* Posts by Stuart Longland

1320 posts • joined 11 Jan 2008

Page:

Sysadmins, patch now: HTTP 'pings of death' are spewing across web to kill Windows servers

Stuart Longland
Silver badge

Re: Ha, youngster

I'm not looking forward to when this crop start programming SCADA etc. Can you imagine if the software for airliners, traffic control, nuclear power stations etc. was so flakey and without proper failsafes?

Used CitectSCADA lately?

(Disclosure: I've made a bit of money writing MacroView SCADA drivers in recent times which are currently running the backbone of a couple of Defence base energy management systems. No expert but I've done a little bit here and there.)

0
0
Stuart Longland
Silver badge

"'curl' is not recognized as an internal or external command, operable program or batch file."

I guess you need to be running some legacy software / UNIX compatibility package like CygWin or Services for UNIX for that to work!

Not necessarily, like most things on Windows it has to be manually downloaded and installed. If you want an OS to come with these useful tools you'll need to look elsewhere.

" the real WTF is why a http server needs to live in the kernel in the first place?"

For performance of course - fewer context switches. Running it in kernel mode is optional though.

All that security risk for what, 0.5% performance increase? Ohh and by "optional", is it on by default?

For what it's worth, Linux has khttpd. There's probably a good reason why nginx and Apache rule the web server roost on Linux however.

14
5
Stuart Longland
Silver badge

Problem identified - problem solved so what's the problem?

That problem is solved, but the real WTF is why a http server needs to live in the kernel in the first place? Seems the most unsafe place to keep something as vulnerable as that.

As much as you consider the problem fixed, it'll just keep happening again at some point in the future. Apache at least runs as an unprivileged user. Yes, Apache has its holes, but multiple need to be exploited for it to become a system-level (kernel) exploit in most cases.

53
2

Nvidia's GTX 900 cards lock out open-source Linux devs yet again

Stuart Longland
Silver badge

Re: firmware

I would say vendors opening documentation is a lot more important than them providing the source for their (usually horrendous) drivers.

Indeed, the ideal company for me would:

- Publish design documentation for their hardware, sufficient for a driver developer to fully understand and control said hardware.

- Publish a reference driver under an open-source license for an OS that allows distributors of that OS to include the driver and make it available for lay people to use.

- Bonus points for the design documentation making customised firmware possible for the said device, and providing the source code for the firmware. Not strictly necessary, but it then means the user has a lot more freedom in how they use the product.

0
0
Stuart Longland
Silver badge

Re: Terminology issue?

What I don't understand is why you need a modified firmware in the first place. Surely the firmware itself (for the GPU, as opposed to the driver running on the host) is a blob to be uploaded.

Likely it's not that it needs "modified" firmware… the requirement of the device to have firmware uploaded to it is likely for two reasons:

1. The driver and firmware can remain in-sync, updating the driver will automatically update the firmware. Downdating the driver brings the firmware back to a version that driver understands.

2. The actual firmware on the GPU can just be boot-strap firmware which needs little storage and likely rarely needs to change (if ever). Since the driver's provided firmware never gets flashed to anything, there are no permanent changes made making the GPU pretty much unbrickable.

The firmware doesn't need modification, but we do need access to the blob so it can be loaded into the device. Some companies are good at doing this (AMD, Intel), some are horrendous at it (Broadcom). What we DO need to know though, is the interface that firmware presents. Being able to modify it means we can taylor it to suit the environment better → improve performance, but we can live with having it set in stone. We at least need the blob and to know how we talk to it.

The jury is out as to whether NVidia will be in the good citizen camp or if they'll make our lives difficult.

2
1
Stuart Longland
Silver badge

Re: JustNiz

Indeed… Maybe if we wanted proprietary crap running in our kernels we'd use MacOS X or Windows for that?

Life's too short. If I wanted to fuss around with having to go to third-party sites to download drivers I'd do so. Frankly, if it doesn't ship with the kernel or isn't a package in my chosen distribution, I'm not interested.

11
8
Stuart Longland
Silver badge

Re: Terminology issue?

Nope… lots of devices store their "firmware" in RAM on the device and require the host to upload it from a blob.

Broadcom WIFI is another example. They are also an example of a company that deliberately goes out of its way to make life difficult for the open-source world.

I don't have a problem with proprietary firmware per se, so long as the interface to the host computer is documented, open and royalty free. Your widget needs to execute some code from the host? Sure, give me the blob, tell me how to load it into the device, and I'll do it. So long as none of that blob executes on my host, I'm fine with that.

If the terms of licensing for the blob are acceptable, they'll be included in all relevant Linux distributions and users won't even have to think about it. Their brand new widget will JustWork™.

What I hope doesn't happen is that we wind up with NVidia following Broadcom's lead here, necessitating a gtx900-fwcutter project to extract their firmware out of the proprietary drivers like we've had to do for the Broadcom devices.

That, is a royal pain, and was one of the reasons I deliberately avoid laptops with Broadcom WIFI devices.

So far I've had no complaints with the Intel graphics on this Toughbook, but then again, I'm not a gamer. We have some laptops here at work with Intel graphics too and for some CAD work they do okay. ATI/AMD have been historically not bad either with the open-source driver.

NVidia though, so long as they play their silly games, are another mob I'll avoid.

32
2

Netflix fail proves copper NBN leaves Australia utterly 4Ked

Stuart Longland
Silver badge

Re: Yes, without super high def entertainment there is nothing to do.

I agree - but, to be fair - I cannot remember a time when connected bandwidth, for anything over line-of-sight, was greater than sneakernet.

Where the Internet kills me is latency. As I said, try running a SSH connection over that "link". I'd like to be able to do Useful Things at reasonable speed. Useful Things that means I want to be able to upload a truckload of workplace-related data to a site that's about 10km away from me.

At the moment, I can do it, but it's a 3 hour turn-around time. Being able to do this in tens of minutes would be nice. Tens of seconds would be great.

0
0
Stuart Longland
Silver badge

Re: Pay for it yourself

If you don't want to pay for your performance, well neither do I want to pay for your FTTP!

Who do you suggest I pay? Every ISP I've talked to tell me they can't provide me FTTP because the NBN isn't in my area. Offering to pay more does not change the story they give me.

0
0
Stuart Longland
Silver badge
Headmaster

Re: High Bandwidth for Australia who wants that

I'll get my coat. It's the stained one with the kleenex in the pockets.

Please do, they're called "tissues" in this country…

4
1
Stuart Longland
Silver badge

Re: "dangerously behind"

Instead of waiting for GP to Google it you can Google it yourself.

There's a limit to what Google can determine and I'd be very mindful of using it for medical advice. Doctors train for years for a good reason.

1
0
Stuart Longland
Silver badge

Re: 38% @ 12Mbps and 38% at 25Mbps

I'd happily go for 12Mbps now on fibre over 20Mbps on ADSL2.

12Mbps on fibre can be reliably upped to 100Mbps without changing the fibre, and in all probability, without even changing the hardware. In fact 100Mbps is probably a conservative estimate. Gigabit is possible.

20Mbps ADSL2 will go no faster, and even then we're pushing it on today's decades-old copper network.

It's called "future proofing" people!

3
0
Stuart Longland
Silver badge

Re: Cheer up OZ

Lucky you. We might get it where I am in the next decade. I'm not holding my breath.

Thankfully I get a stable ~16Mbps (~2Mbps upload) on ADSL2 which beats the ~512Kbps (and 128Kbps upload) I had when the NBN was first announced. Download isn't too bad, and upload is much better than it was. I know of people who put up with a lot worse.

1
0
Stuart Longland
Silver badge

Re: Dear Malcolm and Tony

I'm surprised they haven't un-apologised to the Stolen Generations.

No, but they did say living out in the middle of nowhere was a "lifestyle choice". For some that might choose to do so for cultural reasons, this could be equally as offensive.

4
2
Stuart Longland
Silver badge

Re: Yes, without super high def entertainment there is nothing to do.

Great for you, I'd like to shift data between my home and my workplace faster than a cyclist with a 32GB USB stick.

How fast is that exactly? Home to work for me on my bike is an hour, roughly.

(32*8*(1024**3)/3600.0) / 1000**2 = 76.35497415111111

So if I take a 32GB USB stick to work, I get 76Mbps. Great, except the two hour round-trip time. Good luck running SSH over that.

Not everything in the world revolves around the "entertainment" industry you know!

13
1

NO, Joe Hockey, a 'Netflix tax' wouldn't raise 'billions'

Stuart Longland
Silver badge

Re: His Name is Joe freakin' Hockey?

You're welcome to him… I assume intelligence isn't a prerequisite for holding a position in government over there?

0
1
Stuart Longland
Silver badge

Re: yep thats right

Yes Minister is such an accurate reflection of today's government it hurts!

Series One, among the first episodes was "Big Brother" (Data retension laws anyone?), a few other contemporary issues too.

This was a television show aired in the early 80's!

4
2

Microsoft, Fujitsu team in Internet of Lettuce effort

Stuart Longland
Silver badge

Lettuce see what they post. Surely it'll be something more intelligent than the dribble we're used to on Twitter and Facebook.

1
1

China weaponizes its Great Firewall into the GREAT FIRE CANNON, menaces entire globe

Stuart Longland
Silver badge

Re: So, what now?

What next, do we need anti-malware in our web browsers now?

HTTP/2? Don't bitch about the always-on crypto and we'll be fine. Call your elected representation and try to get them to push BCP-38 or similar as a chunk of extraterritorial law (this is gonna work best if you're in the US).

Never mind that getting a TLS certificate for a private website hosted on a free subdomain for a not-for-profit volunteer-run group of about 30 people is nigh on impossible and that HTTP/2 isn't yet supported by Apache 2.4 at last check (I read mod_spdy was buggy).

Then there's the situation where encryption is outlawed. HTTP/2 is not a solution for everyone. We need to be able to check that some code is authentic for sure, we don't need it encrypted.

0
0
Stuart Longland
Silver badge

So, what now?

China, whether it be incompetence in administering the Great Firewall thus allowing blackhats to install their malware, or whether it be government interference, is injecting this malware on the rest of the world.

Some of us as individuals can block certain URLs that host the nasty JavaScript. What next, do we need anti-malware in our web browsers now? Do I need to research a suitable plug-in for Squid to install on my workplace's transparent proxy?

0
0

Linux 4.0 debuts with the usual no fanfare

Stuart Longland
Silver badge

Figures…

…a day after I just updated my desktop at home to 3.19. About time I updated the webserver though.

0
1

All Mac owners should migrate to OS X Yosemite 10.10.3 ASAP

Stuart Longland
Silver badge

Re: Duh

Duh

It's here for download https://support.apple.com/kb/DL1804?locale=en_GB

Err Duh, that is an update from 10.10.0 to 10.10.3 not 10.6.8 to 10.10.3.

Yeah, having patches for the older OSes would be nice too, at least for the ones they say are "supported".

As for babysitting a GUI app. I run Linux on this machine 99.9% of the time. That is what most of my applications I use run on, and what I'm most comfortable with.

Occasionally there are tasks that require MacOS X, and for that I dual-boot.

I cannot run the Apple App store from the Linux environment and have it update my MacOS X installation (and lets face it, it'd be unrealistic to expect this), and so to update MacOS X, I have to be running MacOS X at that time, which means I cannot be doing what I'd normally be doing with the computer.

Ergo, I'd be stuck with babysitting the app while it does the OS updates as the applications I'd more likely want to use are on Linux and not MacOS X.

0
0
Stuart Longland
Silver badge

Re: Great

I'm told the installation goes rather quickly from the App store, unless you have a slooow connection to the net.

Define "slooow", I understand the download is in the order of 4-5GB, correct?

RC=0 stuartl@vk4msl-mb /tmp $ wget http://mirror.internode.on.net/pub/test/100meg.test

--2015-04-10 17:49:58-- http://mirror.internode.on.net/pub/test/100meg.test

Resolving mirror.internode.on.net... 150.101.135.3

Connecting to mirror.internode.on.net|150.101.135.3|:80... connected.

HTTP request sent, awaiting response... 200 OK

Length: 100000000 (95M) [application/octet-stream]

Saving to: ‘100meg.test’

100%[===========>] 100,000,000 1.19MB/s in 1m 40s

2015-04-10 17:51:37 (980 KB/s) - ‘100meg.test’ saved [100000000/100000000]

So ~2 minutes for 100MB, that's nearly 2 hours of watching a progress bar for me. No thank-you.

Why the resistance to registering?

Why should I? I don't need to register with Canonical to download Ubuntu do I? Canonical charge me the same amount as what Apple are for updates too I might add.

Furthermore, in this age of company's customer data being tapped, why should I expose myself needlessly? Life's too short to be filling out registration forms and waiting for confirmation emails, just give me the goddamn URL and I'll be on my way.

What, the links at https://support.apple.com/downloads/ aren't good enough for you?

Care to point out the one that gives you the full OS and not just an incremental update? Looks to me the downloads there for OS X 10.10 require you to have OS X 10.10 installed in the first place. Or is there one I missed that updates OS X 10.6→ 10.10?

2
5
Stuart Longland
Silver badge

Great

Now if Apple would provide the https or ftp link which 'wget' can download the Yosemite image from, I can get my box at home to begin downloading it and it'll be ready for me when I get home.

Or are they going to persist with having me register on their site and babysit a GUI app all weekend?

6
8

Australia finds $1 BEELLION to replace No-SQL DATABASE

Stuart Longland
Silver badge

Crikey - with that much they might even be able to afford Oracle's licensing.

Maybe, just… but won't leave much change.

2
0
Stuart Longland
Silver badge

They've got two choices:

- Old-school single database instance with a really big server.

- New-school clustered database with several small servers.

The industry seems to be moving in the latter direction. IBM and Oracle are stuck in the old world.

4
0

Boring fixed 'net users still dominate Oz market

Stuart Longland
Silver badge

Re: I don't understand...

I have an iiNet 1TB plan costing $90 p/month and an iiNet branded Optus plan with 3GB data and $700 worth of calls for $40 p/month.

I'm on Telstra because the places where I'm most likely to use it are places where mobile phone reception is at its worst.

As for 3GB quota for $40… don't make me laugh. 30GB and maybe you're getting somewhere. Besides, what pays for the other $660 worth of calls?

0
0
Stuart Longland
Silver badge

Re: If Australia is anything like NZ

Yep, ridiculously expensive. My plan comes with about 1GB of data for something like AU$30/month, then if I go over, I get slugged 3c/MB.

To put that into contrast, my business grade ADSL2 connection here is 100GB data for AU$80/month, and I get 0.5c/MB if I go over. (Which has happened exactly once when my plan was 10GB/month; we got to 16GB.)

My typical usage on the mobile is maybe 10MB/month. My typical usage these days on the home ADSL is about 25GB/month.

4
0

LG monitor software quietly kills UAC, dev says

Stuart Longland
Silver badge

UAC at least in Windows 7 works as advertised though.

Windows NT and Windows 2000 were a pain in the bum for doing administrative tasks, you had to log out completely then log in as an Administrator. Thus people got into the bad habit of always running as Administrator.

Windows 2000 had a hack that if you renamed something to 'setup.exe', it'd ask if you wanted to run the program under another account.

Windows XP extended that so you could right-click on any shortcut or .exe file and select "Run as", it still wasn't anything complete. A plus though, you could at least switch user.

Then UAC came along: and it had the smarts to prompt you for an administrator log-in. No more having to log out or switch user. In Windows 7 I've set up two machines like this: the normal user account is a "Power User", and for administrative tasks, there is a separate "Administrator" account. Even my mother can figure it out. It Just Works.

It's basically the 'su' feature that Unix has had for decades. Finally Microsoft has caught up on that front, now if only they'd pull their finger out and fix up the rest of the mess.

7
1
Stuart Longland
Silver badge

Not surprising.

LG's pretty terrible at anything IT-related.

This is the same company that released CD burners re-implementing the ATAPI "flush" command as an "erase firmware".

We also have a LG laptop, a LG P1 Express. Great machine, until you try to upgrade its stock 100GB HDD. Instant BIOS boot-loop. No BIOS update on website, and their telephone support don't seem to know anything about LG laptops.

3
0

Sysadmins: Step away from the Big Mac. No more Heartbleed-style 2am patch dashes

Stuart Longland
Silver badge

Re: Is patching still the right thing to do?

Hmm, I dunno.

To patch Heartbleed:

RC=0 stuartl@sjl-lxc-wheezy32 /tmp/build $ apt-cache show openssl | tail

scope::utility, security::cryptography, security::integrity,

use::checking

Section: utils

Priority: optional

Filename: pool/main/o/openssl/openssl_1.0.1e-2+deb7u13_i386.deb

Size: 693616

MD5sum: 45e9d2fbc92509a91469cf6f3eb99ab2

SHA1: 98e923d7056f2a2d7f2053bf12c7d4646b501738

SHA256: 42f1cc4125b9cef951e3eba3bdfb6b916c36f58863fba9790baca3f38eec0d00

Time to patch: about 10 minutes including download and reboot.

To download, install and configure an instance of Debian Wheezy: about an hour or two.

0
0

Can't patch this: Mozilla pulls Firefox encryption feature after just a week

Stuart Longland
Silver badge

Re: 100% False Positive rate

As far as almost all users are concerned, certificate warnings are almost 100% false positives. Usually it's either a legitimate self-signed certificate,

Acceptable for some websites, but I wouldn't want to do business with a bank that was using a self-signed certificate unless they provided me the certificate to me on a USB stick supplied to me at a branch.

Given the technological prowless of the general public, I don't see this happening.

a server somewhere has changed its name,

Man in the middle mean anything to you?

the certificate has expired

Every day a key pair is used is an extra day people have to either brute-force or steal the private part of it. Rotating them on a regular basis is a healthy thing to do.

or some other annoyance. And although they are not common, most users just ignore them, so that they will eventually ignore ALL certificate errors..

In my experience the certificate errors can be a right pain to try and bypass. Especially for the illiterate (and yes, they do sometimes use computers).

0
0
Stuart Longland
Silver badge

Re: Mozilla backtracking on new features

They did on TIFKAM

Actually, they haven't, yet… Windows 10 will represent a backtrack on TIFKAM but isn't yet released. Windows 8.1 is still 90% TIFKAM-centric out-of-the-box.

0
0

Dot-com intimidation forces Indiana to undo hated anti-gay law

Stuart Longland
Silver badge

Re: It's called freedom, folks

Here, the pizza shop in question is indeed soley owned by a Christian family who have the right to their own brand of religious beliefs. Anyone crying about discrimination is being an ass.

Depends on the circumstances. In the example the proprietor gave, the customer is in no way enforcing their beliefs on the proprietor or any of their customers. They are simply customers. Nothing more. The purpose for the product (pizza in this case) is largely irrelevant. People don't have to know where it came from.

If however, the gay couple wanted to hold the ceremony in the shop, then the proprietor might have some grounds as it could be seen that they are somehow endorsing the ceremony.

The freedom cuts both ways too, in that country not only has the proprietor got "freedom of speech" to say "no", but the customer has "freedom of speech" to tell people they were told "no" and the reason they were told "no". If they cannot accept the latter reality, they should really not exercise the former.

0
0
Stuart Longland
Silver badge
Facepalm

"GAYGESTAPO"

"Stand tall! Keep fighting! Millions of good folks have your backs. If we don't beat back the GAYGESTAPO Christians will be back in the CAVES just as in Roman times!"

By the sounds of things, if it weren't for the "GAYGESTAPO" as you put it, you would still be in the CAVES. How much of modern life is dependent on computer-based equipment? You know, those electronic things that are descended from Alan Turing's code-breaking machine?

17
2

Big Blue securo-bods warn of dire Dyre Wolf AMONG WOLVES

Stuart Longland
Silver badge

Re: Because

So you're saying we should leave ourselves to get suckered into some social engineering con?

0
0
Stuart Longland
Silver badge

Re: I am not the big bad wolf I'm granny with a sore throat.

Today's "youff" probably have never heard that story.

1
0

Popular crypto app uses single-byte XOR and nowt else, hacker says

Stuart Longland
Silver badge

If 8-bit XOR is the best this mob can do for "encryption"…

… I shudder to think how they might be deriving or sharing the AES-128 key.

0
0

Nvidia v Qualcomm, Samsung: Thumbs up from judge in patent row

Stuart Longland
Silver badge
Facepalm

Re: So...

Nope, someone will have patented that too.

1
0

Project Spartan: We get our claws on Microsoft's browser for Windows 10

Stuart Longland
Silver badge

Re: One question:

All the "this is not the browser we're looking for" crowd might consider waiting until it's out of alpha-preview before making that call. Oh wait, MS product, of course they won't.

Name one software product from any company that could be considered beyond "alpha-preview"… the IT industry has a terrible record for incomplete and failed projects.

0
1

The coming of DAB+: Stereo eluded the radio star

Stuart Longland
Silver badge

Re: DAB...

I suppose if I replace the car then one might appear as a result of that, as it has for my parents.

We recently replaced the vehicle in our household with a new one due to a microcrack in a crank shaft pretty much writing off the previous one.

The replacement was a Holden Colorado, bought in 2014. Guess what? We have FM and AM, we can stream from Bluetooth and play back media on a USB stick, but not receive DAB+.

That said, the places that vehicle will go, we'll probably be more likely to hear something on one of the shortwave bands using the Icom IC-706Mk II G we have in there than anything on the in-car entertainment system. (Now if only there was a line-in jack that we could plug the '706's headphone jack in to.)

1
0

Can your code survive crappy 2G? This open-source traffic controller will test it

Stuart Longland
Silver badge

Re: Back when I was a boy ....

We assumed everyone would be on dialup and built for decent download/ performance at that speed, and those on a fat pipe got our pages screaming fast.

The industry practice at the turn of the century was apparently to design for a screen resolution of 800×600 and a 28.8Kbps modem. Horizontal scrollbars or load times greater than 20 seconds were to be avoided.

I don't know what they design for today.

0
0
Stuart Longland
Silver badge

Re: 2G?

I used to browse the web at 9600bps, a lot slower than 2G speeds. Still have the modem (Maestro Executive 144) and yes, I have used it this century (gotta love work-related projects with legacy hardware).

The only thing we didn't have then was that Flash was pretty much unknown and HTML4, CSS and the JavaScript DOM were new concepts. XMLHTTPRequest didn't exist then either.

A well written modern web app should still be able to cope with such a link. It won't be fast, but there are efficiencies in the use of re-usable cacheable components such as JavaScript libraries, CSS and XHR which would reduce the bandwidth if (hah!) used correctly.

0
0

Day FOUR of the GitHub web assault: Activists point fingers at 'China's global censorship'

Stuart Longland
Silver badge

Why thank-you Baidu

You've just given me an excuse to block your JavaScript objects.

The fact that I barely noticed your failed DDOS only makes this more amusing.

Advanced users: even though the untrusted sites blacklist has no listing UI of its own, you can mass-edit it either modifying the noscript.untrusted about:config preference or using the Import/Export functionality of the NoScript Options|Whitelist panel, knowing that the untrusted entries are exported under an [UNTRUSTED] header.

— NoScript

I guess that's the answer.

2
0

Chrome trumps all comers in reported vulnerabilities

Stuart Longland
Silver badge

Re: It looks as though . . .

Indeed, but at least with Chrome it doesn't lock you in to one OS. Unlike IE6, it natively runs on MacOS X and Linux, so no need to do ritual sacrifices getting IE6 installed in WINE (been there, done that) or running a VM/dual-booting to check your site is still compatible with the great unwashed.

It is also separate from the OS, so unless actually being used to browse, it poses a minimal risk.

1
0
Stuart Longland
Silver badge

Re: half truth statistics coming from Secunia.

I had no idea Google rewarded those who report vulnerabilities with a Bounty. I prefer a Twix myself, but hey, chocolate is chocolate.

So long as they don't make the mistake of sourcing it from the US of A.

http://www.theregister.co.uk/2014/10/26/usa_needs_to_learn_about_decent_chocolate/

0
0
Stuart Longland
Silver badge

Re: I wonder how they measure vulnerabilities in Gentoo and Solaris.

I think Secunia simply counts notices put out by vendors, they don't actually analyze them and apply any judgment. This means that the more conscientious and detailed a vendor (or distro) is about informing their customers (or users), the higher the vulnerability count they will have.

Well, Alex Legler posted this article regarding the state of affairs in Gentoo. Alex's roles include Security.

There he contrasts with probably our biggest competitor, Debian, which features much lower down the list. This makes me suspicious of the stats that Secunia put out, including those for Microsoft OSes. (i.e. is a vulnerability in IE6 counted for Windows XP even though XP users can move to IE8? Windows 8.1 can run Office 97, does a vulnerability in that count there too?)

I think this suggests any stats given by Secunia on OSes other than Windows should be taken with a grain of salt.

1
0
Stuart Longland
Silver badge

I wonder how they measure vulnerabilities in Gentoo and Solaris.

Particularly Gentoo, since out of the box, Gentoo has practically no packages installed and doesn't even have the ssh daemon enabled.

Solaris is fairly spartan when first installed too from what I remember.

(Full disclosure: I'm a former Gentoo developer.)

15
1

'If people can encrypt their cell phones, what's stopping them encrypting their PCs?'

Stuart Longland
Silver badge

Yep, and even Windows has had bitlocker for years. (Windows XP had some form of encryption I recall.)

Some USB sticks have also had encryption with varying levels of security from "barely foil a computer newbie" to "near NSA-proof".

So nothing new here.

4
0

Make up your mind: Microsoft puts a bullet in Internet Explorer after all

Stuart Longland
Silver badge

Re: This is a good idea

Why would they do that? Windows already has pretty much state of the art kernel design - being a hybrid microkernel and fully modular.

They did in 1993. Sadly they botched it up two years later with Windows NT 4.0 and it's been downhill ever since. Some things have improved, but Windows has changed a lot from its original microkernel beginnings.

The "kernel" is hevily polluted with code that simply does not belong there, as evidenced for example by the recent Truetype font exploits leading to system level code execution.

For all Windows' modularity, they don't seem to push that much. For example, I cannot have a desktop environment without IE being there, not since the release of Windows 98. (Windows 95 and NT4 could, and did out of the box.) It's an "all or nothing" experience, the "all" being the full fat desktop with all the crap, and "nothing" being the Windows Server core, which is not available on any version of Windows other than the "server" edition.

5
0

Page:

Forums