...is being able to enjoy the small things in life, as a child would, while also being able to take the difficult things in stride, as an adult should.
Toys For Bob made some extremely fantastic, and unfortuantely severely underrated, games while I was growing up. I don't know how many hours I spend enjoying the Star Control series, but it's a lot. If Toys For Bob released a new SC game which would run well on Linux in some fashion, I'd be first in line to pay full retail price for it.
This editorial definitely seems to be for marketing purposes, being both hosted by IBM and directly confrontational about Microsoft. Still, interesting enough article; it's always tough to be brief and to the point about such a complicated subject. I especially like the author's point about the liquidity of the Microsoft "standard" API which is so touted as a counterpoint to *nix implementation -- DOS, Win16, OS/2, Win32, WinNT, WinXP,.NET, Vista... versus POSIX. Yeah, he's right, it sounds pretty ridiculous when you put it that way. That being said, the article's pretty light on the details. For those rare individuals interested in reading more than TFA, here's a little more info on UNIX and the POSIX standard.
These things want plain old P4 Gigabyte motherboards with a few hundred megs of DDR, very affordable rigs and no Linux experience necessary. There's a pretty GUI on the DVR end if you choose to put a head on it, and there's a remote web interface from which you can watch & control feed in-browser. Here's a few screenshots for you on the client end:
These particular units are limited to 16 cameras per unit, but there are higher-end DVRs which are very similar that scale higher if 'modular' isn't your bag. But these things work well. In fact, the first time I deployed one of these we put somebody away for a long time (3 strikes law) with footage from one of these DVRs, and that was before the building was even inhabited.
My company deploys Linux-powered DVRs all the time. They are basically bulletproof: embedded RHL-based systems running on commodity PC hardware. These things have zero downtime, have virtually no risk of hacking since they are embedded, and are very inexpensive to deploy. There is a company called Neon which puts together pre-configured PROMs, you just plug them into an IDE chain on a system which meets specs and you're good to go. These things are more like an appliance when they're setup than a computer, so there's not much margin for error. In fact there's no good reason I can think of to run a Windows DVR at all.
They're absolutely right. The submitter was wrong about the subject matter, and the subject matter obviously had many misonceptions about how the technology works (greater than 100% output... WTF?) But here is a look at how the technology actually works. It seems to be a motor that is simply more efficient, which is indeed a positive and achievable goal.
"But when has vendor lock-in ever enhanced the propogation of a certain technology?"
MS ".doc" comes to mind. I don't know how many times I've been asked to provide files & reports "in a standard format like MS Office," despite all the obvious drawbacks to a closed and proprietary format. I think the average 'doesn't-know-the-difference-between-hdd-capacity- and-cpu-clock-speed' consumer will accept this garbage as a given, buy it up, and those of us who actually have a clue on the matter will be the only ones crying foul about any of it. I hope I'm wrong, but with the current state of affairs I just can't see it any other way.
If solitaire was in the default software rollout, maybe policy should have been changed rather than singling out one employee. Of course, this is just another form of baby-kissing. IMHO the mayor was clearly trying to show the press that he was a tough mayor, willing to make tough decisions in the interests of being a good steward of NYC's tax money.
Then again, it could be that he was just embarrased that an employee so low on the totem pole messed up his dog and pony show.
"I strongly disagree. If you browse smartly, you won't be hit, even when you use IE. You need to be really careful, but again using the computer properly, won't get any infection..."
If by "browse smartly" you mean "only visit one or two well-known sites and go noplace else", then I agree, you probably won't get hit. But one of the points they made in this study was that spyware installed itself in a 'drive-by' fashion, with or without user interaction. Sometimes those suckers come from 3rd part ads on well-known sites, so it's hard to cover that particular vector of attack altogether. I suppose if you disabled ActiveX, Java and Flash, you might only come across malware in the case of exploitation of some unpatched flaw in IE or in Windows... but we all know how on-the-ball Microsoft is for security, so that's not a problem, right? Right?
"Define "haphazard". What filesystem and Registry permissions do you find strange from the perspective of running as a regular user?"
Well, let me begin by saying I am not just some random UNIX nut, but that I was actually an NT admin for years (although I am not one currently). But one point is that the NTFS permission and security concepts in NT5+ are sufficiently complicated that I am unable to explain them adequately here in a single post; I for one could spend a few thousand words just on the topic of standard permission groups, let alone dynamic permission inheritance. So that's at least part of it, permissions in NT are complicated, and can seemingly overlap or contradict each other at times. That makes it tricky at best to get a grasp on in the short run and a real handful to keep track of in the long run, especially to the uninitiated, and therefore ultimately difficult to implement properly. Another thing that works against the security and integrity of the system is the registry. It is a veritable snake pit of often inter-dependant, unintelligible and/or misleading values, much of it hashed or in hex. However, many popular programs require that a user have write access to the registry in order to store their settings. That opens up the question of whether the admin (assuming there is even an IT dept and we're not talking about typical home or SOHO users) will take the time to properly tune fine-grained registry permissions to allow the program(s) in question to function properly, or simply elevate the user's privileges to a higher level, therefore giving them R/W access to the entire registry. Usually the local permissions simply get elevated. In the home, people don't even think twice about giving themselves admin rights. "It's my computer, so I'm the administrator!" and all that.
With Unices, it's simply a given that users don't run as root. On most distros, attempting to log into X Windows as root you are greeted with a bright red screen and a warning message to the effect of "WTF do you think you are doing? You can break the system this way!" And software is written in a complimentary manner. User-specific settings are stored in the user's home, not in a registry or other obscure code dungeon. System wide settings are typically kept in/etc in the system's root, and are not editable by Joe or Jane Q. User. Once the system is up and going very little ever needs to be changed in a system wide manner anyway. If the situation should arise where a user needs to do something fairly often which requires elevated privileges, the user can be given sudo privs for that specific task, which typically requires the user to type their own password to execute. [I hope I'm making sense here, as I've had a very long day and quite a few distractions as I write this.;-)] Also there is the fact that privileges are much more straight-forward in concept on a UNIX system, being simply read, write and execute. There are also only three categories of ownership in a UNIX system: owner, group, and everyone else. So while some security scenarios work out better (or at least easier, not involving the creation of special-purpose groups) with NTFS permissions, the vast, overwhelming majority are much simpler and more managable on Unices. As I think history shows, this makes for a much tighter ship.
"What I continually fail to understand is why everyone I know logs in as an Administrator under Windows, even after falling victim to a virus, spyware, etc.
I hear this a lot, but there's actually a pretty good reason. Windows feels restrictive as a normal user, because its filesystem and registry permissions are so haphazard. Many programs won't even run in a non-admin account at all. UNIX is designed to make the user feel quite unrestricted as a normal user, and conventions like sudoers take this principle even further without compromising the overall security of the system.
...not a religion. I am one of the those GNU/Linux advocates, and yet I don't see the big deal about Linux powering military equipment. Something's gonna power it, so in my mind it may as well be Linux. It's just an OS, a tool. And I'd trust Linux with a job of that nature, having been involved with Linux-powered ROVs first-hand.
What really gets me is that they're apparently as dumb as they are immoral. They weren't even bright enough to use a proxy to mask their IP address, leaving their greasy fingerprints all over wikipedia for the world to see. Aside from this, I wonder how many other astroturfing operations have gone completely unnoticed by the public.
...the article portrays this as an exploitable OS vulnerability:
"We can write a backdoor for Windows that will elevate privilege, and turn around and use the code on Linux."
Problem is, we have to actually exploit and infiltrate the system itself to be able to access the BIOS. Of course having root access to a system one can compromise the system's firmware, given that the the BIOS is not write-protected. Similar virii existed in the '80's, but IIRC they would simply nuke the BIOS to prevent the system from booting without a hard flash (or replacing the CMOS).
Honestly, I don't see how I'm being unfair about it. Like I said, the libraries that required the patching will not actually be updated until the reboot. Until the system reboots, the old, unpatched libraries are still running.
"Your assumption that I'm unfamiliar with Linux is just wrong. I've installed and run Linux on numerous occassions..."
Being familiar with something and being proficient in something are two entirely different things, wouldn't you agree?
"The Linux package managers are all mediocre. You have to be aware that one thing will break another, that this library is incompatible with that etc."
Ever heard the phrase 'DLL Hell'? What about 'VXD Hell'? Windows equivilents of library incompatibilities. As for all of Linux's package managers being mediocre, you're right, I concede. Urpmi, yum, apt, etc. are all crap compared to Windows' package manager called... oh wait. Windows doesn't really have a package manager, all software is responsible for its own installation and removal. Didn't install right? Too damn bad. Won't uninstall? Tough titty. Installing software in Windows is only as good and trustworthy as the software you're installing. Apps like Norton Antivirus and AOL for instance are nearly impossible to remove completely because their uninstallers do not have your best interests in mind. Doesn't it make more sense to have a package manager be responsible for how software is added and removed? Besides, a modern distro's package manager handles all dependancies and conflicts automatically. It basically boils down to clicking a static box next to a discription of the program you want to install from the package manager's list and clicking "Install". It will handle all of the dependancies automatically. In urpmi, my update script consists of only two lines, it works unattended and it never fails.
"When is the last time your wife installed a major new piece of software on her system? Did she get you to do it or did she do it herself? How often does she do this? What does your wife actually use the system for? Email, web browsing and the occassional openoffice document is my guess. Perhaps instant messaging too? Maybe a little graphics editing ala gimp if she's adventurous? I'd guess that's about it. Answer these questions if you want to retain any credibility."
The last time she installed software on it was probably Cedega. Yes, it's not difficult, she did it herself. She uses her system for all the things most people use their PCs for... finances, internet, games, email, IM, office, photo editing, music, photo albums, scheduling, and she plays the occasional emulated SuperNES game as well (with a PSX Controller no less -- how geeky!). So aside from the emulators, pretty normal I'd say. But the whole point was that she has average needs and no problems. I manage several SOHO networks for my workstation, which is probably not an average need, but Linux suits my needs quite well also.
"With XP I learnt about a handful of utils (most GUI driven so you don't have to be familiar with 100 command line options) - I know the control panel well. I know a handful of network utils, and a handful of disk utils. Oh yes I do run a good piece of antivirus software, and a firewall. (The only pain comes when I install new hardware - my last graphics card was hell to install and it's still not quite right but that's either NVidia drivers or my motherboard and/or graphics card are faulty - I'm still not sure which)."
So let me see if I got this straight. You don't know Linux at all, you don't even know XP very well by your own admission, and yet you refuse to believe that a properly configured Linux system can run without issues? Incredible. At this point I realize what an ass I truly am for having wasted my time arguing with you to this point. If you cannot or will not see the folly in your own argument, how can we have a rational discussion on the matter?
Unfortunately, it will still not be on par with what UNIX has done for decades now in that respect, but it does sound like a step forward. As far as its real world functionality, I think we'll definately have to wait and see. I remember hearing that Windows 2000 wouldn't require reboots, XP/2003 wouldn't require reboots, and now Vista won't either.
...maybe. Wrong? Not really. The only thing more rediculous than rebooting a workstation several times after a small batch of updates though is doing the same with a server. I'm going to get a tad bit off topic, but in the same thread of throught, so bear with me. Every time someone posts on Slashdot that Unices have better uptimes than Windows boxen, you invariably get a half-dozen disgruntled Windows admins spouting off numbers of how long their servers have been up. What they don't take into account is that if those systems have been up as long as they claim, the necessary updates have not been applied. Most Windows updates still require that a system is rebooted before the patch actually takes effect. Unix-like systems, on the other hand, are routinely patched hot, and typically only require a reboot in the case of a kernel update or invasive hardware maintenance. If Microsoft does finally fix the design flaw that requires one to reboot after nearly every patch, it will not be innovative so much as becoming more Unix-like in design.
If you use a computer system you need to administer it. The only systems that don't require this are ones that do the same simple things day in and day out (retrieve email, display web pages etc). If you're generating new data you need to keep it sorted and organised. If you're adding new software you have to install, upgrade and if there's a problem solve it. That's just a fact. There's not a system on the planet let alone a desktop OS that administers itself, so stop peddling that fairytale.
I think a good part of the problem here is that you're equating all OSes with your Windows experience. *nix != Windows. I initially setup the system with the software she wanted, wrote a few scripts to keep everything updated (runs every morning at ~4:30am), and that's pretty much it. Done. It keeps itself shiny and updated, and that means all the software on the system, not just core OS updates. Linux uses a package manager to keep track of software and keep it updated, so there is no real need to manage software updates individually unless you install something that is not in your disto's repositories.
Hmmm, so you're telling me your wife who couldn't reinstall the OS on her own and who chooses an OS based on how pretty it is hasn't needed your help with her system in 2 years.
I simply *love* being called a liar for sharing being stupid enough to share personal information on Slashdot, thank you for reminding me of this fact. Nobody's asking you to ditch Windows. If you're too dumb to figure out what my non-technical wife had no problems understanding, blame yourself.
In my case, I had the wife's PC dual-booting Windows 2000 Pro (more stable than XP, for the record) and Linux. One day she asks me, "Honey? Can you reformat my PC?" Here I'm thinking she's going to want me to remove her Linux partition to make more room for Windows, right? On the contrary, she thought Linux was "prettier" and "didn't crash all the time" and saw no reason to run Windows at all. Sweet. Since my wife's fateful judgement call a few years ago, we've been an all Linux household since - 6 systems at current count. The beautiful part is that I don't have to be the IT guy for my own home, everything just works. In fact she's been running the same installation for 2 years now, still runs as lean as the day it was installed. Now that I'll drink to.;-)
Slashdot Mirror
...is being able to enjoy the small things in life, as a child would, while also being able to take the difficult things in stride, as an adult should.
Ahh yes, the Tao Of Pooh... Because there is so much you can learn from a bear of very little brains.
Toys For Bob made some extremely fantastic, and unfortuantely severely underrated, games while I was growing up. I don't know how many hours I spend enjoying the Star Control series, but it's a lot. If Toys For Bob released a new SC game which would run well on Linux in some fashion, I'd be first in line to pay full retail price for it.
This editorial definitely seems to be for marketing purposes, being both hosted by IBM and directly confrontational about Microsoft. Still, interesting enough article; it's always tough to be brief and to the point about such a complicated subject. I especially like the author's point about the liquidity of the Microsoft "standard" API which is so touted as a counterpoint to *nix implementation -- DOS, Win16, OS/2, Win32, WinNT, WinXP, .NET, Vista... versus POSIX. Yeah, he's right, it sounds pretty ridiculous when you put it that way. That being said, the article's pretty light on the details. For those rare individuals interested in reading more than TFA, here's a little more info on UNIX and the POSIX standard.
1 FPS to 30 per feed.
These things want plain old P4 Gigabyte motherboards with a few hundred megs of DDR, very affordable rigs and no Linux experience necessary. There's a pretty GUI on the DVR end if you choose to put a head on it, and there's a remote web interface from which you can watch & control feed in-browser. Here's a few screenshots for you on the client end:
#1 #2 #3
These particular units are limited to 16 cameras per unit, but there are higher-end DVRs which are very similar that scale higher if 'modular' isn't your bag. But these things work well. In fact, the first time I deployed one of these we put somebody away for a long time (3 strikes law) with footage from one of these DVRs, and that was before the building was even inhabited.
My company deploys Linux-powered DVRs all the time. They are basically bulletproof: embedded RHL-based systems running on commodity PC hardware. These things have zero downtime, have virtually no risk of hacking since they are embedded, and are very inexpensive to deploy. There is a company called Neon which puts together pre-configured PROMs, you just plug them into an IDE chain on a system which meets specs and you're good to go. These things are more like an appliance when they're setup than a computer, so there's not much margin for error. In fact there's no good reason I can think of to run a Windows DVR at all.
They're absolutely right. The submitter was wrong about the subject matter, and the subject matter obviously had many misonceptions about how the technology works (greater than 100% output... WTF?) But here is a look at how the technology actually works. It seems to be a motor that is simply more efficient, which is indeed a positive and achievable goal.
MS ".doc" comes to mind. I don't know how many times I've been asked to provide files & reports "in a standard format like MS Office," despite all the obvious drawbacks to a closed and proprietary format. I think the average 'doesn't-know-the-difference-between-hdd-capacity- and-cpu-clock-speed' consumer will accept this garbage as a given, buy it up, and those of us who actually have a clue on the matter will be the only ones crying foul about any of it. I hope I'm wrong, but with the current state of affairs I just can't see it any other way.
Then again, it could be that he was just embarrased that an employee so low on the totem pole messed up his dog and pony show.
If by "browse smartly" you mean "only visit one or two well-known sites and go noplace else", then I agree, you probably won't get hit. But one of the points they made in this study was that spyware installed itself in a 'drive-by' fashion, with or without user interaction. Sometimes those suckers come from 3rd part ads on well-known sites, so it's hard to cover that particular vector of attack altogether. I suppose if you disabled ActiveX, Java and Flash, you might only come across malware in the case of exploitation of some unpatched flaw in IE or in Windows ... but we all know how on-the-ball Microsoft is for security, so that's not a problem, right? Right?
Well, let me begin by saying I am not just some random UNIX nut, but that I was actually an NT admin for years (although I am not one currently). But one point is that the NTFS permission and security concepts in NT5+ are sufficiently complicated that I am unable to explain them adequately here in a single post; I for one could spend a few thousand words just on the topic of standard permission groups, let alone dynamic permission inheritance. So that's at least part of it, permissions in NT are complicated, and can seemingly overlap or contradict each other at times. That makes it tricky at best to get a grasp on in the short run and a real handful to keep track of in the long run, especially to the uninitiated, and therefore ultimately difficult to implement properly. Another thing that works against the security and integrity of the system is the registry. It is a veritable snake pit of often inter-dependant, unintelligible and/or misleading values, much of it hashed or in hex. However, many popular programs require that a user have write access to the registry in order to store their settings. That opens up the question of whether the admin (assuming there is even an IT dept and we're not talking about typical home or SOHO users) will take the time to properly tune fine-grained registry permissions to allow the program(s) in question to function properly, or simply elevate the user's privileges to a higher level, therefore giving them R/W access to the entire registry. Usually the local permissions simply get elevated. In the home, people don't even think twice about giving themselves admin rights. "It's my computer, so I'm the administrator!" and all that.
With Unices, it's simply a given that users don't run as root. On most distros, attempting to log into X Windows as root you are greeted with a bright red screen and a warning message to the effect of "WTF do you think you are doing? You can break the system this way!" And software is written in a complimentary manner. User-specific settings are stored in the user's home, not in a registry or other obscure code dungeon. System wide settings are typically kept in /etc in the system's root, and are not editable by Joe or Jane Q. User. Once the system is up and going very little ever needs to be changed in a system wide manner anyway. If the situation should arise where a user needs to do something fairly often which requires elevated privileges, the user can be given sudo privs for that specific task, which typically requires the user to type their own password to execute. [I hope I'm making sense here, as I've had a very long day and quite a few distractions as I write this. ;-)] Also there is the fact that privileges are much more straight-forward in concept on a UNIX system, being simply read, write and execute. There are also only three categories of ownership in a UNIX system: owner, group, and everyone else. So while some security scenarios work out better (or at least easier, not involving the creation of special-purpose groups) with NTFS permissions, the vast, overwhelming majority are much simpler and more managable on Unices. As I think history shows, this makes for a much tighter ship.
-AT
I hear this a lot, but there's actually a pretty good reason. Windows feels restrictive as a normal user, because its filesystem and registry permissions are so haphazard. Many programs won't even run in a non-admin account at all. UNIX is designed to make the user feel quite unrestricted as a normal user, and conventions like sudoers take this principle even further without compromising the overall security of the system.
Thanks, I coined it as far as I know. Consider it GPL'ed
...not a religion. I am one of the those GNU/Linux advocates, and yet I don't see the big deal about Linux powering military equipment. Something's gonna power it, so in my mind it may as well be Linux. It's just an OS, a tool. And I'd trust Linux with a job of that nature, having been involved with Linux-powered ROVs first-hand.
What really gets me is that they're apparently as dumb as they are immoral. They weren't even bright enough to use a proxy to mask their IP address, leaving their greasy fingerprints all over wikipedia for the world to see. Aside from this, I wonder how many other astroturfing operations have gone completely unnoticed by the public.
"We can write a backdoor for Windows that will elevate privilege, and turn around and use the code on Linux."
Problem is, we have to actually exploit and infiltrate the system itself to be able to access the BIOS. Of course having root access to a system one can compromise the system's firmware, given that the the BIOS is not write-protected. Similar virii existed in the '80's, but IIRC they would simply nuke the BIOS to prevent the system from booting without a hard flash (or replacing the CMOS).
I recently installed Linux on a Powerbook laptop. Why? Because the laptop was only $40, it works, and it runs my favorite OS. The question is why not?
Honestly, I don't see how I'm being unfair about it. Like I said, the libraries that required the patching will not actually be updated until the reboot. Until the system reboots, the old, unpatched libraries are still running.
"The Linux package managers are all mediocre. You have to be aware that one thing will break another, that this library is incompatible with that etc."
"When is the last time your wife installed a major new piece of software on her system? Did she get you to do it or did she do it herself? How often does she do this? What does your wife actually use the system for? Email, web browsing and the occassional openoffice document is my guess. Perhaps instant messaging too? Maybe a little graphics editing ala gimp if she's adventurous? I'd guess that's about it. Answer these questions if you want to retain any credibility."
"With XP I learnt about a handful of utils (most GUI driven so you don't have to be familiar with 100 command line options) - I know the control panel well. I know a handful of network utils, and a handful of disk utils. Oh yes I do run a good piece of antivirus software, and a firewall. (The only pain comes when I install new hardware - my last graphics card was hell to install and it's still not quite right but that's either NVidia drivers or my motherboard and/or graphics card are faulty - I'm still not sure which)."
Unfortunately, it will still not be on par with what UNIX has done for decades now in that respect, but it does sound like a step forward. As far as its real world functionality, I think we'll definately have to wait and see. I remember hearing that Windows 2000 wouldn't require reboots, XP/2003 wouldn't require reboots, and now Vista won't either.
...maybe. Wrong? Not really. The only thing more rediculous than rebooting a workstation several times after a small batch of updates though is doing the same with a server. I'm going to get a tad bit off topic, but in the same thread of throught, so bear with me. Every time someone posts on Slashdot that Unices have better uptimes than Windows boxen, you invariably get a half-dozen disgruntled Windows admins spouting off numbers of how long their servers have been up. What they don't take into account is that if those systems have been up as long as they claim, the necessary updates have not been applied. Most Windows updates still require that a system is rebooted before the patch actually takes effect. Unix-like systems, on the other hand, are routinely patched hot, and typically only require a reboot in the case of a kernel update or invasive hardware maintenance. If Microsoft does finally fix the design flaw that requires one to reboot after nearly every patch, it will not be innovative so much as becoming more Unix-like in design.
I think a good part of the problem here is that you're equating all OSes with your Windows experience. *nix != Windows. I initially setup the system with the software she wanted, wrote a few scripts to keep everything updated (runs every morning at ~4:30am), and that's pretty much it. Done. It keeps itself shiny and updated, and that means all the software on the system, not just core OS updates. Linux uses a package manager to keep track of software and keep it updated, so there is no real need to manage software updates individually unless you install something that is not in your disto's repositories.
I simply *love* being called a liar for sharing being stupid enough to share personal information on Slashdot, thank you for reminding me of this fact. Nobody's asking you to ditch Windows. If you're too dumb to figure out what my non-technical wife had no problems understanding, blame yourself.
Cheers,
-AT