Linux-Advocacy Digest #437, Volume #31 Sat, 13 Jan 01 14:13:04 EST
Contents:
Re: Linux 2.4 Major Advance (The Ghost In The Machine)
Re: A salutary lesson about open source (Craig Kelley)
Re: Linux Mandrake 7.2 and the banana peel ("Aaron R. Kulkis")
Re: You and Microsoft... (Craig Kelley)
Re: You and Microsoft... (Craig Kelley)
Re: Linux is crude and inconsistant. (The Ghost In The Machine)
Re: Windows 2000 (Shane Phelps)
Re: you dumb. and lazy. (Craig Kelley)
Re: Linux is crude and inconsistant. (The Ghost In The Machine)
Re: MS Office Porting to OS X--Linux Next? (Craig Kelley)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (The Ghost In The Machine)
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: Linux 2.4 Major Advance
Date: Sat, 13 Jan 2001 18:54:56 GMT
In comp.os.linux.advocacy, Aaron R. Kulkis
<[EMAIL PROTECTED]>
wrote
on Fri, 12 Jan 2001 19:09:21 -0500
<[EMAIL PROTECTED]>:
>Chad Myers wrote:
>>
>> <[EMAIL PROTECTED]> wrote in message
>> news:93nmal$52t$[EMAIL PROTECTED]...
>> > "Chad Myers" <[EMAIL PROTECTED]> writes:
>> > ><[EMAIL PROTECTED]> wrote in message
>> >
>> > >> Really? You mean when earlier versions of kernel-GDI didn't
>> > >> properly check the parameters passed in to some methods, and
>> > >> thus allowed ordinary users to crash the whole machine, that
>> > >> was not a security issue?
>> >
>> > >It's more of a DoS than a security issue.
>> >
>> > You mean an ordinary user being able to deny another user services is
>> > not a security issue?
>>
>> <sigh> Attempting to debate with you guys is impossible.
>> Do I now have to teach you to read?
>>
>> It's MORE. M-O-R-E, MORE of a DoS than a security issue. Security on
>> the system was not compromised in any way.
>
>Denial of Service *IS* a security issue, you fucking MORON.
>
>M-O-R-O-N
>
>MORON!
I think we're all quibbling about what is a security issue here.
The simplest DoS, for example, is a packet flood; no security issue
per se, but it denies service because it hogs bandwidth (and can lead
to desynch problems on those applications that require a duplicated
state machine, such as IRC; however, that appears to be more an IRC
design issue). One might defend against this by locking out the
flooder (or the entire subgroup, punishing the innocent with the
guilty until the provider deals with the errant user); of course,
the flooder, if he's on a dynamic IP, can simply redial in and start
flooding again.
Or one can lock up the machine by a fork/malloc bomb. This sort of DoS
is a similar issue; in this case, one is hogging CPU and memory.
(This one's easily defended against by using limits.)
Or one can write huge files, filling up a disk. (Quotas.)
None of these damages or even exposes data -- but they
do impair usefulness; other legitimate users can't access the machine,
or make use of the data or free disk space. Neither are
they Linux-specific; a misconfigured NT system would be
vulnerable, too -- and it's my understanding that NT4 was
wide open fresh out of the box, at least until SP1.
An undisputed security issue would be a buffer overrun exploit;
these are getting rarer, but still exist.
A Linux-specific DoS issue (which has already been fixed) might be
a SYN attack; this locked up the server socket for too long a time
and made the DoS attack much more effective (because no one else
could connect). Another one might be the IP fragmentation bug;
I don't know if that could have led to a root exploit, but it
did crash the machine. (NT had a similar bug, and IIRC Microsoft
took quite a bit longer to fix it than Linux did.)
[rest snipped]
--
[EMAIL PROTECTED] -- insert random misquote here
EAC code #191 2d:17h:39m actually running Linux.
The EAC doesn't exist, but they're still watching you.
------------------------------
From: Craig Kelley <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: A salutary lesson about open source
Date: 13 Jan 2001 11:54:48 -0700
"Chad Myers" <[EMAIL PROTECTED]> writes:
> "Conrad Rutherford" <[EMAIL PROTECTED]> wrote in message
> news:3a5f5df0$0$45705$[EMAIL PROTECTED]...
> > So, the product was out for nearly 7 months as open source with a complete
> > and fairly obvious backdoor ... took the community that long to find it?
> >
> > Seeing as how it remained hidden perfectly for 6 years as closed source this
> > is nice proof that security through obscurity works just fine thank you. In
> > fact, had the code NOT been released, this backdoor would continue to have
> > existed.
> >
> > I do not applaud the open source find - it was too long coming - instead I
> > decry Borland/Inprise's quality control - what the fuck! 6 years guys and no
> > one spotted this ???? Open source should not try to ride the backs of this
> > for their own self-glorification, that's sad.
>
> That's all they can do, really. Isolated incidents are all they have to
> cling to to satisfy their need for acceptance.
Then please explain *why* it took open sourceing the database to find
this. Conrad has NO proof that this wasn't being exploited by the
original authors and/or black hats in the previous six years.
This should also shoot down your contention that "Nobody reads open
source software anyway".
--
The wheel is turning but the hamster is dead.
Craig Kelley -- [EMAIL PROTECTED]
http://www.isu.edu/~kellcrai finger [EMAIL PROTECTED] for PGP block
------------------------------
From: "Aaron R. Kulkis" <[EMAIL PROTECTED]>
Subject: Re: Linux Mandrake 7.2 and the banana peel
Date: Sat, 13 Jan 2001 13:54:04 -0500
Pete Goodwin wrote:
>
> Oopsie!
>
> I just rebuilt my 166MHz server with a 30GByte ATA66 drive and an ATA100
> controller. I reinstalled Linux Mandrake 7.2, chose some options and
Why the fuck did you reinstall, shit-for-brains?
--
Aaron R. Kulkis
Unix Systems Engineer
DNRC Minister of all I survey
ICQ # 3056642
H: "Having found not one single carbon monoxide leak on the entire
premises, it is my belief, and Willard concurs, that the reason
you folks feel listless and disoriented is simply because
you are lazy, stupid people"
I: Loren Petrich's 2-week stubborn refusal to respond to the
challenge to describe even one philosophical difference
between himself and the communists demonstrates that, in fact,
Loren Petrich is a COMMUNIST ***hole
J: Other knee_jerk reactionaries: billh, david casey, redc1c4,
The retarded sisters: Raunchy (rauni) and Anencephielle (Enielle),
also known as old hags who've hit the wall....
A: The wise man is mocked by fools.
B: Jet Silverman plays the fool and spews out nonsense as a
method of sidetracking discussions which are headed in a
direction that she doesn't like.
C: Jet Silverman claims to have killfiled me.
D: Jet Silverman now follows me from newgroup to newsgroup
...despite (C) above.
E: Jet is not worthy of the time to compose a response until
her behavior improves.
F: Unit_4's "Kook hunt" reminds me of "Jimmy Baker's" harangues against
adultery while concurrently committing adultery with Tammy Hahn.
G: Knackos...you're a retard.
------------------------------
From: Craig Kelley <[EMAIL PROTECTED]>
Subject: Re: You and Microsoft...
Date: 13 Jan 2001 11:57:18 -0700
"Erik Funkenbusch" <[EMAIL PROTECTED]> writes:
> "Peter Köhlmann" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > Erik Funkenbusch wrote:
> >
> > >
> > > Right. First, remote rural areas can't get 56K, thus you were
> connecting
> > > at
> > > speeds of under 33.6, probably under 28.8. Let's just say 28.8. Since
> > > there are 10 bits in each byte over modem (8 bits, 1 start, 1 stop bit)
> > > that's 2880 bytes a second. To download 100 meg would take 9.6 hours.
> > > Even a basic Linux machine will be at least 300 Meg, so that's over 27
> > > hours, or
> > > more than a day. Not "overnight".
> > >
> > Sure, Windows would do that MUCH faster.
> > And what if I live in a city and have DSL (which I have).
> > This is at least 40 times as fast as your scenario above.
> > But even then, windows will fail
>
> DSL is not a dialup modem. The point was that it's really not feasible to
> install Linux over a dialup modem.
That's funny, I've *done* it.
--
The wheel is turning but the hamster is dead.
Craig Kelley -- [EMAIL PROTECTED]
http://www.isu.edu/~kellcrai finger [EMAIL PROTECTED] for PGP block
------------------------------
From: Craig Kelley <[EMAIL PROTECTED]>
Subject: Re: You and Microsoft...
Date: 13 Jan 2001 12:04:07 -0700
"Erik Funkenbusch" <[EMAIL PROTECTED]> writes:
> "Gary Hallock" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > Erik Funkenbusch wrote:
> >
> > >
> > > No, but the kernel itself has to be. A Linux install kernel has to be
> able
> > > to run on a 386. MS's install kernel is both multiprocessor and 486
> > > optimized (for NT4, P5 optimized for 2000).
> >
> > Not true. Redhat comes with multiple kernel rpms (386, 586, 686) and
> > installs the one optimized for your machine. Mandrake ships with a
> kernel
> > optimized for 586. Both have separate rpms for smp which are
> automatically
> > installed if you have an smp.
>
> Read again. The *INSTALL* kernel. We're talking in the context of a Linux
> installation which never reboots from the original kernel loaded off the CD
> or install floppy. Red Hat can't install an optimized kernel if it's not
> running yet, now can it?
You could always use the 2-kernel monty to swap kernels while running.
--
The wheel is turning but the hamster is dead.
Craig Kelley -- [EMAIL PROTECTED]
http://www.isu.edu/~kellcrai finger [EMAIL PROTECTED] for PGP block
------------------------------
From: [EMAIL PROTECTED] (The Ghost In The Machine)
Crossposted-To: alt.linux.sux
Subject: Re: Linux is crude and inconsistant.
Date: Sat, 13 Jan 2001 19:06:58 GMT
In comp.os.linux.advocacy, Kyle Jacobs
<[EMAIL PROTECTED]>
wrote
on Tue, 09 Jan 2001 05:19:26 GMT
<ybx66.15981$[EMAIL PROTECTED]>:
>Give it [Linux] a full body redesign, then we'll talk.
"That's right, never mind whether the car steers correctly or is
safe to use at high speeds in heavy traffic! It absolutely must
have a two-tone paint job, chrome bumpers, and a flashy set of
magnesium alloy wheels!"
[rest snipped]
--
[EMAIL PROTECTED] -- see also the Edsel
EAC code #191 2d:19h:30m actually running Linux.
Yes, uptime & wall clock aren't in synch; I don't know why.
------------------------------
From: Shane Phelps <[EMAIL PROTECTED]>
Subject: Re: Windows 2000
Date: Sun, 14 Jan 2001 06:08:46 +1100
Russ Lyttle wrote:
>
> Erik Funkenbusch wrote:
> >
> > "Russ Lyttle" <[EMAIL PROTECTED]> wrote in message
> > news:[EMAIL PROTECTED]...
> > > Erik Funkenbusch wrote:
> > > >
> > > > "Shane Phelps" <[EMAIL PROTECTED]> wrote in message
> > > > news:[EMAIL PROTECTED]...
> > > > > Erik Funkenbusch wrote:
> > > > > > > What about Word98?
> > > > > >
> > > > > > Word98 is for the Mac, All Mac versions of word have had different
> > > > formats.
> > > > >
> > > > > Is there any particualr reason for that still being the case?
> > > > > Not trolling, genuinely curious.
> > > >
> > > > Well, most likely it's the endian issue, not to mention that things like
> > OLE
> > > > an structured storage are different between PC and MAC.
> > > >
> > > What does endian have to do with it? Changing endian on reading files
> > > between Intel and Motorola format takes at about 5 lines of code. I do
> > > that all the time.
> >
> > Word has traditionally stored binary data structures in it's file format.
> > This means that, unless you always convert endianness when loading and
> > unloading documents, the file formats (even if otherwise identical) will not
> > be the same for data content. More likely, Word only does endianness
> > conversion when using filters for a non-native file format.
> >
> > > > > IIRC, the Mac version of Word was developed from an earlier version
> > > > > of Word for DOS and included a lot of WYSIWYG (as we used to call
> > them)
> > > > > capabilities which were independently redeveloped in WinWord. I would
> > > > > have expected convergence in file formats.
> > > > > Excel was developed on the Mac and certainly used the same format, at
> > > > > least as far as Excel 5.
> > > >
> > > > Excel 5 for the PC uses BIFF format in a OLE structured storage compound
> > > > document. I'd be surprised if the native Mac excel version was the same
> > as
> > > > the PC version (especially given FPU differences between the
> > architectures).
> > >
> > > That still doesn't seem reasonable. The problem of converting between
> > > FPUs formats has been solved hundreds of times and doesn't require
> > > enough code to justify new file formats.
> >
> > Fine. Store a binary floating point number from an Intel machine in a file,
> > read the binary format back in on a Mac and shove it back into the FPU.. see
> > if it works correctly without massaging the data. Why massage the data for
> > your native file format? That makes no sense.
> >
> So massage the data. It isn't that difficult and can be done as the file
> is loaded. Either that or change the name and quit calling your Apple
> application Excel. If it is Excel and is *.xls, it should be readable by
> Excel everywhere. Or one of the products isn't Excel.
> The real truth is that Excel for the PC is so tied to the PC that MS
> couldn't port it. So they wrote another product that had a UI similar to
> Excel and called it Excel even though it isn't.
[ snip ]
Russ, I think both you and Erik are wrong on this point.
Excel was originally a Mac product (MS had, IIRC, Multiplan on the PC)
and was ported top Windows around Windows 2 or Windows 386. I remember
Excel for the PC shipping with its own copy of Windows way back when.
To a large extent, Windows was developed to boost sales of Excel.
The version of Excel in Office 95 quite happily reads a simple spreadsheet
created in Excel 5 on a Mac, but makes a best-guess effort to determine the
equivalent font. Such experiments are just one of the reasons for
having 1
of each of the widely used systems around.
It is quite possible that
a) the file formats are different and convert on-the-fly
b) later versions are no longer cmpatible
c) some of the OLE features are incompatible
I didn't (and won't) bother to do binary diffs of Windows and Mac excel
files to check the formats. I vaguely recall that MS published the Excel file
format (BIFF) ages ago, so it may still be available.
There are lots of things to beat up on MS about, but this isn't one of them
[ snip ]
------------------------------
From: Craig Kelley <[EMAIL PROTECTED]>
Crossposted-To: alt.linux.sux
Subject: Re: you dumb. and lazy.
Date: 13 Jan 2001 12:07:27 -0700
"Kyle Jacobs" <[EMAIL PROTECTED]> writes:
> Wager failed.
>
> All of Windows 98's 3D functionality is in Windows 2000 as built in support
> through the Windows protected archive.
What do you know, Google gave this as the first link:
http://www.computing.net/windows2000/wwwboard/forum/6348.html
> "Craig Kelley" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > [EMAIL PROTECTED] writes:
> >
> > > On Fri, 12 Jan 2001 01:03:04 -0000, [EMAIL PROTECTED] () wrote:
> > >
> > >
> > > > Personally, I hate having to add a decent mp3 player, a CD
> > > > mastering app, or a basic archiving tool to NT5.
> > >
> > > Personally I hate not have ANY decent varieties of the programs you
> > > mention available for Linux.
> > >
> > > Oh yea, for NT5 Try MusicMatch Jukebox and Winzip.
> > > Both free/shareware.
> >
> > Ok Claire,
> >
> > MusicMatch -> $19.99 (also available for Linux)
> > Winzip -> $29.00 (equivalent functionality comes with Linux
> *free*)
> >
> > > > I also hate it when NT5 knows that it has found a Blade 3D but
> > > > won't bother to tell the end user that it has done so and that
> > > > there is a generic driver available to use.
> > >
> > > And I hate that you can get 3D acceleration for the Matrox card under
> > > Xfree 3.3 but if you use 4.x the performance suffers (or the other way
> > > around, I forget). Under Mandrake they even tell you this when you
> > > select the card.
> > > No consistency with Linux, it's just a mess.
> >
> > I'll wager that I can find more than a few 3D cards that work under
> > Windows 98, but not under Windows 2000.
> >
> > Your point?
> >
> > [snip]
> >
> > --
> > The wheel is turning but the hamster is dead.
> > Craig Kelley -- [EMAIL PROTECTED]
> > http://www.isu.edu/~kellcrai finger [EMAIL PROTECTED] for PGP block
>
>
--
The wheel is turning but the hamster is dead.
Craig Kelley -- [EMAIL PROTECTED]
http://www.isu.edu/~kellcrai finger [EMAIL PROTECTED] for PGP block
------------------------------
From: [EMAIL PROTECTED] (The Ghost In The Machine)
Crossposted-To: alt.linux.sux
Subject: Re: Linux is crude and inconsistant.
Date: Sat, 13 Jan 2001 19:10:02 GMT
In comp.os.linux.advocacy, [EMAIL PROTECTED]
<[EMAIL PROTECTED]>
wrote
on Wed, 10 Jan 2001 22:03:46 GMT
<[EMAIL PROTECTED]>:
>On 10 Jan 2001 21:28:57 GMT, [EMAIL PROTECTED] (.) wrote:
>
>
>>Call up 10 fortune 100 companies and ask whoever answers the phone
>>if they know where Guam is.
>
>You have so little faith in humanity.
Offtopic: More than half of the US population, based on a survey
done some time ago, can't identify Mexico. (Hint: south.)
>
>
>>I dont expect you to get the point, claire, so dont even attempt to
>>wrap your pygmie brain around it. It was meant for everyone else.
>
>The point is that there are virtually no companies running Linux on
>the desktop or on their mobile platforms.
>Virtually none.
Exactly. And that means that Windows 2000 is perfect for everybody.
Spot The Flaw.
[.sigsnip]
--
[EMAIL PROTECTED] -- insert random misquote here
EAC code #191 2d:19h:34m actually running Linux.
You were expecting something relevant down here?
------------------------------
From: Craig Kelley <[EMAIL PROTECTED]>
Subject: Re: MS Office Porting to OS X--Linux Next?
Date: 13 Jan 2001 12:09:13 -0700
Edward Rosten <[EMAIL PROTECTED]> writes:
> Craig Kelley wrote:
>
> > Richard Storey <[EMAIL PROTECTED]> writes:
> >
> >
> >> "SAN FRANCISCO -- Apple's Mac OS X got a big boost on Wednesday when
> >> Microsoft said it will ship its Office productivity suite for the new
> >> operating system in the fall. "
> >>
> >> "A working version of the productivity suite, which includes the Word,
> >> Excel, PowerPoint and Entourage applications, was demonstrated at a hotel
> >> near the Macworld conference."
> >>
> >> excerpted from Wired article 2001/01/11.
> >>
> >> Well, I'm new to Linux and I'm no programmer so I hope to get some comments
> >> here to answer the subject question by those who do know. From my limited
> >> knowledge I know that OS X is based on a version of the Mach kernel which
> >> is a BSD version of Unix--right? Therefore, would it not stand to reason
> >> that a port to Linux or FreeBSD would be possible after OS X and would be
> >> done with far less effort than the jump from Win-foo to OS X?
> >
> >
> > Nope. MacOS X uses Quartz. Linux uses X11. They are completely
> > different.
>
> So? One of the beauties of X is its portability. You can get X servers
> for Windows and MacOS which run on top of the existing windowing system.
> An X server would allow any apps to be very easily ported.
Except that Microsoft isn't use X11.
Auqa/Quartz do not run on X11. MacOS X does not ship with X11.
--
The wheel is turning but the hamster is dead.
Craig Kelley -- [EMAIL PROTECTED]
http://www.isu.edu/~kellcrai finger [EMAIL PROTECTED] for PGP block
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list by posting to comp.os.linux.advocacy.
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Advocacy Digest
******************************
