If IE lost ActiveX, it'd lose AJAX!!! Rather than reimplement HTTPRequest in a WC3 standard way, I'm sure they'd argue that 'til their heads are blue (red in Balmer's case) anyway.
I've worked with gumstix before. You aren't going to get away with an ethernet setup for 130 bucks. Etherstix is 50 bucks and the etherstix compatable gumstix are over 100 bucks themselves. That's for one ethernet jack. For an effective network appliance you generally need 2 ethernet ports minimum.
Whie I love gumstix and use them a lot, 150+ dollars for a gimp network device can't compete with the hacked wrt54g for 70 bucks. Gumstix are more appropiate for other cool things like robots (or as Zoidberg calls them robuts).
Kinda off topic, but since you brought of Symantec...
I had to deal with them today. We need a cloning solution to deal with overwhelming number of new PC's. Those bastards wanted 40 bucks a machine and 800 dollars for the server to do what we need (which is basically nothing more than a live cd, dd, and inflating the partition). They were insistant we couldn't just buy one copy for the machine we were basing the clone from. Their greedyness resulted in us buying nothing from them and me creating a debian live cd with parted and automation scripts. The idea is a destructive cd that you only have to plug in the power cable to use (using system beeps for errors and warnings). It will save not only time, but space because it's definately a pain connecting monitors, keyboards, mice, network cables to 15 PC's as opposed to 15 PC's lined up with just a power cable.
Gee, I wonder why it got these grades
on
The ESRB Gets An 'F'
·
· Score: 2, Interesting
Ratings Education: C+
Retailers' Policies: B
Retailers' Enforcement: D-
Ratings Accuracy: F
Arcade Survey: B-
Industry's 10-year cumulative grade: D+
To begin, most parents I know don't enforce video game ratings in the same manner they do movie ratings. Most of us grew up with games unrated and turned out fine. The fact that retailers don't heavily enforce the policies goes to show how many people think the game rating system is silly in the first place.
As for the rating accuracy getting a failing grade, I whole heartedly agree that given the organization handing out these grades is politically motivated, they just want to push violet games out of the market by making as many as possible Adult Only. If this were a real issue, we'd have droves of pissed off parents with 16 year olds they thought were playing a different game. In reality, AO has the stigma of being equivalent to hard core porn. These games aren't the equivalent, and this really is more a political group crying they aren't getting their way. Uh oh, we've got a baby down. I repeat, baby down! Someone call the wah-bulance!!
1. The "enterprise" distributions generally come with a feature where you can set up a single box, save the configuration , selected packages, etc etc, to a form of media, and mass copy. When going to install a new system you pop in your bootable linux CD, and pop in your config media (say, a usb key), and say to install based on those parameters. Once the base system is created, creating a clone of that generally takes about 25 minutes per box. The first 3 of that are the only ones with user interaction. Off the top of my head Red Hat and SuSe support this, but I'm sure there are plenty of others.
2. I know red hat has tools to do this. Ximian (purchased by SuSE) also has tools.
Basically at this point, if you go with either SuSe or RedHat, you'll have end to end coverage. I'm sure there are others, but those 2 I know will definatly do it.
Nobody wants to be an organ donor. It just seems like the right thing to say. Organ donors are for people with no faith at all. What if they figure out a way to bring you back fromt he dead? And now I don't got no eyes. Ain't this a bitch! Back from the dead and I can't see shit.
Is this a big joke? Is Beatles Beatles some sort of fictious character they came up with to post stories they find on their own? Stop the madness! He IS mocking us~!!
I thought I saw you in line. Remember me? We met in the gas lines after the hurricane. I met your brother once in line for Styx tickets and your Uncle in another line for space mountain. Man I love waiting in lines....
This is still important however. From their wording it looks like they will be replicating hardware via "mathematical models". I think it shows a lot in that linux can provide a real time software drop in for various missile guidance hardware.
There was this story on slashdot a couple of months ago and was detracted by many as opterons being out of place in the real time market. I guess we see it does have use =P
I've always found books on Linux comedic. I took a linux class at my local college once. The book we used had been published 2 years earlier which is considered fairly new in academic circles. Factor in a lag time of when he wrote it. We were learning about programs which hadn't been maintained in so long it was almost impossible to google 'em! I think the book was "Learning linux in 24 hours". This has been my general experience with books that discuss specific versions of software. I bet I can go to my local Borders and find Linux books based on KDE 1. I always take flac for it, but I just can't beat online documentation.
I run Linux on old hardware all the time. And every damn time I bang my head and say never again. Here's the most common problems I've run into and it makes it almost not worth the time.
CD roms that won't read burned Cds are the worst. Well, they sorta will. Just enough to frustrate the hell out of you. Getting half way through the install and then getting i/o errors. Pulling your hair as to why it won't install right. You realize it's the CD-rom. You switch to floppies. Floppies have a horrible shelf life. Don't even waste your time finding old AOL floppies to boot from. You'll pull your hair out even more than the CD roms. In reality, new floppies aren't the sort of thing sitting on every desk like 10 years ago. Some people have new ones sitting around. However, even if you do have new ones, a lot new machines don't even come with floppy drives anymore. Good luck creating your bootdisk.
Then the fun beings... the hard drive. Bad sectors hiding everywhere. They don't pop up until you've installed it and a week later wonder why postfix keeps crashing. Bad ram. An old machine is probably going to be using SD-ram. Have you seen SD-ram prices lately? It's freakin expensive. It's way more than DDR. We have some old RD-ram boxes we were going to use and those prices were more than a new computer alone. That covers moving parts. Then there's power supplies in form factors that aren't used anymore. CPU's and motherboards that haven't been produced in years. PCI video cards. Drivers. Don't even get me started...
I've had so many issues trying to work with old hardware I've just stopped trying. It's really not worth the frustration you'll go through. Old PC's with an AGP slot and popular hardware (P2 or P3 w/ Asus mobo and Voodoo card) aren't so bad. You'll generally have about 80% success rate with those which is worth a try. Weird chipsets on an old dell machine... don't even waste your time. Old laptops? Don't waste your time. Any old machine that needs more than 2 parts replaced, don't waste your time.
I'm not one just to throw money out to the wind, but I'll buy a 250 dollar new PC before wasting a week trying to get a POS to work. I've come to love mini itx machines. You can get a system as cheap as 150 bucks with new hardware fully linux compatable, a fraction the size, quiet, and super low power.
Yes, linux can run on extremely slow hardware. But does that mean we should pull every POS machine out of the garbage and try to get linux on it?
The first article could have been written with xbox 360 replaced with any console from the last 3 generations. Old gamers will generally think the games of their time are the best. In reality, the 2600 had a myriad of horrible games. Out of that there were a few good games. The bad games are fogotten and the good ones embraced.
Same goes for the NES. I still play NES games on emulators to this day. However, going to vimm.net and playing some of those games makes me shudder. There were some horrible ones.
The last generation of systems had some terrible games too. But there were some gems. Maybe the idea is that the gems are becoming fewer and far between? I can agree with that. The only company still making a console that I find puts out really enjoyable games is Nintendo. I was playing the new Mario Party the other day and someone brought up a point. On what other system can you spend a whole day enjoying a game designed for 8 year olds? Nintendo still produces games today that I would put head to head in enjoyablity with the 2600.
As for the second article... Have we missed the whole point of the gaming console? Gaming consoles have one purpose. It isn't the GUI (dvorak). It isn't for the graphics. It isn't for the startup music. It isn't for the cool factor. It's definately not for the weight. It's about games. I bought a PC for my PC needs. I bought a home theater for my multimedia needs. Why is my console going to be judged on the same criteria as the previous two?
And in reality you can't judge a system in it's first months out of the gate. In ten years, no one's going to care about the initial launch. If the games are still lame in a year, then write the system off. It's really too soon to say.
There's always this talk running around about how google is taking over the world. You know what? SO WHAT! The only people google are adversly affecting here are other giant corporations. And they are the ones with the loud mouths shouting to reporters how evil google is. In reality, we live in the age of the giant corporation. One way or the other, these giant organizations are going to control major parts of your life. I would _much_ rather have google a major part of my life than microsoft, ebay, aol, or comcast. They are just being whiney little bitches because google's business practices are much better than theirs. They are scared people will come to expect that kind of business.
This is their thought process...
OMG, google is serving their customers in a postive way?!! You don't fucking say! Well we need to put a stop to this shit right away. The nerve of them. Who they think they are!? Don't they know that not stuffing DRM and standards non-compliance into your product is the first no-no! You must take away all rights of the consumer. The consumer is to be told what they want and need. Google is giving them choices!?!? Next thing you know, they'll grow spines and start making decisions for themselves. We can't have that shit!!
Argument A: Slackware doesn't matter anymore.
So what if it matters! There are a lot of distributions out there that don't matter, yet people seem to find good use for them. A lot of people are still finding good use for it. Because of that, it does matter. So what if it matters to you.
Argument B: Slackware does matter, and here's why
You shouldn't return a troll with a troll. Talking about how much more elitist your distribution is doesn't help your cause one bit. I've used slackware before for an extended period of time. It was no better or worse than others. It was no more difficult or easy than others. I'm glad you like and and still find use for it, but really it's nothing special. There's only a select few distributions that really do anything innovative or special. The rest are either speciality distros or just garbage. Sorry to say Slackware isn't really considered a general purpose distribution anymore. Get over it. That doesn't mean your distribution is bad. It just doesn't serve the same purpose it did ten years ago.
There is just a level of service provided by my fellow americans that can not compete. Mostly it has to do with language. The Indians can speak great english. They even teach them american accents. However, they generally don't understand slang terms. They won't ever deviate from their scripts. You can be 95% the way there to solving a problem yourself, and the second you get on the phone with them they make you start over. I cancelled my bellsouth account 4 times with an Indian call center and it never got properly cancelled. I forced them to put me on the phone with an American and it was done in 2 minutes.
It also seems the companies they work for just don't trust them. They rarely have any authority to do anything major to my account. They will transfer you 3-4 times to their superiors until you reach a level where they can maybe do what you need. And if there's an accounting screwup? Forget it. I have never run into a situtation where an Indian has the authority to credit my account.
wah wah wah, porkThreeWays, you're a racist. It has nothing to do with race. It has everything to do with communication. I worked at a call center here in Florida once (oddly enough, for Bellsouth). I ran into some of the deepest southern accents working those phones. And I would get complaint after complaint that they couldn't understand the Indian they were on the phone with for a half hour. There's just no substitute for localization. It's the same reason other countries despise us putting a McDonald's in their country. You can not assume everyone's adopted a global culture. Putting hamburgers into a country where cows are sacred is just as bad as putting an Indian on the phone in a country with such varying accents.
Definately funded by them. I found this interesting... Novell has previously criticized Microsoft for selectively quoting from the reports and has encouraged potential Linux users to read the reports for themselves and come to their own conclusions, rather than relying on Microsoft analysis
If you read the whole reports you notice a trend. There's always some gotcha. Generally, they aren't very scientific. They're about as professional as a review on a blog. They take short cuts. Deviate from their original methods. Make assumptions. Are inconsistant.
Sadly though, most don't read the whole reports as they are generally hundreds of pages long and very esoteric.
According to the pdf, they had custom compiled versions of mysql and (eventually) glibc. This is concerning because the idea was to keep the system as RHEL as possible. It's very unscientific to do a study like this and deviate from the main package base on such important packages. Oh, ummm... what I said in question form.
Yes, they did a very wrong/illegal thing. However, it can be argued that the whole rootkit fiasco will be good for the consumer. The public is highly aware of this issue. They have also heard the word DRM a few times. Now everytime DRM is mentioned the consumer will say "I don't want your virus on my computer". So yes, it was a bad thing. But in the long run I think Sony's damaged the word DRM so badly that we will benefit from this accidental education of the average consumer. They've done something in one stupid move that we've been trying to for years!
- DROP the java front ends for everything. We get gray waiting for loadtimes.
Sometimes I think Sun really didn't think out the Java GUI experience very well before implementing it. The reason you get those blank screens during load times is how swing threads. It uses the same thread for event handling as for screen redrawing. From a programming stand point, I'm sure it makes it much simplier to use their API's for simple GUI's. However, when you've got tools written for system administration that will almost definatly take some time to process an event, it makes for a bad end user experience. Java is a great language. However, their poor implementation of the GUI API's makes the end user experience bad. And ultimately people who use java programs think the whole language sucks because of a bad user experience with the GUI.
I read that too and was shocked. Basically, they are rating the reliability of SLES 8 and 9 and RHEL 3 and 4 and custimizing it to the point where red hat and suse probably wouldn't support you anymore. Compiling your own MySQL you could get away with if it weren't a mysql related issue (however in this case since it's a database study it's very important). But Glibc!?!?! You have to be kidding me. Almost everything on a system depends on glibc and is arguably one of the most tested components on a system. Compiling your own Glibc on a whim would void any support you have with those companies. If done incorrectly it could render your system completely unusable.
In the PDF speaking about RHEL 4 including selinux compared to RHEL 3 which doesn't have selinux...
"The data indicated does not seem to indicate drastic security vulnerability improvement for RHEL 4"
I usually don't get pissed off about these Microsoft studies, but this is more than FUD. It's a lie. They compared the security patches for RHEL 3 and 4 over a 2 1/2 month perdiod. RHEL 4 had more. They indicate that selinux did not make RHEL 4 more secure. The point of selinux isn't to lessen the number of security advisories. IT'S ANOTHER FUCKING LAYER OF SECURITY. It's akin to a firewall or antivirus. It's exactly like saying "the month after microsoft released Windows defender, 38 new viruses were detected in the wild. The month before only 30 new viruses were found in the wild. Windows defender seems to have little effect on spyware and viruses." There's no connection. selinux would make it so a vulnerable piece of software would have a harder time being exploited and an even harder time getting total system control. A hole is a hole. Whether or not it is easily exploited or not doesn't matter. It needs to be patched regardless. If sendmail has a buffer overflow that selinux is able to mitigate, sendmail still needs to be patched. Whether or not they will be able to successfully exploit it is another question. It doesn't stop the fact that sendmail has a buff overflow.
You'd think a "professional" security agency would have more sense than that, but aparently not.
Slashdot Mirror
If IE lost ActiveX, it'd lose AJAX!!! Rather than reimplement HTTPRequest in a WC3 standard way, I'm sure they'd argue that 'til their heads are blue (red in Balmer's case) anyway.
http://politics.slashdot.org/article.pl?sid=05/11/ 21/180220&from=rss
Would this mean they would be using illegal software?
I've worked with gumstix before. You aren't going to get away with an ethernet setup for 130 bucks. Etherstix is 50 bucks and the etherstix compatable gumstix are over 100 bucks themselves. That's for one ethernet jack. For an effective network appliance you generally need 2 ethernet ports minimum.
Whie I love gumstix and use them a lot, 150+ dollars for a gimp network device can't compete with the hacked wrt54g for 70 bucks. Gumstix are more appropiate for other cool things like robots (or as Zoidberg calls them robuts).
Kinda off topic, but since you brought of Symantec...
I had to deal with them today. We need a cloning solution to deal with overwhelming number of new PC's. Those bastards wanted 40 bucks a machine and 800 dollars for the server to do what we need (which is basically nothing more than a live cd, dd, and inflating the partition). They were insistant we couldn't just buy one copy for the machine we were basing the clone from. Their greedyness resulted in us buying nothing from them and me creating a debian live cd with parted and automation scripts. The idea is a destructive cd that you only have to plug in the power cable to use (using system beeps for errors and warnings). It will save not only time, but space because it's definately a pain connecting monitors, keyboards, mice, network cables to 15 PC's as opposed to 15 PC's lined up with just a power cable.
Ratings Education: C+
Retailers' Policies: B
Retailers' Enforcement: D-
Ratings Accuracy: F
Arcade Survey: B-
Industry's 10-year cumulative grade: D+
To begin, most parents I know don't enforce video game ratings in the same manner they do movie ratings. Most of us grew up with games unrated and turned out fine. The fact that retailers don't heavily enforce the policies goes to show how many people think the game rating system is silly in the first place.
As for the rating accuracy getting a failing grade, I whole heartedly agree that given the organization handing out these grades is politically motivated, they just want to push violet games out of the market by making as many as possible Adult Only. If this were a real issue, we'd have droves of pissed off parents with 16 year olds they thought were playing a different game. In reality, AO has the stigma of being equivalent to hard core porn. These games aren't the equivalent, and this really is more a political group crying they aren't getting their way. Uh oh, we've got a baby down. I repeat, baby down! Someone call the wah-bulance!!
http://www.redhat.com/en_us/USA/rhn/
This product from redhat will allow you to do that.
1. The "enterprise" distributions generally come with a feature where you can set up a single box, save the configuration , selected packages, etc etc, to a form of media, and mass copy. When going to install a new system you pop in your bootable linux CD, and pop in your config media (say, a usb key), and say to install based on those parameters. Once the base system is created, creating a clone of that generally takes about 25 minutes per box. The first 3 of that are the only ones with user interaction. Off the top of my head Red Hat and SuSe support this, but I'm sure there are plenty of others.
2. I know red hat has tools to do this. Ximian (purchased by SuSE) also has tools.
Basically at this point, if you go with either SuSe or RedHat, you'll have end to end coverage. I'm sure there are others, but those 2 I know will definatly do it.
Nobody wants to be an organ donor. It just seems like the right thing to say. Organ donors are for people with no faith at all. What if they figure out a way to bring you back fromt he dead? And now I don't got no eyes. Ain't this a bitch! Back from the dead and I can't see shit.
Is this a big joke? Is Beatles Beatles some sort of fictious character they came up with to post stories they find on their own? Stop the madness! He IS mocking us~!!
I thought I saw you in line. Remember me? We met in the gas lines after the hurricane. I met your brother once in line for Styx tickets and your Uncle in another line for space mountain. Man I love waiting in lines....
This is still important however. From their wording it looks like they will be replicating hardware via "mathematical models". I think it shows a lot in that linux can provide a real time software drop in for various missile guidance hardware.
There was this story on slashdot a couple of months ago and was detracted by many as opterons being out of place in the real time market. I guess we see it does have use =P
I've always found books on Linux comedic. I took a linux class at my local college once. The book we used had been published 2 years earlier which is considered fairly new in academic circles. Factor in a lag time of when he wrote it. We were learning about programs which hadn't been maintained in so long it was almost impossible to google 'em! I think the book was "Learning linux in 24 hours". This has been my general experience with books that discuss specific versions of software. I bet I can go to my local Borders and find Linux books based on KDE 1. I always take flac for it, but I just can't beat online documentation.
I run Linux on old hardware all the time. And every damn time I bang my head and say never again. Here's the most common problems I've run into and it makes it almost not worth the time.
CD roms that won't read burned Cds are the worst. Well, they sorta will. Just enough to frustrate the hell out of you. Getting half way through the install and then getting i/o errors. Pulling your hair as to why it won't install right. You realize it's the CD-rom. You switch to floppies. Floppies have a horrible shelf life. Don't even waste your time finding old AOL floppies to boot from. You'll pull your hair out even more than the CD roms. In reality, new floppies aren't the sort of thing sitting on every desk like 10 years ago. Some people have new ones sitting around. However, even if you do have new ones, a lot new machines don't even come with floppy drives anymore. Good luck creating your bootdisk.
Then the fun beings... the hard drive. Bad sectors hiding everywhere. They don't pop up until you've installed it and a week later wonder why postfix keeps crashing. Bad ram. An old machine is probably going to be using SD-ram. Have you seen SD-ram prices lately? It's freakin expensive. It's way more than DDR. We have some old RD-ram boxes we were going to use and those prices were more than a new computer alone. That covers moving parts. Then there's power supplies in form factors that aren't used anymore. CPU's and motherboards that haven't been produced in years. PCI video cards. Drivers. Don't even get me started...
I've had so many issues trying to work with old hardware I've just stopped trying. It's really not worth the frustration you'll go through. Old PC's with an AGP slot and popular hardware (P2 or P3 w/ Asus mobo and Voodoo card) aren't so bad. You'll generally have about 80% success rate with those which is worth a try. Weird chipsets on an old dell machine... don't even waste your time. Old laptops? Don't waste your time. Any old machine that needs more than 2 parts replaced, don't waste your time.
I'm not one just to throw money out to the wind, but I'll buy a 250 dollar new PC before wasting a week trying to get a POS to work. I've come to love mini itx machines. You can get a system as cheap as 150 bucks with new hardware fully linux compatable, a fraction the size, quiet, and super low power.
Yes, linux can run on extremely slow hardware. But does that mean we should pull every POS machine out of the garbage and try to get linux on it?
The first article could have been written with xbox 360 replaced with any console from the last 3 generations. Old gamers will generally think the games of their time are the best. In reality, the 2600 had a myriad of horrible games. Out of that there were a few good games. The bad games are fogotten and the good ones embraced.
Same goes for the NES. I still play NES games on emulators to this day. However, going to vimm.net and playing some of those games makes me shudder. There were some horrible ones.
The last generation of systems had some terrible games too. But there were some gems. Maybe the idea is that the gems are becoming fewer and far between? I can agree with that. The only company still making a console that I find puts out really enjoyable games is Nintendo. I was playing the new Mario Party the other day and someone brought up a point. On what other system can you spend a whole day enjoying a game designed for 8 year olds? Nintendo still produces games today that I would put head to head in enjoyablity with the 2600.
As for the second article... Have we missed the whole point of the gaming console? Gaming consoles have one purpose. It isn't the GUI (dvorak). It isn't for the graphics. It isn't for the startup music. It isn't for the cool factor. It's definately not for the weight. It's about games. I bought a PC for my PC needs. I bought a home theater for my multimedia needs. Why is my console going to be judged on the same criteria as the previous two?
And in reality you can't judge a system in it's first months out of the gate. In ten years, no one's going to care about the initial launch. If the games are still lame in a year, then write the system off. It's really too soon to say.
There's always this talk running around about how google is taking over the world. You know what? SO WHAT! The only people google are adversly affecting here are other giant corporations. And they are the ones with the loud mouths shouting to reporters how evil google is. In reality, we live in the age of the giant corporation. One way or the other, these giant organizations are going to control major parts of your life. I would _much_ rather have google a major part of my life than microsoft, ebay, aol, or comcast. They are just being whiney little bitches because google's business practices are much better than theirs. They are scared people will come to expect that kind of business.
This is their thought process...
OMG, google is serving their customers in a postive way?!! You don't fucking say! Well we need to put a stop to this shit right away. The nerve of them. Who they think they are!? Don't they know that not stuffing DRM and standards non-compliance into your product is the first no-no! You must take away all rights of the consumer. The consumer is to be told what they want and need. Google is giving them choices!?!? Next thing you know, they'll grow spines and start making decisions for themselves. We can't have that shit!!
Argument A: Slackware doesn't matter anymore.
So what if it matters! There are a lot of distributions out there that don't matter, yet people seem to find good use for them. A lot of people are still finding good use for it. Because of that, it does matter. So what if it matters to you.
Argument B: Slackware does matter, and here's why
You shouldn't return a troll with a troll. Talking about how much more elitist your distribution is doesn't help your cause one bit. I've used slackware before for an extended period of time. It was no better or worse than others. It was no more difficult or easy than others. I'm glad you like and and still find use for it, but really it's nothing special. There's only a select few distributions that really do anything innovative or special. The rest are either speciality distros or just garbage. Sorry to say Slackware isn't really considered a general purpose distribution anymore. Get over it. That doesn't mean your distribution is bad. It just doesn't serve the same purpose it did ten years ago.
I think the correct term would be African American bubble
There is just a level of service provided by my fellow americans that can not compete. Mostly it has to do with language. The Indians can speak great english. They even teach them american accents. However, they generally don't understand slang terms. They won't ever deviate from their scripts. You can be 95% the way there to solving a problem yourself, and the second you get on the phone with them they make you start over. I cancelled my bellsouth account 4 times with an Indian call center and it never got properly cancelled. I forced them to put me on the phone with an American and it was done in 2 minutes.
It also seems the companies they work for just don't trust them. They rarely have any authority to do anything major to my account. They will transfer you 3-4 times to their superiors until you reach a level where they can maybe do what you need. And if there's an accounting screwup? Forget it. I have never run into a situtation where an Indian has the authority to credit my account.
wah wah wah, porkThreeWays, you're a racist. It has nothing to do with race. It has everything to do with communication. I worked at a call center here in Florida once (oddly enough, for Bellsouth). I ran into some of the deepest southern accents working those phones. And I would get complaint after complaint that they couldn't understand the Indian they were on the phone with for a half hour. There's just no substitute for localization. It's the same reason other countries despise us putting a McDonald's in their country. You can not assume everyone's adopted a global culture. Putting hamburgers into a country where cows are sacred is just as bad as putting an Indian on the phone in a country with such varying accents.
Definately funded by them. I found this interesting...
Novell has previously criticized Microsoft for selectively quoting from the reports and has encouraged potential Linux users to read the reports for themselves and come to their own conclusions, rather than relying on Microsoft analysis
If you read the whole reports you notice a trend. There's always some gotcha. Generally, they aren't very scientific. They're about as professional as a review on a blog. They take short cuts. Deviate from their original methods. Make assumptions. Are inconsistant.
Sadly though, most don't read the whole reports as they are generally hundreds of pages long and very esoteric.
According to the pdf, they had custom compiled versions of mysql and (eventually) glibc. This is concerning because the idea was to keep the system as RHEL as possible. It's very unscientific to do a study like this and deviate from the main package base on such important packages. Oh, ummm... what I said in question form.
Yes, they did a very wrong/illegal thing. However, it can be argued that the whole rootkit fiasco will be good for the consumer. The public is highly aware of this issue. They have also heard the word DRM a few times. Now everytime DRM is mentioned the consumer will say "I don't want your virus on my computer". So yes, it was a bad thing. But in the long run I think Sony's damaged the word DRM so badly that we will benefit from this accidental education of the average consumer. They've done something in one stupid move that we've been trying to for years!
- DROP the java front ends for everything. We get gray waiting for loadtimes.
Sometimes I think Sun really didn't think out the Java GUI experience very well before implementing it. The reason you get those blank screens during load times is how swing threads. It uses the same thread for event handling as for screen redrawing. From a programming stand point, I'm sure it makes it much simplier to use their API's for simple GUI's. However, when you've got tools written for system administration that will almost definatly take some time to process an event, it makes for a bad end user experience. Java is a great language. However, their poor implementation of the GUI API's makes the end user experience bad. And ultimately people who use java programs think the whole language sucks because of a bad user experience with the GUI.
I read that too and was shocked. Basically, they are rating the reliability of SLES 8 and 9 and RHEL 3 and 4 and custimizing it to the point where red hat and suse probably wouldn't support you anymore. Compiling your own MySQL you could get away with if it weren't a mysql related issue (however in this case since it's a database study it's very important). But Glibc!?!?! You have to be kidding me. Almost everything on a system depends on glibc and is arguably one of the most tested components on a system. Compiling your own Glibc on a whim would void any support you have with those companies. If done incorrectly it could render your system completely unusable.
In the PDF speaking about RHEL 4 including selinux compared to RHEL 3 which doesn't have selinux...
"The data indicated does not seem to indicate drastic security vulnerability improvement for RHEL 4"
I usually don't get pissed off about these Microsoft studies, but this is more than FUD. It's a lie. They compared the security patches for RHEL 3 and 4 over a 2 1/2 month perdiod. RHEL 4 had more. They indicate that selinux did not make RHEL 4 more secure. The point of selinux isn't to lessen the number of security advisories. IT'S ANOTHER FUCKING LAYER OF SECURITY. It's akin to a firewall or antivirus. It's exactly like saying "the month after microsoft released Windows defender, 38 new viruses were detected in the wild. The month before only 30 new viruses were found in the wild. Windows defender seems to have little effect on spyware and viruses." There's no connection. selinux would make it so a vulnerable piece of software would have a harder time being exploited and an even harder time getting total system control. A hole is a hole. Whether or not it is easily exploited or not doesn't matter. It needs to be patched regardless. If sendmail has a buffer overflow that selinux is able to mitigate, sendmail still needs to be patched. Whether or not they will be able to successfully exploit it is another question. It doesn't stop the fact that sendmail has a buff overflow.
You'd think a "professional" security agency would have more sense than that, but aparently not.
k thx get the lies campaign.