Er, wouldn't it be better to explain this with out tossing FUD around like some microsoft salesman? ... you mean Linux salesman... me thinks Shoot Yourself in the Foot? By loading a wireless driver? For god sakes give it a rest man! (depending on your card, and which "blob" you load into ndiswrapper) anyone with a couple of cute scripts (in close proximity) can dump a root
You sound like a tainted kernel is a hanging offense. Of course not, don't be silly, nobody said that.
80% of linux users are running tainted kernels. (I pulled that statistic out of my ass, - go ahead and prove me wrong). But the point is that (unlike Windoze users) you don't have to. If you want an open stable system that you can check, rely on, and get support for from the open linux kernel community you can... unless you taint the kernel... then you're on your own. Nobody is gonna hang you... but nobody is gonna help you either.
Taint simply means one is doing more with the machine than the original kernel developers were able to supply. It simply means you can take a module designed for another platform and run it in a sandbox and make it work in Linux. The solution is brilliant. No way. Carlos answered it well... but here's my two cents also... tainted means that you have tacked a piece of code (call it a blob) that no one can check (we don't know what it really does under its black cover) and
On Wednesday 20 September 2006 02:35, John Andersen wrote: package on your "tainted" system without you detecting it... take your files, modify your data, and leave your machine trashed. This has been demonstrated at the latest black hat convention very effectively. The reason for this is that many of the current drivers for Windoze are not robust enough to handle data overuns. If you are running ndiswrapper at your local wifi cafe you are vulnerable... if you don't like calling it "shooting yourself in the foot" then call it something else.... but it ain't gonna happen on my system. therefore no one can support. If you have enough of those blobs running along side your otherwise stable kernel then the kernel is unstable. This is the primary problem with Windoze.
If ndiswrapper is the only way you get you network card working you either open you wallet and fork over $35 for a card that works or climb down off your ivory tower and load ndiswrapper and go about your business.
True enough... no one said anything any different. I have used ndiswrapper myself; until I could build (or find) a better driver. But I knew the vulnerability and worked hard to correct it. Sometimes taking risks is necessary, but it should never be the status quo. Correct design and open philosophy are the best. And by the way... the hardware manufacturers that provide open source drivers for linux *are* the ones that will get my money for hardware... its called voting with your bill-fold.
There is ABSOLUTELY no evidence that open source drivers prevent the "wireless standards" from being "badly exposed with security holes". (whatever the hell that means). Untrue. What it means is that a well written driver... and most of them are not... will not allow root packages to be dumped onto the machine by using a buffer overun vulnerability. A closed driver cannot be changed and
therefore cannot be corrected quickly by the community; however, an open driver *can* be corrected quickly by the open source community to correct for the problem (patch and recompile) and eliminate the vulnerability. Also, anyone with the knowledge can *check* the code to see what it is doing should they suspect vulnerability or naughty programmer tricks. the black hat conference pretty definitely demonstrated the problem with most wifi cards/drivers and very assuredly proved my point here. Check it out...
Open source drivers have to ad-hear to the same standards. If WEP is broken and weak, it will still be broken and weak with open source drivers.
Let me summarize:
You don't like Windows. True enough. Ndiswrapper allows you to use windows drivers in Linux. Therefore, Ndiswrapper is evil. No. Ndiswrapper is a vulnerability with known risks.
Time to grow up Mr Harris. How rude. This isn't an issue of maturity. Buy what ever card you want but don't trash a very clever solution to migrating a product from one platform to another just because of your political beliefs. Nobody trashed anything. Another user wanted to know why some of the community look unfavorably on ndiswrapper... I answered him openly and honestly and told him the truth. Philosophically (not politically) I believe in the open source gpl commitment of the linux kernel development community--- I will try whenever asked to explain why openly and honestly so
See above. that the person asking the question has fair data on which to base their decision. I will at the same time not try to hide my anti-M$ bias. The M$ company has become evil in my opinion, and there is a better way. I think it is best for the community when we can discuss the reasons why in a very open and frank way. At the same time many of us are working hard to make sure that the mistakes of M$ are not replicated in the open linux community. -- Kind regards, M Harris <><