Dude, if they hadn't checked, how else would they have realized there was a vulnerability for PNG and then developed a fix for it?
As a matter of fact, these and other forthcoming issues with various OSes graphic parsing and rendering libraries result from a sustained attempt to break them with fuzzing techniques by researchers at the Finish University of Uola (or Oula. I forget). This is the same group that ripped apart many vendors' implementations of SNMP a few years ago, and ASN.1 a year or two after that. Big thanks to them for proactive efforts to improve security...
Try to use the appropriate tool at the right time at the right moment.
What is appropriate depends on the situation and your experience.
Yes,.. but sometimes there are other considerations. For example many BSD and Linux users prefer them to Windows because of the freedom issue (both beer and speech.) Sometimes the requirements are things like "help me learn more about differnt kinds of *nix" or "let me play with high sceurity configurations" (two reasons out of many that I have an OpenBSD CD sitting here waiting for a spare hour so I can yank that duff ISA NIC that's killing the PC I want to install it on.) Other people may just require "k3wl games d00d?!?!?". and so on, and so on.
Capitalism does not embrace democracy. It simply tolerates it in the context of western societies. In other countries where there is no need to push for democracy, why should a company do so?
At the same time,single-issue campaigning groups have had a fair degree of success lobbying with the weapon of bad publicity and boycotts of known-evil corporations. At one end of the scale you have McDonalds trying to fend of a tidal wave of bad PR by launching salads, fruit & veggie products (and KFC and BurgerKing are doing likewise); at the same time a large number of the above-mentionde megacorps are actively calling for mandatory action on CO2 emissions and global warming, whilst voluntarily introducing energy-efficiency features to their products and business practices. Of course there's a long, long way to go with the latter, and voluntary action is less noi substitute for proper legal requirements; and the need for those mostly voluntary orgs and communities (like... Slashdot?) to focus on particular companies and their busines practices. Don't you think Microsoft's alleged 'security focus' is partly a result of the growing recognition in society that Windows security is appalling, and that this view has sperad from the hardcore geeks?
Re:When four corners is too much
on
Drafting GPL3
·
· Score: 2, Insightful
I'm not sure what they plan to get out of (3). The GPL is the General Public License. It may be drafted by the FSF, but it is intended for broad usage by many different people. If they want to have a constitution, they ought to make one, for their organization. Trying to pretend like their organization represents the entire movement is silly and pure hubris.
Nice troll! But of course the FSF is a perfect, 100%, 1:1 representation of the community... the community of FSF members. The FSF has published a license and other people have used it. Great. FSF isn't claiming to represent them, if they don't like v3 of the GPL they can stick with v2 if they licensed it that way. (Bad luck on those who copy & pasted the standard boilerplate with the phrase about 'version 2 or later, at [the user's] discretion' of course:)
for (4), who cares except for RMS what literary works he's published?
Well, you do, apparently, as you've posted a 40 line troll on the subject...
Yeah, I've paid for a couple of OpenBSD CDs, I know they've got a concerted effort going on to replace GPL'd code with BSD'd code. That's cool with me, I think it's a shame people feel they have to spend cycles reinventing the wheel, but perhaps they'll build a technically better wheel, and as long as it's free, it's all good at the end of the day. (I prefer GPL to BSD myself but use plenty of BSD'd code every day & am grateful for it.)
> I don't see what the FSF or the GNU or GPL has anything to do with
> FreeBSD or OSX.
>
Don't *BSD and OS X use gcc?
I send enough money to the Free/Net/OpenBSD projects, and buy enough trinkets/cd sets/books from them to support them, and will happily continue to do so.
Well, good for you! As it happens I've got a couple of OpenBSD CDs too; I really appreciate all the work they do that directly benefits 'the community', plus I think it's good to have splitters in any real people's revolutionary movement;)
I will not, however, support RMS in any way, shape, or form. His arrogance in thinking his way is the end all be all will keep me away for some time to come.
Well, fair enough if that's how you feel; personally that's not how I see RMS or the FSF. I don't think RMS is arrogant, but I recognise that a lot of people broadly sympathetic to Free software (and indeed 'open source') have violently negative reactions to him. It's a shame, I think, but there it is. Still, good for you for suppotring *BSD.
Re:Better late than.... (Score:5, Funny)
by Ford Prefect (8777) Alter Relationship on Thu June 09, 09:13 AM (#12767765)
It is interesting that they are now trying to implement a command line competitive with BASH....what year is this again?
The year is 1973. Apple Computations Inc. have just announced that they are switching to the cutting-edge Zilog Z80 architecture for their range of low-cost pocket calculators; Sony Industrial Consumer Electronics are making use of an innovative new Integrated Circuit for their Alpha-Max-3 video system which contains at least five separate transistors; the Duke Nukem Forever board-game has been given a favourable reception at the Entertaining Entertainment Exposition at the Crystal Palace, London, and now Micro-Soft-Ware are designing their new, BASIC-derived timesharing shell for competing against the burgeoning MULTICS.
Membership
on
Drafting GPL3
·
· Score: 3, Insightful
This isn't news to those of us who are members of the FSF & ge tthe 'FSF Bulletin' [/smug]
I recently had a sudden rush of blood to the wallet & in a fit of altruism (or selfish desire for more freedom and cool software) I joined both the FSF and the EFF - both excellent causes and presumably close to the heart of many slashdotters.
When the "welcome" packages arrived from each I was rather surprised to see the EFF has of the order of ten times more members than the FSF! I'm FSF member #30xx, and the docs say there are 2,1xx active members. The EFF on the other hand has 24K something members.
Not sure what the moral is, except that I wish more people donated to the FSF. Why not send em $20 and think of it as a small contribution towards the costs of glibc and gcc, two vital programs without which there'd be no Linux, no BSD and no Apple OS X.
You seem to have swallowed some strange marketing idea about the meaning of the word "server". A machine that physically sits on top of a desk but is running W2K3 IS A SERVER. I would have thought that was obvious.
If you run your windows desktop account as a limited user (not an Administrator), then IE6/5/4 and all other browsers on the market today run as a least priviledged process.
No. As a matter of fact, large chunks of IE *always* run as SYSTEM.
Idiot #1: I want to install these smile-themes and weather app, but IE won't let me. It says that these "plug-ins" are unsafe and operate at a higher priviledge level. I don't know what that means BUT I WANT MY SMILES!...... you guys know the rest of the story.
Sure. Me: I'm sorry, if I come over to your machine to install something you don't have a business case for, *everyone* will be wanting me to do it. If you've got a business case for the software you want, have your manager mail me.
A developer (a person or a corporation, it doesn't matter) spends a few billion dollars to develop a medicine that perfectly cures the disease. The process is highly complex, and the procedure for making it is patented (like currently).
The difference is that pharmaceutical patents lapse after 7 years, which is why can now buy off-brand generic (say) Ibuprofen, Prozac, or (to mention something I picked up at the supermarket today) Ranitidine, aka Zantac. These drugs all made -billions- for the corps that developed them, and they're all off-patent and available for manufacture and sale by any pharmaceutical company with the skillz to build the molecules.
If consumer culture still bothers you even after you have stopped giving them money, trying not giving a shit about the dumb masses and find some like minded friends.
Perhaps you were lucky enough to have studied the Donne text from which the following was extracted at school. If not, I'm sure it's on Gutenberg:
No man is an island, entire of itself...any man's death diminishes me, because I am involved in mankind; and therefore never send to know for whom the bell tolls; it tolls for thee."
I guess this is a good time to link to Open Tech 2005 again - it's sponsored by backstage.bbc.co.uk. And the Need To Know peeps are involved as well as the UKUUG. Call for papers.
Here's the blurb from the NTK link above:
Sponsored by backstage.bbc.co.uk, Open Tech 2005 is an informal
one-day conference about technologies that anyone can have a go at,
from "Open Source"-style ways of working to repurposing everyday
electronics hardware.
So far, the line-up features:
* Ted Nelson, inventor of hypertext, on where the web went wrong
* The official launch of the backstage.bbc.co.uk developer network,
opening up BBC content for you to play with
* Plus: able to record an entire week of all Freeview TV and radio
channels, probably the UK's largest (fridge-sized) PVR
More speakers will be confirmed over the next few weeks - but, as the
title implies, we're very much "Open" to suggestions. If you're
reverse-engineering proprietary protocols, making useful information
available in a way people couldn't get at before, pioneering
unexpected methods of knowledge sharing - or (equally likely) doing
something so cool we haven't even thought of it yet, then please get
in touch via the submissions form at:
http://www.ukuug.org/events/opentech2005/offer/
The Beeb are heavy users of Perl, too. Back when I decided to make the move from Perl programming to info security (around the time of Code Red and Nimda, also around the time our supposedly solid & profitable employer went tits-up) several of my ex-colleagues ended up hacking Perl at the Beeb. Apparently that chunk of their IT was just out-sourced to Siemens (German conglomerate) who are hardly ever referred to as "semens". Apparently.
I just don't buy this argument. In fact, I don't really understand it. If your parents had aborted you, you wouldn't exist. But if you didn't exist, you wouldn't have an opinion about whether this is a good or a bad thing. Conversely, had they had you aborted, they may have conceived another child later on whose chances of having CP were low enough that they decided to continue with the pregnancy. Now, because they did not abort YOU, they didn't concieve that other potential child. Does that make you a murderer? No, of course not.
Slashdot Mirror
As a matter of fact, these and other forthcoming issues with various OSes graphic parsing and rendering libraries result from a sustained attempt to break them with fuzzing techniques by researchers at the Finish University of Uola (or Oula. I forget). This is the same group that ripped apart many vendors' implementations of SNMP a few years ago, and ASN.1 a year or two after that. Big thanks to them for proactive efforts to improve security...
Blasphemy!!!!!!!!!1!!
Yes,.. but sometimes there are other considerations. For example many BSD and Linux users prefer them to Windows because of the freedom issue (both beer and speech.) Sometimes the requirements are things like "help me learn more about differnt kinds of *nix" or "let me play with high sceurity configurations" (two reasons out of many that I have an OpenBSD CD sitting here waiting for a spare hour so I can yank that duff ISA NIC that's killing the PC I want to install it on.) Other people may just require "k3wl games d00d?!?!?". and so on, and so on.
At the same time,single-issue campaigning groups have had a fair degree of success lobbying with the weapon of bad publicity and boycotts of known-evil corporations. At one end of the scale you have McDonalds trying to fend of a tidal wave of bad PR by launching salads, fruit & veggie products (and KFC and BurgerKing are doing likewise); at the same time a large number of the above-mentionde megacorps are actively calling for mandatory action on CO2 emissions and global warming, whilst voluntarily introducing energy-efficiency features to their products and business practices. Of course there's a long, long way to go with the latter, and voluntary action is less noi substitute for proper legal requirements; and the need for those mostly voluntary orgs and communities (like... Slashdot?) to focus on particular companies and their busines practices. Don't you think Microsoft's alleged 'security focus' is partly a result of the growing recognition in society that Windows security is appalling, and that this view has sperad from the hardcore geeks?
Nice troll! But of course the FSF is a perfect, 100%, 1:1 representation of the community... the community of FSF members. The FSF has published a license and other people have used it. Great. FSF isn't claiming to represent them, if they don't like v3 of the GPL they can stick with v2 if they licensed it that way. (Bad luck on those who copy & pasted the standard boilerplate with the phrase about 'version 2 or later, at [the user's] discretion' of course :)
for (4), who cares except for RMS what literary works he's published?
Well, you do, apparently, as you've posted a 40 line troll on the subject...
Yeah, I've paid for a couple of OpenBSD CDs, I know they've got a concerted effort going on to replace GPL'd code with BSD'd code. That's cool with me, I think it's a shame people feel they have to spend cycles reinventing the wheel, but perhaps they'll build a technically better wheel, and as long as it's free, it's all good at the end of the day. (I prefer GPL to BSD myself but use plenty of BSD'd code every day & am grateful for it.)
> FreeBSD or OSX.
>
Don't *BSD and OS X use gcc?
Well, good for you! As it happens I've got a couple of OpenBSD CDs too; I really appreciate all the work they do that directly benefits 'the community', plus I think it's good to have splitters in any real people's revolutionary movement ;)
Well, fair enough if that's how you feel; personally that's not how I see RMS or the FSF. I don't think RMS is arrogant, but I recognise that a lot of people broadly sympathetic to Free software (and indeed 'open source') have violently negative reactions to him. It's a shame, I think, but there it is. Still, good for you for suppotring *BSD.Nah... it's the years of practice.
Ford, you're turning into a penguin. Stop it!
Sorry.
Fuck 'em.
I recently had a sudden rush of blood to the wallet & in a fit of altruism (or selfish desire for more freedom and cool software) I joined both the FSF and the EFF - both excellent causes and presumably close to the heart of many slashdotters.
When the "welcome" packages arrived from each I was rather surprised to see the EFF has of the order of ten times more members than the FSF! I'm FSF member #30xx, and the docs say there are 2,1xx active members. The EFF on the other hand has 24K something members.
Not sure what the moral is, except that I wish more people donated to the FSF. Why not send em $20 and think of it as a small contribution towards the costs of glibc and gcc, two vital programs without which there'd be no Linux, no BSD and no Apple OS X.
You seem to have swallowed some strange marketing idea about the meaning of the word "server". A machine that physically sits on top of a desk but is running W2K3 IS A SERVER. I would have thought that was obvious.
Sure. Me: I'm sorry, if I come over to your machine to install something you don't have a business case for, *everyone* will be wanting me to do it. If you've got a business case for the software you want, have your manager mail me.
Strangely enough I don't hear much after that.
What the fuck are you doing browsing the web on a server?! That's a disciplinary matter where I work. (Disclaimer: I write the policies :)
Hey, it works for me.
The KLF said it best: "Money is a drug and banks are the pushers." Think about it.
Apple -> Intel
Transmeta go out of business
Cold fusion
What the hell can happen next? My money's on Bill Gates being found dead with a grapefruit up his arse up a crack whore alley...
Up to a point Lord Copper. Apple aren't ditching IBM... until 2007 at which point (according to plans) they will only be selling Intel machines.
The difference is that pharmaceutical patents lapse after 7 years, which is why can now buy off-brand generic (say) Ibuprofen, Prozac, or (to mention something I picked up at the supermarket today) Ranitidine, aka Zantac. These drugs all made -billions- for the corps that developed them, and they're all off-patent and available for manufacture and sale by any pharmaceutical company with the skillz to build the molecules.
Here's the blurb from the NTK link above:
The Beeb are heavy users of Perl, too. Back when I decided to make the move from Perl programming to info security (around the time of Code Red and Nimda, also around the time our supposedly solid & profitable employer went tits-up) several of my ex-colleagues ended up hacking Perl at the Beeb. Apparently that chunk of their IT was just out-sourced to Siemens (German conglomerate) who are hardly ever referred to as "semens". Apparently.
I just don't buy this argument. In fact, I don't really understand it. If your parents had aborted you, you wouldn't exist. But if you didn't exist, you wouldn't have an opinion about whether this is a good or a bad thing. Conversely, had they had you aborted, they may have conceived another child later on whose chances of having CP were low enough that they decided to continue with the pregnancy. Now, because they did not abort YOU, they didn't concieve that other potential child. Does that make you a murderer? No, of course not.