Become a fan of Slashdot on Facebook


Forgot your password?
Slashdot Deals: Cyber Monday Sale Extended! Courses ranging from coding to project management - all eLearning deals 20% off with coupon code "CYBERMONDAY20". ×

Comment Re:If we're going systemd, we should go full throt (Score 4, Interesting) 754

If the community get's behind systemd, it works and is/becomes usable and apps start relying on it being there - so what?

by taking over and forcing out all other options, it becomes a monoculture. and that, as we know from decades of experience where monoculture OSes have created cartels and monopolies, is incredibly dangerous.

i dedicated three years of my life - without proper financial recognition - to breaking the NT Domains monopoly, saving companies world-wide billions of dollars in the process. it is also not very well-known that i dedicated another year reverse-engineering the Exchange 5.5 protocol.

this dedication gave people a choice: they could choose to remain on monoculture monopolistic insecure proprietary and expensive per-seat-licensed servers, or they could choose to move over to software libre on any number of POSIX-compliant OSes including HPUX, AIX, Solaris, BSDs and GNU/Linux OSes - the *exact* opposite of a monopolistic monoculture. they could also choose to move to any number of proprietary solutions from companies such as Tarantella, Honeywell, Network Appliances and many more - all companies who got together because i pioneered the reverse-engineering (and wasn't murdered for doing so) which forced Microsoft to start doing proper documentation, and to sponsor CIFS conferences.

now i am witnessing a process by which everyone in the GNU/Linux community, by working in a totally dedicated way in "their corner" that has to be respected precisely *because* it is so dedicated, yet as a whole *all* of us have gone "hmmm, i'm working in my corner, the global problem isn't my problem: i'm making local decisions, here, which make my life easy and i'm doing what i think is best", totally forgetting that the overall consequences are like a shoal of fish: EVERYBODY has "flipped" - all at once - and the direction is a dangerous one that no one person has any responsibility or control over, because we are *not* a company, we do *not* have a "Board of Directors who can give us orders that we are required to follow or be fired", we are a bazaar - a self-organised group of self-organised individuals with independent free will and highly-focussed responsibilities.

the "flip" is to a dangerous monoculture position with, as we are now witnessing, absolutely zero choice (bad choices are no choice at all) - which i've warned about well over a year ago, and was told, basically, to "fuck off". well... now we begin to see the consequences.

i am running fvwm2 - i have been for 20 years - and i am using's recompiled versions of critical dependencies (udevd and others) all of which have "--no-systemd" in the files. so i will not be concerned about trojans that attack vulnerabilities in systemd, exploiting the new features such as allowing the firewall to be disabled and much, much more. but you - all you who trust the systemd authors and the desktop environments that now operate exclusively on systemd? you should be concerned.

Comment thinkpenguin, librem and eoma68 laptops (Score 4, Insightful) 92

... y'know... it has to be said, this is precisely why thinkpenguin (and other FSF-Endorsed hardware) do wipe-it-down-to-the-bedrock products, even to the extent of replacing the standard BIOS with coreboot, and why the purism librem laptop exists (and was successfully funded last year). but even there, the problem is that for the past 15 years all intel processors have to have an RSA-signed bootloader that goes into EEPROM on-board the processor, where there's absolutely no chance of obtaining the source code for that proprietary firmware blob. you have absolutely no idea what goes into that bootloader, but it's already been demonstrated that your laptop - and your desktop - can be woken up by external network signals - without your consent or knowledge - *even when you powered them down*.

the only possible solution here is... to not use intel (or AMD) processors. and that opens up a whole can of worms, which is why i've been sponsored to make an upgradeable laptop. if any one CPU is ever found to have problems, the whole CPU Card can be popped out and replaced... *without* having to throw away the entire laptop.

designing a laptop from the ground up so that its main CPU module can be replaced... only two years ago that could have been said to be "total paranoia". now we have the kinds of stunts being pulled by Dell, Lenovo and the NSA which were only previously believed to *potentially* be carried out...

Comment terrorists celebrating the additional publicity (Score 1) 275

wow, man. terrorists love the chaos and publicity that they receive. they love the reactions, the outrage, the responses that they get, because they don't need to do anything other than kill a few people, and the rest of the damage people - and governments - do *to themselves*. trying to "crack down" on anonymous payments all in the name of "terrorism"... it's amazing. i look forward to a time when people - and governments - understand that terrorising *ourselves* with the knee-jerk after-reactions often does far more lasting damage than the actual atrocities carried out by the killers.

Comment Re:forbs (Score 1) 103

man that is one F'ed up site that i can not get past the ADVERTISING 3 second countdown

  that is royally F'ED UP

you get an advertising countdown? all i get is a redirect to a URL with the word "welcome"... that's then completely blank. this isn't the first time it's happened, either. y'know what? i'm going to resurrect a tag that i haven't seen used in a looong time - i'm going to mark this artlcle as "slashdotted". yes, in 2015, that's an indictment of a site as big as forbes. in 1997 it used to be fine (and funny) that the 15 minutes of fame from a slashdot focus would overwhelm a web site link.

Comment Re:SDR Hardware (Score 4, Interesting) 42

yeah i got something similar, i researched the chipset a bit in advance, to see what frequencies it could do. i found one that could go from i think it was... like... 100 mhz through to almost 1900mhz, with a bandwidth of something like... 2.8m-samples/sec. it only had an 8-bit ADC resolution but that was ok. i then used it with some software i was working with, at the time (passive GSM scanning software), and actually managed to find a couple of frequencies, which was amazing.

going beyond that would have been tricky, because at the limit of 2.8 million samples per second of I and Q data @ 8 bit, it was pushing the limit of what the hardware could actually do: there were quite a few drop-outs. i'm sure the proprietary driver could handle that data rate, but the reverse-engineered gnu/linux one simply couldn't.

anyway yes absolutely! $12 plus shipping for something that will handle a huge range of frequencies, FM radio, TV frequencies, GPS satellites, GSM 850 and 900mhz, and even some of the higher-end GSM frequencies @ 1800mhz... maan, what more could you ask for? :)

Comment Re:lesson learned? (Score 1) 183

Red herring. Efast didn't arrive to people's computers via official channels. Linux is just as vulnerable to malware when stuff is being installed via unofficial channels.

... which means that you didn't read the full contents of what i wrote before posting. in paragraph (5) i made this exact point. so you not only didn't read what i wrote, but you then detracted from the *actual* point being made, by criticising what was written without proper thought and consideration on your part.

you then go on to conclude that i must be on a "high horse", but at the point at which you clearly didn't read each and every paragraph, i lost interest in reading further because you clearly demonstrated that it was more important to you promote *yourself* (by way of denigrating others) than to actually provide a service to readers of the article.

please be more careful next time, eh?

Comment Re:lesson learned? (Score 1) 183

Last time I installed Chrome (not Chromium, but actual Chrome) on Ubuntu I still had to download it from Google trusting Google's process rather than Canonical's. So no, it didn't go through some encryption protected carefully managed central repo. And, obviously, if someone can install software from Google via downloads, they can install other software via downloads, including malware.

... and you end up being tracked, and have advertising pushed at you, and your privacy is invaded through data sharing - yes, we know. that's why the Debian GNU/Linux team took the (libre-licensed) source code for the chrome browser, did a full source code audit, *REMOVED* all of the spy-tracking, *REMOVED* all of the privacy-violating code, compiled that and released it through the standard Debian packaging system [which includes the audit trail]

if the ubuntu team are actually bothering to properly follow this process, then you should be able to [use synaptics if you are not comfortable with command-line] just do "apt-get install chromium-browser". you will get *exactly* the same source code, minus the privacy-violating code, with the added guarantee that there is, as i described in the post, the audit trail that is near-impossible to violate.

Comment !education (Score -1, Troll) 93

i note that this post has been tagged "education". can someone please explain how it is "education" that teachers - and students - must *pay* to have boards *designed for them*, using a processor which you *still* cannot view videos without paying for proprietary CODECs [1] and you *still* cannot boot it without a proprietary bootloader.

i remain deeply unimpressed that people have had the wool pulled over their eyes by the "low, low price" of $25.

[1] don't tell me that it's patented. enshrined into patent law is the right for inventors to create an implementation of absolutely any patent, as a means to *EDUCATE* themselves about making further improvements to the original work.

Comment *cough* (Score 1) 236

well i'd _like_ to tell you but it would be unwise of me to describe the setup in a public forum. but i can say that the only reason i have a TV is because i am in a rented apartment which is set up nominally as a "B and B", and that i love tennis and you really have to have like Eurosport to get it. i did have USB-TV dongles as an experiment (an SDR one) but they're a bit of a pain.

Comment lesson learned? (Score 3, Informative) 183

windows and macosx users, listen up. GNU/Linux Distributions have a digitally-signed audit trail that goes all the way back to multiply personally-verified GPG key signatures. *NO* malware gets through that process - absolutely none. and the reason why is very simple: anyone who dares to install malware would, by virtue of the GPG-signed audit chain, be tracked back and their reputation so publicly destroyed - forever - that they would never work in the software industry ever again.

not even microsoft or apple, no matter how they try, can replicate this audit trail, because their software installation is (a) not transparent (i.e. not trustworthy) and (b) as those corporations set themselves up as the "single choke-point" they simply don't have the time, the resources or the financial incentive to support *YOU*, the user, when *YOU* want to install some random piece of third party software.

in short, i am sorry to have to inform you that if you run the windows or the macosx operating systems, *despite* the fact that you are perfectly entitled to install 3rd party software [for now, anyway: it's getting harder to do], despite the fact that if you choose not to install 3rd party software your computer would be completely useless - despite all these things being true and perfectly valid, i am sorry to have to inform you that *if* you choose to install 3rd party software, you get everything that you deserve.

people who install GNU/Linux OSes don't do it "because it's fun" or "because they want a challenge of running command-line tools", they do it because they *know* and trust the digital audit trail based on the publicly-verifiable reputation of the 1000+ developers behind each distribution, and, because that trail exists, they can feel that they're safe from malware and spyware when they follow the install procedures that come with their OS.

of course, there are those people - GNU/Linux users - who bypass that process, and perform manual installation of random unverified online packages. such people it has to be said _also_ get what they deserve.

now, we can indeed track the MD5 checksums, and manually check the digital signatures, or even manually build the software ourselves (regardless of the OS), but the inconvenience and complexity of doing so is beyond most people - often myself included: i just cannot be bothered to compile software from source these days unless it's absolutely essential. ... but why put yourself through that?? why are you risking yourself to exposure to privacy violations and data violatinos? i genuinely don't understand why you would do that to yourself. perhaps someone could explain it to me.

Comment Re:The US cannot follow a pact (Score 4, Interesting) 38

So, why should anyone expect China to?

In fact, if I was a Chinese government official I'd be laughing at anything the US suggests. Maybe I'd sign the pact just for a joke though.

the thing is, what the U.S. politicians - and many people around the world - don't realise is that the Chinese Intelligence is so secretive it doesn't even have a name. its members operate in effect as independent cells, through word of mouth contacts, with absolute negligeable two-way contact with the outside world... even inside china and *including with the politicians*. remember, china's politicians, under the "one party state", don't actually have much in the way of power, and are not really that well-respected (or trusted).

so the hilarious thing is that the only way for the politicians to inform the Chinese Intelligence that there's a treaty that's supposed to be signed is, in fact, to announce it in the news and hope like hell that someone relevant, somewhere, in their lair / bunker / hideout, actually reads it. here's the problem, though: if those operatives happen *not to agree* with that treaty, as far as "China National Security and Interests" is concerned, then, well, they don't actually have to take a blind bit of notice.

the same goes for when all these attacks keep occurring. the *simplest* thing to say is "it was chinese hackers! they're nothing to do with us politicians! we have a policy of not attacking foreign assets! no really!" because for the politicians to even *admit* that it was Chinese Intelligence operatives - not that they could possibly find out who they were even if they wanted to - would probably result in them getting a knock on the door and them and their family deported to some remote area of China which hasn't changed in several centuries.

we in the West assume that just because the Politicians in Western countries make the laws, that other countries have to follow that exact same process. China's politicians - people don't realise - are *not* at the top of the food chain as far as power is concerned. They're not even second to top. on mature reflection, you might call that a good thing, as it means that they can't really screw things up.

Comment thinkpenguin (Score 2) 237

i recommend contacting for several reasons. firstly, yes they install GNU/Linux by default (so they've done all the hard work, and the research, in advance. is that worth paying for? yes!) secondly, they actually go to the trouble of replacing the BIOS with Coreboot. is _that_ worth it, and worth paying for? yes!

and thirdly, they make sure that the hardware that they've selected is FSF-Hardware-Endorseable, which needs some explanation as to why this is important - and it's not *actually* to do with some sort of stupid or idealistic or neo-fascist or brain-washed or self-righteous or [insert suitable continuation of series of derogatory sentences towards the FSF, Dr Stallman in general and their goals, here, which may be in your mind as to why you feel that you should completely ignore anything and everything associated with the FSF, which we're about to show you are completely moot] reason.

no, the clear benefit from buying FSF-Endorsed hardware such as printers, WIFI and 3G dongles etc. is that they JUST WORK. peripherals these days usually have built-in firmware. because the firmware is pre-loaded in FSF-Endorseable products onto NAND Flash or EEPROM, they're pretty much guaranteed to be more expensive than the devices that require the proprietary firmware to be uploaded to the device, from the main OS, before the device can actually function.... BUT...

what that means in practice is that if you don't *have* that proprietary firmware, or if it happens not to be compatible with the OS, or if you lose it, or if the file system becomes corrupted, or if you perform an upgrade of the OS, and many many other reasons all of which amount to a great deal of hassle, you cannot use that device, period.

the most ridiculous instance of this is that ethernet is becoming less common, CD/DVD drives are becoming less common, creating USB-sticks to boot-install systems has always been a pain, EFI-boot (only) is becoming more common.... how the hell is anyone supposed to install an OS when the only network access is WIFI, and the WIFI requires bloody proprietary firmware that has a license that prevents and prohibits that firmware from being installed on the bloody installation media?? how stupidly ridiculous a situation can you possibly get into! and don't get me started about usb-ethernet devices, which, due to them being USB, are often *excluded* from selection as a "main internet connection" during the install process, because, by nature of them being removable, the OS can't guarantee that the device will be there on the next boot.

avoiding all this hassle is what you pay for when you buy pre-vetted products from and other companies that are listed on the FSF's page . you can also go to and take a look there to see if what you want is listed.

so when you buy a product from you know that it's "just going to work". if you genuinely want to replace the OS, you can... and it will be a very straightforward job, unlike, i can guarantee, absolutely every other recommendation at the time of writing of this comment with a category "5" score here on slashdot.

ironically, and not surprisingly, thinkpenguin get less support calls (hardware "just works"). their customers are happier.... and so are more loyal. is that worth paying a bit extra for? yeah i'd say so.

e-credibility: the non-guaranteeable likelihood that the electronic data you're seeing is genuine rather than somebody's made-up crap. - Karl Lehenbauer