Slashdot Mirror

6. You know it's encrypted because you googled iPhones and know that the any iPhone 3GS or above has encrypted memory that can be hacked quite easily

FTFY

Really.

Really.

Easily.

Is anyone outside m$ really considering letting them define what a freaking file is from now on after this?. But let's not get ahead of ourselves here. Surely once Microsoft has bullied their shit into everything once again, we can all trust them and no one will end up having to pay any kind of extortion racket like this, and this, this, this and this.

The real problem with prohibiting secure phoning is that criminals can also wiretap conversations.

Indeed now that SMS messages are used for two-factor authentication for many banks this is becoming a more common area of attack

No, he has a point.

Hockey Puck Mouse.
Apple "Cube."
Newton.
Apple Pippin.
Mac TV
Mac "Portable"
20th anniversary Mac
AppleWorks
QuickTake
eWorld
ROKR

Need I go on? Apple fanboys STILL try to defend these nightmare jokes of product.

For more: Perhaps this will help you along.

I checked out the demo again I tried a few similar phrases out in Vlingo, with various results. (To your first point, you're right. For whatever reason, it never occurred to me to ask my phone if I need an umbrella when I could simply ask for the weather. I'll take you at your word that I'm in the minority here.)

Anyhow, I dug up this article from 2010 which highlights some of the differences between Vlingo and Siri. They seem to take (in general) two different approaches to the same problem:
http://www.eweek.com/c/a/Mobile-and-Wireless/Vlingo-Answers-Apple-Siri-With-SuperDialer-for-Android-459856/

Back to the demo. Some of the things in the Siri demo are identical in Vlingo such as reading and replying to messages (the jogger in the demo says "read message" and "reply: defiantly, I'll see you there" keeping with the (rather sensible) command / data approach. Same with the "text [name] [message]" part.

It diverges somewhat for questions like "what's the traffic like around here" -- but that's not really interesting within a set of limited domains. It's similar to how Vlingo will give me a list of restaurants near me when I say "Mexican restaurants" or something similar -- snagging my location form the GPS and doing a specialized search like Siri does. Siri just seems to allow more free-form questions

I did try a few free-form inquiries with vlingo just to see what I could get it to do. I started with a simple "send a text to steve, how are you" instead of my normal "text steve message how are you" and they worked identically. The more complex "I'm hungry for Mexican food" snagged my location from GPS and pulled up a list of local Mexican restaraunts (with ratings, address, and a button to call them) just like my earlier, simpler, query. It looks like I'd need to try Siri out to really see how much they actually differ here.

The neat bit with Siri seems to happen with questions like "what about napa valley?" -- remembering the previous inquery and adjusting it and the subsequent reply. I'm curious to see how this will ultimately work in practice, however, as it doesn't seem too far removed from the average chat bot (which is sure to produce some bizarre results in response to odd phrasing or misinterpreted speech.) This isn't to say that it's not nifty, just that I expect it will function more like Alice than the Star Trek computer (the parallel the demo wants us to draw, obviously).

Ultimately, I'd really need to play with Siri for a bit to see how much they really differ and what advantages Siri's narrow-but-deep approach offers over Vlingo's broad-but-shallow approach.

Anyhow, having dug a bit deeper, I think I understand your point.

Who's to say what is legitimate? My mother has several "helper" apps installed on her PC right now that are known malware. I told her about it, showed her articles, but she *likes* her cute little animated cursor or talking pig or whatever it is. What do you do?

Parenthetically, Microsoft isn't just doing this to Google -- other products are also or have been mangled by the tool. I don't see any compelling evidence that M$ acted maliciously. Except of course for the standard maliciousness of choosing to test against their own products, and, you know, not anyone else's.

GSM is a more popular format worldwide because it is not patent-encumbered.

So it's not patent encumbered but Nokia sued Apple over GSM patents? Oh and this lack of patents was why Qualcomm Sued Nokia over GSM patents in 2005 as well, right? Are you an idiot, or what?

But I thought sending or receiving a SMS message was more expensive per MB than getting data from the Hubble Space Telescope. I suppose it is a workable solution if you really need data access but can't get it otherwise but I wonder about this since I also see stories about how excessive SMS messages going out over the control channels could overwhelm the cell network.

Well, I think the Comodohacker alluded that the DigiNotar's netHSM was hacked, which, if that's not bs, means that there could be a 0-day in OpenBSD. Or, maybe the so-called NETSEC backdoor is real and the dude is exploiting it.
Allegations of OpenBSD Backdoors May be True, Updated

Right. Because so many consumers, schools and businesses are buying Android tablets. [Nope. Not even close.

Meanwhile, the equally clueless marked your comment as insightful.

I've owned Nokia phones in the past, and have always considered them when it came time to buy a new one. But they just ensured that will never happen again. I can see maybe dabbling with Windows Phone and offering a few sets for variety... but when the news keeps showing that Windows Phone is DoA, I don't get why Nokia would bet everything on a sinking ship. Are they truly that suicidal?

The article you quoted is rubbish. Here's a comment from there:

One should invest in a little research before writing.

1) The 38% drop stems almost entirely from users moving from Windows Mobile to another platform. Windows Mobile is to Windows Phone 7 what the Newton is to the iPhone. Yes, Microsoft is losing to Android but so is Apple. And it is misleading to imply, as you did, that customers are leaving Windows Phone 7. This just isn't the case.

2) Mango was released to manufactures last month. This was reported by this same outlet that allowed you to publish such drivel. On second thought, you were right to ignore it. I wouldn't trust eWeek as a source either.

As to why Nokia switched: http://www.businessweek.com/magazine/content/11_24/b4232056703101.htm

Key takeaway is that hiring open source evangelists to design a mobile OS(i.e Meego) failed and they wouldn't have had enough devices running it. After the board realized that, they jettisoned the CEO and brought in Elop to get alternatives. Blackberry, HP and Google told him to take a hike so the only credible option left was WP7. Interesting angles that you don't see when you read Slashdot comments.

I've owned Nokia phones in the past, and have always considered them when it came time to buy a new one. But they just ensured that will never happen again. I can see maybe dabbling with Windows Phone and offering a few sets for variety... but when the news keeps showing that Windows Phone is DoA, I don't get why Nokia would bet everything on a sinking ship. Are they truly that suicidal?

And before making that choice you are not at all interested in seeing what they might come up with? Windows Phone isn't selling today precisely because of lack of serious handset maker support. But the next update that Nokia will use have got nothing but praise from people and reviewers who have actually seen it. And Nokia still knows a thing or two about selling mobile phones.

I've owned Nokia phones in the past, and have always considered them when it came time to buy a new one. But they just ensured that will never happen again. I can see maybe dabbling with Windows Phone and offering a few sets for variety... but when the news keeps showing that Windows Phone is DoA, I don't get why Nokia would bet everything on a sinking ship. Are they truly that suicidal?

Stop misquoting me.

If you look at the real figures :

"Google's Android platform has topped 40 percent market share in June up from 38 percent in May, said comScore. Apple's iOS remained No. 2 with 26.6 percent share." [Source: http://www.eweek.com/c/a/Mobile-and-Wireless/Android-Hits-40-Smartphone-Share-in-US-ComScore-426114/%5D

So Android phones sell more than iOS phones. However if you compare INDIVIDUAL phones, the iPhone will win because the Android platform is full of different competitors, while iOS isn't.

We're comparing ANDROID vs iOS. Any individual Android phone is lost in a sea of different choices - even if android is 40% market share.

Evernote Abandons Microsoft .NET

  "The blurry fonts, slow startup times, large memory footprint, and poor support for certain graphics cards were all issues that the technology behind 3.5 was incapable of resolving. As a result, we ended up chasing down platform bugs rather than adding the great features our users wanted"

“There is a substantive effort in open source to bring such an implementation of .Net to market, known as Mono and being driven by Novell, and one of the attributes of the agreement we made with Novell is that the intellectual property associated with that is available to Novell customers” link

To this day, Microsoft is trying to shake down smartphone vendors using Android for 15 bux per phone "protection" against patent extortion^W lawsuits.

What patents, you ask? Well, we don't know.

I found the list and posted it to Slashdot on one of the recent Microsoft vs Motorola stores. It was modded up to +5.

To this day, nobody has a list of those 235 patents that Microsoft owns and that Linux supposedly infringes - hidden behind a wall of NDAs.

The source for that is known, too. Basically Ballmer was misrepresenting the results of a study:

http://www.eweek.com/c/a/Linux-and-Open-Source/Author-of-Linux-Patent-Study-Says-Ballmer-Got-It-Wrong/

*By ironic I mean M$ and Apple appear to be colluding to take down another competitor while leaving each other alone.

It's not just appearances. Apple, Microsoft and Oracle have actually formed up to go after Android: Apple, Microsoft, Oracle Lead Unholy Patent Alliance Against Android

Only company from the list that I worry about is Apple. They're really been left and right everyone about patent issues. Microsoft, not so much, unless some patent troll has attacked them first. Same goes for RIM. Sony is bad in other fronts, they're not really suing for patent issues. But Apple has been handling their patent related issues really dirty, dumping thousand+ page sues, trying to enforce ban on competitor products and in their developer agreement for iPhone/iPad they require all software developers to give away their ideas to Apple when submitting their application - after which they can decide if to accept or reject the app and maybe implement it themselves. Like when Apple ripped off an wireless sync app made by a one guy.

based on what?

Probably the worst thing Microsoft is currently doing is threatening and then shaking down Android device manufacturers( http://www.engadget.com/2011/06/27/microsoft-inks-android-patent-deal-with-itronix-causes-more-hea/), it's also hard to ignore:

• Paul Allen... http://online.wsj.com/article/SB10001424052748703294904575385241453119382.html
• Microsoft funding SCO's litigation against the Linux Kernel http://www.eweek.com/c/a/Linux-and-Open-Source/Leaked-Memo-Revives-SCOMicrosoft-Connection-Furor/

Some enterprise users have internal apps that they need to test, and some of them are upset about such a 'big' change. In reality they shouldn't be looking at version numbers, they should be looking at a list of potential impacts, to make their testing easier.

The point is that most every enterprise IT department treats incrementing the major version number more seriously than minor version numbers, and much more seriously than revision numbers. The de facto standard for version numbers is that major version increments mean major changes which require major testing. That's how everybody else -- short of Google Chrome -- operates. Corporate policies are built around these de facto standards. Abandoning them with no justifiable reason is obnoxious and frustrating.

As far as Google Chrome, they've always operated like this. So it's nothing new. They've always had rolling releases with the major version number representing the stable/beta/dev branches more than anything. Additionally, the software is already corporate-unfriendly due to the fact that it allows non-admins to install so nobody in enterprise IT supports it. It's essentially already carrying a sign that says "NOT FOR BUSINESS". It's getting much better (and appears to have better support than Firefox now) but there hasn't been much press around Chrome for the Enterprise. It's just not on anybody's radar like Firefox is (yet).

just like normal people aren't clever enough to use Linux (hence it's low market share)

Uhm... try that one again.
Most people don't use Linux because:
- The support for it is limited to forums where you never get actual help, but instead a bunch of ass-hats who shout back "RTFM LAMZOR" and similar insults at you. If you write in to a bug report forum or a feature request to some bit of software, someone screaming "the beauty of it is its linux so you can fix it yourself so go fix it yourself and post the fix noob" is not comforting or likely to make you stick around.

- Most of the programs they are looking to run, don't run on Linux (games industry, sadly, used to be a lot better but has backslid over the years considerably).

- The "open source alternatives" to many of the programs they run, have problems with shifting crap around on them for poorly documented reasons.

- You don't just "switch to linux." You have to pick one of a gazillion discordant distros, or else fuck around trying out every goddamn one for six months to settle on the one you like and HOPE that it remains updated and supported thereafter. And that they don't fuck with you in the next release, like Ubuntu just did forcing this crap "Unity" interface. And that the architecture for your particular distro isn't rewritten in some bizarre-ass fucking arcane way that causes your particular hardware to break on the "standard linux driver"... presuming one even exists.

I won't say that there aren't very intelligent people using Linux - there obviously are. But it has become very obvious to me over the past 15 years that the people programming Linux, the people designing interfaces for Linux, and the people evangelizing Linux, have absolutely no goddamn fucking clue what a normal desktop user wants, needs, or what will appeal to same. I refer you to this insightful post from someone who also has spent plenty of time with Linux as well.

AMD has chosen an architectural roadmap that makes the GPU and CPU part of the same APU. SYSmark does not measure 3-D graphics performance. At all. So while AMD is pursuing a path that will give its APUs greater overall performance than the CPUs they contain, they are actually hamstringing themselves in the CPU-only testing arena, because the CPU portion of thier APUs will seem relatively lower in performance at the same price point.

AMD's proper course of action should have been to promote an APU-specific benchmark. Instead, it tried to change SYSmark to do something it doesn't do.

It was denied the right to twist the benchmark in its favor. Rather than coming up with the obvious solution of spinning off a new benchmark consortium to develop an APU-specific test, it started crying and ran to its room shouting, "I hate you! I hate you! I hate you!"

AMD is, really, behind a major 8-ball right here. It has, again, put all of its eggs into a rather hopeful basket, and come up with fewer than expected. At least this time, unlike with the Barcelona debacle, it isn't doing it while roller-skating blindfolded through a car-wash. That time it cost them their fabs. They don't have much left to sell.

It's little wonder that it's not having an easy time of finding a new CEO.

Well, it would seem that no arrest actually took place... Lulzsec don't know who the guy mentioned is and the FBI themselves said that they didn't arrest anyone.

Don't expect any of the currently free Skype services to continue. Asterisk already lost Skype support.

Asterisk is nominally open-source.

But as an enterprise application it is for all practical purposes a wholly owned subsidiary of Digium.

While Skype for Asterisk was a bit deeper than what Skype Connect (formerly Skype for SIP) offers for other telephony platforms, it's a "stronger business proposition" for Skype to offer more customers Connect than to support a proprietary product for a specific vendor...

"I don't think Skype for Asterisk was compelling enough, nor did it generate enough money for Skype to continue to support it,"

Skype Connect currently works with telephony systems for Avaya, ShoreTel, and Cisco, among others. Digium will be validating Skype Connect next month...so Asterisk customers will continue to have some Skype support.

Skype Ends Support For Open-Source Digium Asterisk VOIP PBX

But to say it's about to have the same level of infections as Windows?

Lets look at this year's Pwn2Own. Oh look, Safari and OSX hacked with the ability to run arbitrary code off of a website (which could include fetching a shellscript and running it). What about previous years?

Really, where the heck do you mac users get this sense of assurance from? For years, people have been telling you that the platform is no protection from 3rd party security vulnerabilities (java, acrobat, flash); and for years we've been saying that no platform is bug free; and for years we've watched as Mac after Mac falls in Pwn2Own to exploits which "just work".

We've also been saying that "once Mac gets a big enough market share, malware vendors will set their sights on Apple". And guess what, its starting now. Why are you so sure that they wont start using those no-click exploits commercially? And the real question of the day, what security features are you so confident in from OSX that you think Windows 7 and Vista dont have?

Yes, repositories for the win!!

She

"P.J." is and was *always* a pen-name for a variety of folks who worked directly for, or were paid by a consortium headed by IBM.

Trollish, my friend. Here:

Oh, and by the way, Pamela Jones really does exist. Ive met her.

O rly?

AT&T seeks more phone deregulation in Alabama
AT&T and Deutsche Telekom push for deregulation of wireless markets
Time Warner seeks Manhattan deregulation

It's trivially easy to find other examples.

Frankly, I think far more people are still confused about what ChromeOS gets them that Android doesn't.

Well, that IS the actual objection to Chrome OS, isn't it?

So, what's the advantage of ChromeOS, again? I expected it to be price, but those laptops they've announced recently don't look all that cheap compared to the recent slew of Honeycomb tablets; so that can't be it.

There is none. I think anyone buying a Chrome OS device is a tard because Chrome OS and Android will probably eventually merge. And who's more likely to get an update, an Android user or a Chrome OS user? Yeah, you got it in one.

try http://www.eweek.com/c/a/Security/Crimeware-Kit-Targeting-Mac-OS-X-Mimics-Zeus-and-Spyeye-Features-642093/
Could offer options like: "The kit supports Web injects and form grabbing in Firefox. The templates used are identical to the ones used in Zeus and Spyeye, according to Kruse. The forms seamlessly inject fraudulent fields into legitimate Websites that are intended to trick users into entering additional sensitive information. When the data is entered, it is automatically transmitted back to the malicious owner."

Extendible to Mac and Linux?
Is this related to the http://www.eweek.com/c/a/Security/Crimeware-Kit-Targeting-Mac-OS-X-Mimics-Zeus-and-Spyeye-Features-642093/
"develop malware specifically for Mac OS X that uses the same templates as Zeus and Spyeye."
ie same "idea" or is the code base shared? Thanks

So why doesn't Microsoft sue? Because it would be a public relations nightmare - just as it was for SCO.

Perhaps you aren't aware that MS funded SCO's lawsuit. SCO was just a proxy for MS. Nothing to stop MS from "selling" the patents in question to some patent troll and engaging in another proxy lawsuit.

Apple's "iOS devices" consist of more than just phones.....

http://www.eweek.com/c/a/Mobile-and-Wireless/Apple-iOS-Devices-Overwhelm-Android-Gadgets-by-59-comScore-707928/

Microsoft don't generally have a habit of being a Patent troll

Microsoft claims that free software like Linux, which runs a big chunk of corporate America, violates 235 of its patents.

http://money.cnn.com/magazines/fortune/fortune_archive/2007/05/28/100033867/index.htm

Why Did Microsoft Sell Off 22 'Linux-Related' Patents?

http://www.eweek.com/c/a/Linux-and-Open-Source/Why-Did-Microsoft-Sell-Off-22-LinuxRelated-Patents-618335/

TomTom gets allies in Microsoft Linux patent lawsuit fight

http://blogs.computerworld.com/tomtom_gets_allies_in_microsoft_linux_patent_lawsuit_fight

Microsoft's Linux patent bingo hits Google's Android

http://www.theregister.co.uk/2010/04/29/microsoft_htc_linux_patents/

Groklaw seems to be too biased against Microsoft and is taking whatever is said by Google at face value. Try this article:

http://www.eweek.com/c/a/Government-IT/Google-Apps-for-Government-Not-Yet-FISMA-Certified-GSA-495399/

It's the whole "broken windows" economic fallacy.

The anti-Mueller campaign started on slashdot when he tried to BS a bunch of us on the weekend over TurboHercules, got caught in a bunch of misrepresentations, and tried to weasel out of them. There were more than a dozen of us who jumped in, because what he was saying was a huge distortion of history, as well as misrepresenting the instant situation.

I remember it because before then I didn't know the guy from a hole in the ground - I figured he was just one more idiot spouting nonsense. Then I find out that people think he's some sort of "authority", a lawyer (that I trashed immediately by pointing out that even the stupidest lawyer in the world wouldn't be making some of the statements he made since they had zero basis in law anywhere on THIS planet (I can't speak about Mars, or whatever :-), and if he's really a lawyer he should be disbarred, etc. - sure enough, he wasn't a lawyer, he just encouraged people to think he was, and never corrected the mistake when he had an opportunity.

The only "coincidence" was that he tried to continue elsewhere (as well as to some extent here), but people were now willing to challenge him head-on, and had the links to prove he was just spouting nonsense.

The whole groklaw thing was really pitiful - the guy who was the actual maintainer of the Hercules hardware emulator (istr his name was Jay Maynard) got stuck in the middle, made the mistake of assuming that the claim that IBM was threatening to sue the Hercules project was true (it wasn't), and really, REALLY put his foot into it.

TurboHercules (not the Hercules project) wanted to have IBM customers make unlicensed copies of IBM's mainframe OS to run on other machines, atop the Hercules hardware emulator. When that didn't fly, TurboHercules (again NOT the Hercules project) tried to claim it would be only "transferring" the OS to a second machine, for "recovery purposes."

But even under that scenario (again, not permitted under the license, since you'd still have 2 copies of the OS floating around, even if you weren't using both at the same time, and the OS is licensed to a specific machine because the fee is based on work units), at some point you'd have to have 2 copies running, to transfer updated data back to the mainframe.

TurboHercules then tried to pick a fight with IBM by asking what patents might be infringed by Hercules, and IBM sent them a list. All of a sudden, TurboHercules and Mueller are claiming that IBM is going to to sue the Hercules project for patent infringement, based on IBM's response to their request.

See the problem here? Then ask yourself if it's a coincidence that TurboHercules took money from Microsoft.

Pile on the FUD he pushed over supposed Android violations of the linux kernel, etc., and you have a clear agenda: The guy did what he could to worm his way into FLOSS territory so he could attack from inside, like a wolf in sheeps clothing, and it almost worked.

The problem is, when it comes to trolling on sites like slashdot, he's a rank amateur :-)

Er, Google is better than Bing. The head Bing guy in charge admits it. Furthermore, they admit it with their actions. I mean, wholesale copying Google's results. Yeah, that really makes me confident in their product. Or, maybe, Bing is a sad joke and I'll just keep using Google as it is, face it, the superior product.

you don't understand: mcaffe had false-positived svchost -itself-. thousands went down. quality control heyoooooooooooooooooooooooooooooo

Seriously. If Linus is the deity and keeper of every line of Linux code, why didn't he just cut the Gordian knot that was this lawsuit? He's the one person who could stand up to SCO in a code argument and refute every claim standing up. Yet he didn't. Why is that? I never understood why he just didn't come and put a quick end to this.

Are you serious? SCO sued IBM not Linus. Linus added his commentary a few times. Also remember SCO avoided at all costs showing the source code to anyone. They delayed. Every time any code was leaked, it was immediately debunked. They deliberately refused to provide enough specifics even after multiple court orders to provide IBM with specificity. The judge threw out 2/3s of the claims because they refused to do so.

Even if Linus had the alleged source code in question and debunked every single line, do you really think SCO would have listened to him? SCO didn't even own the rights to Unix yet sued as if they did. The whole thing was a grab for money. It didn't matter to SCO that they even had a real case. They wanted IBM to pay them to go away. Except IBM is not one to back down.

http://www.eweek.com/c/a/Cloud-Computing/Libya-Goes-Dark-Again-Even-While-Internet-Servers-Continue-Running-382131/

"I've been hearing "The only reason every Mac isn't infested with malware is that they're not a big enough chunk of the market for it to be worth the effort." for so many years the effect has worn off. Year after year - You know, it really gets old hearing that excuse. If that really is the case, I hope it continues." - by Cheech Wizard (698728) on Sunday February 27, @04:38PM (#35333006) Homepage

Ok then, explain this: Do pickpockets operate on "crowds of 1" only, vs. massive crowds of potential possible victims in crowded city streets, train or bus stations, or malls?

ANSWER = No, they do NOT!

Pickpockets (and yes, online criminals too) go where their efforts expended to "do the job" are most effective for the BEST "ROI" (return-on-investment), from a single method of attack (codebase in malware)!

(And, just like pickpockets? THAT is done by going where the MOST POSSIBLE VICTIMS (users) ARE... & currently (and for decades now), that is on Windows).

You think share of market doesn't matter?

Today's ( & this past decade's), online criminal is NO DIFFERENT than the street pickpocket... and they are BOTH AFTER YOUR MONIES!

Thus - It makes sense for them to attempt to attack Windows on that very same basis (as it IS "where the crowds are").

NOW, ONTO ACTUAL STATISTICS/FACTS & FIGURES of UNPATCHED KNOWN SECURITY VULNERABILITIES: (MacOS X vs. Windows 7)

---

Vulnerability Report - Microsoft Windows 7:

http://secunia.com/advisories/product/27467/

Unpatched = 6 of 57 Secunia advisories

---

vs.

---

Vulnerability Report - Apple Macintosh OS X:

http://secunia.com/advisories/product/96/?task=advisories

Unpatched 9 of 150 Secunia advisories

---

NOT ONLY HAS THE CURRENT MacOS X BUILD SHOWN MORE OVERALL SECURITY ADVISORIES THAN DOES WINDOWS 7, BUT, IT ALSO HAS MORE KNOWN OUTSTANDING UNPATCHED KNOWN SECURITY VULNERABILITIES THAN DOES Windows 7... period!

(So, "argue with the numbers"... & good luck!)

Lastly - I hope one of you tries the "local/local network" vs. "remote" tactic "spin-CON-troll" too, because I'll use what I used on the Linux crew a few days back in regards to THAT little "trick" too, due to how malwares today are being constructed... & they are NOT "your dad's oldsmobile" anymore...

APK

P.S.=> Here's a list of problems MacOS X has had in its tenure, for those of you that are interested, that I've been compiling for a few years now - So, "chew on these" (35 of them, or thereabouts...):

---

MacOS X - A Worm for Your Apple MacOSX:

http://www.beskerming.com/commentary/2007/07/18/222/A_Worm_for_Your_Apple

---

MacOS X - Another Mac Trojan/Fake Codec - Security Watch:

http://blogs.pcmag.com/securitywatch/2007/11/another_mac_trojanfake_codec.php

---

Apple's FaceTime for Mac debuts with security holes:

http://www.theregister.co.uk/2010/10/21/apple_facetime_security_hole/

---

Apple Patches OS X Flaws:

http://www.eweek.com/c/a/Apple/Apple-Patches-OS-X-Flaws/

---

Apple patches QuickTime to root out 15 ugly vulns:

http://www.theregister.co.uk/2010/12/09/apple_patches_quicktime_again/

---

Appleâ(TM)s Snow Leopard Is Less Secure Than Windows, But Safer:

So what is my point? The internet is dangerous where known and unknown threats can be found, but there are simple steps for each OS (car analogy: wear seatbelts) to help keep you safe, such as regular patching.

There are no secure systems out there. There are only some system less vulnerable than others. The problem with Windows is that its history of security is very pathetic. You assume that regular patching is the panacea to Windows security. Just last week, MS acknowledged a zero day flaw in SMB. How is regular patching going to guard against a zero day? The main problem for MS has been that Windows is coming from a design which never had security in mind in the beginning. Whereas Unix dealt with the challenges of networks, security, and multiple user access decades ago, MS has bolted on security time and time again.

Whether you want to admit it, Windows has security problems and sometimes there's very little a user can do about it or even detect it. I remember the last time I got a trojan. I was visiting a news site. Somewhere in one of the ads, it planted a trojan. This wasn't some dark corner of the internet. This was the Atlantic Monthly. Getting rid of the trojan required a fresh install.

All the popular ones like Netflix? Oh wait, no it doesn't and as I pointed out Janus has been here OVER five years and all FOSS "hackers" have to show for it is a giant FAIL next to their score. Next!

BTW you want to see "the ultimate future" of FOSS? Do you? It is kinda sad but you can see the end result today of the "never compromise, down with the great Satan!" holy war pushed by RMS. All you have to do is look up what "PC" RMS uses to see how FOSS will ultimately end...in case you don't know he is stuck on a Loongson "netbook" that only supports a teeny tiny niche of software, no flash, no web video, hell I bet the man can't even listen to music unless it is a specially crafted Vorbis file, and frankly the machine is probably illegal in the west due to the fact the Chinese incorporated x86 instructions into their ARM chip without a license.

And your big "savior" is Android? BWA HA HA HA! You ever see "Pirates of silicon valley"? Remember the scene where Jobs is rallying against IBM and his engineer is pointing to the IBM video and to Gates, who is about to fuck him raw? Well guess what? Notice anything...funny...about Android? Like how Google refuses to allow ANY GPL V3 code into DroidOS? Why do you think that is? It is because Google is gonna buttfuck FOSS by pulling the TiVo trick which they can't do if they allow GPL V3, that's why! Your "savior" is gonna be about as useful to FOSS as TiVo! It is SOOOO funny!

As for Janus now who is spreading FUD? In case you haven't heard The EU busted MSFT and made them open their protocols so all the Linux foundation would have to do is ask for a Janus binary blob (and Get Linus to quit acting like an ass and support a stable driver API) and the EU would make MSFT cough one up or drop the banhammer on them to the tune of a couple of hundred million.

And again you go "la la la" and refuse to accept reality. In reality The ONLY reason the music companies allowed MP3 is because Apple has a monopoly with iTunes which means there was simply no way to offer DRM, since Apple refuses to license Fairplay and doesn't support Janus on WMA. Which means if they want Amazon and other music retailers to compete with Apple it HAS to work on an iPod and frankly the ONLY format that fit that bill was either MP3 or WAV, so it wasn't like they had a choice.

Now compare that to video where the studios have gone out of their way to ensure that Apple doesn't get squat since they don't want a repeat of the music debacle where Apple could pretty much dictate terms and could kill an artists sales by simply burying their ads to the back of iTunes, and where the X360 owns a significant share of the living room. Here you will simply never see a repeat of MP3 because MSFT has licensed Janus liberally, with the X360, PS3, Wii, and numerous set top boxes supporting Netflix and by extension Janus DRM. Google tried to force the issue and got the banhammer dropped on them making Google TV worthless when compared to even CCC (Cheapo Chinese Crap) set top box, so frankly this battle is over, like Mp3 VS Vorbis.

But in the end thanks to the militants wing of FOSS the future of FOSS is bleak with corps like Google "TiVo Tricking" away your four freedoms on one side (and which is being assisted by Linus who refuses to go GPL V3) and online DRM Video being "the killer app" which will ensure that not a single B&M will carry your product. Not Walmart not Best Buy not a single one shall be had. In the end without the ability to compromise FOSS will simply stay locked into an increasingly small web server niche because thanks to t

Amazon Indifference to EC2 Attacks - http://www.voipusersconference.org/2010/amazon-ec2-attacks-continue/

Slashdot story about it - http://it.slashdot.org/story/10/04/17/2059256/SIP-Attacks-From-Amazon-EC2-Going-Unaddressed?art_pos=1

Phishers using EC2 - http://broadcast.oreilly.com/2009/03/blame-the-credit-card-franchis.html

Complaint about SPAM coming from EC2 IP Address - http://www.ipillion.com/ip/174.129.162.38

EC2 used for Botnet C&C - http://securitywatch.eweek.com/botnets/amazon_ec2_used_as_botnet_command_and_control.html

Just Google for it. This stuff is all over the place. A lot of fraud websites host themselves with Amazon. Now that alone is not a reason to vilify them, but they are slow to act and seemingly ignore complaints about traffic coming from their EC2.

Personally, I bought a product from a site hosted on Amazon EC2 and had payments going through PayPal. Seemed to be above board and was the only place online selling a rather rare product at the time. Never got anything and both Amazon and PayPal were both aware of previous complaints but failed to shut the place down.

I can see how that might make me look biased, but I also have logs of brute force SIP attacks on my own servers and much of it has come from EC2. Not just Rwanda. Not just Romania. Not just China. EC2. What use is there to complain to them when everyone else gets ignored too?

How hard is it? The IP in question sends me 100,000 SIP registration requests that are clearly walking the extensions up from 1000 with dictionary attacks on the secret. Seriously? That much to investigate? Just shut the crap down and work with the account owner to clear their "infestation" up or nail them as the hackers they are.

That's funny, because I was reading the exact opposite today:

"This isn't just a case where Apple took a CDMA chip and slapped it into the iPhone and called it Verizon. They actually redesigned the entire logic board, including the electromagnetic shields," iFixit's M.J. explains in a video for the repair site. "Apple's RF engineering team did a great job at restructuring the antenna, so hopefully we don't have the same death-grip problem that saddled its AT&T brother."

http://www.eweek.com/c/a/Mobile-and-Wireless/Verizon-iPhone-4-May-Offer-Hints-at-iPhone-5-iFixit-815631/

Man in the middle no no, you mean buffer overflow, Like this critical exploit from from 2005? http://www.eweek.com/c/a/Security/VMWare-Virtual-Machine-Security-Flaw-Very-Serious/

Or the 300 exploits starting on this page ? http://www.securityfocus.com/cgi-bin/index.cgi?o=0&l=30&c=12&op=display_list&vendor=VMWare&version=&title=ESX%20Server&CVE=

Vming doent help, install patches, have intrusion prevention and early detection, have a measurement and hardening practice, have an AV and firewall, dont run as Admin, or root, don't let your kids or admins install applications willy nilly, dont allow servers to browse the internet, dont play games on the same computer as your banking.
But the best single piece of advice is to physically segregate your banking from all other activities and Keep all your off line files encrypted by password and key. Think PGP virtual disk, or true crypt volume, NOT full volume bit locker type encryption. Worth less crap for on line security.

But nothing and no security measure will surpass "You should have known better 20 20 hind sight attack."

Using a live CD? really? How secure is that CD, who made it, who if anyone vetted it? why do you trust it, may be it IS the attack, how would you know? Security is more about being informed and making yourself a hard target and measuring your security posture. Primarily by not doing stupid things you know are wrong, you will and can skip being seen by most of the attack surface which is looking for you.

the only company that has 'bet the farm' on android is HTC and Google

Think some more, HTC has Windows phones too. Oh, I see you say "that HTC at one time was a developer of MS phones". Well they still are.

It may be that the best way for MS to gain market share is to scare phone makes into not using Android.

The same tactics MS uses against Linux. But it is failing. More and more people and entities are switching to Linux and FOSS on desktops. It's servers where MS is gaining ground. Both Linux and MS Windows gained marketshare for servers.

Of course the problem with the numbers, whether from IDC or someone else, is that no one can know just how many servers are running Linux. Linux doesn't need to be activated or registered whereas Windows does. Company X may buy new Windows servers but after they're setup in the server room the admins may rip out all the software and install Linux, Apache, MySQL, and PHP. Or LAMP can be installed on older hardware.

Falcon

Much can happen in the next five years that puts Facebook where Livejournal is now, relatively speaking.

You mean in Russia?

According to the RIAA:

Digital revenues have grown from nearly $200 million in '04 to $2.3 billion in '07 (estimates for '08 - $3 billion), accounting for 25 percent of all retail value revenue (upwards of 30 percent at end of '08).

That gives us a 2008 estimate of 12 billion dollars in revenue for retail sale of music. Presumably for the RIAA, who "create, manufacture and/or distribute approximately 85% of all legitimate sound recordings produced and sold in the United States". So a total of about $14.2 billion in revenue.

Now, obviously we also need to take the MPAA into consideration. Again, using 2008 numbers:
Ticket sales grossed about $10 billion. And since quite a lot of people seem to claim (and no, I have no source handy) that home video sales is about the same as ticket sales, then we're looking at around $20 billion in 2008.

Apple's revenue for 2008 in the Americas was $14.5 billion. Granted, that's a larger geographical area than RIAA's numbers, but then again Apple is a relatively small company in the IT landscape.

How about some of the bigger fish?

IBM reported revenue of $103.6 billion, and pre-tax profit of $16.7 billion.

So, the movie and music industry combined gets up to around $35 billion in 2008 in the US.

IBM (world wide) - $103 billion
Apple (Americas) - $14.5 billion
Google (world wide) - $21.8 billion
Microsoft (world wide?) - $60.4 billion
Oracle (world wide?) - 22.4 billion
Dell (world wide?) - 61 billion

Seriously - why the fuck are the IT giants just turning their back on the complete and utter gang rape on things like the Internet, when most of their products would die off the moment it stops working the way it should.

Just buy out the fuckers, boot the executives, lawyers, assistants etc. from their penthouse offices (literally boot them out over the balcony) and just kill off these massively debilitating parasites.

Apple TV 2 was launched in October 2010 http://www.eweek.com/c/a/Desktops-and-Notebooks/Apple-TV-Sells-1-Million-Units-297554/. That is less than 3 months ago. By comparison, Roku, an arguably superior offering, is yet to reach its 1 millionth sale (across all models), after 2 years!

Most news articles comenting on the 1 million units milestone have made a point of comparing it to the 74 days it took for the original iPhone to reach the same milestone. That is a phenominal achievement by anyone's yard stick. However, I doubt that the Apple TV will follow the same trajectory as the iPhone.

Looking forward, even Roku CEO, Anthony Wood, acknowledges that Apple TV will only become even more compelling as he expects Apple to launch an App Store for Apple TV, which would bring along many more content sources, more games, and more attention to the Apple TV http://www.sfgate.com/cgi-bin/article.cgi?f=/g/a/2010/12/20/businessinsider-roku-2010-12.DTL

He's a VC - he only needs one of his horses to come in to make money. Who cares if all the others crash and burn - he'll still own their ideas anyway...

Indeed. I have a hard time with Thiel's proposition. I think it would be bad for most of the students who take it. Sure, four of the twenty might be successful, according to VC rule of thumb VC math, but the other 16 would probably be worse off. Having dealt with VCs over time, I have concluded that they are gatekeepers of money for the most part. They don't really have much better insight into the Next Big Thing than anyone else does. All they do is fish in barrels that float into their doors. Think about what has to have occurred before the start-up company founders walk in the VC's doors:

• The founders have an idea. (~90% of the population can do this)
• They put ideas on paper and start to think seriously about creating a business(~40% of the population)
• The founders quit their jobs or drop out of school, or spend much less time at either (~15% of the population)
• The enterprise is successful enough to keep the founders going for while, so they go to a VC for money to expand (~1% of the population)

In other words, by the time founders of a company walk in the doors of a VC firm, the VC is dealing with a select group of people motivated enough to create a functioning company. The population of entrepreneurs the VC sees is distilled to the people who have the best chance of succeeding under any circumstances. What is rather shocking to me about that is that even with the best people walking in the door, VC firms still only manage a 20% success rate. Of course they will claim that they can make an objective evaluation of a potential new product of service, but if that were so they wouldn't have to wait for people to walk in the door. They would come up with the idea themselves and hire people to implement it.

I think Thiel's proposal is a "heads I win tails you lose" proposition for most of the people who would take his offer. But casinos offer the same deal and they are a lot more fun. When my partners and I went to VCs for money, one told us our idea would never be successful (later our more successful competitors proved them wrong), and one told us that they reservations about our team (They were right, dysfunction ultimately destroyed the company). I asked a third VC who he thought the best CEO in the tech world was at the time. He said "Greg Reyes"

If you really want to make the best of what the VC community has to offer, let them come to you. If you and your co-founders really have a good idea and have made it work, they will find you. If they come to you, you will get better terms and probably a better VC partner, since those who knock on your door were smart enough to find you in the first place.