|
|
How many accidental pool injuries/drownings are there in houses that own a pool?
Now compare that to houses that don't own a pool.
Now consider that a swimming pool is hundreds of times more dangerous to children than guns in the home. Shall we ban swimming pools?
(http://www.guncite.com/gun_control_gcgvacci.html)
$ find
709
I'm not sure if you're trolling, but apt-get has never been more advanced than yum (at least, not since yum was included in Fedora). Notable features of yum that apt-get lacks include the ability to install a package from a local file, resolving and installing its dependencies from repositories, and the ability to resolve and install a package given a path or the name of a feature it "Provides". Yum's a little slower than apt-get, but it's definitely the more capable of the two.
As for dependency hell: that term refered to the pain caused by downloading a package, attempting installation, learning that there are unmet dependencies, manually locating those packages, and potentially repeating the process. That hasn't been a concern on Red Hat or Fedora systems for literally about ten years.
Compared to other rpm based distributions, Fedora tends to have new software first, and demonstrates a superior commitment to the Free aspects of Free Software. GNU still doesn't recommend it because they include binary blobs in their kernels. That aside, it's easily the best distribution for Free Software users.
Files can be corrupted by rare spontaneous bit flipping, by mis-writing a block that was intended for another file or corrupting the block list to include data from another file (cross-linked files), by including blocks that don't exist, or by including blocks that have no data or arbitrary data.
Headers or meta data in some file formats can be verified by applications that support that file format, but it's possible for some of those problems to change the file's data such that the data is still valid, but wrong. If you have a large collection of media files or image files, filesystem corruption could potentially cross-link valid data from another file of the same type.
All of that is to say that the only way you can reliably detect corrupt files is to compare them to files that are known good. To anyone with backups in your position, I would simply say that the best option would be to wipe the system and restore a backup that you trust. If you had rsnapshot backups, you might be able to:
rsync -avcn
rsync would then tell you which files differed from backup.
According to comment 39919031, Paragon HFS may have serious bugs. It's possible that the problem didn't actually come from the power loss, but from a bad filesystem driver. I'd recommend using something better supported by all systems for your shared space, or using hardware assited virtualization for all but one of the operating systems. On my own hardware, I run Linux with other systems in KVM guests, which works well. The host OS can export shared space over the network (NFS or CIFS) to the guests, which is probably the most stable filesystem configuration possible.
From an earlier Slashdot post:
http://linux.slashdot.org/story/12/03/03/142229/gpl-copyleft-on-the-rise
"Is Copyleft Being Framed?"
As we've seen something like 5 Slashdot posts based one 1 study, I would say that there is substantial evidence that the answer is "yes".
Before the iPhone, smartphones looked like this:
http://en.wikipedia.org/wiki/LG_Prada
http://asset1.cbsistatic.com/cnwk.1d/i/tim/20090403/IMG_4858_540x360.jpg
The LG Prada was the first phone with a capacitive touchscreen.
How about a display cover that can be either glossy or matte depending on the user's needs?
DNSSEC is signed by CAs. If an attacker can compromise a CA, they can compromise DNSSEC.
Sure, it works well for chumps like Facebook and the the NY Stock Exchange, but no one is using it for serious . . . um, wait . . . nevermind.
I don't know about Facebook, but NYSE is using Red Hat Enterprise Linux, not Gentoo. Actually, I'm not aware of anyone who is using Gentoo for anything serious.
Why not go with something simpler?
1. Use the DNS CERT record and ensure that we use dnssec with all zones up to the root signed (or another DNS security scheme).
If a notary is compromised, we can replace that notary and be done. If a CA is compromised, we have to replace the CA and every active cert in the world that they've signed.
The short answer is, users want a binary answer. Can this site be trusted, true/false.
And in the Convergence system, they get that. A site is trusted if all of your notaries agree that the certificate you see is the same certificate they see. If it differs from the certificate that they see, then something is amiss and the certificate is not trusted.
Sure, you can say "I only trust this Notary", but how do you know that Notary is even who you think it is?
The same way that you know CAs, now: you keep their certificate in a local store for validation.
again, same problem you have now.
No, you don't. You have one of the two problems that we have now. Right now, the two significant problems are 1) that we rely on organizations that could be compromised and 2) if one of the larger organizations is compromised the cost of dropping our trust in them is impossibly high.
In the Convergence system, it's still possible that a notary could be compromised. However, notaries are all equal. We can drop any notary without the same costs as dropping a CA in the system we're using now.
Since most people simply won't switch, even if Convergence was 100% effective it wouldn't matter. Most SSL attacks would still take place just fine.
You're even wrong here. I can switch to Convergence right now, and without anyone else switching, I've improved my security. This isn't a system that requires that everyone change to be effective. It's immediately effective for anyone who changes.
A lot of people suggest DNSSEC as a component of replacing CAs, but overlook that DNSSEC requires CAs to function. If the problem is that you can't trust anys given CA, then a replacement has to be independent of CAs.
DNSSEC can't be a component of a system that doesn't trust CAs, which is exactly what Convergence aims to be.
Notaries are no more trustworthy than CAs; the advantage is what Moxie Marlinspike calls "trust agility". See, if a CA is compromised, users cannot easily stop trusting the CA. The big CAs simply have too much influence. Drop a major CA, and a significant percentage of the internet's certs are no longer valid. The economic costs of replacing a CA are tremendous.
If a notary is compromised, no big deal. Notaries can be dropped and replaced without any noticeable consequence. Notaries can be just as effective as CAs, with the advantage that they can be easily replaced.
A shapely CATHOLIC SCHOOLGIRL is FIDGETING inside my costume..
