Look, guys. Got to face this sometime.

America just isn't as young as it used to be.

Forty years ago? Sure. We could get a rocket up, in little time at all. And though we'll certainly never forget that first time - we were ready to go again just a few short years later.

But face the facts, people. The country isn't a spry 193 anymore. Let's just have hope that NASA is trying its best, Although its worrisome that the launch date doesn't seem very firm, just keep in mind - nothing would be worse than a premature launch.

We don't intend to disappoint.

Why the fuck is this on Slashdot?

The fact that buffer overflows are even still possible is rather silly.

It's even sillier that a user's processes are allowed to run rampant with his or her privileges.

You can't. But then again, you can't really trust the pre-flashed chip as it came from the scary third world country either.

If you're feeling frisky, you can reflash in the hope that you've exceeded the sophistication of anything in the wild.

It's a little sad that you managed to interpret it that way. I'll chalk it up to some level of localized prejudice - a unique flavor, in fact. I still haven't figured it out after several searches.

Giving an unknown piece of software admin rights is stupid. We can't fix that.

Giving an unknown piece of software user rights is still REALLY GODDAMN DANGEROUS for no legitimate reason. Modern operating systems still don't sandbox processes - we sandbox users. Instead of coming up with something _new_, we take concepts originally from giant, multiuser, sysadmin-controlled machines and put them on your mom's laptop.

All of the major operating systems in use to day adopt the unix-y model of multiple users, isolated from one another. Who cares if a user program does something stupid and nukes a document? That's their problem, the other users are fine. Well, at some point we decided that personal computers needed Real Operating Systems(tm) too, so memory protection and multiple user support is to be expected. A vanilla OSX, Linux, or Windows install has several user accounts, a number of which are for various background services. Hey nifty idea - if you give a process like Apache its own user account, it's a bit more isolated! That's kind of nice. But Firefox has _my_ privileges. Pidgin has my privs. Hell, that windows app I'm running in Wine has my privs. A process is the user running it, huh...that doesn't make sense on the desktop.

Grandma should be able to run Conficker.exe and punch every monkey that she sees. The fact that a process can access my personal files (without going through a privileged file chooser) or intercept keystrokes, or just about anything else.

Processes aren't their users. We need to protect users from processes as much as users from each other.

It's a fucking sad state of affairs. Is our solution really to keep using virus scanners and bitch online about stupid non-expert users clicking things or plugging in a network cable? Are we going to keep hiding behind some cop-out biology analogy of an 'immune system' instead of fixing a fundamentally broken security model?

Seriously - what the fuck is wrong with you people?

People getting attacked on the street for wearing the wrong cap? Dying by a team that has nothing to do with you, save for being the closest? I'm sure I'll catch you all in another thread pontificating about the evils of that "us versus them" mentality so pervasive today - but only in those lesser monkey-folk. Oh, those wretched tribal instincts. Quaint even! And what are you, then, but a mass of liquored hypocrites.

I see the same shit with street gangs -- at least they thrash about in some kind of actual competition, not a vicarious chest-pounding.

No. Boot from read-only media, flash bios, format, reinstall.

Expendable

Are you crazy? Do you know hard it is to get the all those pimp gibs to wash out of my jeans?

Kids these days.

Hardy has been very solid for me - but I heard it was quite bad at release. It really does deserve the LTS label at this point.

Intrepid is STILL awful. I'm trying out Jaunty now, but I'm not impressed yet. Session restore seems to be almost sort of working sometimes now - that was one of the things that bugged me most about Intrepid (though the blame belonged with GNOME upstream). They're still playing games with the UI when it doesn't make sense to do so (the shutdown/quit/whatever buttons vanished from the System menu - you have to use the fast user switch applet on the far right. Gnome-panel was patched, to detect the FUSA applet specifically, and hide the quit options from the system menu. Seriously - what the fuck guys?) and a fair number of packages are stupidly broken/buggy - VLC won't embed video in the main window. It shows an external one - some issue with the Qt4 interface.

I've also considered jumping to Debian.
If not, I'm sticking to Hardy until the next LTS release is solid. For new installs as well as my desktop, and quite possibly on other people's machines as well.

I propose that an excerpt from /dev/random must be appended to every post.

Perhaps our efforts can divert a substantial amount of government time and resources towards cracking the evul Anonymous cipher. You know, so they have less time to get actual work done. Slashdot is quite good at that in the general case, but in this case, these are jobs that nobody should be doing.

I wonder if this could count towards my community service...

I shall now reflect on the possibility of a caffeine intake that is arbitrarily close to zero

Trust is usually a four letter word to me, but my speling kinda sucks