Slashdot Mirror


User: cbhacking

cbhacking's activity in the archive.

Stories
0
Comments
4,314
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 4,314

  1. Re:How does it compare to Ubuntu? on Mandriva Linux 2010 Is Finally Out · · Score: 3, Interesting

    Out of curiosity, does kdesu (the graphical privilege-elevation dialog) work yet? The last Kubuntu build I tried had kdesu set up to use `su` not `sudo` (it's a configuration option). Since [K]Ubuntu's root account is disabled by default, it doesn't matter what password you enter - su won't work.

    This was a blatantly obvious showstopper bug that requires literally a minute or two to fix. The fact that it shipped in a release version of Kubuntu was where I lost all faith in the distribution's QA efforts.

  2. Re:How does it compare to Ubuntu? on Mandriva Linux 2010 Is Finally Out · · Score: 5, Informative

    It's not for those whose primary concern is an idealistic and uncompromising free OS though

    Why not? They release a "Mandriva Free" ISO with every release, which contains only F/OSS software. You can install the proprietary stuff yourself if you want to, but the install media is about as "idealistic and uncompromising[ly] free" as any Debian GNU/Linux user could want.

  3. Re:Am I the only one who cares? on Mandriva Linux 2010 Is Finally Out · · Score: 3, Interesting

    I do too; it makes it easy to do the kinds of things a home user wants to do, without insulting your intelligence, requiring crazy and arcane knowledge, or being overly pushy with the Free Software approach (they offer a F/OSS-only download, but they also offer an ISO with the useful free-as-in-beer proprietary stuff bundled). Their releases are more frequent than openSuse's, I've never had the instability problems that I get with Fedora (seriously, Fedora 10 crashes whenever I manage to connect it to my network, haven't bothered trying it again since then), and I massively prefer its design philosophy and UI over that of Ubuntu.

  4. Re:How does it compare to Ubuntu? on Mandriva Linux 2010 Is Finally Out · · Score: 3, Interesting

    Umm... Mandriva is free. You *can* buy it boxed and get some support,etc., but for the average home user it doesn't cost a penny more than Ubuntu, Fedora, openSuse, or FreeDOS.

    It's also still a fairly dominant distro, and in my opinion is a better place to start if you don't want your OS to treat you like a total moron (every time I try and use Ubuntu, it just feels like it's insulting my intelligence). Mind you, for some people that's probably the appropriate design for an OS, but I'm personally quite happy with Mandriva (one of my computers is running 2009 Spring, I may try upgrading it).

  5. Re:Sucks To Be You on Google Betas Chrome 4, Touts 30% Speed Boost · · Score: 1

    how, pray tell, do you explain how properly-installed Linux has its rock-solid stability on such a wide variety of hardware?

    Well, to begin with, it really doesn't. Sure, some things work great, and if you stick to certain hardware and certain behaviors, you can have a fantastic experience.

    Or, if like me you use laptops with nVidia graphics, you may be mildly shocked to discover that any video driver that gives decent 3D acceleration (I've tried a variety of versions over several years, including testing F/OSS drivers to see if they support enough HW accel) completely screws up at least one aspect of power management. The usual victim is hibernate - I haven't been able to successfully enter hibernate in months. In a way that's preferable to what it did previously though, where you could enter hibernate but the system would hang indefinitely when trying to resume. There's also really no reason to run the GPU so hard - it drains the battery more quickly than Windows does, and probably isn't good for the longevity of the video card (an extremely annoying part to replace on a laptop). Then there's things like the way my web-cam only works about 50% of the time. For the real horror of hardware support/driver stability though, consider my first Linux laptop - the closest I ever got to functional WiFi on that thing caused a kernel panic roughly 30 seconds after I would modprobe the driver (although I could actually connect during that brief window). When I checked back a month later to see if there was an updated version, I found the project discontinued. No driver I've tried since then has even been able to associate with an access point correctly.

    Now, none of those issues I've had are technically Linux's fault, but they are definitely Linux's problem, in exactly the same way that all the unstable shit that OEMs shovel onto their boxes (which often include completely unnecessary drivers that cause crashes) aren't Microsoft's fault but nonetheless give Windows a bad name. On the other hand, somebody who only uses a clean (non-OEM) Windows installation and only installs required drivers will find that, barring hardware faults, it's quite possible to use Windows for years without a singe crash. Oh, and for the record, I have a friend with a Mac Pro (G5 PPC, not Intel) that will kernel panic if he leaves the computer idle for more than about 2 minutes at WarCraft 3 victory display while in full-screen mode. It's repeatable, there's no indication that it's a hardware glitch (doesn't happen in other programs, and he's tried replacing the hardware), and we're talking about a user-mode program that doesn't even run as root; there's *NO* way it should bring down the whole OS, but it nonetheless will unless he remembers to switch to windowed mode or exit the victory screen.

  6. Re:Firewall? on In Test, Windows 7 Vulnerable To 8 Out of 10 Viruses · · Score: 1

    The firewall is absolutely enabled by default on Vista and Win7, and the Security Center monitor will scream at you quite persistently if you turn it off. By default it is set to auto-allow outbound connections, but inbound connections (the ones you usually worry about) are denied by default.

    Editing these settings requires Admin privileges. Just because a keylogger can run as a non-admin doesn't mean it can change your system configuration (although it can, unless you've locked down the outbound firewall as well, send reports of your actions to an external server).

  7. Re:MS did by default on In Test, Windows 7 Vulnerable To 8 Out of 10 Viruses · · Score: 1

    This is actually incorrect, although not many people ever even bothered to check for UAC settings in Vista. You can extensively configure UAC behavior in Vista, ranging from leaving it on but setting it to auto-elevate any program that asks (still better than turning it off) to requiring an Administrator's password for every UAC prompt (like a strict sudo configuration might do). You can control whether the Secure Desktop (that grey screen, which while active prevents other programs from interacting with anything on it) is used for UAC prompts or not (this is one of the now-easily-accessible options in Win7, but it's not actually new). You can turn off automatic detection of "installer" programs that Windows suspects want to run elevated but are old enough that their binary lacks the metadata to say so (turning this off slightly speeds up program loading and makes it possible to run some programs as a standard user when Windows would otherwise ask to elevate them).

    These settings, and many others, are located in the Local Security Policy snap-in for the Management Console. Running "secpol.msc" is one way to access this interface. They're presumably also stored int he registry somewhere, but I haven't bothered to hunt them down there.

    Also, as jpmorgan points out, the reason some programs no longer display UAC prompts before elevating is because they are Microsoft-signed Windows binaries found on a UAC white-list. It has nothing to do with user-initiated actions; software can easily mimic such actions.

  8. Re:But UAC works perfectly fine at frustrating me! on In Test, Windows 7 Vulnerable To 8 Out of 10 Viruses · · Score: 1

    Wow... people like you are a clear sign that UAC is too easy to disable. There are MANY ways around what you faced, most of them simply common sense. On any tech forum with a less blatant anti-MS bias, you'd probably be laughed off the page as a troll, unfortunately some mods apparently think that even though you apparently can't tell an ACL from your ankle, you've nonetheless created an "informative" post.

    • Have you ever considered running your editor as an Administrator? Believe it or not, this allows you to edit files that only Admin has write access to! Right-click is your friend here.
    • Are you suggesting that Windows should have known you were going to want to edit the HOSTS file and required Admin before opening it? Hint: that's retarded; even standard users are allowed to *view* the file.
    • Are you upset that whatever editor you used (probably Notepad, which is essentially a window and basic file I/O wrapped around a TextArea control) didn't automatically know to elevate itself? Damn few apps have this code, and Notepad isn't one of them.
    • Perhaps you're upset that a "Local DNS file" isn't world-writable by default (because you think allowing any random standard user to completely fuck up the system's Internet connnection is a sane default configuration)?
    • Maybe you're just frustrated because your understanding of computer security is so painfully minimal it never occurred to you that you could, if you wish, edit the permission of the HOSTS file to make it user-writable?
    • Alternatively, maybe you feel that the OS should offer a UAC prompt that would edit the file's security
  9. Re:I'm safe! on After 1 Year, Conficker Infects 7M Computers · · Score: 1

    Win7 (and for that matter, Vista and even XP) DO NOT need anti-virus*. The ignorant monkeys who use them need anti-virus. Hell, the same is even true on OS X - it turns out there are people out there who are big enough Mac fanboys that they'll pirate iLife. Guess what - pirated versions of iLife have started coming with trojans in them, enough that a botnet composed exclusively of Macs running this malware now exists (small relative to Conficker, but nonetheless a serving to illustrate the point). Had those people been running anti-virus software, they *might* not have gotten themselves infected.

    In case you missed the point, the source of much of today's malware is user-installed trojans, and the OS can't fix stupid users. Windows is by far the most targeted OS, so Microsoft has found it useful to inform users about antivirus (which provides at least some protection).

    * In general, I'll only stand by this claim for users running as non-admin; zero-day exploits do happen. Fortunately, running as non0admin on Vista and Win7 is easy via UAC; on XP it's more difficult.

  10. Re:3.11 on Installing Linux On Old Hardware? · · Score: 1

    Well, Workgroups was specifically the network-aware version of the DOS-based Windows releases. Hell, you can install anything up to, IIRC, Internet Explorer 5 on it (it has a portion of the Win32 API, enough that some other browsers *might* run too, though it's doubtful). Somebody above mentioned Win95, which would also work. NT 3.5x, if you can find a copy, would probably work fine as well.

    I'm still not sure what anybody would honestly *DO* with hardware that old, though. I've got a pair of machines - 400MHz P2 and 450MHz P3, both with CD-ROM, 256 MB of RAM, and 20GB HDDs. I've been trying to find a good use for them for a while, without much success.

  11. Re:Components? on Xerox Claims Printable Electronics Breakthrough · · Score: 1

    The ability to print semiconductors (diodes, LEDs, and transistors) does not necessarily translate to the ability to print resistors (semiconductors have a near-constant voltage drop regardless of current, very different from a resistor), capacitors (no way this thing has the resolution to print *that* much surface area, and you still need a dielectric for any decent capacitance), or inductors (resolution again, plus you won't get much unless you can coil the conductor). There will still be a need for surface-mounted components. The difference is that what previously required a very expensive one-off circuit board plus components now is easy thanks to cheap print-your-own-at-home circuit boards - and if they can integrate semiconductors into the board directly, so much the better.

    The printer and ink won't come cheap, but compared to the cost of one-off PCBs... if it's good enough and cheap enough, this thing could revitalize the electronics industry by taking low-budget electronics design way beyond the realm of breadboards.

  12. Re:Windows CE and Windows Mobile on ARM Stealthily Rising As a Low-End Contender · · Score: 1

    First, Windows Mobile is just a wrapper around the Windows CE core. There's no particularly great need to mention them separately.

    More importantly, there's no reason that the Win32 API couldn't be brought to ARM. There are a few possible ways to do this:
      * Hacking it into WinCE somehow (the brute-force approach)
      * Port NT and the Win32 subsystem to ARM (certainly possible, but if you do that then you probably need to port the WinMo API to an NT subsystem for backward compatibility. On the plus side this is one less kernel to maintain)
      * Use a POSIX system (possibly the POSIX subsystem for NT, but more likely something *BSD) with Wine on top (Wine is already working on an ARM port, although I'm not really sure why)

    There's no reason that most Win32 apps couldn't be re-compiled for ARM, it's just that there isn't currently a Win32 API on ARM. Fix that, release a handful of first-party ARM ports, make the SDK a free download (it already is for x86-based apps) along with a free update to Visual Studio that uses the cross-compiler and checks for architecture-specific compatibility issues, and watch ISVs fall all over themselves releasing ports of their software for the new platform.

  13. Re:ARM/Linux in the Tesla Roadster on ARM Stealthily Rising As a Low-End Contender · · Score: 4, Informative

    Between versions 3.5 and 5.0 (Windows 2000), NT was actually ported to several other architectures, including PowerPC and Alpha. None of them were particularly successful commercially, and from what I heard, the Alpha port was killed by in-fighting between Microsoft, DEC, and (IIRC) Compaq. The only non-x86-derived (and on RISC architecture) port of NT currently maintained is Itanium (ia64).

    There's no architectural reason why NT couldn't be ported to ARM, and I actually think it would be a good move to replace the WinCE kernel with a ported branch of the NT kernel optimized for smartphones. They could even keep backward compatibility with WinMo by using a WinMo subsystem (similar to the way that NT is compatible with both Win32 and POSIX by way of subsystem - the kernel doesn't directly handle Win32 or POSIX syscalls, they instead both get translated to NT syscalls which are designed to accommodate just about any API). This would also let Microsoft remain relevant on ARM-based netbooks, provided they port the Win32 subsystem (yes, applicaitons would need to be re-compiled, but for many apps that's all it would take).

  14. Re:Nuclear pulse propulsion on Russia Develops Spaceship With Nuclear Engine · · Score: 1

    Addendum to that: things like the pusher plate are *heavy* to launch using conventional rockets. While a nuclear pulse rocket could function well enough in space, getting one into space without using it would be tricky.

  15. Re:Why do we need CDs at all? on Canonical Halts Ubuntu CD Free-for-all · · Score: 1

    For that matter, it's quite easy to do manually. Windows has included tools to resize and create partitions for a few years now, and while it may lack an actual "dd" binary, the functionality to copy a disk image is very simple. Add a bootloader entry and it's good to go. The main thing you might want (and not have with trivial effort) is the ability to format the target volume using a filesystem not supported in Windows.

  16. Re:Ubuntu seems to have hit the big time on Canonical Halts Ubuntu CD Free-for-all · · Score: 1

    For the record, both Vista and Win7 ship with memory testing software on the disc as well. You can also put it on the hard drive and launch it from the boot menu. It's just that (like on the average Linux install) nobody runs it.

  17. Re:cell co.s will be thrilled on Anonymous Browsing On Android Phones Using Tor · · Score: 1

    Well, there's a little extra information (the routing data that the Tor node uses to direct your packet to its destination, or inform you of an incoming packet's origin). It's pretty minor, though.

  18. Re:!secure on Anonymous Browsing On Android Phones Using Tor · · Score: 1

    I'd like to quickly expand on the Off-The-Record reference; OTR is a feature that uses end-to-end encryption of instant messenger conversations. It's available as a plug-in for Pidgin (on Windows or *nix) and is built into Adium (on Mac). If you're even slightly concerned about your conversations getting snooped on, you should use it. I believe it uses asymmetric crypto to exchange a shared key that is unique to each conversation. Validating the public key of your friends will provide authentication and protection against MitM attacks as well.

  19. Re:You consparicy nuts are funny on Of Encrypted Hard Drives and "Evil Maids" · · Score: 1

    Why would people outside the US care about jobs or clearances from the NSA? That doesn't even begin to make sense. Many of the experts I referred to are not US citizens, don't work for US organizations, and couldn't get a security clearance from the US government even if they wanted to.

    BitLocker is used extensively outside the US too. You think that foreign agencies would be OK with using crypto that they thought the NSA had a back-door in? Or do you just think that they don't have good enough people to find it? Trust me, neither one is true.

    You also really ought to work on the structure of your posts. Your writing is almost as bad as your logic.

  20. Re:Didn't think App Store piracy was that big on App Store Developer Speaks Out On Game Piracy · · Score: 1

    If something's expensive, why do you feel the right to watch it/listen to it/use it, when others have to pay? Isn't it more ethical to just not pay?

    What gives you the moral right to restrict him from listening to/using it.

    How about the fact that the creater invested a considerable amount of time, effort, and skill (which is not usually free, and implies study and practice) into creating that work, whatever it is, and deserves a return on that invesment? There Ain't No Such Thing As A Free Lunch, friend. You seem to advocate communal benefit, but reject any costs at all - would you be willing to have a portion of each paycheck docked to cover compensation for the creation of things currently covered by copyright, or education for aspiring artists (no, public school doesn't count, certainly not in the US - even public universities are very expensive)?

    No, in fact, the only reason to restrict access to him is so that you can feel superior.

    Well, and so he can eat, pay rent/mortgage, pay tuition (or pay off loans), raise a family, or (in the specific case of the recording industry) demonstrate to the publishers (labels) that his work is worth them paying him to make (same idea, once removed).

    It is just wasting the resources of society to go with an inferior product. Of course, wasting resources is exactly what you are promoting.

    Believe it or not, you have this backwards. By setting the value of any particular copy of the work at zero, you are destroying all value of the work itself in terms of the economy, i.e. the "resources of society" that you claim to support so much. Conversely, by setting a specific value on each copy, there becomes an economic motivation to create such works, which in turn creates value for society.

    For the TL;DR folks: Copyright law exists for a reason, and it's not because the founding fathers supported waste of society's resources.

  21. Re:Didn't think App Store piracy was that big on App Store Developer Speaks Out On Game Piracy · · Score: 1

    Funny thing: no, I don't give people mix tapes (or CDs, etc.). If somebody sends me some music saying "check this out" I'll listen to it, and then either delete it or buy it on Amazon.com. Just because you can't imagine a world without piracy doens't mean it doens't exist.

    As for the library, you're *WAY* off base there. To begin with, libraries operate on a very simple principle whereby you can only have as many people using (reading) as the library owns copies. No additional copies (the whole point of copyright law) are made. This is also why the term "file-sharing" is so misleading; when I'm sharing use of the car with my family, that doesn't mean we each get a car - it means we have one car, and only one person can drive it at a time. Furthermore, the way that people enjoy books and music are quite different - music is something you listen to frequently, but don't usually care so much if you're missing part of an album. This is the environment where a library makes no sense. On the other hand, individual books are typically enjoyed relativley infrequently, but if you like the first book of a series you'll want the second, third, and so on. If the library doesn't have them you go to the bookstore, and you probably buy the first book as well. Thus libraries promote sales, without breaking even the spirit (nevermind the letter) of copyright law.

  22. Re:News at eleven on Of Encrypted Hard Drives and "Evil Maids" · · Score: 1

    Actually, it really does. They can't *use* the computer at all. Installing the replacement bootloader requires physical access to the hard drive; simply powering up the laptop won't do anything except tell you which form of full-volume encryption is in use. You need another computer which the targer hard drive must be attached as a slave, edited, then re-installed in the target computer.

    It's doable, and if you aren't using TPM protection it'll even work, but even then your system isn't actually compromised yet - they need you to log in (providing your decryption key) then leave the computer alone *again* so they can retrieve the intercepted key. Possible? Sure, but hardly trivial.

  23. Re:Bitlocker? on Of Encrypted Hard Drives and "Evil Maids" · · Score: 1

    The signing of the bootloader is irrelevant, but you are nonetheless correct. BitLocker already has a mechanism to defeat this attack, using the TPM.

    One mechanism of the TPM is storing a running checksum of all instructions that pass through the CPU. When the BitLocker decryption filter starts, this checksum is retrieved and used as part of a recovery key. If the instructions have changed (for example, if thbootloader was updated, edited, or replaced) then the TPM's value will be incorrect and the recovery key will not be available.

    Now, supposing somebody has done this to your laptop, you could enter the manual recovery key (an AES key that can be used to retrieve the master key, used as a last-ditch recovery technique) and the compromised bootloader would record it. However, if you haven't messed with your bootloader, the fact that the normal unlock failed should be a red flag, and hopefully you wouldn't try to enter the manual recovery key and then leave the device in an unsecured location again. Indeed, the best bet would be to replace the original bootloader and try again (although you'd have to suspect such an attack to have any reason to try this).

  24. Re:Bitlocker? on Of Encrypted Hard Drives and "Evil Maids" · · Score: 2, Insightful

    As somebody who actually worked on BitLocker during an internship at MS, that's bullshit. I was working directly with the metadata and its parser, including the recovery keys. There was absolutely no "TLA Agency" recovery key. The master key for each volume is encrypted and stored on the volume itself (and each volume has a unique key). This is exactly the key used to decrypt the drive, and is never stored in plaintext anywhere. How do you get around this?

    You can't store a recovery key for each volume in some secret database - the master keys, and their encryption keys, are unique.
    You can't store a secret recovery key on the volume - it would have shown up when the disk was accessed at block device level.
    There are probably plenty of other ideas that don't work, but I assure you, there aren't any that do. BitLocker was extensively examined by crypto experts, and no backdoors or methods to break it were discovered.

  25. Re:Is there anything GOOD in windows 7.... on Engineers Tell How Feedback Shaped Windows 7 · · Score: 1

    Ignoring the for mement that some companies and even government organizations did switch to Vista, one good reason to go with Win7 is BitLocker, especially the ability to encrypt flashdrives and other removable storage. No more risk of sensitive electronic documents being stolen out of your car or embarrassing information leaks via discarded hard drives.

    Additionally, Win7 is extremely usable as a standard user (including things like changing your permanent environment variables, or installing printer drivers off the network, which previously required Admin access). The vast majority of people will have no need for Administrator access, meaning it's much harder for them to screw up their systems. Furthermore, if IT needs to do something anyhow, it's much easier for an authorized Admin (such as somebody in IT) to gain Administrative privileges thanks to UAC. There's also lots of other nice things for IT, such as new or improved Group Policy options, and substantially better OS security in general.

    Finally, if something simply *will not* work on anything newer than XP, there's always Virtual XP mode, which streamlines virtualization and is available at no extra cost with the business-targeted Win7 editions.