See, I'd like to make all of this more visceral. Here's the plan: when you're born, you get one share of "Ameristock". When you turn 18, you can show your Ameristock certificate at the voting booth and you get to vote - until then your parents may act on your behalf.
Ameristock shares are 100% transferable - once the original owner reaches 18 - and can be traded for real currency (for a bookkeeping transfer fee). Citizenship is not a prerequisite for owning shares - anyone can! Each share is worth one vote, and there is no limit to the number of shares which can be controlled by a person or entity.
Need cash? Sell your share. Want more political power? Buy more shares!
The end result would be about the same as it is now, but hey, at least everyone would know what their vote is worth. I call this plan "Americockracy".
Yes, please join our support group for internet and online game addicts. We'll be having a live video chat session on Monday - feel free to post questions on our message board until then.
(If you're unfamiliar with the message board syntax, hit us up on IRC - or if nobody's around, send an email to the mailing list and you're sure to get a response.)
During the course of the business day, most people will jot down notes about various things discussed during meetings or at informal cubicle conversations or whatever.
Hasn't anyone patented the taking of notes!!! For Christs sake would someone file the damn patent!!!!!!1111 Think of the ROI!!!!
The hardware people are reasonable, they want their stuff to be able to play everything, and record everything, and they want it to work 100% of the time.
Could someone please Fax that info over to the PSP department?
It says liberals tolerate ambiguity better, and conservatives think in a more structured manner. Which is better (if at all) would depend on the situation.
So liberal == dynamic typing, conservative == static typing. I'd like to see a correlative study showing the degree to which political affiliation dictates programming language preference.
"My time on IRC has taught me a valuable lesson... On the Internet, all the men
are men, all the women are men, and all the children are FBI agents."
--OnyxIR
Because javascript is the devil. I think it has some of the most flawed type casting (if I can call it that) out there today. It's not a "type safe" language. And the proliferation of JSON objects in Javascript is frightening.
I marginally agree with your assessment that turning off JavaScript would probably be good in the poster's situation. Without running an ad-block solution of some kind, turning off JS is the next best way to limit the amount of ads received, and has the side effect of cutting down on many kinds of web statistics (such as Google Analytics).
However, I take umbrage with your blatant application of your personal feelings towards the JavaScript language as a reason to turn it off. JavaScript is a dynamically typed prototype based language, not a statically typed class-based language. Because of its flexibility, the concept of type-casting is much less relevant, to the point of being unnecessary. This is a language feature, not a deficiency as your post seems to imply.
Regarding JSON, I advise you to read the wikipedia article on the subject, which explains in great detail that JSON is merely a means for transmitting serialized data, and is currently in use by known, respected companies like Yahoo! and Google. Your statement would be equally absurd (if not more so) if applied to another data serialization scheme such as XML.
Here are some useful excerpts from the Cert advisory:
Internet Explorer 7 has changed how Microsoft Windows parses URIs. This has introduced a flaw that can cause Windows to incorrectly determine the appropriate handler for the protocol specified in a URI. This flaw appears to rely on having a "%" character in the URI.
Publicly available exploit code uses Mozilla Firefox as an attack vector for this vulnerability. For more information, including workarounds, please see VU#783400
It seems that the injection mechanism is to use Firefox, but the exploit requires IE 7 to be installed on the victim's computer.
Interesting excerpts from the secwatch advisory:
The vulnerability is due to an input validation error handling system default URIs with registered URI handlers such as "mailto", "news", "nntp", "snews" and "telnet". This can be exploited to execute arbitrary commands when a user e.g. using Firefox visits a malicious website with a specially crafted "mailto" URI containing a "%" character and ends in a certain extension (e.g. ".bat", ".cmd")
Confirmed on a fully patched Windows XP SP2 and Windows Server 2003 SP2 system using Firefox version 2.0.0.5 and Netscape Navigator version 9.0b2. Other versions and browsers may also be affected.
In the comments to this article a user by the name of kruador points out:
This is utter rubbish. ShellExecuteEx wasn't updated with IE 7.0. It is a core OS feature - on Windows XP SP2 systems the most recent update was in the MS07-006 security update.
All this function does is look up the URL protocol handler in the registry - for example, http: is at HKEY_CLASSES_ROOT\http - and look for the shell\open key. If a ddeexec key is found under that key, it uses DDE to send the URL to the registered program. If not, it runs the command under the command key, replacing the %1 in the command line with the URL to be processed.
IE uses ShellExecuteEx whenever it encounters a URL protocol it does not handle internally - basically only http:, https: and ftp:. The Windows Explorer 'Run' dialog calls ShellExecuteEx when you enter a URL into the dialog (in fact, when you enter *anything* into the dialog). It's how Explorer locates a program when you double-click a document file.
The question here is a difference of opinion over whether certain characters should be escaped in the command line or not. The behaviour of ShellExecute[Ex] has not changed. Microsoft are simply saying that Firefox has to cope with whatever it's presented with; Mozilla are saying it would be nice if certain characters were escaped.
[UPDATE:] I have since discovered that Internet Explorer decodes URL-encoded (%-encoded) characters and passes the decoded version to ShellExecuteEx. This allows an attacker to inject " characters into the command line, terminating the URL argument, and allowing further command line options to be specified.
And most importantly, he concludes with:
The simplest workaround is to place a special command line option in first position (included in the command line in the registry, before "%1") that indicates that the rest of the command line came from a URL protocol handler and should be treated with caution.
Sounds like some registry hacking could solve the problem.
Google is not the only company offering cash for search results. In fact, they're not even the first.
Mahalo[1] has been doing this for months now, and the payout starts at $10 (not $2) and goes up from there. You can sign up to be a part-time guide at the Mahalo Greenhouse[2].
Since Azureus and other bittorrent clients are open source, wouldn't it just be possible to read through the code and discover the protocol? How does forcing developers to obtain an SDK license help anything?
First of all, your kids have way more time to figure out ways around your access control than you have to review whether your access controls work.
That's an excellent point. I remember at the age of 12 circumventing the restrictions on a 486 in order to play Leisure Suit Larry. When my AOL account was set to limited mode, I learned that running IE effectively bypassed the browser-level AOL restrictions.
Years later I discovered that my parents' philosophy was that if a kid is clever enough to outsmart the protection mechanism, they're probably old enough to have access to the content. I'm not sure that maxim still applies today - as the variety and intensity of graphic content continues to increase.
Slashdot Mirror
204 out, brother
Or, just update your computer or firewall's hosts file
Here's a good one: http://www.mvps.org/winhelp2002/hosts.htm
There was nothing obligatory about that, you insensitive clod!
For the those who've never seen it
See, I'd like to make all of this more visceral. Here's the plan: when you're born, you get one share of "Ameristock". When you turn 18, you can show your Ameristock certificate at the voting booth and you get to vote - until then your parents may act on your behalf.
Ameristock shares are 100% transferable - once the original owner reaches 18 - and can be traded for real currency (for a bookkeeping transfer fee). Citizenship is not a prerequisite for owning shares - anyone can! Each share is worth one vote, and there is no limit to the number of shares which can be controlled by a person or entity.
Need cash? Sell your share. Want more political power? Buy more shares!
The end result would be about the same as it is now, but hey, at least everyone would know what their vote is worth. I call this plan "Americockracy".
Yes, please join our support group for internet and online game addicts. We'll be having a live video chat session on Monday - feel free to post questions on our message board until then.
(If you're unfamiliar with the message board syntax, hit us up on IRC - or if nobody's around, send an email to the mailing list and you're sure to get a response.)
I am not a lawyer, but I'm pretty sure that anyone can sue anyone else for any reason at all - possibly even themselves.
That's funny - I figured iBalls would be something else.
Bah. Don't hold your breath for AIR
A linux client isn't scheduled until some time after the 1.0 release for Win/Mac sometime in 2008!- This website contains scripts which may be necessary to view the page, Cancel or Allow?
On everyI marginally agree with your assessment that turning off JavaScript would probably be good in the poster's situation. Without running an ad-block solution of some kind, turning off JS is the next best way to limit the amount of ads received, and has the side effect of cutting down on many kinds of web statistics (such as Google Analytics).
However, I take umbrage with your blatant application of your personal feelings towards the JavaScript language as a reason to turn it off. JavaScript is a dynamically typed prototype based language, not a statically typed class-based language. Because of its flexibility, the concept of type-casting is much less relevant, to the point of being unnecessary. This is a language feature, not a deficiency as your post seems to imply.
Regarding JSON, I advise you to read the wikipedia article on the subject, which explains in great detail that JSON is merely a means for transmitting serialized data, and is currently in use by known, respected companies like Yahoo! and Google. Your statement would be equally absurd (if not more so) if applied to another data serialization scheme such as XML.
- Affected OS: Windows
- Affected Browser(s): IE 7 + Firefox (together)
- Cert advisory: https://www.kb.cert.org/vuls/id/403150
- Secwatch advisory: http://secwatch.org/advisories/1018594/
Here are some useful excerpts from the Cert advisory:It seems that the injection mechanism is to use Firefox, but the exploit requires IE 7 to be installed on the victim's computer.
Interesting excerpts from the secwatch advisory:
In the comments to this article a user by the name of kruador points out: And most importantly, he concludes with: Sounds like some registry hacking could solve the problem.Google is not the only company offering cash for search results. In fact, they're not even the first.
Mahalo[1] has been doing this for months now, and the payout starts at $10 (not $2) and goes up from there. You can sign up to be a part-time guide at the Mahalo Greenhouse[2].
[1] http://www.mahalo.com/
[2] http://greenhouse.mahalo.com/
Since Azureus and other bittorrent clients are open source, wouldn't it just be possible to read through the code and discover the protocol? How does forcing developers to obtain an SDK license help anything?
That's an excellent point. I remember at the age of 12 circumventing the restrictions on a 486 in order to play Leisure Suit Larry. When my AOL account was set to limited mode, I learned that running IE effectively bypassed the browser-level AOL restrictions.
Years later I discovered that my parents' philosophy was that if a kid is clever enough to outsmart the protection mechanism, they're probably old enough to have access to the content. I'm not sure that maxim still applies today - as the variety and intensity of graphic content continues to increase.