Someone took all my creative juices and made a smoothie.
Jason Mansfield is a software engineer, security enthusiast, and crazy thinker living in San Diego.
Tuesday, January 29, 2008
Monday, January 28, 2008
Debian vs Gentoo
At work we were asked via email what we liked about Debian. This is my response:
I came to Debian from Gentoo and have found that everything that is a pain in Gentoo is sensible in Debian. For most of the things that are well done in Gentoo have comparable features in Debian.
In Gentoo, I have an incredible amount of control over my packaging. In Gentoo I can choose to have certain features included or omitted in a package without much effort. This reduces software bloat and reduces the potential points of failure/insecurity in a given piece of software. Package dependencies are usually handled very well and it’s easy to find and get information about packages. In Gentoo it’s trivial to install an unstable version of a specific package and restrict any package to certain versions (or to accept an unstable package up to a certain version). Gentoo cleanly separates configs for services and service startup. Gentoo is an awesome system to get things just the way you like them.
The problem with this level of detail and configurability is the need to actually manage it. Because Gentoo as an OS doesn’t have a version, sometimes you’ll perform regular updates and break a service: this is normally handled by having a new OS version, forcing you to reconfigure things intentionally. Debian makes intelligent decisions about when a new, incompatible version should be made available simply as a new package version or as part of the next OS version. Gentoo’s incredible detail and flexibility means that you have to consider the details and possibilities for each package that you install. While Debian doesn’t tend to offer you choices within a specific package it does make intelligent decisions as to when to split something into multiple packages, when certain things should be defaults, and when certain things should go through a post-config dialog. Package updates in Gentoo are like russian roulette while in Debian they’re just routine package updates.
Gentoo tries to make absolutely no assumptions about what you want. Debian assumes that you want a stable, easy to configure and maintain linux system and acts accordingly.
Debian vs Gentoo
At work we were asked via email what we liked about Debian. This is my response:
I came to Debian from Gentoo and have found that everything that is a pain in Gentoo is sensible in Debian. For most of the things that are well done in Gentoo have comparable features in Debian.
In Gentoo, I have an incredible amount of control over my packaging. In Gentoo I can choose to have certain features included or omitted in a package without much effort. This reduces software bloat and reduces the potential points of failure/insecurity in a given piece of software. Package dependencies are usually handled very well and it’s easy to find and get information about packages. In Gentoo it’s trivial to install an unstable version of a specific package and restrict any package to certain versions (or to accept an unstable package up to a certain version). Gentoo cleanly separates configs for services and service startup. Gentoo is an awesome system to get things just the way you like them.
The problem with this level of detail and configurability is the need to actually manage it. Because Gentoo as an OS doesn’t have a version, sometimes you’ll perform regular updates and break a service: this is normally handled by having a new OS version, forcing you to reconfigure things intentionally. Debian makes intelligent decisions about when a new, incompatible version should be made available simply as a new package version or as part of the next OS version. Gentoo’s incredible detail and flexibility means that you have to consider the details and possibilities for each package that you install. While Debian doesn’t tend to offer you choices within a specific package it does make intelligent decisions as to when to split something into multiple packages, when certain things should be defaults, and when certain things should go through a post-config dialog. Package updates in Gentoo are like russian roulette while in Debian they’re just routine package updates.
Gentoo tries to make absolutely no assumptions about what you want. Debian assumes that you want a stable, easy to configure and maintain linux system and acts accordingly.
Thursday, January 24, 2008
KDE 4.0 Screenshots Tour
I went through this KDE 4.0 screenshots tour to check it out. I can’t say I’m thoroughly impressed.
I’ve been using KDE for years and have loved it. I’ve been using a Mac for almost a year and I love that too. Given my experience with the two I think the new KDE looks good and all but I’m really unimpressed. I’ve read elsewhere that 4.1 is supposed to be the real deal. Let’s hope so. The above tour makes it look like they’re mostly just reimplementing features that Mac users have enjoyed for years. I think KDE 4.0 could beat the crap out of GNOME if they put a lot of work into integrating applications with DCOP or DCOP’s successor so KDE users can enjoy things that Mac+AppleScript+Quicksilver have enjoyed for years. I keep making comparisons to Mac because Mac really has created innovation on the desktop. While I think that KDE just isn’t stacking up, given that it’s FOSS I think it’s great.
KDE 4.0 Screenshots Tour
I went through this KDE 4.0 screenshots tour to check it out. I can’t say I’m thoroughly impressed.
I’ve been using KDE for years and have loved it. I’ve been using a Mac for almost a year and I love that too. Given my experience with the two I think the new KDE looks good and all but I’m really unimpressed. I’ve read elsewhere that 4.1 is supposed to be the real deal. Let’s hope so. The above tour makes it look like they’re mostly just reimplementing features that Mac users have enjoyed for years. I think KDE 4.0 could beat the crap out of GNOME if they put a lot of work into integrating applications with DCOP or DCOP’s successor so KDE users can enjoy things that Mac+AppleScript+Quicksilver have enjoyed for years. I keep making comparisons to Mac because Mac really has created innovation on the desktop. While I think that KDE just isn’t stacking up, given that it’s FOSS I think it’s great.
Thursday, January 3, 2008
Pizza Hut Password
I like ordering pizza online because it’s really convenient. My preference is Papa John’s but I make concessions for others. I ordered pizza a while back from Pizza Hut (using nyms for the email address) and everything went okay.
I went back this evening but had forgotten my one-off password. I used their password reset and what did I get in my email? My original password. In cleartext. Normally the way this works is they email you a link that you can click on to set a new password. The link is only sent to your email so hopefully you’re the only person that gets it. The link in the email is specific to you and will eventually expire. Apparently, Pizza software developers have never actually used any other e-commerce systems, or forum or news or blog or any other system that uses a password either.
Now more than ever I’m making sure I use unique, randomly-generated password for everything and if I lose it, so be it.