I've seen this - there was a printer driver component that clamav mistakenly took to be part of a windows virus. All antivirus systems will be liable to do that - short of keeping a full binary copy of the entire virus in the virus signature file, you're going to lose information.
Whether it's based on magic number-like signatures, or something like md5 hashes, or whatever, any way of recognizing a file, based on less than the full file for comparison, will always lose some information.
Note that this was clamav running on a knoppix boot disk, scanning a windows HD. It did detect a couple of legit bits of malware too.
I'd never read that manpage through
on
Securing Mac OS X
·
· Score: 2, Informative
insults If set, sudo will insult users when they enter an incorrect password. This flag is off by default.
That's really funny, in a "who the hell thought that would be a good idea?" sort of way...
Most people just copy and paste the
[user list] ALL=(ALL) ALL
form, without considering what limits can be imposed. Really, that's
[user list] [host list]=([run-as-user list]) [command list]
Even assuming $50/hr for a screwdriver-monkey level PC tech...
Given that Macs all have the super-easy access cases, they start looking a lot cheaper to maintain - lift latch, open case, no need to reach around for the RAM, it's right in front of you, close case, 5 minutes you're done.
Did you include all the
Kincaid: 7.1
ARI: 7.3
Coleman-Liau: 11.3
Flesch Index: 69.0
Fog Index: 9.8
Lix: 36.7 = school year 5
SMOG-Grading: 9.7 stuff in what you analyzed, or did you trim it only to the english text? Because it would be interesting to know what effect all of that would have on the overal 'style' ratings.
The development version of abiword (2.1.3 at the moment) runs on OS X without X11. The stable branch doesn't have an OS X specific binary - I guess you could probably just build from the standard unix source.
What's wrong with adding "target='blank'" to make the thing open a new window?
Popup functions just annoy people who use tabbed browsing - specifying a target name will open in either a new window, or new tab, consistent with what your user prefers.
I mean - is there any compelling reason to make all your links javascript functions that redirect the page?
That is really one of the most obnoxious uses ever for javascript. HTML has this nice a tag, I'm sure most of us are aware of it...
In an even greater embarassment, my school's website actually a java applet consisting of half a dozen buttons, which would reload the page at a different location. I mean really, who thought implementing hyperlinks in java would be a good idea. Now they've ditched the old website - they use flash instead:(
I just looked through the source - the only use of javascript I caught, was to put a timestamp on an ad banner, and it had an alternate version with noscript anyway. Completely pointless garbage, just like most javascript...
That won't actually do it - OS X prebinds executables to dynamic library calls whenever a new library version is installed. This is what happens whenever you run the update, and wait forever at the 'optimizing system performance' (or whatever) prompt.
Every time the prebindings of a dynamically linked executable are updated, that file is changed. So, probably not a single one of the executables on the system will match those on the install media.
Unless they actually put in a kernel extension to change the default Unix behaviour, they wouldn't be able to change the file's Ctime. Mtime and Atime could be fudged though, but changing them would update the Ctime...
It's nobody's fault but his own he insists on pronouncing his first name like that. He could pronounce it like any sane person would, to rhyme with "pollen"...
That would report the thing as an mp3, is the interesting thing.
The data fork of the file is a valid mp3 file, The resource fork contains the carbon executable. file, unless Apple has hacked it, doesn't look in resource forks...
Of course, if the OS would treat it consistently, everything would be fine - if it's gonna be an executable, give it an executable's icon...
The trick in the example posting, if I understood right, was that the executed code includes opening the file in iTunes and playing it.
So, if you open the file by dropping it on iTunes and playing it, it will work. If you double-click on it to play it, it will execute some code, and simultaneously launch iTunes and tell it to play the mp3. So, the only result a victim would observe would be iTunes playing an mp3 file as usual.
Except of course the proof of concept trojan pops up a warning dialog and then exits, so that's pleny observable...
Now, I just don't get that. Let me run my understanding of the idea by you, maybe I'm missing something
You launch a program like iTunes. You instruct it to play the mp3. It starts reading the MPEG stream it finds after the ID3 tags, and converting it to raw audio.
Now, through all this, the instruction register will be loading consecutive instructions from the iTunes executable. To get the JUMP to happen, wouldn't you somehow have to get right part of the MPEG stream into the instruction register? That would be a very strange mp3 player, on a very strange platform, that would execute an MPEG stream...
Affect \Af*fect"\ ([a^]f*f[e^]kt"), v. t. [imp. & p. p.
{Affected}; p. pr. & vb. n. {Affecting}.] [L. affectus, p. p.
of afficere to affect by active agency; ad + facere to make:
cf. F. affectere, L. affectare, freq. of afficere. See
{Fact}.]
1. To act upon; to produce an effect or change upon.
As might affect the earth with cold heat. --Milton.
The climate affected their health and spirits. --Macaulay
2. To influence or move, as the feelings or passions; to
touch.
Yes, it does. As long as it's always just you using it, yes. If I really like roundelays, and I want to listen to a song I bought on seven different stereo systems, each half a verse behind the other, that's my right.
And, more importantly, it's my right to listen to the music on any brand of device I want. If I can figure out a way to get NetBSD on RISC-Toaster to recognize a sound card, it's my right to use a tune I bought as the "toast is ready" theme song.
As for contract law vs. copyright law - that may be the case, but (a) I can't sign away rights. No matter how many slavery contracts you sign, you can't sell yourself into slavery. (b) It's up to Apple to verify their contract, or to designate someone to verify it. (c) The issue of whether clicking "I Agree" confers a contractual obligation is currently very unclear indeed.
I buy a tune. It's mine now, and I can make any private use of it I want to. That is a right. That includes changing the format to anything I want, listening to it on any device I want, or printing it out as extended ascii and hanging it on my bathroom wall if I feel like it.
Infringing on copyright, sure, that would not fall under fair use - I can't share the copies with people who haven't got a right to own them, I can't try to pass the thing off as my own work. But that only covers transferring the data, not my own private use of it.
I'm not sure that internet downloads would be a legitimate source - for you to download, someone else had to upload, and they would basically be distributing a copy, rather than passing on the original.
We've got a funny legal setup here in Canada. Because we pay a tax on every blank CD, that goes to record companies on the presumption we'll be copying audio disks (what, some people use them for data? Inconceivable!), it's legal to copy CDs for your personal use.
That means, you can't give away the copies - they're for your personal use only. But, you can always give away the original, since you bought it, and you don't have to destroy the copies, or even stop using them. You can even borrow or rent an original CD (or DVD or video, etc.), copy it, return it, and keep the copy.
You aren't depriving anyone of anything. The crime you are committing is copyright infringement. You are copying, not taking, illegally.
If indeed it is illegal. Here in Canada, we can copy CDs all you want - we pay a tax on every blank CD that's distributed to record labels, and in exchange we have the legal right to copy CDs. Not that anyone seems to make a distinction around here, the "it's theft" people still call it theft...
Slashdot Mirror
We Canadians say "about". It's Americans who say "abaht"
Whether it's based on magic number-like signatures, or something like md5 hashes, or whatever, any way of recognizing a file, based on less than the full file for comparison, will always lose some information.
Note that this was clamav running on a knoppix boot disk, scanning a windows HD. It did detect a couple of legit bits of malware too.
That's really funny, in a "who the hell thought that would be a good idea?" sort of way...
Most people just copy and paste the
[user list] ALL=(ALL) ALL form, without considering what limits can be imposed. Really, that's
[user list] [host list]=([run-as-user list]) [command list]
Given that Macs all have the super-easy access cases, they start looking a lot cheaper to maintain - lift latch, open case, no need to reach around for the RAM, it's right in front of you, close case, 5 minutes you're done.
It's supposed to be funny, not scientific.
Did you include all the
Kincaid: 7.1
ARI: 7.3
Coleman-Liau: 11.3
Flesch Index: 69.0
Fog Index: 9.8
Lix: 36.7 = school year 5
SMOG-Grading: 9.7
stuff in what you analyzed, or did you trim it only to the english text? Because it would be interesting to know what effect all of that would have on the overal 'style' ratings.
The development version of abiword (2.1.3 at the moment) runs on OS X without X11. The stable branch doesn't have an OS X specific binary - I guess you could probably just build from the standard unix source.
Popup functions just annoy people who use tabbed browsing - specifying a target name will open in either a new window, or new tab, consistent with what your user prefers.
Even if you only lose one customer, you've lost something and gained nothing.
That is really one of the most obnoxious uses ever for javascript. HTML has this nice a tag, I'm sure most of us are aware of it...
In an even greater embarassment, my school's website actually a java applet consisting of half a dozen buttons, which would reload the page at a different location. I mean really, who thought implementing hyperlinks in java would be a good idea. Now they've ditched the old website - they use flash instead :(
I just looked through the source - the only use of javascript I caught, was to put a timestamp on an ad banner, and it had an alternate version with noscript anyway. Completely pointless garbage, just like most javascript...
Every time the prebindings of a dynamically linked executable are updated, that file is changed. So, probably not a single one of the executables on the system will match those on the install media.
Unless they actually put in a kernel extension to change the default Unix behaviour, they wouldn't be able to change the file's Ctime. Mtime and Atime could be fudged though, but changing them would update the Ctime...
It's nobody's fault but his own he insists on pronouncing his first name like that. He could pronounce it like any sane person would, to rhyme with "pollen"...
The data fork of the file is a valid mp3 file, The resource fork contains the carbon executable. file, unless Apple has hacked it, doesn't look in resource forks...
Of course, if the OS would treat it consistently, everything would be fine - if it's gonna be an executable, give it an executable's icon...
So, if you open the file by dropping it on iTunes and playing it, it will work. If you double-click on it to play it, it will execute some code, and simultaneously launch iTunes and tell it to play the mp3. So, the only result a victim would observe would be iTunes playing an mp3 file as usual.
Except of course the proof of concept trojan pops up a warning dialog and then exits, so that's pleny observable...
You launch a program like iTunes. You instruct it to play the mp3. It starts reading the MPEG stream it finds after the ID3 tags, and converting it to raw audio.
Now, through all this, the instruction register will be loading consecutive instructions from the iTunes executable. To get the JUMP to happen, wouldn't you somehow have to get right part of the MPEG stream into the instruction register? That would be a very strange mp3 player, on a very strange platform, that would execute an MPEG stream...
Affect \Af*fect"\ ([a^]f*f[e^]kt"), v. t. [imp. & p. p.
{Affected}; p. pr. & vb. n. {Affecting}.] [L. affectus, p. p.
of afficere to affect by active agency; ad + facere to make:
cf. F. affectere, L. affectare, freq. of afficere. See
{Fact}.]
1. To act upon; to produce an effect or change upon.
As might affect the earth with cold heat. --Milton.
The climate affected their health and spirits. --Macaulay
2. To influence or move, as the feelings or passions; to
touch.
no text
And, more importantly, it's my right to listen to the music on any brand of device I want. If I can figure out a way to get NetBSD on RISC-Toaster to recognize a sound card, it's my right to use a tune I bought as the "toast is ready" theme song.
As for contract law vs. copyright law - that may be the case, but (a) I can't sign away rights. No matter how many slavery contracts you sign, you can't sell yourself into slavery. (b) It's up to Apple to verify their contract, or to designate someone to verify it. (c) The issue of whether clicking "I Agree" confers a contractual obligation is currently very unclear indeed.
Infringing on copyright, sure, that would not fall under fair use - I can't share the copies with people who haven't got a right to own them, I can't try to pass the thing off as my own work. But that only covers transferring the data, not my own private use of it.
I'm not sure that internet downloads would be a legitimate source - for you to download, someone else had to upload, and they would basically be distributing a copy, rather than passing on the original.
http://www.cb-cda.gc.ca/info/act-e.html#80
That means, you can't give away the copies - they're for your personal use only. But, you can always give away the original, since you bought it, and you don't have to destroy the copies, or even stop using them. You can even borrow or rent an original CD (or DVD or video, etc.), copy it, return it, and keep the copy.
If indeed it is illegal. Here in Canada, we can copy CDs all you want - we pay a tax on every blank CD that's distributed to record labels, and in exchange we have the legal right to copy CDs. Not that anyone seems to make a distinction around here, the "it's theft" people still call it theft...