"*Future* versions can be released under a different license, but that version is always available under the license it was released under."
That's thin ice. Is not "future versions", but "different copies".
Say I managed Linus to accept my (gpl-ed) contribution to the kernel, like that:/* This is my contribution v1 to the kernel and it is, of course GPL-ed*/
Then the *copy* (not the version) that goes into the kernel gets gpl-ed, thus all other copies from that copy get under the gpl too. But since I'm the author and copyright holder of my contribution, I can take a different copy (neither the one I passed into the kernel nor a copy from that copy) and license it any way I see fit. So no, I won't need to develop a new version of my contribution:/* This is my much embettered contribution v2 NOT to go into the kernel */ I can go with a *new* copy of my first version.
By the way, that's how companies like Troll Tech manage to double-license their code by taking copyright ownership of all the codebase, and that's how, technically, the FSF could produce tomorrow a proprietary version of, say, GCC 2.95, to name an obviously old version of that codebase (of course, under the asumption that GCC is truly an FSF copyright-holded piece of code). That wouldn't affect your already gpl-granted gcc copy in any way.
"It's like if I was to draw a picture. I hold the copyright to the picture. You don't need my permission to look at my picture, but if you want to look at my picture at your house, you either need to a) take the original with you to your house [in which case you definitely need my permission]"
No, I don't.
I found it laying in the street. Or, your sold the picture to a friend of mine that gifts it to me without your permission (gasp!).
The strange thing is software *should* be the same than your picture example but it seems it isn't.
Re:The only point I would disagree..
on
Insider Threat
·
· Score: 1
"What's supposed to happen is, you find out that some vital system is broken and the two people who have passwords necessary to fix it are on holiday or at a conference."
You put blame on whoever drawed the policy or whoever didn't comply with it. If it is such a sensible resource how the heck is that there's no way to recall it at any moment?
You can ask "what if the two knowing the password are out of office?" just the same you can ask "what if both pilot and copilot become intoxicated over Atlantic?" Both cases the answer is the same: "that won't happen: policy forbides it".
All this is quite well and good, but seems to forget the number one rule regarding security: you won't push more efforts protecting it than its own value.
There will be circumnstances where the resource to be secured truly deserves the expenditure (and if broken, there should be a proffesional reputation at stake, if not even civil or penal responsilities); there are much more cases that despite the "hear, hear" voices, the overload "high level" security imposes really doesn't pay (as ie. credit card fraud protecting people knows just too well).
"Except that now I'll be able to use Open Office 2.0"
That's not what worries Microsoft. After all, everybody has been able to use RTF for storage for ages.
The problem is that OOo provides a successful "open source implementation of a public standard", thus "embrace and extend" tactis won't work.
When Microsoft (badly) supports a public standard of its own (as RTF is) Microsoft has nothing to worry about. When a third party supports a public standard without a succesful open source implementation, a privative software company can succesfully use embrace and extend tactics because if a third party product "doesn't work" it seems to be the third party the one to blame (as it is the case with ie. RTF or PDF, and that's why they have had partial success with their impaired Kerberos implementation for Active Directory).
When there's a public exchange format/protocol with a successful open implementation, the faulty part obviously becomes the privative side (as it is the case ie. on SMTP: Microsoft tried to bastardize it on Exchange early days, but Sendmail made a strong case and fingertips pointed to Microsoft to be at fault).
That's why the "open protocols, not open source" are either wrong or biased. In the software world, anything more complex than "a protocol to fill an empty glass from a water jar" is doomed to include inacuracies and "grey areas", so having only an in-paper protocol description leaves too many open doors for embrace and extend tactics for privative software vendors, specially if they have the advantage being them defining the protocol (Sun's Java and/or Microsoft's dot-net comes to mind).
You could get Microsoft eventually supporting an "open" protocol, as long as there's no open implementation (like the PDF; that's why they are now hard-pushing "open protocols" loaded with "patents shareable on a fair royalties basis") and/or they control the "reference implementation" (like the RTF case), but they won't ever support a protocol with a successful open implementation (they know such a battle is lost).
"The fact of the matter is that if you build an applicaiton that uses (say) the Oracle ODBC driver, you might owe Oracle some money to distribute it, but you don't have Oracle asserting intellectual property rights over the rest of your program. Which is exactly what MySQL is doing."
WHAT???
So you really think that if I take some MySQL code, I modify it and then distribute my modification MySQL AB is going to tell people that my distribution is authored by MySQL? Or do you think that MySQL AB is going to say that it is my code copyright owner?
Well, the case is that if I do so, all MySQL will tell me is "you can distribute that derivative work only under my rules or I will sue you" quite curiously *exactly* the same that Oracle would do.
"Most people that I have worked with cannot tell the difference between the GPL, LGPL, FreeBSD and the MIT license."
Provided that it is not as if those license where war secrets, or that they tried to be obscure on purpose, I'll bet you work in one of these four environments: 1/ They are children under six years so they are not expected to fully understand what they read. By the way, you should be in jail. Children that young shouldn't be working. 2/ You work with poor morons, unable to understand quite simple text documents. 3/ You work with poor morons, unable to shut up their mouths in order not to look like morons when talking about what they have no idea. 4/ They are not morons: they have not the sligthest interest about software distribution licenses, either because their jobs have no relation to the matter (ie: a butcher), because they are morons unable to understand the importance of copyrights within the computer industry, or because they are mischevious people that have other things they consider more important than their duty (like a government contractor mor interested in the money going under the table than what's good for society).
"Because when something happens here that we don't want to happen again, we investigate it..."
[Some things that *seems* to be reasonable follows]
In my world, we investigate things that we don't want to be repeated too. But instead of trying to apply the same recipy to all cases, we try to conclude from data what's the best strategy for that never happening again within what we understand to be compatible with what we consider civilization has to be.
"So we're interested to know how they were drawn into being suicide bombers"
And, somehow, you will know how they became suiciders by following their paths on their last hours, instead of trying to analize it from a general sociologic point of view.
The truth is that increasing privacy violations an Big Brother policies won't avoid a determined suicider to do his malware, no matter how many cameras, and at the end, what it really remains is privacy and individual lives being on hands of some benevolent (so we hope) tyrants.
At the end of that logical path, we can avoid all malware by installing brain chips (of course this is a gross exageration -today, but it's incredibly how easy policies in the like of "a bit at a time" success extorting civil rights. There's a Spanish saying: "with patient and saliva, the elephant fucked the ant"). The question is: even if those kind of policies success at their immediate objective (we really don't have another twin towers, Madrid train station, London subway...) is that the society we want? For all I know, current antiterrorist policies are the bigest success of those terrorists themselves.
"In the UK, where it happened, it's seen by the general public as a very good reason why we need CCTV coverage - without it tracing the bombers' movements in the investigation would have been practically impossible"...and once they traced them, planet Earth started to automagically sping backwards and then they were able to stop the terrorists so the bombs really never exploded... or something like that.
"In the UK, CCTV is reasonably popular because people associate it with safety (drunks and muggers don't like to attack you in front of a camera) and not with undue government surveillance."...which means that UK citizens are as easily fooled as anyone else into thinking that breaking privacy somehow is a good thing.
On other news... "The Wheel hyper-enthusiasts have left the building, leaving a significant contingent of Wheel-using engineers behind, blinking in the bright lights without the constant drumbeat of boosterism.'
Does this mean we finally will end up using these now not-so-cool Wheels and we will move to the new hype Ion-Cannons?
You won't. That's your elected official problem. If you see rapidly-changing laws to be a problem or otherwise you don't credit the candidate to be able to cope with an environment where laws change too fast, just vote another candidate that promise you to be not so change-friendly. On the other hand, when you find a law to be detrimental you would want it changed ASAP; and you wouldn't vote a candidate that offers to change a law you find well suited, would you?
"How could you do all the wonderfully unprofitable things that governments do, like funding education?"
Just the same way it is done *now*. Only people would have more voice regarding how and when those things should have to be done. It is arguably, even, that due to the fact people would be more commonly exposed to take hard decitions, they would be taken in a more matured way than currently.
"since it'll be a race down to the bottom to try to provide the most cheap, bare-bones system posible."
Why? You can only believe that if you believe that people is unable to take the "hard" path. But if you believe that, then what you *really* believe is that people is unable to govern themselves. In other words: you don't want a more direct democracy because you don't believe democracy to be good.
"I just don't see how you can compare free-market capitalism and democracy as political systems."
Politicians offer "products" by marketing, and they try to make offers more attractive than the other competitors to their target audience. Then the consumers "buy" those politicians "products" by voting them.
What the other proponent says doesn't seem to bad. There're laws avoiding regular "bundle selling" (you should be able to buy the differenciated products that forms the bundle), but politician products are "bundle sold": when you vote for a candidate, you vote for her programme as whole (or you could consider the politician to be the product by himself, not what he is going to do once elected). There's no way to say "yes I support your idea about This, but I don't want you to do That". It would be good looking for a really functional way to avoid "political bundle selling".
"Oh, and you can fix past errors in judgment. Laws can be repealed"
Quite true. But it much more difficult to repeal a law than it is to pass it.
"Luckily I'm not an American but if I was, I'd be extremely angry that the government is allowing - REWARDING - these IT companies to ignore the law."
The fact is that those companies weren't ingoring the law (to a known extreme): they were applying for a public contract. It is the election board the one violating law, since noone of the bidders (well, surely "to bid" is not the proper verb here, sorry for my bad English) should have gained the contract. That's why EFF is not going after the companies but after the election board.
I can make an bid for a public computing system out of my dead cat, that's my problem. When a public board takes my bid is when the problem arises.
Maybe you are just not paying attention to the very header of the article:
"Symantec Hopes To Deliver Anti-Virus Online"
As in "Symantec hopes to find a new revenue stream to feed their wallets"
_And_ look at a previous article: "Most Home PC Users Lack Security". Were I a Symantec exec I'd read it as "most users won't pay us a dime since they are not interested at all about antivirus security and all that stuff we sell for a living; we should find an alternative way to force them to pay us for, for... hell, for something! maybe making them paying us through a third agent, their bank, for instance, will do the trick.
If it makes sense, or it is useful, or it will piss off someone else is completely out of interest!
I almost can see it: "Your system can't be guaranteed to be free of virus. Since our banking on-line services only proceeds to the highest security standards, you shuould upgrade to the latest version of Ms Explorer and configure your browser to accept cookies. Your friendly on-line banking system".
"If I am truely in the middle, i can rewrite URL, present other certificates etc, ( spoof the certificate authority too even )"
So what?
You, as a user, are deem to stablish your own security rules. You, as a MiM, can only defeat a first-time unknowledgeable visitor: I'd want to see you trying to offer me a root CA public key... for a CA I already know about... or the public key for a site I already visited. And if it is a site I visit for first time, I want you to try to offer me a fraudulent key-chain, or try to defeat me with a "sudden" new CA, or trying to redirect me out the *entire* Internet, so I can't use Google, Yahoo, or any other web crawler of my choice to recheck the public key from the CA.
"all this software technology exists Load balancers content switches ssl concentrators all have to legitmately do this now"
All they can legitimately gain knowledge about the proper secret key, or they won't work at all.
"although pulled off successfully could efect many at time"
The knowledge and/or situation needed for such an attack to become successful insures you can successfully try more effective attacks.
All in all, dns-related attacks are not and can't target the Internet in the wild but can be effectively used on Intranet/in-house or corporation-to-corporation environments because a) then it's easier to spoof the (relative) whole internet and b) most probably there will be less in-deep security measures (like not using https because your are confident about the network path being secure).
"Most people can't tell if they are connected using SSL or not"
Those are beyond salvation and I don't think that secure DNS was developed with them in mind.
I mean, someone which will accept following an hyperlink coming on a html e-mail from somebody unknown to him that says "your.bank.of.confidence" while obviously opening a browser pointing to "your.hacker.of.the.day" won't benefit any more from using secure DNS.
Of course science is their enemy, since it favours a mind "structure" that is plain contrary to theirs. What they can do at most is take "scientific facts" out of context in order to give them (to and uninformed audience) a barnish of self-respectability. Just exactly the same you can find in some advertisements that allege some "scientific researches" (that don't hold water on close inspection) to support their products.
"It could be aliens, it could be a previous civilization of humans"
No, it couldn't.
Be it aliens, a previous human civilization, or any other origin, powerful, but not almigthy only postpones the question. ID is based upon an IRREDUCTIBLE complexity on life and its evolution. As such, any other "power" only raises the question of its own origin and development... unless it's almigthy, of course, so it can be the noncaused cause, be it God, Yehovah or the spaghetti monster.
And that's exactly why it has no place in any Science class: as ID is based on the existence of an almigthy power, it can make no prediction (any output is possible when the inputter can do everything) nor it can have any internal coherence (by the same reason). A "theory" that can't make any prediction nor through more ligth over uncategorized measures (appart from "it is the way it is because it is the way it is") is not and can't be Science.
The most ID can offer is that "it seems plausible" (to some people). Well, at any given time there can be quite a few "plausible ideas" (for instance, regarding situation we can't take measures about like, say the stars core). But noone of those "plausible ideas" can gain "scientific theory status" if they don't include a means to show them false (even if currently hypothetical, like: build a starship that can fly to the center of a star, and then you will find it is made of cheese, as I support). ID doesn't offer *any* falsify method (whatever measure you can get -even hypothetically, can be "mocked up" by the almigthiness of the deity).
It would be completly different it they'd say: just through yourself on your knees repeat three time "pater noster" and then water will become wine and stones will become roses (just like a "newtonian proponent" would say to you "take a cronograph and prepare a vacuum tube 9.8 meters long and let a stone fall from the higher end; the stone will take one second to fall, and it won't take neither half a second nor two seconds, no matter the size or weigth of the stone, as long as it doesn't touch the tube walls), since then you will be able to produce an experiment to test the "theory". Of course ID proponents doesn't offer nothing of the like.
2+2= 5 only means a 25% advantage over the mean value of 4, when it is well known that one plus one tends to sum up three even on standard values of one!
"The question is about replacing Windows boxen with Linux"
No. The question is that's not the question.
The question is not about how can I install Linux on my "box" and then being able to connect to my company's IT resources without IT people knowing it.
The question is about how the IT people can deploy Linux desktops/laptops in the hundreds in a controlled manner and integrating with current IT tools and procedures. That's the question.
And the previous post adds ABSOLUTELY NOTHING about the question.
"he original poster was merely pointing out that Ubuntu is an excellent desktop distribution"...which has *NOTHING* to do with what the poster was asking for and he even took the time to explain what he was *exactly* asking for.
Does the Ubuntu's article talks about Ubuntu's deployment on big numbers of PC/laptops under IT department's control? NOPE.
Does the Ubuntu's article talks about how can it be integrated under IT's control structure? NOPE.
Does abscondment's post add anything to explain how can Ubuntu integrate under an IT structure which now is mostly Microsoft-based? NOPE.
What is abscondment's post? It is nothing but a kind of pavlovian answer in the lines of "is it something even remotely related with Linux? Yes: BEEP - Ubuntu is the answer then, no matter the question"
"*Future* versions can be released under a different license, but that version is always available under the license it was released under."
/* This is my contribution v1 to the kernel and it is, of course GPL-ed*/
/* This is my much embettered contribution v2 NOT to go into the kernel */
That's thin ice. Is not "future versions", but "different copies".
Say I managed Linus to accept my (gpl-ed) contribution to the kernel, like that:
Then the *copy* (not the version) that goes into the kernel gets gpl-ed, thus all other copies from that copy get under the gpl too. But since I'm the author and copyright holder of my contribution, I can take a different copy (neither the one I passed into the kernel nor a copy from that copy) and license it any way I see fit. So no, I won't need to develop a new version of my contribution:
I can go with a *new* copy of my first version.
By the way, that's how companies like Troll Tech manage to double-license their code by taking copyright ownership of all the codebase, and that's how, technically, the FSF could produce tomorrow a proprietary version of, say, GCC 2.95, to name an obviously old version of that codebase (of course, under the asumption that GCC is truly an FSF copyright-holded piece of code). That wouldn't affect your already gpl-granted gcc copy in any way.
"It's like if I was to draw a picture. I hold the copyright to the picture. You don't need my permission to look at my picture, but if you want to look at my picture at your house, you either need to a) take the original with you to your house [in which case you definitely need my permission]"
No, I don't.
I found it laying in the street. Or, your sold the picture to a friend of mine that gifts it to me without your permission (gasp!).
The strange thing is software *should* be the same than your picture example but it seems it isn't.
"That is not even neccesarily true. Someone made the claim that linking obligates you to GPL you code as part of FUD scare campaign."
Well, when the "someone" that claims that "linking obligates you to GPL" is the legal arm of the very one that wrote down the license, maybe there is an issue.
"What's supposed to happen is, you find out that some vital system is broken and the two people who have passwords necessary to fix it are on holiday or at a conference."
You put blame on whoever drawed the policy or whoever didn't comply with it. If it is such a sensible resource how the heck is that there's no way to recall it at any moment?
You can ask "what if the two knowing the password are out of office?" just the same you can ask "what if both pilot and copilot become intoxicated over Atlantic?" Both cases the answer is the same: "that won't happen: policy forbides it".
All this is quite well and good, but seems to forget the number one rule regarding security: you won't push more efforts protecting it than its own value.
There will be circumnstances where the resource to be secured truly deserves the expenditure (and if broken, there should be a proffesional reputation at stake, if not even civil or penal responsilities); there are much more cases that despite the "hear, hear" voices, the overload "high level" security imposes really doesn't pay (as ie. credit card fraud protecting people knows just too well).
"Except that now I'll be able to use Open Office 2.0"
That's not what worries Microsoft. After all, everybody has been able to use RTF for storage for ages.
The problem is that OOo provides a successful "open source implementation of a public standard", thus "embrace and extend" tactis won't work.
When Microsoft (badly) supports a public standard of its own (as RTF is) Microsoft has nothing to worry about.
When a third party supports a public standard without a succesful open source implementation, a privative software company can succesfully use embrace and extend tactics because if a third party product "doesn't work" it seems to be the third party the one to blame (as it is the case with ie. RTF or PDF, and that's why they have had partial success with their impaired Kerberos implementation for Active Directory).
When there's a public exchange format/protocol with a successful open implementation, the faulty part obviously becomes the privative side (as it is the case ie. on SMTP: Microsoft tried to bastardize it on Exchange early days, but Sendmail made a strong case and fingertips pointed to Microsoft to be at fault).
That's why the "open protocols, not open source" are either wrong or biased. In the software world, anything more complex than "a protocol to fill an empty glass from a water jar" is doomed to include inacuracies and "grey areas", so having only an in-paper protocol description leaves too many open doors for embrace and extend tactics for privative software vendors, specially if they have the advantage being them defining the protocol (Sun's Java and/or Microsoft's dot-net comes to mind).
You could get Microsoft eventually supporting an "open" protocol, as long as there's no open implementation (like the PDF; that's why they are now hard-pushing "open protocols" loaded with "patents shareable on a fair royalties basis") and/or they control the "reference implementation" (like the RTF case), but they won't ever support a protocol with a successful open implementation (they know such a battle is lost).
"The fact of the matter is that if you build an applicaiton that uses (say) the Oracle ODBC driver, you might owe Oracle some money to distribute it, but you don't have Oracle asserting intellectual property rights over the rest of your program. Which is exactly what MySQL is doing."
WHAT???
So you really think that if I take some MySQL code, I modify it and then distribute my modification MySQL AB is going to tell people that my distribution is authored by MySQL? Or do you think that MySQL AB is going to say that it is my code copyright owner?
Well, the case is that if I do so, all MySQL will tell me is "you can distribute that derivative work only under my rules or I will sue you" quite curiously *exactly* the same that Oracle would do.
"Most people that I have worked with cannot tell the difference between the GPL, LGPL, FreeBSD and the MIT license."
Provided that it is not as if those license where war secrets, or that they tried to be obscure on purpose, I'll bet you work in one of these four environments:
1/ They are children under six years so they are not expected to fully understand what they read. By the way, you should be in jail. Children that young shouldn't be working.
2/ You work with poor morons, unable to understand quite simple text documents.
3/ You work with poor morons, unable to shut up their mouths in order not to look like morons when talking about what they have no idea.
4/ They are not morons: they have not the sligthest interest about software distribution licenses, either because their jobs have no relation to the matter (ie: a butcher), because they are morons unable to understand the importance of copyrights within the computer industry, or because they are mischevious people that have other things they consider more important than their duty (like a government contractor mor interested in the money going under the table than what's good for society).
"Apparently you're a bit different from us then."
I quite don't think so.
"Because when something happens here that we don't want to happen again, we investigate it..."
[Some things that *seems* to be reasonable follows]
In my world, we investigate things that we don't want to be repeated too. But instead of trying to apply the same recipy to all cases, we try to conclude from data what's the best strategy for that never happening again within what we understand to be compatible with what we consider civilization has to be.
"So we're interested to know how they were drawn into being suicide bombers"
And, somehow, you will know how they became suiciders by following their paths on their last hours, instead of trying to analize it from a general sociologic point of view.
The truth is that increasing privacy violations an Big Brother policies won't avoid a determined suicider to do his malware, no matter how many cameras, and at the end, what it really remains is privacy and individual lives being on hands of some benevolent (so we hope) tyrants.
At the end of that logical path, we can avoid all malware by installing brain chips (of course this is a gross exageration -today, but it's incredibly how easy policies in the like of "a bit at a time" success extorting civil rights. There's a Spanish saying: "with patient and saliva, the elephant fucked the ant"). The question is: even if those kind of policies success at their immediate objective (we really don't have another twin towers, Madrid train station, London subway...) is that the society we want? For all I know, current antiterrorist policies are the bigest success of those terrorists themselves.
"In the UK, where it happened, it's seen by the general public as a very good reason why we need CCTV coverage - without it tracing the bombers' movements in the investigation would have been practically impossible" ...and once they traced them, planet Earth started to automagically sping backwards and then they were able to stop the terrorists so the bombs really never exploded... or something like that.
...which means that UK citizens are as easily fooled as anyone else into thinking that breaking privacy somehow is a good thing.
"In the UK, CCTV is reasonably popular because people associate it with safety (drunks and muggers don't like to attack you in front of a camera) and not with undue government surveillance."
Yes, more or less.
On other news...
"The Wheel hyper-enthusiasts have left the building, leaving a significant contingent of Wheel-using engineers behind, blinking in the bright lights without the constant drumbeat of boosterism.'
Does this mean we finally will end up using these now not-so-cool Wheels and we will move to the new hype Ion-Cannons?
"RHEL has a life of longer than six months, therefore it's real."
So has Debian, but I bet those people wouldn't consider it really "real". It is not corporate-backed, hence expensive, so it can't be "real".
And that's exactly this story's point.
"What would a free-market government look like?"
Quite like true democratics.
"Who would issue currency?"
Popular acceptance (just like money currency).
"How could you enforce rapidly-changing laws?"
You won't. That's your elected official problem. If you see rapidly-changing laws to be a problem or otherwise you don't credit the candidate to be able to cope with an environment where laws change too fast, just vote another candidate that promise you to be not so change-friendly. On the other hand, when you find a law to be detrimental you would want it changed ASAP; and you wouldn't vote a candidate that offers to change a law you find well suited, would you?
"How could you do all the wonderfully unprofitable things that governments do, like funding education?"
Just the same way it is done *now*. Only people would have more voice regarding how and when those things should have to be done. It is arguably, even, that due to the fact people would be more commonly exposed to take hard decitions, they would be taken in a more matured way than currently.
"since it'll be a race down to the bottom to try to provide the most cheap, bare-bones system posible."
Why? You can only believe that if you believe that people is unable to take the "hard" path. But if you believe that, then what you *really* believe is that people is unable to govern themselves. In other words: you don't want a more direct democracy because you don't believe democracy to be good.
"I just don't see how you can compare free-market capitalism and democracy as political systems."
Politicians offer "products" by marketing, and they try to make offers more attractive than the other competitors to their target audience. Then the consumers "buy" those politicians "products" by voting them.
What the other proponent says doesn't seem to bad. There're laws avoiding regular "bundle selling" (you should be able to buy the differenciated products that forms the bundle), but politician products are "bundle sold": when you vote for a candidate, you vote for her programme as whole (or you could consider the politician to be the product by himself, not what he is going to do once elected). There's no way to say "yes I support your idea about This, but I don't want you to do That". It would be good looking for a really functional way to avoid "political bundle selling".
"Oh, and you can fix past errors in judgment. Laws can be repealed"
Quite true. But it much more difficult to repeal a law than it is to pass it.
"Luckily I'm not an American but if I was, I'd be extremely angry that the government is allowing - REWARDING - these IT companies to ignore the law."
The fact is that those companies weren't ingoring the law (to a known extreme): they were applying for a public contract. It is the election board the one violating law, since noone of the bidders (well, surely "to bid" is not the proper verb here, sorry for my bad English) should have gained the contract. That's why EFF is not going after the companies but after the election board.
I can make an bid for a public computing system out of my dead cat, that's my problem. When a public board takes my bid is when the problem arises.
"they have some assumption that it comes with appropriate protections built in"
Mine does. It came with Linux.
"Why someone would spend $1000 on a computer and then have to spend more to not get a virus is something some people have difficulty swallowing."
Well, I find it difficult too.
Maybe you are just not paying attention to the very header of the article:
"Symantec Hopes To Deliver Anti-Virus Online"
As in "Symantec hopes to find a new revenue stream to feed their wallets"
_And_ look at a previous article: "Most Home PC Users Lack Security". Were I a Symantec exec I'd read it as "most users won't pay us a dime since they are not interested at all about antivirus security and all that stuff we sell for a living; we should find an alternative way to force them to pay us for, for... hell, for something! maybe making them paying us through a third agent, their bank, for instance, will do the trick.
If it makes sense, or it is useful, or it will piss off someone else is completely out of interest!
"I hope not"
I'm quite afraid yes.
I almost can see it:
"Your system can't be guaranteed to be free of virus.
Since our banking on-line services only proceeds to the highest security standards, you shuould upgrade to the latest version of Ms Explorer and configure your browser to accept cookies.
Your friendly on-line banking system".
"Think about it: DNS is only as secure as its weakest link, and that link is the desktop"
Truly speaking it's a bit beyond the desktop.
Between the desktop and the chair, to name it precisely.
"If I am truely in the middle, i can rewrite URL, present other certificates etc, ( spoof the certificate authority too even )"
So what?
You, as a user, are deem to stablish your own security rules. You, as a MiM, can only defeat a first-time unknowledgeable visitor: I'd want to see you trying to offer me a root CA public key... for a CA I already know about... or the public key for a site I already visited. And if it is a site I visit for first time, I want you to try to offer me a fraudulent key-chain, or try to defeat me with a "sudden" new CA, or trying to redirect me out the *entire* Internet, so I can't use Google, Yahoo, or any other web crawler of my choice to recheck the public key from the CA.
"all this software technology exists Load balancers content switches ssl concentrators all have to legitmately do this now"
All they can legitimately gain knowledge about the proper secret key, or they won't work at all.
"although pulled off successfully could efect many at time"
The knowledge and/or situation needed for such an attack to become successful insures you can successfully try more effective attacks.
All in all, dns-related attacks are not and can't target the Internet in the wild but can be effectively used on Intranet/in-house or corporation-to-corporation environments because a) then it's easier to spoof the (relative) whole internet and b) most probably there will be less in-deep security measures (like not using https because your are confident about the network path being secure).
"Most people can't tell if they are connected using SSL or not"
Those are beyond salvation and I don't think that secure DNS was developed with them in mind.
I mean, someone which will accept following an hyperlink coming on a html e-mail from somebody unknown to him that says "your.bank.of.confidence" while obviously opening a browser pointing to "your.hacker.of.the.day" won't benefit any more from using secure DNS.
"It includes Linux drivers"
No. It includes binary-only i386-only proprietary Linux drivers. You may appreciate the difference.
"science itself is not always their enemy."
Of course science is their enemy, since it favours a mind "structure" that is plain contrary to theirs. What they can do at most is take "scientific facts" out of context in order to give them (to and uninformed audience) a barnish of self-respectability. Just exactly the same you can find in some advertisements that allege some "scientific researches" (that don't hold water on close inspection) to support their products.
"It could be aliens, it could be a previous civilization of humans"
No, it couldn't.
Be it aliens, a previous human civilization, or any other origin, powerful, but not almigthy only postpones the question. ID is based upon an IRREDUCTIBLE complexity on life and its evolution. As such, any other "power" only raises the question of its own origin and development... unless it's almigthy, of course, so it can be the noncaused cause, be it God, Yehovah or the spaghetti monster.
And that's exactly why it has no place in any Science class: as ID is based on the existence of an almigthy power, it can make no prediction (any output is possible when the inputter can do everything) nor it can have any internal coherence (by the same reason). A "theory" that can't make any prediction nor through more ligth over uncategorized measures (appart from "it is the way it is because it is the way it is") is not and can't be Science.
The most ID can offer is that "it seems plausible" (to some people). Well, at any given time there can be quite a few "plausible ideas" (for instance, regarding situation we can't take measures about like, say the stars core). But noone of those "plausible ideas" can gain "scientific theory status" if they don't include a means to show them false (even if currently hypothetical, like: build a starship that can fly to the center of a star, and then you will find it is made of cheese, as I support). ID doesn't offer *any* falsify method (whatever measure you can get -even hypothetically, can be "mocked up" by the almigthiness of the deity).
It would be completly different it they'd say: just through yourself on your knees repeat three time "pater noster" and then water will become wine and stones will become roses (just like a "newtonian proponent" would say to you "take a cronograph and prepare a vacuum tube 9.8 meters long and let a stone fall from the higher end; the stone will take one second to fall, and it won't take neither half a second nor two seconds, no matter the size or weigth of the stone, as long as it doesn't touch the tube walls), since then you will be able to produce an experiment to test the "theory". Of course ID proponents doesn't offer nothing of the like.
That must be the law of decrementing redits.
2+2= 5 only means a 25% advantage over the mean value of 4, when it is well known that one plus one tends to sum up three even on standard values of one!
"The question is about replacing Windows boxen with Linux"
No. The question is that's not the question.
The question is not about how can I install Linux on my "box" and then being able to connect to my company's IT resources without IT people knowing it.
The question is about how the IT people can deploy Linux desktops/laptops in the hundreds in a controlled manner and integrating with current IT tools and procedures. That's the question.
And the previous post adds ABSOLUTELY NOTHING about the question.
"he original poster was merely pointing out that Ubuntu is an excellent desktop distribution" ...which has *NOTHING* to do with what the poster was asking for and he even took the time to explain what he was *exactly* asking for.
Does the Ubuntu's article talks about Ubuntu's deployment on big numbers of PC/laptops under IT department's control? NOPE.
Does the Ubuntu's article talks about how can it be integrated under IT's control structure? NOPE.
Does abscondment's post add anything to explain how can Ubuntu integrate under an IT structure which now is mostly Microsoft-based? NOPE.
What is abscondment's post? It is nothing but a kind of pavlovian answer in the lines of "is it something even remotely related with Linux? Yes: BEEP - Ubuntu is the answer then, no matter the question"
And yes, that's zealotry.