I know that these are your specific complaints against Windows, and that's fine, but I am going to piggyback on this to talk more generally since most of your complaints are fairly generic or can be generalized.
1. Windows has a terrible interface, both Windows 7 and 8 have ugly, inflexible displays.
"ugly" is in the eye of the beholder - frankly, I find KDE and Gnome to be ugly (especially the font rendering... shit, it's 2013, can't you figure out how to render fonts yet?)
As far as flexibility, Windows is a lot more flexible that any Linux I've tried when it comes to multi-monitor setups without me having to muck with configs. And my settings don't randomly get lost.
2. Windows still doesn't have proper package management. Which leads to...
3. With Windows every app has its own update process that takes up resources and nag the user.
No doubt. It's a serious issue. However, can you imagine hell that everyone would raise if Microsoft wanted to offer such a service? They catch flak for almost everything they do.
4. Malware and adware is thick on Windows.
Windows 7 has made tremendous strides forward when it comes to security. I'm no Microsoft apologist, but when they try to improve things three things bite them in the ass: (a) backwards compatibility (aka "my Windows 95 program can't do X! Why doesn't it work, stupid Microsoft!"); (b) users who insist on running with elevated privileges. (c) complaints when good stuff gets implemented (such as PatchGuard, which antivirus vendors went crazy about).
5. Windows doesn't come bundled with common tools I use, such as a compiler, OpenSSH, productivity suite, etc.
And cars don't come bundled with gasoline. And houses don't come bundled with furniture. And groceries don't come bundled with chefs.
You are seriously complaining because Windows doesn't come bundled with stuff? And wasn't bundling stuff what got Microsoft into trouble before?
9. Windows lacks containers/jails.
"The esoteric feature that I want is missing. It serves no practical purpose and isn't needed in the product's target market, but I want it. And it's not there. Why is it not there!?!?"
10. Windows lacks a good, advanced file system like ZFS.
NTFS is a pretty decent filesystem. It doesn't have flashy features and it's not hip, but it gets the job done, it's reliable and you know what... those are the two primary considerations for a filesystem. At least for most people.
11. Windows has poor driver support, requiring hardware be bundled with driver discs that take a long time to load and include apps that nag the user.
You're joking, right? Windows hardware support is excellent and it comes bundled with not only a boatload of drivers, but offers a way of automatically downloading and installing drivers for new devices. Don't blame Windows if some vendors don't want to allow Microsoft to ship drivers, or if their hardware requires a super-special driver to set a hardware register to the length of the lead hardware engineers penis before it will work. As for the driver discs, you'll find that they almost always bundled with crap - the vendor's "custom" scan toolkit, a copy of Acrobat, a manual in PDF form, etc.
12. I can't hack on the Windows source code.
Don't take this personally, but your programming skills almost certainly make that a good thing. And let's be realistic - for the overwhelming majority of computer users, the computer is an appliance. They don't need or want to know how it works. They just want it to work. So you can imagine how they feel about "hacking source code."
What's a gross underestimate is "reinstalling one machine per hour". Maybe if you're lucky and can do image-based deployments, where everything is already on the image and all you do is image it onto the drive. Then an hour per machine would be a realistic estimate.
But chances are they would have to install Windows separately on each machine, followed by the tedious process of downloading and waiting for update after update to install, then installing virus and security software, "productivity suites" and any other software that they need, each likely to have its own updates. Don't forget installing drivers for hardware, which may differ from machine to machine, setting up printers (local and network), mounting network shares, applying security policies, and so on and so forth.
So yeah... 1 machine per hour isn't a "gross overestimate". It's a gross understimate.
All they need is the funding to get the first of devices built - devices they plan on shipping as soon as they can assemble them. Look at the Kickstarter. Something tells me that the DUO will be more widely available before the LEAP, despite the "headstart" that LEAP has - they've been at this for how long now and all they have to show is a pretty webpage and a press onslaught in response to a Kickstarter project.
You can argue that the price of the DUO is high, but the DUO guys aren't funded by venture capitalists and are trying to put out an open solution with Creative Commons licensed components and drivers for Linux. The LEAP guys got a few million and spent a ton of money designing a fancy enclosure and have been limiting who can access the SDK. Perpahsp you like that sort of thing - fancy enclosures and limited access. But working hardware, that I can tweak is more important to me.
They aren't just making claims - a simpe look through their videos demostrates that the device has ridiculously low latency - check out this Youtube Video recorded at 240 frames per second and see how accurately the tracking is. As for hard numbers, I'm curious exactly what numbers you're looking for? What units would such accuracy numbers be reported in? I tried a LEAP first hand, and it doesn't seem nearly as fast or as precise.
Amen to that. That's why I'm excited about the DUO. Even at $110 it's a great deal if you look at the specs of the hardware, the capabilities it has and what their software does according to the video highlights (their tracking of a hand through a 180 degree turn is very impressive). I don't get why LEAP is restricting their SDK and limiting who can be a developer and what people can use the device for.
I'll say it before and I'll say it again, if we as members of a community that values open-source projects (whether it be open hardware or open software) want to have more open source projects then we should back the projects we have now. That's why I contributed to the DUO and that's why I think you should too, on Kickstarter.
Right... so why not support the DUO instead, which is a solution that promises to be open, so you can take the hardware and the driver and modify them and then playing with OpenCV?
And by the way, since you mentioned OpenCV: from the looks of it, the guys behind the DUO seem to have a long history of contributing to that project too - have the guys behind LEAP done the same?
Even if they do have Linux support, will it be open, or will it still more proprietary stuff? And haven't we heard this tune before anyways? An upstart (in this case, the duo) appears, and all of a sudden these guys that have been sitting pretty with their thumb out of view somewhere make a lot of noise about "hundreds of thousands of preorders"... yeah, well... preorders are fine and dandy, but when do we see the product? Those other guys seem to have everything ready to go and I'm going to vote with my dollars on kickstarter.
In my defense, I don't think the summary is misrepresenting because of any fault of my own - I more or less quoted the actual article.
That's not to say that the article isn't misrepresenting the situation. Someone else here already pointed out that mega de-duped submissions, and that they may have continued making the files available. This would make the subsequent action taken by the FBI "reasonable" (in the sense that they didn't force them to retain something only to then legally pursue them for complying and retaining it).
"If the program dynamically links the plug-in [...] they form a single program, which must be treated as an extension of both the main program and the plugin.".
To understand just how nonsensical this position is, let's flip things around a bit: You distrubute a program you wrote, let's call it coolprog. It's free, but released under a proprietary license that allows arbitrary redistrubition.
A year later, I begin work on implementing a glibc replacement completely from scratch. I code furiously for a weekend, fueled by copious amounts of Shasta and an all-Rush mixtape, and finally release my new masterpience: an ABI compatible glibc replacement. I license it to the world under the GPL. Next, I download a copy of your program, package it up with a copy of my library and a script to launch it, and release it. Per your license, this is perfectly fine: after all, you allow redistribution.
Except, one of the things my script does is to use LD_PRELOAD to force-load my glibc-replacement, which, if you will remember, I have released under GPL, instead of the standard LGPL version. One person downloads my release and proceeds to run it. Your program now gets dynamically linked with my GPL'd glibc replacement. And now what?
Under the "if the program dynamically links the plug-in [...] they form a single program, which must be treated as an extension of both the main program and the plugin." interpretation of the FSF, your program has linked against my GPL work and, therefore, is a derived work... Right?
This is just one small example of why the "linking creates a new derived work" notion is bullshit..
I specifically quoted OPs statement about Explorer, a core Windows component, and Adobe, a popular, non-Microsoft program, and was responding to that. I don't know if various Office programs exhibit this behavior, but if they do, the people at Microsoft responsible should be blamed. But not the people at some unrelated division.
The point was that this isn't something inherent to the design of Windows. It was something that was caused by the choice of flags used by the programmers when calling the Windows API. With that said, there's a legitimate issue in renaming under Windows, caused by the operating system itself, but it doesn't involve files; it involves directories: you cannot rename a directory if a file inside that directory is open.
Oh look, I can't rename that file in Explorer until I close the file in Word (repeat for any other program and file). [...] Hell, I can't even rename a PDF file that I happen to simultaneously have open in Adobe Reader, and it's read-only!
Don't blame Windows for that. Blame the programmers who coded the app in which you opened the file. Because they are the ones who called CreateFile to open the file, and set the share mode to either 0 (which means that nobody else can open the file) or to FILE_SHARE_READ (which means others can only open the file to read its contents). If they had set the share mode to FILE_SHARE_DELETE in one API, you could delete and rename the file to your heart's content!
But I guess it's just easier to just blame Microsoft.
[...] the "educational" software available on linux (for free no less) is vastly more available/abundant than on windows
Even if that is true, that may not be the only concern. When your book comes with a CD and bundled apps that require Windows, the abundance of other software (free or not) on Linux doesn't help. When your school requires that a certain online-test-taking application (really, just a custom shell for an IE control) be used to access the online tests, that your Linux browser of choice can also render HTML (better than IE, even) doesn't help.
There is more to this than "let's get kids using Linux, yay!". The simple fact of the matter is Windows is used in the vast majority of desktop and so educational software written by publishers and used by school usually targets that platform. Kids have to use Windows software if their school curriculum mandates the use of materials that only run on Windows. It's no different than the situation some of us face at work, where we have to run the software that our employers require. I have to run Windows at work, because I develop software for a living and the company develops Windows software. I also have to use Outlook because that's what the IT department requires and they don't care that Thunderbird can also access the mail server too.
I don't necessarily disagree re: OpenOffice/LibreOffice/whateverit'scalledtoday. It is pretty good in saving most basic stuff in vanilla.doc although I wouldn't call it perfect. I've never used the spreadsheet and presentation apps, so I can't speak to those but let's assume that they are also good enough for the majority of school work.
The problem is that this isn't the only suite of apps that kids have to use for school work, your sisters' experience notwithstanding. Some of those apps, luckily, are done in Java, so they can work on Linux systems, but not all. A friend of mine had to deal with a number of Windows-only apps that are required for his kids schoolwork, and he eventually gave up and installed XP, rather than deal with Wine or contacting the school and the publisher. So while in your particular case and context, Linux works fine, you should be careful about extrapolating that, therefore, Linux works fine for everyone in the same context.
As for your contention that most stuff is done through a browser, online, it's true that more and more stuff is now done through browsers. That's not as great as you imagine. Do you know how many educational applications have browser version checking and how many of them actually "require" the use of IE? The reason, of course, is that they want to minimize their testing & support, and the webapp might work perfectly on your browser of choice once you tweak the browser agent string. And while you may be able to easily figure that out and do the necessary tweaks, this isn't about you. It's about a kid that has no idea about Linux, Windows and browser agent strings, or about their technically inept parents.
Does not compute... He didn't say there's NO educational software available on Linux. Only that most such software (and games) are Windows-only. Which is certainly true.
And while it may be fine to say that there are Linux alternatives for some educational apps, good luck having a kid find the Linux alternative to the particular app that comes with the book used in the class or the one which his school/teacher requires that he use. But let's say the kid does find the Linux alternative. Unless that alternative is 100% compatible with the Windows version (which the teacher is likely to use) vis-à-vis the files/output it generates then it's practically useless.
But only practically. Through the wonders of the GPL we can tell the kid to fix the app and commit the changes back to the community and everyone will be happy. Especially the kid who will make a dead-on Homer Simpson "Oh, look at me! I'm making people happy! I'm the Magical Man from Happy-Land, in a gumdrop house on Lollipop Lane!"
But that only keeps you safe if your storage media is somehow stolen. Given that the media is soldered into the phone, that's an unlikely scenario.
First of all, it is not an unlikely scenario. Why should someone bothering with getting the media when they can simply get the container of the media much more easily. Secondly, that is the only scenario where encryption helps -- your phone is stolen, or taken by police or somesuch. I would venture to say that is a very probable scenario, and from a risk analysis point of view one that must be addressed. And that's why encryption makes sense.
But if the attacker can gain access to your phone (or computer) so as to modify it and then return it for you to reuse it's game over. There's nothing that can protect against such an attack.
There is no real way of storing a password securely in an encrypted form, without requiring a password to decrypt it.
That is certainly true. But at the same time, it points to how Android (or iOS, or WP7 and so on) could implement better security. Encrypt all files (say with AES-128 for the purposes of this discussion) using a randomly generated AES key. Then encrypt that key with a password/passphrase required when the phone boots. This would ensure that data would be stored securely when at-rest, which is a step in the right direction.
Protecting the device while it's running is, of course, trickier. Clearly, the device needs to be able to securely lock itself and allow unlocking only when the proper credentials are used. A more tricky question is what happens when you plug a USB port into the device. Ideally, the system should prompt in a secure fashion, asking for authorization to enable the USB port. Furthermore, critical security-related files, such as the keychain and any encrypted data stores should only be exportable in their encrypted form.
Someone might, at this point say, "ahh! but the attacker can install some special software on the phone and it's game over!" True, an attacker can do that. He can gain access to a computer/smartphone, modify it and then return it for you to use. Frankly, there's no way to protect against that scenario, and it is not the scenario that encryption is supposed to solve. Encryption is meant to allow your data to be secure and non-accessible after the device itself is taken from you -- whether it is stolen by a thief or taken by the police during a traffic stop or during an arrest.
OK, so you store a hash. Now this means that the hash (remember, hashes are one-way -- you can't get the password back from the hash) itself must be usable to log into your account. In other words, the hash itself is a password.
Password hashing is meaningful only on the server-side (by server-side, in this case, I mean whichever side of the protocol does the validation of the username/password and grants access) and not on the client side.
DriveShare is pretty nice. It's really kind of addictive to be able to access all my files from my iPhone and from any machine and to not worry about having to give Dropbox (or any Dropbox) access to it.
Nonsense. A simple, properly implemented salted hash is perfectly adequate for the vast majority of sites, provided you use large (at least 32 bit and preferably 64 bit) random salts, and a cryptographically secure hash algorithm (although I would avoid MD5).
It might cost them some time, and possibly some money, but it wouldn't be at all impossible to rent some time on EC2 or a botnet to effectively create their own specialized rainbow table for the job.
I'm sorry, but this borders on nonsensical... Assume each user has a distinct, hopefully large (at least 32-bit and preferably 64-bit) salt, generated by a cryptographically secure PRNG and the SHA-1 algorithm for hashing. What does this mean? If Eve somehow gets a dump of the salted-hashed passwords from Alice's database, she would need to generate a unique rainbow table for each user. Sure, Eve could just target one particular user from the database -- say Bob -- explicitly and get together enough computing power to attempt to mount a brute-force attack on the salted-hash, but that's an awful lot of work to compromise one account.
So much work, in fact, that will almost certainly make an attacker choose a different attack vector. It's just an impractical attack for all but the most well-funded adversaries -- adversaries who work for three-letter government agencies that employ more mathematicians and programmers than you can count, and who run massive data centers that require their own, dedicated power plants -- and who are targeting a particular very-high-value target, we're talking about the sort of attackers who work for.
Password stretching, as you mention, is a great idea, and more people should use it. But a simple salted hash, provided the salt is large and the hash is cryptographically secure, is almost certainly good enough for the vast majority of applications.
Is it too cynical to mention that the US government has a vested interest in denigrating Bin Laden, and that he's no longer around to deny this claim?
It's not cynical to mention it, however, it's unclear what the US government gains by releasing this information however. The overwhelming majority of people fall into one of two categories: those who see bin Laden as a moral compass and those who see him as a terrorist thug, beyond redemption. The former won't believe the porn story and will assume it's propaganda to discredit and insult bin Laden; the latter wouldn't care about whether bin Laden liked scheiße porn.
This may be cynical of me, but I wish you'd added a "Warning: FUD story ahead, submitted by the writer of the story" disclaimer to the FUD "twitpic will sell your pics!!!!1111one!!! I HAVE DIVINED THIS FROM TEA LEAVES!" story you approved by Andy Smith.
The OP says that a practical issue is whether one should trust closed source software to do this?
Because, of course, being closed source should implicitly invoke gloomy music, dark clouds and cause people to break out in a cold sweat? Seriously, enough with this bullc*** already... There's nothing inherently wrong with running closed source software, nor is a given piece of software magically better by virtue of being open-source, nor are open-source developers somehow better than those who develop closed-source software.
There's legitimate arguments to be made that open-source has advantages. That open-source is, somehow, more trustworthy, isn't one such argument. And it's high time we stopped peddling it as one, or accepting it as one.
LOL... Everything is Microsoft's fault. Sure enough this must be Slashdot. Perhaps Microsoft doesn't issue patches as fast you'd like -- or as fast they could -- but that doesn't detract from the fact that Tavis' behavior in this situation was completely irresponsible.
Slashdot Mirror
"ugly" is in the eye of the beholder - frankly, I find KDE and Gnome to be ugly (especially the font rendering... shit, it's 2013, can't you figure out how to render fonts yet?) As far as flexibility, Windows is a lot more flexible that any Linux I've tried when it comes to multi-monitor setups without me having to muck with configs. And my settings don't randomly get lost.
No doubt. It's a serious issue. However, can you imagine hell that everyone would raise if Microsoft wanted to offer such a service? They catch flak for almost everything they do.
Windows 7 has made tremendous strides forward when it comes to security. I'm no Microsoft apologist, but when they try to improve things three things bite them in the ass: (a) backwards compatibility (aka "my Windows 95 program can't do X! Why doesn't it work, stupid Microsoft!"); (b) users who insist on running with elevated privileges. (c) complaints when good stuff gets implemented (such as PatchGuard, which antivirus vendors went crazy about).
And cars don't come bundled with gasoline. And houses don't come bundled with furniture. And groceries don't come bundled with chefs. You are seriously complaining because Windows doesn't come bundled with stuff? And wasn't bundling stuff what got Microsoft into trouble before?
"The esoteric feature that I want is missing. It serves no practical purpose and isn't needed in the product's target market, but I want it. And it's not there. Why is it not there!?!?"
NTFS is a pretty decent filesystem. It doesn't have flashy features and it's not hip, but it gets the job done, it's reliable and you know what... those are the two primary considerations for a filesystem. At least for most people.
You're joking, right? Windows hardware support is excellent and it comes bundled with not only a boatload of drivers, but offers a way of automatically downloading and installing drivers for new devices. Don't blame Windows if some vendors don't want to allow Microsoft to ship drivers, or if their hardware requires a super-special driver to set a hardware register to the length of the lead hardware engineers penis before it will work. As for the driver discs, you'll find that they almost always bundled with crap - the vendor's "custom" scan toolkit, a copy of Acrobat, a manual in PDF form, etc.
Don't take this personally, but your programming skills almost certainly make that a good thing. And let's be realistic - for the overwhelming majority of computer users, the computer is an appliance. They don't need or want to know how it works. They just want it to work. So you can imagine how they feel about "hacking source code."
What's a gross underestimate is "reinstalling one machine per hour". Maybe if you're lucky and can do image-based deployments, where everything is already on the image and all you do is image it onto the drive. Then an hour per machine would be a realistic estimate.
But chances are they would have to install Windows separately on each machine, followed by the tedious process of downloading and waiting for update after update to install, then installing virus and security software, "productivity suites" and any other software that they need, each likely to have its own updates. Don't forget installing drivers for hardware, which may differ from machine to machine, setting up printers (local and network), mounting network shares, applying security policies, and so on and so forth.
So yeah... 1 machine per hour isn't a "gross overestimate". It's a gross understimate.
All they need is the funding to get the first of devices built - devices they plan on shipping as soon as they can assemble them. Look at the Kickstarter. Something tells me that the DUO will be more widely available before the LEAP, despite the "headstart" that LEAP has - they've been at this for how long now and all they have to show is a pretty webpage and a press onslaught in response to a Kickstarter project.
You can argue that the price of the DUO is high, but the DUO guys aren't funded by venture capitalists and are trying to put out an open solution with Creative Commons licensed components and drivers for Linux. The LEAP guys got a few million and spent a ton of money designing a fancy enclosure and have been limiting who can access the SDK. Perpahsp you like that sort of thing - fancy enclosures and limited access. But working hardware, that I can tweak is more important to me.
They aren't just making claims - a simpe look through their videos demostrates that the device has ridiculously low latency - check out this Youtube Video recorded at 240 frames per second and see how accurately the tracking is. As for hard numbers, I'm curious exactly what numbers you're looking for? What units would such accuracy numbers be reported in? I tried a LEAP first hand, and it doesn't seem nearly as fast or as precise.
I'll say it before and I'll say it again, if we as members of a community that values open-source projects (whether it be open hardware or open software) want to have more open source projects then we should back the projects we have now. That's why I contributed to the DUO and that's why I think you should too, on Kickstarter.
Right... so why not support the DUO instead, which is a solution that promises to be open, so you can take the hardware and the driver and modify them and then playing with OpenCV? And by the way, since you mentioned OpenCV: from the looks of it, the guys behind the DUO seem to have a long history of contributing to that project too - have the guys behind LEAP done the same?
It their driver open source, or is it going to be more binary blobs ala nvidia for me to link into my kernel?
Even if they do have Linux support, will it be open, or will it still more proprietary stuff? And haven't we heard this tune before anyways? An upstart (in this case, the duo) appears, and all of a sudden these guys that have been sitting pretty with their thumb out of view somewhere make a lot of noise about "hundreds of thousands of preorders"... yeah, well... preorders are fine and dandy, but when do we see the product? Those other guys seem to have everything ready to go and I'm going to vote with my dollars on kickstarter.
The DUO is pretty sleek and seems to have extremely high accuracy while tracking. Disclosure: I contributed to their kickstarter.
That's not to say that the article isn't misrepresenting the situation. Someone else here already pointed out that mega de-duped submissions, and that they may have continued making the files available. This would make the subsequent action taken by the FBI "reasonable" (in the sense that they didn't force them to retain something only to then legally pursue them for complying and retaining it).
To understand just how nonsensical this position is, let's flip things around a bit: You distrubute a program you wrote, let's call it coolprog. It's free, but released under a proprietary license that allows arbitrary redistrubition.
A year later, I begin work on implementing a glibc replacement completely from scratch. I code furiously for a weekend, fueled by copious amounts of Shasta and an all-Rush mixtape, and finally release my new masterpience: an ABI compatible glibc replacement. I license it to the world under the GPL. Next, I download a copy of your program, package it up with a copy of my library and a script to launch it, and release it. Per your license, this is perfectly fine: after all, you allow redistribution.
Except, one of the things my script does is to use LD_PRELOAD to force-load my glibc-replacement, which, if you will remember, I have released under GPL, instead of the standard LGPL version. One person downloads my release and proceeds to run it. Your program now gets dynamically linked with my GPL'd glibc replacement. And now what?
Under the "if the program dynamically links the plug-in [...] they form a single program, which must be treated as an extension of both the main program and the plugin." interpretation of the FSF, your program has linked against my GPL work and, therefore, is a derived work... Right?
This is just one small example of why the "linking creates a new derived work" notion is bullshit..
I specifically quoted OPs statement about Explorer, a core Windows component, and Adobe, a popular, non-Microsoft program, and was responding to that. I don't know if various Office programs exhibit this behavior, but if they do, the people at Microsoft responsible should be blamed. But not the people at some unrelated division.
The point was that this isn't something inherent to the design of Windows. It was something that was caused by the choice of flags used by the programmers when calling the Windows API. With that said, there's a legitimate issue in renaming under Windows, caused by the operating system itself, but it doesn't involve files; it involves directories: you cannot rename a directory if a file inside that directory is open.
Don't blame Windows for that. Blame the programmers who coded the app in which you opened the file. Because they are the ones who called CreateFile to open the file, and set the share mode to either 0 (which means that nobody else can open the file) or to FILE_SHARE_READ (which means others can only open the file to read its contents). If they had set the share mode to FILE_SHARE_DELETE in one API, you could delete and rename the file to your heart's content!
But I guess it's just easier to just blame Microsoft.
TNG certainly showcased a tablet like device (the "PADD") in most of the shows.
Even if that is true, that may not be the only concern. When your book comes with a CD and bundled apps that require Windows, the abundance of other software (free or not) on Linux doesn't help. When your school requires that a certain online-test-taking application (really, just a custom shell for an IE control) be used to access the online tests, that your Linux browser of choice can also render HTML (better than IE, even) doesn't help.
There is more to this than "let's get kids using Linux, yay!". The simple fact of the matter is Windows is used in the vast majority of desktop and so educational software written by publishers and used by school usually targets that platform. Kids have to use Windows software if their school curriculum mandates the use of materials that only run on Windows. It's no different than the situation some of us face at work, where we have to run the software that our employers require. I have to run Windows at work, because I develop software for a living and the company develops Windows software. I also have to use Outlook because that's what the IT department requires and they don't care that Thunderbird can also access the mail server too.
I don't necessarily disagree re: OpenOffice/LibreOffice/whateverit'scalledtoday. It is pretty good in saving most basic stuff in vanilla .doc although I wouldn't call it perfect. I've never used the spreadsheet and presentation apps, so I can't speak to those but let's assume that they are also good enough for the majority of school work.
The problem is that this isn't the only suite of apps that kids have to use for school work, your sisters' experience notwithstanding. Some of those apps, luckily, are done in Java, so they can work on Linux systems, but not all. A friend of mine had to deal with a number of Windows-only apps that are required for his kids schoolwork, and he eventually gave up and installed XP, rather than deal with Wine or contacting the school and the publisher. So while in your particular case and context, Linux works fine, you should be careful about extrapolating that, therefore, Linux works fine for everyone in the same context.
As for your contention that most stuff is done through a browser, online, it's true that more and more stuff is now done through browsers. That's not as great as you imagine. Do you know how many educational applications have browser version checking and how many of them actually "require" the use of IE? The reason, of course, is that they want to minimize their testing & support, and the webapp might work perfectly on your browser of choice once you tweak the browser agent string. And while you may be able to easily figure that out and do the necessary tweaks, this isn't about you. It's about a kid that has no idea about Linux, Windows and browser agent strings, or about their technically inept parents.
Does not compute... He didn't say there's NO educational software available on Linux. Only that most such software (and games) are Windows-only. Which is certainly true.
And while it may be fine to say that there are Linux alternatives for some educational apps, good luck having a kid find the Linux alternative to the particular app that comes with the book used in the class or the one which his school/teacher requires that he use. But let's say the kid does find the Linux alternative. Unless that alternative is 100% compatible with the Windows version (which the teacher is likely to use) vis-à-vis the files/output it generates then it's practically useless.
But only practically. Through the wonders of the GPL we can tell the kid to fix the app and commit the changes back to the community and everyone will be happy. Especially the kid who will make a dead-on Homer Simpson "Oh, look at me! I'm making people happy! I'm the Magical Man from Happy-Land, in a gumdrop house on Lollipop Lane!"
First of all, it is not an unlikely scenario. Why should someone bothering with getting the media when they can simply get the container of the media much more easily. Secondly, that is the only scenario where encryption helps -- your phone is stolen, or taken by police or somesuch. I would venture to say that is a very probable scenario, and from a risk analysis point of view one that must be addressed. And that's why encryption makes sense.
But if the attacker can gain access to your phone (or computer) so as to modify it and then return it for you to reuse it's game over. There's nothing that can protect against such an attack.
That is certainly true. But at the same time, it points to how Android (or iOS, or WP7 and so on) could implement better security. Encrypt all files (say with AES-128 for the purposes of this discussion) using a randomly generated AES key. Then encrypt that key with a password/passphrase required when the phone boots. This would ensure that data would be stored securely when at-rest, which is a step in the right direction.
Protecting the device while it's running is, of course, trickier. Clearly, the device needs to be able to securely lock itself and allow unlocking only when the proper credentials are used. A more tricky question is what happens when you plug a USB port into the device. Ideally, the system should prompt in a secure fashion, asking for authorization to enable the USB port. Furthermore, critical security-related files, such as the keychain and any encrypted data stores should only be exportable in their encrypted form.
Someone might, at this point say, "ahh! but the attacker can install some special software on the phone and it's game over!" True, an attacker can do that. He can gain access to a computer/smartphone, modify it and then return it for you to use. Frankly, there's no way to protect against that scenario, and it is not the scenario that encryption is supposed to solve. Encryption is meant to allow your data to be secure and non-accessible after the device itself is taken from you -- whether it is stolen by a thief or taken by the police during a traffic stop or during an arrest.
OK, so you store a hash. Now this means that the hash (remember, hashes are one-way -- you can't get the password back from the hash) itself must be usable to log into your account. In other words, the hash itself is a password. Password hashing is meaningful only on the server-side (by server-side, in this case, I mean whichever side of the protocol does the validation of the username/password and grants access) and not on the client side.
DriveShare is pretty nice. It's really kind of addictive to be able to access all my files from my iPhone and from any machine and to not worry about having to give Dropbox (or any Dropbox) access to it.
Nonsense. A simple, properly implemented salted hash is perfectly adequate for the vast majority of sites, provided you use large (at least 32 bit and preferably 64 bit) random salts, and a cryptographically secure hash algorithm (although I would avoid MD5).
00894983a50dc526-0e71bd5a380617a402bd24c6be3e7a7f2dd06109
This is salted password, hashed with SHA1. The salt is the part of the data before the dash. Please show me how I lost?
I'm sorry, but this borders on nonsensical... Assume each user has a distinct, hopefully large (at least 32-bit and preferably 64-bit) salt, generated by a cryptographically secure PRNG and the SHA-1 algorithm for hashing. What does this mean? If Eve somehow gets a dump of the salted-hashed passwords from Alice's database, she would need to generate a unique rainbow table for each user. Sure, Eve could just target one particular user from the database -- say Bob -- explicitly and get together enough computing power to attempt to mount a brute-force attack on the salted-hash, but that's an awful lot of work to compromise one account.
So much work, in fact, that will almost certainly make an attacker choose a different attack vector. It's just an impractical attack for all but the most well-funded adversaries -- adversaries who work for three-letter government agencies that employ more mathematicians and programmers than you can count, and who run massive data centers that require their own, dedicated power plants -- and who are targeting a particular very-high-value target, we're talking about the sort of attackers who work for .
Password stretching, as you mention, is a great idea, and more people should use it. But a simple salted hash, provided the salt is large and the hash is cryptographically secure, is almost certainly good enough for the vast majority of applications.
It's not cynical to mention it, however, it's unclear what the US government gains by releasing this information however. The overwhelming majority of people fall into one of two categories: those who see bin Laden as a moral compass and those who see him as a terrorist thug, beyond redemption. The former won't believe the porn story and will assume it's propaganda to discredit and insult bin Laden; the latter wouldn't care about whether bin Laden liked scheiße porn.
This may be cynical of me, but I wish you'd added a "Warning: FUD story ahead, submitted by the writer of the story" disclaimer to the FUD "twitpic will sell your pics!!!!1111one!!! I HAVE DIVINED THIS FROM TEA LEAVES!" story you approved by Andy Smith.
The OP says that a practical issue is whether one should trust closed source software to do this? Because, of course, being closed source should implicitly invoke gloomy music, dark clouds and cause people to break out in a cold sweat? Seriously, enough with this bullc*** already... There's nothing inherently wrong with running closed source software, nor is a given piece of software magically better by virtue of being open-source, nor are open-source developers somehow better than those who develop closed-source software. There's legitimate arguments to be made that open-source has advantages. That open-source is, somehow, more trustworthy, isn't one such argument. And it's high time we stopped peddling it as one, or accepting it as one.
LOL... Everything is Microsoft's fault. Sure enough this must be Slashdot. Perhaps Microsoft doesn't issue patches as fast you'd like -- or as fast they could -- but that doesn't detract from the fact that Tavis' behavior in this situation was completely irresponsible.