Linux-Advocacy Digest #171, Volume #26 Mon, 17 Apr 00 15:13:05 EDT
Contents:
Re: Forget buying drestin UNIX. Buy him a memory (was Re: Detonators 5.14
UP!!!!!!!!) ("Drestin Black")
Re: Mandrake is listening! It's "Da Bomb"! (The Cat)
Re: simply being open source is no guarantee of security. ("Chad Myers")
Re: MS caught breaking web sites (Matt Gaia)
Re: Detonators 5.14 UP!!!!!!!! ("Rob Hughes")
Re: Detonators 5.14 UP!!!!!!!! ("Rob Hughes")
Re: Forget buying drestin UNIX. Buy him a memory (was Re: Detonators 5.14
UP!!!!!!!!) ("Rob Hughes")
Re: simply being open source is no guarantee of security. (Mig Mig)
Re: simply being open source is no guarantee of security. (Donovan Rebbechi)
Aide pour Suse Linux6.3 ("stephane.delaune")
Re: Aide pour Suse Linux6.3 (Mig Mig)
----------------------------------------------------------------------------
From: "Drestin Black" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: Forget buying drestin UNIX. Buy him a memory (was Re: Detonators 5.14
UP!!!!!!!!)
Date: Mon, 17 Apr 2000 12:55:10 -0400
"abraxas" <[EMAIL PROTECTED]> wrote in message
news:8df4or$2q07$[EMAIL PROTECTED]...
> In comp.os.linux.advocacy Drestin Black <[EMAIL PROTECTED]>
wrote:
>
> > 5.14 "leaked" drivers from nVidia?
> > It is NOT illegal to use these drivers.
> > Period.
>
> > Write nVidia yourself and see what they have to say about them. I have.
>
> I did. They told me not to use them and that their release was
> unfortunate.
They told me otherwise. Hmmm... oh well, YMMV.
>
> > That totally nulifies your points - completely. Utterly.
>
> > If you aren't a linvocate and a W2K user then you should have respect
for
> > someone who is "on your side" instead of throwing stupid attempts at
insult
> > around. Using "leaked" drivers from nVidia (who intends for people to do
> > just what they are doing with them) does not even remotely compare with
> > outright piracy via DeCSS, Napster and Gnutella. These drivers are
written
> > FOR the consumer and I'm one of them. nVidia has no problem with using
them
> > so you are speaking from ignorance.
>
> They do actually, and besides that, as with (in my experience) a very
large
> number of drivers for w2k, theyre just plain awful and barely work at all.
I'm sorry but I strongly disagree and have proof. I am running exclusively
on W2K now, nothing else. I use nothing but nVidia drive video cards - I
have only one problem with all these drivers and it's in one particular game
regarding hardware gamma control for which I've found a manual fix for.
Otherwise, looking good to me. Considering I can get over 100 fps at
1024x768 32bit mode in Q3A I do not consider that awful or barely working. I
read a recent review at linux games regarding Quake 3A performance under
Linux - you want to talk awful and barely working? These guys were nearly
wetting their pants at almost 50 fps at 800x600 - give me a break.
>
> > On the other hand, Napsters and especially Gnutella have no other use in
> > life other than the wholesale bootlegging of MP3s and other software.
Try to
> > further impresses us now by trying to defend those piracy devices.
>
> Heres a bit of logic that im sure youll understand:
>
> Guns dont kill people, people kill people.
>
I will not argue that in this context with you.
What legitmate use is there for Napster?
Do you put up your MP3 (assuming legally made) files so that you (and only
legally you) can get to them from another location? What do you think about
the fact that every person on Napster has full access to download them and
that your entire MP3 categlog is broadcast publically to everyone else on
Napster? How can you reconcile that?
Imagine you left your gun loaded and cocked sitting on a desk in the middle
of a room you were in - available to you at any given moment AND to anyone
else and you advertised it's being there and ALLOWED anyone to pick it up
and use it any time they'd like as often as they'd like without you even
knowing (until they already picked it up).
Gnutella just goes further by allowing ANY files (not just .mp3) and making
the transaction annonymous and resistant to any DoS or legal attack. Didn't
you think for a minute why Gnutella got stomped on by AOL legal? One guy
argued that gnutella was like anonymous FTP. Well, even if that were true,
if you put illegal software on your anonymous FTP - isn't that illegal?
anyway, I'm dropping this thread.
------------------------------
From: The Cat <[EMAIL PROTECTED]>
Subject: Re: Mandrake is listening! It's "Da Bomb"!
Date: Mon, 17 Apr 2000 16:58:00 GMT
On 17 Apr 2000 17:31:05 GMT, [EMAIL PROTECTED]
(Pete Goodwin) wrote:
>[EMAIL PROTECTED] (The Cat) wrote in
><[EMAIL PROTECTED]>:
>
>>On 17 Apr 2000 08:48:20 GMT, [EMAIL PROTECTED]
>>(Pete Goodwin) wrote:
>>
>>>My SB16 sound card still refuses to work and auto detection of my SCSI
>>>controller (aha1522) seems to miss it, but I'm working on these.
>>
>>Did you try running Lothar? The SB-16 is one of the better supported
>>sound cards under Linux.
>
>I've never heard of Lothar but I'll take a look it later.
K-menu (lower left corner of panel) -> System -> lothar.
You might also try sndconfig.
>>My Adaptec 2940uw was recognized but it is a pci card. Is the 1522
>>ISA?
>
>Yep, ISA. It's the BIOS version of a 1510.
>
>>You might have an IRQ conflict between the Adaptec and the SB-16
>>cards.
>
>I think both are trying to use IRQ 11. The SB-16 is ISA but it is plug and
>play. I might flip back to my old trusty SB Pro.
Try it with either the 1510 OR the Sb-16 in the system and see what
happens. Then add the other one after the install is complete.
Or if you still have Windows running look at device manager and see
what IRQ's are assigned to the boards.
>>Try looking in the Mandrake news group for some assistance.
>>
>>alt.os.linux.mandrake
>
>Ok thanks.
You're welcome
"Agent under Wine and powered by Mandrake 7.0"
------------------------------
From: "Chad Myers" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: simply being open source is no guarantee of security.
Date: Mon, 17 Apr 2000 12:00:03 -0500
"Drestin Black" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Sure, the source code is available. But is anyone reading it?
It seems there are more watchdog groups eyeing Microsoft's every
move than other OSes. They are finding bugs easily without the source.
Because, most common bugs are usually in hashing passwords, or not allocating
memory properly or doing bounds checks for input, thus resulting in buffer
overruns. These are fairly easy to test and diagnose without the source.
> The fact is, most open source users run the software, but don't personally
> read the code. They just assume that someone else will do the auditing for
> them, and too often, it's the bad guys.
Or even the good guys inserting backdoors into the login process or
the cc compiler.
> In the scientific world, peer review works because the people doing the
> reviewing possess a comparable, or higher, technical caliber and level of
> authority on the subject matter than the author.
Perhaps Open Source would be more useful if it were actually reviewed by
boards with autority? If an authority for ceritfying peer reviewers of
source code were set up, perhaps the dream that the Open Source advocates
promote would become a reality?
> Sendmail is one of the oldest examples of open source software, yet this
> vulnerability, and many others, lay unfixed a long time. For years Sendmail
> was plagued by security problems, because this monolithic programs was very
> large, complicated, and little understood but for a few.
SendMail continues to be plauged by remotely exploitable bugs.
> Ken Thompson made this very clear during his 1983 Turing Award lecture to
> the ACM, in which he revealed a shocking, and subtle, software subversion
> technique that's still illustrative seventeen years later.
> Thompson modified the UNIX C compiler to recognize when the login program
> was being compiled, and to insert a back door in the resulting binary code
> such that it would allow him to login as any user using a "magic" password.
> But make no mistake, simply being open source is no guarantee of security.
That's for sure.
-Chad
------------------------------
From: Matt Gaia <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: MS caught breaking web sites
Date: Mon, 17 Apr 2000 13:17:35 -0400
> Or, more appropriate comp.os.microsoft.rumors.and.proven.falsehoods?
>
> -Chad
Naw, comp.os.microsoft.exposed-illegal-acts would be much more
appropriate. :)
------------------------------
From: "Rob Hughes" <[EMAIL PROTECTED]>
Crossposted-To: alt.comp.periphs.videocards.nvidia,comp.os.ms-windows.nt.advocacy
Subject: Re: Detonators 5.14 UP!!!!!!!!
Date: Mon, 17 Apr 2000 13:00:43 -0500
They're leaked drivers, not released drivers. You're reaching pretty far to
justify your use of the drivers without NVIDIA's permission, since after all
they hold the copyright and therefore determine what acceptable use is. If
NVIDIA has something on their site, or will place a newsgroup announcement,
or in some other way retract an earlier statement that I read which stated
that they were actively attempting to stop the driver leaks, I'll be happy
to drop the matter.
"Drestin Black" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> again, as the 5.14 drivers are not pirated software or illegal to own or
use
> you are full of it.
>
> get the facts right, you are talking apples and cadilacs
>
> "Rob Hughes" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> >
> > oh.... must 've been another drestin black then. some drestin black went
> > on endlessly about pirating software and the decss thing and such. i'll
> > go get you deja references if you want, but I basically consider anyone
> > insisting on such things pretty anal.
> >
> > On Sat, 15 Apr 2000 13:53:09 -0400, "Drestin Black"
> > <[EMAIL PROTECTED]> wrote:
> >
> > :Whatthe hell drugs are you on?
> > :
> > :I've NEVER said that I will never touch or are completely opposed to
any
> > :such things.
> > :I am not a nVidia developer so do not have access to that site but if
you
> > :had half a brain and kept up on these things you'd know that in the
case
> of
> > :these drivers "leaked" is what nVidia calls them so they don't have to
> > :warranty them against frying your system. these are "leaked" regularly
> and
> > :the newsgroups and fan sites monitored for feedback. nvidia is fully
> aware
> > :of this and is not at all interested in stoping or slowing it - in
fact,
> > :they NEED the feedback. if nVidia didn't like it, you'd think they'd
have
> > :done anything against the 100s of sites that carry this material nice
and
> on
> > :their front pages.
> > :
> > :This has nothing to do with DeCSS which is just plain stupid as are the
> > :idiots who blindly try to defend what they barely understand.
> > :
> > :get a life...
> > :
> > :"Rob Hughes" <[EMAIL PROTECTED]> wrote in message
> > :news:[EMAIL PROTECTED]...
> > :> Well, drestin, you should be able to access that on NVIDIA's site.
> Since
> > :> you've made several statements that you would never use anything
> pirated
> > :> or in any other way violating a copyright, and since these are
> obviously
> > :> leaked drivers, then unless you have signed an NDA you would be
> > :> violating an NVIDIA copyright. So, you'll just go to NVIDIA's site as
a
> > :> registered developer with a signed NDA and a username/password, now,
> > :> right? I mean, this isn't much different from the whole DeCSS
copyright
> > :> issue, pirated software, etc. All things you've proclaimed loud and
> long
> > :> that you will never touch, are completely opposed to, and further
> stated
> > :> that anyone stooping to such a level is lower than the lowest scum on
> > :> earth.
> > :>
> > :> On Fri, 14 Apr 2000 19:47:30 -0400, "Drestin Black"
> > :> <[EMAIL PROTECTED]> wrote:
> > :>
> > :> :can anyone get the PDF file? Mine has a broken link.
> > :> :
> > :> :if so, can you post the proper link
> > :> :
> > :> :"Suzook" <[EMAIL PROTECTED]> wrote in message
> > :> :news:otMJ4.4523$[EMAIL PROTECTED]...
> > :> :> Here they are
> > :> :>
> > :> :> http://www.xs4all.nl/~bmsmit/
> > :> :>
> > :> :>
> > :> :
> > :>
> > :>
> > :>
> > :> -----= Posted via Newsfeeds.Com, Uncensored Usenet News =-----
> > :> http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
> > :> -----== Over 80,000 Newsgroups - 16 Different Servers! =-----
> > :>
> > :
> >
> >
> >
> > -----= Posted via Newsfeeds.Com, Uncensored Usenet News =-----
> > http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
> > -----== Over 80,000 Newsgroups - 16 Different Servers! =-----
>
>
====== Posted via Newsfeeds.Com, Uncensored Usenet News ======
http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
======= Over 80,000 Newsgroups = 16 Different Servers! ======
------------------------------
From: "Rob Hughes" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: Detonators 5.14 UP!!!!!!!!
Date: Mon, 17 Apr 2000 13:08:58 -0500
"laff" was my initial reaction to someone caught so far out they can't find
they're way back. But, since I own a NVIDIA based card, does it hurt that I
look at postings regarding new drivers? The title wasn't particularly
specific, and the only way to find out if they had released new drivers was
to read the post. Or go look at NVIDIA's site. I like to get the user
communities reactions first though, and as such posts usually contain
something along those lines, I do read them. Your insult bag must be pretty
low, and that knee jerking is, I would think, at this point be seriously
endangering your health. I also suggest that you get your facts straight in
that 1) I've worked with all those products, but mainly napster and gnutella
from a security standpoint. DeCCS is more a matter for the courts to decide,
and I have a licensed DVD player. Got it free with my video card. 2) I don't
read /. I keep telling you this, but you seem unable to get whatever smegma
you substitute for a mind around that fact.
"Drestin Black" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> that's the best you can do eh?
>
> Of course, cause you are dead wrong.
>
> I talk about newsgroups and things like DeCSS and Napster and Gnutella
from
> the point of view of someone who actually uses the products to understand
> them. Not from ignorance and press clippings and slash dot posts.
>
> What are you doing reading about 5.14 drivers if you Mr. Legal man
himself?
> That's like being an accessory after the fact, in your view.
>
>
> "Rob Hughes" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > laff
> >
> > On Sat, 15 Apr 2000 13:54:57 -0400, "Drestin Black"
> > <[EMAIL PROTECTED]> wrote:
> >
> > :p.s., unless you can provide some documentation to:
> > :"All things you've proclaimed loud and long
> > :> that you will never touch, are completely opposed to, and further
> stated
> > :> that anyone stooping to such a level is lower than the lowest scum on
> > :> earth."
> > :
> > :I will continue to have to consider you a liar and lying outloud in
these
> > :groups.
> > :I never said such things and you are lying.
> > :
> > :"Rob Hughes" <[EMAIL PROTECTED]> wrote in message
> > :news:[EMAIL PROTECTED]...
> > :> Well, drestin, you should be able to access that on NVIDIA's site.
> Since
> > :> you've made several statements that you would never use anything
> pirated
> > :> or in any other way violating a copyright, and since these are
> obviously
> > :> leaked drivers, then unless you have signed an NDA you would be
> > :> violating an NVIDIA copyright. So, you'll just go to NVIDIA's site as
a
> > :> registered developer with a signed NDA and a username/password, now,
> > :> right? I mean, this isn't much different from the whole DeCSS
copyright
> > :> issue, pirated software, etc. All things you've proclaimed loud and
> long
> > :> that you will never touch, are completely opposed to, and further
> stated
> > :> that anyone stooping to such a level is lower than the lowest scum on
> > :> earth.
> > :>
> > :> On Fri, 14 Apr 2000 19:47:30 -0400, "Drestin Black"
> > :> <[EMAIL PROTECTED]> wrote:
> > :>
> > :> :can anyone get the PDF file? Mine has a broken link.
> > :> :
> > :> :if so, can you post the proper link
> > :> :
> > :> :"Suzook" <[EMAIL PROTECTED]> wrote in message
> > :> :news:otMJ4.4523$[EMAIL PROTECTED]...
> > :> :> Here they are
> > :> :>
> > :> :> http://www.xs4all.nl/~bmsmit/
> > :> :>
> > :> :>
> > :> :
> > :>
> > :>
> > :>
> > :> -----= Posted via Newsfeeds.Com, Uncensored Usenet News =-----
> > :> http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
> > :> -----== Over 80,000 Newsgroups - 16 Different Servers! =-----
> > :>
> > :
> >
> >
> >
> > -----= Posted via Newsfeeds.Com, Uncensored Usenet News =-----
> > http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
> > -----== Over 80,000 Newsgroups - 16 Different Servers! =-----
> >
>
>
====== Posted via Newsfeeds.Com, Uncensored Usenet News ======
http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
======= Over 80,000 Newsgroups = 16 Different Servers! ======
------------------------------
From: "Rob Hughes" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: Forget buying drestin UNIX. Buy him a memory (was Re: Detonators 5.14
UP!!!!!!!!)
Date: Mon, 17 Apr 2000 13:21:04 -0500
"Drestin Black" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> You could not be supider... you just don't get it.
>
> I could explain it to you but you'll never get it - instead I'll just tell
> you this factoid:
>
> 5.14 "leaked" drivers from nVidia?
> It is NOT illegal to use these drivers.
> Period.
So you say. NVIDIA has stated otherwise in the past. If their policy has
changed, they've been very quite about it.
> Write nVidia yourself and see what they have to say about them. I have.
I already have a statement from them, but perhaps I'll go ahead and do so,
just for grins. If they state to me that they now encourage, or at least
tolerate the use of their drivers without an NDA, then I'll apologize. After
all, my information is three months old, and it may have changed.
> That totally nulifies your points - completely. Utterly.
We will see.
> If you aren't a linvocate and a W2K user then you should have respect for
> someone who is "on your side" instead of throwing stupid attempts at
insult
> around. Using "leaked" drivers from nVidia (who intends for people to do
> just what they are doing with them) does not even remotely compare with
> outright piracy via DeCSS, Napster and Gnutella. These drivers are written
> FOR the consumer and I'm one of them. nVidia has no problem with using
them
> so you are speaking from ignorance.
Drestin, you are one of the last people I would ever be able to respect.
You're a freak, and often scare me with your narrowness of vision as well as
of mind. We are on the same "side" only in that we made the same choice for
our primary operating systems/network operating systems. I would venture to
guess though that we made these choices for completely different reasons.
> On the other hand, Napsters and especially Gnutella have no other use in
> life other than the wholesale bootlegging of MP3s and other software. Try
to
> further impresses us now by trying to defend those piracy devices.
I'm trying to defend them? In what way? When did I even mention them? Why
would I even want to? I have no use for them other than figuring out how to
block such things on my networks. Also note that these programs can now
transfer other types of files beyond just mp3 files either via 3rd party
add-ons, or natively, but I personally prefer FTP and email, and require the
same from my users. I like to log ;) *gets ready for the network/sysadmin
nazi jokes, insults, etc.*
> "Rob Hughes" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > Hokay, laffing boi, here we go:
> >
> >
>
http://x31.deja.com/getdoc.xp?AN=582727974&CONTEXT=955894517.1533345798&hitn
> um=8
> >
> >
>
http://x31.deja.com/getdoc.xp?AN=584994737&CONTEXT=955894517.1533345798&hitn
> um=11
> >
> >
>
http://x31.deja.com/getdoc.xp?AN=583419426&CONTEXT=955894517.1533345798&hitn
> um=12
> >
> >
>
http://x31.deja.com/getdoc.xp?AN=583958058&CONTEXT=955894517.1533345798&hitn
> um=13
> >
> >
>
http://x31.deja.com/getdoc.xp?AN=581992412&CONTEXT=955894517.1533345798&hitn
> um=17
> > (this one pretty much sums up his whole view on copyrighted material)
> >
> >
>
http://x31.deja.com/getdoc.xp?AN=575811841&CONTEXT=955894517.1533345798&hitn
> um=22
> >
> >
>
http://x31.deja.com/getdoc.xp?AN=582634042&CONTEXT=955894517.1533345798&hitn
> um=27
> > (note drestin's stance on "licensing". also note that drestin was
> > requesting information about unreleased, and therefore unlicensed
> > drivers)
> >
> >
>
http://x31.deja.com/getdoc.xp?AN=582812581&CONTEXT=955894517.1533345798&hitn
> um=32
> > (touches on pirating)
> >
> > Some are more relevant than others, but I think we all get the idea....
> > If you want to read all of drestin's musings on the
> > linux/decss/piracy/copyright violation thing, look here:
> >
>
http://x31.deja.com/dnquery.xp?search=next&DBS=1&[EMAIL PROTECTED]
>
spam%20AND%20decss&ST=MS&offsets=db2000p1%0217%01db99p10%024%01db2000p2%021%
> 01db2000p3%023&svcclass=dnserver&CONTEXT=955894517.1533345798
> > The entire crux is that drestin states that "pirating is bad" and
> > "violating copyrights is bad" and that "you shouldn't do that". So,
> > drestin then turns around and asks for information about drivers to
> > which he holds no license (unreleased drivers used against the creators
> > wishes). NVIDIA has send cease and desist orders to web site posting
> > their unreleased drivers, which I can certainly understand. I'm sure it
> > must be increasing their support costs when some luser calls up with a
> > broken beta driver wanting help, even if its only the 30 seconds or so
> > it takes to explain that its an unreleased driver. Now you, drestin, can
> > deny what you wrote all you want, as well as right me off as just
> > another "crazy linvocate", which would be weird in and of itself, since
> > I don't use linux and actually like w2k, but hey, you rationalize it any
> > way that makes you feel better. Have a nice day...
> >
> > On Sat, 15 Apr 2000 13:54:57 -0400, "Drestin Black"
> > <[EMAIL PROTECTED]> wrote:
> >
> > :p.s., unless you can provide some documentation to:
> > :"All things you've proclaimed loud and long
> > :> that you will never touch, are completely opposed to, and further
> stated
> > :> that anyone stooping to such a level is lower than the lowest scum on
> > :> earth."
> > :
> > :I will continue to have to consider you a liar and lying outloud in
these
> > :groups.
> > :I never said such things and you are lying.
> > :
> > :"Rob Hughes" <[EMAIL PROTECTED]> wrote in message
> > :news:[EMAIL PROTECTED]...
> > :> Well, drestin, you should be able to access that on NVIDIA's site.
> Since
> > :> you've made several statements that you would never use anything
> pirated
> > :> or in any other way violating a copyright, and since these are
> obviously
> > :> leaked drivers, then unless you have signed an NDA you would be
> > :> violating an NVIDIA copyright. So, you'll just go to NVIDIA's site as
a
> > :> registered developer with a signed NDA and a username/password, now,
> > :> right? I mean, this isn't much different from the whole DeCSS
copyright
> > :> issue, pirated software, etc. All things you've proclaimed loud and
> long
> > :> that you will never touch, are completely opposed to, and further
> stated
> > :> that anyone stooping to such a level is lower than the lowest scum on
> > :> earth.
> > :>
> > :> On Fri, 14 Apr 2000 19:47:30 -0400, "Drestin Black"
> > :> <[EMAIL PROTECTED]> wrote:
> > :>
> > :> :can anyone get the PDF file? Mine has a broken link.
> > :> :
> > :> :if so, can you post the proper link
> > :> :
> > :> :"Suzook" <[EMAIL PROTECTED]> wrote in message
> > :> :news:otMJ4.4523$[EMAIL PROTECTED]...
> > :> :> Here they are
> > :> :>
> > :> :> http://www.xs4all.nl/~bmsmit/
> > :> :>
> > :> :>
====== Posted via Newsfeeds.Com, Uncensored Usenet News ======
http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
======= Over 80,000 Newsgroups = 16 Different Servers! ======
------------------------------
From: Mig Mig <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: simply being open source is no guarantee of security.
Date: Mon, 17 Apr 2000 20:41:37 +0200
Hes got some good points and that mainly being.. * Open Source is not
automaticlly more secure than closed source *
He's not saying that the Micros~1 model is more secure.. actually he ends
it with
"So does all this mean Open Source Software is no better than closed
sourcesoftware when it comes to security vulnerabilities? No. Open Source
Software certainly does have the potential to be more secure than its
closed source counterpart.
But make no mistake, simply being open source is no guarantee of security."
Ergo.. Open Source is more secure than closed source but this requires an
effort
Drestin Black wrote:
> From: http://www.securityfocus.com/commentary/19
> Wide Open Source
bla.bal.
------------------------------
From: [EMAIL PROTECTED] (Donovan Rebbechi)
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: simply being open source is no guarantee of security.
Date: 17 Apr 2000 14:45:39 -0400
On Mon, 17 Apr 2000 12:00:03 -0500, Chad Myers wrote:
>
>move than other OSes. They are finding bugs easily without the source.
This would seem to lend strength to the point that "security by obscurity"
does not work.
>memory properly or doing bounds checks for input, thus resulting in buffer
>overruns. These are fairly easy to test and diagnose without the source.
Exactly. But some are also much easier to fix with the source.
>Or even the good guys inserting backdoors into the login process or
>the cc compiler.
The good guys don't do this unless they're really dumb.
>Perhaps Open Source would be more useful if it were actually reviewed by
>boards with autority? If an authority for ceritfying peer reviewers of
>source code were set up, perhaps the dream that the Open Source advocates
>promote would become a reality?
This is the kind of thing that OpenBSD shoots at. They have an audit team
that actually do audit code all the time. It seems to pay off, because
OpenBSD has an exceptional security track record.
>SendMail continues to be plauged by remotely exploitable bugs.
Not entirely true. The bug reports have faded somewhat in the last few
years. Still, it's a bit of a mess ( ie very complex piece of software
that usually is run as root ).
--
Donovan
------------------------------
From: "stephane.delaune" <[EMAIL PROTECTED]>
Subject: Aide pour Suse Linux6.3
Date: Mon, 17 Apr 2000 20:48:58 +0200
Novice Recherche aide pour configurer Linux6.3 Suse
1 Kwin ne marche pas avec ma carte MiroPctv
2 comment configurer ma carte son (Fortissimo)pour ne plus etre oblige de
taper la ligne de commande sous Shell tout les 20 minutes
3 comment faire apparaitre des icones sur le bureau Kde de mes disques Dur
.Est-ce possible de voir mes disque Windows??
4Comment configurer mon imprimante (Epson P2 couleurs)
5Comment configurer mon scanner Canon (branche en serie de mon imprimante??)
6Comment configurer Netscape (wanadoo)
Mon adresse :[EMAIL PROTECTED]
Je remercie toutes les personnes qui m'aideront a franchir le pas ,car en
fait Linux c'est tres propre.
------------------------------
From: Mig Mig <[EMAIL PROTECTED]>
Subject: Re: Aide pour Suse Linux6.3
Date: Mon, 17 Apr 2000 20:56:20 +0200
Stephane mon cher..
C'est group est en anglais.. c'est pas un group francais.. Ici il n'ya
quelquen que parle francais et tu peux m'incluir.
Arriverdeci
stephane.delaune wrote:
> Novice Recherche aide pour configurer Linux6.3 Suse
> 1 Kwin ne marche pas avec ma carte MiroPctv
> 2 comment configurer ma carte son (Fortissimo)pour ne plus etre oblige de
> taper la ligne de commande sous Shell tout les 20 minutes
> 3 comment faire apparaitre des icones sur le bureau Kde de mes disques Dur
> .Est-ce possible de voir mes disque Windows??
> 4Comment configurer mon imprimante (Epson P2 couleurs)
> 5Comment configurer mon scanner Canon (branche en serie de mon imprimante??)
> 6Comment configurer Netscape (wanadoo)
>
> Mon adresse :[EMAIL PROTECTED]
>
>
> Je remercie toutes les personnes qui m'aideront a franchir le pas ,car en
> fait Linux c'est tres propre.
>
>
>
>
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.advocacy) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Advocacy Digest
******************************
