![](/i/fill.gif) |
![](/i/fill.gif) |
|
![](/i/fill.gif) |
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
On 17/10/2011 07:10 PM, Darren New wrote:
> Um, lots, yes. You think there haven't been any new internet protocols
> since mid-1990's?
Basically, yes?
>> 3. Since old versions of Windows send everything unencrypted, you would
>> think that means that new versions have to send everything unencrypted
>> too,
>> for the sake of backwards compatibility.
>
> Unless the protocol was invented after SSL, at which point there is no
> backward compatibility requirements with pre-encryption protocols.
Active Directory uses Kerberos authentication, but by default it still
generates weak-arse LANMAN password hashes for backwards compatibility.
So it doesn't matter how strong Kerberos may or may not be, because you
can just attack LANMAN instead.
That's just one example of how backwards compatibility tends to
completely ruin any attempt at security.
Post a reply to this message
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
>> And yet, every PC I've had a chance to observe is still running XP.
> Past time to get a new job.
True, but not for this particular reason. ;-)
>> Now obviously I haven't been able to observe every PC in the country.
>> I'm sure a small minority of them are running something newer.
> Most new PCs come with Win 7 now. It is after all the year of the worn
> tuppence.
My new laptop [which isn't so new now] came with Vista. I don't use it
all that often [I don't leave the house much], but it's there.
Question is, how often does the average person buy a new PC? Not very often.
>> I do know that whenever I see a PC running a shop till or whatever,
>> it's running XP. (Or MS-DOS, weirdly enough...)
> Time you changed your town.
Of all the reasons to move to another town "because the tills run
Windows XP" has to be one of the lamest reasons ever! :-P
Post a reply to this message
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
From: Invisible
Subject: Re: Is this the end of the world as we know it?
Date: 18 Oct 2011 05:20:59
Message: <4e9d44fb@news.povray.org>
|
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
> "I don't know of anybody who's using it yet."
>
> I'm using it. In a VM. So there's one. ;)
There's always one. ;-)
No, seriously. I'm not saying nobody on Earth is using it. I'm sure
people are. I just said that not /many/ people are using it yet. I
imagine that will gradually change over time.
> The reason one asks for help is when something is beyond one's skill
> level.
Sure.
> When I'm giving technical interviews, you might recall, I ask questions I
> know the candidate doesn't stand a chance of asking. The reason I do
> this is to find out how they learn beyond their current skill.
That's kind of evil. I'm not sure how somebody sitting in an interview
chair is supposed to solve a problem right there on the spot. I mean,
it's not like they can go away and look stuff up...
> You seem to think there's no point in asking questions to learn more.
> That's troubling. You *have* the ability to learn, and you seek out
> information when it suits you. But at the same time, you declare
> something as "impossible"
If I wanted to know how to live forever, I wouldn't bother posting a
question in an online forum. You know why? Because... it's...
impossible. It's not that I don't know how, it's that IT CANNOT BE DONE.
Now with software we're dealing with somewhat less absolute quantities.
I gather that if you read Linux From Scratch, it actually directs you to
where you can download the source code for an entire Linux/GNU system
and compile just the parts you want from source. YOU do the dependency
management by hand, and in theory you can alter the source code to
remove dependencies you don't want. So hypothetically it's *possible* to
work around any given distro's poor dependency management. Does that
mean I actually want to go to such extremes? Not really, no.
> (remember the discussion we had a couple years
> ago about debugging a kernel? You uncategorically declared it was
> impossible to do so, and I told you that I had actually *done* so myself,
> but you still refused to believe it was possible to use a kernel debugger
> to get anything useful out of a crash).
I still don't get how you can take megabytes of unformatted raw binary
and glean anything remotely useful from it, but hey. Apparently there's
some kind of black magic that makes this possible...
> You need to revise your view on that kind of thing and admit that you
> don't know *everything*, but that there are people who know *more* than
> you do and that you could *learn* from them.
The greatest knowledge is in knowing that you know nothing.
On the other hand, if you punch a brick wall with your fist, it hurts. A
lot! Now do you assume you're just doing it wrong, and go ask an online
forum how to do it "right"? Or do you just stop punching walls? I know
which one I'd go for... I guess that makes me ignorant then.
>> My limited experience is that when you ask for help, you get no reply.
>> Or you get a few replies from people who don't really know how to help
>> you, but they try to offer you some kind of useful information anyway.
>
> Your experience is limited; you need to gain more experience.
If you try something, and it doesn't work, you can keep trying it over
and over again, or you can try something else. Which option is the most
rational?
(I guess it's a question of degree, of course. If you give up at the
first try, you'd never get anywhere. Then again, if you keep doing
something that clearly doesn't work, you're also not going to get
anywhere...)
>> What's to understand? Dependencies are tracked at a fairly coarse level.
>> It is what it is. Just live with it...
>
> So, there's absolutely nothing more you can learn about dependency
> tracking in Linux?
Package managers track package dependencies. Packaging teams write those
dependencies. Sometimes their structure is a little coarse. What more is
there to learn?
> Some dependencies are very coarse, yes. Some are not. Your assumption,
> based on a high level understanding, is incomplete - and you certainly
> *could* ask for more information about it and possibly even contribute to
> making it better.
IME, although the open source development model means that theoretically
anyone can contribute to improving the product, in practise this doesn't
work. It's extremely rare for submitting a bug report to actually result
in a fix. [That's assuming the problem is even strictly speaking a "bug"
and not merely a "hey, maybe if the system looked more like THIS it
might be better".] Actually contributing code is usually a practical
impossibility, for various reasons.
I'm sure somebody somewhere is committing code. But for most of us, it's
just not an option.
> Or at least understand it better, instead of parroting an explanation
> that the MS-fanbois just love.
The irony is, I used to be the biggest Microsoft hater ever. I was used
to using AmigaOS, an operating system which ACTUALLY WORKS PROPERLY.
Compared to that, everything to come out of Redmond seemed like the
biggest pile of junk ever. And then along comes Linux. It's based on
tried and tested technology. It has powerful tools. It has uptimes
measured in decades. It's faster and more efficient. It sounded so exciting!
Of course, initially Linux was a total PITA to set up and actually use.
You needed to know all sorts of exotic technical details about your PC
in order to get it to install. Making X11 work was basically a hopeless
task.
Obviously things have improved considerably since then. I still remember
when KNOPPIX first appeared. An entire OS that you can just boot off a
CD, without configuring anything, and it just WORKS. Most of the time.
OK, sometimes. Back in the day, that was a stunning achievement. These
days *every* distro has a live CD. But once upon a time, it was really
impressive to be able to modify a distro to the point where it can be
run from a read-only filesystem small enough to fit on one CD.
(KNOPPIX itself has since gone all minimal. But there are lots of other
live CDs available now...)
I make a point of always having a few Linux live CDs around. You never
know when you're going to need to mount a Linux-formatted filesystem, or
quickly format a disk without installing an entire OS first, take a raw
drive image of something, or whatever.
Over time, however, I came to realise that Linux doesn't actually seem
to be much more efficient than Windows. That used to be one of the big
things people talked about: you can run Linux on a 283 with 16MB RAM,
and it WORKS, and it WORK WELL. Try doing that with Windows! But you
know what? It's a long time since I've seen a distro that can still do that.
There was a time when Windows used to crash constantly, PCs were barely
powerful enough to run it, configuring it was tedious and complicated,
applications would never uninstall cleanly and often wouldn't install
cleanly in the first place... and basically the entire thing just
sucked. No wonder so many people hated it!
Over time, Windows has gradually become less sucky. And I haven't used
an Amiga for a very long time, so I no longer have any truly great
software to compare it to. Linux has improved dramatically as well, of
course... The latest Ubuntu basically asks you for a username and
password, and then just *installs* itself. Next time the PC reboots, you
have a fully-functional Ubuntu install. It doesn't /get/ much simpler
than that. (Although I dread to think what happens when it goes wrong...)
Essentially, things have evolved to the point where you can compare
Windows and Linux, and see that each of them actually have merits
compared to the other. And the point we're currently arguing about is
one of them. On Windows, you just *install* stuff, and it works. Under
Linux, you try to install stuff, and mostly it just works... except when
it doesn't. And then all hell breaks lose.
I'm not saying the entire Linux system sucks. I'm saying one specific
aspect of it is annoyingly difficult. And yet, everybody is yelling at
me like I'm some noob who installed Linux, tried it for ten minutes, and
couldn't figure out what the A: drive is called now so I gave it. It's
not LIKE that AT ALL. And it irritates me when people tell me I don't
know what I'm talking about...
Post a reply to this message
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
>>>> Wait - YaST has documentation?
>>>
>>> Um, yes. man yast for starters.
>>
>> Surely that just tells you the command name and what switches it has?
>
> TRY IT.
>
> That *is* in fact what documentation is, though, so yes - it has
> documentation, and it's included in the man page.
Right. Well knowing what the command switches are isn't going to help me
configure Apache, is it?
>> You're assuming that I'm just doing it wrong, and not that it's actually
>> a poorly designed system.
>
> I'm assuming you can be taught. You seem to have an aptitude for
> learning, but you also seem to think that if you believe something is
> impossible, then it damned well is impossible - and nothing anyone says
> is going to change your mind.
If somebody told you that the Earth is in fact flat, would you take the
time to sit down and have a rational conversation with them? Or would
you just be like "psssh, yeah RIGHT! Bye..."
Likewise, if you use a piece of software and it's clunky and awkward to
use, and somebody else is all like "it's divine and perfect and flawless
in every way, you're just using it wrong", are you likely to investigate
what they're saying?
>> In my experience:
>>
>> 1. The user-friendly front-ends tend to be quite fragile. If something
>> breaks, you still need to go edit the underlying text file by hand.
>
> My experience with the supposed 'fragility' of those tools is different.
> <shrug> Maybe 10 years ago it was, but not today.
Well, I suppose short of me spending the next 10 years using Linux all
day, there's not much we can do to resolve this particular point.
>> 2. The user-friendly tools are completely different for every distro.
>
> And if you learn how to do it with the config files, then you're good for
> most crossplatform applications. So you have to decide - do you want to
> learn it on a specific distro, or do you want to generalise?
>
> Or do you want to accept that there are different tools, and which one
> you use depends on what you know - and take the time to actually learn
> the tools if you switch from Fedora to openSUSE?
Right. It seems we agree.
> Or you use Webmin, which actually *does* (a) work the same regardless of
> distribution, and (b) can manage the services on multiple distributions.
>
> I mean really - I used it to manage configuration on SunOS, exactly the
> same way I used it on RedHat and SUSE.
>
> But of course, you want to believe that doing so is impossible, so I
> must've imagined it, right?
Like I said, the normal way to configure Linux applications is via
exiting textual configuration files. I never said it was "impossible" to
do it any other way. I just said that that is the main cultural focus.
Which is different from the cultural focus on Windows. That's all I was
trying to say. Sheesh...
>> I haven't seen much "evidence to the contrary". The entire Unix
>> philosophy seems to revolve around doing everything from the command
>> line.
>
> If you haven't seen much evidence to the contrary, you haven't been
> looking. Really, you haven't. I talk to Linux developers fairly
> regularly, and to application developers on occasion who work on OSS
> applications for Linux. Banshee isn't just a front-end to CLI tools.
> Neither is F-Spot. Neither is Photivo. Neither is OpenOffice. Neither
> is [...] - the list goes on and on and on and on and on and on and ON.
OK. So I've actually heard of one of the items on that list. I'll give
you that.
> As I recall, it was seen as an appropriate punishment.
> As I recall, they have a specific release of Windows for the EU that
> allows IE to be removed (completely, IIRC).
My spider-sense says something about Windows Media Player... I guess I'd
have to spend a few hours Googling it to find the real answer.
Post a reply to this message
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
From: Stephen
Subject: Re: Is this the end of the world as we know it?
Date: 18 Oct 2011 06:20:04
Message: <4e9d52d4@news.povray.org>
|
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
On 18/10/2011 10:29 AM, Invisible wrote:
> Likewise, if you use a piece of software and it's clunky and awkward
> to use, and somebody else is all like "it's divine and perfect and
> flawless in every way, you're just using it wrong", are you likely to
> investigate what they're saying?
I would if I respected the person and their opinions. In fact I have
done so. I even installed Linux at one time but never got round to
asking anyone to help me. *Mea culpa* :-[
--
Regards
Stephen
Post a reply to this message
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
On 18/10/2011 9:15 AM, Invisible wrote:
>>> And yet, every PC I've had a chance to observe is still running XP.
>
>> Past time to get a new job.
>
> True, but not for this particular reason. ;-)
>
True but it is symptomatic.
>>> Now obviously I haven't been able to observe every PC in the country.
>>> I'm sure a small minority of them are running something newer.
>
>> Most new PCs come with Win 7 now. It is after all the year of the worn
>> tuppence.
>
> My new laptop [which isn't so new now] came with Vista. I don't use it
> all that often [I don't leave the house much], but it's there.
>
> Question is, how often does the average person buy a new PC? Not very
> often.
I bought my current Laptop a year ago and my previous one two years
before that. That one came with Vista and a Win 7 upgrade disc.
I change my laptops, about every two years for one reason or another.
But then I don't have a desktop and use them a lot. I also travel a lot
so I want a Pov-worthy one.
On my last contract the consultancy firm (CSC) were rolling Win 7 out to
all their laptops from either Windows Server 2008 or Vista. The client
were going from Vista to Win 7.
>
>> Time you changed your town.
>
> Of all the reasons to move to another town "because the tills run
> Windows XP" has to be one of the lamest reasons ever! :-P
Okay! I did not see *tills *I'll give you that. But even so... ;-)
--
Regards
Stephen
Post a reply to this message
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
>> Question is, how often does the average person buy a new PC? Not very
>> often.
> I change my laptops, about every two years for one reason or another.
Clearly you have drastically more money than me. I'm still trying to
scringe together enough money to afford the CPU to go with the
motherboard I just bought...
>>> Time you changed your town.
>>
>> Of all the reasons to move to another town "because the tills run
>> Windows XP" has to be one of the lamest reasons ever! :-P
> Okay! I did not see *tills *I'll give you that. But even so... ;-)
By an unusual coincidence, I've just come back to my desk after trying
to fix one of the three Windows NT machines we're still using... I
wonder if that control software works on XP?
Post a reply to this message
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
From: Stephen
Subject: Re: Is this the end of the world as we know it?
Date: 18 Oct 2011 07:18:34
Message: <4e9d608a@news.povray.org>
|
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
On 18/10/2011 11:42 AM, Invisible wrote:
>>> Question is, how often does the average person buy a new PC? Not very
>>> often.
>
>> I change my laptops, about every two years for one reason or another.
>
> Clearly you have drastically more money than me. I'm still trying to
> scringe together enough money to afford the CPU to go with the
> motherboard I just bought...
True, time you changed your job. It is not as if I am more clever than
you. I failed my 11 plus. >:o
--
Regards
Stephen
Post a reply to this message
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
From: Darren New
Subject: Re: Is this the end of the world as we know it?
Date: 18 Oct 2011 12:03:43
Message: <4e9da35f@news.povray.org>
|
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
On 10/18/2011 2:20, Invisible wrote:
> I just said that not /many/ people are using it yet.
I think you're mistaken. I haven't seen any machines but my old ones running
Win7, and even my old ones two generations back are running Vista at this point.
> I still don't get how you can take megabytes of unformatted raw binary and
> glean anything remotely useful from it, but hey. Apparently there's some
> kind of black magic that makes this possible...
"I can't do this. Thus, it must be magic." I feel like playing Yoda here.
> If you try something, and it doesn't work, you can keep trying it over and
> over again, or you can try something else. Which option is the most rational?
The "something else" would be "ask someone."
Unfortunately, software development has turned into a social endeavor the
last decade or so. You can no longer obtain, learn, and use software without
talking to other people who have written or obtained, learned, and used the
same software.
> latest Ubuntu basically asks you for a username and password, and then just
> *installs* itself. Next time the PC reboots, you have a fully-functional
> Ubuntu install.
And you know something funny? People who made that work get a lot of flak
from the rest of the Linux developer community because they're working on
user friendliness instead of on patching the kernel to frobulate 3% faster
or something.
> Essentially, things have evolved to the point where you can compare Windows
> and Linux, and see that each of them actually have merits compared to the
> other. And the point we're currently arguing about is one of them. On
> Windows, you just *install* stuff, and it works. Under Linux, you try to
> install stuff, and mostly it just works... except when it doesn't. And then
> all hell breaks lose.
I've never had software from a repository not "just work" when I installed
it. Certainly no worse than Windows, which will still occasionally get
confused enough to need you to uninstall and reinstall a device driver.
> And it irritates me when people tell me I don't know what I'm talking about...
It would probably help if you less often proclaimed that you don't know what
you're talking about in other fields. :-)
--
Darren New, San Diego CA, USA (PST)
How come I never get only one kudo?
Post a reply to this message
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
From: Darren New
Subject: Re: Is this the end of the world as we know it?
Date: 18 Oct 2011 12:07:35
Message: <4e9da447@news.povray.org>
|
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
On 10/18/2011 1:12, Invisible wrote:
> On 17/10/2011 07:10 PM, Darren New wrote:
>
>> Um, lots, yes. You think there haven't been any new internet protocols
>> since mid-1990's?
>
> Basically, yes?
http://www.ietf.org/download/rfc-index.txt
> Active Directory uses Kerberos authentication, but by default it still
> generates weak-arse LANMAN password hashes for backwards compatibility. So
> it doesn't matter how strong Kerberos may or may not be, because you can
> just attack LANMAN instead.
Well, unless you've installed one of the newer operating systems in the last
12 years, or changed the default.
> That's just one example of how backwards compatibility tends to completely
> ruin any attempt at security.
It's an example of how someone who knows the default is insecure and doesn't
need the backward compatibility hasn't yet changed their AD to use the more
secure hashing?
--
Darren New, San Diego CA, USA (PST)
How come I never get only one kudo?
Post a reply to this message
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |