Slashdot Mirror
Microsoft Patches Fix IE, Sony Flaws
An anonymous reader writes "Microsoft issued two security updates today, one of which fixes at least four flaws in its Internet Explorer browser, including one for which an exploit was released over Thanksgiving that is now being used by a handful of porn sites to install spyware, etc. According to Washingtonpost.com, the IE patch also removes a component left behind by a patch from Sony BMG designed to remove some of the more dangerous features of anti-piracy software installed by Sony BMG music CDs. Researchers found that the Sony patch changed settings in IE so that any Web site could install software on those machines."
I don't mind Microsoft, but I don't think they need any help in leaving their systems vulnerable. I don't agree with Sony's DRM bullshit, and I do believe that they need to be smacked like a little bitch for including their 'anti-piracy' crap. I just want to listen to MUSIC, not get more annoying software installed on my computer that does absolutely nothing other than piss me off to a greater extent than XP rebooting my computer for no reason. Thanks guys, can't wait for the PS3..Is it going to have software to keep me from playing my PS3 games on my PC?
This is the first update in ages that requires a reboot, is the Sony rootkit that destructive?
Open Slashdot->Preferences, then go to the "Homepage" tab, then look under "Customize Stories on the Homepage"
You can disable Zonk right there -- his posts will never reach your browser again. (This is compatible with all web browsers I've tested, though you have to enable cookies. But then cookies are such delicious delicacies, you have to wonder why anyone would want to disable them other than being on a diet.)
There's only one problem, though: This patch requires you to register with Slashdot. One wonders how responsible it is to require personal information (I hear they actually want a username and a password! At least you can use a throw-away email address) in order to use this valuable functionality.
Microsoft should now have released a patch to Microsoft Antispyware and also have their monthly Malicious Software Removal Tool (which customers running XP Automatic Updates will have automatically run) detect and delete the Sony rootkit. IMHO, very cool (if they did it, can someone confirm?)
;^)
I submitted an article about this a few weeks ago, it was rejected for some reason. Probably too many Sony stories already.
It's better to vote for what you want and not get it than to vote for what you don't want and get it.
- E. Debs
### Second, you can install mode software any place you want on a Unix system, including your home directory or /tmp or any other place it will fit, because for the most part Unix utilities are not irrevocably tied to a specific directory,
/proc/self/exe or different means to find out the location of the binary, that however is sadly not standardized across different Unixes, which is why very few actually use it. The 'spread everything across dozens of directories' approach of installing software in Unix makes relocation also quite a bit more complicated, since it gets ugly if one tries to keep a software in its own directory (useless foo/share/foo/ directories and such).
That is however only true for source, binaries under Linux have quite often their location hardcoded, moving them to a different directory is impossible without either ugly hacks (hex editor) or less ugly hacks (envirorment variables, command line parameter, etc.). Binaries that are truly relocatable are pretty seldomly under Linux, some of the big packages (Mozilla and the like) provide it, but even they often only via install scripts that install some startup script that sets the right command line arguments. True relocation would require to use
Neat!
So, since MS is keeping Sony from installing their "DRM" spy^H^H^Hsoftware, you can say they are circumventing Sony's DRM software, PLAINLY against the DMCA. The only question is.....who do we cheer for when evil sues evil over evil with evil laws?
-mix
"Researchers found that the Sony patch changed settings in IE so that any Web site could install software on those machines."
So according to these researchers, one could logically assume that it is indeed not as much of Microsoft's fault for lots of viruses and spyware people have been getting over the last year or so, but more of Sony's fault for bad DRM software opening holes in people's browsers?
It's just funny, Microsoft's claims that '3rd party software is to blame' and 'Windows is fine' is finally holding water.
Did anyone else with XP Home SP2 notice that the IE update does some really weird stuff with IE's ability to open up pages?
Like, best way to explain it, you can launch IE and it will go to your home page, however, when you type a URL in the address bar it opens up a new window as if you pressed ctrl-n and typed it in there?
Also rears its ugly head if you have another browser set as default. Type in say, 'www.sosdg.org' in the URL bar of IE, and it opens up Mozilla/K-Meleon/Firefox instead of just opening in the open window of IE?
I've seen this behavior on two XP Home machines, while a third was perfectly fine (all running SP2)
Brielle
They're linux drivers are half-assed and they will not release information for their their graphics cards so that a an open source driver can be written.
So they're keeping the ball in their own court. BFD. The drivers work just fine. I've been using both since the days they came out. They fucking work, and they work JUST the same as the Windows drivers do (and yes, ATI is a bitch in that area, extrapolate that, you whore). They're not flawless, nothing is. But they work as expected. If it weren't for the fact that they need to be installed in text mode, and that they can't be shipped with distros (because they're not willing to distribute copyrighted, non-GPL code, then they'd be all over.)
Still, as much as a Linux advocate as I am, and regardless of how much I love it, I have to say that it's just not ready. Add to this the fact that most games are written with direct-3D for one reason or the next, they're just not going to go linux because they don't consider there to be a worthy game market. Likewise, and the majority of the time, game developers don't consider Apple users a worthy target for their product.
By comparison, Apple desktops and laptops greatly outnumber their Linux kin; so if they don't want to go after Apple users--people who are used to what is arguably the single most user-friendly user interface, and computers ever brought to the desktop, why the fuck would they want to go after something that is arguably not always the easiest and straight-forward system (particularly to new users)--with half the userbase?! They wouldn't! That's why! And that's why Loki failed, even though they did port some (huge named) bitching games, in a quality manner. There isn't enough demand!
id Software is Linux gaming's best friend, simply because John Carmack refuses to use Direct-3D, and opts instead for OpenGL. They're one of the few companies around that set out to produce highly portable code (supposedly they do most of their development work on Linux) and that's why we've got DooM3, and Quake4, and the Wolfensteines, and that sort of thing. I'm sory, nobody is interested in us. You should be glad we have wine!