Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

Comment Rule 34 (Score 1) 221

If it exists, both the CIA and the NSA have each figured out independent ways to spy on it.

They usually try to limit the scope of anything that can be detected, to reduce the risk of people getting spooked and switching to new things that they have to do more work to figure out how to spy on. For passive attacks, they're only limited by what they can blackmail, err... convince the Justice Department not to prosecute them for.

Comment Re:Software Freedom Law Center (Score 1) 418

If they're just trying to get people to sign up for their newsletter, they can still do that while complying with the GPL. That won't prevent other people from redistributing it, but if they have a trademark, they can still be the only source of "WinMTR", much like Red Hat is the only source of Red Hat Enterprise Linux, even though there are numerous community rebuilds that coexist with RHEL.

Comment Re:Aren't Fedora kernels free already? (Score 1) 283

Fedora's historical view, much like Linus's, has been that binary blobs are okay as long as they're running on special-purpose hardware, rather than the general-purpose CPU. Drivers, even though they *control* special-purpose hardware, run on the CPU, with complete access to the resources of the entire system, so the drivers themselves need to be open source to be part of Fedora proper, even if some of their functionality is implemented in a binary firmware blob.

This view is not shared universally in the Fedora community, and many (including a lot of Red Hat employees) are growing increasingly fed up with it. I would not be shocked to see Fedora do something like this in the not so distant future. Take a look at this, for example:

https://admin.fedoraproject.org/updates/F14/FEDORA-2010-18594

Comment Not a security analysis tool (Score 4, Informative) 159

Disclaimer: I used to work for Red Hat and personally know some of the board.

SQLNinja is not a security analysis tool. It is no more useful for telling you if your database app is insecure than a blowtorch is for telling you if you have a gas leak. SQL injection vulnerabilities are *trivial* to detect with simple input fuzzing.

SQLNinja is certainly a legitimately useful *demonstration* tool for developers and administrators to show their bosses just how severe their problems are, such that they might be prioritized, but it's designed for software that doesn't even run on Fedora, so it provides negligible benefit to the Fedora community. Anyone who knows enough to search for "SQL injection tool" can find it and install it, so there's really not much of a barrier here, but leaving it out of the distribution reduces the risk of Fedora being used as a gateway to the fat wallet of Red Hat in any litigation, a problem which most community distributions do not suffer from.

Fedora takes a lot of moral stands, but they're ultimately about things that will somehow benefit the Fedora community in the long term, and there's really no foreseeable payoff here, or certainly none that overrides the fantastic headache it could incur. I certainly can't fault them for picking their battles.

Comment Use a long-term distro (Score 2, Informative) 375

A friend of mine tried this with her rather savvy users, but the churn in Fedora created too much work to keep up with. It worked fine, but they ended up switching to Ubuntu LTS for the longer support lifetime, since CentOS 5 was getting a little old. If you prefer the Fedora ecosystem, RHEL 6 was just released, and CentOS 6 will be out soon.

Comment Right tool for the job (Score 1) 114

I'm a happy Rackspace Cloud customer. I use it for a few small VMs that I treat like normal, uniquely-configured servers, but I don't have to mess with all the details of running a data center, and that makes my life easier. I looked at EC2, and it became very obvious that it was not intended to be used that way. If you want to do the whole dynamic cloud thing where your log scraper uses an API to request more CPU for this VM, more RAM for that VM, and duplicate a few more web front-end hosts, EC2 definitely covers the bases, but I just wanted a couple servers with redundant power and storage, pre-built backup/restore system, in a data center that's professionally managed by people who are not me, and I wanted to do it without spending tens or hundreds of thousands of dollars up front.

In terms of business growth, EC2-style cloud computing is great for large organizations with their own developers who can afford semi-custom solutions that offload 80% of their server infrastructure to Amazon's data centers, but that's a market that will saturate quickly. The larger opportunity is customers like me, who are trying to help a small organization grow into a large organization without investing huge amounts of time and money up front (because they don't have either to spare yet), and need servers that aren't just run from someone's desk. If Amazon invests the short term returns from EC2 into something that competes directly with Rackspace Cloud, I'm sure they'll be competitive, but right now the two offerings aren't directly comparable.

Slashdot Top Deals

One person's error is another person's data.

Working...