Existing Mac customers may not be interested in MacOS X on x86, but potential new MacOS X customers have no such reservations. The Mac hardware doesn't interest me one jot. MacOS X on x86 however does because it preserves my investment in my current hardware!
I would be very tempted indeed if MS Office on MacOS X could get me out of the MS Windows trap and onto a Unix based system that enjoyed the benefits of MS Office compatability & access to Quicktime.
So what I'm saying is that [you] are one market segment ; but I am completely different ; and we are both potential MacOS X users under the right conditions.
Like many folks I have permanent Internet access, so I have a Linux box that acts a Firewall, fileserver, email host, etc, etc.
Unlike most ISP's I get a static IP address, and have registered my own domain, so what I do is every time I have to give out my email for something, I invent a new email address and then just alias it to my real one which I keep secret. Take yesterday for example. I just got a new phone from CarPhoneWarehouse - they wanted an email address from me, so I invented "cpw1" and popped it in the aliases DB when I got home. This has two benefits:
1) If I start getting SPAM addressed to "cpw1", then I know who the villain is who gave it away.
2) All I have to do to stop it is to remove "cpw1" as an alias and they instantly hit the bit bucket.
This will be a godsend for me and a group of my friends. We're all 30-somethings that have been playing a set of D&D campains now for about 5 years in a world our DM has taken about 10 years to develop. Once per month we devote an entire day to get together and play. But due to changing circumstances it looks like our beloved DM will be emigrating from the UK and going to live in Colorado in the US. We're looking at possible ways we could keep the game going and Neverwinter Nights appears to be the strongest candidate. A number of us have broadband at home and we run a mixture of Windows & Linux. So if NN turns out to be as good as we all hope it is, our monthly tradition will be able to continue.
Then I'm afraid you'd be very wrong. Every big corporation I've worked at has held the ideal of having their MS Windows systems centrally managed, but in practice it never works very well, and I've experienced first hand one IT dept giving in to the task and emailing several hundred users instruction on how to install/upgrade apps themselves. You'd be horrified to know who that was, but I'm not at liberty to say.
This is an interesting point actually.. if you/we/I were running an IT dept looking after several hundred users all running Linux on the desktop, and we wanted to upgrade them to the latest version, what IT friendly tools are there to roll out the upgrade in as painless a manner as possible? By that I mean NOT by walking round each one with a CD in hand, but some form of automaticly triggered network install! And how do these compare to the tools a Windows Admin would use? Maybe I should ask this as a Slashdot question, as it's likely to be a big factor in Linux being accepted en-mass on corporate desktops.
I may be way off base here, and if so, someone please give me an education; but for the CPU and a peripheral to exchange some form of authentication doesn't the OS driver have to know about this and allow/facilitate it happening?
If so, then while I can see it taking place in an MS world, I can't see Open Source drivers willingly cooperating. Or the peripheral vendors allowing their authentication methods being made open to public scrutiny.
Logging is the recording of numbers dialed, and that's doable at a cost. Copying/recording the actual contents of the conversations, which is what most of the people reading this article *think* this is about, is NOT !!
I should know.. I've just spend the last few months putting together a 3 node GS160 (Wildfire) cluster running Tru64 Unix with 8.5 Terabytes of fibre storage, backed up to a Powderhorn Silo, for a large UK Telco (I'm being deliberately vague here). This beast is meant to handle the processing (for billing & reporting) of around 200 million call records/day.
I'm actually quite skeptical that the £3 million quoted in this article as a startup cost is anywhere near close to what it should be. That sounds a bit on the cheap side to me.
Good grief folks. They're not talking about copying every single email or recording every single conversation and then holding it for 7 years. They're talking about storing the LOGS of those events, i.e. a one record entry for each, probably a couple of KB's at most.
Copying/recording that data in full using todays technology would be virutally impossible. At the very least it would cost the telco's 10's if not 100's of millions to upgrade their switches to cope with it. God only knows how you'd then manage to store that kind of volume of data in a form that would actually be useful for anything!
Todays systems may be hot, but they're not THAT hot. At some point in the future when Quantum systems and quantum memory are available then perhaps!
So you want a Word Processor, Presenter and web browser that's tightly integrated with the desktop. I have just the solution for you.. it's called KDE !! It's everything you're asking for, so you're sure to love it;-)
This is where the quality/experience of the support people you employ factors in.
TS: See the icon on the desktop that looks like a clam shell?
U: Yes.
TS: That brings up the Unix Shell window, sort of like Microsofts Command Prompt window, so Click It.
U: Done.
TS: Now in that window, type the following, "procinfo" then press Return and read back to me what the first line says!
U: Blah blah...
i.e. You assume the person on the other end of the phone is merely an extension of your eyes and ears. You tell 'em what to type, roughly what to expect, and then they read back to you what they see. You make a mental adjustment each time based on the information you get back, and keep going until you have a handle on the problem. It's a skill, just like any other.
If your user can't even handle this, then ask them to put the secretary on the phone so you're dealing with someone who can actually type. I've actually had to do this in a past life when I came across someone who kept typing "lsSPACE-l".
Thanks Valdrax. That's the best description I've read describing the issues around Linux kernel design for SMP performance. A real GEM !! I learned a lot from your explanation that I didn't know before.
While the spreading of personal information in this manner in the UK maybe questionable under The Data Protection act (not sure on that one) or even under the "privacy" element of the newly introduced Human Rights Act; where I really think Motorola would come unstuck in the UK is under The Competition Act 1998.
This law helps to protect businesses from "being the victim of others anti-competative behaviour". It also has TEETH.. as a company convicted under this law can be fined 10% of their UK Turnover. More info on this can be found here:
http://www.oft.gov.uk/html/comp-act/
I also have a vague memory that this law (or one very much like it) falls under the jurisdiction of the European Commission. I believe Motorola's threatened behaviour would also be in breach of the Treatise Of Rome too !!
I'd really like to see them try this stunt over here. They'd get their legal butts kicked!
Macka
Re:Too little too late
on
Qt Going GPL
·
· Score: 1
What do you mean catch up? KDE is still 12 months ahead of Gnome on the development front, and has a much bigger user base. You're basing your statements on marketing rhetoric from the Gnome spin-meisters instead of looking at the facts.
I was told some years back from a member of the CDE development team that the collective backers of CDE (IBM, DEC, HP, SUN) spent $30 million to get CDE to V1.0.
The conclusion I draw from that is that big money doesn't always produce brilliant results.
Macka
-- The wonderful thing about standards, is that there's so many to choose from --
What does he mean, too small to be useful? I brought a PCG-C1XD about three months back and I absolutely love it. I got the upgrade to 128MB Ram and the larger 8 hour battery too. Now I charge overnight and run it off the battery all day. I don't even bother taking a power supply into work with me as I just don't need it. This little thing is fantastic. The keys have a lovely feel and the keyboard is large enough for me to touch type. The screen size works out very well for apps like Outlook 2000 and full screen web browsing. Even with the extra weight of the bigger battery it's still lighter than a regular laptop and because of the small size I've been able to use a relatively small, old DEC Hinote carry bag which is also stuffed with lots of other non-PC things I like to carry round. And it doesn't give me arm ache after half an hour.
This little beauty is definately the best PC purchase I've ever made, and it never fails to turn heads or provoke cooing noises when it's shown to someone for the first time.
I really think Sony will do very well if they can get a Crusoe chip in one of these things. The 8 hours I get right now is a huge benefit to me, and if they can match that with the default 2 hour battery they'll have a real winner on their hands.
Some 25 years ago, at the tender age of 10 I invented, at least for myself:-) the idea of space sales. I remember it quite clearly as I'd been round a friends house when I spotted this gadget on their window sill. It had a thin metal pole in the middle, with four paddles mounted horizontally to a rotating joint at the top of the pole. Each paddle was painted black on one side and white on the other. The whole thing was enclosed in a glass dome (I'm guessing there was a small vaccuum inside). When exposed to sunlight, the paddles would spin. It took me a little while to find out how it worked, and then a little longer to transfer that idea to a space ship, and resulted in me drawing a picture of The Solar Sail Powered Space Ship for a school project.
Not long after that I started to discover girls in a big way and all thoughts of sailing through space evapourated into the mists of childish fantasy.
This just about sums up the reason why I have stayed away from Debian. They may have a fantastic product, but I don't want my computing experience artifically limited for reasons that are non-technical.
I don't suppose it matters much anyway as there are other distributions that cater for my wants and needs. That's the nice thing about having a selection of distributions to choose from that differentiate themselves by targeting different audiences. Debian are quite unique in this regard too in that their differentiator is that they shape their product according to a perception of ethics rather than a money driven desire for market share. How many commercial companies can you think of that behave that way?
So though I am not a Debian user, I'm happy that they exist. Wouldn't the Linux experience be a boring one if all the distributions were the same.
Well, if we can't get a free player, then at least we have a number of large linux companies in the game now with large numbers of $$$ at their disposal. They could use some of that cash to pay for a commercial port if one cannot be gotten elsewhere.
I know some people will disagree with me on this, but I personally believe that it's better to have a binary solution than no solution at all. Hobsons choice, 'n all that.
Well, you're right of cause. But then the human element is always the weak link in any security system. However, it doesn't just apply to text, it could be graphical data, formulas, whatever. And having to manually transfer whatever you're copying could be a long winded process, so slowing things down by eliminating a quick cut'n paste does have value.
Yesterday I only skipped quickly over the mechanisms a CMW X session and GUI have to implement. It's more involved than I described (I only wanted to give you a taste). In addition to Windows having SL's, the root window has a label with a security level attached to it. So does the keyboard and so does the mouse. There are also another set of labels called IL's (Information Labels) which change according to whatever data is being viewed at the time. Restrictions can be placed on how IL's are manipulated too.
The point I was trying to make is that working in this kind of environment is a whole new ball game compared to C2 or traditional Unix security, even from a users point of view. GUI's need to be modified so that they are aware of all these mechanism and follow the restrictions they impose. The standards that define how a CMW workstation operates also dictate that SL's and IL's present for different elements of the screen are also displayed (and often colour coded: Red for Top Secret, Green for Unclassified, etc). So the window manager has to display this, not just for the window, but also pull down menus, dialogue widgets, the lot.
I've not seen this implemented in a GUI file manager yet. That would be quite a challenge I'm sure.
There have been quite a few "secure unix" systems produced and B1 certified. HP, Concurent, Harris, DEC all come to mind. But in all of these cases they started with a secure kernel and then layered Posix on top of it to make it look like Unix
Sorry, but this is not true at all. DEC MLS+ was based on a modified version of the base Unix kernel. Back in the early days of DEC MLS+ it was a long term goal to have B1/CMW functionality available as an installable subset that could be layered on top of the commercial unix product. It could have achieved that in the end as most of the MLS+ specific source code got merged in with the base OS source code, but just ifdef'd out so it wouldn't build into the base product.
Last I heard DEC MLS+ was being retired, with MLS+ V4.0D (or V4.0E) to be the last version. Don't take that as gospel though, plans do change.
Beefing up Linux to C2 will be a great thing for commercial interest/acceptance, and only small changes to existing GUI interfaces would be needed to accomodate that (adding ACL options to widgets that display/manipulate file permissions).
B1 however is a different kettle of fish. GUI's like KDE, GNOME, and others would have to be extensively modified to work properly (if at all) in a B1 environment. The standard for this is called CMW (Compartmented Mode Workstation). Commercial products like DEC MLS+ are implementations of B1/CMW on top of the standard Unix product. I don't know what SUN's is called, but they do the same.
This also applies to almost anything else that is not part of the kernel, eg:
* TSIX instead of TCP/IP, which automaticly excludes you from participating in non B1 DNS environments, and allows you to configure networks restricting communication between systems of the same SL (Security Level) or perhaps SL's that yours dominates (with the appropriate kernel privs enabled).
* A new filesystem, or extensions to an existing filesystem, to make it multilevel aware. That way, when you cd(1) into a directory that contains files that have a higher SL than you have Clearance to access, you don't see them. Not from an ls(1) or by any other C hackery you can conjure up, because they are blocked at the filesystem level.
* A new multilevel print environment, so that for example files with an SL of "Top Secret" cannot be printed out on printers that don't have the same or higher SL (eg, Secret, Confidential, Unclassified, or whatever they have been called in the environment you're in).
* Getting back to CMW again. On a B1/CMW workstation where the GUI is multilevel aware, if you have logged in selecting an SL of "Secret" (assuming you have Clearance for this) and you open a terminal window with that SL, then open another terminal window with a lower SL, eg "Unclassified" then you will NOT be able to cut and paste text from the Secret window to the Unclassified window (unless you have privs allowing you to override this AND they are turned on). GUI's that are not multi-level aware (like all the ones that currently exist) would only be able to work as they stand on one SL at a time. If you wanted to work with files (or viewable data) at a higher SL than the one you were logged in on, you'd have to log right out and log in again at the higher SL.
Working with B1 and CMW can be very complicated. Designing and setting up an environment that has all these features is even worse. Which is probably why B1 has never caught on in the commercial world. Applications not specificly written or modified to run in a multi-level environment, can only operate on one level at a time (ie: the level they are start at) which often defeats the object of having a multilevel enviromnent in the first place.
Maybe Linux could shine here though. Last I heard (maybe it's changed again:-) DEC MLS+ from Compaq was being wound down. What killed it was the lack of applications that could run on it properly because they needed significant re-engineering to be multilevel aware (read huge cost!). Because the source of most linux apps are open, this would not be such a huge barrier to overcome. It will be interesting to wait and see.
YAST2 is just the new GUI installer, which I did use and liked a lot. Once you're done and the system is up you're back to using the old Yast for post install system setup and configuration.
Slashdot Mirror
Existing Mac customers may not be interested in MacOS X on x86, but potential new MacOS X customers have no such reservations. The Mac hardware doesn't interest me one jot. MacOS X on x86 however does because it preserves my investment in my current hardware!
I would be very tempted indeed if MS Office on MacOS X could get me out of the MS Windows trap and onto a Unix based system that enjoyed the benefits of MS Office compatability & access to Quicktime.
So what I'm saying is that [you] are one market segment ; but I am completely different ; and we are both potential MacOS X users under the right conditions.
Macka
Like many folks I have permanent Internet access, so I have a Linux box that acts a Firewall, fileserver, email host, etc, etc.
Unlike most ISP's I get a static IP address, and have registered my own domain, so what I do is every time I have to give out my email for something, I invent a new email address and then just alias it to my real one which I keep secret. Take yesterday for example. I just got a new phone from CarPhoneWarehouse - they wanted an email address from me, so I invented "cpw1" and popped it in the aliases DB when I got home. This has two benefits:
1) If I start getting SPAM addressed to "cpw1", then I know who the villain is who gave it away.
2) All I have to do to stop it is to remove "cpw1" as an alias and they instantly hit the bit bucket.
:-)
Macka
This will be a godsend for me and a group of my friends. We're all 30-somethings that have been playing a set of D&D campains now for about 5 years in a world our DM has taken about 10 years to develop. Once per month we devote an entire day to get together and play. But due to changing circumstances it looks like our beloved DM will be emigrating from the UK and going to live in Colorado in the US. We're looking at possible ways we could keep the game going and Neverwinter Nights appears to be the strongest candidate. A number of us have broadband at home and we run a mixture of Windows & Linux. So if NN turns out to be as good as we all hope it is, our monthly tradition will be able to continue.
More power to you Bioware
Macka
Then I'm afraid you'd be very wrong. Every big corporation I've worked at has held the ideal of having their MS Windows systems centrally managed, but in practice it never works very well, and I've experienced first hand one IT dept giving in to the task and emailing several hundred users instruction on how to install/upgrade apps themselves. You'd be horrified to know who that was, but I'm not at liberty to say.
.. if you/we/I were running an IT dept looking after several hundred users all running Linux on the desktop, and we wanted to upgrade them to the latest version, what IT friendly tools are there to roll out the upgrade in as painless a manner as possible? By that I mean NOT by walking round each one with a CD in hand, but some form of automaticly triggered network install! And how do these compare to the tools a Windows Admin would use? Maybe I should ask this as a Slashdot question, as it's likely to be a big factor in Linux being accepted en-mass on corporate desktops.
This is an interesting point actually
Anyone got any ideas?
Macka
To fuel the "Judder" drive
Macka
I may be way off base here, and if so, someone please give me an education; but for the CPU and a peripheral to exchange some form of authentication doesn't the OS driver have to know about this and allow/facilitate it happening?
If so, then while I can see it taking place in an MS world, I can't see Open Source drivers willingly cooperating. Or the peripheral vendors allowing their authentication methods being made open to public scrutiny.
???
Macka
Macka
Must be your personal taste
Macka
Huh, That's what I said !!
.. I've just spend the last few months putting together a 3 node GS160 (Wildfire) cluster running Tru64 Unix with 8.5 Terabytes of fibre storage, backed up to a Powderhorn Silo, for a large UK Telco (I'm being deliberately vague here). This beast is meant to handle the processing (for billing & reporting) of around 200 million call records/day.
Logging is the recording of numbers dialed, and that's doable at a cost. Copying/recording the actual contents of the conversations, which is what most of the people reading this article *think* this is about, is NOT !!
I should know
I'm actually quite skeptical that the £3 million quoted in this article as a startup cost is anywhere near close to what it should be. That sounds a bit on the cheap side to me.
Macka
Good grief folks. They're not talking about copying every single email or recording every single conversation and then holding it for 7 years. They're talking about storing the LOGS of those events, i.e. a one record entry for each, probably a couple of KB's at most.
Copying/recording that data in full using todays technology would be virutally impossible. At the very least it would cost the telco's 10's if not 100's of millions to upgrade their switches to cope with it. God only knows how you'd then manage to store that kind of volume of data in a form that would actually be useful for anything!
Todays systems may be hot, but they're not THAT hot. At some point in the future when Quantum systems and quantum memory are available then perhaps!
Macka
So you want a Word Processor, Presenter and web browser that's tightly integrated with the desktop. I have just the solution for you .. it's called KDE !! It's everything you're asking for, so you're sure to love it ;-)
Macka
This is where the quality/experience of the support people you employ factors in.
...
TS: See the icon on the desktop that looks like a clam shell?
U: Yes.
TS: That brings up the Unix Shell window, sort of like Microsofts Command Prompt window, so Click It.
U: Done.
TS: Now in that window, type the following, "procinfo" then press Return and read back to me what the first line says!
U: Blah blah
i.e. You assume the person on the other end of the phone is merely an extension of your eyes and ears. You tell 'em what to type, roughly what to expect, and then they read back to you what they see. You make a mental adjustment each time based on the information you get back, and keep going until you have a handle on the problem. It's a skill, just like any other.
If your user can't even handle this, then ask them to put the secretary on the phone so you're dealing with someone who can actually type. I've actually had to do this in a past life when I came across someone who kept typing "lsSPACE-l".
Macka
Thanks Valdrax. That's the best description I've read describing the issues around Linux kernel design for SMP performance. A real GEM !! I learned a lot from your explanation that I didn't know before.
Macka
While the spreading of personal information in this manner in the UK maybe questionable under The Data Protection act (not sure on that one) or even under the "privacy" element of the newly introduced Human Rights Act; where I really think Motorola would come unstuck in the UK is under The Competition Act 1998.
This law helps to protect businesses from "being the victim of others anti-competative behaviour". It also has TEETH
http://www.oft.gov.uk/html/comp-act/
I also have a vague memory that this law (or one very much like it) falls under the jurisdiction of the European Commission. I believe Motorola's threatened behaviour would also be in breach of the Treatise Of Rome too !!
I'd really like to see them try this stunt over here. They'd get their legal butts kicked!
Macka
What do you mean catch up? KDE is still 12 months ahead of Gnome on the development front, and has a much bigger user base. You're basing your statements on marketing rhetoric from the Gnome spin-meisters instead of looking at the facts.
Macka
I was told some years back from a member of the CDE development team that the collective backers of CDE (IBM, DEC, HP, SUN) spent $30 million to get CDE to V1.0.
The conclusion I draw from that is that big money doesn't always produce brilliant results.
Macka
-- The wonderful thing about standards, is that there's so many to choose from --
What does he mean, too small to be useful? I brought a PCG-C1XD about three months back and I absolutely love it. I got the upgrade to 128MB Ram and the larger 8 hour battery too. Now I charge overnight and run it off the battery all day. I don't even bother taking a power supply into work with me as I just don't need it. This little thing is fantastic. The keys have a lovely feel and the keyboard is large enough for me to touch type. The screen size works out very well for apps like Outlook 2000 and full screen web browsing. Even with the extra weight of the bigger battery it's still lighter than a regular laptop and because of the small size I've been able to use a relatively small, old DEC Hinote carry bag which is also stuffed with lots of other non-PC things I like to carry round. And it doesn't give me arm ache after half an hour.
This little beauty is definately the best PC purchase I've ever made, and it never fails to turn heads or provoke cooing noises when it's shown to someone for the first time.
I really think Sony will do very well if they can get a Crusoe chip in one of these things. The 8 hours I get right now is a huge benefit to me, and if they can match that with the default 2 hour battery they'll have a real winner on their hands.
Macka
Some 25 years ago, at the tender age of 10 I invented, at least for myself :-) the idea of space sales. I remember it quite clearly as I'd been round a friends house when I spotted this gadget on their window sill. It had a thin metal pole in the middle, with four paddles mounted horizontally to a rotating joint at the top of the pole. Each paddle was painted black on one side and white on the other. The whole thing was enclosed in a glass dome (I'm guessing there was a small vaccuum inside). When exposed to sunlight, the paddles would spin. It took me a little while to find out how it worked, and then a little longer to transfer that idea to a space ship, and resulted in me drawing a picture of The Solar Sail Powered Space Ship for a school project.
Not long after that I started to discover girls in a big way and all thoughts of sailing through space evapourated into the mists of childish fantasy.
Macka
This is pure scaremongering and a complete waste of Slashdots bandwidth.
Was the world a little short on real stories to publish today?
Macka
This just about sums up the reason why I have stayed away from Debian. They may have a fantastic product, but I don't want my computing experience artifically limited for reasons that are non-technical.
I don't suppose it matters much anyway as there are other distributions that cater for my wants and needs. That's the nice thing about having a selection of distributions to choose from that differentiate themselves by targeting different audiences. Debian are quite unique in this regard too in that their differentiator is that they shape their product according to a perception of ethics rather than a money driven desire for market share. How many commercial companies can you think of that behave that way?
So though I am not a Debian user, I'm happy that they exist. Wouldn't the Linux experience be a boring one if all the distributions were the same.
Macka
Well, if we can't get a free player, then at least we have a number of large linux companies in the game now with large numbers of $$$ at their disposal. They could use some of that cash to pay for a commercial port if one cannot be gotten elsewhere.
I know some people will disagree with me on this, but I personally believe that it's better to have a binary solution than no solution at all. Hobsons choice, 'n all that.
Macka
Well, you're right of cause. But then the human element is always the weak link in any security system. However, it doesn't just apply to text, it could be graphical data, formulas, whatever. And having to manually transfer whatever you're copying could be a long winded process, so slowing things down by eliminating a quick cut'n paste does have value.
Yesterday I only skipped quickly over the mechanisms a CMW X session and GUI have to implement. It's more involved than I described (I only wanted to give you a taste). In addition to Windows having SL's, the root window has a label with a security level attached to it. So does the keyboard and so does the mouse. There are also another set of labels called IL's (Information Labels) which change according to whatever data is being viewed at the time. Restrictions can be placed on how IL's are manipulated too.
The point I was trying to make is that working in this kind of environment is a whole new ball game compared to C2 or traditional Unix security, even from a users point of view. GUI's need to be modified so that they are aware of all these mechanism and follow the restrictions they impose. The standards that define how a CMW workstation operates also dictate that SL's and IL's present for different elements of the screen are also displayed (and often colour coded: Red for Top Secret, Green for Unclassified, etc). So the window manager has to display this, not just for the window, but also pull down menus, dialogue widgets, the lot.
I've not seen this implemented in a GUI file manager yet. That would be quite a challenge I'm sure.
Macka
Sorry, but this is not true at all. DEC MLS+ was based on a modified version of the base Unix kernel. Back in the early days of DEC MLS+ it was a long term goal to have B1/CMW functionality available as an installable subset that could be layered on top of the commercial unix product. It could have achieved that in the end as most of the MLS+ specific source code got merged in with the base OS source code, but just ifdef'd out so it wouldn't build into the base product.
Last I heard DEC MLS+ was being retired, with MLS+ V4.0D (or V4.0E) to be the last version. Don't take that as gospel though, plans do change.
Macka
Beefing up Linux to C2 will be a great thing for commercial interest/acceptance, and only small changes to existing GUI interfaces would be needed to accomodate that (adding ACL options to widgets that display/manipulate file permissions).
B1 however is a different kettle of fish. GUI's like KDE, GNOME, and others would have to be extensively modified to work properly (if at all) in a B1 environment. The standard for this is called CMW (Compartmented Mode Workstation). Commercial products like DEC MLS+ are implementations of B1/CMW on top of the standard Unix product. I don't know what SUN's is called, but they do the same.
This also applies to almost anything else that is not part of the kernel, eg:
* TSIX instead of TCP/IP, which automaticly excludes you from participating in non B1 DNS environments, and allows you to configure networks restricting communication between systems of the same SL (Security Level) or perhaps SL's that yours dominates (with the appropriate kernel privs enabled).
* A new filesystem, or extensions to an existing filesystem, to make it multilevel aware. That way, when you cd(1) into a directory that contains files that have a higher SL than you have Clearance to access, you don't see them. Not from an ls(1) or by any other C hackery you can conjure up, because they are blocked at the filesystem level.
* A new multilevel print environment, so that for example files with an SL of "Top Secret" cannot be printed out on printers that don't have the same or higher SL (eg, Secret, Confidential, Unclassified, or whatever they have been called in the environment you're in).
* Getting back to CMW again. On a B1/CMW workstation where the GUI is multilevel aware, if you have logged in selecting an SL of "Secret" (assuming you have Clearance for this) and you open a terminal window with that SL, then open another terminal window with a lower SL, eg "Unclassified" then you will NOT be able to cut and paste text from the Secret window to the Unclassified window (unless you have privs allowing you to override this AND they are turned on). GUI's that are not multi-level aware (like all the ones that currently exist) would only be able to work as they stand on one SL at a time. If you wanted to work with files (or viewable data) at a higher SL than the one you were logged in on, you'd have to log right out and log in again at the higher SL.
Working with B1 and CMW can be very complicated. Designing and setting up an environment that has all these features is even worse. Which is probably why B1 has never caught on in the commercial world. Applications not specificly written or modified to run in a multi-level environment, can only operate on one level at a time (ie: the level they are start at) which often defeats the object of having a multilevel enviromnent in the first place.
Maybe Linux could shine here though. Last I heard (maybe it's changed again
Macka
YAST2 is just the new GUI installer, which I did use and liked a lot. Once you're done and the system is up you're back to using the old Yast for post install system setup and configuration.
Macka