Not a Charity. I think it would be fantastic if they opened up for everyone. But they have to look out for ol' number one first, or there won't be any Sun at all. I'm sure they could make it work though, this just isn't their priority, and shouldn't have to be. Red hat may not be happy with it, but last time I checked, Redhat's glee doesn't fill Sun's coffers.
The fact that they are or are not a business is of little concern to anyone involved. This could be written by the Pope, but if people don't think it's Free enough, it's not going anywhere.
My mplayer reports that the HD version of the movie, at least, uses the "M$ MPEG-4 v2". I thought this slightly altered version of the MPEG standard was Microsofts own slightly altered implementation. Why is the film encoded in this way? Surely it would have been better to use the normal MPEG-4 lavc codec? Or am I confused in some way?
Since switching to Win XP from Windows 2000 during RC1, I've experienced a few crashes due to some bad ram, but beyond that it's been steady as a rock. Also, I haven't needed to waste resources with a virus checker because I know how not to get viruses. A good firewall goes a long way.
Right, you've not had any problems with MS software. Now think that perhaps computers are used as more than as desktop machines. Now think that perhaps MS sucks at that.
While I know that Linux and OSS can be very secure and stable, Windows can be also. If people put the time into Windows that Linux-users put into Linux/OSS (by way of customization, and finding apps and drivers), they'd have a much more reliable machine
Install Debian or OpenBSD, and see how little effort it takes to have a secure machine; with everything correct out of the box. You act like it's the users responsibility to fix problems in the Operating System. It's not. Don't think that.
Also I find it rich that I get modded flamebait when I was defending my choice (what Linux is all about) over some one trying to push what they think is better (and in this case they didn't even back it up). Oh well at least now I can truthly claim I've been modded as a troll on/. at least once.:)
No, you got moderated flamebait because you responded to a joke by getting pissed off and swearing. Then for listing that gnu/linux is great because you can play all this non-free software on it. You looked a fool.
The relative handful of Linux users today seem content with it so I don't know why Novell wants to change things. I bet they just want to increase their user numbers. Idiots.
Oh, so it's ok because they just want to make a quick buck, and fuck us all over? They are idiots. It would be better to take the time and persuade every hardware company to release Free drivers or write every driver ourselves than take a short cut to achieving popularity by incorporating every piece of crap someone wants to write, without having the sourcecode to improve it.
These drivers may work now, but they won't work in future. Look at Vista; one architecture change, and they've had to build the driver base from scratch because they didn't have the source code. Debian has 11 different architechures; chances are a binary driver will exist only for one (or rarely, two). NetBSD has 17 different architectures; with 50 different platforms. Are vendors going to release 11 different binary drivers? No, of course not; they just want to make a quick buck.
The Linux kernel supports the majority of common hardware in some fashion. There are exceptions with some things, but pretty much, excluding Wireless Networking, we can support everything on the average desktop. It is extremely rare that you have a distro like Ubuntu or MEPIS or something that can't get working (sans wireless) on the average computer. Even with wireless, I think he have a couple of popular pieces of hardware working (I specifically remember a Belkin model). If it's not supported, someone is working on it, and we will probably one day have it. In almost every case, these drivers are written from reverse engineered specs. Maybe, if you want good driver support, you might consider going to some hardware companies and asking for documentation.
The only reason we have good drivers today is because we took the high road before. We wanted free ones, and this has meant that the quality of drivers in the Linux kernel is good. If we had taken binary ones, you wouldn't have the stable, audittable, editable, free kernel you have today.
But of course, if someone wants to make a quick buck, it's perfectly understandable if they decide to fuck us all over.
Idiot. The fact that we demand Open and Free drivers is one of the things that gives us an advantage over closed systems. Everything that goes into the kernel can be read, and checked and improved.
This isn't Windows, and users aren't prepared to put up with drivers that are shitty, and that break when we make changes.
Drivers are one the the biggest sources of crashes, and if we allowed every shitty hardware company to throw binary blobs over the wall, in less than a year we'd have a kernel just like NT.
I have games (HL2, UT2k4, Q4, EVE, etc) and XGL (transset over xcompmgr) with fully compatible nvidia binary drivers and every bit of hardware on my computer supported, nearly, all under gpl
Almost nothing you just mentioned is under the gpl. The only thing that is free is XGL, and that semi-entails that you have a non-gpl video driver.
Do a "server" install to avoid all the bloat, and you have a stable Debian system with up to date software.
No, you don't. You have the Ubuntu repository without X. The Ubuntu releases aren't particular stable; if you look at the process, you'll see that there's nothing like the level of testing that goes on in Debian.
The BBC is great and all, but their link seems to be somehow broken. Realplayer I suspect. Anyone have the video in divx/avi format and willing to share?
I wonder if I'm the one confused here. You said yourself that running a browser in root is stupid and insecure, then you go and say that introducing the capability of limited privilegies and running IE in limited mode is nohing big of an improvement compared to, say, XP.
I didn't use XP as an example for a reason. If you want to use XP as your benchmark for design quality, you're just going to confuse the debate. XP is currently the least secure system available, by a rather large margin.
Running IE in a chroot isn't this massive improvement you say it is. While it's probably a good starting point for a program with security issues, it's hardly a cure. What needs to also happen is for the developers to fix the exploits, and start to use design principles that prevent them happening in the future. Chroots aren't a design principle; well designed programs shouldn't need them, and they often have the negative effect of meaning that the program gets vastly more complicated (the case in point being the "broker processes" you mentioned).
Can a virus attack IE like now? Yes. Can it do the same damage? No. It's not that hard to understand.
That's the point I was making. Using a chroot doesn't stop IE wrecking itself; it just stops IE wrecking everything use. "Woohoo! The webbrowser can no longer bring down the system!" actually _isn't_ an impressive claim.
But all of that ain't important, I guess more important is where I missed a friggin comma in my post, right?
The irony of it may have escaped you. You attempted to accuse me of using nonsense phrases, while making no sense yourself.
Have you read how limited account works in Vista? I leave it up to you to assess the security implications of this on IE7.
There are a number of things you haven't considered. Firstly, that when you say "limited account" what you are actually refering to is a chroot. This new feature you mention is simply that the web browser does not run as the super user; now it runs inside a chroot. This has no affect on the security of Internet Explorer whatsoever! It just means that now, malicious code can only take control of IE and IE's own files.
IE can still be broken into (probably in much the same way it can be broken into now), but with only a localised effect. Are you saying that putting a program into a chroot means that all the bugs and holes magically disappear? You are mistaken as to the importance of this change.
This has been a point of play on every other operating system that runs a webbrowser since webbrowsers were first written. Do you think Tim Berners-Lee ran WorldWideWeb as root on his NeXTSTEP box when he invented the internet? No other Operating System will run webbrowser as root for one simple reason; it's a totally stupid idea; get hacked and the whole machine will go down.
This is hardly a feature worth trumpeting; it should have been this way by design. If your "assessment" of the security of IE7 has lead you to this piteous conclusion, then you really have a problem.
Also whether it has "W3C Support" I hope you realize the phraze is non-sense, however it has plenty of CSS fixes and ehnancements which I've studied in detail and had the chance to test myself in the Ie7 beta 2.
You may be interested to note the correct spelling of the word "phrase".
If you we to have written that sentence correctly, it would look something like this; "Also, (COMMA)as to whether it has "W3C Support,"(COMMA) I hope you realize,(COMMA)that phrase is nonsense.(FULL-STOP)However,(COMMA) it has plenty of CSS fixes and enhancements,(COMMA) which I've studied in detail,(COMMA) and have had the chance to test myself in the IE7 beta 2.
The sentence where you accuse me of nonsense actually is nonsense in itself. You can barely manage English, let alone HTML.
You note that it has fixes to rendering, but you fail to mention that it is not an attempt to actually bring IE in line with W3C specifications. It is still lacking W3C standardisation.
At least I don't have my head up my ass, repeating anti Microsoft cliches like a fanatic without putting any thought into it.
Instead, you prefer to sound off about new features when you have no actual understanding of their effect.
Taking everyones DNA would be arbitary. There's no need to take that data for any certain current or future need. It would simply be taken because there is a very slight chance it could be useful in the future.
You definition isn't particularly strong however; arbitary does not simply mean "in a random manner". To imagine that there is only one meaning of the word "arbitrarily" would be perhaps over simplifying. I'm sure you are aware that the word also has implications of despotism, as well as many other connotations.
Anyway, if you simply wanted to go down to the letter of the law; this behavior would be an obvious violation of the US Bill of Rights (the Fourth Amendment).
There is certainly an arguement against it on civil liberties. Could you miss that forcing people to give their DNA is perhaps a violation of the Universal Declaration of Human Rights articles 12 and 17. Blood is personal property, and you are talking about taking it without consent.
Form a national database if you will, but rely on voluntary provision of DNA samples. Any other method is obviously a violation of human rights.
Firstly, you're a nitpicker. Secondly, perhaps Simple English Wikipedia would be suitable for your needs. Perhaps you may feel better if you gave your kids a hand to work out what wikipedia means.
EVERYTHING. Why the hell do people feel the need to force what they think their site/* should look like on the user?
I swear to god: all this shite; coloured fonts (for that matter coloured ANYTHING), widths specified by measurements and not percentages/ratios, forced font types, forced font size are all wrong to use in 99% of the cases where they are currently used.
I see sites using things where it's totally overkill; it's annoying users and pissing bandwidth down the drain. Pages that take more than 5 seconds from click to complete (on a broad band line) are broken in some way (except in cases where there is a very large amount of content). Taking more than 2 seconds to show the majority of content is also evidence of being broken in some way. Most of the time, the core issue isn't overworked servers or slow rendering clients, but actually pages that are written in a stupid way. Think massive amounts of images, using things other than ratios to align things or misuse of CSS.
Funnily enough, these are the same pages that do not display correctly on certain browsers (however, excluding IE, in most cases) or are on the domain myspace.com.
Slashdot Mirror
Presuming we can believe Jason's letter
An important qualifier. Not to say that I don't believe him; I have no opinion either way.
You know, whenever I have mod points, I find slashdot full of nothing but bullshit. Today, I have none.
Some people, however (generally all the software I would want to be affiliated with) use Full Disclosure.
Apparantly not, since the server is now down.
I bet you wrote that arctile just so you could link to it.
Not a Charity. I think it would be fantastic if they opened up for everyone. But they have to look out for ol' number one first, or there won't be any Sun at all. I'm sure they could make it work though, this just isn't their priority, and shouldn't have to be. Red hat may not be happy with it, but last time I checked, Redhat's glee doesn't fill Sun's coffers.
The fact that they are or are not a business is of little concern to anyone involved. This could be written by the Pope, but if people don't think it's Free enough, it's not going anywhere.
My mplayer reports that the HD version of the movie, at least, uses the "M$ MPEG-4 v2". I thought this slightly altered version of the MPEG standard was Microsofts own slightly altered implementation. Why is the film encoded in this way? Surely it would have been better to use the normal MPEG-4 lavc codec? Or am I confused in some way?
Since switching to Win XP from Windows 2000 during RC1, I've experienced a few crashes due to some bad ram, but beyond that it's been steady as a rock. Also, I haven't needed to waste resources with a virus checker because I know how not to get viruses. A good firewall goes a long way.
Right, you've not had any problems with MS software. Now think that perhaps computers are used as more than as desktop machines. Now think that perhaps MS sucks at that.
While I know that Linux and OSS can be very secure and stable, Windows can be also. If people put the time into Windows that Linux-users put into Linux/OSS (by way of customization, and finding apps and drivers), they'd have a much more reliable machine
Install Debian or OpenBSD, and see how little effort it takes to have a secure machine; with everything correct out of the box. You act like it's the users responsibility to fix problems in the Operating System. It's not. Don't think that.
Also I find it rich that I get modded flamebait when I was defending my choice (what Linux is all about) over some one trying to push what they think is better (and in this case they didn't even back it up). Oh well at least now I can truthly claim I've been modded as a troll on /. at least once. :)
No, you got moderated flamebait because you responded to a joke by getting pissed off and swearing. Then for listing that gnu/linux is great because you can play all this non-free software on it. You looked a fool.
The relative handful of Linux users today seem content with it so I don't know why Novell wants to change things. I bet they just want to increase their user numbers. Idiots.
Oh, so it's ok because they just want to make a quick buck, and fuck us all over? They are idiots. It would be better to take the time and persuade every hardware company to release Free drivers or write every driver ourselves than take a short cut to achieving popularity by incorporating every piece of crap someone wants to write, without having the sourcecode to improve it.
These drivers may work now, but they won't work in future. Look at Vista; one architecture change, and they've had to build the driver base from scratch because they didn't have the source code. Debian has 11 different architechures; chances are a binary driver will exist only for one (or rarely, two). NetBSD has 17 different architectures; with 50 different platforms. Are vendors going to release 11 different binary drivers? No, of course not; they just want to make a quick buck.
The Linux kernel supports the majority of common hardware in some fashion. There are exceptions with some things, but pretty much, excluding Wireless Networking, we can support everything on the average desktop. It is extremely rare that you have a distro like Ubuntu or MEPIS or something that can't get working (sans wireless) on the average computer. Even with wireless, I think he have a couple of popular pieces of hardware working (I specifically remember a Belkin model). If it's not supported, someone is working on it, and we will probably one day have it. In almost every case, these drivers are written from reverse engineered specs. Maybe, if you want good driver support, you might consider going to some hardware companies and asking for documentation.
The only reason we have good drivers today is because we took the high road before. We wanted free ones, and this has meant that the quality of drivers in the Linux kernel is good. If we had taken binary ones, you wouldn't have the stable, audittable, editable, free kernel you have today.
But of course, if someone wants to make a quick buck, it's perfectly understandable if they decide to fuck us all over.
Idiot. The fact that we demand Open and Free drivers is one of the things that gives us an advantage over closed systems. Everything that goes into the kernel can be read, and checked and improved.
This isn't Windows, and users aren't prepared to put up with drivers that are shitty, and that break when we make changes.
Drivers are one the the biggest sources of crashes, and if we allowed every shitty hardware company to throw binary blobs over the wall, in less than a year we'd have a kernel just like NT.
I have games (HL2, UT2k4, Q4, EVE, etc) and XGL (transset over xcompmgr) with fully compatible nvidia binary drivers and every bit of hardware on my computer supported, nearly, all under gpl
Almost nothing you just mentioned is under the gpl. The only thing that is free is XGL, and that semi-entails that you have a non-gpl video driver.
Do a "server" install to avoid all the bloat, and you have a stable Debian system with up to date software.
No, you don't. You have the Ubuntu repository without X. The Ubuntu releases aren't particular stable; if you look at the process, you'll see that there's nothing like the level of testing that goes on in Debian.
Well, you certainly can't put the theories to rest when you don't release the goddamn proof until nearly 5 years after the incident.
The BBC is great and all, but their link seems to be somehow broken. Realplayer I suspect. Anyone have the video in divx/avi format and willing to share?
You were the one who brought up grammar.
Also whether it has "W3C Support" I hope you realize the phraze is non-sense
Remember?
I wonder if I'm the one confused here. You said yourself that running a browser in root is stupid and insecure, then you go and say that introducing the capability of limited privilegies and running IE in limited mode is nohing big of an improvement compared to, say, XP.
I didn't use XP as an example for a reason. If you want to use XP as your benchmark for design quality, you're just going to confuse the debate. XP is currently the least secure system available, by a rather large margin.
Running IE in a chroot isn't this massive improvement you say it is. While it's probably a good starting point for a program with security issues, it's hardly a cure. What needs to also happen is for the developers to fix the exploits, and start to use design principles that prevent them happening in the future. Chroots aren't a design principle; well designed programs shouldn't need them, and they often have the negative effect of meaning that the program gets vastly more complicated (the case in point being the "broker processes" you mentioned).
Can a virus attack IE like now? Yes. Can it do the same damage? No. It's not that hard to understand.
That's the point I was making. Using a chroot doesn't stop IE wrecking itself; it just stops IE wrecking everything use. "Woohoo! The webbrowser can no longer bring down the system!" actually _isn't_ an impressive claim.
But all of that ain't important, I guess more important is where I missed a friggin comma in my post, right?
The irony of it may have escaped you. You attempted to accuse me of using nonsense phrases, while making no sense yourself.
There are a number of things you haven't considered. Firstly, that when you say "limited account" what you are actually refering to is a chroot. This new feature you mention is simply that the web browser does not run as the super user; now it runs inside a chroot. This has no affect on the security of Internet Explorer whatsoever! It just means that now, malicious code can only take control of IE and IE's own files.
IE can still be broken into (probably in much the same way it can be broken into now), but with only a localised effect. Are you saying that putting a program into a chroot means that all the bugs and holes magically disappear? You are mistaken as to the importance of this change.
This has been a point of play on every other operating system that runs a webbrowser since webbrowsers were first written. Do you think Tim Berners-Lee ran WorldWideWeb as root on his NeXTSTEP box when he invented the internet? No other Operating System will run webbrowser as root for one simple reason; it's a totally stupid idea; get hacked and the whole machine will go down.
This is hardly a feature worth trumpeting; it should have been this way by design. If your "assessment" of the security of IE7 has lead you to this piteous conclusion, then you really have a problem.
Also whether it has "W3C Support" I hope you realize the phraze is non-sense, however it has plenty of CSS fixes and ehnancements which I've studied in detail and had the chance to test myself in the Ie7 beta 2.
"Also, (COMMA) as to whether it has "W3C Support,"(COMMA) I hope you realize,(COMMA) that phrase is nonsense.(FULL-STOP) However,(COMMA) it has plenty of CSS fixes and enhancements,(COMMA) which I've studied in detail,(COMMA) and have had the chance to test myself in the IE7 beta 2.
The sentence where you accuse me of nonsense actually is nonsense in itself. You can barely manage English, let alone HTML.
You note that it has fixes to rendering, but you fail to mention that it is not an attempt to actually bring IE in line with W3C specifications. It is still lacking W3C standardisation.
At least I don't have my head up my ass, repeating anti Microsoft cliches like a fanatic without putting any thought into it.
Instead, you prefer to sound off about new features when you have no actual understanding of their effect.
But if you believe a closed source program can ever be secure, then I think the problem rests with you.
When IE is secured, and with the new improved standards support, I think I'll welcome IE again as my default browser.
Yes, I too am waiting for the end of time itself.
You're both idiots. Wave or burn your flags elsewhere.
The original posters' use of the word "liberal" really didn't need to be turned into a political soapbox.
Taking everyones DNA would be arbitary. There's no need to take that data for any certain current or future need. It would simply be taken because there is a very slight chance it could be useful in the future.
You definition isn't particularly strong however; arbitary does not simply mean "in a random manner". To imagine that there is only one meaning of the word "arbitrarily" would be perhaps over simplifying. I'm sure you are aware that the word also has implications of despotism, as well as many other connotations.
Anyway, if you simply wanted to go down to the letter of the law; this behavior would be an obvious violation of the US Bill of Rights (the Fourth Amendment).
There is certainly an arguement against it on civil liberties. Could you miss that forcing people to give their DNA is perhaps a violation of the Universal Declaration of Human Rights articles 12 and 17. Blood is personal property, and you are talking about taking it without consent.
Form a national database if you will, but rely on voluntary provision of DNA samples. Any other method is obviously a violation of human rights.
Firstly, you're a nitpicker. Secondly, perhaps Simple English Wikipedia would be suitable for your needs. Perhaps you may feel better if you gave your kids a hand to work out what wikipedia means.
EVERYTHING. Why the hell do people feel the need to force what they think their site/* should look like on the user?
I swear to god: all this shite; coloured fonts (for that matter coloured ANYTHING), widths specified by measurements and not percentages/ratios, forced font types, forced font size are all wrong to use in 99% of the cases where they are currently used.
I see sites using things where it's totally overkill; it's annoying users and pissing bandwidth down the drain. Pages that take more than 5 seconds from click to complete (on a broad band line) are broken in some way (except in cases where there is a very large amount of content). Taking more than 2 seconds to show the majority of content is also evidence of being broken in some way. Most of the time, the core issue isn't overworked servers or slow rendering clients, but actually pages that are written in a stupid way. Think massive amounts of images, using things other than ratios to align things or misuse of CSS. Funnily enough, these are the same pages that do not display correctly on certain browsers (however, excluding IE, in most cases) or are on the domain myspace.com.