Dailydave mailing list archives
Mono, suse vs ubuntu
From: Dave Aitel <dave () immunityinc com>
Date: Fri, 10 Nov 2006 07:35:58 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 So it's definitely after installing pyMySQL and pyGTK and pyOpenSSL that you realize the whole point of Mono and Microsoft's CLR is to avoid having to write wrappers at all. There are whole huge projects writing wrappers for every C library in the world. pyGTK is a great example of a team doing such a thing. But the Common Language Runtime eliminates all that, with the penalty of everyone writing to the same generic VM. Of course, with the original CLR, you couldn't do Python and Ruby. But soon those will be first class members of the CLR family under Windows, and I assume Mono will follow fairly quickly. At that point, writing code in cPython or cRuby will become a rather silly idea, since something wrapped in Mono will will be available to both the Ruby and Python people equally well (or equally poorly.) But then, deploying software under this model is hugely painful. Want to make sure they have the right version of the Virtual Machine? Get ready to deploy your app with 2 gigs of random Mono directories. It's almost easier to deploy every app as a virtual appliance based on ubuntu. Anyways, this is my thought of the morning, because SuSE is the best operating system I've ever used, except for their software installation system, which is crap. Also, you need some sort of magical skill to understand what Novell AppArmor is all about, because the usability there is hard for even software security specialists. Security needs to be "Baked In" as they say, and not something the user has to click on. If I can't tell if AppArmor is doing anything useful, then for sure it's wasted space in the configuration menu. Things that rock about SuSE 10.0: o Default install looks and feels awesome. Wireless worked after some ndisdriver magic. Verizon EVDO card works better than it did under Windows and was a snap to set up. Suspend works (after adding vga=0 to kernel conf via pretty gui after console message told me too). Sound works. Ethernet magically works. Gnome's new sexy pop up messages make the whole system feel more responsive. o XGL make Windows people sad. It even makes Mac people sad. "Virtual Desktops? What's that?" It's better than Vista, and it's on your laptop right now with about 10 seconds of effort. o Nautilus has finally stopped crashing. o All of the custom Immunity software "just worked". SPIKE, CANVAS, etc. SPIKE is still quite useful. I know the press is just finding out that making small strings big can find security flaws, but it's fun to test software stacks with the old C SPIKE just because it's so much faster than they expect anything to happen to them. This week I crashed one of the bigger application server systems by using cSPIKE to just log in five hundred thousand times a second. Fun for the whole family! o No broken selinux that you have to disable to get anything done like fedora Things that suck about SuSE 10.0: o Installer retarded. In fact, entire software management system worst ever. Even Fedora is better. Example: Under fedora, if you want to go wild and crazy and get your VLC player for divx's, you browse to "Set up fedora to play divx" somewhere on the web, and there is a YUM repository (livna or something) and you just clickscript your way to divx, or whatever support you need. It always works. Under SuSE they have the "packman" repository, which will almost work, but then it will assume "perl" is a broken dependency that needs to be removed. I don't think so. o Mega-Old versions of Firefox and Thunderbird installed by default. Does anyone use Evolution? Why is this the default on anything? Ubuntu has the world's best software installer. What I really want here is a way to commercialize it. I want to have the user able to enter a username and password for canvas_ubuntu.immunityinc.com and then have their canvas get updated along with everything else on their system, passing that authentication down the line to our repository. Maybe someday. VMware would be nice to install this way too. They do appear to have completely ignored security in their development process, which is annoying. By installing GRSecurity in the default kernel, and going through some basic work to blacklist a few things that don't work with it (VMware, for instance), ubuntu could be a ton better. - -dave -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFFVHIqB8JNm+PA+iURAjd6AJ0WLZtABpuFdBNfvXnL0my8qRlJDACbBLF9 0EwPXGKTGeKNw4ln3HmVVEQ= =E2Lx -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Mono, suse vs ubuntu Dave Aitel (Nov 10)