20141022-2 选题

sources/talk/20141022 FOSS and the Fear Factor.md

@@ -0,0 +1,131 @@
+FOSS and the Fear Factor
+================================================================================
+![](http://www.linuxinsider.com/ai/181807/foss-open-source-security.jpg)
+
+> "'Many eyes' is a complete and total myth," said SoylentNews' hairyfeet. "I bet my last dollar that if you looked at every.single.package. that makes up your most popular distros and then looked at how many have actually downloaded the source for those various packages, you'd find that there is less than 30 percent ... that are downloaded by anybody but the guys that actually maintain the things."
+
+In a world that's been dominated for far too long by the [Systemd Inferno][1], Linux fans will have to be forgiven if they seize perhaps a bit too gleefully upon the scraps of cheerful news that come along on any given day.
+
+Of course, for cheerful news, there's never any better place to look than the [Reglue][2] effort. Run by longtime Linux advocate and all-around-hero-for-kids Ken Starks, as alert readers [may recall][3], Reglue just last week launched a brand-new [fundraising effort][4] on Indiegogo to support its efforts over the coming year.
+
+Since 2005, Reglue has placed more than 1,600 donated and then refurbished computers into the homes of financially disadvantaged kids in Central Texas. Over the next year, it aims to place 200 more, as well as paying for the first 90 days of Internet connection for each of them.
+
+"As overused as the term is, the 'Digital Divide' is alive and well in some parts of America," Starks explained. "We will bridge that divide where we can."
+
+How's that for a heaping helping of hope and inspiration?
+
+### Windows as Attack Vector ###
+
+![](http://www.linuxinsider.com/images/article_images/linuxgirl_bg_pinkswirl_150x245.jpg)
+
+Offering discouraged FOSS fans a bit of well-earned validation, meanwhile -- and perhaps even a bit of levity -- is the news that Russian hackers apparently have begun using Windows as a weapon against the rest of the world.
+
+"Russian hackers use Windows against NATO" is the [headline][5] over at Fortune, making it plain for all the world to see that Windows isn't the bastion of security some might say it is.
+
+The sarcasm is [knee-deep][6] in the comments section on Google+ over that one.
+
+### 'Hackers Shake Confidence'  ###
+
+Of course, malicious hacking is no laughing matter, and the FOSS world has gotten a bitter taste of the effects for itself in recent months with the Heartbleed and Shellshock flaws, to name just two.
+
+Has it been enough to scare Linux aficionados away?
+
+That essentially is [the suggestion][7] over at Bloomberg, whose story, entitled "Hackers Shake Confidence in 1980s Free Software Idealism," has gotten more than a few FOSS fans' knickers in a twist.
+
+### 'No Software Is Perfect'  ###
+
+"None of this has shaken my confidence in the slightest," asserted [Linux Rants][8] blogger Mike Stone down at the blogosphere's Broken Windows Lounge, for instance.
+
+"I remember a time when you couldn't put a Windows machine on the network without firewall software or it would be infected with viruses/malware in seconds," he explained. "I don't recall the articles claiming that confidence had been shaken in Microsoft.
+
+"The fact of the matter is that no software is perfect, not even FOSS, but it comes closer than the alternatives," Stone opined.
+
+### 'My Faith Is Just Fine' ###
+
+"It is hard to even begin to get into where the Bloomberg article fails," began consultant and [Slashdot][9] blogger Gerhard Mack.
+
+"For one, decompilers have existed for ages and allow black hats to find flaws in proprietary software, so the black-hats can find problems but cannot admit they found them let alone fix them," Mack explained. "Secondly, it has been a long time since most open source was volunteer-written, and most contributions need to be paid.
+
+"The author goes on to rip into people who use open source for not contributing monetarily, when most of the listed companies are already Linux Foundation members, so they are already contributing," he added.
+
+In short, "my faith in open source is just fine, and no clickbait Bloomberg article will change that," Mack concluded.
+
+### 'The Author Is Wrong' ###
+
+"Clickbait" is also the term Google+ blogger Alessandro Ebersol chose to describe the Bloomberg account.
+
+"I could not see the point the author was trying to make, except sensationalism and views," he told Linux Girl.
+
+"The author is wrong," Ebersol charged. "He should educate himself on the topic. The flaws are results of lack of funding, and too many corporations taking advantage of free software and giving nothing back."
+
+Moreover, "I still believe that a piece of code that can be studied and checked by many is far more secure than a piece made by a few," Google+ blogger Gonzalo Velasco C. chimed in.
+
+"All the rumors that FLOSS is as weak as proprietary software are only [FUD][10] -- period," he said. "It is even more sad when it comes from private companies that drink in the FLOSS fountain."
+
+### 'Source Helps Ensure Security'  ###
+
+Chris Travers, a [blogger][11] who works on the [LedgerSMB][12] project, had a similar view.
+
+"I do think that having the source available helps ensure security for well-designed, well-maintained software," he began.
+
+"Those of us who do development on such software must necessarily approach the security process under a different set of constraints than proprietary vendors do," Travers explained.
+
+"Since our code changes are public, when we release a security fix this also provides effectively full disclosure," he said, "ensuring that the concerns for unpatched systems are higher than they would be for proprietary solutions absent full disclosure."
+
+At the same time, "this disclosure cuts both ways, as software security vendors can use this to provide further testing and uncover more problems," Travers pointed out. "In the long run, this leads to more secure software, but in the short run it has security costs for users."
+
+Bottom line: "If there is good communication with the community, if there is good software maintenance and if there is good design," he said, "then the software will be secure."
+
+### 'Source Code Isn't Magic Fairy Dust' ###
+
+SoylentNews blogger hairyfeet had a very different view.
+
+"'Many eyes' is a complete and total myth," hairyfeet charged. "I bet my last dollar that if you looked at every.single.package. that makes up your most popular distros and then looked at how many have actually downloaded the source for those various packages, you'd find that there is less than 30 percent of the packages that are downloaded by anybody but the guys that actually maintain the things.
+
+"How many people have done a code audit on Firefox? [LibreOffice][13]? Gimp? I bet you won't find a single one, because everybody ASSUMES that somebody else did it," he added.
+
+"At the end of the day, Wall Street is finding out what guys like me have been saying for years: Source code isn't magic fairy dust that makes the bugs go away," hairyfeet observed.
+
+### 'No One Actually Looked at It' ###
+
+"The problem with [SSL][14] was that everyone assumed the code was good, but almost no one had actually looked at, so you never had the 'many eyeballs' making the bugs shallow," Google+ blogger Kevin O'Brien conceded.
+
+Still, "I think the methodology and the idealism are separable," he suggested. "Open source is a way of writing software in which the value created for everyone is much greater than the value captured by any one entity, which is why it is so powerful.
+
+"The idea that corporate contributions somehow sully the purity is a stupid idea," added O'Brien. "Corporate involvement is not inherently bad; what is bad is trying to lock other people out of the value created. Many companies handle this well, such as Red Hat."
+
+### 'The Right Way to Do IT' ###
+
+Last but not least, "my confidence in FLOSS is unshaken," blogger [Robert Pogson][15] declared.
+
+"After all, I need software to run my computers, and as bad as some flaws are in FLOSS, that vulnerability pales into insignificance compared to the flaws in that other OS -- you know, the one that thinks images are executable and has so much complexity that no one, not even M$ with its $billions, can fix."
+
+FOSS is "the right way to do IT," Pogson added. "The world can and does make its own software, and the world has more and better programmers than the big corporations.
+
+"Those big corporations use FLOSS and should support FLOSS," he maintained, offering "thanks to the corporations who hire FLOSS programmers; sponsor websites, mirrors and projects; and who give back code -- the fuel in the FLOSS economy."
+
+--------------------------------------------------------------------------------
+
+via: http://www.linuxinsider.com/story/FOSS-and-the-Fear-Factor-81221.html
+
+作者：Katherine Noyes
+译者：[译者ID](https://github.com/译者ID)
+校对：[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译，[Linux中国](http://linux.cn/) 荣誉推出
+
+[1]:http://www.linuxinsider.com/perl/story/80980.html
+[2]:http://www.reglue.org/
+[3]:http://www.linuxinsider.com/story/78422.html
+[4]:https://www.indiegogo.com/projects/deleting-the-digital-divide-one-computer-at-a-time
+[5]:http://fortune.com/video/2014/10/14/russian-hackers-use-windows-against-nato/
+[6]:https://plus.google.com/+KatherineNoyes/posts/DQvRMekLHV4
+[7]:http://www.bloomberg.com/news/2014-10-14/hackers-shake-confidence-in-1980s-free-software-idealism.html
+[8]:http://linuxrants.com/
+[9]:http://slashdot.org/
+[10]:http://en.wikipedia.org/wiki/Fear,_uncertainty_and_doubt
+[11]:http://ledgersmbdev.blogspot.com/
+[12]:http://www.ledgersmb.org/
+[13]:http://www.libreoffice.org/
+[14]:http://en.wikipedia.org/wiki/Transport_Layer_Security
+[15]:http://mrpogson.com/

sources/tech/20141022 Wine 1.7.29 (Development Version) Released – Install in RedHat and Debian Based Systems.md

@@ -0,0 +1,96 @@
+Wine 1.7.29 (Development Version) Released – Install in RedHat and Debian Based Systems
+================================================================================
+**Wine**, a most popular and powerful open source application for Linux, that used to run Windows based applications and games on Linux Platform without any trouble.
+
+![Install Wine (Development Version) in Linux](http://www.tecmint.com/wp-content/uploads/2014/05/Install-Wine-Development-Version.png)
+
+Install Wine (Development Version) in Linux
+
+WineHQ team, recently announced a new development version of **Wine 1.7.29**. This new development build arrives with a number of new important features and **44** bug fixes.
+
+Wine team, keep releasing their development builds almost on weekly basis and adding numerous new features and fixes. Each new version brings support for new applications and games, making Wine a most popular and must have tool for every user, who want to run Windows based software in a Linux platform.
+
+According to the changelog, following key features are added in this release:
+
+- Added much improved shaping and BiDi mirroring in DirectWrite.
+- Few page fault handling problems have been udpated.
+- Included few more C runtime functions.
+- Various bug fixes.
+
+For more in-depth details about this build can be found at the official [changelog][1] page.
+
+This article guides you how to install most recent development version of **Wine 1.7.29** on **Red Hat** and **Debian** based systems such as CentOS, Fedora, Ubuntu, Linux Mint and other supported distributions.
+
+### Installing Wine 1.7.29 Development Version in Linux ###
+
+Unfortunately, there are no official Wine repository available for the **Red Hat** based systems and the only way to install Wine, is to compile it from source. To do this, you need to install some dependency packages such as gcc, flex, bison, libX11-devel freetype-devel and Development Tools, etc. These packages are must required to compile Wine from source. Let’s install them using following **YUM** command.
+
+### On RedHat, Fedora and CentOS ###
+
+    # yum -y groupinstall 'Development Tools'
+    # yum -y install flex bison libX11-devel freetype-devel
+
+Next, download the latest development version of Wine (i.e. **1.7.29**) and extract the source tallball package using the following commands.
+
+    $ cd /tmp
+    $ wget http://citylan.dl.sourceforge.net/project/wine/Source/wine-1.7.29.tar.bz2
+    $ tar -xvf wine-1.7.29.tar.bz2 -C /tmp/
+
+Now, it’s time to compile and build Wine installer using the following commands as normal user.
+
+Note: The installation process might take up-to **15-20** minutes depending upon your internet and hardware speed, during installation it will ask you to enter **root** password.
+
+#### On 32-Bit Systems ####
+
+    $ cd wine-1.7.29/
+    $ ./tools/wineinstall
+
+#### On 64-Bit Systems ####
+
+    $ cd wine-1.7.29/
+    $ ./configure --enable-win64
+    $ make
+    # make install
+
+### On Ubuntu, Debian and Linux Mint ###
+
+Under **Ubuntu** based systems, you can easily install the latest development build of Wine using the official **PPA**. Open a terminal and run the following commands with sudo privileges.
+
+    $ sudo add-apt-repository ppa:ubuntu-wine/ppa 
+    $ sudo apt-get update
+    $ sudo apt-get install wine 1.7 winetricks
+
+**Note**: At the time of writing this article, available version was **1.7.26** and the new build not yet updated in official Wine Repository, but the above instructions will install **1.7.29** when they made available.
+
+Once the installation completes successfully, you can install or run any windows based applications or games using wine as shown below.
+
+    $ wine notepad
+    $ wine notepad.exe 
+    $ wine c:\\windows\\notepad.exe
+
+**Note**: Please remember, this is a development build and cannot be installed or used on production systems. It is advised to use this version only for testing purpose.
+
+If you’re looking for a most recent stable version of Wine, you can go through our following articles, that describes how to install most latest version on almost all Linux environments.
+
+- [Install Wine 1.6.2 (Stable) in RHEL, CentOS and Fedora][2]
+- [Install Wine 1.6.2 (Stable) in Debian, Ubuntu and Mint][3]
+
+### Reference Links ###
+
+- [WineHQ Homepage][4]
+
+--------------------------------------------------------------------------------
+
+via: http://www.tecmint.com/install-wine-in-linux/
+
+作者：[Ravi Saive][a]
+译者：[译者ID](https://github.com/译者ID)
+校对：[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译，[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://www.tecmint.com/author/admin/
+[1]:http://www.winehq.org/announce/1.7.29
+[2]:http://www.tecmint.com/install-wine-in-rhel-centos-and-fedora/
+[3]:http://www.tecmint.com/install-wine-on-ubuntu-and-linux-mint/
+[4]:http://www.winehq.org/