Re: Hard to understand, being clear [ was Re: MDs & Dentists]

[Gunnar Gervin]

Debian buster 32b i386 is the dysfunctional 1/2 part (that the scammer
might have access to until I am able to find acceptable dvd to burn 64bit
Debian 10.10 into (dropped Bullseye because of request I couldn't do; no
Grub)
So I can renew that half. For me a probable way to test different distros
and releases is simply a dualboot. I need now to build websites, not a
virtual machine.
I just didn't have a working PC -yet- that could build websites.
In Synaptic I found ASCII only.
Then I'd have to learn HTML? Heard about Wordpress & YAML
Geg

On Sun, 1 Aug 2021, 23:33 Polyna-Maude Racicot-Summerside, <
deb...@polynamaude.com> wrote:

> Hi,
> Here's some example of hard to understand posts...
> Maybe I ain't the only one following the thread, that tried to help
> Gunnar but got lost in the linguistics problems.
>
> On 2021-08-01 9:39 a.m., Gunnar Gervin wrote:
> > Dual boot'ed,
> > I forgot to tell you.
> > Thus the sucker(?) can sit 'alone' in a dysfunctional 1/2 of my PC,
> > maybe 'he' never returns anyway.
> *dysfunction 1/2 of your PC ?*
>
> Okay this could be related to the first sentence about dual booting.
> So you got one of the two system not working.
>
> Which one ?
> You know, how are we supposed to know.
>
> > After built up all in 1 'secret' 1/2, I plan to re-partition the 1t
> *all in 1 'secret' 1/2 ?*
>
> What is this supposed to mean
>
> > half, to clean out 'all' dysfunctions, in a Linux, & Linux Debian
> *clean out all dysfunction in a Linux & Linux Debian*
>
> So you have two Debian system ?
>
> > 'answer' to Factory Reset, a learning way, which FReset really isn't, or
> > little.
> *'answer' to Factory Reset* ?
>
> Where you answered what ?
>
> FReset ? Is it a typo for Reset or a way for you to say Factory Reset ?
>
> Trying to save a few letter won't help your case.
>
> Unless you are using a 300 baud modem, maybe you should let go the space
> saving acronym and use plain English.
>
> I won't go back to the list of messages...
>
> But here's one that is pretty much the top of line when we consider hard
> to understand.
>
> https://lists.debian.org/debian-user/2021/07/msg01033.html
>
> Thx for the request to help in this project even not knowing code. I'll
> firstly try it on my 14 yr old Debian Buster ex-macbook. Nice way to
> include more people &, probably, improve+stabilize the distro much faster.
> Learning Linux Debian is a nice hobby(feels more like a lifestyle)
>
> --
>
> *A ex-Macbook ? what make it change from a MacBook to a none-Macbook ?*
>
> https://lists.debian.org/debian-user/2021/07/msg01219.html
>
> >> On 2021-07-28 3:16 p.m., Gunnar Gervin wrote:
> >>> It is a Toshiba 160 gb hd in a 14 years old Macbook i386 ❤️/x86 32 b
> >>> booting from Bios not uefi. I'll give full report in 1-2 weeks, after
> >>> put in VM in it, faster internet to it to handle VM.
> >>> And built websites with it.
> >>> Geg
>
> 
>
> > One might assume from
> >
> > https://lists.debian.org/debian-user/2021/07/msg01033.html
> > https://lists.debian.org/debian-user/2021/07/msg01167.html
> >
> > that these deal with the same machine, and that Gunnar hasn't quite
> > mastered the technique of threading, but is keen to add to the
> > list of tested hardware.
> >
> One doesn't always read all the messages and only uses the subject to
> get a idea.
>
> Now is he saying his machine can WORK with Debian or is this related to
> the message I had with him earlier about a problem with his system NOT
> WORKING and CRASHING on update, requiring CLEAN REINSTALL.
>
> And this is the part that would be nice to know...
>
> 
>
> *And we still don't know !*
>
> > BR,
> > Geg.
> >
> > On Wed, 21 Jul 2021, 18:59 Dan Ritter,  > > wrote:
> >
> > Reco wrote:
> > > On Wed, Jul 21, 2021 at 10:51:40AM -0400, Celejar wrote:
> > > Numbers show that I was incorrect. Let's call it "unlikely"
> instead of
> > > "rare". Let the popcon graphs speak for themselves:
> > >
> > > https://qa.debian.org/popcon.php?package=firefox-esr
> > 
> > > vs
> > > https://qa.debian.org/popcon.php?package=openjdk-11
> > 
> >
> > Standard reminder: popcon vastly over-represents
> > individually-owned laptops and desktops over servers and
> > corporately-owned anything.
> >
> > In this case, individuals are sometimes infected with ransomware
> > by happenstance, but corporates are actually targets.
> >
> > > It won't by itself, of course. One sure way to beat ransomware is
> to
> > > take immutable backups (i.e. unmodifiable by host during and after
> the
> > > backup is taken), and as recent history shows us - ransomware
> victims
> > > apparently do not use this approach.
> >
> > Yes indeed.
> >
> > -dsr-
> >
>
> --
> Polyna-Maude R.-Summerside
> -Be smart, Be wise, Support opensource development
>
>

Re: Hard to understand, being clear [ was Re: MDs & Dentists]

[Gunnar Gervin]

My exMac looks like old Mac, but 1/2 of software/harddisk is Debian i386
32b Buster, another
1/2 of HD (Toshiba MK1655GS ssd 160gb, Intel, 3gb memory) is Linux Mint 32b
Ubuntu-based.
Wikipedia said it's the first Mac (Snow Leopard)to run on 64bit.
You asked what changed it from being a Macbook to an exmac.
Letting Linux Debian 10.9 take over 100% of 160gb software. It is now
impossible(?) to go back to Macbook 2.1 osx 10.6.8 Snow Leopard. The
hardware is Mac, which is the keyboard & screen.
Debian (& Mac) 'said' dvd player didn't work, neither the external dvd
player. Mint didn't 'complain'. The Apple symbol appears on screen starting
& a fanfare tune. Mac or not: Depends how you define it, external,
internal, both.
I didn't much think of it until now.
For me it's no longer a Mac. Because for me the main use of a computer is
the desktop look, the programs, the distribution. It's not a car, to get me
around. It's to get my brainwork done; it's main value is on the inside.
See?
BR,
Geg

BR,
Geg

On Sun, 1 Aug 2021, 23:33 Polyna-Maude Racicot-Summerside, <
deb...@polynamaude.com> wrote:

> Hi,
> Here's some example of hard to understand posts...
> Maybe I ain't the only one following the thread, that tried to help
> Gunnar but got lost in the linguistics problems.
>
> On 2021-08-01 9:39 a.m., Gunnar Gervin wrote:
> > Dual boot'ed,
> > I forgot to tell you.
> > Thus the sucker(?) can sit 'alone' in a dysfunctional 1/2 of my PC,
> > maybe 'he' never returns anyway.
> *dysfunction 1/2 of your PC ?*
>
> Okay this could be related to the first sentence about dual booting.
> So you got one of the two system not working.
>
> Which one ?
> You know, how are we supposed to know.
>
> > After built up all in 1 'secret' 1/2, I plan to re-partition the 1t
> *all in 1 'secret' 1/2 ?*
>
> What is this supposed to mean
>
> > half, to clean out 'all' dysfunctions, in a Linux, & Linux Debian
> *clean out all dysfunction in a Linux & Linux Debian*
>
> So you have two Debian system ?
>
> > 'answer' to Factory Reset, a learning way, which FReset really isn't, or
> > little.
> *'answer' to Factory Reset* ?
>
> Where you answered what ?
>
> FReset ? Is it a typo for Reset or a way for you to say Factory Reset ?
>
> Trying to save a few letter won't help your case.
>
> Unless you are using a 300 baud modem, maybe you should let go the space
> saving acronym and use plain English.
>
> I won't go back to the list of messages...
>
> But here's one that is pretty much the top of line when we consider hard
> to understand.
>
> https://lists.debian.org/debian-user/2021/07/msg01033.html
>
> Thx for the request to help in this project even not knowing code. I'll
> firstly try it on my 14 yr old Debian Buster ex-macbook. Nice way to
> include more people &, probably, improve+stabilize the distro much faster.
> Learning Linux Debian is a nice hobby(feels more like a lifestyle)
>
> --
>
> *A ex-Macbook ? what make it change from a MacBook to a none-Macbook ?*
>
> https://lists.debian.org/debian-user/2021/07/msg01219.html
>
> >> On 2021-07-28 3:16 p.m., Gunnar Gervin wrote:
> >>> It is a Toshiba 160 gb hd in a 14 years old Macbook i386 ❤️/x86 32 b
> >>> booting from Bios not uefi. I'll give full report in 1-2 weeks, after
> >>> put in VM in it, faster internet to it to handle VM.
> >>> And built websites with it.
> >>> Geg
>
> 
>
> > One might assume from
> >
> > https://lists.debian.org/debian-user/2021/07/msg01033.html
> > https://lists.debian.org/debian-user/2021/07/msg01167.html
> >
> > that these deal with the same machine, and that Gunnar hasn't quite
> > mastered the technique of threading, but is keen to add to the
> > list of tested hardware.
> >
> One doesn't always read all the messages and only uses the subject to
> get a idea.
>
> Now is he saying his machine can WORK with Debian or is this related to
> the message I had with him earlier about a problem with his system NOT
> WORKING and CRASHING on update, requiring CLEAN REINSTALL.
>
> And this is the part that would be nice to know...
>
> 
>
> *And we still don't know !*
>
> > BR,
> > Geg.
> >
> > On Wed, 21 Jul 2021, 18:59 Dan Ritter,  > > wrote:
> >
> > Reco wrote:
> > > On Wed, Jul 21, 2021 at 10:51:40AM -0400, Celejar wrote:
> > > Numbers show that I was incorrect. Let's call it "unlikely"
> instead of
> > > "rare". Let the popcon graphs speak for themselves:
> > >
> > > https://qa.debian.org/popcon.php?package=firefox-esr
> > 
> > > vs
> > > https://qa.debian.org/popcon.php?package=openjdk-11
> > 
> >
> > Standard reminder: popcon vastly over-represents
> > individually-owned laptops and desktops over servers and
> > corporately-owned anything.
> >
> > In this case, individuals are sometimes infected with ransomware
> > by happenstance, but corporates are actually targets.

Re: MDs & Dentists

[Gunnar Gervin]

Scam:
Was from outside of this list.
This info because someone thought I accused this list.
Sorry for the confusion I made.
BR,
Geg.

On Sun, 1 Aug 2021, 23:46 Polyna-Maude Racicot-Summerside, <
deb...@polynamaude.com> wrote:

> Hi,
>
> On 2021-08-01 9:58 a.m., Gunnar Gervin wrote:
> > I expected that answer.
> > Debian is still 1/2 of it, but kinda dysfunctional, cos of me & scam
> > Trying to set up Debian in a VM in another Linux distro, with Chef
> > So I cannot really see irrelevance
> > of my question?? Like Nobody here knows how to fix this one, cos it's
> > slightly out of D. politics?
> > Geg
> >
>
> Not because of politics.
> Because you don't seem to take help when it's given to you.
>
> At least 3 persons (different ones) have gave you tips on how to
> properly identify the OS you are running over (not only Linux but the
> distribution itself) and been trying to find out what you are using.
>
> Including one person that wasn't sure if your laptop description was
> because it was running Bullseye and wanted to be added to the list of
> computer supported or something else.
>
> None got any answer.
>
> So this may be the start of the whole problem.
>
> Now if you have a belief that people are trying to scam you off, them I
> can assure you of two things.
>
> You probably aren't a interesting target unless you are a bank or some
> big corporation. And if it would be the case, you wouldn't be
> interacting this way on the mailing list.
>
> If you got offer by someone you don't know to pay 100$ and get refunded
> for BTC, then you are mostly the first person to blame. This trick has
> been around for a very long time, and it's quite public notoriety that
> the first thing to do is to hangup on those person.
>
> If you come here for help and put a doubt behind every answer that
> people will give you. Then it could be good to ask yourself why you came
> here first ?
>
> Maybe you never answered to the two other users who asked you to type
> some command on the shell so we can know what type of system you run,
> this way we'd know if it's Debian (as we don't seem to be sure yet) and
> what architecture too. Because you talked about ex-Macbook, using BIOS,
> etc... pretty unclear.
>
> Nobody can undo what happened in the past. But if you need help, the
> first thing will be some genuine cooperation from yourself. Or going out
> to your local computer store and paying someone to do the job.
>
> And surely stop using some acronym only you may understand. It's not a
> run against the clock. Take time to write complete word and people will
> maybe have more interest in helping too.
>
> Why shall we make effort if you don't do so. If all the energy we have
> is devoted trying to decrypt some message then there won't be any left
> for the computer helping part of the job.
>
> > On Sun, 1 Aug 2021, 16:50 Andrew M.A. Cater,  > > wrote:
> >
> > On Sun, Aug 01, 2021 at 04:30:45PM +0300, Gunnar Gervin wrote:
> > > Security.
> > > Rarely discussed in Linux(?)..
> > > Was scammed recently; naive me let a man w/Bad accent take over my
> > laptop
> > > to 'help refund BTC' & make me pay 100$.
> > > Because of that &/or me in Synaptic bloating (2 many) packages,
> > which led
> > > to "1t fix broken packages", "put in Debian 10.9 Netinst cdrom", &
> > "can't
> *lt fin broken packages* ?
> lt ?
>
> let ?
>
>
> > > find key file" messages (yes, all 3 !).
>
> find key file messages ?
>
> *yes, all 3!*
>
> what 3 ?
>
> > > After trying "all" workarounds, I installed another, more simple
> Linux
> > > distro, built up a new setup of relevant programs to build VM,
> > containers,
> > > websites, Debian iso image, & CHEF.
> >
> > Which distro - are you still using Debian?
>
> Again this question ?
>
> How many time will it take before getting a bit of cooperation !?
> >
> > If not, we can't really help you. Although many of us have run other
> > distributions in the past, all of the Debian/Ubuntu derivatives do
> > something slightly different - we can only really help with generic
> > Debian things. If we offer help with any other distribution, it's
> > only ever best efforts - Debian derivatives have their own support
> > infrastructure.
> >
> > > Now Chef asks me to give URL to continue setting up a VM etc.
> > > Plz advise &/or help to do it/this.
> >
> > It may not be relevant but the chef and chef-zero packages in Buster
> > appear
> > to no longer be packaged in Bullseye - the upcoming release due in
> > two weeks.
> >
> > Ask on a Chef list, perhaps?
> >
> A good shot would be to ask on a mailing list specific to this
> particular software (or a forum).
>
> > > BR,
> > > GEG
> >
> > All best, as ever,
> >
> > Andrew Cater
> >
> > >
> > > On Wed, 21 Jul 2021, 18:59 Dan Ritter,  > > wrote:
> > >
> > > > Reco 

Re: MDs & Dentists

[Gunnar Gervin]

I see.
It's now a dual boot;
Debian 10.9 i386 32b Buster (installed from netinst dvd), in which Synaptic
crashed 80%. Tried reinstall with above dvd, it was rejected, not sure why.
So I restored the machine with a DVD with Linux Mint, dual boot;
Debian above is 1/2 , Mint is 1/2 & set up Synaptic in Linux Mint, it works
fine, just like in Debian.
It is originally a Macbook 2.1, Intel, 2Core, 160GB, 3GB RAM, Version 3.0
Vesa Bios, 64 bit(!).
Seems to use a lot 32b software
Now I look for alternative VM builders to Chef. Synaptic programs seems
same in Mint as in Debian. Debian works better in this machine than LMDE4.
Mint runs better so far, than both Debian and Lmde4. But that's probably
cos of my total lack of knowledge of anything incl. doing Backups(!). I
took backups in Mac, not Linux.
Geg

On Sun, 1 Aug 2021, 23:46 Polyna-Maude Racicot-Summerside, <
deb...@polynamaude.com> wrote:

> Hi,
>
> On 2021-08-01 9:58 a.m., Gunnar Gervin wrote:
> > I expected that answer.
> > Debian is still 1/2 of it, but kinda dysfunctional, cos of me & scam
> > Trying to set up Debian in a VM in another Linux distro, with Chef
> > So I cannot really see irrelevance
> > of my question?? Like Nobody here knows how to fix this one, cos it's
> > slightly out of D. politics?
> > Geg
> >
>
> Not because of politics.
> Because you don't seem to take help when it's given to you.
>
> At least 3 persons (different ones) have gave you tips on how to
> properly identify the OS you are running over (not only Linux but the
> distribution itself) and been trying to find out what you are using.
>
> Including one person that wasn't sure if your laptop description was
> because it was running Bullseye and wanted to be added to the list of
> computer supported or something else.
>
> None got any answer.
>
> So this may be the start of the whole problem.
>
> Now if you have a belief that people are trying to scam you off, them I
> can assure you of two things.
>
> You probably aren't a interesting target unless you are a bank or some
> big corporation. And if it would be the case, you wouldn't be
> interacting this way on the mailing list.
>
> If you got offer by someone you don't know to pay 100$ and get refunded
> for BTC, then you are mostly the first person to blame. This trick has
> been around for a very long time, and it's quite public notoriety that
> the first thing to do is to hangup on those person.
>
> If you come here for help and put a doubt behind every answer that
> people will give you. Then it could be good to ask yourself why you came
> here first ?
>
> Maybe you never answered to the two other users who asked you to type
> some command on the shell so we can know what type of system you run,
> this way we'd know if it's Debian (as we don't seem to be sure yet) and
> what architecture too. Because you talked about ex-Macbook, using BIOS,
> etc... pretty unclear.
>
> Nobody can undo what happened in the past. But if you need help, the
> first thing will be some genuine cooperation from yourself. Or going out
> to your local computer store and paying someone to do the job.
>
> And surely stop using some acronym only you may understand. It's not a
> run against the clock. Take time to write complete word and people will
> maybe have more interest in helping too.
>
> Why shall we make effort if you don't do so. If all the energy we have
> is devoted trying to decrypt some message then there won't be any left
> for the computer helping part of the job.
>
> > On Sun, 1 Aug 2021, 16:50 Andrew M.A. Cater,  > > wrote:
> >
> > On Sun, Aug 01, 2021 at 04:30:45PM +0300, Gunnar Gervin wrote:
> > > Security.
> > > Rarely discussed in Linux(?)..
> > > Was scammed recently; naive me let a man w/Bad accent take over my
> > laptop
> > > to 'help refund BTC' & make me pay 100$.
> > > Because of that &/or me in Synaptic bloating (2 many) packages,
> > which led
> > > to "1t fix broken packages", "put in Debian 10.9 Netinst cdrom", &
> > "can't
> *lt fin broken packages* ?
> lt ?
>
> let ?
>
>
> > > find key file" messages (yes, all 3 !).
>
> find key file messages ?
>
> *yes, all 3!*
>
> what 3 ?
>
> > > After trying "all" workarounds, I installed another, more simple
> Linux
> > > distro, built up a new setup of relevant programs to build VM,
> > containers,
> > > websites, Debian iso image, & CHEF.
> >
> > Which distro - are you still using Debian?
>
> Again this question ?
>
> How many time will it take before getting a bit of cooperation !?
> >
> > If not, we can't really help you. Although many of us have run other
> > distributions in the past, all of the Debian/Ubuntu derivatives do
> > something slightly different - we can only really help with generic
> > Debian things. If we offer help with any other distribution, it's
> > only ever best efforts - Debian derivatives have their own support
> > infrastructure.
> >
> > 

Re: MDs & Dentists

[Polyna-Maude Racicot-Summerside]

Hi,

On 2021-08-01 9:58 a.m., Gunnar Gervin wrote:
> I expected that answer.
> Debian is still 1/2 of it, but kinda dysfunctional, cos of me & scam
> Trying to set up Debian in a VM in another Linux distro, with Chef
> So I cannot really see irrelevance
> of my question?? Like Nobody here knows how to fix this one, cos it's
> slightly out of D. politics?
> Geg
> 

Not because of politics.
Because you don't seem to take help when it's given to you.

At least 3 persons (different ones) have gave you tips on how to
properly identify the OS you are running over (not only Linux but the
distribution itself) and been trying to find out what you are using.

Including one person that wasn't sure if your laptop description was
because it was running Bullseye and wanted to be added to the list of
computer supported or something else.

None got any answer.

So this may be the start of the whole problem.

Now if you have a belief that people are trying to scam you off, them I
can assure you of two things.

You probably aren't a interesting target unless you are a bank or some
big corporation. And if it would be the case, you wouldn't be
interacting this way on the mailing list.

If you got offer by someone you don't know to pay 100$ and get refunded
for BTC, then you are mostly the first person to blame. This trick has
been around for a very long time, and it's quite public notoriety that
the first thing to do is to hangup on those person.

If you come here for help and put a doubt behind every answer that
people will give you. Then it could be good to ask yourself why you came
here first ?

Maybe you never answered to the two other users who asked you to type
some command on the shell so we can know what type of system you run,
this way we'd know if it's Debian (as we don't seem to be sure yet) and
what architecture too. Because you talked about ex-Macbook, using BIOS,
etc... pretty unclear.

Nobody can undo what happened in the past. But if you need help, the
first thing will be some genuine cooperation from yourself. Or going out
to your local computer store and paying someone to do the job.

And surely stop using some acronym only you may understand. It's not a
run against the clock. Take time to write complete word and people will
maybe have more interest in helping too.

Why shall we make effort if you don't do so. If all the energy we have
is devoted trying to decrypt some message then there won't be any left
for the computer helping part of the job.

> On Sun, 1 Aug 2021, 16:50 Andrew M.A. Cater,  > wrote:
> 
> On Sun, Aug 01, 2021 at 04:30:45PM +0300, Gunnar Gervin wrote:
> > Security.
> > Rarely discussed in Linux(?)..
> > Was scammed recently; naive me let a man w/Bad accent take over my
> laptop
> > to 'help refund BTC' & make me pay 100$.
> > Because of that &/or me in Synaptic bloating (2 many) packages,
> which led
> > to "1t fix broken packages", "put in Debian 10.9 Netinst cdrom", &
> "can't
*lt fin broken packages* ?
lt ?

let ?


> > find key file" messages (yes, all 3 !).

find key file messages ?

*yes, all 3!*

what 3 ?

> > After trying "all" workarounds, I installed another, more simple Linux
> > distro, built up a new setup of relevant programs to build VM,
> containers,
> > websites, Debian iso image, & CHEF.
> 
> Which distro - are you still using Debian?

Again this question ?

How many time will it take before getting a bit of cooperation !?
> 
> If not, we can't really help you. Although many of us have run other
> distributions in the past, all of the Debian/Ubuntu derivatives do
> something slightly different - we can only really help with generic
> Debian things. If we offer help with any other distribution, it's
> only ever best efforts - Debian derivatives have their own support
> infrastructure.
> 
> > Now Chef asks me to give URL to continue setting up a VM etc.
> > Plz advise &/or help to do it/this.
> 
> It may not be relevant but the chef and chef-zero packages in Buster
> appear
> to no longer be packaged in Bullseye - the upcoming release due in
> two weeks.
> 
> Ask on a Chef list, perhaps?
> 
A good shot would be to ask on a mailing list specific to this
particular software (or a forum).

> > BR,
> > GEG
> 
> All best, as ever,
> 
> Andrew Cater
> 
> >
> > On Wed, 21 Jul 2021, 18:59 Dan Ritter,  > wrote:
> >
> > > Reco wrote:
> > > > On Wed, Jul 21, 2021 at 10:51:40AM -0400, Celejar wrote:
> > > > Numbers show that I was incorrect. Let's call it "unlikely"
> instead of
> > > > "rare". Let the popcon graphs speak for themselves:
> > > >
> > > > https://qa.debian.org/popcon.php?package=firefox-esr
> 
> > > > vs
> > > > https://qa.debian.org/popcon.php?package=openjdk-11
> 

Hard to understand, being clear [ was Re: MDs & Dentists]

[Polyna-Maude Racicot-Summerside]

Hi,
Here's some example of hard to understand posts...
Maybe I ain't the only one following the thread, that tried to help
Gunnar but got lost in the linguistics problems.

On 2021-08-01 9:39 a.m., Gunnar Gervin wrote:
> Dual boot'ed,
> I forgot to tell you.
> Thus the sucker(?) can sit 'alone' in a dysfunctional 1/2 of my PC,
> maybe 'he' never returns anyway.
*dysfunction 1/2 of your PC ?*

Okay this could be related to the first sentence about dual booting.
So you got one of the two system not working.

Which one ?
You know, how are we supposed to know.

> After built up all in 1 'secret' 1/2, I plan to re-partition the 1t
*all in 1 'secret' 1/2 ?*

What is this supposed to mean

> half, to clean out 'all' dysfunctions, in a Linux, & Linux Debian
*clean out all dysfunction in a Linux & Linux Debian*

So you have two Debian system ?

> 'answer' to Factory Reset, a learning way, which FReset really isn't, or
> little.
*'answer' to Factory Reset* ?

Where you answered what ?

FReset ? Is it a typo for Reset or a way for you to say Factory Reset ?

Trying to save a few letter won't help your case.

Unless you are using a 300 baud modem, maybe you should let go the space
saving acronym and use plain English.

I won't go back to the list of messages...

But here's one that is pretty much the top of line when we consider hard
to understand.

https://lists.debian.org/debian-user/2021/07/msg01033.html

Thx for the request to help in this project even not knowing code. I'll
firstly try it on my 14 yr old Debian Buster ex-macbook. Nice way to
include more people &, probably, improve+stabilize the distro much faster.
Learning Linux Debian is a nice hobby(feels more like a lifestyle)

--

*A ex-Macbook ? what make it change from a MacBook to a none-Macbook ?*

https://lists.debian.org/debian-user/2021/07/msg01219.html

>> On 2021-07-28 3:16 p.m., Gunnar Gervin wrote:
>>> It is a Toshiba 160 gb hd in a 14 years old Macbook i386 ❤️/x86 32 b
>>> booting from Bios not uefi. I'll give full report in 1-2 weeks, after
>>> put in VM in it, faster internet to it to handle VM.
>>> And built websites with it.
>>> Geg



> One might assume from
>
> https://lists.debian.org/debian-user/2021/07/msg01033.html
> https://lists.debian.org/debian-user/2021/07/msg01167.html
>
> that these deal with the same machine, and that Gunnar hasn't quite
> mastered the technique of threading, but is keen to add to the
> list of tested hardware.
>
One doesn't always read all the messages and only uses the subject to
get a idea.

Now is he saying his machine can WORK with Debian or is this related to
the message I had with him earlier about a problem with his system NOT
WORKING and CRASHING on update, requiring CLEAN REINSTALL.

And this is the part that would be nice to know...



*And we still don't know !*

> BR,
> Geg.
> 
> On Wed, 21 Jul 2021, 18:59 Dan Ritter,  > wrote:
> 
> Reco wrote:
> > On Wed, Jul 21, 2021 at 10:51:40AM -0400, Celejar wrote:
> > Numbers show that I was incorrect. Let's call it "unlikely" instead of
> > "rare". Let the popcon graphs speak for themselves:
> >
> > https://qa.debian.org/popcon.php?package=firefox-esr
> 
> > vs
> > https://qa.debian.org/popcon.php?package=openjdk-11
> 
> 
> Standard reminder: popcon vastly over-represents
> individually-owned laptops and desktops over servers and
> corporately-owned anything.
> 
> In this case, individuals are sometimes infected with ransomware
> by happenstance, but corporates are actually targets.
> 
> > It won't by itself, of course. One sure way to beat ransomware is to
> > take immutable backups (i.e. unmodifiable by host during and after the
> > backup is taken), and as recent history shows us - ransomware victims
> > apparently do not use this approach.
> 
> Yes indeed.
> 
> -dsr-
> 

-- 
Polyna-Maude R.-Summerside
-Be smart, Be wise, Support opensource development



OpenPGP_signature
Description: OpenPGP digital signature

Re: MDs & Dentists

[Polyna-Maude Racicot-Summerside]

Hi,

On 2021-08-01 9:58 a.m., Gunnar Gervin wrote:
> I expected that answer.
> Debian is still 1/2 of it, but kinda dysfunctional, cos of me & scam
> Trying to set up Debian in a VM in another Linux distro, with Chef
> So I cannot really see irrelevance
> of my question?? Like Nobody here knows how to fix this one, cos it's
> slightly out of D. politics?
There's no such thing as "Debian Politics" (or what would D.Politics
mean, could be useful to put a bit more effort in making your message
intelligible for others).

What there's present here is a community of user that revolve around the
Debian Linux distribution, centered over the Debian distribution. So if
you run Distribution XYZ and are trying to get Debian running on a VM,
we can help you with the Debian part, not much with setting up the VM or
what goes with the underlying OS.

Not because of some "politics" or because we are stubborn or stillborn,
but because we probably have not much experience with the underlying
system. We have interest in Debian and this is what we all use mostly.

We've exchanged (me and many others) at least two dozen of messages in
the last weeks or so. And still, we don't have a clue if you are running
Debian.

But, we have gave you chances and tools to straight this out.

https://lists.debian.org/debian-user/2021/07/msg01216.html

*Here's a short part...*

Rather than a back and forth on whether Gunnar's description of the
machine is correct, it might be more productive to suggest running
some simple, definitive commands like:

$ ls /sys/firmware/
acpi  dmi  efi  memmap
$

It either includes "efi" (UEFI-booted), or it doesn't (BIOS-booted).

$ uname -a
Linux ajax 4.19.0-17-amd64 #1 SMP Debian 4.19.194-3 (2021-07-18) x86_64
GNU/Linux
$

The kernel architecture is given (x86_64 here). The "arch" command is
terser. i686/i586/i486 would indicate an i386 architecture.

$ grep address /proc/cpuinfo
address sizes   : 36 bits physical, 48 bits virtual
$

Anything over 32 indicates 64-bit capability, whether or not
it is being exploited. A 32-bit processor will only yield:

address sizes   : 32 bits physical, 32 bits virtual

*And here goes another one...*

https://lists.debian.org/debian-user/2021/07/msg01240.html

Of course I haven't. I see scattered posts (only some) from Gunnar
that don't seem to make a lot of sense, followed up by discussion and
argument, much of which could be avoided by getting some facts into
the posts. Hence my suggestion (snipped) to run

$ ls /sys/firmware/
$ uname -a
$ grep address /proc/cpuinfo

and clarify what type of machine (machines?) is being discussed.
Perhaps it's reckless not to have suggested a command proving
it's a Debian system.

In all of Gunnar's posts, I think I have only seen one report of actual
output posted, and I have no idea what the origin of that was, viz:

  # UNCONFIGURED FSTAB FOR BASE SYSTEM
  overlay / overlay rw 0 0
  tmpfs /tmp tmpfs nosuid,nodev 0 0
  /dev/sda1 /mnt/sda1 EXT2 nosuid,nodev,nofail,x-gvfs-show 0 0
  /dev/sda3 /mnt/sda3 EXT2
nosuid,nodev,nofail,x-gvfs-show,noauto,x-udisks-auth 0 0
  /dev/sda2 none swap sw,x-udisks-auth,noauto 0 0

*Now sorry...*
Maybe English is not your main language or there's something else but I
have to agree with the writter of this last message.
Some your post don't make much sense and take more energy to understand
the text themselves than they require to really find any type of
computing problem.

What is easy to understand for yourself may not be the case for others.

In the long term, you'll be the one facing penalties for this as people
will just get tired and start ignoring.

No one's got obligation here and we are all volunteer doing so for the
pleasure of helping others.

Even myself, when I take to explain things like I'm doing now.

And like I did for the "top posting".

Here's some tip...

I'll show you some hard to understand in the following post...



> Geg
> 
> On Sun, 1 Aug 2021, 16:50 Andrew M.A. Cater,  > wrote:
> 
> On Sun, Aug 01, 2021 at 04:30:45PM +0300, Gunnar Gervin wrote:
> > Security.
> > Rarely discussed in Linux(?)..
> > Was scammed recently; naive me let a man w/Bad accent take over my
> laptop
> > to 'help refund BTC' & make me pay 100$.
> > Because of that &/or me in Synaptic bloating (2 many) packages,
> which led
> > to "1t fix broken packages", "put in Debian 10.9 Netinst cdrom", &
> "can't
> > find key file" messages (yes, all 3 !).
> > After trying "all" workarounds, I installed another, more simple Linux
> > distro, built up a new setup of relevant programs to build VM,
> containers,
> > websites, Debian iso image, & CHEF.
> 
> Which distro - are you still using Debian?
> 
> If not, we can't really help you. Although many of us have run other
> distributions in the past, all of the Debian/Ubuntu derivatives do
> something slightly different - we can only really help with generic
> Debian 

Re: MDs & Dentists

[Andrew M.A. Cater]

On Sun, Aug 01, 2021 at 04:58:48PM +0300, Gunnar Gervin wrote:
> I expected that answer.
> Debian is still 1/2 of it, but kinda dysfunctional, cos of me & scam
> Trying to set up Debian in a VM in another Linux distro, with Chef
> So I cannot really see irrelevance
> of my question?? Like Nobody here knows how to fix this one, cos it's
> slightly out of D. politics?
> Geg

So: do the simple things.

1.) If you want to keep Windows - use this Windows machine or another to 
produce a Windows .iso for installation using Microsoft's media creation tool 
to put 
it onto a USB flash disk. 

Use Debian boot media to delete the whole of Windows: reinstall Windows 
using your new USB flash disk after removing all existing partitions on the 
hard disk. If you get the chance to partition the blank disk - set aside space 
for a 
Linux install. If not, use Windows partitioning tools to shrink Windows to 
allow space for a Linux distribution. Install Windows using UEFI boot if
at all possible.

2.) Install Debian - and only Debian on the empty space. Debian should find
the Windows partition and include it into the Grub boot menu. If you choose
to install any other Linux, we may or may not be able to help you as
previously written.

Saying this because I've a machine in the room on which I did just that.
Save yourself a lot of XYZ problems by doing two things slowly and carefully.

Why you think that someone from another Linux distribution should have
scammed you / been attacking your Windows partition is your own affair.
In most instances, a clean reinstall of an operating system will help
to see them away significantly and good patching and updating is also a must.
. 
You may need to consider about what makes you, especially, special enough for 
someone else to try and hack you and, objectively, whether facts support this.

All the very best, as ever,

Andrew Cater
> 
> On Sun, 1 Aug 2021, 16:50 Andrew M.A. Cater,  wrote:
> 
> > On Sun, Aug 01, 2021 at 04:30:45PM +0300, Gunnar Gervin wrote:
> > > Security.
> > > Rarely discussed in Linux(?)..
> > > Was scammed recently; naive me let a man w/Bad accent take over my laptop
> > > to 'help refund BTC' & make me pay 100$.
> > > Because of that &/or me in Synaptic bloating (2 many) packages, which led
> > > to "1t fix broken packages", "put in Debian 10.9 Netinst cdrom", & "can't
> > > find key file" messages (yes, all 3 !).
> > > After trying "all" workarounds, I installed another, more simple Linux
> > > distro, built up a new setup of relevant programs to build VM,
> > containers,
> > > websites, Debian iso image, & CHEF.
> >
> > Which distro - are you still using Debian?
> >
> > If not, we can't really help you. Although many of us have run other
> > distributions in the past, all of the Debian/Ubuntu derivatives do
> > something slightly different - we can only really help with generic
> > Debian things. If we offer help with any other distribution, it's
> > only ever best efforts - Debian derivatives have their own support
> > infrastructure.
> >
> > > Now Chef asks me to give URL to continue setting up a VM etc.
> > > Plz advise &/or help to do it/this.
> >
> > It may not be relevant but the chef and chef-zero packages in Buster
> > appear
> > to no longer be packaged in Bullseye - the upcoming release due in two
> > weeks.
> >
> > Ask on a Chef list, perhaps?
> >
> > > BR,
> > > GEG
> >
> > All best, as ever,
> >
> > Andrew Cater
> >
> > >
> > > On Wed, 21 Jul 2021, 18:59 Dan Ritter,  wrote:
> > >
> > > > Reco wrote:
> > > > > On Wed, Jul 21, 2021 at 10:51:40AM -0400, Celejar wrote:
> > > > > Numbers show that I was incorrect. Let's call it "unlikely" instead
> > of
> > > > > "rare". Let the popcon graphs speak for themselves:
> > > > >
> > > > > https://qa.debian.org/popcon.php?package=firefox-esr
> > > > > vs
> > > > > https://qa.debian.org/popcon.php?package=openjdk-11
> > > >
> > > > Standard reminder: popcon vastly over-represents
> > > > individually-owned laptops and desktops over servers and
> > > > corporately-owned anything.
> > > >
> > > > In this case, individuals are sometimes infected with ransomware
> > > > by happenstance, but corporates are actually targets.
> > > >
> > > > > It won't by itself, of course. One sure way to beat ransomware is to
> > > > > take immutable backups (i.e. unmodifiable by host during and after
> > the
> > > > > backup is taken), and as recent history shows us - ransomware victims
> > > > > apparently do not use this approach.
> > > >
> > > > Yes indeed.
> > > >
> > > > -dsr-
> > > >
> > > >
> >
> >

Re: MDs & Dentists

[rhkramer]

On Sunday, August 01, 2021 09:58:48 AM Gunnar Gervin wrote:
> So I cannot really see irrelevance
> of my question?? 

> Like Nobody here knows how to fix this one, cos it's
> slightly out of D. 

Someone who uses Debian, maybe even someone who subscribes to this list might 
know how to fix your problem, but I think at least part of the point that 
Andrew was making is that it is a catch as catch can situation -- somebody 
might be able to help, but the people that really concentrate on taking care 
of Debian probably can't as they are not familiar with your distro or Chef or 
both.

> politics?

No, and most of us here probably don't like the suggestion.

Re: MDs & Dentists

[Dan Ritter]

Andrew M.A. Cater wrote: 
> On Sun, Aug 01, 2021 at 04:30:45PM +0300, Gunnar Gervin wrote:
> > Security.
> > Rarely discussed in Linux(?)..

Discussed all the time.

> > After trying "all" workarounds, I installed another, more simple Linux
> > distro, built up a new setup of relevant programs to build VM, containers,
> > websites, Debian iso image, & CHEF.
> 
> Which distro - are you still using Debian?
> 
> If not, we can't really help you. Although many of us have run other 
> distributions in the past, all of the Debian/Ubuntu derivatives do
> something slightly different - we can only really help with generic
> Debian things. If we offer help with any other distribution, it's
> only ever best efforts - Debian derivatives have their own support
> infrastructure.
> 
> > Now Chef asks me to give URL to continue setting up a VM etc.
> > Plz advise &/or help to do it/this.

You need a chef-server already set up on another machine. You
probably don't have a chef-server set up. Installing one on
Debian is a problem...

> It may not be relevant but the chef and chef-zero packages in Buster appear 
> to no longer be packaged in Bullseye - the upcoming release due in two weeks.
> 
> Ask on a Chef list, perhaps?

The problem is that the company that was developing chef was
purchased by a company which is rather hostile to open source,
and - as far as I can tell - the group which was planning on
forking chef and producing cinc (cinc is not chef) has run into
trouble.

Although I like chef quite a bit, I cannot recommend it to anyone who
is starting to use an open source configuration automation system at
this time. Existing users may or may not be comfortable
continuing on with old chef-server versions until cinc is ready.

Viable alternatives include puppet, salt, ansible, bcfg2,
cfengine3, and probably many others.

-dsr-

Re: MDs & Dentists

[Gunnar Gervin]

I expected that answer.
Debian is still 1/2 of it, but kinda dysfunctional, cos of me & scam
Trying to set up Debian in a VM in another Linux distro, with Chef
So I cannot really see irrelevance
of my question?? Like Nobody here knows how to fix this one, cos it's
slightly out of D. politics?
Geg

On Sun, 1 Aug 2021, 16:50 Andrew M.A. Cater,  wrote:

> On Sun, Aug 01, 2021 at 04:30:45PM +0300, Gunnar Gervin wrote:
> > Security.
> > Rarely discussed in Linux(?)..
> > Was scammed recently; naive me let a man w/Bad accent take over my laptop
> > to 'help refund BTC' & make me pay 100$.
> > Because of that &/or me in Synaptic bloating (2 many) packages, which led
> > to "1t fix broken packages", "put in Debian 10.9 Netinst cdrom", & "can't
> > find key file" messages (yes, all 3 !).
> > After trying "all" workarounds, I installed another, more simple Linux
> > distro, built up a new setup of relevant programs to build VM,
> containers,
> > websites, Debian iso image, & CHEF.
>
> Which distro - are you still using Debian?
>
> If not, we can't really help you. Although many of us have run other
> distributions in the past, all of the Debian/Ubuntu derivatives do
> something slightly different - we can only really help with generic
> Debian things. If we offer help with any other distribution, it's
> only ever best efforts - Debian derivatives have their own support
> infrastructure.
>
> > Now Chef asks me to give URL to continue setting up a VM etc.
> > Plz advise &/or help to do it/this.
>
> It may not be relevant but the chef and chef-zero packages in Buster
> appear
> to no longer be packaged in Bullseye - the upcoming release due in two
> weeks.
>
> Ask on a Chef list, perhaps?
>
> > BR,
> > GEG
>
> All best, as ever,
>
> Andrew Cater
>
> >
> > On Wed, 21 Jul 2021, 18:59 Dan Ritter,  wrote:
> >
> > > Reco wrote:
> > > > On Wed, Jul 21, 2021 at 10:51:40AM -0400, Celejar wrote:
> > > > Numbers show that I was incorrect. Let's call it "unlikely" instead
> of
> > > > "rare". Let the popcon graphs speak for themselves:
> > > >
> > > > https://qa.debian.org/popcon.php?package=firefox-esr
> > > > vs
> > > > https://qa.debian.org/popcon.php?package=openjdk-11
> > >
> > > Standard reminder: popcon vastly over-represents
> > > individually-owned laptops and desktops over servers and
> > > corporately-owned anything.
> > >
> > > In this case, individuals are sometimes infected with ransomware
> > > by happenstance, but corporates are actually targets.
> > >
> > > > It won't by itself, of course. One sure way to beat ransomware is to
> > > > take immutable backups (i.e. unmodifiable by host during and after
> the
> > > > backup is taken), and as recent history shows us - ransomware victims
> > > > apparently do not use this approach.
> > >
> > > Yes indeed.
> > >
> > > -dsr-
> > >
> > >
>
>

Re: MDs & Dentists

[Andrew M.A. Cater]

On Sun, Aug 01, 2021 at 04:30:45PM +0300, Gunnar Gervin wrote:
> Security.
> Rarely discussed in Linux(?)..
> Was scammed recently; naive me let a man w/Bad accent take over my laptop
> to 'help refund BTC' & make me pay 100$.
> Because of that &/or me in Synaptic bloating (2 many) packages, which led
> to "1t fix broken packages", "put in Debian 10.9 Netinst cdrom", & "can't
> find key file" messages (yes, all 3 !).
> After trying "all" workarounds, I installed another, more simple Linux
> distro, built up a new setup of relevant programs to build VM, containers,
> websites, Debian iso image, & CHEF.

Which distro - are you still using Debian?

If not, we can't really help you. Although many of us have run other 
distributions in the past, all of the Debian/Ubuntu derivatives do
something slightly different - we can only really help with generic
Debian things. If we offer help with any other distribution, it's
only ever best efforts - Debian derivatives have their own support
infrastructure.

> Now Chef asks me to give URL to continue setting up a VM etc.
> Plz advise &/or help to do it/this.

It may not be relevant but the chef and chef-zero packages in Buster appear 
to no longer be packaged in Bullseye - the upcoming release due in two weeks.

Ask on a Chef list, perhaps?

> BR,
> GEG

All best, as ever,

Andrew Cater

> 
> On Wed, 21 Jul 2021, 18:59 Dan Ritter,  wrote:
> 
> > Reco wrote:
> > > On Wed, Jul 21, 2021 at 10:51:40AM -0400, Celejar wrote:
> > > Numbers show that I was incorrect. Let's call it "unlikely" instead of
> > > "rare". Let the popcon graphs speak for themselves:
> > >
> > > https://qa.debian.org/popcon.php?package=firefox-esr
> > > vs
> > > https://qa.debian.org/popcon.php?package=openjdk-11
> >
> > Standard reminder: popcon vastly over-represents
> > individually-owned laptops and desktops over servers and
> > corporately-owned anything.
> >
> > In this case, individuals are sometimes infected with ransomware
> > by happenstance, but corporates are actually targets.
> >
> > > It won't by itself, of course. One sure way to beat ransomware is to
> > > take immutable backups (i.e. unmodifiable by host during and after the
> > > backup is taken), and as recent history shows us - ransomware victims
> > > apparently do not use this approach.
> >
> > Yes indeed.
> >
> > -dsr-
> >
> >

Re: MDs & Dentists

[Gunnar Gervin]

Dual boot'ed,
I forgot to tell you.
Thus the sucker(?) can sit 'alone' in a dysfunctional 1/2 of my PC, maybe
'he' never returns anyway.
After built up all in 1 'secret' 1/2, I plan to re-partition the 1t half,
to clean out 'all' dysfunctions, in a Linux, & Linux Debian 'answer' to
Factory Reset, a learning way, which FReset really isn't, or little.
BR,
Geg.

On Wed, 21 Jul 2021, 18:59 Dan Ritter,  wrote:

> Reco wrote:
> > On Wed, Jul 21, 2021 at 10:51:40AM -0400, Celejar wrote:
> > Numbers show that I was incorrect. Let's call it "unlikely" instead of
> > "rare". Let the popcon graphs speak for themselves:
> >
> > https://qa.debian.org/popcon.php?package=firefox-esr
> > vs
> > https://qa.debian.org/popcon.php?package=openjdk-11
>
> Standard reminder: popcon vastly over-represents
> individually-owned laptops and desktops over servers and
> corporately-owned anything.
>
> In this case, individuals are sometimes infected with ransomware
> by happenstance, but corporates are actually targets.
>
> > It won't by itself, of course. One sure way to beat ransomware is to
> > take immutable backups (i.e. unmodifiable by host during and after the
> > backup is taken), and as recent history shows us - ransomware victims
> > apparently do not use this approach.
>
> Yes indeed.
>
> -dsr-
>
>

Re: MDs & Dentists

[Gunnar Gervin]

Security.
Rarely discussed in Linux(?)..
Was scammed recently; naive me let a man w/Bad accent take over my laptop
to 'help refund BTC' & make me pay 100$.
Because of that &/or me in Synaptic bloating (2 many) packages, which led
to "1t fix broken packages", "put in Debian 10.9 Netinst cdrom", & "can't
find key file" messages (yes, all 3 !).
After trying "all" workarounds, I installed another, more simple Linux
distro, built up a new setup of relevant programs to build VM, containers,
websites, Debian iso image, & CHEF.
Now Chef asks me to give URL to continue setting up a VM etc.
Plz advise &/or help to do it/this.
BR,
GEG

On Wed, 21 Jul 2021, 18:59 Dan Ritter,  wrote:

> Reco wrote:
> > On Wed, Jul 21, 2021 at 10:51:40AM -0400, Celejar wrote:
> > Numbers show that I was incorrect. Let's call it "unlikely" instead of
> > "rare". Let the popcon graphs speak for themselves:
> >
> > https://qa.debian.org/popcon.php?package=firefox-esr
> > vs
> > https://qa.debian.org/popcon.php?package=openjdk-11
>
> Standard reminder: popcon vastly over-represents
> individually-owned laptops and desktops over servers and
> corporately-owned anything.
>
> In this case, individuals are sometimes infected with ransomware
> by happenstance, but corporates are actually targets.
>
> > It won't by itself, of course. One sure way to beat ransomware is to
> > take immutable backups (i.e. unmodifiable by host during and after the
> > backup is taken), and as recent history shows us - ransomware victims
> > apparently do not use this approach.
>
> Yes indeed.
>
> -dsr-
>
>

Re: MDs & Dentists

[Stefan Monnier]

Thomas Schmitt [2021-07-21 20:11:15] wrote:
> Stefan Monnier wrote:
>> Plain old HDDs and SSDs also work for "immutable" backups: just don't
>> keep them connected to the host after you've done the backup.
> But how do you keep the system from messing them up during the first
> backup after the malware took over ?

That's what

keep a handful of external SSDs to which you backup "in rotation"

is about.  Of course, if the time between the moment the malware takes
control and the moment when you notice it is longer than your rotation
you might be in trouble, indeed (tho that depends on the details of how
the malware operates w.r.t removable media).

Then again, this implies that all the work you've done between those two
moments would likely have been lost just as well if you backed up to
a BD-R.


Stefan

Re: MDs & Dentists

[Thomas Schmitt]

Hi,

Stefan Monnier wrote:
> Of course, if the time between the moment the malware takes
> control and the moment when you notice it is longer than your rotation
> you might be in trouble, indeed (tho that depends on the details of how
> the malware operates w.r.t removable media).

With Write-Once media it is natural to keep them indefinitely. So there
is no destruction by rotation.

I doubt that it is easy to develop custom firmware and an installer for
the victim's BD drive. Only then it would be possible to let the drive
destroy data on a BD-R medium. (I am not sure whether the BD-R dyes and
M-Disc minerals stay fully receptive to the laser beam. But i assume that
drive firmware could let it burn bright enough to damage the contrast
between land and pit.)


> Then again, this implies that all the work you've done between those two
> moments would likely have been lost just as well if you backed up to
> a BD-R.

Yes. The non-repairable damage depends on the time between the first
hostage taking of data and the detection of the attack by the victim.
Restored data from the backups need to be tested for integrity before they
can be used. So the pain stays substantial.

Nevertheless it is better to have old restore candidates rather than to see
original and backups being victim of the same malware.


Have a nice day :)

Thomas

Re: MDs & Dentists

[Stefan Monnier]

Thomas Schmitt [2021-07-21 19:00:48] wrote:
> James H. H. Lampert wrote:
>> "Immutable backups." Interesting concept. But how? Optical media?
> Yes. BD-R single layer are affordable and can take 25 GB each. With some
> compression you can put the whole operating system and the most important
> user data onto a single medium.

Plain old HDDs and SSDs also work for "immutable" backups: just don't
keep them connected to the host after you've done the backup.
E.g. keep a handful of external SSDs to which you backup "in rotation".


Stefan

Re: MDs & Dentists

[Nicholas Geovanis]

On Wed, Jul 21, 2021, 12:27 PM Reco  wrote:

> On Wed, Jul 21, 2021 at 09:36:37AM -0700, James H. H. Lampert wrote:
> > "Immutable backups." Interesting concept. But how?
>
> ...
> OS/400 was before my time, but I have a limited experience with z/VM
> which ran at z9 mainframe about 10 years ago.


I wrote security software for z/VM's ancestors VM/XA and VM/SP. I read
years ago of trojan proof-of-concept code for the MVS series OSs from IBM.
It could be done but of course was an insider attack.

One day certain IBM
> engineer somehow managed to execute a certain job from one LPAR in
> another, completely breaking the isolation between LPARs. The mainframe
> just shutdown presumably to prevent other abuse to happen, and in modern
> terms this could be classified as locally executed DOS attack.
>

A B-level mandatory-access control OS is specified to prevent that. It can
be done by 3rd party software if, of course, you are able to front-end the
system calls (SVCs in their terminology). We did have source licenses for
our implementation on HP/UX and Solaris but it was not strictly necessary.

..
> As long as OS promotes and considers perfectly normal to run arbitrary
> software obtained from $DEITY knows where - such OS cannot provide any
> kind of meaningful security, user data being considered.
>

It's counter-intuitive I know, but your statement is provably false with
the right security model. Google the Bell-LaPadula model. Equally valid in
what we consider a normal computing environment and even in multi-user
unix/Linux environments.


> Reco
>
>

Re: MDs & Dentists

[Celejar]

On Wed, 21 Jul 2021 22:00:04 +0300
Reco  wrote:

> On Wed, Jul 21, 2021 at 02:38:50PM -0400, Celejar wrote:

...

> > Most, yes. But the pwn2own hackers, for example, seem to pretty
> > routinely get RCE on the major browsers, so I wouldn't bet my data that
> > ransomware authors won't as well:
> > 
> > https://www.zerodayinitiative.com/blog/2019/3/21/pwn2own-vancouver-2019-day-two-results
> > https://www.bleepingcomputer.com/news/security/researchers-earn-1-2-million-for-exploits-demoed-at-pwn2own-2021/
> 
> Given the amount of money and the publicity these people earn - I'd be
> surprised if they did not find anything. Still, it's one (ok, several)
> RCE per year, and due to the nature of pwn2own - it's unlikely that such
> vulnerabilities are common knowledge before the actual pwn2own event,
> and they're patched afterwards.

Oh, I don't mean those specific vulns, just that the money ransomware
authors can hope to make might be a pretty powerful incentive for them
to find similar ones.

Celejar

Re: MDs & Dentists

[Richard Hector]

On 22/07/21 3:38 am, Reco wrote:

One sure way to beat ransomware is to
take immutable backups


That's fine if keeping access to your data is all you care about.

With the more modern ransomware that threatens to publish your (and/or 
your customers') data, not so much.


Richard

Re: MDs & Dentists

[Reco]

On Wed, Jul 21, 2021 at 02:38:50PM -0400, Celejar wrote:
> > > > > https://hacked.com/linux-ransomware-notorious-cases-and-ways-to-protect/
> > > > 
> > > > Requires Java to be installed. A rare case on a Linux *desktop*.
> > > 
> > > Rare? I don't have statistics, but on one of my Linux desktops, I do
> > > some development work for Android, using IntelliJ IDEA / Android Studio,
> > > which depend on at least some Java components.
> > 
> > Numbers show that I was incorrect. Let's call it "unlikely" instead of
> > "rare". Let the popcon graphs speak for themselves:
> > 
> > https://qa.debian.org/popcon.php?package=firefox-esr
> > vs
> > https://qa.debian.org/popcon.php?package=openjdk-11
> 
> I'm not sure I'm reading the numbers correctly, but the openjdk-11-jre
> figures are 26-29% (as opposed to firefox-esr's 42%) - hardly "unlikely."

I was referring to absolute numbers, which are 57847 and 83915
respectively.  Looks like I was incorrect again, I looked at jre, not
jdk. Ok, let's make this "common".

I wonder which software (that requires JDK) is provided by Debian and
is that popular.


> > True. Every version of Chromium and Firefox fixes at least one.
> > Most of said vulnerabilities do cannot be used to get Remote Code
> > Execution (RCE) though. Which leaves us with "random download" scenario,
> > which I've discussed above.
> 
> Most, yes. But the pwn2own hackers, for example, seem to pretty
> routinely get RCE on the major browsers, so I wouldn't bet my data that
> ransomware authors won't as well:
> 
> https://www.zerodayinitiative.com/blog/2019/3/21/pwn2own-vancouver-2019-day-two-results
> https://www.bleepingcomputer.com/news/security/researchers-earn-1-2-million-for-exploits-demoed-at-pwn2own-2021/

Given the amount of money and the publicity these people earn - I'd be
surprised if they did not find anything. Still, it's one (ok, several)
RCE per year, and due to the nature of pwn2own - it's unlikely that such
vulnerabilities are common knowledge before the actual pwn2own event,
and they're patched afterwards.

Reco

Re: MDs & Dentists

[Celejar]

On Wed, 21 Jul 2021 18:38:30 +0300
Reco  wrote:

> On Wed, Jul 21, 2021 at 10:51:40AM -0400, Celejar wrote:
> > On Wed, 21 Jul 2021 11:16:46 +0300
> > Reco  wrote:
> > 
> > >   Hi.
> > > 
> > > On Tue, Jul 20, 2021 at 11:32:26AM -0400, Celejar wrote:
> > > > On Thu, 15 Jul 2021 09:46:59 +0300
> > > > Reco  wrote:

...

> > > > https://hacked.com/linux-ransomware-notorious-cases-and-ways-to-protect/
> > > 
> > > Requires Java to be installed. A rare case on a Linux *desktop*.
> > 
> > Rare? I don't have statistics, but on one of my Linux desktops, I do
> > some development work for Android, using IntelliJ IDEA / Android Studio,
> > which depend on at least some Java components.
> 
> Numbers show that I was incorrect. Let's call it "unlikely" instead of
> "rare". Let the popcon graphs speak for themselves:
> 
> https://qa.debian.org/popcon.php?package=firefox-esr
> vs
> https://qa.debian.org/popcon.php?package=openjdk-11

I'm not sure I'm reading the numbers correctly, but the openjdk-11-jre
figures are 26-29% (as opposed to firefox-esr's 42%) - hardly "unlikely."

> I agree with you that one should uninstall Java unless it's needed.
> After all, they at Oracle always find something to fix in Java security
> every three months, and this goes on for last ten years.
> 
> > I don't know if I have
> > enough Java installed to be susceptible to the malware in question ;)
> 
> Famous Java's slogan "you write it once and run it everywhere" is an
> exaggeration, to put it lightly. Chances are, you don't have that exact
> minor update of Oracle JRE that this malware actually needs.

Well, I suppose that's a relief ;)

> > Fair enough - but I see no reason why in principle desktop Linux will
> > remain immune from ransomware.
> 
> It won't by itself, of course. One sure way to beat ransomware is to
> take immutable backups (i.e. unmodifiable by host during and after the
> backup is taken), and as recent history shows us - ransomware victims
> apparently do not use this approach.
> 
> Another sure way is to forbid running executables downloaded from random
> Internet sites, but no thanks to appimage, flatpak, snap, and Go Linux
> desktop goes straight into Windows desktop direction.
> And again, as recent history shows us - ransomware victims apparently do
> not use this approach too.

Good points.

> Currently a Linux desktop is better in this regard, but I agree that it
> may not remain the same.
> 
> 
> > Even if Linux word processors are safer than their Windows counterparts,
> 
> Last time I ran Libreoffice I had that distinct feeling I'm running a
> Java program. You know - long startup, eating memory like no tomorrow,
> trying to write useless junk at least to four different places at my
> filesystems, and eating the unhealthy amounts of CPU time in the
> process.

Funny - I always have that feeling and most of those experiences with
Firefox, (even) these days ;)

> I know that Libreoffice is written in C++, but the code quality of it is
> definitely left to be desired. At least then the thing crashes (it did,
> several times) it produces a standard core dump, not some unreadable
> stack trace and a heapdump.
> 
> In retrospect, maybe feeding Libreoffice Draw that 800-pages PDF was not
> the best of ideas, but no free software tool comes close to the
> capabilities of Libreoffice in editing PDFs, and I really needed that
> PDF to be modified (mass-replacing embedded fonts, to be specific).
> 
> 
> On the other hand, Windows counterparts are typical enterprisey software
> written by generations of overseas workers with the code quality (or
> rather the lack of) that's expected from enterprisey software.
> 
> My opinion on this - both are bad. Lireoffice is better being free
> software, of course, but that does not make it secure by definition.
> 
> 
> > browsers are just full of vulnerabilities,
> 
> True. Every version of Chromium and Firefox fixes at least one.
> Most of said vulnerabilities do cannot be used to get Remote Code
> Execution (RCE) though. Which leaves us with "random download" scenario,
> which I've discussed above.

Most, yes. But the pwn2own hackers, for example, seem to pretty
routinely get RCE on the major browsers, so I wouldn't bet my data that
ransomware authors won't as well:

https://www.zerodayinitiative.com/blog/2019/3/21/pwn2own-vancouver-2019-day-two-results
https://www.bleepingcomputer.com/news/security/researchers-earn-1-2-million-for-exploits-demoed-at-pwn2own-2021/

> > so why couldn't ransomware get in that way?

> It could. In a lack of a proper execution environment (be it JRE,
> flatpak, snap or whatever) - what should it do next? Wait for a user to
> execute it?

> Reco

Celejar

Re: MDs & Dentists

[Thomas Schmitt]

Hi,

Stefan Monnier wrote:
> Plain old HDDs and SSDs also work for "immutable" backups: just don't
> keep them connected to the host after you've done the backup.

But how do you keep the system from messing them up during the first
backup after the malware took over ?


Reco wrote before i asked above question:
> > It's a really simple concept - one host is doing the backup, another one
> > controls where and how it written.
> > To inflict some damage, one has to compromise both, and frankly if one
> > does not protect their backups properly one has bigger problems to worry
> > about than a "ransomware attack".

In the hypothetical attack scenario the malware is able to encrypt files to
which not everybody is supposed to be able to write. So the attacker already
got the fingers deep in the system and - if applicable - in the network.
The demand for ransom is only the payload of a skilled system takeover.

So i think the concept of an "immutable" backup is of value in case the
data are worth more than 50 cent per 25 GB and don't exceed a few hundred
GB. The use of write-once-read-many media is a fine component of a backup
strategy which puts emphasis on protecting the older backups from being
altered or destroyed after the malware took over.

(I fail to find in the list archive the post by which this idea was proposed
first. So i cannot properly attribute the merit of having introduced it
here.)


> > Of course, not doing any backups at all is equally bad.

Especially since Layer 8 (aka PEBKAC aka ID-10-T) as main threat to data
integrity has not lost any of its damage potential.


Have a nice day :)

Thomas

Re: MDs & Dentists

[Reco]

Hi.

On Wed, Jul 21, 2021 at 01:12:52PM -0400, Polyna-Maude Racicot-Summerside wrote:
> Hi,
> 
> On 2021-07-21 12:36 p.m., James H. H. Lampert wrote:
> > "Immutable backups." Interesting concept. But how? Optical media?
> > Enormous decks of Hollerith cards? Enormous reels of punched paper tape?
> > 
> There's only one real type of very effective immutable backup : Stone,
> Pick and Hammer And ideally some cheap labor.

Hardly. The amount of time needed to perform such backup is atrocious,
and Recovery Time Objective is way too high. Also, the costs of a single
backup prevents nearly anyone but government to perform it.

And it's not Modern™. Storing QR-encoded text - [1] on a
specially-crafted film is the Modern™ replacement of Stone, Pick and
Hammer.

Reco

[1] https://archiveprogram.github.com/

Re: MDs & Dentists

[Reco]

On Wed, Jul 21, 2021 at 09:36:37AM -0700, James H. H. Lampert wrote:
> "Immutable backups." Interesting concept. But how?

In a dull enterprise world they usually used tape libraries for that.
It's not popular these days, but still used here and there.

"Cloud backups" are getting their share, although they carry their own
risks.


> Optical media?

20 years ago my answer would be "yes".
10 years ago - "maybe".
Today's answer - go to eBay, and buy that LTO-6 drive, and a FC HBA
while you're at it. If tinkering with tapes is not your cup of tea -
rent an appropriate amount of disk space from several cloud vendors, and
put each locally-encrypted backup in several places.


> Enormous decks of Hollerith cards? Enormous reels of punched paper tape?

It's a really simple concept - one host is doing the backup, another one
controls where and how it written.

To inflict some damage, one has to compromise both, and frankly if one
does not protect their backups properly one has bigger problems to worry
about than a "ransomware attack".
Of course, not doing any backups at all is equally bad.


> So far as I'm aware, there is *only one* operating system currently in
> wide use, that has never been successfully infected with malware
> outside of laboratory experiments: the IBM Midrange operating system
> that goes by such names as OS/400 and i5OS (among others, and although
> I work with it on a daily basis, I've long-since given up keeping
> track of what IBM is calling it in any given week).

OS/400 was before my time, but I have a limited experience with z/VM
which ran at z9 mainframe about 10 years ago.  One day certain IBM
engineer somehow managed to execute a certain job from one LPAR in
another, completely breaking the isolation between LPARs. The mainframe
just shutdown presumably to prevent other abuse to happen, and in modern
terms this could be classified as locally executed DOS attack.

My point is - maybe IBM gone wrong direction somewhere with Z-series.
And, of course - they do not make these things today like they used to.


> But Linux comes a lot closer to being malware-secure than WinDoze, or
> even Mac OS, which is one reason why, with my "bionic desk lamp" iMac
> on its last legs, instead of buying another Mac, or a WinDoze box, I
> bought a Meerkat.

Why "even Mac OS"? Being UNIX does not make it magically secure, nor
being produced by Apple does.
As long as OS promotes and considers perfectly normal to run arbitrary
software obtained from $DEITY knows where - such OS cannot provide any
kind of meaningful security, user data being considered.
Note that obtaining a software from third-party and providing it as is
(iOS, Android being prime examples here, and M$ tries to get there) does
not make the security of user data any better.

Reco

Re: MDs & Dentists

[Polyna-Maude Racicot-Summerside]

Hi,

On 2021-07-21 12:36 p.m., James H. H. Lampert wrote:
> "Immutable backups." Interesting concept. But how? Optical media?
> Enormous decks of Hollerith cards? Enormous reels of punched paper tape?
> 
There's only one real type of very effective immutable backup : Stone,
Pick and Hammer And ideally some cheap labor.
> -- 
> James H. H. Lampert
> 

-- 
Polyna-Maude R.-Summerside
-Be smart, Be wise, Support opensource development



OpenPGP_signature
Description: OpenPGP digital signature

Re: MDs & Dentists

[Thomas Schmitt]

Hi,

James H. H. Lampert wrote:
> "Immutable backups." Interesting concept. But how? Optical media?

Yes. BD-R single layer are affordable and can take 25 GB each. With some
compression you can put the whole operating system and the most important
user data onto a single medium.

BD-R is also usable for multi-session. So if the important data do not fill
the medium, then it is possible to write updates, which do not overwrite
the older backups but rather re-use their data where possible.
The older backups stay accessible (unless the potential malware knows more
about operating a BD drive than i do).


Have a nice day :)

Thomas

Re: MDs & Dentists

[James H. H. Lampert]

"Immutable backups." Interesting concept. But how? Optical media? 
Enormous decks of Hollerith cards? Enormous reels of punched paper tape?


So far as I'm aware, there is *only one* operating system currently in 
wide use, that has never been successfully infected with malware outside 
of laboratory experiments: the IBM Midrange operating system that goes 
by such names as OS/400 and i5OS (among others, and although I work with 
it on a daily basis, I've long-since given up keeping track of what IBM 
is calling it in any given week).


But Linux comes a lot closer to being malware-secure than WinDoze, or 
even Mac OS, which is one reason why, with my "bionic desk lamp" iMac on 
its last legs, instead of buying another Mac, or a WinDoze box, I bought 
a Meerkat.


As to MDs and Dentists making poor decisions where computers are 
concerned, it's not just healthcare professionals: over a quarter 
century ago, I spent about a year trying to fix the hidden flaws in a 
small business accounting program. It had been written, not by a 
programmer, but by an accountant. In C. It was his first non-trivial 
program in a language other than BASIC. And it ran on the Amiga. 
Aggressively multitasking within itself, on a platform where there was 
no memory protection, and nothing but "good intentions" to keep one task 
from stomping all over another task's memory. It nearly killed me.


--
James H. H. Lampert

Re: MDs & Dentists

[Nicholas Geovanis]

On Wed, Jul 21, 2021, 10:38 AM Reco  wrote:

> On Wed, Jul 21, 2021 at 10:51:40AM -0400, Celejar wrote:
> > On Wed, 21 Jul 2021 11:16:46 +0300
> > Reco  wrote:
> >
> >
> > browsers are just full of vulnerabilities,
>
> True. Every version of Chromium and Firefox fixes at least one.
> Most of said vulnerabilities do cannot be used to get Remote Code
> Execution (RCE) though. Which leaves us with "random download" scenario,
> which I've discussed above.
>
> > so why couldn't ransomware get in that way?
>
> It could. In a lack of a proper execution environment (be it JRE,
> flatpak, snap or whatever) - what should it do next? Wait for a user to
> execute it?
>

AFAICS the only solution with any finality is multilevel granular security
on any OS with connectivity. This means SElinux in true multilevel-security
mode, a bit beyond what RedHat used to call "targeted mode". The US DoD
called it mandatory access-control in its Rainbow Books in the 1990s,
B-level security. The Rainbow Books are freely available online today.

It doesn't have to be SElinux, I don't know if RSBAC is still an active
project for example. The key to getting this granularity is configuring the
security rule-base for any given desktop or server in an unattended way
(YOURS for example :-) There are templated rulesets but what seems to be
lacking is an easy way to refine that ruleset into something that works
right for you personally, your desktop or server. Ideally without your
intervention IOW. And without removing any lower-stack security mechanisms,
just using them as building blocks. As mandatory builds on "discretionary"
access-control, which is built into the Linux filesystem model.

Reco
>
>

Re: MDs & Dentists

[Dan Ritter]

Reco wrote: 
> On Wed, Jul 21, 2021 at 10:51:40AM -0400, Celejar wrote:
> Numbers show that I was incorrect. Let's call it "unlikely" instead of
> "rare". Let the popcon graphs speak for themselves:
> 
> https://qa.debian.org/popcon.php?package=firefox-esr
> vs
> https://qa.debian.org/popcon.php?package=openjdk-11

Standard reminder: popcon vastly over-represents
individually-owned laptops and desktops over servers and
corporately-owned anything.

In this case, individuals are sometimes infected with ransomware
by happenstance, but corporates are actually targets.

> It won't by itself, of course. One sure way to beat ransomware is to
> take immutable backups (i.e. unmodifiable by host during and after the
> backup is taken), and as recent history shows us - ransomware victims
> apparently do not use this approach.

Yes indeed. 

-dsr-

Re: MDs & Dentists

[Reco]

On Wed, Jul 21, 2021 at 10:51:40AM -0400, Celejar wrote:
> On Wed, 21 Jul 2021 11:16:46 +0300
> Reco  wrote:
> 
> > Hi.
> > 
> > On Tue, Jul 20, 2021 at 11:32:26AM -0400, Celejar wrote:
> > > On Thu, 15 Jul 2021 09:46:59 +0300
> > > Reco  wrote:
> > > 
> > > ...
> > > 
> > > > You cannot catch a ransomware cryptolocker using Linux on a desktop,
> > > 
> > > Of course you can, although it's certainly much less likely than when
> > > using Windows.
> > > 
> > > > it's definitely Windows-only kind of software. In fact, any FOSS OS has
> > > > this advantage, unless you're using Wine (software).
> > > 
> > > It's definitely not Windows-only, although it is (at this point) still
> > > mostly Windows:
> > 
> > I'm not arguing with that, but links you're providing fail to illustrate
> > your point.
> > 
> > > https://hacked.com/linux-ransomware-notorious-cases-and-ways-to-protect/
> > 
> > Requires Java to be installed. A rare case on a Linux *desktop*.
> 
> Rare? I don't have statistics, but on one of my Linux desktops, I do
> some development work for Android, using IntelliJ IDEA / Android Studio,
> which depend on at least some Java components.

Numbers show that I was incorrect. Let's call it "unlikely" instead of
"rare". Let the popcon graphs speak for themselves:

https://qa.debian.org/popcon.php?package=firefox-esr
vs
https://qa.debian.org/popcon.php?package=openjdk-11


I agree with you that one should uninstall Java unless it's needed.
After all, they at Oracle always find something to fix in Java security
every three months, and this goes on for last ten years.

> I don't know if I have
> enough Java installed to be susceptible to the malware in question ;)

Famous Java's slogan "you write it once and run it everywhere" is an
exaggeration, to put it lightly. Chances are, you don't have that exact
minor update of Oracle JRE that this malware actually needs.


> Fair enough - but I see no reason why in principle desktop Linux will
> remain immune from ransomware.

It won't by itself, of course. One sure way to beat ransomware is to
take immutable backups (i.e. unmodifiable by host during and after the
backup is taken), and as recent history shows us - ransomware victims
apparently do not use this approach.

Another sure way is to forbid running executables downloaded from random
Internet sites, but no thanks to appimage, flatpak, snap, and Go Linux
desktop goes straight into Windows desktop direction.
And again, as recent history shows us - ransomware victims apparently do
not use this approach too.


Currently a Linux desktop is better in this regard, but I agree that it
may not remain the same.


> Even if Linux word processors are safer than their Windows counterparts,

Last time I ran Libreoffice I had that distinct feeling I'm running a
Java program. You know - long startup, eating memory like no tomorrow,
trying to write useless junk at least to four different places at my
filesystems, and eating the unhealthy amounts of CPU time in the
process.

I know that Libreoffice is written in C++, but the code quality of it is
definitely left to be desired. At least then the thing crashes (it did,
several times) it produces a standard core dump, not some unreadable
stack trace and a heapdump.

In retrospect, maybe feeding Libreoffice Draw that 800-pages PDF was not
the best of ideas, but no free software tool comes close to the
capabilities of Libreoffice in editing PDFs, and I really needed that
PDF to be modified (mass-replacing embedded fonts, to be specific).


On the other hand, Windows counterparts are typical enterprisey software
written by generations of overseas workers with the code quality (or
rather the lack of) that's expected from enterprisey software.

My opinion on this - both are bad. Lireoffice is better being free
software, of course, but that does not make it secure by definition.


> browsers are just full of vulnerabilities,

True. Every version of Chromium and Firefox fixes at least one.
Most of said vulnerabilities do cannot be used to get Remote Code
Execution (RCE) though. Which leaves us with "random download" scenario,
which I've discussed above.

> so why couldn't ransomware get in that way?

It could. In a lack of a proper execution environment (be it JRE,
flatpak, snap or whatever) - what should it do next? Wait for a user to
execute it?

Reco

Re: MDs & Dentists

[Celejar]

On Wed, 21 Jul 2021 11:16:46 +0300
Reco  wrote:

>   Hi.
> 
> On Tue, Jul 20, 2021 at 11:32:26AM -0400, Celejar wrote:
> > On Thu, 15 Jul 2021 09:46:59 +0300
> > Reco  wrote:
> > 
> > ...
> > 
> > > You cannot catch a ransomware cryptolocker using Linux on a desktop,
> > 
> > Of course you can, although it's certainly much less likely than when
> > using Windows.
> > 
> > > it's definitely Windows-only kind of software. In fact, any FOSS OS has
> > > this advantage, unless you're using Wine (software).
> > 
> > It's definitely not Windows-only, although it is (at this point) still
> > mostly Windows:
> 
> I'm not arguing with that, but links you're providing fail to illustrate
> your point.
> 
> > https://hacked.com/linux-ransomware-notorious-cases-and-ways-to-protect/
> 
> Requires Java to be installed. A rare case on a Linux *desktop*.

Rare? I don't have statistics, but on one of my Linux desktops, I do
some development work for Android, using IntelliJ IDEA / Android Studio,
which depend on at least some Java components. I don't know if I have
enough Java installed to be susceptible to the malware in question ;)

> > https://phoenixnap.com/blog/linux-ransomware
> 
> Quote:
> The ransomware is human-operated, so threat actors need time to
> compromise a network, steal credentials, and spread across devices.
> 
> > https://linuxsecurity.com/features/anatomy-of-a-linux-ransomware-attack
> 
> Quote 1:
> Unlike Windows ransomware variants which spread via email or
> maladvertising, Linux ransomware infection relies on vulnerability
> exploitation.
> 
> Quote 2:
> Linux ransomware exploits either unpatched system vulnerabilities or
> flaws in a service, such as a web server or email server, to obtain
> access to a target system and compromise files. For instance, the
> infamous Lilocked ransomware exploits out-of-date versions of the Exim
> message transfer agent to gain a foothold in a target environment. Rex,
> another dangerous strain of Linux ransomware, uses vulnerability
> scanners specific to Drupal, WordPress, Magento, Kerner, Airos, Exagrid,
> and Jetspeed to detect SQL injection vulnerabilities that can be
> exploited to gain admin credentials.
> 
> > https://www.zdnet.com/article/linux-version-of-ransomexx-ransomware-discovered/
> 
> Quote:
> RansomEXX is what security researchers call a "big-game hunter" or
> "human-operated ransomware."
> 
> 
> Conclusion:
> So, unless your Linux *desktop* is a target of an "attack" - your
> desktop is safe. Third link also shows us that if one runs an
> Internet-facing website or MTA - one should better know what they're
> doing. It's true that the security history of Exim, Wordpress and Drupal
> is far from being flawless (I'm not familiar with other CMSes mentioned
> at that article, I assume they're no better in this regard).
> 
> 
> And now, let's compare the scenario above to the usual "a user opens a
> specially crafted M$ Word document" and "user clicks on an
> innocent-looking link".
> 
> To me, the difference is obvious, especially considering the original
> point of this topic.

Fair enough - but I see no reason why in principle desktop Linux will
remain immune from ransomware. Even if Linux word processors are safer
than their Windows counterparts, browsers are just full of
vulnerabilities, so why couldn't ransomware get in that way?

Celejar

Re: MDs & Dentists

[Reco]

Hi.

On Tue, Jul 20, 2021 at 11:32:26AM -0400, Celejar wrote:
> On Thu, 15 Jul 2021 09:46:59 +0300
> Reco  wrote:
> 
> ...
> 
> > You cannot catch a ransomware cryptolocker using Linux on a desktop,
> 
> Of course you can, although it's certainly much less likely than when
> using Windows.
> 
> > it's definitely Windows-only kind of software. In fact, any FOSS OS has
> > this advantage, unless you're using Wine (software).
> 
> It's definitely not Windows-only, although it is (at this point) still
> mostly Windows:

I'm not arguing with that, but links you're providing fail to illustrate
your point.

> https://hacked.com/linux-ransomware-notorious-cases-and-ways-to-protect/

Requires Java to be installed. A rare case on a Linux *desktop*.

> https://phoenixnap.com/blog/linux-ransomware

Quote:
The ransomware is human-operated, so threat actors need time to
compromise a network, steal credentials, and spread across devices.

> https://linuxsecurity.com/features/anatomy-of-a-linux-ransomware-attack

Quote 1:
Unlike Windows ransomware variants which spread via email or
maladvertising, Linux ransomware infection relies on vulnerability
exploitation.

Quote 2:
Linux ransomware exploits either unpatched system vulnerabilities or
flaws in a service, such as a web server or email server, to obtain
access to a target system and compromise files. For instance, the
infamous Lilocked ransomware exploits out-of-date versions of the Exim
message transfer agent to gain a foothold in a target environment. Rex,
another dangerous strain of Linux ransomware, uses vulnerability
scanners specific to Drupal, WordPress, Magento, Kerner, Airos, Exagrid,
and Jetspeed to detect SQL injection vulnerabilities that can be
exploited to gain admin credentials.

> https://www.zdnet.com/article/linux-version-of-ransomexx-ransomware-discovered/

Quote:
RansomEXX is what security researchers call a "big-game hunter" or
"human-operated ransomware."


Conclusion:
So, unless your Linux *desktop* is a target of an "attack" - your
desktop is safe. Third link also shows us that if one runs an
Internet-facing website or MTA - one should better know what they're
doing. It's true that the security history of Exim, Wordpress and Drupal
is far from being flawless (I'm not familiar with other CMSes mentioned
at that article, I assume they're no better in this regard).


And now, let's compare the scenario above to the usual "a user opens a
specially crafted M$ Word document" and "user clicks on an
innocent-looking link".

To me, the difference is obvious, especially considering the original
point of this topic.

Reco

Re: MDs & Dentists

[Celejar]

On Thu, 15 Jul 2021 09:46:59 +0300
Reco  wrote:

...

> You cannot catch a ransomware cryptolocker using Linux on a desktop,

Of course you can, although it's certainly much less likely than when
using Windows.

> it's definitely Windows-only kind of software. In fact, any FOSS OS has
> this advantage, unless you're using Wine (software).

It's definitely not Windows-only, although it is (at this point) still
mostly Windows:

https://hacked.com/linux-ransomware-notorious-cases-and-ways-to-protect/
https://phoenixnap.com/blog/linux-ransomware
https://linuxsecurity.com/features/anatomy-of-a-linux-ransomware-attack
https://www.zdnet.com/article/linux-version-of-ransomexx-ransomware-discovered/

Celejar

Re: MDs & Dentists

[Polyna-Maude Racicot-Summerside]

Hi,

On 2021-07-15 7:01 a.m., Michael Lange wrote:
> Hi,
> 
> On Wed, 14 Jul 2021 18:26:58 -0400
> Polyna-Maude Racicot-Summerside  wrote:
> 
> (...)
>> Also can you find me one Linux distribution that is certified as medical
>> equipment for reliability ?
> 
> https://www.behnk.de/fully-automated-systems/
> 
> These lab machines run with debian (at least the Thrombolyzer XRC we
> once had in our lab did, Etch iirc), so apparently they are certified. I
> don't think these certifications are something the OS vendor has to do,
> it's the vendor of the machine that needs a certificate for the whole
> product.
> 
We finally get some sane words here.

Yes the certification is the "whole system" and not a piece by piece.
Sometime the OS supplier could get a certification / validation so it
gives him a commercial advantage but it's the whole system / stack that
require certification.

I never said there ain't any Linux device that do medical work in the
lab. One thing I do remember is that Germany is pushing for FOSS much
more than US/Canada.
> Regards
> 
> Michael
> 
> .-.. .. ...- .   .-.. --- -. --.   .- -. -..   .--. .-. --- ... .--. . .-.
> 
> When dreams become more important than reality, you give up travel,
> building, creating; you even forget how to repair the machines left
> behind by your ancestors.  You just sit living and reliving other lives
> left behind in the thought records.
>   -- Vina, "The Menagerie" ("The Cage"), stardate unknown
> 

-- 
Polyna-Maude R.-Summerside
-Be smart, Be wise, Support opensource development



OpenPGP_signature
Description: OpenPGP digital signature

Re: MDs & Dentists

[Michael Lange]

Hi,

On Wed, 14 Jul 2021 18:26:58 -0400
Polyna-Maude Racicot-Summerside  wrote:

(...)
> Also can you find me one Linux distribution that is certified as medical
> equipment for reliability ?

https://www.behnk.de/fully-automated-systems/

These lab machines run with debian (at least the Thrombolyzer XRC we
once had in our lab did, Etch iirc), so apparently they are certified. I
don't think these certifications are something the OS vendor has to do,
it's the vendor of the machine that needs a certificate for the whole
product.

Regards

Michael

.-.. .. ...- .   .-.. --- -. --.   .- -. -..   .--. .-. --- ... .--. . .-.

When dreams become more important than reality, you give up travel,
building, creating; you even forget how to repair the machines left
behind by your ancestors.  You just sit living and reliving other lives
left behind in the thought records.
-- Vina, "The Menagerie" ("The Cage"), stardate unknown

Re: MDs & Dentists

[tomas]

On Thu, Jul 15, 2021 at 10:27:25AM +0100, Joe wrote:
> On Thu, 15 Jul 2021 07:03:18 +0800
> jeremy ardley  wrote:
> 
> 
> > You can't be seriously suggesting Windows is certified for any risk
> > of life application!?
> > 
> > It has a huge spectrum of vulnerabilities and a constant stream of
> > zero day exploits for both the O/S 
> 
> Yes, but most of them were placed there by Microsoft for the benefit of
> the US government, and can be instantly removed when discovered (and
> replaced by an alternative).

Wrong.

They just want you to believe that, so that you come across as a
conspiracy theorist and people stop taking you seriously.

It's tuttles all the way down!

(tongue-in-cheek ;-P

 - tomás


signature.asc
Description: Digital signature

Re: MDs & Dentists

[Joe]

On Thu, 15 Jul 2021 07:03:18 +0800
jeremy ardley  wrote:


> You can't be seriously suggesting Windows is certified for any risk
> of life application!?
> 
> It has a huge spectrum of vulnerabilities and a constant stream of
> zero day exploits for both the O/S 

Yes, but most of them were placed there by Microsoft for the benefit of
the US government, and can be instantly removed when discovered (and
replaced by an alternative).

-- 
Joe

Re: MDs & Dentists

[Jeremy Ardley]

On 15/7/21 4:00 pm, Weaver wrote:

On 15-07-2021 17:48, ellanios82 wrote:

On 7/15/21 2:03 AM, jeremy ardley wrote:

suggesting Windows is certified for any risk of life application!?

It has a huge spectrum of vulnerabilities



  - believe wikipedia had mention : 100% of world's super-computers run on Linux

https://top500.org/statistics/list/
Cheers!

Harry



I'm not sure how they differentiate Centos and RHEL from Linux, but yeah 
there doesn't seem to be much Windows in the space.


Also no Debian? Or is that in the 'Linux' fold, with Ubuntu sufficiently 
down-market to get it's own mentions?


--
Jeremy



OpenPGP_signature
Description: OpenPGP digital signature

Re: MDs & Dentists

[Weaver]

On 15-07-2021 17:48, ellanios82 wrote:
> On 7/15/21 2:03 AM, jeremy ardley wrote:
>> suggesting Windows is certified for any risk of life application!?
>>
>> It has a huge spectrum of vulnerabilities
> 
> 
> 
>  - believe wikipedia had mention : 100% of world's super-computers run on 
> Linux

https://top500.org/statistics/list/
Cheers!

Harry

-- 
`When injustice becomes law, resistance becomes duty' 
-- Thomas Jefferson

Re: MDs & Dentists

[ellanios82]

On 7/15/21 2:03 AM, jeremy ardley wrote:

suggesting Windows is certified for any risk of life application!?

It has a huge spectrum of vulnerabilities




 - believe wikipedia had mention : 100% of world's super-computers run 
on Linux





 rgds

.

Re: MDs & Dentists

[Reco]

On Wed, Jul 14, 2021 at 06:26:58PM -0400, Polyna-Maude Racicot-Summerside wrote:
> Him
> 
> On 2021-07-14 3:42 p.m., ellanios82 wrote:
> > On 7/14/21 9:27 PM, Jude DaShiell wrote:
> >> Doctors and Dentists run windows as the base for all of their practice
> >> software.  I don't know of any linux software that could replace that
> >> software either.  Could it be some software house would be able to get
> >> linux versions available and make some money?
> > 
> >  - at one stage needed windows stuff : ran on Virtual-Box : perfect !!
> > 
> > 
> That's the usual "geek non-sense" answer.
> 
> Can you tell me one big advantage of using Linux in a medical practice ?

Sure, I can name two such advantages.

You cannot catch a ransomware cryptolocker using Linux on a desktop,
it's definitely Windows-only kind of software. In fact, any FOSS OS has
this advantage, unless you're using Wine (software).

Also, you can ensure that your patients' data won't be uploaded to M$ or
Apple, but that can be considered a common practice these days.

Reco

Re: MDs & Dentists

[Stefan Monnier]

jeremy ardley [2021-07-15 07:03:18] wrote:
> On 15/07/2021 6:26 am, Polyna-Maude Racicot-Summerside wrote:
>> Also can you find me one Linux distribution that is certified as medical
>> equipment for reliability ?
> You can't be seriously suggesting Windows is certified for any risk of life
> application!?

He's talking about official certification by some government entity or
some professional association or something like that.
In many situation, such a certification is required by law or by the
insurance companies.

It doesn't really matter what that certification means technically.


Stefan

Re: MDs & Dentists

[Polyna-Maude Racicot-Summerside]

On 2021-07-14 9:58 p.m., Weaver wrote:
> On 15-07-2021 11:53, Polyna-Maude Racicot-Summerside wrote:
>> Hi,
>>>
>>> Have you even considered options such as:
>>>
>>> https://tinyurl.com/42km8b6n
>>>
>> Can you please tell me one thing...
>> Does what you just showed me does the following :
>>
>> 1. Manage my health record for my client.
>> 2. Same time as I enter my note into the clients file, code the medical
>> act I've done.
>> 3. Send the code every week to the billing agency so I can get my pay.
>> 4. If you have look at the reference I've sent you, then you have seen
>> the we have what's called service agreement.
>> 5. Codify the acts respecting the billing agreements, for example once
>> per years bill for the patient continuous service follow up ?
>>
>> I doubt they do this.
> 
> I don't know.
> I'm trusting in you to do your own research.
> 
>> And none of the software you showed me deal with medicare ;-)
> 
> Don't they?
> So, you have verified that?
> In which case, what auxiliary function can you call on to fulfil that
> need?
That medicare accept payment only by certified agency.
I did check because they ain't on the list

https://www.ramq.gouv.qc.ca/fr/professionnels/developpeurs-logiciels-medecine/facturation2/liste-developpeurs/Pages/liste-developpeurs.aspx

https://infocentral.infoway-inforoute.ca/en/tools/developer-tools

So yes I did check what you sent me...

> Cheers!
> 
> Harry.
> 

-- 
Polyna-Maude R.-Summerside
-Be smart, Be wise, Support opensource development



OpenPGP_signature
Description: OpenPGP digital signature

Re: MDs & Dentists

[Polyna-Maude Racicot-Summerside]

Hi,

> To be certified (by who?) a piece of equipment with a specific
> configuration for a specific purpose is chosen. 'Windows' can never be
> certified on its own - just as 'Linux' can never be certified.
> 

To by certified by who ?
The payment agency who send my check ;-)
https://www.ramq.gouv.qc.ca/fr/professionnels/developpeurs-logiciels-medecine/facturation2/liste-developpeurs/Pages/liste-developpeurs.aspx

Here's a list of approved software system.

And the hardware solution certified by who ?
Them...
https://www.infoway-inforoute.ca/en/component/tags/tag/3718-information-standards


Because as you seem blind to understand.
My system doesn't run alone. The main task I do with it is to access my
client record, interact with other MDs, manage my shared agenda with
other practitioner.

Is there something you don't get ?

Btw, I'm over, I have better to do than to repeat myself over and over
again.

If your solutions are so great then let me be happy the day Telus Health
will go bankrupt !

-- 
Polyna-Maude R.-Summerside
-Be smart, Be wise, Support opensource development



OpenPGP_signature
Description: OpenPGP digital signature

Re: MDs & Dentists

[Weaver]

On 15-07-2021 11:53, Polyna-Maude Racicot-Summerside wrote:
> Hi,
>>
>> Have you even considered options such as:
>>
>> https://tinyurl.com/42km8b6n
>>
> Can you please tell me one thing...
> Does what you just showed me does the following :
> 
> 1. Manage my health record for my client.
> 2. Same time as I enter my note into the clients file, code the medical
> act I've done.
> 3. Send the code every week to the billing agency so I can get my pay.
> 4. If you have look at the reference I've sent you, then you have seen
> the we have what's called service agreement.
> 5. Codify the acts respecting the billing agreements, for example once
> per years bill for the patient continuous service follow up ?
> 
> I doubt they do this.

I don't know.
I'm trusting in you to do your own research.

> And none of the software you showed me deal with medicare ;-)

Don't they?
So, you have verified that?
In which case, what auxiliary function can you call on to fulfil that
need?
Cheers!

Harry.

-- 
`When injustice becomes law, resistance becomes duty' 
-- Thomas Jefferson

Re: MDs & Dentists

[Polyna-Maude Racicot-Summerside]

Hi,
> 
> Have you even considered options such as:
> 
> https://tinyurl.com/42km8b6n
> 
Can you please tell me one thing...
Does what you just showed me does the following :

1. Manage my health record for my client.
2. Same time as I enter my note into the clients file, code the medical
act I've done.
3. Send the code every week to the billing agency so I can get my pay.
4. If you have look at the reference I've sent you, then you have seen
the we have what's called service agreement.
5. Codify the acts respecting the billing agreements, for example once
per years bill for the patient continuous service follow up ?

I doubt they do this.
And none of the software you showed me deal with medicare ;-)
-- 
Polyna-Maude R.-Summerside
-Be smart, Be wise, Support opensource development



OpenPGP_signature
Description: OpenPGP digital signature

Re: MDs & Dentists

[Weaver]

On 15-07-2021 11:43, Stefan Monnier wrote:
> jeremy ardley [2021-07-15 07:03:18] wrote:
>> On 15/07/2021 6:26 am, Polyna-Maude Racicot-Summerside wrote:
>>> Also can you find me one Linux distribution that is certified as medical
>>> equipment for reliability ?
>> You can't be seriously suggesting Windows is certified for any risk of life
>> application!?
> 
> He's talking about official certification by some government entity or
> some professional association or something like that.
> In many situation, such a certification is required by law or by the
> insurance companies.
> 
> It doesn't really matter what that certification means technically.

I know what he means, though.
Windows is not `certified' for use on the International space station:
they can't afford a frozen screen up there.
The New York and London stock exchanges don't use it.
The traffic lights (anywhere!) are not driven by it.

t's certified for nothing as far as I'm concerned.
On the other hand, it's certifiable, if you get my drift.
Cheers!

Harry.

-- 
`When injustice becomes law, resistance becomes duty' 
-- Thomas Jefferson

Re: MDs & Dentists

[Gene Heskett]

On Wednesday 14 July 2021 20:32:27 Weaver wrote:

and I snipped to the important part:

> On 15-07-2021 09:32, Polyna-Maude Racicot-Summerside wrote:
> > But FOSS has no impact on the benefits to this solution, moral is
> > not part of it.
>
> Wrong!
> The code is open so any intervention is recognised by a hundred
> thousand and one eyes.
> Bugs get fixed in a fraction of the time other software takes, putting
> it off till six months down the line (minimum!), when a little
> production downtime creates leeway.

Open source does not always impose those scheduling things. I am on 
several other open source mailing lists, and in one case I have 4 
machines running the projects git master software, so I see code commits 
daily and can report bugs long before it gets to the average users 
machine, some of which are more than powerfull enough to kill or mame 
forever if they do something wrong unexpectedly. I play the part of the 
canary in the coal mine, and have reported bugs, and had a fix compiled 
and installed on my machines in as little as 2 hours. 3 times in about 2 
decades is pretty good compared to Redmond's product. Even the kernel 
developers, who comprise at least 100 sets of eyeballs, rarely take more 
than 2 or 3 days to hash out a fix. If you build your own kernels that's 
fine, but the distro's test 500+ times compared to your one machine, so 
it does take time for such to actually reach a repo and your package 
manager to pull it into your machine.

Windows track record in that department is at least 100x worse. 

MBA's are the major reason Windows exists today, they have deep pockets 
that can be sued if it screws up. Linux, generally speaking is free, not 
even beer money in some pockets, nothing there if you did sue. But an 
MBA never makes a mistake because he/she/it always has to have someone 
to sue. Even if it actually is the MBA's mistake.

Understand that, and you'll be well up on seeing whats wrong with today's 
business environment.

[...]

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: MDs & Dentists

[Weaver]

On 15-07-2021 09:32, Polyna-Maude Racicot-Summerside wrote:
> Hi,
> 
> On 2021-07-14 6:58 p.m., Weaver wrote:
>> On 15-07-2021 08:30, Polyna-Maude Racicot-Summerside wrote:
>>> Hi,
>>>
>>> On 2021-07-14 3:54 p.m., Weaver wrote:
 On 15-07-2021 05:42, ellanios82 wrote:
> On 7/14/21 9:27 PM, Jude DaShiell wrote:
>> Doctors and Dentists run windows as the base for all of their practice 
>> software.  I don't know of any linux software that could replace that 
>> software either.  Could it be some software house would be able to get 
>> linux versions available and make some money?
>
> ...
>
>  - just so :)
>
>  - at one stage needed windows stuff : ran on Virtual-Box : perfect !!

 There are medical and dental practice softwares which runs on Linux, and
 it's in the repositories.

 https://packages.debian.org/search?keywords=medical+practice=all=unstable=all

 Has anybody pointed it out to their doctor/dentist yet?
 Cheers,

>>> Have you done it ?
>>
>> No, have you?
>>
>>> What is needed to run a doctor office can you tell me ?
>>
>> That's quite a topic to cover in an email, but yes, I know.
>>
>>> Does your "suite" cover it all ?
>>
>> Never used it, have you?
>> Or is this just another example of your ability to denigrate something
>> with no evidence to support it?
>>
> If you took the time to read my previous email then you'll see that :
> I've tried and used Freediams
> I've used the software for viewing of CT Scan (can't remember the name).
> I've used the software for viewing imaging (DICOM).
> 
> Shall I continue ?
> 
> You seem to say many things but lack proof to support them.
> 
>>> What would be the benefits for the doctor/dentist ?
>>
>> Stability and, discounting adminstration overhead, free to use.
>> Have you priced out proprietary alternatives>
>> They're _very_ expensive.
>>

Make up your mind!

\begin{quote} 
 
> Stability wouldn't change, we are not running Windows 95 anymore.
> Can you give me real world example where Linux would be more stable ?
> 
> Don't confuse the need of a computer server and the need of a desktop
> user who's willing to reboot once a day or more. \end{quote}

> And you think that a alternative to those software for administration
> exist ? Those software have to be certified to connect to other software
> used in the office.
> 
> I know the price and could give you some idea.
> 
> PARAM for one user/one doctor/per year will cost you 1200$ and it's one
> of the cheapest, it's mostly the old paper form on a screen.
> Pack you data in XML, make the checksum and here you go.
> 
> The software for our unified health record is supplied by the agency and
> run on Windows only. And this is similar in many settings...
> You don't buy a software, you pay for a service.
> 
> I don't pay for accounting software, I pay for billing service that will
> also optimize my billing. And they supply the software.
> 
> What would a specific accounting software made for doctor, that is
> updated at least monthly would cost less on Linux ?

Right!
So, it's accounting software now.
I don't know, I pay a bookkeeper and an accountant to do all that, and
it doesn't cost me anywhere near what you just quoted.
_And_ I have time for a life.
A big clue to surviving in any business.
Don't work your way into the ground.
Give yourself time for a life.
Your business will be all the better off for it.

> This is a list of all the change to our billing agreements on a day to
> day (week to week) basis...
> 
> https://www.ramq.gouv.qc.ca/fr/professionnels/medecins-omnipraticiens/infolettres/2021/Pages/infolettres.aspx

Have you even considered options such as:

https://tinyurl.com/42km8b6n

> You still don't give me any example of a Linux software that can
> interact with the rest of the software used for health record management.
> 
> Yes freediams does some part but it's really far from what a complete
> health record management do.
> 
> There's no integration with medical imaging (there is but limited).
> There's lacking a bunch of medical equation that we use everyday (for
> example calculating the albumin clearance based on blood test for a
> non-hospitalised patient), etc.

I haven't avoided it at all.
I stated that looking at where descripancies lie and assessing
requirement is the way to go.
I don't see anything wrong with something like LaTeX or XML templates
for a number of different functions.

> And the biggest of all.
> 
> It's not approved by any of the regulator !
> 
> Because you have to use "approved solution" if you want your insurance
> to cover you. That's in the contract... Whatever "approved mean", I let
> my lawyer decide.

O.K., so why are we even talking about it?
Why is it even on the list?
Talk to the developers of the programmes concerned, lay out what you see
as issues, and how they are able to address those.
There are no such restrictive legislation/regulation here.

>>> Again, don't get 

Re: MDs & Dentists

[jeremy ardley]

On 15/07/2021 7:40 am, Polyna-Maude Racicot-Summerside wrote:



On 15/07/2021 6:26 am, Polyna-Maude Racicot-Summerside wrote:

Also can you find me one Linux distribution that is certified as medical
equipment for reliability ?

You can't be seriously suggesting Windows is certified for any risk of
life application!?

It has a huge spectrum of vulnerabilities and a constant stream of zero
day exploits for both the O/S and the myriad applications (Adobe and
Java, I'm looking at you in particular)

That plus real-time isn't and having your system shutting down at will
to install essential patches! No thanks.

On what planet do you live ?
Did I say Windows 10 ?
https://www.microsoft.com/en-ca/industry/health/providers

They usually use the real time version of Windows (embedded) for the
critical part of infrastructure.


There ain't no such thing as windows embedded, nor windows real time. 
There are a plethora of binaries probably as far back as windows 95 that 
have gone under the names using NT kernel or some other kernel e.g. Win-CE


Today they are using NT kernels as well as the proprietary kernel, and 
even a Linux kernel under the general heading of embedded or IoT. And as 
is they way, they then link it into azure cloud to offload some of the 
functionality and increase the risk profile.


To be certified (by who?) a piece of equipment with a specific 
configuration for a specific purpose is chosen. 'Windows' can never be 
certified on its own - just as 'Linux' can never be certified.


The discussion about MDs and dentists is not about equipment, it's about 
software they use in day to day operations. That's predominately Windows 
10, either stand alone or as a front end to a remote information system.


The trend, finally, is towards remote services  and lots and lots of 
ECMAscript. For that chrome running on say armbian is as good as chrome 
running on Windows 10. The difference is the armbian version has a much 
higher up-time and a much lower threat profile.


In reference to phones BTW. iPhone is around 15% market share. The rest 
mostly Android. iPhone is dominant in legal and medical circles because 
its considered prestige and they have far too much spare cash.

Re: MDs & Dentists

[Polyna-Maude Racicot-Summerside]

Hi,
Why do we mostly have iPhone ?
Because the software aren't available on Android and the ones that are
available ain't same quality !

On 2021-07-14 6:58 p.m., Weaver wrote:
> On 15-07-2021 08:30, Polyna-Maude Racicot-Summerside wrote:
>> Hi,
>>
>> On 2021-07-14 3:54 p.m., Weaver wrote:
>>> On 15-07-2021 05:42, ellanios82 wrote:
 On 7/14/21 9:27 PM, Jude DaShiell wrote:
> Doctors and Dentists run windows as the base for all of their practice 
> software.  I don't know of any linux software that could replace that 
> software either.  Could it be some software house would be able to get 
> linux versions available and make some money?

 ...

  - just so :)

  - at one stage needed windows stuff : ran on Virtual-Box : perfect !!
>>>
>>> There are medical and dental practice softwares which runs on Linux, and
>>> it's in the repositories.
>>>
>>> https://packages.debian.org/search?keywords=medical+practice=all=unstable=all
>>>
>>> Has anybody pointed it out to their doctor/dentist yet?
>>> Cheers,
>>>
>> Have you done it ?
> 
> No, have you?
> 
>> What is needed to run a doctor office can you tell me ?
> 
> That's quite a topic to cover in an email, but yes, I know.
> 
>> Does your "suite" cover it all ?
> 
> Never used it, have you?
> Or is this just another example of your ability to denigrate something
> with no evidence to support it?
> 
>> What would be the benefits for the doctor/dentist ?
> 
> Stability and, discounting adminstration overhead, free to use.
> Have you priced out proprietary alternatives>
> They're _very_ expensive.
> 
>> Again, don't get into the FOSS thingy.
> 
> I haven't.
> But I don't see any reason to denigrate that aspect, either.
> 
>> Don't give much about this.
>>
>> Computer = tool
>> Tool = effective
>> If I need to change my habits = Must be a really good reason
> 
> The first step is honest assessment of requirement, which you don't
> appear to have done.
> 
>> I feel like all this is emotion based and no one really took time to ask
>> themselves why won't they...
>>
>> Maybe because even if you have a software, if it doesn't interact with
>> other part of the system, it's a bit useless. Like a computer on a
>> network that doesn't speak IP...
> 
> Then you need to look at the interaction points, see what can be done
> about that aspect, if that is, indeed, the state.
> Where do you get the idea it isn't?
> Cheers!
> 
> Harry.
> 

-- 
Polyna-Maude R.-Summerside
-Be smart, Be wise, Support opensource development



OpenPGP_signature
Description: OpenPGP digital signature

Re: MDs & Dentists

[jeremy ardley]

On 15/07/2021 6:26 am, Polyna-Maude Racicot-Summerside wrote:


Also can you find me one Linux distribution that is certified as medical
equipment for reliability ?


You can't be seriously suggesting Windows is certified for any risk of 
life application!?


It has a huge spectrum of vulnerabilities and a constant stream of zero 
day exploits for both the O/S and the myriad applications (Adobe and 
Java, I'm looking at you in particular)


That plus real-time isn't and having your system shutting down at will 
to install essential patches! No thanks.


Jeremy

Re: MDs & Dentists

[Weaver]

On 15-07-2021 08:30, Polyna-Maude Racicot-Summerside wrote:
> Hi,
> 
> On 2021-07-14 3:54 p.m., Weaver wrote:
>> On 15-07-2021 05:42, ellanios82 wrote:
>>> On 7/14/21 9:27 PM, Jude DaShiell wrote:
 Doctors and Dentists run windows as the base for all of their practice 
 software.  I don't know of any linux software that could replace that 
 software either.  Could it be some software house would be able to get 
 linux versions available and make some money?
>>>
>>> ...
>>>
>>>  - just so :)
>>>
>>>  - at one stage needed windows stuff : ran on Virtual-Box : perfect !!
>>
>> There are medical and dental practice softwares which runs on Linux, and
>> it's in the repositories.
>>
>> https://packages.debian.org/search?keywords=medical+practice=all=unstable=all
>>
>> Has anybody pointed it out to their doctor/dentist yet?
>> Cheers,
>>
> Have you done it ?

No, have you?

> What is needed to run a doctor office can you tell me ?

That's quite a topic to cover in an email, but yes, I know.

> Does your "suite" cover it all ?

Never used it, have you?
Or is this just another example of your ability to denigrate something
with no evidence to support it?

> What would be the benefits for the doctor/dentist ?

Stability and, discounting adminstration overhead, free to use.
Have you priced out proprietary alternatives>
They're _very_ expensive.

> Again, don't get into the FOSS thingy.

I haven't.
But I don't see any reason to denigrate that aspect, either.

> Don't give much about this.
> 
> Computer = tool
> Tool = effective
> If I need to change my habits = Must be a really good reason

The first step is honest assessment of requirement, which you don't
appear to have done.

> I feel like all this is emotion based and no one really took time to ask
> themselves why won't they...
> 
> Maybe because even if you have a software, if it doesn't interact with
> other part of the system, it's a bit useless. Like a computer on a
> network that doesn't speak IP...

Then you need to look at the interaction points, see what can be done
about that aspect, if that is, indeed, the state.
Where do you get the idea it isn't?
Cheers!

Harry.

-- 
`When injustice becomes law, resistance becomes duty' 
-- Thomas Jefferson

Re: MDs & Dentists

[Polyna-Maude Racicot-Summerside]

On 2021-07-14 5:08 p.m., Brian wrote:
> On Wed 14 Jul 2021 at 16:54:06 -0400, Gene Heskett wrote:
> 
>> On Wednesday 14 July 2021 16:49:34 Brian wrote:
>>
>>> On Wed 14 Jul 2021 at 16:40:43 -0400, Gene Heskett wrote:
>>>
>>> [...]
>>>
 Off topic reply for sure.
>>>
>>> [Reply snipped]
>>>
>>> Dead sure it is. Nothing unusual. Are you trying to gat many in before
>>> you pop your clogs? :)
>>
>> Of coarse Brian, would you have it any different? ;-)
> 
> Probably not, Gene. But I have a high tolerence level. :)
> 
We all think that "we have everything high"...

-- 
Polyna-Maude R.-Summerside
-Be smart, Be wise, Support opensource development



OpenPGP_signature
Description: OpenPGP digital signature

Re: MDs & Dentists

[Polyna-Maude Racicot-Summerside]

Hi,

On 2021-07-14 3:54 p.m., Weaver wrote:
> On 15-07-2021 05:42, ellanios82 wrote:
>> On 7/14/21 9:27 PM, Jude DaShiell wrote:
>>> Doctors and Dentists run windows as the base for all of their practice 
>>> software.  I don't know of any linux software that could replace that 
>>> software either.  Could it be some software house would be able to get 
>>> linux versions available and make some money?
>>
>> ...
>>
>>  - just so :)
>>
>>  - at one stage needed windows stuff : ran on Virtual-Box : perfect !!
> 
> There are medical and dental practice softwares which runs on Linux, and
> it's in the repositories.
> 
> https://packages.debian.org/search?keywords=medical+practice=all=unstable=all
> 
> Has anybody pointed it out to their doctor/dentist yet?
> Cheers,
> 
Have you done it ?
What is needed to run a doctor office can you tell me ?
Does your "suite" cover it all ?

What would be the benefits for the doctor/dentist ?

Again, don't get into the FOSS thingy.

Don't give much about this.

Computer = tool
Tool = effective
If I need to change my habits = Must be a really good reason

> Harry.
> 

I feel like all this is emotion based and no one really took time to ask
themselves why won't they...

Maybe because even if you have a software, if it doesn't interact with
other part of the system, it's a bit useless. Like a computer on a
network that doesn't speak IP...

-- 
Polyna-Maude R.-Summerside
-Be smart, Be wise, Support opensource development



OpenPGP_signature
Description: OpenPGP digital signature

Re: MDs & Dentists

[Polyna-Maude Racicot-Summerside]

Him

On 2021-07-14 3:42 p.m., ellanios82 wrote:
> On 7/14/21 9:27 PM, Jude DaShiell wrote:
>> Doctors and Dentists run windows as the base for all of their practice
>> software.  I don't know of any linux software that could replace that
>> software either.  Could it be some software house would be able to get
>> linux versions available and make some money?
> 
> ...
> 
>  - just so :)
> 
>  - at one stage needed windows stuff : ran on Virtual-Box : perfect !!
> 
> 
That's the usual "geek non-sense" answer.

Can you tell me one big advantage of using Linux in a medical practice ?

What would I gain in my practice to switching over to Linux, already you
are talking about running Windows in a Virtual Box and your answer is
just based on something you don't know.

The software that is used for my electronic stetoscope is made for
running under Windows. If I call tech support and it's running under a
virtual box then they'll call me off. Because that's the contract.

Bad answer : Because it's FOSS (don't care, it's a tool).
Bad answer : Because it's more stable (no it's not anymore).

Also can you find me one Linux distribution that is certified as medical
equipment for reliability ?
> 
> 
>  rgds
> 
> .
> 
> 

-- 
Polyna-Maude R.-Summerside
-Be smart, Be wise, Support opensource development



OpenPGP_signature
Description: OpenPGP digital signature

Re: MDs & Dentists

[Polyna-Maude Racicot-Summerside]

This is a start but there's not much for the day to day practice.
You have health record management but it's unable to operate with other
system.
But there's also great stuff like the possibility to analyze CT scan and
MRI.
The tools are mostly oriented for research and not so much for practice
itself.

A medical tool is useless if it doesn't interact with the whole system.
You don't want to type lab result by hand ;-)

On 2021-07-14 3:09 p.m., John Hasler wrote:
> https://www.debian.org/devel/debian-med/
> 

-- 
Polyna-Maude R.-Summerside
-Be smart, Be wise, Support opensource development



OpenPGP_signature
Description: OpenPGP digital signature

Re: MDs & Dentists

[Polyna-Maude Racicot-Summerside]

Hi,

On 2021-07-14 2:27 p.m., Jude DaShiell wrote:
> Doctors and Dentists run windows as the base for all of their practice
> software.  I don't know of any linux software that could replace that
> software either.  Could it be some software house would be able to get
> linux versions available and make some money?
> 
> 
There's many reason behind the use of Windows.
The historical reason.
Plus you often need many software that are specific to one part of your
practice. For example in Quebec, all doctors need to have a accounting
software that is certified by the accounting board so they can bill the
universal health care system. They also need a certified software to
have access to the unified medical record (all hospital are linked to a
huge database so anywhere you can know what test have been done, what
medication is prescribed, etc) Those software are have a limited market
either because of the geography (accounting and medical limited only to
Quebec) or in some case because of the practice type (There's software
made only for radiologists and some only for ENT doctors).

All this create a somewhat small market and it would be hard for a
company to be profitable in a sub part of this market.

Also, there's the more complex certification of the global system.
There's ANSI and ISO standard for medical equipment that has to be met
by computer equipment used in medical practice. Not everything but when
you talk about lab results analysis for example.
This would require to certify the whole stack, including the underlying
Linux OS and deal with the update. Often these system are not network
linked because you can't update them too easily.

Also, there's the part that "Everyone learn something in school" and for
most of us, this is Windows. So you'd be asking your clerk to learn the
difference with LibreOffice and adapt to this.

Some things are changing, as we are all now "over Internet", I know that
some provider who only offered Windows based software are now serving it
as web application. So you can use it over Internet, that is mainly
billing and health record management.

We also have to put ourselves into others shoes. If most people here who
are Debian user also adapt easily to different computer environment,
even enjoy it. It's far from the case with most other user of computer
system. So there must be at least a really good incentive to force a
system change.

And there, I cannot see it !

The savings done over license would be transferred to the cost of
certifying. Where as now, once the Windows operating system is approved,
you don't have to do this again for every solution you'll make.

Where there's a good penetration of Linux based system is mostly where
the doctors are autonomous in their own practice. For example in Africa,
if I'm remembering good, even UNAIDS (UN HIV) donated funds for a open
source software used to manage lab results and do epidemiology with the
data. This was in Africa...

The question is not "why doesn't anyone made a solution using Linux" but
the question is more "what would they gain doing so" and "what would be
the incentive to the user".

If it take more than 2 sentence to explain the advantages of going with
a Linux solution then you lost them. And this not only apply to doctors
but to most professional for who the computer is only a tool, like a
pen, a typewriter and a ottoscope.

I'll explain a bit more to support my words...

Many years ago, the health administration of Quebec was getting tired of
dealing with paper billing getting in.
It was time consuming for the agency to put all this into the computer
themselves.
But by law, they couldn't force doctor to bill thru computer. You have
doctor who are 70 years old and are used to billing by hand on a
tri-copy piece of paper with carbon. They know all the billing code in
their head.
We are in 2005 and there's people sending in load of paper, there's
other doctor who send in disc (cd-rom that evolved from the old time
floppy), some of them use a switched line modem (56k) and some use batch
transfer over the internet thru the portal.

So they put a transaction fee of 75 cents for every paper form sent,
except the one that are only possible to send on paper (some type of
payment where you have to justify what you did or when there's no
billing code).

And time goes by...
It took 5 years for the doctors who sent by paper to mostly change to
electronic form.
So we are now in 2011 and there's still doctor doing the paper thing.
So they pushed in the unified health record and paid a one-time fee to
all doctor for buying computer and network equipment, also internet
access plus 6 days in the year for training. And they added some payment
to train the employees.

Because there was a real advantage for doctors (the unified health
record), they computerized their practice. Once they started being more
electronic, some advantage of using the computerized system was added.
For example you could save yourself from typing many 

Re: MDs & Dentists

[Brian]

On Wed 14 Jul 2021 at 16:54:06 -0400, Gene Heskett wrote:

> On Wednesday 14 July 2021 16:49:34 Brian wrote:
> 
> > On Wed 14 Jul 2021 at 16:40:43 -0400, Gene Heskett wrote:
> >
> > [...]
> >
> > > Off topic reply for sure.
> >
> > [Reply snipped]
> >
> > Dead sure it is. Nothing unusual. Are you trying to gat many in before
> > you pop your clogs? :)
> 
> Of coarse Brian, would you have it any different? ;-)

Probably not, Gene. But I have a high tolerence level. :)

-- 
Brian. 

Re: MDs & Dentists

[Gene Heskett]

On Wednesday 14 July 2021 16:49:34 Brian wrote:

> On Wed 14 Jul 2021 at 16:40:43 -0400, Gene Heskett wrote:
>
> [...]
>
> > Off topic reply for sure.
>
> [Reply snipped]
>
> Dead sure it is. Nothing unusual. Are you trying to gat many in before
> you pop your clogs? :)

Of coarse Brian, would you have it any different? ;-)

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: MDs & Dentists

[Brian]

On Wed 14 Jul 2021 at 16:40:43 -0400, Gene Heskett wrote:

[...]
 
> Off topic reply for sure.

[Reply snipped]

Dead sure it is. Nothing unusual. Are you trying to gat many in before
you pop your clogs? :)

-- 
Brian.

Re: MDs & Dentists

[Gene Heskett]

On Wednesday 14 July 2021 10:40:03 Polyna-Maude Racicot-Summerside wrote:

> Hi,
>
> On 2021-07-14 8:23 a.m., Dan Ritter wrote:
> > ellanios82 wrote:
> >>  - have heard it opined that MDs & Dentists are seldom good
> >> investors, for the reason that they are used to usually being
> >> 'Right'
> >
> > I'm not sure what this has to do with Debian, but this overlaps
> > with my professional interests.
> >
> > As far as I can tell, the reason that MDs and dentists are
> > notable as bad investors is the same reason that they are
> > notable as bad pilots: in the middle to end of their careers
> > they have lots of money and no particular life experience other
> > than their professions. They look for something that is
> > appealing on the surface, put just enough time into it to
> > convince themselves that they are going to be quite good at it
> > because they are already successful, and then crash.
>
> I can only agree with you, being MD myself. Well, I'd better say used
> to be MD. But again, that's wrong because I still got the diploma but
> ain't doing the usual job MD do.
>
> > https://generalaviationnews.com/2017/03/29/the-doctor-killer/
> >
> > Luckily, programming is a useful alternative hobby for medical
> > professionals. As long as you stay away from certain obscure
> > areas -- say, device drivers and financial software -- the
> > penalties for screwing up are much lower.
> >
> > If you like your doctor or dentist, encourage them to learn
> > Debian and get into programming rather than daytrading or
> > piloting.
>
> We maybe don't remember but if we go back 30 years or so ago, most
> people who graduated with a master in science, chemistry, physics or
> such all had to learn programming. Why ? Because they used it as a
> tool for doing research, making library of math function for analysis
> of data... My father-in-law as part of his master in geophysics used
> some Fortran to do waveform analysis, looking out for sign of
> specifics rock formation. All this produced truck load of data and he
> had to analyze it. In the early 80s, there was not many math package
> like we had today, even less that connected directly to signal
> acquisition system. So he built one with a DEC PDP-11.

Off topic reply for sure.

And that was his first mistake. As a former TV Chief Engineer I had to 
deal with all the computerized systems a tv station can acquire, and the 
PDP-11/23 CBS sold us for satellite dish control was by far the least 
dependable I ever had to deal with. The Digital Field Engineers changed 
everything in that machine but the frame rail with the serial number was 
on, without any effect on the 4 or 5 times a day silent crash. So we 
aired a crap load of dog food commercials when we were supposed to be 
selling breakfast foods or diapers, and we don't get paid for those 
mistakes. Eventually I forced CBS to replace it with an IBM based system 
which ran from power outage to power outage. Affiliate system wide, on 
CBS's dime.

> Today with the ease of the new software, most people will only use
> end-user software but in those days, you build your own.
> He even developed a molecule display program for the Commodore 64...

We often wrote our own software, but I almost always used a trs-80 color 
computer, much easier to program in os9 or basic09. But as a learning 
experiment, the first I wrote was on an 1802 based board but I was the 
assembler, looking up the hex codes in the rca programmers manual. All 
the board had was a hex monitor. The finished program then lived in the 
KRCR control room in Redding CA for 14 years that I know of, in use many 
times a day. That's a couple eons in the average broadcast facility.

> > -dsr-


Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: MDs & Dentists

[Weaver]

On 15-07-2021 05:42, ellanios82 wrote:
> On 7/14/21 9:27 PM, Jude DaShiell wrote:
>> Doctors and Dentists run windows as the base for all of their practice 
>> software.  I don't know of any linux software that could replace that 
>> software either.  Could it be some software house would be able to get linux 
>> versions available and make some money?
> 
> ...
> 
>  - just so :)
> 
>  - at one stage needed windows stuff : ran on Virtual-Box : perfect !!

There are medical and dental practice softwares which runs on Linux, and
it's in the repositories.

https://packages.debian.org/search?keywords=medical+practice=all=unstable=all

Has anybody pointed it out to their doctor/dentist yet?
Cheers,

Harry.

-- 
`When injustice becomes law, resistance becomes duty' 
-- Thomas Jefferson

Re: MDs & Dentists

[ellanios82]

On 7/14/21 9:27 PM, Jude DaShiell wrote:

Doctors and Dentists run windows as the base for all of their practice 
software.  I don't know of any linux software that could replace that software 
either.  Could it be some software house would be able to get linux versions 
available and make some money?


...

 - just so :)

 - at one stage needed windows stuff : ran on Virtual-Box : perfect !!




 rgds

.

Re: MDs & Dentists

[John Hasler]

https://www.debian.org/devel/debian-med/
-- 
John Hasler 
j...@sugarbit.com
Elmwood, WI USA

Re: MDs & Dentists

[Jude DaShiell]

Doctors and Dentists run windows as the base for all of their practice
software.  I don't know of any linux software that could replace that
software either.  Could it be some software house would be able to get
linux versions available and make some money?

Re: MDs & Dentists

[Charlie Gibbs]

On Wed Jul 14 07:38:52 2021 Dan Ritter  wrote:

> ellanios82 wrote:
>>
>>  - have heard it opined that MDs & Dentists are seldom good
>> investors, for the reason that they are used to usually being
>> 'Right'

I've heard that surgeons can be particularly bad.

> I'm not sure what this has to do with Debian, but this overlaps
> with my professional interests.
>
> As far as I can tell, the reason that MDs and dentists are
> notable as bad investors is the same reason that they are
> notable as bad pilots: in the middle to end of their careers
> they have lots of money and no particular life experience other
> than their professions. They look for something that is
> appealing on the surface, put just enough time into it to
> convince themselves that they are going to be quite good at it
> because they are already successful, and then crash.
>
> https://generalaviationnews.com/2017/03/29/the-doctor-killer/

Ah yes, the infamous "V-tail doctor killer", adored by
birdwatchers everywhere.

Still, if you read the article to the end you'll see that
improved training is offsetting the trend.

> Luckily, programming is a useful alternative hobby for medical
> professionals. As long as you stay away from certain obscure
> areas -- say, device drivers and financial software -- the
> penalties for screwing up are much lower.

Yeah, just write another piece of glitzy crap with a shitty user
interface... you could always get a job with Microsoft, I suppose.

> If you like your doctor or dentist, encourage them to learn
> Debian and get into programming rather than daytrading or
> piloting.

Either that, or ensure that they have - or develop - enough
humility to fly safely.

As for me, I'm content to stay with my Cessna 172,
and work to keep my instrument flying skills sharp.

--
cgi...@surfnaked.ca (Charlie Gibbs)

Re: MDs & Dentists

[Polyna-Maude Racicot-Summerside]

Hi,

On 2021-07-14 8:23 a.m., Dan Ritter wrote:
> ellanios82 wrote: 
>>
>>  - have heard it opined that MDs & Dentists are seldom good investors, for
>> the reason that they are used to usually being 'Right'
>>
> 
> I'm not sure what this has to do with Debian, but this overlaps
> with my professional interests.
> 
> As far as I can tell, the reason that MDs and dentists are
> notable as bad investors is the same reason that they are
> notable as bad pilots: in the middle to end of their careers
> they have lots of money and no particular life experience other
> than their professions. They look for something that is
> appealing on the surface, put just enough time into it to
> convince themselves that they are going to be quite good at it
> because they are already successful, and then crash.
> 
I can only agree with you, being MD myself. Well, I'd better say used to
be MD. But again, that's wrong because I still got the diploma but ain't
doing the usual job MD do.

> https://generalaviationnews.com/2017/03/29/the-doctor-killer/
> 
> Luckily, programming is a useful alternative hobby for medical
> professionals. As long as you stay away from certain obscure
> areas -- say, device drivers and financial software -- the
> penalties for screwing up are much lower.
> 
> If you like your doctor or dentist, encourage them to learn
> Debian and get into programming rather than daytrading or
> piloting.
We maybe don't remember but if we go back 30 years or so ago, most
people who graduated with a master in science, chemistry, physics or
such all had to learn programming. Why ? Because they used it as a tool
for doing research, making library of math function for analysis of data...
My father-in-law as part of his master in geophysics used some Fortran
to do waveform analysis, looking out for sign of specifics rock
formation. All this produced truck load of data and he had to analyze
it. In the early 80s, there was not many math package like we had today,
even less that connected directly to signal acquisition system.
So he built one with a DEC PDP-11.

Today with the ease of the new software, most people will only use
end-user software but in those days, you build your own.
He even developed a molecule display program for the Commodore 64...

> 
> -dsr-
> 

-- 
Polyna-Maude R.-Summerside
-Be smart, Be wise, Support opensource development



OpenPGP_signature
Description: OpenPGP digital signature

Re: MDs & Dentists

[Roberto C . Sánchez]

On Wed, Jul 14, 2021 at 03:35:18PM +0300, ellanios82 wrote:
> On 7/14/21 3:23 PM, Dan Ritter wrote:
> >   ~ same reason that they are notable as bad pilots
> 
> 
>   hah! : maybe Comedians? : Canadian Comic, Jim Carey , of 'the Mask' fame, 
> is a Pilot , and pilots his own big Plane
> 
And comedian Ken Jeong is a medical doctor :-)

-- 
Roberto C. Sánchez

Re: MDs & Dentists

[ellanios82]

On 7/14/21 3:23 PM, Dan Ritter wrote:

  ~ same reason that they are notable as bad pilots



  hah! : maybe Comedians? : Canadian Comic, Jim Carey , of 'the Mask' 
fame,  is a Pilot , and pilots his own big Plane








 rgds

Re: MDs & Dentists

[Dan Ritter]

ellanios82 wrote: 
> 
>  - have heard it opined that MDs & Dentists are seldom good investors, for
> the reason that they are used to usually being 'Right'
> 

I'm not sure what this has to do with Debian, but this overlaps
with my professional interests.

As far as I can tell, the reason that MDs and dentists are
notable as bad investors is the same reason that they are
notable as bad pilots: in the middle to end of their careers
they have lots of money and no particular life experience other
than their professions. They look for something that is
appealing on the surface, put just enough time into it to
convince themselves that they are going to be quite good at it
because they are already successful, and then crash.

https://generalaviationnews.com/2017/03/29/the-doctor-killer/

Luckily, programming is a useful alternative hobby for medical
professionals. As long as you stay away from certain obscure
areas -- say, device drivers and financial software -- the
penalties for screwing up are much lower.

If you like your doctor or dentist, encourage them to learn
Debian and get into programming rather than daytrading or
piloting.

-dsr-