in a way not supported by the tools you had, it's a lot better to use an interface people already know. And you can bet a lot of thinking was put into designing the navigation in 3D games:p
Show me a security infrastructure for any "consumer-grade" router; especially one that can notify you instead of waiting for you to check for new issues by hand. For home/small office stuff, the company which produced them stops giving a damn the moment you pay for your appliance.
Check for example the recent NetGear and D-Link DoS attacks against NTP servers. I'm pointing these out because they are more visible than just remote security holes -- if an appliance gets pwned, people hardly ever notice; at most, they just replace it if it appears to have stopped working.
The situation is hardly any better for the more expensive gear. Being a bit paranoid^Wreasonable, I don't trust Cisco pieces of crap enough to let them be addressable from either the outside world or the company network. Hiding a router is actually possible: note that point-to-point links don't require the endpoints to have a valid address; fooling the Cisco router into thinking it's in control is a matter of a few iptables rules, and then you can do the actual routing using software that hasn't been produced by a company well-known for sweeping bugs under the carpet.
Google can already follow you around the 'net using their ad network. Blogs, photos, news sites, etc., all have Google Adsense.
Since all of Google's tracking uses 3rd party servers, ypu cam trivially avoid it except for when you explicitely use one of their services. All you need to do is to get and train Adblock, do the equivalent on your Squid proxy or cut them off on your DNS and/or firewall.
For Adblock, you do know where to get it from. For Squid, there are packages like adzapper. I'm not sure if Privoxy cuts away Google's spying, but I hope it can do it as well. For DNS-based blocking, let me plug my own database: (no pretty page, sorry) -- on your DNS server, put deb http://angband.pl/debian sarge main into/etc/apt/sources.list and apt-get install dnscruft. It should be in the official repository once I bum an upload off a DD.
Of course, the best idea is to have more than one layer of defense. This is a form of spying that can be easily thwarted, so there is no reason we shouldn't fight for ourselves and our networks.
Well, but if you try to run Windows in VMware, you can expect a result like this.
(Just joking... VMware is pretty much the only way to reliably test an installer for win32. Plus, anything that would force someone to reactivate Windoze every single time a new debug build of your software's installer gets run can go to hell.)
There are probably some areas that are like that, but this is one that one can only object to from a religious (hence uninformed and totally irrelevant) point of view.
A religious point of view _is_ uninformed, but I certainly wouldn't call it irrelevant. Not while one of religions makes everything they can do to wipe out any "infidels" -- first Israel, then the rest of the world, pursuing nuclear weaponry to achieve these result, and another one _already_ has nukes and keeps invading other countries for bogus reasons.
Check out this post. If it doesn't deserve to be put in Wikipedia as an example in the "ad hominem" article, I don't know what does.
The whole flamewar is quite one-sided: there is only a few people who support Java in non-free, and the whole rest opposes them. Too bad, the proponents are the DPL and more than one FTPmaster.
The current Java license is obviously unacceptable; the FAQ is ok. Too bad, the FAQ explicitely says that it doesn't bear any legal relevance, and, even worse, the license explicitely says that it can't be overridden by things like that FAQ. Thus, I'm afraid that Anthony Towns' argument that says "the FAQ makes the license fine" doesn't stand.
Fortunately, it appears that, albeit slowly, Sun actually exhibits a sliver of good will. Let's hope they'll change the license soon.
It will be equally voluntary for citizens. You don't want to be chipped, when you don't have to be a citizen either.
You're discussing brain-dead religious extremists. For them, let's go for a different argument: Revelation 13
17 And that no man might buy or sell, save he that had the mark, or the name of the beast, or the number of his name.
Well, it's good to see security issues fixed instead of having them swept under the carpet. Indeed, both Microsoft and Opera lack the guts to admit they're not perfect.
However, the automated updates (Mozilla devs be praised!) make putting releases like this not worthy of a news article.
> +1 GHz 32-bit (x86) or 64-bit (x64) processor. Not too bad for modern machines, but this is starting to get crazy for just an OS Too bad, 386 compatibility was dropped, but I installed the previous weekly of Etch on a 486 just fine.
> +1 GB of system memory. I know a few gamers still running 512 MB and most systems are still coming 256/512 as the default. Right, 24MB in that box forced me to mount swap right on.
> +A graphics processor that runs Windows Aero. > +128 MB of graphics memory. So like 90% of machines that the big three sell will not run Aero? Most still default to 64MB or built-in cards and right now most people do not want/need more. Bummer, the new GTK installer didn't run on an ISA Cirrus Logic whatever. I had to upgrade to an S3 card. Blargh, those inflated requirements.
> +40 GB of hard drive capacity with 15 GB free space. This is nearly 10x the install for XP pro. Does anyone else find this a bit crazy? 40MB? Yeah, you won't manage the install unless you prepare a ready image first. Oh, wait. You said GB?
> +DVD-ROM Drive With a 15GB install, I damn well hope it install off of a DVD and not a CD-ROM or I might die switching out CDs. Netinst anyone?
This is just plain silly for an OS. And I am supposed to play games on top of all this? Show me a game better than NetHack then. Two other games I consider decent are Master of Orion 2 and the Two Towers, but none of them need any better hardware than this. I can't think of any newer game being usable for more than like 100 hours of fun.
While I will commend Microsoft for trying to add security, Ok, now you're too hilarious for me to handle.
And for those who consider this post a troll/flamebait: I'm talking about minimal requirements, I run production servers on modern SMP machines. But, something that's fast on a 386 will be lightning fast on a Pentium 17 or Überon. Something that crawls on Überon will, well, crawl on Überons.
Well, note that they're scientists specializing in that kind of stuff. And even they are getting just 90% accuracy.
A naive reader could misunderstand you and think that it's a program written by those scientists that gets 90%, but this is obviously not the case. I'm not an idiot (I hope), and I keep getting captchas wrong like half of the time.
There is one problem in your argumentation, I'm afraid.
The only non-negligible contenders to the Repunazi Party, the Commiecrats, are as bad or perhaps even worse. They're even more corrupt, even more populist (although the Republicans really went forward in this department during the last few years). Just think: whom do you thank for DMCA?
In the US, it's more like 3% of us and 97% of them.
Also, a lot of software tends to sync after every write, believing that this is the holy grail for data consistency. This is not true, as losing power already pretty guarantees data loss. Plus, most hardware faults cause something worse than just a clean, nice instant shutdown. Having the disks synced won't save you from most motherboard glitches, a bit faulty memory, and so on. Plus, a sudden poweroff is something that can be easily handled with an UPS; there is no such easy way to ensure the rest of the hardware will work ok.
Thus, you need backups and fallover anyway.
So, why would we bother with an immense hit to performance just to be somewhat safer from a single type of hardware issues? Lying to Postgres about syncs will get you off that 100-200 transactions per second bottleneck, and lying to dpkg makes it install packages in a tiny fraction of second while a similar piece of hardware will take several seconds for the same task.
Of course, you do have to know what you're doing. There are pieces of data where you can/need to redo the failed run anyway, and there are financial transactions where losing committed data is unacceptable.
Well, it makes you wonder whether you have been to any conference that included even a small social-like part where no one causes some stir. Usually, with alcohol involved.
Considering the amount of people involved in DebConf, it is pretty strange that there was only one scuffle.
I wish I was there and got a chance to cause some mayhem (not a fight, but surely something reportable:p)
No, no one of those "debian-legal madmen" you're talking about endorses that license. In fact, only a single person (although it's the DPL) dared to say that it's acceptable for Debian's non-free section, and even then after a personal meeting with a Sun's person on the DebConf.
The license has pretty few clauses that are good enough even for non-free; on the other hand, those "zealots" you're bashing typically have problems with one or two issues per license. Sun's piece of crap is actually worse than their previous license.
Or actually, the sabotage can involve nothing but training your replacement the right way.
Just be DAMN SURE your sabotage will go undetected.
In fact, with any sane backup strategy that keeps a track of the history of vital system scripts, the proof needed to sue you into oblivion will be right there. On the other hand, since it's you who's implementing backups, with a bit of thinking it's easy to make sure the proof will not be anywhere.
Also, taking some ideas from the Underhanded C Contest would be insightful, too.
Just above all, do not get caught. Even if you would have to castrate your trojan in order to be safer.
Gameplay (sadly) hasn't changed a bit in 5 years!
Actually, it did change, a lot. 100% to the worse.
How many time did you spent playing MoO2? Starcraft?
How many playing time any of new games is worth?
Ah, I withdraw my criticism for that part then.
I meant that knowing how to set up and care for a firewall is trivial, but I forgot that not everyone deals with firewalls on a professional or skilled-amateur level. And even more, it is not a shame -- just like I spent a lot of time today researching basic cooking concepts, something completely trivial for any cook or a housewife.
If you already care for a number of boxes, adding a yet another one has a really negligible cost. If it's the only box, you need to invest the time and effort, something that could be better spent doing other things. Just as long as your prepackaged appliance is good enough.
That "good enough" can make professionals wince, but I guess a good gardener would say the same if he saw your plants in a pot.
Using the wheel for the primary mode of movement is pretty clumsy.
:p
But, speaking of ways of 3D navigation people are really accustomed with... WSAD anyone?
Back in the days, I once wrote a quick hack to visualise a 3D structure. Everyone had problems navigating around the view, until I changed it to something Descent-like (it was the only fully-3D game at the time, nothing else had 6 degrees of freedom).
No matter whether it's a pretty web browser with bells and whistles or a crude tool for viewing a protein in a way not supported by the tools you had, it's a lot better to use an interface people already know. And you can bet a lot of thinking was put into designing the navigation in 3D games
Eh? Now, this is pretty much a troll, I'm afraid.
Show me a security infrastructure for any "consumer-grade" router; especially one that can notify you instead of waiting for you to check for new issues by hand. For home/small office stuff, the company which produced them stops giving a damn the moment you pay for your appliance.
Check for example the recent NetGear and D-Link DoS attacks against NTP servers. I'm pointing these out because they are more visible than just remote security holes -- if an appliance gets pwned, people hardly ever notice; at most, they just replace it if it appears to have stopped working.
The situation is hardly any better for the more expensive gear. Being a bit paranoid^Wreasonable, I don't trust Cisco pieces of crap enough to let them be addressable from either the outside world or the company network. Hiding a router is actually possible: note that point-to-point links don't require the endpoints to have a valid address; fooling the Cisco router into thinking it's in control is a matter of a few iptables rules, and then you can do the actual routing using software that hasn't been produced by a company well-known for sweeping bugs under the carpet.
Google can already follow you around the 'net using their ad network. Blogs, photos, news sites, etc., all have Google Adsense.
/etc/apt/sources.list and apt-get install dnscruft. It should be in the official repository once I bum an upload off a DD.
Since all of Google's tracking uses 3rd party servers, ypu cam trivially avoid it except for when you explicitely use one of their services. All you need to do is to get and train Adblock, do the equivalent on your Squid proxy or cut them off on your DNS and/or firewall.
For Adblock, you do know where to get it from.
For Squid, there are packages like adzapper. I'm not sure if Privoxy cuts away Google's spying, but I hope it can do it as well.
For DNS-based blocking, let me plug my own database: (no pretty page, sorry) -- on your DNS server, put deb http://angband.pl/debian sarge main into
Of course, the best idea is to have more than one layer of defense. This is a form of spying that can be easily thwarted, so there is no reason we shouldn't fight for ourselves and our networks.
Well, but if you try to run Windows in VMware, you can expect a result like this.
(Just joking... VMware is pretty much the only way to reliably test an installer for win32. Plus, anything that would force someone to reactivate Windoze every single time a new debug build of your software's installer gets run can go to hell.)
There are probably some areas that are like that, but this is one that one can only object to from a religious (hence uninformed and totally irrelevant) point of view.
A religious point of view _is_ uninformed, but I certainly wouldn't call it irrelevant. Not while one of religions makes everything they can do to wipe out any "infidels" -- first Israel, then the rest of the world, pursuing nuclear weaponry to achieve these result, and another one _already_ has nukes and keeps invading other countries for bogus reasons.
Check out this post. If it doesn't deserve to be put in Wikipedia as an example in the "ad hominem" article, I don't know what does.
The whole flamewar is quite one-sided: there is only a few people who support Java in non-free, and the whole rest opposes them. Too bad, the proponents are the DPL and more than one FTPmaster.
The current Java license is obviously unacceptable; the FAQ is ok. Too bad, the FAQ explicitely says that it doesn't bear any legal relevance, and, even worse, the license explicitely says that it can't be overridden by things like that FAQ. Thus, I'm afraid that Anthony Towns' argument that says "the FAQ makes the license fine" doesn't stand.
Fortunately, it appears that, albeit slowly, Sun actually exhibits a sliver of good will. Let's hope they'll change the license soon.
I would rather care about his list of foes.
:p
Oh crap. And it has only 5 other folks left, too
It will be equally voluntary for citizens. You don't want to be chipped, when you don't have to be a citizen either.
You're discussing brain-dead religious extremists. For them, let's go for a different argument:
Revelation 13
17 And that no man might buy or sell, save he that had the mark, or the name
of the beast, or the number of his name.
The thing is, you don't ever hear about MSIE security issues unless there is already a popular exploit in the wild.
Well, it's good to see security issues fixed instead of having them swept under the carpet. Indeed, both Microsoft and Opera lack the guts to admit they're not perfect.
However, the automated updates (Mozilla devs be praised!) make putting releases like this not worthy of a news article.
> +1 GHz 32-bit (x86) or 64-bit (x64) processor.
Not too bad for modern machines, but this is starting to get crazy for just an OS
Too bad, 386 compatibility was dropped, but I installed the previous weekly of Etch on a 486 just fine.
> +1 GB of system memory.
I know a few gamers still running 512 MB and most systems are still coming 256/512 as the default.
Right, 24MB in that box forced me to mount swap right on.
> +A graphics processor that runs Windows Aero.
> +128 MB of graphics memory.
So like 90% of machines that the big three sell will not run Aero? Most still default to 64MB or built-in cards and right now most people do not want/need more.
Bummer, the new GTK installer didn't run on an ISA Cirrus Logic whatever. I had to upgrade to an S3 card. Blargh, those inflated requirements.
> +40 GB of hard drive capacity with 15 GB free space.
This is nearly 10x the install for XP pro. Does anyone else find this a bit crazy?
40MB? Yeah, you won't manage the install unless you prepare a ready image first. Oh, wait. You said GB?
> +DVD-ROM Drive
With a 15GB install, I damn well hope it install off of a DVD and not a CD-ROM or I might die switching out CDs.
Netinst anyone?
This is just plain silly for an OS. And I am supposed to play games on top of all this?
Show me a game better than NetHack then. Two other games I consider decent are Master of Orion 2 and the Two Towers, but none of them need any better hardware than this. I can't think of any newer game being usable for more than like 100 hours of fun.
While I will commend Microsoft for trying to add security,
Ok, now you're too hilarious for me to handle.
And for those who consider this post a troll/flamebait: I'm talking about minimal requirements, I run production servers on modern SMP machines. But, something that's fast on a 386 will be lightning fast on a Pentium 17 or Überon. Something that crawls on Überon will, well, crawl on Überons.
Well, note that they're scientists specializing in that kind of stuff. And even they are getting just 90% accuracy.
A naive reader could misunderstand you and think that it's a program written by those scientists that gets 90%, but this is obviously not the case. I'm not an idiot (I hope), and I keep getting captchas wrong like half of the time.
But, could they at least do a bit of good with that information and use it to eradicate the spammers?
Nyah, I'm afraid.
There is one problem in your argumentation, I'm afraid.
The only non-negligible contenders to the Repunazi Party, the Commiecrats, are as bad or perhaps even worse. They're even more corrupt, even more populist (although the Republicans really went forward in this department during the last few years). Just think: whom do you thank for DMCA?
In the US, it's more like 3% of us and 97% of them.
Also, a lot of software tends to sync after every write, believing that this is the holy grail for data consistency. This is not true, as losing power already pretty guarantees data loss. Plus, most hardware faults cause something worse than just a clean, nice instant shutdown. Having the disks synced won't save you from most motherboard glitches, a bit faulty memory, and so on. Plus, a sudden poweroff is something that can be easily handled with an UPS; there is no such easy way to ensure the rest of the hardware will work ok.
Thus, you need backups and fallover anyway.
So, why would we bother with an immense hit to performance just to be somewhat safer from a single type of hardware issues? Lying to Postgres about syncs will get you off that 100-200 transactions per second bottleneck, and lying to dpkg makes it install packages in a tiny fraction of second while a similar piece of hardware will take several seconds for the same task.
Of course, you do have to know what you're doing. There are pieces of data where you can/need to redo the failed run anyway, and there are financial transactions where losing committed data is unacceptable.
She talks to CSO's who mostly are bean counters.
[...]
She is holding software up to the standards of bridges.
Speaking of bridges, I guess there's one she has to sell to the CSOs. An insanely overpriced bridge, too.
Selling that for FOOD? Hell, why?
It looks like you have no idea about third world countries. The laptops will be sold either for booze or for weapons.
Power over Ethernet, you say? Oh yeah!
You would have to grow that person all the brain parts they're missing first.
But of course, we'll have a lawsuit from Terri Schiavo's parents in no more than a few days.
Well, it makes you wonder whether you have been to any conference that included even a small social-like part where no one causes some stir. Usually, with alcohol involved.
:p)
Considering the amount of people involved in DebConf, it is pretty strange that there was only one scuffle.
I wish I was there and got a chance to cause some mayhem (not a fight, but surely something reportable
No, no one of those "debian-legal madmen" you're talking about endorses that license. In fact, only a single person (although it's the DPL) dared to say that it's acceptable for Debian's non-free section, and even then after a personal meeting with a Sun's person on the DebConf.
The license has pretty few clauses that are good enough even for non-free; on the other hand, those "zealots" you're bashing typically have problems with one or two issues per license. Sun's piece of crap is actually worse than their previous license.