What does age have to do with this? I at no time said I was 'old' so your retort is baffling. And my point was that Bill Gates nor MS were responsible, whether you want to pin the blame on the company that was (IBM) or the company that brought out their computer division is trivia I leave you to debate with yourself.
nobody needs more than 640k is BS, Bill Gates never said that, and it was IBM's fault (they chose the 8086 that was 16-bit and thus limited to 640k for programs and 384k for bios/video) that MS-DOS was stuck with 640k. But since IBM is a darling of the linux community these days, we get all this revisionist copy-cat troll nonsense instead of facts. Great.
There should be a post modifier for "used a any-prefixed word ambigiously". Seriously, does that mean the FAA hasn't helped a single person or that they have not help certain people but did help others?
Your comment is not true at all regarding recent versions of Windows. Flaws in Vista and Win 7 typically only go up to remote code execution as a restricted user, and the user gets a security prompt if the exploit tries to go further. Additionally, IE is sandboxed (unlike FF, Safari and Opera) which means the most common by far vector into the system can not even touch user files. 3 year old Vista was declared by Charlie Miller, mac user and winner of multiple pwn2own hacking contests, to be MORE secure than brand new Snow Leopard, but don't let facts interrupt a good troll..
The problem with your argument is that net statistics agencies like net applications showed that Vista uptake was high and equal to MS' claims for sales of the OS. Now of course, you'll completely back-peddle and tell us that the users were forced to use it like that has anything to do with your claim that it wasn't used but instead downgraded. I've had this same lame argument 500 times and it always goes the same way...
IE is used by corporations, and corporations do not want patches for patches for hotfixes and all that jazz, they expect the patch to be tested and corporations are the ones who wanted a monthly release for patches so the IT staff are not patching and testing patches all month long.
That's sad if true, but there's only so much MS can do here. It has the ability to be secure, and it's secure by default, if the user goes and breaks that purposefully because they are too cheap to upgrade their applications, that's on the user, not microsoft. I've run Vista for 3 years and Win 7 for half a year and have never run into a plug-in that didn't work with DEP or Protected Mode, despite copious amounts of web surfing, so what I can I say..
And how are other browsers better in that case? If they have to disable DEP on firefox, it's even worse than IE because it's not sandboxed. Anyways, the articles I've been reading say Google was exploited thru IE6 that they have on XP systems.
Because DEP is enabled by default in IE8, unlike IE6 and IE7. The exploit can not work against IE8. Also, IE in modern versions of Windows is sandboxed, unlike Firefox. Sorry to rain on the parade...
A failing of MS users, not MS. In Vista this hole did not exists, but thanks to the millions of whiny idiots who complained about being prompted by UAC "every 2 seconds", MS had to whitelist its applications. So now they get prompted 2 times a day, instead of 4, and they're open to security threats, but they saved 2 clicks of the OK button! So they're happy. Like I said, retarded users, and MS has no choice but to give users what they want or it risks losing a mass of customers to other OSes. It's already losing Market Share as it is. However, it takes 2 seconds to change the UAC setting to "always notify" which defeats this hole, also this hole can not be exploited from exploited browsers that use Windows integrity levels to do sandboxing, like IE and Chrome. (If you want to rag someone about blaring security holes, when the f*ck is Firefox going to get integrity level sandboxing on Windows like IE has had for 3+ years?)
That summary sounded like a sci-fi movie plot. I hope it works as they claim, that would be extremely neat. With all the money google has they should do serious investment in AI and nanorobotics, two technologies which could probably solve every physical problem (disease, aging, poverty, etc.) problems humans have. The government spends a few million but it's not enough, and it seems no one at the big corporations knows/gives a damn about this. O well, maybe one day.
Good grief. MS offers ALL security patches to EVERYONE, including pirates, and also offers many other patches such as stability and performance updates to everyone as well.
--- "There seems to be a myth that Microsoft limits security updates to genuine Windows users," wrote Microsoft's Paul Cooke, who works in Windows Client Enterprise Security. "Let me be clear: all security updates go to all users." ----
If you patch, you're safe. Too bad so many XP users don't opt-in to patching, a lot of them will be infected, but it's a good thing MS started auto-patching by default with Vista, also since Vista has a lot of anti-exploit code (DEP, ASLR, Protected Mode Sandboxing, etc.) it probably won't see very many infections, although I thought I saw on another site that Vista wasn't affected.
I'm going to respond here, instead of to each reply-ie individually...
I think the scientists involved already know whether or not a terrorist is more scared than the average person, I don't have scientific links to back it up, but I'm pretty sure even the most fervant believer is scared shitless when carrying out attacks (there is still the risk of being identified and shot in the stomach for instance.)
As far as medications, well I think you'd have to take enough meds to kill a horse in order not to be scared that there is a bomb under your nut sack, or that you will be discovered and plugged with 9mm slugs. Hey, worse case, they make it, study it's effective and it doesn't work and they toss it in the trash, I think it should at least be tried. As far as kids with bags of dope, well I think we should work harder on legalization/sensible laws instead of trying to hold technology back.
Time to lose my Karma I guess...
A terrorist is going to be a LOT more afraid of getting on that plane and detonating a bomb on it, and possibly getting caught by security, than an average person is going to be afraid of flying or that his mom my discover his porn, or whatever other funny reasons you guys can come up with...
Second, even if there are false positives, I think that's expected by the scientists, nothing is 100%, but if you can increase your odds of picking up a terrorist by some odd percent, and decrease false positives (because terrorists are a LOT more afraid I would think) then you have saved money, saved everyone's time, and increased safety.
As far as pranksters with bio-chem degrees, well, when this thing starts picking up a lot of false positives, those pranksters will probably be caught and we won't see much of that. (i.e. all the fear scent 'sprayed' people say they were all in parking lot B, then the security checks the cameras, and finds the car that sprayed them and those idiots get arrested.)
I think we should at least give it a chance before condemning the idea with condescending knee-jerkiness.
Nonsense, transistors in chips like intels x86 and nvidia's and AMD's gpus are doubling around every 18 months, you see this recently in the 2 billion transistor 5800 gpus from AMD which are twice the 1 billion in the 4800s released June 25, 2008, about 15 months earlier (better than moore's law.) Brain scanning, price and speed of gene sequencing and so on are also on track. Instead of just attacking things from intuition, maybe you could do some of your own research so other people don't have to do it for you.
It was a.NET runtime,.NET generates code therefore it doesn't work with ASLR and DEP so it opts out of DEP and ASLR, this.NET run-time was enabled on the internet zone (all the sites on the internet) in the Beta of IE8, it was disabled on the internet zone in the RTM (but left enabled for intranet zone, basically all the sites on your lan.)
http://news.softpedia.com/news/IE8-RTW-Bulletproofed-Against-NET-DEP-and-ASLR-Bypass-107728.shtml "The final release of Internet Explorer 8 on Windows Vista blocks the.NET DEP+ASLR bypass mechanism from malicious websites on the Internet. Specifically, IE8 created a new URLAction that regulates loading of the.NET MIME filter. By default, the URLAction prevents it from loading in the Internet and Restricted Sites Zones. The.NET MIME filter is allowed to load by default in the Intranet Zone," Ness stated.
Slashdot Mirror
So what are you saying, that we should never try to learn such things? Treatments will come after accurate diagnoses.
What does age have to do with this? I at no time said I was 'old' so your retort is baffling. And my point was that Bill Gates nor MS were responsible, whether you want to pin the blame on the company that was (IBM) or the company that brought out their computer division is trivia I leave you to debate with yourself.
nobody needs more than 640k is BS, Bill Gates never said that, and it was IBM's fault (they chose the 8086 that was 16-bit and thus limited to 640k for programs and 384k for bios/video) that MS-DOS was stuck with 640k. But since IBM is a darling of the linux community these days, we get all this revisionist copy-cat troll nonsense instead of facts. Great.
There should be a post modifier for "used a any-prefixed word ambigiously". Seriously, does that mean the FAA hasn't helped a single person or that they have not help certain people but did help others?
Your comment is not true at all regarding recent versions of Windows. Flaws in Vista and Win 7 typically only go up to remote code execution as a restricted user, and the user gets a security prompt if the exploit tries to go further. Additionally, IE is sandboxed (unlike FF, Safari and Opera) which means the most common by far vector into the system can not even touch user files. 3 year old Vista was declared by Charlie Miller, mac user and winner of multiple pwn2own hacking contests, to be MORE secure than brand new Snow Leopard, but don't let facts interrupt a good troll..
The problem with your argument is that net statistics agencies like net applications showed that Vista uptake was high and equal to MS' claims for sales of the OS. Now of course, you'll completely back-peddle and tell us that the users were forced to use it like that has anything to do with your claim that it wasn't used but instead downgraded. I've had this same lame argument 500 times and it always goes the same way...
IE is used by corporations, and corporations do not want patches for patches for hotfixes and all that jazz, they expect the patch to be tested and corporations are the ones who wanted a monthly release for patches so the IT staff are not patching and testing patches all month long.
That's sad if true, but there's only so much MS can do here. It has the ability to be secure, and it's secure by default, if the user goes and breaks that purposefully because they are too cheap to upgrade their applications, that's on the user, not microsoft. I've run Vista for 3 years and Win 7 for half a year and have never run into a plug-in that didn't work with DEP or Protected Mode, despite copious amounts of web surfing, so what I can I say..
Well, I meant to say IE8 in the default configuration is immune. I thought that much would be obvious from the other information I posted...
And how are other browsers better in that case? If they have to disable DEP on firefox, it's even worse than IE because it's not sandboxed. Anyways, the articles I've been reading say Google was exploited thru IE6 that they have on XP systems.
Because DEP is enabled by default in IE8, unlike IE6 and IE7. The exploit can not work against IE8. Also, IE in modern versions of Windows is sandboxed, unlike Firefox. Sorry to rain on the parade...
Do you have anything to support the claim that RTM is not affected? Because as far as I know, RTM does things the same way.
A failing of MS users, not MS. In Vista this hole did not exists, but thanks to the millions of whiny idiots who complained about being prompted by UAC "every 2 seconds", MS had to whitelist its applications. So now they get prompted 2 times a day, instead of 4, and they're open to security threats, but they saved 2 clicks of the OK button! So they're happy. Like I said, retarded users, and MS has no choice but to give users what they want or it risks losing a mass of customers to other OSes. It's already losing Market Share as it is. However, it takes 2 seconds to change the UAC setting to "always notify" which defeats this hole, also this hole can not be exploited from exploited browsers that use Windows integrity levels to do sandboxing, like IE and Chrome. (If you want to rag someone about blaring security holes, when the f*ck is Firefox going to get integrity level sandboxing on Windows like IE has had for 3+ years?)
The 'most popular one.'
That summary sounded like a sci-fi movie plot. I hope it works as they claim, that would be extremely neat. With all the money google has they should do serious investment in AI and nanorobotics, two technologies which could probably solve every physical problem (disease, aging, poverty, etc.) problems humans have. The government spends a few million but it's not enough, and it seems no one at the big corporations knows/gives a damn about this. O well, maybe one day.
Yes, because we all know the omni-secure firefox NEVER has a security vulnerability. At least IE runs sandboxed.
No, it's a lie. It's not possible to build a rootkit for linux, it's magical.
Well the kernel can't do them naively, it has to know it's doing them, in the first place.
Good grief. MS offers ALL security patches to EVERYONE, including pirates, and also offers many other patches such as stability and performance updates to everyone as well.
---
"There seems to be a myth that Microsoft limits security updates to genuine Windows users," wrote Microsoft's Paul Cooke, who works in Windows Client Enterprise Security. "Let me be clear: all security updates go to all users."
----
From http://www.tomshardware.com/news/windows-pirate-bootleg-security-patches,7666.html
If you patch, you're safe. Too bad so many XP users don't opt-in to patching, a lot of them will be infected, but it's a good thing MS started auto-patching by default with Vista, also since Vista has a lot of anti-exploit code (DEP, ASLR, Protected Mode Sandboxing, etc.) it probably won't see very many infections, although I thought I saw on another site that Vista wasn't affected.
Also, there is risk that the bomber will fail, this would cause huge embarassment to him, and maybe bad reprucussions for his family.
I'm going to respond here, instead of to each reply-ie individually...
I think the scientists involved already know whether or not a terrorist is more scared than the average person,
I don't have scientific links to back it up, but I'm pretty sure even the most fervant believer is scared shitless when carrying out attacks (there is still the risk of being identified and shot in the stomach for instance.)
As far as medications, well I think you'd have to take enough meds to kill a horse in order not to be scared that there is a bomb under your nut sack, or that you will be discovered and plugged with 9mm slugs. Hey, worse case, they make it, study it's effective and it doesn't work and they toss it in the trash, I think it should at least be tried. As far as kids with bags of dope, well I think we should work harder on legalization/sensible laws instead of trying to hold technology back.
Time to lose my Karma I guess... A terrorist is going to be a LOT more afraid of getting on that plane and detonating a bomb on it, and possibly getting caught by security, than an average person is going to be afraid of flying or that his mom my discover his porn, or whatever other funny reasons you guys can come up with... Second, even if there are false positives, I think that's expected by the scientists, nothing is 100%, but if you can increase your odds of picking up a terrorist by some odd percent, and decrease false positives (because terrorists are a LOT more afraid I would think) then you have saved money, saved everyone's time, and increased safety. As far as pranksters with bio-chem degrees, well, when this thing starts picking up a lot of false positives, those pranksters will probably be caught and we won't see much of that. (i.e. all the fear scent 'sprayed' people say they were all in parking lot B, then the security checks the cameras, and finds the car that sprayed them and those idiots get arrested.) I think we should at least give it a chance before condemning the idea with condescending knee-jerkiness.
Nonsense, transistors in chips like intels x86 and nvidia's and AMD's gpus are doubling around every 18 months, you see this recently in the 2 billion transistor 5800 gpus from AMD which are twice the 1 billion in the 4800s released June 25, 2008, about 15 months earlier (better than moore's law.) Brain scanning, price and speed of gene sequencing and so on are also on track. Instead of just attacking things from intuition, maybe you could do some of your own research so other people don't have to do it for you.
It was a .NET runtime, .NET generates code therefore it doesn't work with ASLR and DEP so it opts out of DEP and ASLR, this .NET run-time was enabled on the internet zone (all the sites on the internet) in the Beta of IE8, it was disabled on the internet zone in the RTM (but left enabled for intranet zone, basically all the sites on your lan.)
http://news.softpedia.com/news/IE8-RTW-Bulletproofed-Against-NET-DEP-and-ASLR-Bypass-107728.shtml
.NET DEP+ASLR bypass mechanism from malicious websites on the Internet. Specifically, IE8 created a new URLAction that regulates loading of the .NET MIME filter. By default, the URLAction prevents it from loading in the Internet and Restricted Sites Zones. The .NET MIME filter is allowed to load by default in the Intranet Zone," Ness stated.
"The final release of Internet Explorer 8 on Windows Vista blocks the