"Based on our estimation of your internet usage, the cost of your internet service would go down by X amount."
Then on the bill...
Cost of Internet Service: $15.83 Internet Delivery Fee: $4.99 Line Maintenance Fee: $2.99 Cable TV Service: $49.99 Cable TV Delivery Fee: $4.99 Cable TV maintenance Fee: $2.99
YOU CAN NOW PAY YOUR BILL ONLINE FOR ONLY A $2.99 PROCESSING FEE!
You may not do A, B, C, or D with your service. We reserve the right to cancel your service at any time. Early termination fee of $149.99 applies if cancelled within 2 years of signing of the contract.
First off, a clause in the contract stating that one side has the ability to change the contract is more than likely something that wouldn't hold up in any reasonable court anyway. It just hasn't been tested.
Secondly, keep in mind that these companies generally charge you a fee to cancel service prior to the contract expiration (which is usually 1 or 2 years). So in some cases it makes it prohibitive in actually reasonably cancel the contract.
They can change the contract any time they want without reason and without notifying me but I cannot break the contract any time I want without giving them money to do it?
This is hardly fair, and if it went to court chances are you would be able to make a case against them for this.
Third of all, you have to keep in mind that in the case of cable companies: they usually have monopolies in their respective areas. It's either NOTHING or them, and that's the only "choice" people have--which isn't really much of a competitive choice.
Because of the aforementioned lack of choice in which service you're provided, the rules of engagement between company and consumer are different than the standard "free market" rules of engagement. You need a 3rd party to step in and make sure that the powers that be are playing nicely, and in this case, they are not.
Or the companies could build their networks to support the increased load. It's greed and nothing less than greed.
Let's break down this salad dinner analogy a bit more.
The analogy REALLY works like this.
Two people walk into a restaurant and buy dinners. One buys a lobster dinner, and one buys the salad dinner. Though all the dinner prices are advertised at the same price, in this case, it's advertised at the price of the lobster dinner.
Eventually, everyone starts coming in to the restaurant and starts buying the lobster dinner. The owner of the restaurant realizes that the cost of feeding everyone the lobster dinner is too high because they assumed that very few people actually wanted lobster and most would stand for the salad. Eventually, they start running out of lobster to feed everyone and start telling people you all can't have your lobster dinner. We assumed that most people just wanted salad and offered lobster as a bonus, we didn't expect everyone to jump on to the bandwagon and start buying the best thing we offered.
Rather than find another supplier of lobster and expanding their business, rather than overhauling their operation realizing that people really don't care for salad as much and want the lobster--they start placing the blame on the people that eat lobster. They tell the people eating salad that the people eating lobster are keeping all of their dinner costs high, and that the business owner isn't to blame for the high prices but the people eating the lobster that they offered are.
Meanwhile, the owner is walking away complaining about money when he's got a few million bucks in his bank account ripping off the people buying salad by charging them for lobster, and telling the people eating lobster that they can't have as much of it and need to start eating salad.
If my entire analogy sounds completely absurd, because it does to me, then you get an idea of how absurd this entire fucking scheme is from these cable companies.
Quite a few of us have had the service since they were offering it as unlimited. So yes, when we entered the contract with them for "unlimited service", that's what we bought into. If they break that it is a breach of contract.
It is illegal, it is wrong. And if I had enough money to fight off their lawyers I would take them to court over it.
It's unfair to sell and offer the service as "unlimited", which they did years ago when the idea of "unlimited" was big for dial-up companies, and then turn around and tell people they're going to limit them.
I would be more understanding of the situation of metered billing and usage if I was under the impression that they were doing all they could with the money they had and physically couldn't do anymore, but that's not the case here.
It's not a problem with any technology, it's not prohibitively expensive, it's greed and nothing else. And until they can prove to me and the rest of the people that it really isn't about greed then we aren't going to stand for them ripping us off.
#1. The truck itself might be more efficient for the weight, but do you really need to burn all of that fuel to carry your ass around? I'm not arguing against having the truck for when you need to carry heavier loads, but for a regular human being you really don't need all of that weight. In gas used per mile, the Prius destroys your truck and it still carries you around. You're saving money by using the Prius unless you're carrying heavier loads that the Prius cannot carry.
#2. My fuel can works fine, though I haven't researched this one so I'll get back to you.
#3. The mercury amount in each of these bulbs is inconsequential. Think about it. For many decades we put thermometers in our mouths that used a SIGNIFICANTLY LARGER amount of mercury. The amount of mercury in any of these bulbs is really nothing to worry about. And while light bulbs do break, the crap spewed out about the mercury content is really pointless. At the end of the day, using them will save you money at pretty much no cost to you--even if they break.
#4. Use less toilet paper and you won't clog these lower flowing toilets. I don't know what to tell you. I've used low flow, regular toilets, and high powered toilets. If you're that backed up that your toilet gets clogged from your shit alone I think you really should see a doctor.
We use CFL all throughout the house. My CFL in my bedroom that I purchased when CFLs were new, it was a 24W bulb in 2003 just burned out a couple of weeks ago. I got 6 years out of that bulb, with varying usage degrees anywhere between 4 hours a night and 10 hours per night--every night, for those years.
I would say I got my money's worth out of that bulb.
Nah, not if you have UAC. That's the thing. Applications are limited in what they can do but you get a simple elevation prompt for administrative-level tasks.
This is in stark contrast to the previous situation where there was no easy way to elevate. You could only *RUN AS* on an application and have to type in your password every time for each application.
Now you get the benefits of running as a standard user and elevating only when necessary.
What *SPECIFIC* video card was not supported? And how old is this video card or how specific is the chipset? Laptop computer versus desktop? Can you not change the card?
PS: If this card doesn't work in Vista, it's not going to work in Windows 7.
PPS: Upgrade your video card.
Otherwise, to answer your question. Nobody's saying go out to get Vista for Vista's sake. What I tell people is if you're fine with XP on your environment, then by all means don't change. *BUT* don't hold back your environment for the sake that you hate the new OS. Buy a license, evaluate it with your environment. See how it runs. And when it's time to upgrade your work machines, just use Vista that came with them.
Before you make such bold claims I think you should point out precisely where you had compatibility problems.
I ran Vista x64 from beta 1 up through release including SP1 and the SP2 betas and had no compatibility issues minus the usual software vendors who wait until "RTM" to release anything for the OS. (Pointing fingers at Daemon Tools).
I think you have some other problems with that Vista laptop unrelated to Vista itself. Perhaps running a fresh install of Vista SP1 with the most recent, up-to-date drivers will solve your issues.
Just to add on to my comment, to explain in more detail. There are definite design differences between how both UAC and sudo are used.
For one, if you use sudo within the context of a terminal window--it does not carry over to another terminal window, nor does it carry over to applications you're running within any GUI environment.
Either way, you still have to prefix every command you run with "sudo".
Also, do you really want administrative privileges carried over between applications when you're installing things? While you trust the "repository" for your distribution which downloads and installs needed dependencies for you, you very likely (and should not) trust a random application you download in a Windows environment from some 3rd party website.
The same is if you were to install multiple applications rather than loading it up with one command that grabs all the dependencies.
You generally know what "sudo apt-get install mysql" is going to do for the system. But in a Windows environment, you don't know whether Application B that Application A launched is something you should trust with Administrative rights to the PC.
So it's a fundamental usage design difference between the two systems, not a problem with UAC itself.
Besides, in Windows 7 they give all you guys that just cannot stand clicking "yes or no" a little slider to adjust the prompts, and any application that may modify the system or anything you do gets a little shield icon.
Except UAC doesn't ask for your password, it simply asks you to click Yes or No. Unless you've forcefully logged yourself in as a "standard user" on top of UAC.
Well, most of the technologies that are found in Windows 7 were introduced in Windows Vista. Vista's problems weren't necessarily faults of the OS--they were simply growing pains.
Microsoft made a LOT of changes to the OS and to the way both developers *AND* users used the operating system.
But all of these changes were really good changes that needed to be done.
UAC? It was necessary. Could it have been implemented better? Not really. What it does is provide a good gray area between "running as a standard user" and "running as an administrator".
On top of the addition of ASLR (improved in SP1), Vista's security is far improved over XP's.
And finally, low integrity processes.
The reason why developers hated the OS is because it does things that they aren't used to that they should have been doing in the first place. Applications were storing user configuration data in C:\Program Files rather than in C:\Documents & Settings\%Username%.
Imagine if say, applications in linux stored all of its user configuration data in/etc/$APPLICATION rather than/home/$USER. That's essentially what it comes down to.
So there were some growing pains there when Microsoft enforced that.
Now, with Windows 7 itself. The general improvements over Vista is that Microsoft went in and optimized the performance on the OS. They have software that tracks performance data and allows them to work on areas that slow down for whatever reason. They updated the display driver moel (though it is fully backwards compatible with WDDM1.0) which allows the window manager to use less memory and higher performance.
They added some really nifty features for using Windows on wide screens and touch screens.
And honestly I could really make a huge list on the improvements that the "Vista" architecture has made to Windows.
Windows 7 is a polished Windows Vista that also has the benefit of a couple of years of age. Since it's based on the same architecture, most compatibility issues have been worked out of the drivers and applications.
But all of this doesn't necessarily mean it's an improvement in these corporate or government IT infrastructures. IT Policy should at the very least provide many of the protections that Vista offers, minus the behind the scenes stuff (ASLR, Protected Mode IE). So while it's a great product, it is definitely hard to make a case for upgrading in the corporate sector.
Most of what everyone is going on is speculation. We don't have the bills to read so we don't know. It could simply be limited to private companies that provide electricity and power for all we know, or any public infrastructure-based system.
Just calm down, wait until the bills are even introduced, read it, pick it apart, contact your Senator and express your dismay over the project.
You cannot legally get this for free. And seriously...why would you cheat John Carmack out of a couple of bucks? Sure the guy is loaded but he lives quite humbly for the most part and is somewhat down to earth about his stardom..(nevermind the fact that he works on space projects...)
Reading these comments make me realize the sad state of the tech industry.
Look, who gives a damn if the guy is a "people person" or not. When they come to you and say that they're not paid to document or be a people person, that's correct. They did not go to school, spend their lives learning how to "be a social butterfly", they went to school for coding.
Their job description, in this case, says "programmer" not "social worker".
I'm sure if you took the time to ask "Josh" about what he's doing he would be more than willing to tell you, but only if you're not sitting there trying to derail the conversation to bullshit about fantasy football the whole time.
I should know..I'm this type of person. I'm not the crazy genius that many people here have been discussing, but I'm "that guy". I've always pretty much been "that guy".
That doesn't mean I'm "that guy" for every computer-related incident, but I certainly know my shit and far more than most of my peers.
Just going to throw this out there. The way web-based applications work is that you send data back to the server via a refresh. HTTP POST acts on a refresh, which then uses the data you posted to create the HTML that your browser is going to display to you.
They could go and write their own application interfaces but that becomes a burden when you can load everything over the internet right from the browser.
So here's how you solve the problem of security. You don't turn on the PC, don't connect it to the network, don't let it run hardware or software that you did not hand design yourself and keep completely closed off from others being able to see what goes on inside of it.
I mean, that's the level of comments you guys are taking this thread to.
The reality of the situation is the guy's post wasn't about whether or not any software was insecure, the implied statement was this: "By allowing my wife to run IE and allowing this University to run ActiveX controls, I am potentially opening up my computer to all the nasties on the internet that attack IE."
What I was responding to and how I crafted my statements was against that there. That no, simply launching IE and trusting a specific site to launch an ActiveX control isn't going to open your computer to the exploits on the internet regarding ActiveX.
Yes, I know that sure--it does go much deeper than this. How do you trust the application itself isn't going to do something bad either through sloppy coding or intended acts?
You can't.
But does that mean we should just not run applications? I mean, when you take it outside of the realm of the intended question (arguing against sloppy coding and unsafe practices), you end up going into other software products as well, not just IE and ActiveX.
The OP's post was not on that deep of a level, otherwise he wouldn't have asked the question in the first place if he understood the concepts you guys are throwing out here.
It was a misguided question that I've attempted to steer his knowledge onto the proper track so that he may have a better understanding of what's going on with his applications.
Why would you let him have these misguided thoughts about security of IE and Windows? Does that not hurt security even more by keeping people like that in the dark?
Okay, so I was a little vague in explaining my point with regards to security.
You are correct in the sense that software is sloppy, but what this guy is seemingly trying to prevent (and what he hinted to with his wife's computer performance problems) has to do with the general problems that people find with IE and ActiveX controls period.
That is, it's not the controls that are flawed, but he believes that by even having IE open will somehow open a doorway to insecurity to his system.
And what I was trying to point out is incorrect. The act of having IE open, adding this tutoring site to trusted sites, and then letting his wife use the site that way is in no way inherently bad and it certainly isn't going to invite viruses into his system unless of course someone at the college replaced the ActiveX control with malicious software.
And while the above is possible, I think it's beyond the scope of his "Ask Slashdot" question. The same goes for simple insecure coding practices. We could argue and debate all day long regarding these concepts and while they are all valid, it's definitely far too much for what he's asking.
The simple answer, again is: Does opening IE and allowing a trusted site's ActiveX controls to run cause my computer to be more open to viruses than it otherwise would be? No. It does not.
There is a much more complex answer that we seriously could just spend days on.
Slashdot Mirror
Oh I could imagine it now.
"Based on our estimation of your internet usage, the cost of your internet service would go down by X amount."
Then on the bill...
Cost of Internet Service: $15.83
Internet Delivery Fee: $4.99
Line Maintenance Fee: $2.99
Cable TV Service: $49.99
Cable TV Delivery Fee: $4.99
Cable TV maintenance Fee: $2.99
YOU CAN NOW PAY YOUR BILL ONLINE FOR ONLY A $2.99 PROCESSING FEE!
You may not do A, B, C, or D with your service. We reserve the right to cancel your service at any time. Early termination fee of $149.99 applies if cancelled within 2 years of signing of the contract.
First off, a clause in the contract stating that one side has the ability to change the contract is more than likely something that wouldn't hold up in any reasonable court anyway. It just hasn't been tested.
Secondly, keep in mind that these companies generally charge you a fee to cancel service prior to the contract expiration (which is usually 1 or 2 years). So in some cases it makes it prohibitive in actually reasonably cancel the contract.
They can change the contract any time they want without reason and without notifying me but I cannot break the contract any time I want without giving them money to do it?
This is hardly fair, and if it went to court chances are you would be able to make a case against them for this.
Third of all, you have to keep in mind that in the case of cable companies: they usually have monopolies in their respective areas. It's either NOTHING or them, and that's the only "choice" people have--which isn't really much of a competitive choice.
Because of the aforementioned lack of choice in which service you're provided, the rules of engagement between company and consumer are different than the standard "free market" rules of engagement. You need a 3rd party to step in and make sure that the powers that be are playing nicely, and in this case, they are not.
I completely agree.
Or the companies could build their networks to support the increased load. It's greed and nothing less than greed.
Let's break down this salad dinner analogy a bit more.
The analogy REALLY works like this.
Two people walk into a restaurant and buy dinners. One buys a lobster dinner, and one buys the salad dinner. Though all the dinner prices are advertised at the same price, in this case, it's advertised at the price of the lobster dinner.
Eventually, everyone starts coming in to the restaurant and starts buying the lobster dinner. The owner of the restaurant realizes that the cost of feeding everyone the lobster dinner is too high because they assumed that very few people actually wanted lobster and most would stand for the salad. Eventually, they start running out of lobster to feed everyone and start telling people you all can't have your lobster dinner. We assumed that most people just wanted salad and offered lobster as a bonus, we didn't expect everyone to jump on to the bandwagon and start buying the best thing we offered.
Rather than find another supplier of lobster and expanding their business, rather than overhauling their operation realizing that people really don't care for salad as much and want the lobster--they start placing the blame on the people that eat lobster. They tell the people eating salad that the people eating lobster are keeping all of their dinner costs high, and that the business owner isn't to blame for the high prices but the people eating the lobster that they offered are.
Meanwhile, the owner is walking away complaining about money when he's got a few million bucks in his bank account ripping off the people buying salad by charging them for lobster, and telling the people eating lobster that they can't have as much of it and need to start eating salad.
If my entire analogy sounds completely absurd, because it does to me, then you get an idea of how absurd this entire fucking scheme is from these cable companies.
Wesley:
Quite a few of us have had the service since they were offering it as unlimited. So yes, when we entered the contract with them for "unlimited service", that's what we bought into. If they break that it is a breach of contract.
It is illegal, it is wrong. And if I had enough money to fight off their lawyers I would take them to court over it.
It's unfair to sell and offer the service as "unlimited", which they did years ago when the idea of "unlimited" was big for dial-up companies, and then turn around and tell people they're going to limit them.
I would be more understanding of the situation of metered billing and usage if I was under the impression that they were doing all they could with the money they had and physically couldn't do anymore, but that's not the case here.
It's not a problem with any technology, it's not prohibitively expensive, it's greed and nothing else. And until they can prove to me and the rest of the people that it really isn't about greed then we aren't going to stand for them ripping us off.
#1. The truck itself might be more efficient for the weight, but do you really need to burn all of that fuel to carry your ass around? I'm not arguing against having the truck for when you need to carry heavier loads, but for a regular human being you really don't need all of that weight. In gas used per mile, the Prius destroys your truck and it still carries you around. You're saving money by using the Prius unless you're carrying heavier loads that the Prius cannot carry.
#2. My fuel can works fine, though I haven't researched this one so I'll get back to you.
#3. The mercury amount in each of these bulbs is inconsequential. Think about it. For many decades we put thermometers in our mouths that used a SIGNIFICANTLY LARGER amount of mercury. The amount of mercury in any of these bulbs is really nothing to worry about. And while light bulbs do break, the crap spewed out about the mercury content is really pointless. At the end of the day, using them will save you money at pretty much no cost to you--even if they break.
#4. Use less toilet paper and you won't clog these lower flowing toilets. I don't know what to tell you. I've used low flow, regular toilets, and high powered toilets. If you're that backed up that your toilet gets clogged from your shit alone I think you really should see a doctor.
We use CFL all throughout the house. My CFL in my bedroom that I purchased when CFLs were new, it was a 24W bulb in 2003 just burned out a couple of weeks ago. I got 6 years out of that bulb, with varying usage degrees anywhere between 4 hours a night and 10 hours per night--every night, for those years.
I would say I got my money's worth out of that bulb.
Still better than a 100W incandescent.
Nah, not if you have UAC. That's the thing. Applications are limited in what they can do but you get a simple elevation prompt for administrative-level tasks.
This is in stark contrast to the previous situation where there was no easy way to elevate. You could only *RUN AS* on an application and have to type in your password every time for each application.
Now you get the benefits of running as a standard user and elevating only when necessary.
Hell for what it's worth Office 2007 probably has a higher "retraining" cost than Windows Vista over XP...
Guess your environment doesn't really involve many people from the outside world, doesn't change as much, and doesn't really grow.
Most applications these days from large vendors *REQUIRE* activation. Windows, Office, Photoshop, etc.
What *SPECIFIC* video card was not supported? And how old is this video card or how specific is the chipset? Laptop computer versus desktop? Can you not change the card?
PS: If this card doesn't work in Vista, it's not going to work in Windows 7.
PPS: Upgrade your video card.
Otherwise, to answer your question. Nobody's saying go out to get Vista for Vista's sake. What I tell people is if you're fine with XP on your environment, then by all means don't change. *BUT* don't hold back your environment for the sake that you hate the new OS. Buy a license, evaluate it with your environment. See how it runs. And when it's time to upgrade your work machines, just use Vista that came with them.
Before you make such bold claims I think you should point out precisely where you had compatibility problems.
I ran Vista x64 from beta 1 up through release including SP1 and the SP2 betas and had no compatibility issues minus the usual software vendors who wait until "RTM" to release anything for the OS. (Pointing fingers at Daemon Tools).
I think you have some other problems with that Vista laptop unrelated to Vista itself. Perhaps running a fresh install of Vista SP1 with the most recent, up-to-date drivers will solve your issues.
Just to add on to my comment, to explain in more detail. There are definite design differences between how both UAC and sudo are used.
For one, if you use sudo within the context of a terminal window--it does not carry over to another terminal window, nor does it carry over to applications you're running within any GUI environment.
Either way, you still have to prefix every command you run with "sudo".
Also, do you really want administrative privileges carried over between applications when you're installing things? While you trust the "repository" for your distribution which downloads and installs needed dependencies for you, you very likely (and should not) trust a random application you download in a Windows environment from some 3rd party website.
The same is if you were to install multiple applications rather than loading it up with one command that grabs all the dependencies.
You generally know what "sudo apt-get install mysql" is going to do for the system. But in a Windows environment, you don't know whether Application B that Application A launched is something you should trust with Administrative rights to the PC.
So it's a fundamental usage design difference between the two systems, not a problem with UAC itself.
Besides, in Windows 7 they give all you guys that just cannot stand clicking "yes or no" a little slider to adjust the prompts, and any application that may modify the system or anything you do gets a little shield icon.
Except UAC doesn't ask for your password, it simply asks you to click Yes or No. Unless you've forcefully logged yourself in as a "standard user" on top of UAC.
Well, most of the technologies that are found in Windows 7 were introduced in Windows Vista. Vista's problems weren't necessarily faults of the OS--they were simply growing pains.
/etc/$APPLICATION rather than /home/$USER. That's essentially what it comes down to.
Microsoft made a LOT of changes to the OS and to the way both developers *AND* users used the operating system.
But all of these changes were really good changes that needed to be done.
UAC? It was necessary. Could it have been implemented better? Not really. What it does is provide a good gray area between "running as a standard user" and "running as an administrator".
On top of the addition of ASLR (improved in SP1), Vista's security is far improved over XP's.
And finally, low integrity processes.
The reason why developers hated the OS is because it does things that they aren't used to that they should have been doing in the first place. Applications were storing user configuration data in C:\Program Files rather than in C:\Documents & Settings\%Username%.
Imagine if say, applications in linux stored all of its user configuration data in
So there were some growing pains there when Microsoft enforced that.
Now, with Windows 7 itself. The general improvements over Vista is that Microsoft went in and optimized the performance on the OS. They have software that tracks performance data and allows them to work on areas that slow down for whatever reason. They updated the display driver moel (though it is fully backwards compatible with WDDM1.0) which allows the window manager to use less memory and higher performance.
They added some really nifty features for using Windows on wide screens and touch screens.
And honestly I could really make a huge list on the improvements that the "Vista" architecture has made to Windows.
Windows 7 is a polished Windows Vista that also has the benefit of a couple of years of age. Since it's based on the same architecture, most compatibility issues have been worked out of the drivers and applications.
But all of this doesn't necessarily mean it's an improvement in these corporate or government IT infrastructures. IT Policy should at the very least provide many of the protections that Vista offers, minus the behind the scenes stuff (ASLR, Protected Mode IE). So while it's a great product, it is definitely hard to make a case for upgrading in the corporate sector.
Most of what everyone is going on is speculation. We don't have the bills to read so we don't know. It could simply be limited to private companies that provide electricity and power for all we know, or any public infrastructure-based system.
Just calm down, wait until the bills are even introduced, read it, pick it apart, contact your Senator and express your dismay over the project.
You pay and own the device. You do not own the service.
Keep that in mind when making your argument.
You cannot legally get this for free. And seriously...why would you cheat John Carmack out of a couple of bucks? Sure the guy is loaded but he lives quite humbly for the most part and is somewhat down to earth about his stardom..(nevermind the fact that he works on space projects...)
It doesn't quite copy the IE functionality in Windows 7. Dragging tabs out is not possible like it is with Chrome.
However, dragging the tabs and using Windows 7's snap abilities (to snap to the right/left side) is actually pretty sweet.
Reading these comments make me realize the sad state of the tech industry.
Look, who gives a damn if the guy is a "people person" or not. When they come to you and say that they're not paid to document or be a people person, that's correct. They did not go to school, spend their lives learning how to "be a social butterfly", they went to school for coding.
Their job description, in this case, says "programmer" not "social worker".
I'm sure if you took the time to ask "Josh" about what he's doing he would be more than willing to tell you, but only if you're not sitting there trying to derail the conversation to bullshit about fantasy football the whole time.
I should know..I'm this type of person. I'm not the crazy genius that many people here have been discussing, but I'm "that guy". I've always pretty much been "that guy".
That doesn't mean I'm "that guy" for every computer-related incident, but I certainly know my shit and far more than most of my peers.
Just going to throw this out there. The way web-based applications work is that you send data back to the server via a refresh. HTTP POST acts on a refresh, which then uses the data you posted to create the HTML that your browser is going to display to you.
They could go and write their own application interfaces but that becomes a burden when you can load everything over the internet right from the browser.
So here's how you solve the problem of security. You don't turn on the PC, don't connect it to the network, don't let it run hardware or software that you did not hand design yourself and keep completely closed off from others being able to see what goes on inside of it.
I mean, that's the level of comments you guys are taking this thread to.
The reality of the situation is the guy's post wasn't about whether or not any software was insecure, the implied statement was this: "By allowing my wife to run IE and allowing this University to run ActiveX controls, I am potentially opening up my computer to all the nasties on the internet that attack IE."
What I was responding to and how I crafted my statements was against that there. That no, simply launching IE and trusting a specific site to launch an ActiveX control isn't going to open your computer to the exploits on the internet regarding ActiveX.
Yes, I know that sure--it does go much deeper than this. How do you trust the application itself isn't going to do something bad either through sloppy coding or intended acts?
You can't.
But does that mean we should just not run applications? I mean, when you take it outside of the realm of the intended question (arguing against sloppy coding and unsafe practices), you end up going into other software products as well, not just IE and ActiveX.
The OP's post was not on that deep of a level, otherwise he wouldn't have asked the question in the first place if he understood the concepts you guys are throwing out here.
It was a misguided question that I've attempted to steer his knowledge onto the proper track so that he may have a better understanding of what's going on with his applications.
Why would you let him have these misguided thoughts about security of IE and Windows? Does that not hurt security even more by keeping people like that in the dark?
Okay, so I was a little vague in explaining my point with regards to security.
You are correct in the sense that software is sloppy, but what this guy is seemingly trying to prevent (and what he hinted to with his wife's computer performance problems) has to do with the general problems that people find with IE and ActiveX controls period.
That is, it's not the controls that are flawed, but he believes that by even having IE open will somehow open a doorway to insecurity to his system.
And what I was trying to point out is incorrect. The act of having IE open, adding this tutoring site to trusted sites, and then letting his wife use the site that way is in no way inherently bad and it certainly isn't going to invite viruses into his system unless of course someone at the college replaced the ActiveX control with malicious software.
And while the above is possible, I think it's beyond the scope of his "Ask Slashdot" question. The same goes for simple insecure coding practices. We could argue and debate all day long regarding these concepts and while they are all valid, it's definitely far too much for what he's asking.
The simple answer, again is: Does opening IE and allowing a trusted site's ActiveX controls to run cause my computer to be more open to viruses than it otherwise would be? No. It does not.
There is a much more complex answer that we seriously could just spend days on.