Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!



Omand Warns of "Ethically Worse" Spying If Unbreakable Encryption Is Allowed

allquixotic Re:And is this a bad thing? (365 comments)

That's no problem. They'll just get their buddies in Congress to write them up a law that says that whatever they do is fine. Or, if that causes too much of a ruckus, they'll just provide Congress with a long laundry list of the things they do, then get Congress to copy and paste that into the law.

9 hours ago

IRS Warns of Downtime Risk As Congress Makes Cuts

allquixotic Re:Let's hope (253 comments)

EXACTLY. As long as the tax code is ridiculously complicated, we're going to need ridiculously complicated bureaucracy and IT systems to manage and enforce that complexity. Let's see how well our new GOP overlords in Congress manage to legislate an actual reduction in tax code complexity, now that they have the gavel all to themselves in both the house and the senate.

Let's not bring the cart before the horse. If you want an IRS that can run on a shoestring budget, make a shoestring tax code that I can print on my home inkjet printer -- THE WHOLE CODE -- in under 5 minutes.

Otherwise, shut the fuck up and fund the IRS so they can do what they are required to do by law.

4 days ago

Ask Slashdot: Can I Trust Android Rooting Tools?

allquixotic Manual steps vs. payload (184 comments)

Most root exploits I've seen have two components to them: the attack vector, and the payload.

The attack vector is usually a series of commands that have to be run to get the payload onto the device. This part is fully auditable and usually "open source" in the sense that you can perform these commands yourself. If someone sends you a .bat script with a bunch of adb commands, you can always open up the script and read it and make sure nothing is malicious in there.

The real problem is that 99% of the root exploits out there have to upload some kind of a binary file to the device, which is then executed. In MOST cases, the source code to this binary is not disclosed, perhaps to make it harder for the manufacturers to fix the exploit, or to keep their attack methods secret, in case the code might expose some more general pattern of attack that would enable the manufacturers to close a whole series of root exploits.

So basically you are trusting someone who compiled a Linux binary *whose job is to obtain escalated privileges on your device* to then not use those privileges to install some kind of tracking malware, data siphon, or cookie exfiltrating software, or even just a rootkit providing them a backdoor, which initially does nothing but can be activated at any time when the author feels they need something from your device (like participating in a botnet, perhaps?).

I'm a little surprised that the comments so far haven't really tackled the crux of your question, which was NOT "how do I find root exploits", but "are they trustworthy". Remember, folks, just because it's posted on XDA, doesn't mean it's trustworthy. Anyone can register an account on XDA; absolutely anyone.

I've read statements from root exploit authors who've said in plain language that they have no motivation to bundle malware in their root exploits and thus don't ever do so, but that's like the NSA saying they don't spy on Americans. We have no way of verifying the statement, and several reasons to suspect the contrary.

If you are in doubt, I would suggest that you forego root exploits altogether. Instead, you should simply refuse to buy any Android device where the manufacturer does not provide you a means to unlock the bootloader. Once you have a (legit) unlocked bootloader using official tools from the manufacturer, you can then proceed to install any ROM you want -- even an open source ROM that you could audit yourself -- which then gives you root access. Remember, on an Android device, root is far less powerful than an unlocked bootloader, so that's really what you should be aiming for anyway, to have a truly "open" device as an enthusiast.

about a week ago

Chinese Spacecraft Enters Orbit Around the Moon

allquixotic Oh! Oh! I know what those are called! (152 comments)

"...within 125 miles (200 kilometers) of the lunar surface at its closest point, and out to a range of 3,293 miles (5,300 km) at its highest point..."

Thanks to Kerbal Space Program, I know what those are called! The first one is the periapsis and the second one is the apoapsis. :D (Yes, I know, common knowledge, but it's cool that a game taught me a thing or two about spaceflight...)

Too bad real life has the Ferram Aerospace mod enabled; this craft very likely would be unable to reenter the atmosphere and land (or splash down) without breaking up, because it's not designed to withstand the heat and drag forces.

about two weeks ago

Ask Slashdot: Sounds We Don't Hear Any More?

allquixotic The sound of two empty floppy drives (790 comments)

Circa 1990, I had a 486 DX PC running DOS with two floppy drives: the standard 3.5", and the older 5.25". This was during the transition from the larger and lower density 5.25" to the more modern "High Density" 1.44MB disks. The BIOS would check to see if there was a disk in each drive in their initialization order: first "A:", the 3.5"; then "B:", the 5.25". We had a 180 MB HDD, so we didn't ordinarily boot up the computer to a boot disk except for recovery or for specific legacy software that required it; instead you'd boot DOS from the HDD, then insert a disk to install the software to the HDD, or (for older programs) run them directly off the disk.

Anyway, the disk drives were almost comical in the audible noise they made when the BIOS asked them to determine if there was a disk inserted. I distinctly remember that the sound of the two drives was in harmony, like music: two "BOOOOO-doop!" noises, one about two octaves higher than the other, in sequence, each lasting about 1.5 seconds, with a 0.5 second pause in between.

I was 5 at the time, but that was my intro to computers. It was the first PC our family owned.

about two weeks ago

Professor: Young People Are "Lost Generation" Who Can No Longer Fix Gadgets

allquixotic Hostile Design and DRM (840 comments)

Many devices containing software are intentionally designed to be hard to fix/repair. With the exception of open source applications running on a PC, or open source operating systems on said PCs, an increasing number of appliances and "gadgets" have software that is completely locked down. If the software out of the factory is not 100% perfect and there is some kind of a defect, the consumer's only option in most cases is to buy a different device.

Worse, since the software is the same between each unit produced, the consumer could go through the RMA process dozens of times and still have the problem. If the manufacturer does not acknowledge and fix the problem, the user is SOL.

This is largely a consequence of consumers not truly owning the devices they buy anymore, due to companies valuing their "IP" over (digitally-infused) consumer appliance serviceability. Try fixing a shoddy driver on an Android smartphone from a major US carrier (90% of them are locked down) and let me know how you make out, with "brief" engineering knowledge. Ditto for the faulty ECU in your car, or the faulty temperature regulator in your fridge, or...

The only situations where the OP may have a valid point are with things that have not yet been designed, in mainstream models at least, with significant digital components. For example, if your toilet starts leaking, the knowledge and technique to repair this low-tech item probably hasn't changed in at least 40 or 50 years. But these examples are quickly vanishing, as even toilets are starting to have digital components. Usually, you are *lucky* if your manufacturer provides you with some kind of instructions on how to buy and replace the complete electronics package in something like a dishwasher or a washing machine. If you are attempting to repair it without actually chucking the whole component and installing a new one, good luck -- provided you're not an Electrical or Computer Engineer.

about three weeks ago

Why Aren't We Using SSH For Everything?

allquixotic Layered with, not instead of, HTTP/2 (203 comments)

One of the coolest client-side features of most SSH clients (at least OpenSSH and PuTTY support it) is the ability to turn any SSH connection into a SOCKS5 proxy, provided the server will let you. If your Internet connection has a restrictive stateful firewall on it that blocks your access to many useful legitimate sites, you can just stunnel out over TLS and then have the ability to go outbound on any port (including SSH's default port of 22) using your SOCKS5 proxy. I've used RDP over SSH over TLS before to get around restrictive filters.

about three weeks ago

"Star Trek 3" To Be Helmed By "Fast & Furious" Franchise Director Justin Lin

allquixotic Re:Action movies are boring. (332 comments)

There's an entire episode of ST: Enterprise devoted to depicting the life of freighter crews on early warp ships. If I recall correctly, they're only capable of warp 1 or 2, and this is first-generation warp, so it's much slower than the "Warp 2" you might hear Picard give the order for in TNG, or even the "Warp 5" that the NX-01 Enterprise is capable of. These crews spent a lot of time in deep space doing absolutely nothing except reproducing like bunnies.

The neat thing about the freighter crews as they were depicted in the shows, was that the crews were often families that would live and reproduce on the ship, spending their entire lives in space on a fairly small and poorly-armed vessel. They would occasionally take on new blood from outside their family unit (this helps combat the immediate idea of gene pool degeneration), but the majority of the crew would be biological relatives.

These crews were much less idealistic than Starfleet personnel, and were very much loyal to their families above and beyond any set of ideals. No doubt they'd encounter all kinds of sticky situations in space with pirates, Klingons, and even Starfleet, and have to defend their family, defend their ship, make ends meet, and survive.

A show like that would necessarily have to involve a lot less space combat (and fewer explosions therefore), because even a small warship like a frigate or a destroyer can *easily* overwhelm and destroy a freighter in the Star Trek universe (all time periods), as well as outrun them and probably have better-trained military crew for boarding parties as well. The freighter crew would have to get by on wit, cunning, deception, and probably a whole hell of a lot of sacrifice. Not much you can do with a small pulse cannon against a military vessel, when nobody in your family is trained in the kind of specialization that, say, Data would have, when he'd save the day every other episode with technobabble trick after technobabble trick.

What I said above is NOT in any way a knock against TNG, just saying that you're asking for a very, VERY different side of Trek, but I think it's doable, and there's a lot of established lore in this area that could easily be drawn from to create a series.

However, I don't think it would stick. The majority of the hardcore Trek crowd wants to see a crew on a Federation flagship, or at least a Federation-operated space station. The non-Trekkies would get bored by the lack of explosions. So it's unlikely that such a thing would make an appearance on TV or in the movies.

about a month ago

"Star Trek 3" To Be Helmed By "Fast & Furious" Franchise Director Justin Lin

allquixotic Re:Action movies are boring. (332 comments)

Indeed. Aside from that, "intellectual" threats to the characters (figuring something out with science and creativity; outsmarting an opponent; devising a diplomatic solution to a problem) create far more tension and build-up to the crescendo. The threat of massive loss of life could be the end result of whatever dreadful thing they're up against, but if their solution is to shoot the hell out of it, it's boring, because you KNOW there's no way the movie could proceed except for them to win. Sure, somebody you're attached to might tragically die, but even that trope is pretty old by now, even within the Star Trek film canon (Spock and Data).

What I've been wanting -- and not receiving -- from modern incarnations of 'Trek are basically the scenes that directors like Justin Lin and JJ Abrams would cut, if they even allowed the scenes to be filmed.

Like the drawn-out philosophical conversations between Wesley and Picard in TNG.

Like the near-total audio silence between lines of dialogue during Spock's death scene in the Wrath of Khan.

Like the many times that a character would *tell* a story through words rather than the viewer being *shown* the story through whizzy graphics.

Like when the activities of the Federation personnel vaguely represent the moral code and rules of engagement that they apparently seek to uphold.

It's not going to get better. The cognitive dissonance behind producing movies these days is stunning. If you don't meet quotas for number of CG-rendered frames and explosions per minute, they won't let you run it in theaters.

about a month ago

BT, Sky, and Virgin Enforce UK Porn Blocks By Hijacking Browsers

allquixotic Eat My Bitstream (294 comments)

Step 1: Pray that the foundational assumptions of state-of-the-art crypto remain true (no P=NP or quantum computer cracking nonsense, please).

Step 2: Rent/buy/lease/colo a VPS or dedicated server in a country that respects users' freedom and doesn't tamper with their network connection.

Step 3: Set up a VPN on said server.

Step 4: Use the latest crypto algs you can get your hands on; apply security patches aggressively; and watch out for notices of weaknesses.

Step 5: Use the VPN on absolutely every device you own: at work, on your phone, on your home router, etc.

Step 6: ???

Step 7: Eat My Bitstream! No more ISP interference.

IMO Step 1 is the shakiest, but it's all we've got for now.

about a month ago

Keurig 2.0 Genuine K-Cup Spoofing Vulnerability

allquixotic Re:But does it report artificially low ink levels? (270 comments)

I have the Vue system. This is apparently an ugly redheaded stepchild (like Windows ME, or Windows XP x64 Edition) that came between the "original" Keurig, and Keurig "2.0". It lacks any form of DRM, and there are $10 plastic adapters on eBay that allow you to brew any original K-Cup pack using the Vue. I tried it and it works fine.

The features of the machine are much better than the original Keurig: larger water tank, touchscreen with customizable temperature and water amount, it heats up and brews faster, doesn't make a horrible noise when brewing, and it accepts both K-Cup Vue and original K-Cup packs. Oh, and it has a water filter in the water tank (you still have to replace it of course), so I don't have to wait for water to trickle out of my fridge's filtered water dispenser to fill up the Vue: I just fill up a glass or pitcher from the kitchen sink, unfiltered, and dump it in the Vue's water tank. The filter takes care of the rest.

Sometimes the red-headed stepchild is the sweet spot. Like how Windows 2000 was a suitable substitute for Windows XP for many years for folks who didn't like the whole Internet-based Windows Product Activation. Obtain a single valid Win2K license and you could technically activate an infinite number of systems.

Will be hanging on to my Vue for a long time...

about a month and a half ago

French Publishers Prepare Lawsuit Against Adblock Plus

allquixotic Re:Ads can stay, as long as they behave (699 comments)

So far, the rise of locked mobile devices is not preventing the sale or use of computing devices which are not restricted in such a way. And at least on Android, even "locked" devices still allow you to install third-party apps, like Firefox, which can be used to block ads.

Locking down all possible systems that can be purchased by consumers and enterprises (including modems/routers, desktops, laptops, etc.) with NO way to purchase, anywhere, a compatible, functional system that can have arbitrary software code executed on it, is a very tall order. If such a system is ever even threatened to be put into place, there will be a social rebellion the likes of which will make the American Revolutionary War look like a playground arm wrestle.

However, to attempt to prevent systems like this from being placed into effect gradually and slowly over time, I believe we should do all we can to reject systems of this nature, and continue to use, promote and purchase open platforms. Even (desktop) Windows, proprietary as it is, is -- relatively speaking -- very "open" compared to the locked-down environment you speak of. By refusing to economically support walled gardens, we can prevent them from gaining a foothold, or worse, becoming such a "de facto" standard that the majority of the web stops supporting open platforms.

I definitely see the danger, but I am optimistic that people will care enough that they will fight it. As usual, with matters like these, technologists such as the ones who often visit /. should be expected to lead the charge. Join the EFF and throw away your iPhones, folks.

about a month and a half ago

French Publishers Prepare Lawsuit Against Adblock Plus

allquixotic Ads can stay, as long as they behave (699 comments)

There's really no other rational choice than to block most/all ads, in a world where ads can do just about anything they want. The annoyance and performance slowdown are trivial issues compared to the real problems. The same openness that allows Web-based ads to track you using cookies, launch plugins and pop-up windows, and prevent you from viewing content until you watch a video or wait some time, also (fortunately) allows users to fight back as a natural defense mechanism against these predatory tactics. For the advertisers to abuse this openness for their own personal monetary gain, while presuming to control what *I* run on *my* computer, while being appalled at my choice of doing the same, is ridiculous and contradictory.

Far and away the gravest problem with ads today is that the vast majority of them pose *serious* security and/or privacy issues. Most ad networks do very little to prevent bad actors from embedding malicious content that tries to exploit browser zero-days, steal cookies, track your behavior, or trick you into visiting malicious websites. Until website owners and ad networks decide to completely purge all the security and privacy risks, advertising is essentially synonymous with an opportunistic attack on each user who visits an ad-infested site.

On the open web, the only way advertisers are going to get any revenue is through earning the trust and goodwill of their customers. And we ARE customers -- customers who are currently being treated like shit. How would you like it if a car salesman walked up to you and started giving you a tattoo on the arm with the manufacturer's logo, seconds after you get out of your car and step foot on the lot? That kind of intrusive behavior should not be tolerated. And it isn't: users are doing exactly what the advertisers should expect them to do, given how they are being treated.

Ad networks should start by having a manual screening process for each entity that wants to submit ads through their network. The integrity, ownership, and status of each entity should be scrutinized to ensure that they are a legitimate business and are registered with the proper authorities. Additionally, the network should perform constant random sampling of their current ads being run, and employ experienced security auditors or penetration testers to examine the source code and other dynamic behavior of the advertisement payload on various popular browsers, to determine if it is tracking the user or malicious in any way. If it is, all further business with that partner should be stopped immediately, and the advertisement removed from the network. Website owners and users should not be the ones having to push the ad networks to remove these abusers.

The open Web is not going away. Users are in control of what displays in the web browser. Advertisers must either learn to work within a system of reasonable rules that do not attack users' systems or try to compromise their privacy, OR just keep fighting until their revenue stream is slowly strangled to death by their own despicable policies.

about a month and a half ago

Which Programming Language Pays the Best? Probably Python

allquixotic Re:What does learning a language really mean? (277 comments)

That's just passing the buck, not really answering the question. I can imagine three completely different interviews purportedly about, say, "Ruby": one that a college kid could pass by going through a Ruby tutorial the night before; one that would require the same kid to take a Programming Languages class with a 4-week section on Ruby to be able to pass; and one that would unambiguously flunk everyone except Masahiro Matsumoto. There is an entire spectrum of different difficulties of interview in between these three examples, too.

The OP asked a philosophical question, and you provided a concrete answer that, while technically correct, does not actually get us any closer to an understanding of the issue. A more reasoned answer would go something like this: if you're being hired with the intent of writing Ruby code as a significant part, or the entirety of your job description, the interviewer ought to ask questions that are challenging enough that, if you can answer them fluently and capably, the implied skills you must possess in order to do so would be more than sufficient for you to excel at the type of work being performed. Even within the industry of coding shops, there is an enormous difference between writing Ruby for basic office automation tools (say, an automatic timesheet filler using Selenium) and writing Ruby with intense domain knowledge needed in a challenging area, like physics, quantum computing, higher mathematics, actuarial science, etc.

So the two axes of programming language competency are: domain knowledge (can you comprehend the subject matter enough to develop the algorithms/formulae/logic flows for the software you're writing?), and knowledge of the language and its libraries, including third-party libraries (are you able to use the facilities of the language itself or any third-party components in order to implement your solution?). Proper competency must be established on BOTH axes in order to determine if you're suitable for a job.

In the absolutely general, context-free case of determining whether you are "competent" or "good" or "learned" with a language, I don't think it's possible to answer in any meaningful way. One's competency must always be bounded by a realistic look at what exactly the work to be perfomed entails.

about 2 months ago

How the Rollout of 5G Will Change Everything

allquixotic Re:Who cares (216 comments)

Contract prices may be down, but the cost per gigabyte of data (because fuck everything except data; nothing else matters; data is information and information is data, and there's no point in thinking about anything else) has not decreased significantly.

When you pre-purchase tens of gigabytes in advance, you might be lucky to pay $3 to $4 USD per GB of data transferred over a world-class LTE network like Verizon's. If you have any overages, the price shoots up to $10/GB. It's been at that level since the EvDO days.

$3 per GB is an order of magnitude more than what most people expect to pay and are willing to pay for data once you get out of the 10GB category. The convenient fact that most people still don't know how to do anything useful with their phones and hence don't actually use that much data, does not excuse the heinous prices.

A ridiculous amount of 30+ year old local, county, state and federal legislation has kept *actually good* landlines from reaching millions of people in the US, even in densely-packed suburbs with strong median income. Well, let me clarify that: it's legislation that was passed due to industry lobbying, and even without the legislation, the industry would still collude to depress the rollout of things like fiber to the premises. So while yes, government is complicit in the problem, even the anarchists/libertarians having their way wouldn't fix the problem.

But the landline problem could be conveniently sidestepped if the wireless broadband carriers would offer reasonable tethering or home LTE modem plans with affordable prices per gigabyte. On the whole, LTE data is extremely stable, very high-throughput (many times faster than Verizon ADSL, that's for sure), and natively supports IPv6. It's usually still up if you have a localized power outage. It works fine in severe weather. It's cheaper for the carriers to roll out than to bring fiber to every house. Everybody fucking wins! Except they don't want to do it, because they're making money hand over fist as it is, and they have no regulation forcing them to change. Meanwhile, the "have-nots" who can't get FiOS or similar high-speed broadband are left in the 20th century, or trying to buy someone else's grandfathered unlimited data plan on craigslist or eBay.

I'm not even saying that unlimited data needs to happen on LTE. Sure, it would be nice, and I think it's achievable if they simply scale the tower density to the population density and fix the egregious spectrum waste problem (legacy protocols that are hideously inefficient, etc); but even very cheap *limited* data plans would be fine. Nobody wants to pay $9.99+ to buy an HD movie, then pay another $40 in data charges just to download the damn thing. I think a reasonable price for 1 GB of data on a mobile network is 25 cents per GB. $1 to download a feature-length 1080p movie in high quality. That's perhaps a 5 - 10% tax on the cost of the content license. Not too terrible.

It's completely bogus to say that things have improved a lot in the last two years. The ditching of new unlimited data contracts on Verizon and AT&T, coupled with the stagnation in the price of data per gigabyte despite a vastly expanding network capacity, is pure, unadulterated greed on the behalf of the carriers, with absolutely no sign of pro-consumer progress. If you believe $10/GB is reasonable, either you're shilling or you've got your head stuck in the sand.

about 2 months ago

Toyota Names Upcoming Hydrogen Fuel Cell Car

allquixotic Re:Hydrogen is a nice alternative (194 comments)

The biggest challenge with this tech, as with most emerging tech these days, is to mass-produce it, and do so cheaply. People simply cannot afford to pay the prices that are normally slapped on next-generation vehicles like this. That, and they only tend to produce about 1500 of them per year. Not enough to even make a dent in the market.

I'm pessimistic, but I hope they prove me wrong. If the relatively successful mass deployment of gas hybrids is a baby learning to walk, this new fuel system is going to be as difficult to roll out as asking that baby who just took their first steps, to immediately get themselves down to the race track and win a mile race against Usain Bolt.

Good luck.

about 2 months ago

Report: Federal Workers, Contractors Behind Half of Government Cyber Breaches

allquixotic Re:CyberThis, CyberThat, CyberCommand (61 comments)

Actually, the "US military and federal contracting wanker-sphere" were among the few organizations that spent big bucks on the foundational concepts of networking that eventually led to the Internet. Look up the history of DARPA sometimes. The first letter in the acronym, D, stands for Defense.

Their reasons for using "Cyber" in front of everything are for completely different reasons. Beancounters in the massive federal bureaucracy system need distinctive search keywords for disparate efforts. If they just called everything "security", you would end up with hiring security guards with pistols who've never touched a computer, whose job description says they're supposed to do penetration testing on mainframes.

Sure, their terminology seems a little out there (especially because much of the world doesn't feel the need to assign such specific, clumsy terms to everything), and I'm not defending their practice, nor am I claiming that they're up to date with the latest trends and technologies now that the Internet has flourished.

But it is a complete fabrication to say that the military-industrial complex / the US DoD / the US military is "30 years late discovering this whole internet thing". They BUILT it.

Al Gore didn't invent the Internet. DARPA did.

about 3 months ago

FTC Sues AT&T For Throttling 'Unlimited' Data Plan Customers Up To 90%

allquixotic Re:All based on a false-to-fact payment model (179 comments)

But Verizon is perfectly happy billing customers at $10 per GB. They will only change if they are forced to by law. And I guarantee you that they will sue the FCC, the courts, and even their own mothers again and again until the Supreme Court has to make a decision, in case the FCC does actually strike against them and declare Internet service (including mobile) a public utility.

about 3 months ago

Debate Over Systemd Exposes the Two Factions Tugging At Modern-day Linux

allquixotic Re:How about we hackers? (863 comments)

I consider myself part of the "hacker culture", and I'm sick and tired of this blind adherence to an operating system architecture from the 70s. AT&T UNIX is dead, and its ancestors only mimicked it chiefly for compatibility reasons (otherwise you'd have a rough time compiling any software that was written for UNIX on your new OS, and you'd never gain market traction).

I find very little value in the UNIX philosophy, and in fact I find that it adds a lot of needless overhead and puts MORE work on system administrators for no reason at all except that "we've been doing it that way since the 70s". I'm so tired of hearing this "criticism" of systemd.

More seriously though, if that's the best you can come up with -- that it's not "UNIXy enough" -- then systemd is well on its way to universal adoption. No serious maintainer of any distro except perhaps Slackware is going to take that argument seriously, because it's a strawman that should've died before many of us in the current incarnation of the hacker culture were even born. Now it's properly dying, and all the people who are stuck in the 70s are coming out of the woodwork to pitch a fit as their set-in-stone view of system architecture is rendered obsolete.

The UNIX philosophy had a time and a place, but just like any other design decision, it had major drawbacks. It worked well in the type of environment it was running in at the time, and continues to have some relevance today, but it is high time that we retire it. The new system architecture proposed by systemd may not be the best possible one, but I think it's a step forward from the old ways.

I would very broadly describe systemd's architecture as "service-based" -- you have one or more daemons that offer some kind of service over IPC, then wake up and process requests as they receive them from processes on the system. The kernel mediates the enforcement of access control, while the daemon(s) themselves mediate authentication (if required). It is a design that is pretty close to how we do web services in an enterprise environment.

We're getting away from "edit this file" and moving towards "call this service API" (or run a command that calls it for you, if you want to map the service architecture onto a model closer to UNIX). We are getting away from the rampant race conditions that come from file editing (look at the number of programs that try to touch/manage `/etc/fstab`, `/etc/resolv.conf`, etc. and end up stepping on one anothers' toes, and trying to parse comments like "#FooProgram edited this; leave it alone!" as interoperability hacks). When you have a daemon offering a service, you get parallelism safety by design: the program can just mutex the critical section, and make sure only its user and root have access to its (ultimately) file-based backend. And root has no business touching the backend directly.

"But what if there are bugs?" you ask. Well, if everything is in a bunch of text files, you can just edit those text files as a workaround, thus avoiding the actual problem. But it's much better to get the actual bug fixed in the program itself, so that you AND all other users do not have to trip over the same bug again and again. A text-based configuration architecture just encourages lazy sysadmin practices and hacks that make a system brittle, unportable, and difficult to maintain.

If you read this and you would still rather have the UNIX philosophy, just remember: even though the service-oriented system architecture is gaining the upper hand in terms of mindshare and adoption in most GNU/Linux distros these days, there is absolutely nothing stopping you and a group of friends from starting a new distro, or contributing to an existing one, that insists on remaining on the old UNIX design. It is physically impossible for anyone making any kind of policy decision in the free software community to force you to do or run anything. The only potential threat would be if a liberally-licensed software (e.g. BSD) development team decided to take their future contributions proprietary and shut down the code repos, thus stopping development (with all the existing bugs, etc remaining unfixed) unless you pay a license fee. That's a far greater threat than the existence of any free software could potentially pose.

Kind of ironic that the people who are the most emotionally uncontrollable about this whole systemd thing are the ones that are flocking in droves to BSD. I would actively encourage the OpenBSD, NetBSD and FreeBSD dev teams to seriously consider taking their future contributions proprietary, just to show these people how silly they're being. A much better solution long term is to continue using a GPL-based ecosystem (Linux, GNU userspace, etc.) and simply run the init system that you choose, and host forks of any packages that seem to have a "hard dependency" on systemd. Yeah, it's a lot of work, but there seem to be about a million of you who hate systemd, so if only 10 or 15 of you got motivated enough, we'd see "Old Hand Linux" or something get shipped 1.0 by Q4 2015, to the applause of 999,995 people over 50 and about 5 people under 50.

And not a single person would oppose you for releasing Old Hand Linux 1.0. It's completely your prerogative. Just as it is the prerogative of current distro maintainers to adopt (or not adopt) systemd. Start contributing, or get used to it.

about 3 months ago


allquixotic hasn't submitted any stories.


allquixotic has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?