Slashdot Mirror
Slashback: Gaping, Wristwear, Screenies
Too bad there isn't a lot of good Free software. aka-ed writes: "A small update on the "Drink Or Die" busts: Apparently, the feds' move has borne preventative fruit. According to this post from one of the major commercial Usnet services, binaries traffic on Usenet has taken a noticeable hit since the bust, for reasons speculated upon in the post itself."
Open wide, and say "mmmmghrfgghfgr." atreus42 writes: "Microsoft has released a patch to fix the Gaping Security Hole(TM) in Internet Explorer 5.5 and 6.0. This security bulletin details the file extension/content header spoofing bug that would allow bad people to disguise a downloadable executable file as text. The internet isn't doomed after all..."
How to make my Visor look slow and lowly.
Sindre Lia writes "Sharp's new Zaurus SL5500 is the first PDA device from a major manufacturer in a long time that uses a new operating system and a new user interface.
According to preliminary reports from infoSync staffers Larry Garfield and Janice Karin that attended the launch of the SL-5500 and got hands-on experience with the new device, the GUI still needs polishing and to some degree also the hardware, but the device has according to them a lot of potential if some first-generation problems can be fixed.
See all the pictures of the new OS here!"
At least this letter is not in binary ...
Dog and Pony writes with a lengthy letter (informative, if you have odd taste in watches). "Slashdot recently ran a story about a pretty silly binary watch. Well, anyways, being a silly person, I thought one would be cool to have, even though I normally don't wear watches.
Problem was, they only shipped inside Norway... so I sent them a polite mail, asking them to notify me if they would start shipping internationally. And today I got an answer.
Too bad it seems a really cumbersome process to get that watch... have these guys never heard of PayPal? And offering payment via the www in 2003? 'Course, you gotta have goals...
Here is a copy of the mail:
> Dear Customer
> Please note the binary watch is released World-Wide Sale
> To be able to expedite your orders please follow instructions below
> 1.0
> Order Your watch by using or online home page:rsi-digital.com
> 2.0
> US$ 35 must be transfer from your local bank to
> ATT
> NORDEA BANK NORWAY
> Middelthuns Gt 17
> Postboks 1166.Centrum
> 0107 OSLO
> ACCOUNT NUMBER: 6527 05 04641
> Research & Supplier International A/S
> Postboks 236
> 4201 Sauda
> Norway
> 3.0
> Original receipt must be faxed to +47 52 78 88 01 or send scanned and send by mail to arramsta@online.no
> 4.0
> Your order will than be expedite from our sales office
> Delivery time is estimated to be 10 to 14 days after received confirmed payment by fax or mail as stated above
> 5.0
> Note: RSI will from 2003 offer payment by using WWW.
> 6.0
> Payment 35USD cover cost of watch 28 USD handling and postage 7 USD
> Total:
> =35 USD
> Best Regards
> Tone Yven
> Sales engineer
I am still thinking that black one....
On a side note, to us non-native English speakers, that has spent too much time in Dilbert-land, "Sales engineer" really sounds like an oxymoron."
...Is only available to IE 5.5SP1 and 6. I have 5.5 and a 56k modem. It will take me about 5 hours and a version upgrade to fix a small security hole. I've already tried once and inital crapplet that is required to start the download of IE5.5SP1 failed to complete its 400k-ish download. I'm seriously considering swapping to another browser.
Drop in usenet traffic? Howzabout a drop in mail traffic?
And wasn't the microsoft "gaping security hole" patch covered a few days ago?
______
Once: you're a philosopher. Twice: a pervert.
On a side note, to us non-native English speakers, that has spent too much time in Dilbert-land, "Sales engineer" really sounds like an oxymoron."
Leave it to a Nordic to apologize for their English, and then use a word that 1/2 the high school students in the USA couldn't define, all in the same sentence.
When I see a link on the internet for massive bust I don't usually expect to get a page of text...
You're going to have just as many problems downloading another browser as you are downloading the patch. Instead, why don't you order the IE6 CD? It costs $10. There's also another one that includes Windows Media Player for $10.
Also, I believe that the free 30-day trial CDs of Earthlink and such have the latest IE on them. You should be able to get this from an office supply store or computer store.
Finally, if you have a friend with broadband, or you have a fast work connection, you can use the advanced option in IE's install to save the files to a disk instead of just installing it directly. Burn to a CD and you're all set.
Simpli - Your source for San Jose dedicated servers and colocation!
There is a thread on BugTraq which explores this issue in depth:
http-equiv@excite.com is quoted:
Clearly what this so-called "patch" does is convert all embedded file types in MHTML documents viewed in patched Internet Explorer 6 into *.TMP files. Previously all file types and file names were retained and if accepted would run.
"Flyin' in just a sweet place,
Never been known to fail..."
Would YOU have been thrilled to see your watch roll over with the UNIX clock a few months back?
"What time is it?"
"Hmmm.... it says 1008722379... I'm not sure if that's AM or PM though."
MadCow
I used to have a sig, but I set it free and it never came back.
Actually, about 3 days after that letter went out, they sent one saying that you would be able to use a credit card online within 10 days, and also gave simplified payment instructions.
File Name Spoofing Vulnerability:
* The determination on choosing to accept a file download from an Internet site should always be based on the trustworthiness of the source and not on the file type. File downloads should never be accepted from an untrusted source, no matter how harmless the type may appear to be.
No, it was a stupid design that allowed quiet execution due to the combination of content-type and file extension checking. When I download a PDF, I should be confident that unless I try running it in some fashion, it should be perfectly safe to download it to my machine.
Or just to make an extreme case, if I download an HTML usenet post, I don't want the browser trying to automatically convert the BASE64 to an executable and running that.
Some common sense on MS' part would've been appreciated.
-- perl -e'print pack"H*","6e656d6f406d38792e6f7267"'
...to try to buy anything if you don't live in the US!
Perhaps 25% of sites that offer online purchasing are so USA-centric it's crazy. I guess that's part of living in New Zealand, but come on US$35 to ship a paper back book!? I can send one to my sister in NYC for NZ$12 (US$5 ish)
gadgetophile.com
Not really OT.
/. posted the Uplink article, the introversion server went down. But now the server came back up yesterday (Monday), so you may now place your orders.
After
Things you think are in the Constitution, but are not.
One quality alternative to Netscape and IE is Opera . It is on the larger side, as it is trying to compete with IE, but it is fast and secure. The gestures are especially useful; they make me feel like I'm a kid again painting with my hands. Opera is also available for a number of platforms, including your favourite forms of free Unix (i.e. Linux) and Windows. Could help to make your workspaces consistent, if you work on multiple platforms.
Apart from the well known ones, the only other types of alternatives I can think of are the stripped down Gecko systems (Gecko being the HTML renderer built out of the Mozilla project.) They repackage the core technology, without the rest of the stuff would typically gives Mozilla its reputation for being slow, bloated or inefficient. Gecko, by itself, is a very small, fast and efficient core, comparable to the IE renderer. Most of the ones I've seen are for Linux-type systems, though, like Galeon . And don't forget that Gecko, Mozilla, Netscape 4.7 and Netscape 6 are differnet beasts, but all closely related.
Note! If a moderator would care to help me along in the karma department... I don't know what I did (I don't post often), but every time I post I get can automatic -1. Please see the value of my comments for whatever they are worth! Thank you!
Pete
Anyway, the details. He had around 10 machines just sitting underneath a table in the server room, with a combined storage of 2 terabytes. Apparantly, he was eating up 8-20 megabits of MIT's bandwidth a day. Needless to say, he is no longer employed by the institute...
I dont have a
Your comment reminds me of something I read in "The Gentle Art of Verbal Self Defense for Business Success" by Suzette Haden Elgin, Ph.D. Whew, better catch my breath! It's been a while since I read it, so I don't remember word for word how she covered the topic. The gist of it is this: People and organizations will attempt to hijack both the denotative and conotative meanings of words for personal, political, or organizational gain. Content producers labeling copyright infringement (which is a rather technical and non-emotionaly loaded term) as piracy (a word that has readily identifiable conotations and denotions) is a prime example of this type of vocabulary manipulation.
Everytime I hear the word 'piracy', I am
reminded of the example Dr. Elgin sites in her Gental Art book, with the Army Press Corps use of Sweep and Clear to replace Search and Destroy. This example was also used in a scene in the Vietnam War movie Full Metal Jacket. Rather than arguing or debating the merits of their ideas, those who change keywords and concepts are attempting to exchange the opinions and ideas you already have with those they desire you to have, pro or con. If people are ignorant of the original or more apt description or word for an idea, ('copyright infringement' vs 'piracy')then all the better for the manipulator seeking to affect public opinion and sentiment. This is commonly refered to as 'spin' and it is a supremely effective tactic.
(in truth it was hard not to feel at least some affection for something capable of providing such unexpected pleasures as "bacon" and "murder"), --Mr Gray; Stephen King, Dreamcatcher
This is in reference to the link off of the message- the DoJ press release
No, it really doesn't make sense, but I guess this is the only way to have charges dropped from the Warez rings.
Remember the last moments of the Clinton Presidency? When he made a slew of laws? Well one of these was called the McDade Act(s), which specifically states that no agent undercover may lie. That was one of the dumbest laws passed, considering that it could have prevented 9-11, but it applies to this case. The DoJ prides itself on it's "year-long" undercover investigation, but they should have known that its a big no-no to lie. I'd bet that some of these people "undercover" were asked "are you w/ the feds" in which their answer would obviously be "NO." Thats a lie, and goes against whath the (retarded) McDade act states. Boom, thats it- they were found illegally.
Please don't flame this, because all I'm doing is bringing to light something that most people didn't know. This is like the old police searching a random student at a HS dance, then arresting him for Marijuana possession. THe kid gets off totally free afterwards because the police had no warrant (etc...). I guess that the McDade act is the only trump card that the Warez rings have. I personally believe that McDade is totally stupid, and it will be really sad if they are used to throw out the case.