yeh. when i switched to opera, i no longer needed the IETab extension i relied upon in firefox.
i dont care what the mozilla team says, FF has some serious web site compat issues
well, you're wrong about search speed. the search in the latest outlook is amazingly fast. faster than gmail.
what makes outlook awesome is exchange and active directory. i understand that this doesn't neccesarily help the home user, but in a org it is extremely useful.
you can group email in outlook by conversation and then by conversation index which gives you threaded mail with indentation.
you can just right click on the icon and click delete. this toggles the setting in the 'Personalize' control panel, and tells you how to get it back if you ever want it again. i'm sick of the windows lies crap. i find myself defending windows more then bashing it because of all of the rediculous lies about it.
"You're sneering at 1 in 100?"
well, since vista sales are around the 20 million mark, then it seems like you are sneering at a sales rate of 1 in 15 people.
if slashdot-ers would read the article posted they would see that the major complaints they have with the study were addressed by the author!
from the paper:
"I think it worth spending a moment to discuss what this analysis covers, why it might be useful to some people and, perhaps most importantly, what it does not say.
If it was possible to measure "security" in one metric, it would have to encompass a complex combination of factors including (but not limited to) the software quality, administrative controls, physical controls, and much more - and even then, it would all be in the context of whatever security policy was defined for the systems in question.
So, this is not an analysis of "the security". I don't look at protective mechanisms and see how they might protect in certain scenarios. Nor do I look at security features and see how they might enable better privacy or help secure business process. And I certainly don't look at how easy it is to manage the security policy for these products.
Is there anything in this analysis which will prove one piece of software is "more secure" than another? No, that is not my intention.
This report is a vulnerability analysis, which may provide some elements that could be part of a broader security analysis. I fundamentally believe that security and non-security features need to be built upon a foundation of good engineering and solid security quality if they are to perform as we expect and not be misused to the detriment of security."
what this study shows is that microsoft's Secure Development Lifecycle, safe libraries, and other initiatives are actually producing better code. nobody is saying vista is "more secure" than anything. honestly, this begs a question, why does slashdot hate the fact that windows code is improving? isn't safer/better code good for everyone?
When I was in elementary school none of our class rooms had computers. My fifth grade teacher when to the Microsoft Technology training course and was able to get our class room 5 computers. This was my first exposure to computers. I don't care if you hate Microsoft, the fact that they put a keyboard in my hands got me interested in computing. I would not be where I am today if that did not happen. To this I am grateful to Microsoft, and more accurate probably, my fifth grade teacher.
what is the difference between "undocumented binary data" and proprietary video and graphics? both contain binary blobs that are undocumented. it's not a red herring argument, it's a perfectly valid one.
that's a real mature response. when your argument falls apart you just resort to calling someone a troll. no wonder people don't take you guys seriously. i've read your posts, and your links and you sound like even more of a fanboy and shill than the OXMLhoaxes you tried to derail.
also you haven't answered my question at all. how do you suppose Microsoft (or any other format definer) should define an embedded piece of proprietary multimedia?
well yeh, you can embed video and music into powerpoint.
what solution to you suggest to this problem? you can only embed FOSS multimedia into your documents?
these bugs can cause arbitrary code execution because they are crashes that happen deep in the kernel. if you sculpt your malformed input correctly the instruction pointer will actually hold the value of your input. if your malformed input is 01 02 03 04 05 06 07 08 09 (this is just an example) and the buffer over runs when it gets to the 04, then the EIP will be pointing to 05060708. the system will try to execute the command at 05060708. put the beginning of your virulent code at that location of memory, and you have just hijacked the system. worse, your virualent code will run with what ever permissions were granted to the last comman, ie kernel permission.
the reason why MoAB says this is possible but doesn't have an example is that a hack like this is extremely difficult to pull off. the fact that the application crashes in the kernel means that it is possible. if the app just crashed in user space, then the system would be safe.
also, anyone notice that this fix theyre posted doesnt fix the windows version of quicktime?
Slashdot Mirror
except globalization is the sole reason for our comfortable living status and swelled middle class. be careful what you wish for.
yeh. when i switched to opera, i no longer needed the IETab extension i relied upon in firefox. i dont care what the mozilla team says, FF has some serious web site compat issues
well, you're wrong about search speed. the search in the latest outlook is amazingly fast. faster than gmail.
what makes outlook awesome is exchange and active directory. i understand that this doesn't neccesarily help the home user, but in a org it is extremely useful.
you can group email in outlook by conversation and then by conversation index which gives you threaded mail with indentation.
yeh, plugged into the cable modem ip: 64.58.66.214
just try to get into my windows box...
it's also a table. the iphone is uhhh a phone
that wasn't the only thing Ultimate offered. I can tell you, I didn't buy Ultimate for those "extras" you can download through WU.
you can just right click on the icon and click delete. this toggles the setting in the 'Personalize' control panel, and tells you how to get it back if you ever want it again. i'm sick of the windows lies crap. i find myself defending windows more then bashing it because of all of the rediculous lies about it.
"You're sneering at 1 in 100?" well, since vista sales are around the 20 million mark, then it seems like you are sneering at a sales rate of 1 in 15 people.
vista?
if slashdot-ers would read the article posted they would see that the major complaints they have with the study were addressed by the author! from the paper: "I think it worth spending a moment to discuss what this analysis covers, why it might be useful to some people and, perhaps most importantly, what it does not say. If it was possible to measure "security" in one metric, it would have to encompass a complex combination of factors including (but not limited to) the software quality, administrative controls, physical controls, and much more - and even then, it would all be in the context of whatever security policy was defined for the systems in question. So, this is not an analysis of "the security". I don't look at protective mechanisms and see how they might protect in certain scenarios. Nor do I look at security features and see how they might enable better privacy or help secure business process. And I certainly don't look at how easy it is to manage the security policy for these products. Is there anything in this analysis which will prove one piece of software is "more secure" than another? No, that is not my intention. This report is a vulnerability analysis, which may provide some elements that could be part of a broader security analysis. I fundamentally believe that security and non-security features need to be built upon a foundation of good engineering and solid security quality if they are to perform as we expect and not be misused to the detriment of security." what this study shows is that microsoft's Secure Development Lifecycle, safe libraries, and other initiatives are actually producing better code. nobody is saying vista is "more secure" than anything. honestly, this begs a question, why does slashdot hate the fact that windows code is improving? isn't safer/better code good for everyone?
it's a sentence with a typo.
and you are a prick.
When I was in elementary school none of our class rooms had computers. My fifth grade teacher when to the Microsoft Technology training course and was able to get our class room 5 computers. This was my first exposure to computers. I don't care if you hate Microsoft, the fact that they put a keyboard in my hands got me interested in computing. I would not be where I am today if that did not happen. To this I am grateful to Microsoft, and more accurate probably, my fifth grade teacher.
do you have to work at being that much of a fucking prick. to hell with you assholes.
what is the difference between "undocumented binary data" and proprietary video and graphics? both contain binary blobs that are undocumented. it's not a red herring argument, it's a perfectly valid one.
that's a real mature response. when your argument falls apart you just resort to calling someone a troll. no wonder people don't take you guys seriously. i've read your posts, and your links and you sound like even more of a fanboy and shill than the OXMLhoaxes you tried to derail.
also you haven't answered my question at all. how do you suppose Microsoft (or any other format definer) should define an embedded piece of proprietary multimedia?
well yeh, you can embed video and music into powerpoint. what solution to you suggest to this problem? you can only embed FOSS multimedia into your documents?
how else do you want to be able to put an image into a document without binary blobs?
office 2007?
"a kid who grew up during the Regan" ...or anyone who has read Dostoevsky
so, the new gmail looks an awful lot like the new hotmail. its a hell of a lot slower too.
these bugs can cause arbitrary code execution because they are crashes that happen deep in the kernel. if you sculpt your malformed input correctly the instruction pointer will actually hold the value of your input. if your malformed input is 01 02 03 04 05 06 07 08 09 (this is just an example) and the buffer over runs when it gets to the 04, then the EIP will be pointing to 05060708. the system will try to execute the command at 05060708. put the beginning of your virulent code at that location of memory, and you have just hijacked the system. worse, your virualent code will run with what ever permissions were granted to the last comman, ie kernel permission. the reason why MoAB says this is possible but doesn't have an example is that a hack like this is extremely difficult to pull off. the fact that the application crashes in the kernel means that it is possible. if the app just crashed in user space, then the system would be safe. also, anyone notice that this fix theyre posted doesnt fix the windows version of quicktime?