> However, the cumulative effect on Yahoo's webmail, especially yahoo! groups, is tremendous.
Good point. So it rates high for some people using Yahoo (but certainly not all) which, admittedly, is quite a large group. Low rating for everyone else.
> So when it seems that all american's think the english have either a cockney accent or an RPS
Not sure what RPS is supposed to mean, but if you truly believe all Americans think that you are horribly, horribly misinformed. It seems that so many of the things people hate about the American public are based on misconceptions (or outright lies, which I don't think is the case here). There are enough GOOD reasons to hate us that making shit up makes others seem petty.
Despite the trollish phrasing, you are correct. Mr. "Baddas" has no idea what he's talking about. I am originally from West Virginia and people there do not all sound like ignorant hicks. In fact, it's more likely that the people from LA would not understand WV residents than the reverse. Seriously, people in California don't usually have difficult-to-understand accents, except for maybe hispanics and visitors from other places. And as long as someone is speaking english (or close to it) and you actually try listening, it's not that hard to understand them -- unless you are complaining for the sake of complaining or have your direct attention turned elsewhere (like when you're trying to get phone tech support).
Correct: in exactly the same way that PC users aren't directly affected by this... Or Linux users...
The platform doesn't matter, you tool: the flaw is in Yahoo! Mail, not in the browser. It should spread in exactly the same way on any browser that has JavaScript turned on. You mentioned turning off HTML... Did you think about that a second? There is no EMail client involved in this.
You DO know that Yahoo! Mail options work the same on all platforms, right?
> It would be nice to know if the worm affects any Web Browser or only the usual suspect
It doesn't affect any web browser, per se, as it's not a browser exploit. It uses Yahoo's javascript code. It _should_ work on any browser with JavaScript enabled that can view a regular Yahoo! mail account.
It's not a JS implementation flaw, it's a programming flaw. The programming was done in JavaScript, which is why they said "a flaw in JavaScript." It's Yahoo's programmers who are at fault.
> The worm itself (at least from the description here) sounds relatively serious
Huh? All the descriptions I've seen say it just forwards itself to people in your Yahoo! contact list. I've seen nothing about it doing any damage to your PC, browser, or even your Yahoo! mail account. How is that worthy of a rating more than two? Unless I'm missing something, 2 sounds too high. Is there some other evil effect that was discovered and not posted in the messages I've seen so far?
> people with disabilities may not be able to use your website if it relies too much on Javascript.
Not to sound like a jerk or anything, but I really don't care. Sometimes things happen in life -- including those over which you have no control -- that cause you to not be able to do everything as easily as you once could -- or at all. Sure it sucks, but it's not my fault; it's not my problem either.
It's like that girl who sued her school because they wouldn't let her run track... and she was in a wheelchair. That's some arrogant $#!t. Yeah, it sucks that she's in a wheelchair, but it's not the school's fault and it should not be their responsibility to make sure she can participate in every single thing they offer, so long as it's reasonable. Keeping her off of the debate team because she can't reach the podium would be unreasonable. Telling a person with no legs they can't run is not an insult, it's reality.
Completely redesigning my website (of the millions that exist) for blind people is not reasonable, unless I had a specific desire to do so. JavaScript is the least of their worries.
> The people that do stupid things regularly aren't learning anything, so where does intelligence play its role?
Stupid actions don't always necessarily arise from stupidity. Perhaps past influences, upbringing, and previous misinformation cause otherwise intelligent people to do stupid things. And as for repetition, "old habits are hard to break."
> You'll see that the site owner was actually being sued by DirecTV (I have no idea why), and their lawyers and employees were sniffing around looking for legal candy
Which article are you reading? In the four paragraphs of the article I read on ACSBlog, it said nothing about DirecTV suing him; the case is called Snow v. DirecTV, not DirecTV v. Snow.
In the linked PDF, it says that at one point Snow was involved in an "anti-piracy solution" started by DirecTV, but it was "dismissed without prejudice."
> the statute the man was suing under was essentially one relating to eavesdropping on "secure communications,"
From the article: According to Snow, such unauthorized access violated the Stored Communications Act (SCA), which forbids accessing an electronic communication "without authorization."
It says nothing about secure communication.
Also in the linked PDF, and somewhat unrelated to your post, the judge "reasoned" (unreasonably, IMO) that "electronic bulletin boards" are not "in electronic storage" -- that was the reason for dismissal. I don't know how it COULDN'T be "in electronic storage." The PDF said nothing about secure communication either.
Clue you say? I don't use VB(.Net) either, although I have written web pages in ASP (VBScript). For application programming I usually use C++, although I don't think my language preference makes much difference, and I don't write many useful programs in it.
I say Java is slower because that has been my experience as an end-user. When run as an application it's certainly faster (as opposed to a web page applet), but still not as fast as other, similar programs in other languages. Perhaps the Java programs I have used have been written mostly by people who have no business writing Java apps professionally; I don't know any of them personally. Nor have I written anything besides the most basic Java programs myself (and I mean basic as in "Hello World [OK]").
Another completely unrelated problem with Java is (what appears to be) version incompatibility. Again, that could be shortcomings of the individual programmers/companies, but installing a copy of Oracle 9i client (includes Java 1.3.??_??) breaks other programs we have that require Java. It can be fixed with a simple registry tweak, but that is not acceptable for professional software.
I had considered specifying building your own gun, but didn't think that it made that big of a difference.
So if you mill & lathe all the pieces to make a gun of your own, perhaps non-traditional, design and then shoot someone with it, is it somehow worse than shooting someone with a gun that you bought at a store?
> Amendment2 does not grant US people weapons of mass destructions, only "arms", which by its very wording means a targeted extension of the bare hand's destructive power (sword, rifle).
As a purely philisophical exercise, what is the true difference between pulling a trigger to begin mechanical and chemical processes that will kill someone and pushing a button to start mechanical and chemical processes that will kill them?
> To some programmers this means [...] bad performance and horrible memory efficiency
You must have different concepts of "performance" and "efficiency" than I do, because those two words NEVER come to mind when I'm running any Java applications.
> if you are writing an application that depends on an external library to be REQUIRED, which may or may not be installed on the users' machine, then you are going to run into problems
That's a complaint I have with many programs written for Linux. They want all these libraries to be installed already, don't include them, and don't tell you how to get them, if they even tell you WHAT libraries are missing. Usually it'll just say that some random file is missing instead of the package that's missing.
Microbes, maybe? I wonder if it's really completely sealed off from the outside world. There may be "vents" that lead to open air. Still (as I understand it) would have to have either some O2 creating organism or some way to circulate the air... Multiple vents? If they are up high enough, such creatures would probably not be able to reach it while still allowing oxygen to enter and flow.
Its' not a bug... it's a feature! It lets them see all of your data so they can verify its integrity. And since we're talking about the American government, they are currently in serious need of integrity!
> doctor unable to access a patients medical information at another hospital to know a person has an allergy to a certain medication
You SEVERELY overestimate the interconnectivity of hospitals. In fact, if they are not in the same Health System (same company), it's pretty rare to have patient information transferred over the Internet on-demand, ever. There are so many different Clinical Information Systems on the market, and few (if any at all) of them have a method for transferring data between them*. Some have WWW-based CISes, but if the doctor isn't a member of that facility, they can't log in to view the patient info. Information like that is usually faxed or spoken over the phone, if it isn't on file locally.
Even ignoring all of that, why the hell would a hospital have their network open like that to even allow the POSSIBILITY of a DoS reaching their PCs?
All in all, if a patient's life is put in any danger at all due to a network outage (besides sending Digital Images of MRIs, CATs, etc for offsite reading) they do not have sufficient staff on-site to call themselves a hospital.
* This doesn't consider HL7, which is not meant to transfer patient info like that.
> I'd point out that there aren't enough of those to make a significant percentage of the voting public
And seriously, what is the problem with felons voning? Does anyone seriously think there are enough of them to get elected the politician whose platform is "I likes me some killin' and rapin'?"
Slashdot Mirror
> How does the virus "infect" a computer then?
It doesn't "infect" anyone, although it does execute the code on your PC.
> However, the cumulative effect on Yahoo's webmail, especially yahoo! groups, is tremendous.
Good point. So it rates high for some people using Yahoo (but certainly not all) which, admittedly, is quite a large group. Low rating for everyone else.
> So when it seems that all american's think the english have either a cockney accent or an RPS
Not sure what RPS is supposed to mean, but if you truly believe all Americans think that you are horribly, horribly misinformed. It seems that so many of the things people hate about the American public are based on misconceptions (or outright lies, which I don't think is the case here). There are enough GOOD reasons to hate us that making shit up makes others seem petty.
Despite the trollish phrasing, you are correct. Mr. "Baddas" has no idea what he's talking about. I am originally from West Virginia and people there do not all sound like ignorant hicks. In fact, it's more likely that the people from LA would not understand WV residents than the reverse. Seriously, people in California don't usually have difficult-to-understand accents, except for maybe hispanics and visitors from other places. And as long as someone is speaking english (or close to it) and you actually try listening, it's not that hard to understand them -- unless you are complaining for the sake of complaining or have your direct attention turned elsewhere (like when you're trying to get phone tech support).
> Mac users aren't directly affected by this
Correct: in exactly the same way that PC users aren't directly affected by this... Or Linux users...
The platform doesn't matter, you tool: the flaw is in Yahoo! Mail, not in the browser. It should spread in exactly the same way on any browser that has JavaScript turned on. You mentioned turning off HTML... Did you think about that a second? There is no EMail client involved in this.
You DO know that Yahoo! Mail options work the same on all platforms, right?
> It would be nice to know if the worm affects any Web Browser or only the usual suspect
It doesn't affect any web browser, per se, as it's not a browser exploit. It uses Yahoo's javascript code. It _should_ work on any browser with JavaScript enabled that can view a regular Yahoo! mail account.
> A flaw in whose JS implementation then?
It's not a JS implementation flaw, it's a programming flaw. The programming was done in JavaScript, which is why they said "a flaw in JavaScript." It's Yahoo's programmers who are at fault.
> The worm itself (at least from the description here) sounds relatively serious
Huh? All the descriptions I've seen say it just forwards itself to people in your Yahoo! contact list. I've seen nothing about it doing any damage to your PC, browser, or even your Yahoo! mail account. How is that worthy of a rating more than two? Unless I'm missing something, 2 sounds too high. Is there some other evil effect that was discovered and not posted in the messages I've seen so far?
> people with disabilities may not be able to use your website if it relies too much on Javascript.
Not to sound like a jerk or anything, but I really don't care. Sometimes things happen in life -- including those over which you have no control -- that cause you to not be able to do everything as easily as you once could -- or at all. Sure it sucks, but it's not my fault; it's not my problem either.
It's like that girl who sued her school because they wouldn't let her run track... and she was in a wheelchair. That's some arrogant $#!t. Yeah, it sucks that she's in a wheelchair, but it's not the school's fault and it should not be their responsibility to make sure she can participate in every single thing they offer, so long as it's reasonable. Keeping her off of the debate team because she can't reach the podium would be unreasonable. Telling a person with no legs they can't run is not an insult, it's reality.
Completely redesigning my website (of the millions that exist) for blind people is not reasonable, unless I had a specific desire to do so. JavaScript is the least of their worries.
The actions may be... short-sighted, but that doesn't necessarily reflect an individual's stupidity or intelligence.
> The people that do stupid things regularly aren't learning anything, so where does intelligence play its role?
Stupid actions don't always necessarily arise from stupidity. Perhaps past influences, upbringing, and previous misinformation cause otherwise intelligent people to do stupid things. And as for repetition, "old habits are hard to break."
> that was the reason for dismissal
To clarify, that was reason for dismissal in one of the primary claims, not dismissal of the entire case.
> You'll see that the site owner was actually being sued by DirecTV (I have no idea why), and their lawyers and employees were sniffing around looking for legal candy
Which article are you reading? In the four paragraphs of the article I read on ACSBlog, it said nothing about DirecTV suing him; the case is called Snow v. DirecTV, not DirecTV v. Snow.
In the linked PDF, it says that at one point Snow was involved in an "anti-piracy solution" started by DirecTV, but it was "dismissed without prejudice."
> the statute the man was suing under was essentially one relating to eavesdropping on "secure communications,"
From the article: According to Snow, such unauthorized access violated the Stored Communications Act (SCA), which forbids accessing an electronic communication "without authorization."
It says nothing about secure communication.
Also in the linked PDF, and somewhat unrelated to your post, the judge "reasoned" (unreasonably, IMO) that "electronic bulletin boards" are not "in electronic storage" -- that was the reason for dismissal. I don't know how it COULDN'T be "in electronic storage." The PDF said nothing about secure communication either.
Clue you say? I don't use VB(.Net) either, although I have written web pages in ASP (VBScript). For application programming I usually use C++, although I don't think my language preference makes much difference, and I don't write many useful programs in it.
I say Java is slower because that has been my experience as an end-user. When run as an application it's certainly faster (as opposed to a web page applet), but still not as fast as other, similar programs in other languages. Perhaps the Java programs I have used have been written mostly by people who have no business writing Java apps professionally; I don't know any of them personally. Nor have I written anything besides the most basic Java programs myself (and I mean basic as in "Hello World [OK]").
Another completely unrelated problem with Java is (what appears to be) version incompatibility. Again, that could be shortcomings of the individual programmers/companies, but installing a copy of Oracle 9i client (includes Java 1.3.??_??) breaks other programs we have that require Java. It can be fixed with a simple registry tweak, but that is not acceptable for professional software.
I had considered specifying building your own gun, but didn't think that it made that big of a difference.
So if you mill & lathe all the pieces to make a gun of your own, perhaps non-traditional, design and then shoot someone with it, is it somehow worse than shooting someone with a gun that you bought at a store?
> Yup - Even (gasp!) bought stuff from them.
I wonder if you are now on a terrorist watch list because of that.
> most importantly, not my state and not their state, the only two that matter
Out of curiosity, would you need to consider the laws of the states that the cargo must be shipped through to get to you?
> Amendment2 does not grant US people weapons of mass destructions, only "arms", which by its very wording means a targeted extension of the bare hand's destructive power (sword, rifle).
As a purely philisophical exercise, what is the true difference between pulling a trigger to begin mechanical and chemical processes that will kill someone and pushing a button to start mechanical and chemical processes that will kill them?
> To some programmers this means [...] bad performance and horrible memory efficiency
You must have different concepts of "performance" and "efficiency" than I do, because those two words NEVER come to mind when I'm running any Java applications.
> if you are writing an application that depends on an external library to be REQUIRED, which may or may not be installed on the users' machine, then you are going to run into problems
That's a complaint I have with many programs written for Linux. They want all these libraries to be installed already, don't include them, and don't tell you how to get them, if they even tell you WHAT libraries are missing. Usually it'll just say that some random file is missing instead of the package that's missing.
We use what we call a "finger drive" (not to be confused with thumb drive). After a catastrophic failure, we are all driven to finger pointing.
Microbes, maybe? I wonder if it's really completely sealed off from the outside world. There may be "vents" that lead to open air. Still (as I understand it) would have to have either some O2 creating organism or some way to circulate the air... Multiple vents? If they are up high enough, such creatures would probably not be able to reach it while still allowing oxygen to enter and flow.
Its' not a bug... it's a feature! It lets them see all of your data so they can verify its integrity. And since we're talking about the American government, they are currently in serious need of integrity!
> doctor unable to access a patients medical information at another hospital to know a person has an allergy to a certain medication
You SEVERELY overestimate the interconnectivity of hospitals. In fact, if they are not in the same Health System (same company), it's pretty rare to have patient information transferred over the Internet on-demand, ever. There are so many different Clinical Information Systems on the market, and few (if any at all) of them have a method for transferring data between them*. Some have WWW-based CISes, but if the doctor isn't a member of that facility, they can't log in to view the patient info. Information like that is usually faxed or spoken over the phone, if it isn't on file locally.
Even ignoring all of that, why the hell would a hospital have their network open like that to even allow the POSSIBILITY of a DoS reaching their PCs?
All in all, if a patient's life is put in any danger at all due to a network outage (besides sending Digital Images of MRIs, CATs, etc for offsite reading) they do not have sufficient staff on-site to call themselves a hospital.
* This doesn't consider HL7, which is not meant to transfer patient info like that.
> I'd point out that there aren't enough of those to make a significant percentage of the voting public
And seriously, what is the problem with felons voning? Does anyone seriously think there are enough of them to get elected the politician whose platform is "I likes me some killin' and rapin'?"
Wow, you might as well advocate having cameras in everyone's homes, since if they aren't gonna commit a crime, no reason to worry, right? geesh.