Linux-Advocacy Digest #206, Volume #34 Sat, 5 May 01 05:13:02 EDT
Contents:
Re: The long slow slide to Microsoft.NOT ("Mart van de Wege")
Re: How to hack with a crash, another Microsoft "feature" (Eric Leblanc)
Re: The upgrade ("Paul Dossett")
Re: IE ("Edward Rosten")
Re: Alan Cox responds to Mundie ("Edward Rosten")
Re: XWindows loading on startup ("Edward Rosten")
Re: XWindows loading on startup ("Edward Rosten")
Re: Just how commercially viable is OSS?... (Was Re: Interesting MS speech on
OSS/GPL ( /. hates it so it's good)) ("Tom Wilson")
Re: Linux advocacy or Windows bashing? ("Mikkel Elmholdt")
Re: Linux advocacy or Windows bashing? ("Mikkel Elmholdt")
Linux disgusts me ("John Smith")
Re: Linux advocacy or Windows bashing? ("Mikkel Elmholdt")
Re: Apple is doing a good thing ("Andy Walker")
----------------------------------------------------------------------------
From: "Mart van de Wege" <[EMAIL PROTECTED]>
Subject: Re: The long slow slide to Microsoft.NOT
Date: Sat, 05 May 2001 09:55:01 +0200
Crossposted-To: comp.os.ms-windows.nt.advocacy,alt.linux,alt.destroy.microsoft
In article <_lJI6.3589$[EMAIL PROTECTED]>, "Chad Myers"
<[EMAIL PROTECTED]> wrote:
> "Erik Funkenbusch" <[EMAIL PROTECTED]> wrote in message
> news:1yHI6.22397$[EMAIL PROTECTED]...
>> 4-19-2001
>> http://www.redhat.com/support/errata/RHSA-2001-052.html
>>
>> "A vulnerability in iptables "RELATED" connection tracking has been
>> discovered. When using iptables to allow FTP "RELATED" connections
>> through the firewall, carefully constructed PORT commands can open
>> arbitrary holes in the firewall."
>>
>> 4-25-2001
>> http://www.redhat.com/support/errata/RHSA-2001-059.html
>>
>> "kdesu created a world-readable temporary file to exchange
>> authentication information and delete it shortly after. This can be
>> abused by a local user to gain access to the X server and can result in
>> a compromise of the account kdesu accesses."
>>
>> 4-25-2001
>> http://www.redhat.com/support/errata/RHSA-2001-058.html
>>
>> "If any swap files were created during installation of Red Hat Linux
>> 7.1 (they were created during updates if the user requested it), they
>> were world-readable, meaning every user could read data in the swap
>> file(s), possibly including passwords."
>
>
> After reading Adam Warner's diatribe in "What about customer security?"
> and how he said that Microsoft's code was crap, then reading this little
> tid-bit, the Linux code must look like a 3rd grader wrote it!
>
> Geez... even "M$" is smart enough not to allow anyone to read the page
> file.
>
> -c
>
>
Ah, Chad the security expert! Even Erik was gracious enough to admit that
this was only an example, but I'll tell you what's wrong with this
comparison: of the 4 RH exploits mentioned, only 50% are remote exploits,
the other 2 are local exploits. Of the Microsoft examples mentioned,
*ALL* were remote exploits. Get it now Chad? Evidently MS is smart enough
to lock down the page file, but with all their billions still think
connecting an insecure machine to the Internet is a good idea.
Erik just demonstrated the principle that just because it's Open Source,
it need not be secure, which is true. Both of you forget that there is a
difference in the severity of the exploits. The difference? You are
turning Erik's facts into an ad hominem attack on Adam Warner, whereas
Erik engages in civil discussion.
HTH, HAND,
Mart
--
Gimme back my steel, gimme back my nerve
Gimme back my youth for the dead man's curve
For that icy feel when you start to swerve
John Hiatt - What Do We Do Now
------------------------------
Subject: Re: How to hack with a crash, another Microsoft "feature"
From: Eric Leblanc <[EMAIL PROTECTED]>
Date: 05 May 2001 03:57:33 -0400
"Erik Funkenbusch" <[EMAIL PROTECTED]> writes:
> "Roy Culley" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > In article <Ny7I6.22197$[EMAIL PROTECTED]>,
> > "Erik Funkenbusch" <[EMAIL PROTECTED]> writes:
> > >
> > > I guess it depends on what you mean by "secure". If someone doesn't
> know
> > > the decode algorithm, 4-bit encryption could be quite secure
> >
> > What crap. If you don't understand something don't make pathetic
> > attempts to show that you do. ANY 4-bit encryption algorithm could be
> > cracked by brute force in less time than it took you to write such
> > rubbish. The best known encryption algorithms are known and open to
> > peer review. If you invent a new encryption algorithm but won't make
> > it open to peer review then it just will not be accepted. Security
> > through obscurity just doesn't cut it at any time.
>
> What's crap is your understanding.
>
> You can only brute force it if you know the decode algorithm. You can
> guess, and analyze and do lots of things, but it could be things like XORing
> the data against a pets name, while rotating 3 bits and compressing it using
> 10 different compression algorithms. The number of possible combinations of
> decode algorithms is limitless.
First, compression after encryption is useless because a good encryption
algorithm will produce output which will be statistically indistinguishable
from random bits and no compression algorithm can compress random bits.
A cyphertext that can be compressed means that your algorithm is flawed.
Second, the opponents cryptoanalysts will probably find out you used
a series of compressors in no time at all especially if you compressed
the ciphertext. Compressing the plaintext would have been better. It reduce
the redundancy of the plaintext allowing you to extend your key.
Third, once cryptoanalyst have found out your algorithm, the only thing
protecting you is your keyspace. If you have only a 4 bits keyspace, well,
you are toast in one microseconds.
A strong cryptosystem need to have at least the following attributes:
1) Security reside in the secrecy of the key not the algorithm used
2) Cyphertext from a strong cryptosystem should look random to statistical
tests.
3) Strong cryptosystem should have a large keyspace so that you can't
bruteforce search the key.
>
> Yes, if you had the software that encoded the data, you could probably
> reverse engineer it and figure it out, but if you only have encrypted data
> and know that a key is 4 bits, then you could spend eternity looking for the
> right algorithm.
What would you prefer? A safe that is hidden and might be faulty or a safe
that is in plain sight and 'proven' difficult to break into?
--
Eric Leblanc <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
------------------------------
From: "Paul Dossett" <[EMAIL PROTECTED]>
Subject: Re: The upgrade
Date: Sat, 05 May 2001 07:59:55 GMT
"Pete Goodwin" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> In article <[EMAIL PROTECTED]>,
> [EMAIL PROTECTED] says...
>
> > > In my experience, it is nearly impossible to move a hard drive with
> > > Windows 98 (any version) from one mobo/machine to another. For some
> > > unknown reason, it appears that Windows treats each machine like it
has
> > > taken its "finger prints", and will not relent until re-installed and
a
> > > new set of "finger prints" is developed. (Side note: perhaps XP is
just
> > > further expansion on this factor.) My neighbor is setting up a 950mhz
> > > noname for a friend of his and is going through that same goatrope as
I
> > > type this message. Yes, there were plenty of "install new hardware"
> > > screens, and after the three reboots and one lockup, the PC is now at
a
> > > "dead end".
>
> Mine worked.
Challenge for you Pete - I installed Progeny on a 1.3Ghz Thunderbird machine
with a SB Live, Geforce 2, all the good stuff, then powered down and dropped
the HD into a 486 DX-100. Worked perfectly. Try it with Windows. If it
works, the 486 is yours.. :)
Paul D
------------------------------
From: "Edward Rosten" <[EMAIL PROTECTED]>
Crossposted-To: alt.linux,alt.destroy.microsoft
Subject: Re: IE
Date: Sat, 05 May 2001 10:06:10 +0100
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> Said Edward Rosten in alt.destroy.microsoft on Thu, 03 May 2001 01:21:44
>>> With the registry mapping layout as a FS, so it shouldn't be *overly*
>>> slow. Windows would do it faster, because the registry is a hirercial
>>> database, which is a damn fast design.
>>
>>An FS is usually an implementation of a heiracial database.
>
> Only metaphorically.
I don't follow what you mean. it is a way of arranging data in a
heirachy.
-Ed
--
You can't go wrong with psycho-rats.
u 9 8 e j r (at) e c s . o x . a c . u k
------------------------------
From: "Edward Rosten" <[EMAIL PROTECTED]>
Subject: Re: Alan Cox responds to Mundie
Date: Sat, 05 May 2001 10:11:42 +0100
> Not really. I think Alan made a critical error in mentioning the
> internet. The Internet was funded by the government, and all of it's
> development and code was made available as either public domain or
> business friendly licensing (such as the BSDL).
>
> In fact, most of the Internet pioneers only did so because they could
> make money off selling their proprietary implemenations (DEC, Sun, IBM,
> etc..). If the original Internet code had been released GPL, we'd
> probably all be running DECNET or something similar today.
You do not understand the GPL. The GPL licenses one specific
implementation. They are quite free to make their own implementation as
long as none of the code is copied verbaitm. In fact, the code would have
provided a useful reference even if it had been GPL.
-Ed
--
You can't go wrong with psycho-rats.
u 9 8 e j r (at) e c s . o x . a c . u k
------------------------------
From: "Edward Rosten" <[EMAIL PROTECTED]>
Subject: Re: XWindows loading on startup
Date: Sat, 05 May 2001 10:15:34 +0100
In article <[EMAIL PROTECTED]>, "Mart van de
Wege" <[EMAIL PROTECTED]> wrote:
> In article <9cq2vi$t2s$[EMAIL PROTECTED]>, "Edward Rosten" <[EMAIL PROTECTED]>
> wrote:
>
>>
>> I don't think you want to do that, unless you're really short of disk
>> space.
>>
>> The best option is to (as root) etic /etc/inittab and change the
>> runlevel to 3, instead of 5. The file is sually very well commented and
>> it has a good man page as well.
>>
>> -Ed
>>
>>
> Sorry Ed, won't work on Debian. See my answer to GreyCloud below for the
> reason why.
I stand corrected.
-ed
--
You can't go wrong with psycho-rats.
u 9 8 e j r (at) e c s . o x . a c . u k
------------------------------
From: "Edward Rosten" <[EMAIL PROTECTED]>
Subject: Re: XWindows loading on startup
Date: Sat, 05 May 2001 10:16:30 +0100
In article <[EMAIL PROTECTED]>, "Aaron R. Kulkis"
<[EMAIL PROTECTED]> wrote:
> O'Banion wrote:
>>
>> I'm new to the whole linux world, and I installed XWindows and Gnome
>> during the initial install. I am running Debian 2.2. The problem that
>> I am having is that XWindows loads automatically on boot. I've been
>> trying to figure out how to keep it from loading, but haven't figured
>> it out. Can anybody point me in the right direction?
>
> If you are new to Linux and Unix, then you should NOT be running Debian.
> Debian is for those with years of experience with Unix and/or Linux.
>
> Get SuSE or RedHat.
Don't be put off. If it's going fine with Debian, then stick with it.
-Ed
--
You can't go wrong with psycho-rats.
u 9 8 e j r (at) e c s . o x . a c . u k
------------------------------
From: "Tom Wilson" <[EMAIL PROTECTED]>
Crossposted-To:
comp.os.ms-windows.nt.advocacy,comp.unix.advocacy,comp.os.ms-windows.advocacy
Subject: Re: Just how commercially viable is OSS?... (Was Re: Interesting MS speech on
OSS/GPL ( /. hates it so it's good))
Date: Sat, 05 May 2001 08:20:28 GMT
"Ayende Rahien" <[EMAIL PROTECTED]> wrote in message
news:9cuva7$jv3$[EMAIL PROTECTED]...
<snip>
>
> I agree, one of my *most* hated tasks is creating UI, be it GUI or CLI, if
I
> program for fun, it's unlikely that I'll invest a lot of time in the UI of
> the application.
> I've a friend who fell exactly the opposite, he dwells into UI with
> overwheling joy. We do good work together.
If your freind ever gets bored, send him over here! <g>
------------------------------
From: "Mikkel Elmholdt" <[EMAIL PROTECTED]>
Subject: Re: Linux advocacy or Windows bashing?
Date: Sat, 5 May 2001 11:02:04 +0200
"Mig" <[EMAIL PROTECTED]> wrote in message
news:9cv5qo$pjq$[EMAIL PROTECTED]...
> >> >Any damn fool can bash Microsoft ..... but try to put up a compelling
> > case
> >> >for the use of Linux, would be a more challenging task, at least for
the
> >> >majority of posters here.
> >>
> >> So, are you going to do some Linux advocacy then?
> >
> > No. I don't see myself as a Linux advocate, so why should I advocate
> > Linux?
>
> Why do you open a thread in a group supposed to be about Linux advocacy
> then?
Because I don't see much Linux advocacy here, that's why. Most posters here
seem to believe that bashing Microsoft is equivalent to advocating Linux. I
happen to disagree. Everybody knows by now that MS products lacks in
stability (OK - there seem to be a few die-hard trolls around who claim the
opposite, but then there are also people claiming that the world is flat).
But abandoning Windows is not the same as taking up with Linux. There *are*
alternatives, you know.
To be honest, even if I am not a Linux/Open Source convert, I am not totally
immune to the luring calls from that camp, and I an certainly not a MS fan
either (seen enough strange things from our NT servers & workstations for
that). But still not being totally converted, I go to a seemingly Linux
advocacy group to find some compelling arguments for using Linux. And what
do I find? A load of drivel, outright BS, and mindnumbing MS bashing! That
frankly irritates me. You are convincing anyone new with this party line.
One good example of time-wasting posts is the enourmous interest for this
Mundie guy's recent blurb, where he bashes Linux and Open Source. There is
not anything new in his statements, only stuff you could expect from MS. So
why the buzz? Frankly, I would not even have known about his announcement,
had it not been for a post here. Ironic!
Mikkel
------------------------------
From: "Mikkel Elmholdt" <[EMAIL PROTECTED]>
Subject: Re: Linux advocacy or Windows bashing?
Date: Sat, 5 May 2001 11:04:12 +0200
"Terry Porter" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
<snip> On Fri, 4 May 2001 17:33:27 +0200,
> >>
> >> Most of it is in response to said trolling.
> >
> > Hmmmm ...... maybe. But if I look at the most recent postings, we have
> > within 24 hours these:
> >
> > "If Windows is supposed to be so "thoroughly" tested..."
> > "The long slow slide to Microsoft.NOT"
> > "Windows NT: lost in space?"
> > "Windos is *unfriendly*"
> You need a longer sample, 24 hours is in no way sufficient to
> obtain accurate data.
No, I realize that. I also stated that my method was non-scientific, so you
really don't have to tll me that again.
> > All MS bashing to boot. I failed to find any initial Linux bashing
threads
> > in the same period, however. Totally non-scientific statistics, I know,
but
> > still ....
> >
> >> >Any damn fool can bash Microsoft ..... but try to put up a compelling
> > case
> >> >for the use of Linux, would be a more challenging task, at least for
the
> >> >majority of posters here.
> >>
> >> So, are you going to do some Linux advocacy then?
> >
> > No. I don't see myself as a Linux advocate, so why should I advocate
Linux?
> Then what are you doing in a Linux advocacy news group?
Se my other reply. And try to understand.
Mikkel
------------------------------
From: [EMAIL PROTECTED] ("John Smith")
Subject: Linux disgusts me
Date: Sat, 5 May 2001 09:04:22 +0000 (UTC)
I installed Redhat 7.1 using the kde desktop.
WTF ? Illegible non anti-aliased fonts that require a magnifying glass to
read ? WTF ?
And free software / open source developers have the temerity to criticize
Microsoft. Get fucking real ...
At least Microsoft has developers that understand the rudimentary principles
of user friendliness. Default fonts of readable size, anti-aliased, ...
Microsoft should take pity on you and offer free internships so that you can
learn how to do things right the first time.
You bunch of losers,
J
--
Posted from [196.2.33.11] by way of oe55.law12.hotmail.com [64.4.18.63]
via Mailgate.ORG Server - http://www.Mailgate.ORG
------------------------------
From: "Mikkel Elmholdt" <[EMAIL PROTECTED]>
Subject: Re: Linux advocacy or Windows bashing?
Date: Sat, 5 May 2001 11:07:23 +0200
"GreyCloud" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Mikkel Elmholdt wrote:
> >
> > "Ian Davey" <[EMAIL PROTECTED]> wrote in message
> > news:[EMAIL PROTECTED]...
> > > In article <9cu8nu$8dv$[EMAIL PROTECTED]>, "Mikkel Elmholdt"
> > <[EMAIL PROTECTED]> wrote:
> > > >A quick (and non-scientific) overview of this newsgroup reveals that
the
> > > >majority of posts are related to anti-Microsoft topics and not to the
> > > >official topic of the newsgroup, namely advocating the virtues of
Linux.
> > >
> > > I'm sure it would be, if there weren't so many people trolling Windows
> > > advocacy through here.
> >
> > Actually, it seems to me that the number of posts bashing Windows vastly
> > outnumbers the Linux bashers here. But even so, you do have the right to
> > ignore such postings.
> >
> > > >It's a well-known fact, that if you cannot really come up some good
> > > >arguments for your case, then you can always fall back on hammering
on
> > your
> > > >opponents weaknesses. Is that the case here? If it is, then I find it
> > rather
> > > >lame.
> > >
> > > Most of it is in response to said trolling.
> >
> > Hmmmm ...... maybe. But if I look at the most recent postings, we have
> > within 24 hours these:
> >
> > "If Windows is supposed to be so "thoroughly" tested..."
> > "The long slow slide to Microsoft.NOT"
> > "Windows NT: lost in space?"
> > "Windos is *unfriendly*"
> >
> > All MS bashing to boot. I failed to find any initial Linux bashing
threads
> > in the same period, however. Totally non-scientific statistics, I know,
but
> > still ....
> >
> > > >Any damn fool can bash Microsoft ..... but try to put up a
compelling
> > case
> > > >for the use of Linux, would be a more challenging task, at least for
the
> > > >majority of posters here.
> > >
> > > So, are you going to do some Linux advocacy then?
> >
> > No. I don't see myself as a Linux advocate, so why should I advocate
Linux?
> >
> > Mikkel
>
> Then why are you trolling then??
See reply to similar question.
------------------------------
From: "Andy Walker" <[EMAIL PROTECTED]>
Subject: Re: Apple is doing a good thing
Date: Sat, 5 May 2001 10:02:11 -0000
Donn Miller wrote in message <3af36c5e_3@newsfeeds>...
>With their new OS X operating system. If you want an open source operating
>system from Apple free of charge, you can download and install Darwin, free
>of charge, and you can run X if you so choose. If you want the desktop
>version, and don't mind paying for it, you can purchase the closed-source
>version as Mac OS-X. Plus, I believe you can still compile and install X
if
>you so chose even on OS-X, the proprietary version, because you have access
>to a better command line that Windows 98 or ME has.
>
>Plus, get this: you can actually run services on OS-X if you want to, and
>it's actually secure! I believe you can do this with Windows 98 or ME, but
>you have to pay for an add-on package to allow for the same type of secure
>multi-user functionality that FreeBSD, Linux, or Darwin give you for free.
>Winvocates are always pointing towards the fact that, well, Mac OS-X is so
>expensive. It's as expensive as Windows, so ... Yeah, so? At least you
get
>some developer tools free of charge, and you also get secure multi-user
>functionality included withing that charge.
>
>
>-----= Posted via Newsfeeds.Com, Uncensored Usenet News =-----
>http://www.newsfeeds.com - The #1 Newsgroup Service in the World!
>-----== Over 80,000 Newsgroups - 16 Different Servers! =-----
From a totally objective viewpoint I'm behind Apple, although it's
purely for selfish motives!
While Linux has not got much in the way of support from software
companies, Apple does, and some excellent packages as a result. With OS-X
being released you may now find these same companies doing joint development
with Linux as the majority of code could be compiled for either. Corel have
already used Wine to transfer some of their packages to Linux with
reasonable success and as far as I'm concerned, I welcome this sort of
approach. When the main packages that get used are available for Linux, it
will then be seen as a viable desktop alternative to Windoze and as a result
hardware drivers and applications will become more available.
While most people here probably want Linux to be totally open source I
have to disagree with this. By all means use it, but I would like to have
the choice to use some of the comercial software as well, some of the games
wouldn't go amiss either! Note that I'm not criticising open source, I think
in many ways it is better coded, more efficient and less buggy than
comercial software, but occasionally a killer app appears on the scene and I
for one would like the opportunity to run it on Linux.
One other thing I'd like to mention is how easy OS-X is to use. I think that
Linux has a lot to learn about user friendliness compared with Apple but on
the other hand Apple has even more to learn about openness. It's shot
itself in the foot so many times trying to keep it's code, architecture etc
to itself that nobody wants to develop code for them and I suspect that is
one of the reasons that OS-X exists.
Let's hope that Apple have seen the light !
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to comp.os.linux.advocacy.
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Advocacy Digest
******************************
