Xoke.org

My parents are visiting and brought me a gift.  Some yummy marmite and a spreader and toast rack.

Fantastic!  Being me I read the stuff on the back.

Do not sell to under 18s?  Presumably because of the knife (although I may be wrong on this assumption!)

Let’s look at this knife shall we?

Not even a sharp point.  But how sharp are the edges?

The other side is just as sharp (or just as unsharp).

So unless I’m missing something, it is banned for under 18s purely because the implement here is described as a ‘knife’!  Idiotic!

Then again this text is straight if you look sideways at it.

So brotherred made a dent about a story which I stole the headline of this blogpost from.  Er, actually used in a humourous way that is covered under Fair Use!  Now I completely disagree with half the article, and think is he is probably being disingenuous with the other half to make people think he means something when he is carefully phrasing it a different way (either that or he is a corporate douchebag, but I’m giving him the benefit of the doubt and saying he is smart!).

So what does his article say?  I’ll skim through the main points (i.e. as many points as I can do before I have to stop before my blood pressure ends up higher then a giraffe’s)

There’s been some coverage overnight about the security of Windows and whether or not one particular company is reducing its use of Windows. We thought this was a good opportunity to set the record straight.

The linked article talks about Google ditching Microsoft.  See Microsoft, I don’t mind saying Microsoft when I am not a major fan of Microsoft.  I even say that I have used Microsoft products in my entire career at work (so you could even argue I make my income through Microsoft products).  Anyhoo, lets move on.  I have no problem ‘setting the record straight’ when it needs to be.

There is some irony here that is hard to overlook. For starters, check out this story from Mashable a few months ago where it was reported that Yale University had halted their move to Gmail (and their move to Google’s Google Apps for Education package) citing both security and privacy concerns.

Except it doesn’t.  It says:

For now, ITS will gather more input from the community on the issue before either moving forward with the plan or potentially shelving it

Note it says delayed and not halted.  But Brandon LeBlanc says halted, which has much larger connotations then just delayed.  Even if they decided not to, does this have anything to do with Microsoft being insecure (or not)?  This is about how Google sends your data around the world to whatever data centre has space and that being a concern.  Interestingly enough there was not talk of them moving from Microsoft Outlook to Google.  Yale are currently using some other thing called Horde Webmail.  One wonders why they are not using these wonderful secure Microsoft systems.  I mean they would get the discount for educational use so the licenses would be pretty darn cheap, and a mail server is a mail server so it shouldn’t be that much difference in cost for that so… why aren’t they using Outlook?  That isn’t relevant to this story though, but I would suspect it could be from the security of it…

The Financial Times article states that:

Windows is known for being more vulnerable to attacks by hackers and more susceptible to computer viruses than other operating systems.

The facts don’t support the assertion.

When it comes to security, even hackers admit we’re doing a better job making our products more secure than anyone else. And it’s not just the hackers; third party influentials and industry leaders like Cisco tell us regularly that our focus and investment continues to surpass others.

Now let me use an analogy.  I have a car that I used to always leave unlocked with the keys in.  Now I’m just leaving it unlocked and most of the time I remove the keys.  The local car thieves say I’m doing a better job of making my car more secure.

Actually I was a little disingenuous there myself – I removed the words than anyone else from the sentence changing the meaning.  If you read the article, it’s just one hacker, and he says Microsoft have a better process set up then people like apple.  Not really the same thing.  Processes don’t stop things like this they make it less likely.  If my process was to make sure I removed my keys from the car and locked it and had no visible items it would reduce the chances of my car being broken into or stolen, but if I don’t follow the process and still leave it unlocked then having the process doesn’t fix it.  As for the second part of the paragraph, Microsoft has much bigger pockets so I would hope that their focus and investment would continue to surpass others.

The article only mentions Microsoft in one sentence that says:

Microsoft has also been a valuable partner as both a model for SDL and also as a sounding board for Cisco as we developed and adapted their concepts to meet the unique attributes of our development environment and needs.

How exactly does that mean that Cisco tell us regularly that our focus and investment continues to surpass others?

The final bit says:

An article today by InfoWorld discusses how Macs are under attack by high-risk malware – the article goes on to ask if this is a future sign of things to come for Apple and security. Microsoft makes the security of our customers a huge priority. Here are some examples of the things we are focused on to help make our customers more secure:

• We ship software and security updates to our customers as soon as possible through Windows Update and Microsoft Update to keep our customers safe.
• We highly recommend our customers enable Automatic Update to ensure they are protected from attacks.
• With Windows 7, we added improvements to BitLocker for disc encryption (we also introduced BitLocker-to-Go for external USB devices), and added enhancements to the built in Windows Firewall for better protection.
• Windows 7 has Parental Controls built in that can be combined with Windows Live Family Safety to create a safer experience on the PC for children.
• Windows 7 comes with Internet Explorer 8 which includes SmartScreen Filter which has proven its success time and time again.

For more on Microsoft and our investment in security, I suggest reading the Microsoft Security Development Lifecycle Blog.

And Windows 7 also uses Address Space Layout Randomization (ASLR) as well by randomizing data in memory.

The inforworld article subheading says High-risk OSX/OpinionSpy, a variant of Windows malware, may be a sign of future insecurity for Apple. So it was Windows malware first, and also:

Under the guise of a “market research program,” the spyware — a variant of malware that’s existed for Windows since 2008 — is designed to collect a wealth of data on accessible local and network volumes, then send it off to its servers for likely unsavory uses. That data, according to Intego, may include user names, passwords, credit card numbers, Web browser bookmarks, and history.

So it’s a trojan.  Hate to say this but going back to my car.  Even if I lock it if I give the keys to someone who says he’s a good guy means he can take it.  Again though, this is just comparing Microsoft to Apple, and ignores Linux entirely!

The list of things Microsoft are now doing are a good thing.  I will freely admit Microsoft is doing much better then they used to, and they are focusing on security.  But that doesn’t mean they are now the best which is what Brandon LeBlanc is trying to suggest.  I will also admit that, at least with the little I have played with Windows 7, it is the best version of Windows I think they have made so far.  Then again, a dog turd could be the best dog turd that dog has ever made, but it’s still a dog turd!  I wouldn’t go that far though, Microsoft Windows (almost all versions) have given me my career my entire life, so whilst I may hate them and run Linux at home, my life would be a lot different without them.

In short, I think that:

• Windows security sucks.  Putting usability over security will do that.  You can have both, but you have to design that in from the ground up, which Microsoft didn’t do.
• Microsoft is getting much better then they were.  But need to completely start over to get it up to the Linux standards.
• No matter how good your operating system is, or how strong your processes are, dumb users will break it.  This works for Linux too – if I have root access and run rm -rf / then that box is gone.
• These articles are pulling some facts out to try to prove that Microsoft is great, but it comes under the standard FUD.
• I have spent too long on this article so need to stop it.  Now.

… but I'm going to have to comment on the latest piece by Bwyan.  No I'm not going to spell his name right so google can find it.  But the 'comic book' guy.  You know who I mean.

He did a talk at the LinuxFest North West entitled 'Linux Sucks".  Just to try to enrage people to turning up by using that title.  He basically says there are some issues with Linux and here is how to fix (some of) them.

I watched it (it's on his website if you want to look) and have some thoughts on what he said.  I tried to make notes on everything he said, although I skipped the Q&A at the end.  Onwards!

• Projector Issues.  First up, the projector doesn't work right and he needs help from someone else.  He goes on about how he tested it but then says "hey it was working at home".  That is NOT testing it.  Even if you bring your own projector (which I doubt – someone in the audience said it was giving issues to everyone) you STILL test when you set up at the new place.  You try to get in the room 15 minutes early or so and set up in readyness.  Maybe that's just me, but if he codes the same way I don't want any of his stuff because he'll just tell you it works on his home machine!
• OO Issues.  He asks if anyone has had an issue and fixed it with Open Office.  Only two people say they have, so he says everyone else must therefor think Linux and OO suck.  That is a non-sequitor.  I haven't fixed anything in OO, but then again I so rarely use it.  When I do it's just to open a Microsoft Office doc my mother has sent me.  So I don't have any issues with it so I don't NEED to fix it.  I have no itch, so I don't scratch it.  He did not ask how many people in the room even use OO, and of that how many have a problem with it and of those ask how many fixed a problem.  So you can't use the statistics for anything.  I think this is specious reasoning.
• Kernal Issues.  Kernel updates bork NVidia drivers.  Yes we know.  They won't release the source, just a binary that has to have some weird compile for each new kernel version.  Some woman in the crowd complained about every month when a new kernel comes out it messes her up at work for a couple of days.  Why the hell are you downloading and installing software without testing it at work then?  Get a test environment set up and test the damn software, just like everyone should do for Microsoft.  It's a business, and things do break sometimes.  You have the one piece of hardware this update doesn't work on, or similar, and it breaks your stuff.  Test it first!  Yes I would love not having the NVidia issues.  But this is also NVidia's problem and not purely a linux issue.
• XOrg Issues.  He calls it old and clunky.  Then admits they know it is and are fixing it.  Why is this an issue then?  Because they haven't fixed it yet?
• Kernel and Xorg update issues.  Then don't update!  Of course you won't have any security fixes either, but you don't have to update the second an update happens.  Why do people always bitch about the new stuff breaking things.  Then don't update and don't get the new stuff and keep something that works.  Windows users haven't all updated to vista just because it's out, and many have paid to downgrade just to keep the old one that works.  Then keep the old one.  It doesn't cost either way in linux.  If you are going to always update then yes there will be issues.  Whenever you get the latest and greatest there will be.  Give it some time for the bugs to be ironed out and then upgrade.
• Hardware issues.  Can't drop support of hardware apparently.  Actually I'm not aware of anything that has been dropped.  I know my NVidia driver is old and NVidia themselves have stopped support of it so the linux drivers are just repackages of older ones basically, but I've never heard of something that was dropped and suddenly didn't work for people.  Windows does do this though all the time.  Mrs Xoke has a scanner that she has never used.  She had a machine with Win 2000 or something on it that got spyware infected.  She ended up getting a new computer (long story there) with XP and now the scanner doesn't have XP drivers.  I tried it out under Linux thinking I could get it working easily however the power has gone dead on it.  Either the power supply or a wire somewhere.  I've not heard of anyone complaing how a scanner worked in Ubuntu 8.10 but was dropped in 9.04.  Yes sometimes things get broken (see above) but they get fixed again.  It was never broken on purpose because they dropped support.
• Package Issues.  Yes there are too many types of packages out there.  Yes it is a hassle for developers making each one.  I would love to have a single type of package management out there, but of course I would want it to be deb files.  Try and get everyone to agree on what type of package though and I don't think you will.
• Audio Issues.  He goes on about how we a good audio editor.  He doesn't mention Ardour here (although he does a lot later on in the Q&A).  But in the Linux way of if you have an itch then scratch it why on earth didn't he make an audio editor or improve an existing one instead of making a comic book reader!  One word though – Bounties.  See after this all for my final thoughts for more info here.
• Video Issues.  Yes we need a good video editor.  He doesn't give any solutions.  I do.  Bounties! (See below again).
• "The current open source development model has failed to deliver these advanced and neccersary tools".  I believe that is a direct quote from him.  He follows this up with "This is just simply true".  Well glad you explained that one.  Yes there are some gaps.  Considering how much has been done shows the open source development model does work.  It could be improved, as everything could.  That is what the bounties is for (See below).
• What you can do on Linux is less then mid-90s Windows and Macs. Err… do I even have to argue against that one?  Mid 90s, so Windows 95?  I can plug a USB device in and it gets detected which Windows 95 didn't do (that was Win 98 SE I believe).
• "We need to fund these apps".  Yes I agree.  That is what the bounties are for.  It doesn't have to be commercial software!
• "We need photoshop".  Why?  You say that there are all these people that will only run photoshop, but they are going to jump onto the linux bandwagon if there was a linux version?  Rubbish.  Yes there must be some Linux geeks out there that also use photoshop, but I don't believe that all these companies that are running Windows and Photoshop are just itching to move over to linux but can't because of photoshop.  If they are that ingrained that they have to use photoshop I imagine they will only use windows either becaue they don't want to learn / try something else.  Also given that you are blowing a grand or whatever the current cost for the top of the line photoshop is, the extra cost of a windows license isn't that much more!  Yes I would like to see photoshop on linux, just because it gives more credibility to Linux as the big Adobe company is doing stuff there.  But I don't believe we will gain widespread adoption overnight just because photoshop gets ported!
• Funding issues.  Various things mentioned here, none of which I disagree with (yes they are funding methods – can't argue with that).  But I want to add the bounties on there.  And please stop saying "Developers need to eat".  So does everyone.  Bounties is one way of offering this and a very good one I believe.

Now a lot of these issues can be fixed by bounties.  I have mentioned bounties before.  If you don't know, go read up on them.  But they will fix a lot of these issues.  The others I have tried to redress myself.  The upshot is, I understand what Bwyan is trying to do, but I completely disagree.  I think he is very self-centered here, thinking he is the only person that knows how to fix these problems.  Get over yourself and accept other people have cool ideas.  Yes, say that you don't like this or that, or this could be improved.  Admit if you aren't sure how to do something.  I would respect you for that.  Coming across like you are the only person that knows how to fix it makes me think you're just an arrogant prick just out for the publicity.  It reminds me of David Icke all over again (just google if you don'y know).

It appears some spam is floating around claiming to be from this domain.  Specifically wubutofased@xoke.org is the originating address.  To be clear here, this was not from here.  I have received various bounce backs from people, various mailbox full and out of office messages.  It appears to be a 'greeting card' which probably means it's a virus.  It links to http://laureselignac.com/e-card.exe (please note, that link will NOT take you to the bad file – it bounces to a non-existant page within this domain) which, chances are, is a Trojan.

If you got here by Googling wondering where the email came from, I did not send it and if you clicked the link you need to virus check your computer.  There are various free virus scanners out there that should hopefully pick it up such as AVG by a company called Grisoft.

I am sorry this happened, it had nothing to do with me – spammers just create  a fake email address to send messages out from.  This is why you get sent to a different website.  If I had sent you an email link it would point back here.  You should never trust links in an email especially if they link to an exe file (files ending .exe).

Xoke

So I was listening to the HPR episode about favourite podcasts and I thought I would look at gpodder.  I installed it, added some podcasts and then decided I wanted to move the directory into my podcasts directory.  I had it open and a bunch of unintelligable filenames appears which I didn't like.
 
I decided to move to a new 'gpodder' dir  and it moved all the files.  By that I mean ALL the files.  Including all my bashpodder stuff.  Also by adding some podcasts it had somehow downloaded over a GIG.  Now I didn't tell it to download anything so wtf was taking up so much space?  Plus if you're going to give stupid names then I can't just grab whatever files I want from there – I have to use the GUI.
 
Long story short, it is now uninstalled and won't be reinstalled any time soon.  Bashpodder FTW!  Gpodder FTL!