Bonch is either a silly troll, or extremely stupid. He seems to think that Slashdot is one guy, or maybe two (him and everyone else). He regularly accuses the Slashdot crowd of hypocrisy without even contemplating the possibility that different subsets of the Slashdot crowd reads and comments different articles, and has wildly varying opinions.
Microsoft did not create Samba, since Samba is an implementation of the SMB protocol for *nix systems. And SMB was not created by Microsoft either, but by IBM. But Microsoft did use the SMB protocol for the Windows File Sharing services. Other people had to reverse-engineer the protocol to be able to create Samba, which was expressly created to allow Unix systems to interoperate with Windows systems, which hardly was in Microsoft's interest.
it has became such a standard that even on UNIX boxes, it has edged out NFS.
It has? That's news to me. But still, if I understand correctly, the Samba team has created an overlay protocol on top of SMB to support such things as Unix file ownership and access rights, so that Samba could be usable even for *nix to *nix file access. This protocol is only used if both systems are *nix systems though. Without this support, Samba wouldn't be less useful for this scenario.
And really, "did right"? Then why have I always gotten such lousy performances from SMB transfers? Compared to FTP (even in Windows), I've never gotten above some 60% of the corresponding FTP transfer rate.
The freedoms that the GPL guarantees are a breath of fresh air by comparison.
In addition, the GPL is one single license used by many projects. I have read it, so I don't need to read it for every new GPL-licensed project that I use. This is contrary to proprietary software licenses where every vendor seems to write their own EULA. You cannot know what some random vendor will put in the license without reading it.
It would be nice if proprietary software vendors could agree on using one of a small number of EULAs, so that you don't have to read each one. The same applies to ToS agreements required by certain web sites. And all this while time and again, vendors and media complain about license proliferation in F/OSS. I'd like to ask them to clean up their own back yards first.
If only they had released GPLv2 under GPLv2, then you could fork it yourself.
You can, but you cannot call your new license the GNU GPL v2.1, and it won't be a successor with regard to the "or any later version" clause. It will be a completely separate license, which you can use to license your own code. It is unlikely to be compatible with the GPL, so you wouldn't be able to combine it with GPL software (except for mere aggregation).
I can guarantee that the results you would get from Google would be vastly worse than now if their search algorithms were public.
I thought that their algorithms were patented, so their workings shouldn't be a secret (patents are public, after all). But of course, what they patent is one thing, and what they implement may be quite another matter. They could patent the foudation, but introduce (secret) nuances in the implementation to make your job difficult.
Where I work, we don't have that problem. We have a bunch of HTTPS-enabled sites, but those are just localized versions of our company site, running under different top-level domains. Thus, we do not need to be ashamed of the fact that all those host names are listed in our multidomain certificate.
I never said that it would be easy on a shared web host, but it is very doable if you have your own IP and several domains you need to serve through HTTPS. Where I work, we have our own rack at a colocation facility, with our own web server and a bunch of domains we need to serve through HTTPS, and we do it with one multidomain certificate and one wildcard certificate.
that's why HTTPS virtual hosts is difficult to implement.
It isn't difficult to implement, you just need a special type of certificate. Multi-domain certificates are available from several different vendors, and if you don't care about having a well-known CA sign it, you can generate one yourself with OpenSSL. What you need is to ignore the Common Name (CN) field of the certificate, and instead use the X509v3 extension field SubjectAltName to specify your list of valid virtual host names.
If all virtual hosts are part of the same domain, you can use a wild-card certificate with the Common Name *.yourdomain.tld.
Because of this you can't have a bunch of VHosts running SSL on the same IP
Wrong. You can do that just fine. It does require the X509v3 extension subjectAltName to specify the list of valid host names for the certificate. That's what those multi-domain certificates that some CAs offer do. You are not alone in this misunderstanding though. The Apache developers obviously share it, since enabling name-based virtual hosts and SSL for the same virtual hosts gives a warning in the server log, although it works anyway.
maybe the certificate authority should simply kick insecure browsers regardless (is that passed to the certificate authority during verification of cert?)
Which clearly shows that you have no idea what you are talking about. The certificate authority isn't contacted when a browser tries to verify a certificate. Instead, it does this by looking through its local store of CA certificates, picking the public key of the CA that signed the certificate in question. The public key is then used to "decrypt" the signature embedded in the certificate being verified, which yields a cryptographic hash. This hash is compared with the hash generated by applying the same cryptographic hash function on the certificate in question. If they are the same, the certificate is considered validated.
In case of a certificate chain involving intermediate authorities, it's the site owner's task to supply all intermediate CA certificates between the server certificate and a well-known root CA. The browser verifies each certificate against the signing certificate one level up the chain, until the entire chain is validated.
But nowhere in this process is any CA contacted. And why should they decide what browser is secure or not? I wouldn't like them to decide that only Internet Explorer 6 is an acceptable browser to use.
Would this have blown your mind if you heard about it on September 14, 1998, the earliest priority date?
Heard about what? Hybrid cars? The first time I heard/read about a hybrid car was in the early 90's, when Volvo uncovered their Environmental Concept Car (ECC), which was powered by a gas turbine engine combined with an electric motor and batteries.
Attachments aren't generally bad, so advising users to never open attachments at all simply denies them functionality that has good uses too. Yes, some file formats can contain malware. Yes, some email applications are (or even more so, were) stupid in assuming that all email senders are good guys. But that shouldn't preclude users from sending emails with attached documents. They should, though, be cautious about opening attachments from unknown senders, preferably ignoring attachments in dangerous formats.
Yes, it would be nice if people could stop sending bulky attachments through email, but I've pretty much lost hope that this will happen in the foreseeable future. At work, we have a common area on our file servers where people can put documents, but even with company-internal but otherwise unclassified documents, some people seem to much prefer sending a document attached as an email to 20 recipients instead of putting it in the common area and putting a location reference in the mail instead.
while Linux FF users have to wait for the update to show up in the repository
This is not because it's Linux, but because the browser is installed where the user does not have write permissions. If the user installs a binary Firefox release into his own home directory, Firefox is updated just like on consumer systems (i.e. where all users are administrators) running Windows. If Windows administrators install Firefox and restrict ordinary users from installing software, Firefox cannot be upgraded by the user, just like when using Firefox packaged by a Linux distributor.
US Immigration (usually polite enough, or at least efficient)
Unless you happen to land just after two 747s, one from Bombay and one from Islamabad. That wait too me three hours, and we had to really run fast to catch our connection. Our luggage didn't make it though, so it came with the next flight.
which killed less people than a month's worth of auto accidents in this country.
Not to mention common seasonal flu. In Sweden, 1000-2000 people die from seasonal flu annually, so if we multiply that with roughly 30 to compensate with the population difference between Sweden and the US, we get 30000-60000 annually, or some 2500-5000 a month. Those numbers may be very rough, but the order of magnitude should at least be pretty accurate.
I'd just like to see some resemblance of security on buses and trains. Buses certainly never check for guns or sharp pointy things.
Unlike aircraft, which can be used as missiles, especially trains have no such potential, and even more so if they are equipped with ATC. Sure, you can blow them up, which would be very bad for the passengers, but you can't drive them wherever you want. With ATC, you can't even run a red light, as the train is automatically braked before it can pose any harm to other trains. And with electric trains, even if you manage to bypass the ATC, the power can be disconnected by the press of a button.
Actually, I'd say that onboard security on trains won't do a thing, as you also need to protect the vast expanses of track, which is a pretty significant task. If malicious people cannot get on the trains themselves, they can cause disaster by dropping foreign objects on the tracks, or throwing rocks, etc, at the trains themselves. The problem of foreign objects on the tracks doesn't apply to buses (since they can steer around them), but just like trains, they can be attacked directly. These kinds of cases are much more common than the "terrorist on the train" (which is actually exceedingly uncommon), so efforts to increase safety for trains and buses have primarily been focused on increasing security in the areas that the trains and buses travel through.
From a statistical point of view, the U.S.-Canada border is the safest border in the world.
Excuse me, but there are other safe places in the world than the US, so until you have something to back that up, I'll take that as just another unsubstantiated claim based on the standard US-centric worldview.
I can really agree that it is probably the safest border in the US, or maybe even in North America. But how would it compare with e.g. the Sweden-Norway border? Or any intra-EU border?
there are at least 20 entry points at the northern border that are unmanned and simply have a phone there asking you tell them you are crossing the border.
Sounds like the customs booths at the Swedish terminals for the cruise ships between Sweden and Finland. Several times when I have passed, the booth has been unmanned, with a note asking you to call them if you have anything to declare.
But except for the note, that isn't really remarkable for the intra-Nordic borders, or even borders between countries in Europe in general. Traveling by car into Norway from Sweden, the only sign that you are passing a border is an unmanned hut and a road sign. Pretty much the same applies for the Sweden-Denmark border. The Denmark-Germany border was only a tad less nonexistent, there was a border guard but you only had to wave your passports at him to let you pass (a Sweden-registered car might have contributed though). As far as I can remember, the same roughly applies to the rest of western Europe.
Until the fall of the communist regimes in eastern Europe, crossing into or out from the east bloc was a quite different experience, somewhat like entering and leaving the United States actually, except the waiting times were even longer and the customs inspections were very thorough. Six hours after the ferry from Sweden had arrived, we finally passed customs.
In hindsight, the visits to communist Poland resulted in a few pretty hilarious memories, such as the one where we photographed an antique (compared with then-current Swedish standards) steam engine on the rail yard, only to be approached by a guard warning us that taking photographs of military secrets was forbidden.
it is like visiting Germany as a Jew in 1939. Goodwin or not, it is the truth for some.
It sure is. When my dad had a stopover in the US on the way home from a two-year project for Ericsson in South America in the 70's, he half-jokingly thought that he'd landed in the Soviet Union, because of the strict border controls. And it hadn't gotten better when I visited the US in 2001 and 2002. Still the silly forms asking if I was a member of the German Nazi party during WWII (yeah right, some forty years before I was born), etc, not to mention several hours waiting to pass first immigration and then customs. The latter reminded me of the long waiting times entering communist Poland in the 80's.
Wait! Do they say that modern gasoline powered cars have a range of 300 miles?
My question exactly. My parents have a Volvo S60, which can hold 70 liters of gas. On long-distance trips with a near-constant speed of about 100 km/h, the fuel consumption is about 7 liters per 100 km. Thus, the range is around 1000 km (621 miles).
You (or the Wine user who originally wrote that) obviously do not know what a page fault is. Hint: As the Wikipedia article says, page faults are not errors, they do not crash applications. They are signals from the hardware to the operating system that a requested memory page does not exist in RAM, and must be paged in from the backing store (swap, memory mapped file, binary image, etc). Page faults are not seen by applications.
You are likely thinking of the various kinds of protection faults instead.
Lastly, with programs written for users, consistancy is key. That means Microsoft and Apple both have strong incentives to provide a very consistant framework around which app developers write their programs.
There is no such thing in the Linux world, and Linux developers would be outraged if someone tried it.
Just like Apple and Microsoft, Gnome has Human Interface Guidelines (HIGs), and I'm pretty sure that KDE has them too. Unlike you, I think that Gnome and Apple applications follow their own HIGs pretty well, while Microsoft does not. For third-party applications, Gnome and GTK applications may be less consistent than applications developed within the Gnome project, while third-party Mac applications are surprisingly good at consistency. Third-party applications in Windows are even less consistent than Microsoft's own applications, and even those are hardly consistent with Microsoft's own HIGs.
Slashdot Mirror
Bonch is either a silly troll, or extremely stupid. He seems to think that Slashdot is one guy, or maybe two (him and everyone else). He regularly accuses the Slashdot crowd of hypocrisy without even contemplating the possibility that different subsets of the Slashdot crowd reads and comments different articles, and has wildly varying opinions.
Move along, nothing to see here.
The second thing Microsoft did right was samba.
Microsoft did not create Samba, since Samba is an implementation of the SMB protocol for *nix systems. And SMB was not created by Microsoft either, but by IBM. But Microsoft did use the SMB protocol for the Windows File Sharing services. Other people had to reverse-engineer the protocol to be able to create Samba, which was expressly created to allow Unix systems to interoperate with Windows systems, which hardly was in Microsoft's interest.
it has became such a standard that even on UNIX boxes, it has edged out NFS.
It has? That's news to me. But still, if I understand correctly, the Samba team has created an overlay protocol on top of SMB to support such things as Unix file ownership and access rights, so that Samba could be usable even for *nix to *nix file access. This protocol is only used if both systems are *nix systems though. Without this support, Samba wouldn't be less useful for this scenario.
And really, "did right"? Then why have I always gotten such lousy performances from SMB transfers? Compared to FTP (even in Windows), I've never gotten above some 60% of the corresponding FTP transfer rate.
The freedoms that the GPL guarantees are a breath of fresh air by comparison.
In addition, the GPL is one single license used by many projects. I have read it, so I don't need to read it for every new GPL-licensed project that I use. This is contrary to proprietary software licenses where every vendor seems to write their own EULA. You cannot know what some random vendor will put in the license without reading it.
It would be nice if proprietary software vendors could agree on using one of a small number of EULAs, so that you don't have to read each one. The same applies to ToS agreements required by certain web sites. And all this while time and again, vendors and media complain about license proliferation in F/OSS. I'd like to ask them to clean up their own back yards first.
If only they had released GPLv2 under GPLv2, then you could fork it yourself.
You can, but you cannot call your new license the GNU GPL v2.1, and it won't be a successor with regard to the "or any later version" clause. It will be a completely separate license, which you can use to license your own code. It is unlikely to be compatible with the GPL, so you wouldn't be able to combine it with GPL software (except for mere aggregation).
I can guarantee that the results you would get from Google would be vastly worse than now if their search algorithms were public.
I thought that their algorithms were patented, so their workings shouldn't be a secret (patents are public, after all). But of course, what they patent is one thing, and what they implement may be quite another matter. They could patent the foudation, but introduce (secret) nuances in the implementation to make your job difficult.
Where I work, we don't have that problem. We have a bunch of HTTPS-enabled sites, but those are just localized versions of our company site, running under different top-level domains. Thus, we do not need to be ashamed of the fact that all those host names are listed in our multidomain certificate.
I never said that it would be easy on a shared web host, but it is very doable if you have your own IP and several domains you need to serve through HTTPS. Where I work, we have our own rack at a colocation facility, with our own web server and a bunch of domains we need to serve through HTTPS, and we do it with one multidomain certificate and one wildcard certificate.
that's why HTTPS virtual hosts is difficult to implement.
It isn't difficult to implement, you just need a special type of certificate. Multi-domain certificates are available from several different vendors, and if you don't care about having a well-known CA sign it, you can generate one yourself with OpenSSL. What you need is to ignore the Common Name (CN) field of the certificate, and instead use the X509v3 extension field SubjectAltName to specify your list of valid virtual host names.
If all virtual hosts are part of the same domain, you can use a wild-card certificate with the Common Name *.yourdomain.tld.
Because of this you can't have a bunch of VHosts running SSL on the same IP
Wrong. You can do that just fine. It does require the X509v3 extension subjectAltName to specify the list of valid host names for the certificate. That's what those multi-domain certificates that some CAs offer do. You are not alone in this misunderstanding though. The Apache developers obviously share it, since enabling name-based virtual hosts and SSL for the same virtual hosts gives a warning in the server log, although it works anyway.
You still need one IP per certificate though.
maybe the certificate authority should simply kick insecure browsers regardless (is that passed to the certificate authority during verification of cert?)
Which clearly shows that you have no idea what you are talking about. The certificate authority isn't contacted when a browser tries to verify a certificate. Instead, it does this by looking through its local store of CA certificates, picking the public key of the CA that signed the certificate in question. The public key is then used to "decrypt" the signature embedded in the certificate being verified, which yields a cryptographic hash. This hash is compared with the hash generated by applying the same cryptographic hash function on the certificate in question. If they are the same, the certificate is considered validated.
In case of a certificate chain involving intermediate authorities, it's the site owner's task to supply all intermediate CA certificates between the server certificate and a well-known root CA. The browser verifies each certificate against the signing certificate one level up the chain, until the entire chain is validated.
But nowhere in this process is any CA contacted. And why should they decide what browser is secure or not? I wouldn't like them to decide that only Internet Explorer 6 is an acceptable browser to use.
Would this have blown your mind if you heard about it on September 14, 1998, the earliest priority date?
Heard about what? Hybrid cars? The first time I heard/read about a hybrid car was in the early 90's, when Volvo uncovered their Environmental Concept Car (ECC), which was powered by a gas turbine engine combined with an electric motor and batteries.
Never open emailed attachments.
Attachments aren't generally bad, so advising users to never open attachments at all simply denies them functionality that has good uses too. Yes, some file formats can contain malware. Yes, some email applications are (or even more so, were) stupid in assuming that all email senders are good guys. But that shouldn't preclude users from sending emails with attached documents. They should, though, be cautious about opening attachments from unknown senders, preferably ignoring attachments in dangerous formats.
Yes, it would be nice if people could stop sending bulky attachments through email, but I've pretty much lost hope that this will happen in the foreseeable future. At work, we have a common area on our file servers where people can put documents, but even with company-internal but otherwise unclassified documents, some people seem to much prefer sending a document attached as an email to 20 recipients instead of putting it in the common area and putting a location reference in the mail instead.
while Linux FF users have to wait for the update to show up in the repository
This is not because it's Linux, but because the browser is installed where the user does not have write permissions. If the user installs a binary Firefox release into his own home directory, Firefox is updated just like on consumer systems (i.e. where all users are administrators) running Windows. If Windows administrators install Firefox and restrict ordinary users from installing software, Firefox cannot be upgraded by the user, just like when using Firefox packaged by a Linux distributor.
a president that denies the Holocaust while inviting the world's most well known Holocaust-deniers and general racists to visit for conferences
While, according to the Daily Telegraph, having a jewish background himself.
US Immigration (usually polite enough, or at least efficient)
Unless you happen to land just after two 747s, one from Bombay and one from Islamabad. That wait too me three hours, and we had to really run fast to catch our connection. Our luggage didn't make it though, so it came with the next flight.
which killed less people than a month's worth of auto accidents in this country.
Not to mention common seasonal flu. In Sweden, 1000-2000 people die from seasonal flu annually, so if we multiply that with roughly 30 to compensate with the population difference between Sweden and the US, we get 30000-60000 annually, or some 2500-5000 a month. Those numbers may be very rough, but the order of magnitude should at least be pretty accurate.
I'd just like to see some resemblance of security on buses and trains. Buses certainly never check for guns or sharp pointy things.
Unlike aircraft, which can be used as missiles, especially trains have no such potential, and even more so if they are equipped with ATC. Sure, you can blow them up, which would be very bad for the passengers, but you can't drive them wherever you want. With ATC, you can't even run a red light, as the train is automatically braked before it can pose any harm to other trains. And with electric trains, even if you manage to bypass the ATC, the power can be disconnected by the press of a button.
Actually, I'd say that onboard security on trains won't do a thing, as you also need to protect the vast expanses of track, which is a pretty significant task. If malicious people cannot get on the trains themselves, they can cause disaster by dropping foreign objects on the tracks, or throwing rocks, etc, at the trains themselves. The problem of foreign objects on the tracks doesn't apply to buses (since they can steer around them), but just like trains, they can be attacked directly. These kinds of cases are much more common than the "terrorist on the train" (which is actually exceedingly uncommon), so efforts to increase safety for trains and buses have primarily been focused on increasing security in the areas that the trains and buses travel through.
From a statistical point of view, the U.S.-Canada border is the safest border in the world.
Excuse me, but there are other safe places in the world than the US, so until you have something to back that up, I'll take that as just another unsubstantiated claim based on the standard US-centric worldview.
I can really agree that it is probably the safest border in the US, or maybe even in North America. But how would it compare with e.g. the Sweden-Norway border? Or any intra-EU border?
there are at least 20 entry points at the northern border that are unmanned and simply have a phone there asking you tell them you are crossing the border.
Sounds like the customs booths at the Swedish terminals for the cruise ships between Sweden and Finland. Several times when I have passed, the booth has been unmanned, with a note asking you to call them if you have anything to declare.
But except for the note, that isn't really remarkable for the intra-Nordic borders, or even borders between countries in Europe in general. Traveling by car into Norway from Sweden, the only sign that you are passing a border is an unmanned hut and a road sign. Pretty much the same applies for the Sweden-Denmark border. The Denmark-Germany border was only a tad less nonexistent, there was a border guard but you only had to wave your passports at him to let you pass (a Sweden-registered car might have contributed though). As far as I can remember, the same roughly applies to the rest of western Europe.
Until the fall of the communist regimes in eastern Europe, crossing into or out from the east bloc was a quite different experience, somewhat like entering and leaving the United States actually, except the waiting times were even longer and the customs inspections were very thorough. Six hours after the ferry from Sweden had arrived, we finally passed customs.
In hindsight, the visits to communist Poland resulted in a few pretty hilarious memories, such as the one where we photographed an antique (compared with then-current Swedish standards) steam engine on the rail yard, only to be approached by a guard warning us that taking photographs of military secrets was forbidden.
it is like visiting Germany as a Jew in 1939. Goodwin or not, it is the truth for some.
It sure is. When my dad had a stopover in the US on the way home from a two-year project for Ericsson in South America in the 70's, he half-jokingly thought that he'd landed in the Soviet Union, because of the strict border controls. And it hadn't gotten better when I visited the US in 2001 and 2002. Still the silly forms asking if I was a member of the German Nazi party during WWII (yeah right, some forty years before I was born), etc, not to mention several hours waiting to pass first immigration and then customs. The latter reminded me of the long waiting times entering communist Poland in the 80's.
Wait! Do they say that modern gasoline powered cars have a range of 300 miles?
My question exactly. My parents have a Volvo S60, which can hold 70 liters of gas. On long-distance trips with a near-constant speed of about 100 km/h, the fuel consumption is about 7 liters per 100 km. Thus, the range is around 1000 km (621 miles).
Oh yeah, the game will page fault quite often
You (or the Wine user who originally wrote that) obviously do not know what a page fault is. Hint: As the Wikipedia article says, page faults are not errors, they do not crash applications. They are signals from the hardware to the operating system that a requested memory page does not exist in RAM, and must be paged in from the backing store (swap, memory mapped file, binary image, etc). Page faults are not seen by applications.
You are likely thinking of the various kinds of protection faults instead.
The law is one thing, while unilateral so-called EULAs are quite another. They may be valid in the US, but they are surely not valid everywhere.
Lastly, with programs written for users, consistancy is key. That means Microsoft and Apple both have strong incentives to provide a very consistant framework around which app developers write their programs.
There is no such thing in the Linux world, and Linux developers would be outraged if someone tried it.
Just like Apple and Microsoft, Gnome has Human Interface Guidelines (HIGs), and I'm pretty sure that KDE has them too. Unlike you, I think that Gnome and Apple applications follow their own HIGs pretty well, while Microsoft does not. For third-party applications, Gnome and GTK applications may be less consistent than applications developed within the Gnome project, while third-party Mac applications are surprisingly good at consistency. Third-party applications in Windows are even less consistent than Microsoft's own applications, and even those are hardly consistent with Microsoft's own HIGs.
Except its none of their business who owns a particular license after the first sale.