Treating multiple open processes as simply "tabs" makes it really hard to get around.
My workplace has about 30k chromebooks in use, and the "tabs" is a source of complaint for some web apps because Chrome will suspend those tabs (regardless of settings) and require a fresh login to re-connect the setting. Cookies don't work for everything, esp high-security stuff.
Wouldn't be the least bit surprised to read that the Russians did it. They don't favor the GOP, they simply aim to sow distrust in any government that isn't theirs. The GOP suited their goals in 2016, but they may see things tilting the other direction and are hedging their bets.
This likely explains some of the motivation behind the news earlier today about Edge being replaced by a Chromium based Browser, and the MS contributions to the Chromium project.
You're acting like XP is some weird outlier. How about if they were on Ubuntu 4, Red Hat 2, or CentOS 3 instead? All of which were released 3-4 years after XP. The vendors for those operating systems don't support those anymore either. They'd tell you to update, and failure to update is completely on you. No wonder you posted as AC.
Speaking of Bing... now that Google's shutting down Google Plus rather than endure bad press for a product that will never compete with FaceBook, I wonder if Microsoft will similarly accept that Bing will never compete seriously with Google. Different markets, I know. Bing vs Google doesn't have to deal with the network effects of 'everybody's already on Facebook'.
VERY different markets. Bing's search technology is getting expanded on and used within Office/Azure tenancies. I think MS announced something about this at Ignite last month. I see Bing as more of a tech experiment than an actual Google rival. Maybe MS captures a share of the search engine market, but I think their real aim was to learn how to build a better search engine, one that they could use elsewhere.
It makes everything worse. Less control over your possessions is always worse.
Yes, because companies that either delay or outright refuse to update has brought us such wonderful things. Why, if everything was updated properly, we'd miss out on the wonders of botnets, and exploits that were patched 5 years ago raging through hospitals.
It's of limited utility so long as.vbs/.bat/.cmd still can run without such protections in the same context.
And on the 'you have to have admin rights', there is something deeply wrong with the Windows userbase. I made an app for Windows and made it available to some testers and went to see what they did. About 7 out of 10 of the test users right clicked to 'run as administrator' without even *trying* to run it normally. Even after telling them as the developer of the application that it does not need admin rights, 2 of them refused to run it normally, because they didn't believe that it could work without it.
That's why we (or at least I) deny users administrative rights. Expect your users to be useless in regard to security, and harden your systems accordingly.
"The software may collect information about you and your use of the software, and send that to Microsoft."
Telemetry is built into so many things now, it's a losing battle. Do you have a phone? With an app installed? It's tracking you more than VSCode ever will. But you keep wearing that tinfoil hat, and we'll keep doing what the aliens tell us with their brain rays.:)
Starting with a scripting language such as Ruby or Python might be up your alley as neither requires compiling and both are pretty easy to read and understand. See if you like the idea of coding for long periods of time and banging your head against the desk in frustration.
If you work in a primarily Microsoft IT department, I'd place powershell on the top of the scripting language options. It's built on top of DotNet, which means you can be simple and get around, but you can also call up DotNet, or import other libraries built upon it. You can even do some C# code right in powershell, and use it in your scripts, so it's a language that can grow with you, and one that sets you up for jumping to C#.
There's also the details about DotNet and Powershell having their open source versions so you can take that knowledge set to Mac and Linux.:)
On top of 'build a web page' I'd add, 'learn how to use the Chrome/Firefox dev tools'.
Learning how to use the available tools to dig through your code is how you fix bugs. It helps you to 'peel back' the layers and understand whats going on. Once you've had a mild exposure to the tools, you'll find yourself doing some dabbling in them (because it operates as a live editor in some instances) and some in your text/WYSIWYG editor.
Java: Getting old. OSS friendly. Most popular language. Will probably still be kicking in 20 years.
C#: Better designed. Better IDE. Chained to M$. Claims to be OSS friendly, but we all know it's a trap. Will be dead in 10 years.
Java: Oracle has it now, and their lawyers failed to wring a huge settlement out of Google with it. If Oracle can't lawyer their customers to death with it, that leaves it's fate to be determined. Possibly circling the drain in 20 years.
C#: 17 years old, still in development. Built on DotNet, which also powers Microsoft's system automation language: Powershell, which is also still in development, both of which are on GitHub no less. I suspect these have more legs then many might think.
Sorry, but I totally agree with the original post. The title is "Ubuntu 0day world of hurt". The reality is "Ubuntu12.04, no privilege escalation". That is not a serious issue, and even the author acknowledges it, so please hush big boy.
The Author said: "I like to prove that vulnerabilities are not just theoretical—that they are actually exploitable to cause real problems,"
Care to share what you're basing your perspective off of? Mr Evan's actual detail *is* a long read and I fully admit I grazed it and may have missed something.
The main users of ubuntu 12.04 are mostly servers (so not likely to be affected) and the EOL is near anyway.
I'm going to presume you meant Ubuntu 16.04, and note that you're nitpicking on one of the two distributions highlighted. Regardless of the user spread between server and desktop (that was also noted in the article), are you implying that there's not enough Ubuntu 16.04 users to matter? That because it's near EOL, a zero-day exploit doesn't matter? There's exploits happening everyday that don't require privilege escalation, yet they frequently cost companies large amounts of money and time. Your definition of "serious" leaves much to be desired.
...if you just install this normally not installed software...
As has already been addressed multiple times above, the package involved is installed by default in the listed distros and more.
Just file the bug and let them fix it, till then just stfu.
How about you RTFM and understand what you're talking about, till then hush little child. Consider that the sensational title is intended to get attention on an actual threat, and past the willful ignorance of persons such as yourself.
But if it floats your boat, go right ahead. Just don't expect to gather many proselytes on the way, and get used to talking to yourself. I doubt you'll find many others to exchange your experiences with...:-)
Well, definitely not here. And I dare not mention where the lively discussions occur, Slashdot is not known for the good manners of it's commenters.
Sure, you may have a point on that particular issue. You are after all talking about a system that was made up from whole cloth by one entity recently, not an older system that grew organically over time at many places, with input from many people.
And yet it *IS* the particular issue you chose to pick on.
And "info" didn't really take off. Why? Because man pages are just "good enough". They're certainly not so bad that it would motivate someone to change platforms to windows (not even "info" it turns out).
This thread is discussing which is easier to learn. "Good enough" is NOT good enough in this context. It may be good enough for a veteran to the tool who simply needs a reference, but it's horrid to Joe Newbie trying to learn *nix for his computer career. You put both of them in front of Joe Newbie, and it might actually trigger that change you think impossible.
And that's why we do not care one iota that MS moves powershell to Unix. And why we likewise don't care much about arguments about its superiority. We've been burned hard enough in the past to have learnt our lesson. And "bling" like slightly better on-line manuals (esp. in the age of Google) doesn't sway us one bit. Not even a little one. So feel free to keep powershells superior documentation. It comes with much too much baggage to be worth it.
And that's the beauty of it. The rest of us don't have to care about your perception of it. You're free to despise it to your hearts content, though your feelings about it are not shared by the entire community. Those who aren't carrying a torch and pitchfork over Microsoft's antics of old can judge the merits of this tool for themselves.
To generalize, the right time to use objects is when you have an object oriented language, so that you have polymorphism, iteration and extendability. I use those a lot. The right tool for the right job.
And you have these in Powershell, even more so since the version 5 (windows) release. I'm not sure if the linux alpha is quite there yet, but if it isn't, it will get there.
Just providing object access does not really add much, except complexity.
And sure, it's good for something. It's just a lot more complicated to do difficult things when constrained by provided objects and expected interaction. Specialized interfaces with limited extendability are not a step forward.
What you seem to view as "constraint" I view as "enabling". Powershell has actually simplified many of the tasks I and others have had to tackle. Perhaps you should try using Powershell on an extended basis and learning about it before you make off the cuff observations about what it is and is not capable of. But then again, you and your quotations know far better then I do right?
And if we all blindly reject something because it was written long ago, what we're doing is not progress, but at best reinvention. There is a reason to use text streams and not objects.
"Those who do not understand Unix are condemned to reinvent it, poorly."
-- Henry Spencer
If computers ran on quotes, you'd be quite the genius. Alas, they do not. A wiser person would understand there is a time to use objects and not text streams. You can love your hammer all you want, but that doesn't make it a very good screwdriver. As the linux faithful love to proclaim: "right tool for the right job". If your job description doesn't line up with powershell, don't use it. But don't think you're doing anyone any good by claiming it's good for nothing because it doesn't behave as demanded by your chosen philosophy.
Slashdot Mirror
Treating multiple open processes as simply "tabs" makes it really hard to get around.
My workplace has about 30k chromebooks in use, and the "tabs" is a source of complaint for some web apps because Chrome will suspend those tabs (regardless of settings) and require a fresh login to re-connect the setting. Cookies don't work for everything, esp high-security stuff.
The woosh is real.
Wouldn't be the least bit surprised to read that the Russians did it. They don't favor the GOP, they simply aim to sow distrust in any government that isn't theirs. The GOP suited their goals in 2016, but they may see things tilting the other direction and are hedging their bets.
But it IS Windows 10. The name is "Windows 10 Lite". See? It's right there in the name!
:eyeroll:
It was called Windows ARM or something.
Maybe read the linked article...
And it failed miserably.
Yup.
This likely explains some of the motivation behind the news earlier today about Edge being replaced by a Chromium based Browser, and the MS contributions to the Chromium project.
You're acting like XP is some weird outlier. How about if they were on Ubuntu 4, Red Hat 2, or CentOS 3 instead? All of which were released 3-4 years after XP. The vendors for those operating systems don't support those anymore either. They'd tell you to update, and failure to update is completely on you. No wonder you posted as AC.
...so what happens to all tech that now depended on them? There must be some future protection, right? How does it work?
Patent sharing doesn't mean all the code built on the patents becomes open source. They'll still keep that source code closed.
Nothing outside of any patents they want to keep to themselves.
Speaking of Bing... now that Google's shutting down Google Plus rather than endure bad press for a product that will never compete with FaceBook, I wonder if Microsoft will similarly accept that Bing will never compete seriously with Google. Different markets, I know. Bing vs Google doesn't have to deal with the network effects of 'everybody's already on Facebook'.
VERY different markets. Bing's search technology is getting expanded on and used within Office/Azure tenancies. I think MS announced something about this at Ignite last month. I see Bing as more of a tech experiment than an actual Google rival. Maybe MS captures a share of the search engine market, but I think their real aim was to learn how to build a better search engine, one that they could use elsewhere.
It makes everything worse. Less control over your possessions is always worse.
Yes, because companies that either delay or outright refuse to update has brought us such wonderful things. Why, if everything was updated properly, we'd miss out on the wonders of botnets, and exploits that were patched 5 years ago raging through hospitals.
It's of limited utility so long as .vbs/.bat/.cmd still can run without such protections in the same context.
And on the 'you have to have admin rights', there is something deeply wrong with the Windows userbase. I made an app for Windows and made it available to some testers and went to see what they did. About 7 out of 10 of the test users right clicked to 'run as administrator' without even *trying* to run it normally. Even after telling them as the developer of the application that it does not need admin rights, 2 of them refused to run it normally, because they didn't believe that it could work without it.
That's why we (or at least I) deny users administrative rights. Expect your users to be useless in regard to security, and harden your systems accordingly.
From the License:
"The software may collect information about you and your use of the software, and send that to Microsoft."
Telemetry is built into so many things now, it's a losing battle. Do you have a phone? With an app installed? It's tracking you more than VSCode ever will. But you keep wearing that tinfoil hat, and we'll keep doing what the aliens tell us with their brain rays. :)
Starting with a scripting language such as Ruby or Python might be up your alley as neither requires compiling and both are pretty easy to read and understand. See if you like the idea of coding for long periods of time and banging your head against the desk in frustration.
If you work in a primarily Microsoft IT department, I'd place powershell on the top of the scripting language options. It's built on top of DotNet, which means you can be simple and get around, but you can also call up DotNet, or import other libraries built upon it. You can even do some C# code right in powershell, and use it in your scripts, so it's a language that can grow with you, and one that sets you up for jumping to C#.
:)
There's also the details about DotNet and Powershell having their open source versions so you can take that knowledge set to Mac and Linux.
On top of 'build a web page' I'd add, 'learn how to use the Chrome/Firefox dev tools'.
Learning how to use the available tools to dig through your code is how you fix bugs. It helps you to 'peel back' the layers and understand whats going on. Once you've had a mild exposure to the tools, you'll find yourself doing some dabbling in them (because it operates as a live editor in some instances) and some in your text/WYSIWYG editor.
Java: Getting old. OSS friendly. Most popular language. Will probably still be kicking in 20 years. C#: Better designed. Better IDE. Chained to M$. Claims to be OSS friendly, but we all know it's a trap. Will be dead in 10 years.
Java: Oracle has it now, and their lawyers failed to wring a huge settlement out of Google with it. If Oracle can't lawyer their customers to death with it, that leaves it's fate to be determined. Possibly circling the drain in 20 years. C#: 17 years old, still in development. Built on DotNet, which also powers Microsoft's system automation language: Powershell, which is also still in development, both of which are on GitHub no less. I suspect these have more legs then many might think.
Sorry, but I totally agree with the original post. The title is "Ubuntu 0day world of hurt". The reality is "Ubuntu12.04, no privilege escalation". That is not a serious issue, and even the author acknowledges it, so please hush big boy.
The Author said: "I like to prove that vulnerabilities are not just theoretical—that they are actually exploitable to cause real problems,"
Care to share what you're basing your perspective off of? Mr Evan's actual detail *is* a long read and I fully admit I grazed it and may have missed something.
The main users of ubuntu 12.04 are mostly servers (so not likely to be affected) and the EOL is near anyway.
I'm going to presume you meant Ubuntu 16.04, and note that you're nitpicking on one of the two distributions highlighted. Regardless of the user spread between server and desktop (that was also noted in the article), are you implying that there's not enough Ubuntu 16.04 users to matter? That because it's near EOL, a zero-day exploit doesn't matter? There's exploits happening everyday that don't require privilege escalation, yet they frequently cost companies large amounts of money and time. Your definition of "serious" leaves much to be desired.
It seems (one of) the underlying libraries got patched 2 days ago.
https://bitbucket.org/mpyne/game-music-emu/wiki/Home
I won't agree on the "free vs proprietary", but it is awesome that the people behind that project responded that quickly.
As has already been addressed multiple times above, the package involved is installed by default in the listed distros and more.
Just file the bug and let them fix it, till then just stfu.
How about you RTFM and understand what you're talking about, till then hush little child. Consider that the sensational title is intended to get attention on an actual threat, and past the willful ignorance of persons such as yourself.
It's a SNES vulnerability?
Easily fixed: up up down down left right left right b a select
And yes, that depth *always* should include the user. Because our aim should be to make ourselves smarter, not dumber.
By all means, aim high. Just know that where users (in general) are involved, that arrow is going to fall much lower then expected.
But if it floats your boat, go right ahead. Just don't expect to gather many proselytes on the way, and get used to talking to yourself. I doubt you'll find many others to exchange your experiences with... :-)
Well, definitely not here. And I dare not mention where the lively discussions occur, Slashdot is not known for the good manners of it's commenters.
Sure, you may have a point on that particular issue. You are after all talking about a system that was made up from whole cloth by one entity recently, not an older system that grew organically over time at many places, with input from many people.
And yet it *IS* the particular issue you chose to pick on.
And "info" didn't really take off. Why? Because man pages are just "good enough". They're certainly not so bad that it would motivate someone to change platforms to windows (not even "info" it turns out).
This thread is discussing which is easier to learn. "Good enough" is NOT good enough in this context. It may be good enough for a veteran to the tool who simply needs a reference, but it's horrid to Joe Newbie trying to learn *nix for his computer career. You put both of them in front of Joe Newbie, and it might actually trigger that change you think impossible.
And that's why we do not care one iota that MS moves powershell to Unix. And why we likewise don't care much about arguments about its superiority. We've been burned hard enough in the past to have learnt our lesson. And "bling" like slightly better on-line manuals (esp. in the age of Google) doesn't sway us one bit. Not even a little one. So feel free to keep powershells superior documentation. It comes with much too much baggage to be worth it.
And that's the beauty of it. The rest of us don't have to care about your perception of it. You're free to despise it to your hearts content, though your feelings about it are not shared by the entire community. Those who aren't carrying a torch and pitchfork over Microsoft's antics of old can judge the merits of this tool for themselves.
To generalize, the right time to use objects is when you have an object oriented language, so that you have polymorphism, iteration and extendability. I use those a lot. The right tool for the right job.
And you have these in Powershell, even more so since the version 5 (windows) release. I'm not sure if the linux alpha is quite there yet, but if it isn't, it will get there.
Just providing object access does not really add much, except complexity.
And sure, it's good for something. It's just a lot more complicated to do difficult things when constrained by provided objects and expected interaction. Specialized interfaces with limited extendability are not a step forward.
What you seem to view as "constraint" I view as "enabling". Powershell has actually simplified many of the tasks I and others have had to tackle. Perhaps you should try using Powershell on an extended basis and learning about it before you make off the cuff observations about what it is and is not capable of. But then again, you and your quotations know far better then I do right?
And if we all blindly reject something because it was written long ago, what we're doing is not progress, but at best reinvention. There is a reason to use text streams and not objects.
"Those who do not understand Unix are condemned to reinvent it, poorly." -- Henry Spencer
If computers ran on quotes, you'd be quite the genius. Alas, they do not.
A wiser person would understand there is a time to use objects and not text streams. You can love your hammer all you want, but that doesn't make it a very good screwdriver. As the linux faithful love to proclaim: "right tool for the right job". If your job description doesn't line up with powershell, don't use it. But don't think you're doing anyone any good by claiming it's good for nothing because it doesn't behave as demanded by your chosen philosophy.