Hidden-code flaw in Windows renews worries over stealthly malware

"Last week, the Internet Storm Center, a group of security professionals
that track threats on the Net, flagged a flaw in how a common Microsoft
Windows utility and several anti-spyware utilities detect system changes
made by malicious software. By using long names for registry keys, spyware
programs could, in a simple way, hide from such utilities yet still force
the system to run the malicious program every time the compromised computer
starts up."

http://www.securityfocus.com/news/11300

Im

Well, the Windoze Registry has blossomed from an ill-conceived concept
in Win95 to the sprawling, totally out-of-control nightmare that it now
is. It is totally beyond redemption, and I would challenge anyone that
claims to know what every single entry in the Registry is, or does.

e.g. WTF? {2D18D25D-8E3D-F766-DF01-828AAC3A96F8} etc, etc

OK this is not code, but I think the quote still applies - Eric Raymond
"Elegant code is not only correct, but visibly, transparently correct."

I suppose Jim will disagree ;)

Imhotep wrote:
> "Last week, the Internet Storm Center, a group of security professionals
> that track threats on the Net, flagged a flaw in how a common Microsoft
> Windows utility and several anti-spyware utilities detect system changes
> made by malicious software. By using long names for registry keys, spyware
> programs could, in a simple way, hide from such utilities yet still force
> the system to run the malicious program every time the compromised computer
> starts up."
>
> http://www.securityfocus.com/news/11300
>
> Im

Steve Welsh wrote:

> Well, the Windoze Registry has blossomed from an ill-conceived concept
> in Win95 to the sprawling, totally out-of-control nightmare that it now
> is. It is totally beyond redemption, and I would challenge anyone that
> claims to know what every single entry in the Registry is, or does.
>
> e.g. WTF? {2D18D25D-8E3D-F766-DF01-828AAC3A96F8} etc, etc
>
> OK this is not code, but I think the quote still applies - Eric Raymond
> "Elegant code is not only correct, but visibly, transparently correct."
>
> I suppose Jim will disagree ;)
>
> Imhotep wrote:
>> "Last week, the Internet Storm Center, a group of security professionals
>> that track threats on the Net, flagged a flaw in how a common Microsoft
>> Windows utility and several anti-spyware utilities detect system changes
>> made by malicious software. By using long names for registry keys,
>> spyware programs could, in a simple way, hide from such utilities yet
>> still force the system to run the malicious program every time the
>> compromised computer starts up."
>>
>> http://www.securityfocus.com/news/11300
>>
>> Im

Yes, I agree with you. The registry was intentionally made overly complex as
to force companies to become a "Microsoft partner". In doing so, it has
augmented into a sloppy beast ripe for hackers/crackers.

I still the the old Linux/Bsd way: A simple configuration file the you can
edit with any text processor. Clean and simple...

Imhotep

In the Usenet newsgroup alt.computer.security, in article
<TmvRe.97175$dJ5.76786@tornado.tampabay.rr.com>, Imhotep wrote:

>Yes, I agree with you. The registry was intentionally made overly complex
>as to force companies to become a "Microsoft partner". In doing so, it has
>augmented into a sloppy beast ripe for hackers/crackers.

It's also one massive single point of failure. If it gets trashed for any
reason, your box is setting there totally screwed. At least with the Mac
from that era, if it couldn't boot, it gave you an icon of a sick looking
computer and asked for a boot floppy.

>I still the the old Linux/Bsd way: A simple configuration file the you can

s/Linux\/Bsd/UNIX/

>edit with any text processor. Clean and simple...

Simple???

[compton ~]$ wc -l /etc/sendmail.cf
1490 /etc/sendmail.cf
[compton ~]$

When I started using Linux in 1994, I probably wasted a day or two trying
to read the stupid boot scripts. Miquel van Smoorenburg started that mess,
and others took it and ran with it. The guys REALLY knew the nitty-gritties
of Bourne shell scripting, but they absolutely flaunted it. Eric Raymond's
quote "Elegant code is not only correct, but visibly, transparently correct."
was NOT followed. And yes, I do know something about shell scripting, as
I've been using UNIX since 4.1BSD (and I _still_ hate csh).

As far as editing with "any text processor", you do have to be aware that
some "user friendly" editors (pico - the skript kiddiez friend is one
example) auto-wrap lines longer than 70-odd characters at a word break,
and that will screw up your day just fine.

Old guy

>>edit with any text processor. Clean and simple...
>
> Simple???
>
> [compton ~]$ wc -l /etc/sendmail.cf
> 1490 /etc/sendmail.cf
> [compton ~]$

Bah, play fair, that's 90% comments.

[mail /root]# cat /etc/mail/sendmail.cf | wc -l
1127
[mail /root]# cat /etc/mail/sendmail.cf | grep -v # | wc -l
84
[mail /root]#

> example) auto-wrap lines longer than 70-odd characters at a word break,
> and that will screw up your day just fine.

and of course when it wraps you can back space and remove the wrapping
until you edit the line again... or convert to a real editor... like vim
or emacs or... ed (j/k) ;)

--
Shadus

On 2005-09-01, Jim Watt <jimwatt@aol.no_way> blabbed:
> I gave up on SCO because of editing in vi
Lol, vi (vim specifically) is my favorite editor. It's simple,
powerful, and does everything I could want out of an editor for source
code, text files, configs, etc. I can use emacs in a pinch, jed, jove,
pico, nano, whatever. I prefer vi, even use it in windows when I'm
forced to work there.

To give up an entire os because you don't like/can't grasp its default
editor seems... eh nevermind, it speaks for itself.

> All this cryptic stuff is very fine, but these days now
> storage is cheap its utility is outweighed by the trouble
> in learning it and getting it right.
I don't understand what you think is cryptic, especially since the
original thread regarded the registery if I remember right. The
original point if memory serves was that unix config files are much
simplier than the registry and safer too since a single change in one
value won't leave your machine in an unbootable state.

> My first job was maintaining programs written in machine
> code without any documentation, it taught me that often
> the readable version is better.
Which is why all the good commenting in most unix config files is really
nice... compared to the registry, especially when dealing with 3rd party
applications and programs which may or may not have a key there that is
required... shrug, I'll stick to configs.

--
Shadus

In the Usenet newsgroup alt.computer.security, in article
<-v2dnYb6s5dc_IreRVn-3w@giganews.com>, Shadus wrote:

>> Simple???
>>
>> [compton ~]$ wc -l /etc/sendmail.cf
>> 1490 /etc/sendmail.cf
>> [compton ~]$
>
>Bah, play fair, that's 90% comments.

Yet even sendmail.org doesn't recommend messing with the .cf file, wanting
you to use the sendmail.mc file - not that it's a whole lot easier to
understand.

>and of course when it wraps you can back space and remove the wrapping
>until you edit the line again...

man pico and look for the -w option

>or convert to a real editor... like vim or emacs or... ed (j/k) ;)

or 'echo' ;-)

The problem with "real editors" other than "/bin/vi" (which given the
license problems is often a link to or a subset of a vi clone) is that they
are often not available when you need them. Yes, you should also have the
even more "user unfriendly" /bin/ed, and most vi users know enough of the
commands to get ed to do something useful. :wq!

Old guy

Jim Watt wrote:
> On Fri, 02 Sep 2005 10:01:22 -0500, Shadus <shadus@shadus.org> wrote:
>
>
>>I don't understand what you think is cryptic,
>
>
> [compton ~]$ wc -l /etc/sendmail.cf
> 1490 /etc/sendmail.cf
> [compton ~]$
>
> Explain in English

NAME
wc -- word, line, character, and byte count

SYNOPSIS
wc [-clmw] [file ...]

DESCRIPTION
The wc utility displays the number of lines, words, and bytes contained in
each input file (or standard input, by default) to the standard output. A
line is defined as a string of characters delimited by a <newline>
character, and a word is defined as a string of characters delimited by
white space characters. White space characters are the set of characters
for which the isspace(3) function returns true. If more than one input
file is specified, a line of cumulative counts for all the files is
displayed on a separate line after the output for the last file.

Looks like there's 1490 lines in your sendmail.cf file, if I read the
manpage correctly. Sounds pretty simple to me, but then again, it's
written in English, so I could be wrong..

"Shadus" <shadus@shadus.org> wrote in message
news:HvydnXg-zJ7f9IXeRVn-sA@giganews.com...
> On 2005-09-01, Jim Watt <jimwatt@aol.no_way> blabbed:
> > I gave up on SCO because of editing in vi
> Lol, vi (vim specifically) is my favorite editor. It's simple,
> powerful, and does everything I could want out of an editor for source
> code, text files, configs, etc. I can use emacs in a pinch, jed, jove,
> pico, nano, whatever. I prefer vi, even use it in windows when I'm
> forced to work there.
>
> To give up an entire os because you don't like/can't grasp its default
> editor seems... eh nevermind, it speaks for itself.
>
> > All this cryptic stuff is very fine, but these days now
> > storage is cheap its utility is outweighed by the trouble
> > in learning it and getting it right.
> I don't understand what you think is cryptic, especially since the
> original thread regarded the registery if I remember right. The
> original point if memory serves was that unix config files are much
> simplier than the registry and safer too since a single change in one
> value won't leave your machine in an unbootable state.

LMAO on that one - VI is a perfectly reasonable line editor (first used 'em
on Cyber mainframes), but a fairly poor excuse for the FSEs that emerged in
the 1980s. Heck, EVE showed how to convert a perfectly good VAX line-editor
into an excellent FSE. More than two decades ago.

And even modern editors could learn a few tricks from the 300kB or so of
MultiEdit (1988, DOS 3.01 or higher, if memory serves).

Anyway - the argument's pointless unless you've ever used CED Pro 2.
Blitters /rock/, when it comes to editing ;o)

--

Hairy One Kenobi

Disclaimer: the opinions expressed in this opinion do not necessarily
reflect the opinions of the highly-opinionated person expressing the opinion
in the first place. So there!

On Sat, 3 Sep 2005, Hairy One Kenobi wrote:

> "Shadus" <shadus@shadus.org> wrote in message
> news:HvydnXg-zJ7f9IXeRVn-sA@giganews.com...
>> On 2005-09-01, Jim Watt <jimwatt@aol.no_way> blabbed:
>>> I gave up on SCO because of editing in vi
>> Lol, vi (vim specifically) is my favorite editor. It's simple,
>> powerful, and does everything I could want out of an editor for source
>> code, text files, configs, etc. I can use emacs in a pinch, jed, jove,
>> pico, nano, whatever. I prefer vi, even use it in windows when I'm
>> forced to work there.
>>
>> To give up an entire os because you don't like/can't grasp its default
>> editor seems... eh nevermind, it speaks for itself.
>>
>>> All this cryptic stuff is very fine, but these days now
>>> storage is cheap its utility is outweighed by the trouble
>>> in learning it and getting it right.
>> I don't understand what you think is cryptic, especially since the
>> original thread regarded the registery if I remember right. The
>> original point if memory serves was that unix config files are much
>> simplier than the registry and safer too since a single change in one
>> value won't leave your machine in an unbootable state.
>
> LMAO on that one - VI is a perfectly reasonable line editor (first used 'em
> on Cyber mainframes), but a fairly poor excuse for the FSEs that emerged in
> the 1980s.

LMAO on that one. "ed" is the line editor, "vi" is the full screen editor.
vim is an incredibly powerful editor -- if you can learn how to use it.
Most people don't. And vim with config files is wonderful -- it
understands the syntax of many file types and highlights the various items
appropriately. If you are going to edit html files in a text editor, vim
is probably what you want to use.

But vi/vim's most powerful attribute is that it is available on just about
every *nix platform (although, for some strange reason, Gentoo uses pico
as its default).

Anyway, back to the original comment about the registry vs. config files:
yes some config files for *nix applications are complex, however, many are
quite simple and most contain detailed comments. I don't recall any
comments in the registry....

"Whoever" <nobody@devnull.none> wrote in message
news:Pine.LNX.4.63.0509022256350.27348@localhost.l ocaldomain...
> On Sat, 3 Sep 2005, Hairy One Kenobi wrote:

<snip>

> > LMAO on that one - VI is a perfectly reasonable line editor (first used
'em
> > on Cyber mainframes), but a fairly poor excuse for the FSEs that emerged
in
> > the 1980s.
>
> LMAO on that one. "ed" is the line editor, "vi" is the full screen editor.

Take a closer look at the command structure... an FSE doesn't require a
keypress to (say) change a character in the display.

That makes it - as I said - a poor excuse for an FSE coded in th last
quarter-century. EVE (an FSE sitting on top of EDT) showed how to do it
/properly/...

> Anyway, back to the original comment about the registry vs. config files:
> yes some config files for *nix applications are complex, however, many are
> quite simple and most contain detailed comments. I don't recall any
> comments in the registry....

Because an end user is supposed to be using the configuration tool, rather
than low-level editing? In the sixties and seventies, use of multiple config
files, shotgunned over every device on a system, was the norm. The registry
concept merged all of this into a single location - older versions of
Windows were just as guilty as everyone else at peppering your disks with
hard-to-find, hard-to-backup files.

Can't see what all the fuss is about.. unless you would care to argue about
piss-poor use of which sections in the registry bad developers tend to use?
Requiring admin rights?

H1K

Moe Trin wrote:

> In the Usenet newsgroup alt.computer.security, in article
> <TmvRe.97175$dJ5.76786@tornado.tampabay.rr.com>, Imhotep wrote:
>
>>Yes, I agree with you. The registry was intentionally made overly complex
>>as to force companies to become a "Microsoft partner". In doing so, it has
>>augmented into a sloppy beast ripe for hackers/crackers.
>
> It's also one massive single point of failure. If it gets trashed for any
> reason, your box is setting there totally screwed. At least with the Mac
> from that era, if it couldn't boot, it gave you an icon of a sick looking
> computer and asked for a boot floppy.
>
>>I still the the old Linux/Bsd way: A simple configuration file the you can
>
> s/Linux\/Bsd/UNIX/

:-)

>>edit with any text processor. Clean and simple...
>
> Simple???

At least compared to a registry....
:-)

> [compton ~]$ wc -l /etc/sendmail.cf
> 1490 /etc/sendmail.cf
> [compton ~]$
>
> When I started using Linux in 1994, I probably wasted a day or two trying
> to read the stupid boot scripts. Miquel van Smoorenburg started that mess,
> and others took it and ran with it. The guys REALLY knew the
> nitty-gritties of Bourne shell scripting, but they absolutely flaunted it.
> Eric Raymond's quote "Elegant code is not only correct, but visibly,
> transparently correct." was NOT followed. And yes, I do know something
> about shell scripting, as I've been using UNIX since 4.1BSD (and I _still_
> hate csh).

What do you prefer? zsh?

> As far as editing with "any text processor", you do have to be aware that
> some "user friendly" editors (pico - the skript kiddiez friend is one
> example) auto-wrap lines longer than 70-odd characters at a word break,
> and that will screw up your day just fine.

Ah come on EMACS baby!!! (I bet your a vi guy!)

Imhotep

> Old guy

Shadus wrote:

> On 2005-09-01, Jim Watt <jimwatt@aol.no_way> blabbed:
>> I gave up on SCO because of editing in vi
> Lol, vi (vim specifically) is my favorite editor. It's simple,
> powerful, and does everything I could want out of an editor for source
> code, text files, configs, etc. I can use emacs in a pinch, jed, jove,
> pico, nano, whatever. I prefer vi, even use it in windows when I'm
> forced to work there.

Are there no Emacs guys/girls around here????


> To give up an entire os because you don't like/can't grasp its default
> editor seems... eh nevermind, it speaks for itself.
>
>> All this cryptic stuff is very fine, but these days now
>> storage is cheap its utility is outweighed by the trouble
>> in learning it and getting it right.
> I don't understand what you think is cryptic, especially since the
> original thread regarded the registery if I remember right. The
> original point if memory serves was that unix config files are much
> simplier than the registry and safer too since a single change in one
> value won't leave your machine in an unbootable state.
>
>> My first job was maintaining programs written in machine
>> code without any documentation, it taught me that often
>> the readable version is better.
> Which is why all the good commenting in most unix config files is really
> nice... compared to the registry, especially when dealing with 3rd party
> applications and programs which may or may not have a key there that is
> required... shrug, I'll stick to configs.
>


Im

Jim Watt wrote:
<snip>
> But this is yet another bit of MS bashing which is getting tedious.

Why is it whenever anyone criticizes MS you always use that lame ass excuse
about bashing?

It is a fact, the registry sucks...

> --
> Jim Watt
> http://www.gibnet.com

"Imhotep" <Imhotep@nospam.net> wrote in message
news:fZWdnQgnfrnPlofeRVn-hw@adelphia.com...
> Shadus wrote:

<snip>

> Are there no Emacs guys/girls around here????

Used to be (on the Amiga).

CED Pro 2 knocked it into a cocked hat.. as did MultiEdit on the PC
(required MS-DOS 3.02, though, IIRC. A pain on certain machines of the day)

That said, I stayed clear of buying my own PC until something half decent
came out (Windows 3.1, rapidly upgraded to a 3.11 hybrid)

--

Hairy One Kenobi

Disclaimer: the opinions expressed in this opinion do not necessarily
reflect the opinions of the highly-opinionated person expressing the opinion
in the first place. So there!

In the Usenet newsgroup alt.computer.security, in article
<fZWdnQknfrlCl4feRVn-hw@adelphia.com>, Imhotep wrote:

>Moe Trin wrote:
>
>> I've been using UNIX since 4.1BSD (and I _still_ hate csh).

>What do you prefer? zsh?

I stay with the Bourne shell - either direct, or BASH, and on rare
occasions the Korn shell.

>Ah come on EMACS baby!!! (I bet your a vi guy!)

---------------------
EMACS == Eight Megs And Constantly Swapping
---------------------
"Emacs is a great OS. The only thing it lacks is a decent editor."
---------------------
Computers tend to come with at least 512Mb RAM these days. Half for X,
half for emacs, what's the problem?
---------------------
"Thanks to the joint efforts of OpenOffice, Mozilla, and a few others, Emacs
officially entered the category of lightweight utilities." -- kalifa on /.
---------------------

So, when the computer is sick and barely able to open one eye - what do
you have access to? EMACS? Heck, if you're lucky, you have vi - maybe
only ed - otherwise, it's 'echo', redirection, and filename globbing.
That's why I've stuck with vi over the years.

Old guy

Moe Trin wrote:

> In the Usenet newsgroup alt.computer.security, in article
> <fZWdnQknfrlCl4feRVn-hw@adelphia.com>, Imhotep wrote:
>
>>Moe Trin wrote:
>>
>>> I've been using UNIX since 4.1BSD (and I _still_ hate csh).
>
>>What do you prefer? zsh?
>
> I stay with the Bourne shell - either direct, or BASH, and on rare
> occasions the Korn shell.
>
>>Ah come on EMACS baby!!! (I bet your a vi guy!)
>
> ---------------------
> EMACS == Eight Megs And Constantly Swapping
> ---------------------
> "Emacs is a great OS. The only thing it lacks is a decent editor."
> ---------------------
> Computers tend to come with at least 512Mb RAM these days. Half for X,
> half for emacs, what's the problem?
> ---------------------
> "Thanks to the joint efforts of OpenOffice, Mozilla, and a few others,
> Emacs
> officially entered the category of lightweight utilities." -- kalifa on
> /. ---------------------
>
> So, when the computer is sick and barely able to open one eye - what do
> you have access to? EMACS? Heck, if you're lucky, you have vi - maybe
> only ed - otherwise, it's 'echo', redirection, and filename globbing.
> That's why I've stuck with vi over the years.
>
> Old guy

Oh man that was funny. I still love Emacs despite it's bloated code!

Imhotep

Jim Watt wrote:

> On Sat, 03 Sep 2005 16:49:23 -0400, Imhotep <Imhotep@nospam.net>
> wrote:
>
>>Jim Watt wrote:
>><snip>
>>> But this is yet another bit of MS bashing which is getting tedious.
>>
>>Why is it whenever anyone criticizes MS you always use that lame ass
>>excuse about bashing?
>
> Not 'anyone' just those who will critisise anything that MS do and
> anything I might say. Like yourself for example.
>
>>It is a fact, the registry sucks...
>
> in your opinion.
>
> --
> Jim Watt
> http://www.gibnet.com

Jim, this thread is about a Hidden Code flaw relating to the Windows
Registry. Keep to the topic...

"Imhotep" <Imhotep@nospam.net> wrote in message
news:V6-dndoYTK-ISIbeRVn-pQ@adelphia.com...

> Jim, this thread is about a Hidden Code flaw relating to the Windows
> Registry. Keep to the topic...

OK, here goes for the very first on-topic post of this thread ;o)

MS are, regrettably (for some), perfectly correct - it's Bad Programming in
things /running/ on Windows.

Easy to duplicate with an INI file - cripple the line length that an editor
will cope with to (say) 255 characters* and then try to edit an INI file
with a longer line lurking in there somewhere.

Volia! You've just duplicated the problem on a different platform.

So, now that we've sorted that out, back to Windows-bashing for everyone..?
:o)

H1K

*Or simply use an old version. IIRC, the old "short string" type originated
in UNIX. Some people still seem to use it, despite it having been replaced
by full null-terminated support when 32-bit Windows came along.

Hairy One Kenobi wrote:

> "Imhotep" <Imhotep@nospam.net> wrote in message
> news:V6-dndoYTK-ISIbeRVn-pQ@adelphia.com...
>
>> Jim, this thread is about a Hidden Code flaw relating to the Windows
>> Registry. Keep to the topic...
>
> OK, here goes for the very first on-topic post of this thread ;o)
>
> MS are, regrettably (for some), perfectly correct - it's Bad Programming
> in things /running/ on Windows.
>
> Easy to duplicate with an INI file - cripple the line length that an
> editor will cope with to (say) 255 characters* and then try to edit an INI
> file with a longer line lurking in there somewhere.
>
> Volia! You've just duplicated the problem on a different platform.

I believe you meant a different configuration source...

> So, now that we've sorted that out, back to Windows-bashing for
> everyone..?
> :o)

A criticism is bashing??? I guess it depends on which side you side
with....plus, face it, Microsoft just gives too much ammunition.

> H1K
>
> *Or simply use an old version. IIRC, the old "short string" type
> originated in UNIX. Some people still seem to use it, despite it having
> been replaced by full null-terminated support when 32-bit Windows came
> along.

"Imhotep" <Imhotep@nospam.net> wrote in message
news:ecCdnZ2dnZ0a8I-8nZ2dnecEgd6dnZ2dRVn-zp2dnZ0@adelphia.com...
> Hairy One Kenobi wrote:
>
> > "Imhotep" <Imhotep@nospam.net> wrote in message
> > news:V6-dndoYTK-ISIbeRVn-pQ@adelphia.com...
> >
> >> Jim, this thread is about a Hidden Code flaw relating to the Windows
> >> Registry. Keep to the topic...
> >
> > OK, here goes for the very first on-topic post of this thread ;o)
> >
> > MS are, regrettably (for some), perfectly correct - it's Bad Programming
> > in things /running/ on Windows.
> >
> > Easy to duplicate with an INI file - cripple the line length that an
> > editor will cope with to (say) 255 characters* and then try to edit an
INI
> > file with a longer line lurking in there somewhere.
> >
> > Volia! You've just duplicated the problem on a different platform.
>
> I believe you meant a different configuration source...

Nope. Unless you're claiming that (say) VI was never available under UNIX?

The same technique works.

> > So, now that we've sorted that out, back to Windows-bashing for
> > everyone..?
> > :o)
>
> A criticism is bashing??? I guess it depends on which side you side
> with....plus, face it, Microsoft just gives too much ammunition.

Unwarranted criticism, with no hope of sustaining a valid argument, is
"bashing".

The real arguments (away from this froup) have been varied and.. to be
honest, utterly pointless and inconsequential. Of no more interest to the
professional techie than the Ultrix beats VMS religious yawns^H^H^H^Hwars of
two decades' ago.

Sad to say - and please feel free to Google/Deja for the posts, excessive
and blindly illogical platform advocacy has actually /harmed/ adoption.

I'd be happy to argue the point (although this is hardly the correct
froup!). Let's take a specific example that we both know about: Ultrix.

Ultrix wasn't quite as greasy as Olson's "snake oil", but (i) failed basic
Y2k, (ii) had a sufficiently "blow chunks" IP stack to put-off many
professional developers, (iii) was noticeable inferior in a number of areas
to OpenVMS on a platform basis (SunOS was less crap, and significantly
cheaper when it came to hardware, OS, and layered products)

I've endured the IP stack; I've programmed non-transparent DECnet (thanks,
guys, for giving me a whole *two sentences* in the bleeding manual).

I've also done "stuff" with UNIX, DG RDOS (don't ask. No, really - the
machines came with hardware diagrams in the manual) and some even more
obscure platforms (Spirit-3).

Let me put it this way: I'm a /techie/.

But one that lives in (approximately) the Real World.

Rarely, I don't actually have a Linux platform to play with at home - RH
went Gnome on the installation, and some idiot didn't test how that worked
with a generic 15" flat-panel. Given that I needed the Ethereal
*application* rather urgently, I simply shoved Windows onto the box.
Couldn't be bothered with the Solaris box (other plans, application-wise).
Just got p*ssed-off with the failure of a perfectly good machine, and a
badly scratched "previous version" RH Linux CD (the *working* version,
running on the same physical machine).

Let's add to that an IBM mainframe emulator (license costs - let alone the
eye-watering cost of the two IBM [crap] SCSI disks that I'd have needed to
replace) meant that I wrote an emulator that runs on Windows. I'd /love/ to
have it on Kylix, but there doesn't seem to be anyone interested in that
particular project. So much for Linux Open-Source heroes.

In other words, it's the software and applications that count. Linux - in
one instance - found severely wanting. A lot of primarily Linux-based
software is still found wanting. And - like the average user or Corporate -
I'm only interested in applications. Do I really give a toss whether the
case is held together by Metric or Imperial screw-threads? I think not. And
that's of about as much interest as the OS. It's down to cost, cost of
support, and security.

Anyhow. I'm still mildly p*ssed (hence the mispetl novella I've just typed).
Where possible, I pick the best platform for the job; who knows, if
BSD^H^H^HMacOS on Intel is available soon, that'll probably join the mix.

Anyone that talks in absolutes ("myOS am best") is either unrealistic,
narrow-minded, or just plain arrogant. Or a combination.

If you can't find a use for Windows, or can't find a use for Linux, then
you're either not looking hard enough, bigoted, incompetent, or all three.
Or in a peculiarly specific industry (consultancy available to help ;o)

Oh, and apparently 70% on yer genuine line-of-business data is on an IBM
mainframe. Just a thought.

H1K