You weren't asking me, but syntax highlighting in vim is way nicer on the eyes with 256 colours.

That is the only thing I want to have it for though.

The Adobe Exploit Runtime offers simultaneous support across Windows, OSX, and Linux for a cutting edge vulnerability

Not so fast... most of us Linux users are falling behind in our access to cutting edge vulnerabilities.

Sure we still have plenty of the old ones to play with, so it isn't all bad.

I imagine we'll end up with the Nutrimatics version of that instead.

I understand their personal motivations, but everyone has to understand that this does not make the OpenSSL ecosystem safer, it only makes the OpenBSD specific port of OpenSSL safer. The rest of the world will still be subject to any vulnerabilities and shortcomings in the code, because they are not intent on contributing this code back to OpenSSL.

While you are correct (for now), you're not thinking far enough ahead. I reckon a year or two down the road there will be a portable version of this library just like what happened with OpenSSH when they forked SSH for themselves. ie OpenBSD becomes the new upstream for libssl rather than the existing OpenSSL team.

There is a reasonable chance the portable version of the fork could eventually end up taking over from OpenSSL by default on the other BSDs and some Linux distros.

Seriously, could they screw the pooch any harder than they are right now?

Hundreds of commits, after just *DAYS* of testing? I've never seen a faster or more reckless release cycle for code changes, ever.

This just tells me they are putting in hundreds of basically untested code changes, which is what got us into this mess in the first place.

OpenSSL is dead to me now.

Let me guess... someone else who thinks that the OpenBSD team and the OpenSSL team are the same people?

Hint: they're not. This is a fork of the OpenSSL libraries used in OpenBSD and not intended for anyone else. If after some time it stabilises and turns out to be a good move (I'm guessing it will), then some other people are likely going to want to maintain a portable version that can be used on other platforms - just like what happens with openssh plus the odd other project eg openntpd.

I think the grandparent was right. MS now is hugely better than the MS of 10-15 years ago. I'm not going to try and objectively prove that as I don't care enough about MS and probably couldn't anyway.

But the NT4 to XP/2003 era was appalling security wise - but they changed that. IIS went from swiss cheese to one of the tougher web servers to break. You just don't hear any more about the kinds of problems they used to have. If you endured those days or just laughed from the sidelines, you don't need any hard data to see that they have improved a lot.

I found this paper from Theo de Raadt illuminating though. He steps through 10+ years of OS hardening techniques OpenBSD has put in place to prevent badly written applications misbehaving. Towards the end he summarises how other platforms do this stuff - the only other platform that did it all by default was Windows (yikes!).

All this episode does is to remind us that security is hard. Encryption is even harder.

In general maybe. This issue had nothing to do with encryption though (or hard security stuff even).

It was a very basic input checking error in a massively crusty overly obfuscated and badly written/documented codebase that all kinds of people have been tacking 'kitchen sink' style features onto for years. It's almost as if the codebase is actively trying to counteract the 'many eyes' effect.

OpenBSD has already taken on their fork and started stripping out cruft - who knows that fork could end up having a portable version that everyone else starts using (like with OpenSSH).

Companies like Google and RedHat etc are presumably going to be putting some extra resources into OpenSSL to help clean it up. It's importance means they would be crazy not to. Hopefully they also put some resources into funding/helping the OpenBSD fork too as a better longer term option.

Climate change is to actual environmental science while Jenny McCarthy is to Vaccines. The real truth is being subverted by the Al Gore et al bs that serves no one but a few corps.

So... are you saying that climate change claims that actual environmental science causes autism?

Nah, that can't be it - I'm not sure climate change actually claims anything itself. Although Anthropomorphised Global Warming does have a nice ring to it.

Hmmm... thinking about it some more, I suspect you are cleverly using autism as more of a metaphor here (or is that a simile?).

So you must really be saying that the only research that ever backed climate change was a fraudulent discredited study by Al Gore and his corporate conflicts of interest? And a significant percentage of the public is swayed by misguided celebrity followers of Al Gore all the while ignoring the existing research from actual environment science that can't find any evidence of climate change?''

Is that more like it?

So, thanks for the "simile face", but just because Japan is not the US does not mean everything is hunky dory with Bitcoin in Japan.

That wasn't a simile face. It was like a simile face though.

A graphical programming model is probably going to be too simplistic, but the card example could easily be something like Cards.AceOfSpades.

That's the way I like it baby

I would think licensing wouldn't be much of an issue. Facebook probably maintain their own internal custom linux distro. GPL incompatibility between ZFS and the kernel presumably wouldn't be a problem as they wouldn't be distributing it to anyone else.

I could be wrong though :)

Am I the only one who LIKES Unity?

Nope. I hated it at first, and held off really using it until 12.04. But it has steady improved and as I've got used to it I've come to like (most of) it.

I'm not emotionally invested in it though - every now and again I'll think I need to switch to something else and I'll go back to Debian with some other desktop, but the others just seem less polished and I end up back on Unity again.

It's not just me either - recent Ubuntu releases have meant the small software company I work for have gone from 5% Linux and 95% Windows to 80% Linux and 20% Windows over the last couple of years. Of the Linux desktops, they are all *buntu and about 80% Unity, 10% KDE, and 10% Gnome3.

Back Pedal = to engage the reverse pedal brakes of a bike to slow down, or reverse on a bike with a fixed cog.

Or as with most bikes these days...

Back Pedal = flail about pointlessly.

Kinda apt I think.

He doesn't need to. There's already been a relatively recent crappy Beowulf movie made.

I beg to differ. Personally I thought Braindead was better than Meet the Feebles.