If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#106
|
|||
|
|||
Reason *TO* pick on Windows 10
T wrote:
On 3/12/19 7:42 AM, Jonathan N. Little wrote: Mayayana wrote: "T" wrote snip Â*Â* The problem is that you keep actively trying to sell Linux to people. Your answer is always that people should try a Linux CD. Computer problems? Dry skin? Losing crops to drought? Wife doesn't orgasm? Your answer to everything is Linux. Enthusiasm is fine but you're also providing misinformation. So are you. * You answered my complaint about firewalls without actually knowing the answer. Yes you rail about Linux doesn't have any per application based firewall but like it is like Linux doesn't have antivirus either. The reason is it is not really needed. Linux has a completely different approach to security. Unlike Windows that has most things open and then adds stuff to plug the holes, Linux starts with stuff closed until you explicitly open open them. (Windows is moving to more things closed albeit slowly...) So an application based firewall is not needed just don't allow app access to networking. You can do that with services like apparmor. Deny application access to network and it won't 'phone home'. SeLinux is a great example It is partly legacy with origin stories. Windows is rooted in a single user, standalone, commercial product. Multiple profiles, (not really muti-user unless server edition), networking, and other such features were afterthought addons. And in a commercial environment turn on everything by default saves on tech calls, (yes they are walking that back now). Linux is exactly *not* that. -- Take care, Jonathan ------------------- LITTLE WORKS STUDIO http://www.LittleWorksStudio.com |
Ads |
#107
|
|||
|
|||
Reason *TO* pick on Windows 10
"Jonathan N. Little" wrote
| Yes you rail about Linux doesn't have any per application based firewall | but like it is like Linux doesn't have antivirus either. The reason is | it is not really needed. I've heard that explanation before. Linux isn't sleazy so it doesn't need to block outgoing. And what about software self-updating? Oh, you want that, say the Linux fans... There's never just an answer. Like T, you're not answering what I want but only what you think I should want. My request was clear and simple: An easy-to-use firewall that pops up an informative dialogue whenever anything wants to go out and lets me choose whether to allow it. There are free options on Windows. But that simple question just gets a run-around with Linux. | Linux starts with stuff closed until you explicitly | open open them. (Windows is moving to more things closed albeit | slowly...) So an application based firewall is not needed just don't | allow app access to networking. You can do that with services like | apparmor. Deny application access to network and it won't 'phone home'. | Starts with stuff closed? You mean to say that *nothing* can go online unless I specify it? Isn't that a firewall? But then the devil seems to be in the details. If nothing can go out, but I can easily allow it out when necessary, then why do I need this AppArmor? And why are you saying Linux doesn't need firewalls? AppArmor seems to be yet another convoluted set of configs. (Why is it that nothing ever has a simple answer in Linux. Either there's an easy-to-use firewall -- whatever you want to call it -- or there isn't.) The description of AppArmor is ambiguous: https://en.wikipedia.org/wiki/AppArmor It looks like it requires extensive work to set specific settings for each specific program. I'm assuming that is, indeed, the case, since you just said I can't have and don't need a firewall. And there's this ominous bit: ""AppArmor is offered in part as an alternative to SELinux, which critics consider difficult for administrators to set up and maintain.[2] Unlike SELinux, which is based on applying labels to files, AppArmor works with file paths. Proponents of AppArmor claim that it is less complex and easier for the average user to learn than SELinux.[3] They also claim that AppArmor requires fewer modifications to work with existing systems:[citation needed] for example, SELinux requires a filesystem that supports "security labels", and thus cannot provide access control for files mounted via NFS. AppArmor is filesystem-agnostic."" So AppArmor may not be as bad as another alternative that confuses admins? On Windows, with Online Armor, I see a window that says, "xyz is trying to call out. Do you want to allow it?" I can then set specific ports if I want to. I can also look at the log to see where xyz was trying to call to. Tiny Firewall is similar. Simple function. Simple question. So why is it me who's spreading misinformation? Or were you referring to something else? Windows backward compat compared to Linux? WINE? Do you think I've mischaracterized those? If so then please explain what I've misunderstood. If not then please don't so glibly accuse me of spreading misinformation. |
#108
|
|||
|
|||
Reason *TO* pick on Windows 10
On Tue, 12 Mar 2019 07:58:40 -0700
T wrote: On 3/12/19 7:42 AM, Jonathan N. Little wrote: Mayayana wrote: "T" wrote snip The problem is that you keep actively trying to sell Linux to people. Your answer is always that people should try a Linux CD. Computer problems? Dry skin? Losing crops to drought? Wife doesn't orgasm? Your answer to everything is Linux. Enthusiasm is fine but you're also providing misinformation. So are you. * You answered my complaint about firewalls without actually knowing the answer. Yes you rail about Linux doesn't have any per application based firewall but like it is like Linux doesn't have antivirus either. The reason is it is not really needed. Linux has a completely different approach to security. Unlike Windows that has most things open and then adds stuff to plug the holes, Linux starts with stuff closed until you explicitly open open them. (Windows is moving to more things closed albeit slowly...) So an application based firewall is not needed just don't allow app access to networking. You can do that with services like apparmor. Deny application access to network and it won't 'phone home'. SeLinux is a great example I wouldn't trust anything provided by the National Security Agency. From NSA Security-enhanced Linux Team:[5] NSA Security-Enhanced Linux is a set of patches to the Linux kernel and utilities to provide a strong, flexible, mandatory access control (MAC) architecture into the major subsystems of the kernel. https://en.wikipedia.org/wiki/Security-Enhanced_Linux |
#109
|
|||
|
|||
Reason *TO* pick on Windows 10
"T" wrote
| This is all just red herrings. Code Weavers is a commercial | WINE wrapper. Wine Staging, according to their own | webpage, is optional beta features that can be installed | early. | | Wine and Codeweavers are the same people. I have asked them | and they have verified it. | Another misleading statement. CodeWeavers is commercial, working off the WINE base. Whether there are some people involved in both doesn't apply to the product. CodeWeavers is using WINE, so they can't very well stand in the way of WINE. I described a systemic problem clearly. WINE can't be fixed, because of the way it's designed. It's not a Windows API and they don't want to cooperate with Windows programmers. So WINE is not a good bet as a future lifeboat for Windows users. I know because I've worked with them... or rather, tried to. But you don't want to acknowledge that information. You just want to come up with excuses for why WINE is not so great now. **WINE was never great. WINE will never be great. The WINE people are largely geeks who want Grand Theft Auto to run on Linux. That's it. End of story. If any solution were ever possible it would require that Linux developers welcome Windows developers as partners. But as I noted, that would probably conflict with OSS religion, so it's not likely to ever happen.** |
#110
|
|||
|
|||
Reason *TO* pick on Windows 10
"T" wrote
| So an application based firewall is not needed just don't | allow app access to networking. You can do that with services like | apparmor. Deny application access to network and it won't 'phone home'. | | | SeLinux is a great example Wikipedia begs to differ. From my apparmor link: "AppArmor is offered in part as an alternative to SELinux, which critics consider difficult for administrators to set up and maintain." Too difficult for admins! This just keeps getting more silly. |
#111
|
|||
|
|||
Reason *TO* pick on Windows 10
"Jonathan N. Little" wrote
| It is partly legacy with origin stories. Windows is rooted in a single | user, standalone, commercial product. Multiple profiles, (not really | muti-user unless server edition), networking, and other such features | were afterthought addons. And in a commercial environment turn on | everything by default saves on tech calls, (yes they are walking that | back now). | | Linux is exactly *not* that. | I don't think that's an accurate representation. As far back as NT4 it was called a workstation. SOHo users are adapting what's essentially a corporate workstation, designed for multiple users and designed to be networked, with an admin controlling the system. Windows targets commercial, yes, but it's always been mainly a networked workstation. That's why most of your personal settings are under "roaming". so that you can log in from any terminal at the company you work for. A true standalone design would store settings in program folders, like Win9x used to do. And what is Linux used for? Server, raw material for kiosk systems and specialized uses in industry. Though I don't see what any of that has to do with wanting a firewall on a standalone desktop. Windows has it, Linux doesn't. |
#112
|
|||
|
|||
Reason *TO* pick on Windows 10
On 3/12/2019 8:40 AM, Mayayana wrote:
"T" wrote | This is all just red herrings. Code Weavers is a commercial | WINE wrapper. Wine Staging, according to their own | webpage, is optional beta features that can be installed | early. | | Wine and Codeweavers are the same people. I have asked them | and they have verified it. | Another misleading statement. CodeWeavers is commercial, working off the WINE base. Whether there are some people involved in both doesn't apply to the product. CodeWeavers is using WINE, so they can't very well stand in the way of WINE. I described a systemic problem clearly. WINE can't be fixed, because of the way it's designed. It's not a Windows API and they don't want to cooperate with Windows programmers. If anybody tried to implement a real windows API, wouldn't they be instantly dragged into court for violation of intellectual property rights? Even if they wanted, they probably wouldn't be able to. So WINE is not a good bet as a future lifeboat for Windows users. I know because I've worked with them... or rather, tried to. But you don't want to acknowledge that information. You just want to come up with excuses for why WINE is not so great now. **WINE was never great. WINE will never be great. The WINE people are largely geeks who want Grand Theft Auto to run on Linux. That's it. End of story. If any solution were ever possible it would require that Linux developers welcome Windows developers as partners. But as I noted, that would probably conflict with OSS religion, so it's not likely to ever happen.** |
#113
|
|||
|
|||
Reason *TO* pick on Windows 10
On 3/12/2019 9:40 AM, Mayayana wrote:
* You claim Windows lacks backward compatibility. When I ask for examples all you can name is Quicken. Yet Quicken officially supports Win7-10 and when asked to explain the problem you don't answer. That's 9 years of compatibility. More to the point you're making, Quicken is an app. Whether a third-party app has backward compatibility is not up to MS. Examples of apps with backward compatibility that are under MS' control, the current version of Word in MS-Office will still read *and write* Word for DOS files. Same for Excel, and Access databases from 20 years ago work fine on both PCs and servers. On the other hand, Open/Libra Office has mangled their own files after only two version "updates". MySQL similarly failed to handle databases created only a few years ago, not to forget the circle-jerk involved in who "owned" MySQL technology. The bottom line is that MS is about business-level productivity, and no other company has come close to its apps level of backward compatibility. -- best regards, Neil |
#114
|
|||
|
|||
Reason *TO* pick on Windows 10
"Mike" wrote
| If anybody tried to implement a real windows API, wouldn't they | be instantly dragged into court for violation of intellectual | property rights? | | Even if they wanted, they probably wouldn't be able to. | There's that. I think there's been a court case about that, over Java. Google vs Oracle? I'm not sure. As I understand it, Oracle claims the function names are intellectual property because they're trying to stop Google from making an API ready-to-go for Java developers, by creating an API of functions with the same names that do the same things. Interesting claim. Does an object hierarchy with all the same names constitute copying? What if all the names are prepended with "Goog"? Where to draw the line? How does Oracle get to claim ownership of programmer's habits? If they can make that claim then why can't car companies sue a new company, like Tesla, for using the same basic design for doors, steering wheel and pedals? Be that as it may... I wasn't thinking of a Windows API, per se. It could take different forms, but what I had in mind was cooperation -- docs for the Linux API and for targeting that with the Windows API. The software would still be written on Windows. It would still be Windows software. But optimized for WINE. So there would be no "Windows API" on Linux. Explanation: What WINE does (for anyone who doesn't know) is to try to handle each Windows function call and redirect it to a Linux equivalent. Example: You call GetTempPath to find a folder for TEMP files. A very common thing to do on Windows. That's in kernel32. WINE then intercepts that call and recalls a Linux equivalent. Does WINE support that call? Are there gotchas? Is the call in WINE's kernel32 or elsewhere? That's all opaque from the Windows end. The docs are almost non-existent and the structure is not systematic. GetTempPath may not be in WINE's kernel32. Not all of the Windows possibilities have been dealt with and, as noted, the WINE libraries don't correspond to the Windows libraries 1-to-1. A kernel32 function may not be in the WINE kernel32. Same for user32 and so on. So even with docs it might be hard to know whether I can use GetTempPath and what it will do, unless WINE people sit down and create those docs for us, instead of staying up late trying to make bikinis look right in Grand Theft Auto. And what about Win32 wrappers? COM functions in oleaut32.dll? Accessibility in oleacc.dll? Windows installer in msi.dll? Cabinet extraction in cabinet.dll? ActiveX controls? There's a huge extended API that's not part of the basic Win32 API. Which parts does WINE support, and how? Can I call functions in oleacc.dll to do something like retrieve text in a window, or do I need to use constituent functions in the Win32 API? If I knew all that I could go over my code and try to make a version of programs that would work smoothly under WINE on the first try. Big companies might even find that to be worthwhile in some cases. Especially if it didn't require too much work. They might sell more copies if their product was stamped "WINE-ready". With that in mind... Some years ago a WINE person came into a Windows programming group and asked for volunteers to work with the WINos to port their Windows software. I volunteered. What I expected was to work together. My idea: I test my software under WINE. Something fails. I look up in the WINE docs to see whether the functions I used are supported and whether there are gotchas. The docs also tell me the ideal Windows calls to use for what I want to do. I then adapt my code. (If I call GetTempPath, for example, do I have to worry about file restriction issues that I wouldn't find on Windows? That's what I mean by gotchas.) Their idea: No docs. No cooperation. No communication. No discussion about API function details. I test my software under WINE. Something fails. I file a bug report and commit to shepherding that particular bug until it's resolved. The WINE interns then get the bug report, reverse-engineer my software, and try to make it work, without telling me what they're doing. Eventually they report a fix. Then it's my job to test the fix and tell them whether it worked. That's idiotic. I wrote the software but now they want me to be a beta tester while they write software to run my software! I specifically requested my contact to cooperate and provide me info so that I could adapt my software to WINE. In other words, it should have been me fixing the bugs, not them. If I want to use common functions like CreateFile, DeleteFile, RtlMoveMemory, etc then I should be able to look up what WINE can handle. My contact said they didn't want to work that way. He just wanted to me to sign on as a boyscout beta tester in his paramilitary, hierarchical command structure and have me shepherding bugs. So that's what I'm talking about when I say WINE is faulty by design, doomed to fail, and needs an API. No sooner do they reverse engineer 1,000 operations in one program than a new version comes out and they have to start all over again. |
#115
|
|||
|
|||
Reason *TO* pick on Windows 10
"Neil" wrote
| More to the point you're making, Quicken is an app. Whether a | third-party app has backward compatibility is not up to MS. It's not their responsibility, directly. But my point is that MS have bent over backward, for decades, to support their official APIs. The VB6 and VC6 runtimes came out in 1998. But they're still pre-installed on Win10. API calls that worked on Win95 still work on Win10. Apple and Linux don't come close to that kind of backward compatibility. MS have to do it because they have to support businesses that write their own software. It is true that 3rd-party programmers don't have to take advantage of that. Some can and do use newer functions unnecessarily and thereby break things. But it's not common to break backward. In other words, Acme Editor 2001 can probably work on Win10. Whether Acme Editor 2019 works on XP will depend on whether the developer cares and knows enough to make it work, and whether XP supports all the new features added over 18 years. Many programs do still support XP because it's often relatively easy to do so. | Examples of | apps with backward compatibility that are under MS' control, the current | version of Word in MS-Office will still read *and write* Word for DOS | files. Same for Excel, and Access databases from 20 years ago work fine | on both PCs and servers. | That's a different issue. We're talking about OS backward compatibility: Does older software run in a newer OS version. | On the other hand, Open/Libra Office has mangled their own files after | only two version "updates". MySQL similarly failed to handle databases | created only a few years ago, not to forget the circle-jerk involved in | who "owned" MySQL technology. | | The bottom line is that MS is about business-level productivity, and no | other company has come close to its apps level of backward compatibility. | That is a good point. I didn't know about LO doing that. Though I've never saved from LO to anything but .doc. I wouldn't save to LO formats because other people might not be able to open them. |
#116
|
|||
|
|||
Reason *TO* pick on Windows 10
"Mike" wrote:
On 3/12/2019 8:40 AM, Mayayana wrote: I described a systemic problem clearly. WINE can't be fixed, because of the way it's designed. It's not a Windows API and they don't want to cooperate with Windows programmers. If anybody tried to implement a real windows API, wouldn't they be instantly dragged into court for violation of intellectual property rights? ReactOS does its best to implement the Windows API and also the NT native API. I don't think they've had any problems with MS. When I want to know how an undocumented native API call works I check the ReactOS source code. |
#117
|
|||
|
|||
Reason *TO* pick on Windows 10
On 3/12/19 8:31 AM, Johnny wrote:
On Tue, 12 Mar 2019 07:58:40 -0700 T wrote: On 3/12/19 7:42 AM, Jonathan N. Little wrote: Mayayana wrote: "T" wrote snip The problem is that you keep actively trying to sell Linux to people. Your answer is always that people should try a Linux CD. Computer problems? Dry skin? Losing crops to drought? Wife doesn't orgasm? Your answer to everything is Linux. Enthusiasm is fine but you're also providing misinformation. So are you. * You answered my complaint about firewalls without actually knowing the answer. Yes you rail about Linux doesn't have any per application based firewall but like it is like Linux doesn't have antivirus either. The reason is it is not really needed. Linux has a completely different approach to security. Unlike Windows that has most things open and then adds stuff to plug the holes, Linux starts with stuff closed until you explicitly open open them. (Windows is moving to more things closed albeit slowly...) So an application based firewall is not needed just don't allow app access to networking. You can do that with services like apparmor. Deny application access to network and it won't 'phone home'. SeLinux is a great example I wouldn't trust anything provided by the National Security Agency. From NSA Security-enhanced Linux Team:[5] NSA Security-Enhanced Linux is a set of patches to the Linux kernel and utilities to provide a strong, flexible, mandatory access control (MAC) architecture into the major subsystems of the kernel. https://en.wikipedia.org/wiki/Security-Enhanced_Linux Dude! It is open source and has been poured over with a fine toothed comb. It is also supported by Red Hat. And it works really well. |
#118
|
|||
|
|||
Reason *TO* pick on Windows 10
On 3/12/19 10:18 AM, Mayayana wrote:
And what is Linux used for? Server, raw material for kiosk systems and specialized uses in industry. I use it as a desktop all the time. Many do. Grahhics artistst are using it too (Inkscape). Though I don't see what any of that has to do with wanting a firewall on a standalone desktop. Windows has it, Linux doesn't. It is a different design than Windows. Firewalls are there. You just don't like the way they are administered. And you are correct, they could be easier to administer. If you want Linux to be a 100% clone of Windows, as Office Users want LibreOffice to be a 100% clone on M$O, it is never going to happen. If you are willing to put up with the eight technical issues in this original post along with all the security issues in Windows 10, then whatever floats your boat. The "P" in PC stands for "Personal". |
#119
|
|||
|
|||
Reason *TO* pick on Windows 10
On 3/12/19 8:42 AM, Mayayana wrote:
"T" wrote | So an application based firewall is not needed just don't | allow app access to networking. You can do that with services like | apparmor. Deny application access to network and it won't 'phone home'. | | | SeLinux is a great example Wikipedia begs to differ. From my apparmor link: "AppArmor is offered in part as an alternative to SELinux, which critics consider difficult for administrators to set up and maintain." Too difficult for admins! This just keeps getting more silly. True. SELinux blows your mind when you first start to use it. But isf yo have an issue, the SELinux maintainers jump on immediately. Typically issues are fix in a day. Try that with M$. AppArmor wants your money. |
#120
|
|||
|
|||
Reason *TO* pick on Windows 10
On 3/12/19 8:31 AM, Mayayana wrote:
An easy-to-use firewall that pops up an informative dialogue whenever anything wants to go out and lets me choose whether to allow it. If that is more important than the eight technical issues shown in the original post, then that is you decision to make. If a nice firewall GUI is holing you us, yo could always make your case to firewalld's developers. It is open source. With your background, I am sure they'd appreciate your input. Every try to get M$ to fix anything? |
Thread Tools | |
Display Modes | Rate This Thread |
|
|