I see it all the time. I just wish that those people would do evolution a favor and stop breathing free air.
> I, for one, want a company to be held responsible for bugs in the code I use. > Support? Seems obvious when you point it out.
If just one of you said it, I would think you were joking. But it seems some people actually believe that proprietary companies provide better support and accountability for their software. As a rule, of course, they don't. But even if most did (some do, but certainly not most), that would be no reason for a blanket "No software allowed if you can see the source!" policy.
> Also, having a price tag can/sometimes/ lead to better software.
Yes, some software is worth paying for, even if it is closed source. Again, that is no reason for a blanket "No software allowed if you can see the source!" policy.
The "stays inaudible or invisible" is clearly a lie. Audio data that is inaudible is not sent over VOIP in the first place. Why would they waste bandwidth on inaudible data?
Setting the sudo window to 0 helps a little bit. However a) most distros don't set it that way by default and b) it still leaves a hole open.
A piece of malware can still "trojan" sudo, just like it can trojan su. One way to do this is to add "~/long-path/bin" to the beginning of the PATH variable, and put the bad sudo and su into that directory. They can attempt to hide that they changed the path by also trojaning other commands, such as set, echo, and which.
Actually, all the malware would have to do is wait until the user uses sudo, and then it can quietly and permanently acquire root privileges. Or it can configure the shell to use a trojaned version of su instead of the real version.
Multi-user privileges on a single-user system, while useful, is over-rated.
It has multiple possibilities for dd: "copy and convert" "dataset definition" and device, disk, and dump in various combinations. The answer isn't as clear as either of us thought.
I disagree. Firefox is so popular because of its features. Built-in popup blocking, customizable cookie behavior, tabbed browsing, and an extension repository. I'm sure security had some sway too, but it was mostly the features.
It is certainly a pain in the ass when you try to use firefox to browse a site that was written exclusively for IE, but usually you can just do your business elsewhere. IE was more of a pain because of all the ads and the crashing.
Actually, "su" does indeed stand for "super user". Originally, it could only switch to root. The capability to switch to arbitrary users was added later, and "switch user" is a backronym.
While we're on the subject, guess what "dd" stands for? It's not "direct dump" or "disk destroy". It's "character copy".
Apparently, it also helps to have an easy to pronounce name. Einstein/Edison/Newton vs Édouard-Léon Scott de Martinville/Leibniz.
Also, it isn't fair to Einstein to say he "failed" to accept quantum theory. He was one of the few to see it for what it was, and never tried to accept it.
In theory, software could violate it's own EULA if, for example, it says, "This software can not do anything illegal" and as soon as the software is run, it spawns an internet worm.
In this case, however, it is Apple who is violating its own EULA, and not Safari. Apple is installing millions of copies of Safari 3.1 on unsuspecting user's machines, against the Safari 3.1 EULA. Perhaps some of these illicit installs do not violate the EULA, but most of them do.
It's not that the EULA can not be adhered to, it is that in most cases, Apple is not adhering to it.
I still don't agree with writing a hack for a specific test. But from what I read after my last comment (including your reply), this seems like a complex situation that doesn't have one right answer.
If Safari can not pass Acid3 without hacks, then either Safari is flawed or Acid3 is flawed. If Safari is flawed, it should be fixed properly, not hacked up. If Apple found a flaw in Acid3, they should let the Acid3 dev(s) know, and possibly help them fix it.
It sounds like everybody is losing, except for Safari. Firefox has the honor of first loser. Or maybe Opera; what does the latest available Opera score?
I took my behind-the-wheel test in California. They don't require parallel parking anymore. Or the cones. I drove more than 1 block, though.
I don't think the problem is so much that idiots are able to pass the test. Driving isn't hard. Idiots should be able to pass. Most accidents are caused by split-second mistakes, and the rest are caused by assholes. The speed limit causes problems too.
As I understand it, a straw man argument is when somebody changes the argument to something they can win (make the target an easy target, a straw man) and then attacks that. In this case, Microsoft changed the argument from something they can't win to something else they can't win. I think better words would be "blunder" or "sleeper".
It would be really cool if that admin you linked to, who now has a list of "bad" IP addresses, was willing to share his list, via a text file available over the internet. Then other email admins would get the same benefit without having to maintain their own lists!
Welcome to the real world. People are not trustworthy. In most jobs, you can not trust your co-workers with a bottle of soda. Not everybody can just pack up and leave their job. And maybe he likes his job? Maybe it pays well. You can't judge something like that based on one fact.
IE8 has a problem initiating fallback content when a resource can not be acquired. This is exactly what this particular part of the acid2 test is meant to test, fallback code. The fact is, that IE8's fallback behavior works correctly in some cases, but not in others. Specifically, the fallback code works if the failed to acquire resource is supposed to be on the same domain as the acid2 test, whereas if they are on different domains, IE8's code fails to behave properly.
The fact that the blog writer mentions security is a red herring. While it is true that this does have something to do with security code, the real problem is that the fallback behavior is poor.
Sounds like it might actually work. It would confuse and disorient the people, which might lead to criminals being too scared to commit crimes. However, I think it is more likely that it is just a rumor, and that street lights have little to no effect on crime, whether you leave them on or flicker them.
WildTangent is a game library/development kit or something like that. It is installed as a dependency for many games, in a similar manner that a zlib.dll will be installed along with a program that requires it. Whatever you installed that included WildTangent was not intentionally being malicious. However, unlike zlib, or any other dll, WildTangent sets itself up to start at every boot, with an icon in your system tray. And it phones home, giving WildTangent info about your system, especially video hardware.
Thanks for that. I never really thought the redirection was that bad, but it certainly isn't helpful and wastes bandwidth, so I disabled it. If you don't like updating extensions so often, here is a setting for you:
extensions.update.interval
It is measured in seconds (no kidding), and by default, looks to update extensions every single day. I set mine to 15 days. There is also:
extensions.update.notifyUser
If you set this to false, extensions will be updated silently.
Firefox has a whole slew of undocumented settings.
Of course sending a false "from" header is forgery. It is the definition of forgery. The only questions is if it is illegal, which my sibling post says violates the CAN-SPAM act. Remember kids, you "CAN SPAM" as long as you follow some simple rules. And don't worry about violating the rules, because nobody can sue you for damages if you do.
Slashdot Mirror
I see it all the time. I just wish that those people would do evolution a favor and stop breathing free air.
/sometimes/ lead to better software.
> I, for one, want a company to be held responsible for bugs in the code I use.
> Support? Seems obvious when you point it out.
If just one of you said it, I would think you were joking. But it seems some people actually believe that proprietary companies provide better support and accountability for their software. As a rule, of course, they don't. But even if most did (some do, but certainly not most), that would be no reason for a blanket "No software allowed if you can see the source!" policy.
> Also, having a price tag can
Yes, some software is worth paying for, even if it is closed source. Again, that is no reason for a blanket "No software allowed if you can see the source!" policy.
The "stays inaudible or invisible" is clearly a lie. Audio data that is inaudible is not sent over VOIP in the first place. Why would they waste bandwidth on inaudible data?
Setting the sudo window to 0 helps a little bit. However a) most distros don't set it that way by default and b) it still leaves a hole open.
A piece of malware can still "trojan" sudo, just like it can trojan su. One way to do this is to add "~/long-path/bin" to the beginning of the PATH variable, and put the bad sudo and su into that directory. They can attempt to hide that they changed the path by also trojaning other commands, such as set, echo, and which.
Actually, all the malware would have to do is wait until the user uses sudo, and then it can quietly and permanently acquire root privileges. Or it can configure the shell to use a trojaned version of su instead of the real version.
Multi-user privileges on a single-user system, while useful, is over-rated.
I tried to find the page that I originally read about UNIX acronyms, but couldn't. I found this one, though: http://roesler-ac.de/wolfram/acro/credits.htm
It has multiple possibilities for dd: "copy and convert" "dataset definition" and device, disk, and dump in various combinations. The answer isn't as clear as either of us thought.
I disagree. Firefox is so popular because of its features. Built-in popup blocking, customizable cookie behavior, tabbed browsing, and an extension repository. I'm sure security had some sway too, but it was mostly the features.
It is certainly a pain in the ass when you try to use firefox to browse a site that was written exclusively for IE, but usually you can just do your business elsewhere. IE was more of a pain because of all the ads and the crashing.
Actually, "su" does indeed stand for "super user". Originally, it could only switch to root. The capability to switch to arbitrary users was added later, and "switch user" is a backronym.
While we're on the subject, guess what "dd" stands for? It's not "direct dump" or "disk destroy". It's "character copy".
Apparently, it also helps to have an easy to pronounce name. Einstein/Edison/Newton vs Édouard-Léon Scott de Martinville/Leibniz.
Also, it isn't fair to Einstein to say he "failed" to accept quantum theory. He was one of the few to see it for what it was, and never tried to accept it.
In theory, software could violate it's own EULA if, for example, it says, "This software can not do anything illegal" and as soon as the software is run, it spawns an internet worm.
In this case, however, it is Apple who is violating its own EULA, and not Safari. Apple is installing millions of copies of Safari 3.1 on unsuspecting user's machines, against the Safari 3.1 EULA. Perhaps some of these illicit installs do not violate the EULA, but most of them do.
It's not that the EULA can not be adhered to, it is that in most cases, Apple is not adhering to it.
We have already established that rebooting the universe is a bad idea. How is killing it a better solution?
I still don't agree with writing a hack for a specific test. But from what I read after my last comment (including your reply), this seems like a complex situation that doesn't have one right answer.
If Safari can not pass Acid3 without hacks, then either Safari is flawed or Acid3 is flawed. If Safari is flawed, it should be fixed properly, not hacked up. If Apple found a flaw in Acid3, they should let the Acid3 dev(s) know, and possibly help them fix it.
It sounds like everybody is losing, except for Safari. Firefox has the honor of first loser. Or maybe Opera; what does the latest available Opera score?
I don't have a Rubik's cube. But I do have a girlfriend. And a low-medium income. I'm kind of a freak around here.
dangerous != hard
I took my behind-the-wheel test in California. They don't require parallel parking anymore. Or the cones. I drove more than 1 block, though.
I don't think the problem is so much that idiots are able to pass the test. Driving isn't hard. Idiots should be able to pass. Most accidents are caused by split-second mistakes, and the rest are caused by assholes. The speed limit causes problems too.
As I understand it, a straw man argument is when somebody changes the argument to something they can win (make the target an easy target, a straw man) and then attacks that. In this case, Microsoft changed the argument from something they can't win to something else they can't win. I think better words would be "blunder" or "sleeper".
It would be really cool if that admin you linked to, who now has a list of "bad" IP addresses, was willing to share his list, via a text file available over the internet. Then other email admins would get the same benefit without having to maintain their own lists!
Welcome to the real world. People are not trustworthy. In most jobs, you can not trust your co-workers with a bottle of soda. Not everybody can just pack up and leave their job. And maybe he likes his job? Maybe it pays well. You can't judge something like that based on one fact.
IE8 has a problem initiating fallback content when a resource can not be acquired. This is exactly what this particular part of the acid2 test is meant to test, fallback code. The fact is, that IE8's fallback behavior works correctly in some cases, but not in others. Specifically, the fallback code works if the failed to acquire resource is supposed to be on the same domain as the acid2 test, whereas if they are on different domains, IE8's code fails to behave properly.
The fact that the blog writer mentions security is a red herring. While it is true that this does have something to do with security code, the real problem is that the fallback behavior is poor.
Sounds like it might actually work. It would confuse and disorient the people, which might lead to criminals being too scared to commit crimes. However, I think it is more likely that it is just a rumor, and that street lights have little to no effect on crime, whether you leave them on or flicker them.
That's a risk I'm willing to take. We need more accidents, and less people.
WildTangent is a game library/development kit or something like that. It is installed as a dependency for many games, in a similar manner that a zlib.dll will be installed along with a program that requires it. Whatever you installed that included WildTangent was not intentionally being malicious. However, unlike zlib, or any other dll, WildTangent sets itself up to start at every boot, with an icon in your system tray. And it phones home, giving WildTangent info about your system, especially video hardware.
Thanks for that. I never really thought the redirection was that bad, but it certainly isn't helpful and wastes bandwidth, so I disabled it. If you don't like updating extensions so often, here is a setting for you:
extensions.update.interval
It is measured in seconds (no kidding), and by default, looks to update extensions every single day. I set mine to 15 days. There is also:
extensions.update.notifyUser
If you set this to false, extensions will be updated silently.
Firefox has a whole slew of undocumented settings.
Of course sending a false "from" header is forgery. It is the definition of forgery. The only questions is if it is illegal, which my sibling post says violates the CAN-SPAM act. Remember kids, you "CAN SPAM" as long as you follow some simple rules. And don't worry about violating the rules, because nobody can sue you for damages if you do.