Yes, but if it does affect 99% of your users, and people trust your site not to be malicious so they keep coming, but you allow random people to post images to your forums... turning that off for now seems like a good idea to me.
The forums of Puzzle Pirates switched off all images when it became clear how bad this exploit is. They later turned back on avatars, since they're checked by the server (only accepts JPEGs and GIFs of a certain max size, and then stored server side, as far as I know).
The original announcement said they'd be back when Microsoft release their official patch, but I think PP is giving everybody time to patch first.
Heck, even money on your bank account is imaginary in exactly the same way that online game money is. It's just that more people accept it, for more things - but there is an exchange rate now, so it doesn't matter much.
In at least some ways (socially for many people, and monetarily, as stories like this show), MMO games are closer and closer to being "real life".
The other guy didn't fix the bug. he did not fix it All the 3rd party patch did was implement a workaround.
The thing is, this vulnerability isn't a bug. WMF files have a feature that allows them to register a callback function, and that callback function can do whatever it wants. Someone apparently thought it was a good idea at the time...
The 3rd party patch disables that feature. As does Microsoft's patch. You might call it a workaround, but what else is there to do?
You're missing the point. He's not saying they're related because they move through fluids, he's saying they're related because they have three dimensional control of where they are. And to some extent, that is something exclusive to them.
Apart from a huge amount of flying insects, bats (which are about one third of all mammal species), marine mammals, squid, jellyfish, all the other invertebrates in the sea... I suspect flying insects alone outnumber birds and fish combined.
Does this mean all those complaints about *BeatlesBeatles* or whatever his name is are completely bogus, since he could do the same with normal posts instead of articles?
You're fighting a lost battle there. The common understanding of the word 'hacker' now implies criminal behaviour.
The whole 'white hat' and 'black hat' thing never made it to the media, so all hackers are 'black hats' now.
He's not even fighting that battle, he's fighting the one before that. What he calls a "hacker" is not what you call a "white hat hacker". A hacker is an exceptionally gifted programmer, the term has nothing to do with security. People trying to break into computers are crackers, regardless of their intentions. So-called "white hats" are crackers.
What is my point? Well, I'm not sure, execpt to point out that your question is immediate and requires thought now. We don't need to wait for robots to need the discussion.
Basically, the problem of one side with overpowering technology, is that their politicians can paint a picture in the media of a "quick, clean, heroic" war. There has never been such a war in all of history, but the media love the image and the public falls for it every time. Then of course the war turns out differently than they had expected, every single time, but by then it's too late...
Shrug. I worked at several Internet shops, prepaid by bank transfer and rembours were the only options. I have a credit card, so I was paying the Hattrick subscriptions of ten people before they introduced payment methods where we could use a one time authorization instead.
All post means is that it's probably completely different for every European country as well...
Sorry to go even further off topic, but this is one of those 'difference between the US and Europe' moments again.
People seriously get wages paid in checks? I had no idea the word "paycheck" was literal.
In Europe, there used to be "Eurocheques" for use in foreign countries, but they ceased to exist in 2002 (after all, ATMs work everywhere, can just pay cash in other countries). Bills are paid electronically, or, I guess, by sending a paper transfer order to your bank. Every two months I get a paper record of what went in and out on my accounts, I store them, but I don't think I'll use them ever again.
Just interesting to see how different these Western countries can be.:-)
No, the GNU project is founded on the idea that it is beneficial for people to share contributions to software freely. Troll Tech has adopted the GPL, but it's not being run like an open source project.
Don't make the mistake of mixing up "GNU" and "open source". Most of GNU's own projects aren't run "like an open source project", if I think what you mean by that. Most GNU software is written by developers paid by the FSF, and all individuals who want to contribute something have to sign over all their copyrights, on paper, to the FSF.
What the GNU project is about is to make available a body of software that provides certain freedoms to its users. Qt is available under the GPL, and therefore it's basically part of that body of software. That's great! If anything the FSF is probably not happy that there's another license option available also, but they don't care how the project is run.
GPS was also expensive, but it made the investment back several times over in benefits to US industry. That is expected for Galileo too, for instance by the commercial service. It's an investment.
No they're not. They're everywhere. And yes, the rest of the world uses sometimes different systems but credit cards are used all over the world (yes, that means inclusive Europe) too.
Yes, credit cards exist here. Not many people have them, they use them almost never, and many people would specifically never use them over the Internet. We're used to other ways of paying - a direct bank transfer is most usual, or payment by rembours (where you pay the post man). Payment by SMS for small amounts is growing. Currently gettng popular in the Netherlands is a system called "one time authorization", where you authorize the company to withdraw an amount from your bank account. There's a new system coming soon that will probably be very popular, that connects you to the online systems of your own bank, so you can do the transfer in that like you normally would, then it reports back to the website you bought from that the payment has happened (this relies on cooperation by all the large banks).
Credit cards are for nerds like me who sometimes buy things from US sites.
Suppose I want to add Objective C to the list of languages I know a little about. My preferred way of doing that is to get a good book about it (and then play around a bit of course, but the book is the most important).
Any good book recommendations? I guess "Programming Objective C" by Stephen Kochan, or is there a better one?
I still think they have monopoly power in the OS market, or very close to it. Order a machine from Dell without OS, and you pay the same as with Windows - that shows that Microsoft still has tremendous power over Dell, to be able to force Dell to do that. The same is true for Office - OOo just doesn't have a significant market share.
The other points, that Microsoft doesn't have a monopoly in web browsers, internet search, game consoles, etc are all things they didn't have a monopoly over either in the period that they were convicted over - after all, the problem was that MS used thier OS monopoly to get a foothold in the web browser market, the Xbox came much later, and MSN has never been the top dog in Internet search. It was probably Altavista, Lycos, Yahoo or some such back then.
So, in my view they're almost as much of a monopoly as they used to be, and besides that they've branched into a lot of new markets on which they aren't yet monopolies, but just one of the players.
Because not getting the best performance out of hardware, no matter how old or new it is, puts your application at a disadvantage compared to your competitors. No matter how much you may try and justify things, your users don't care about the language you use to develop - they care about performance.
Simply not true. 95% of software is developed in-house, by small development teams that don't exactly have time to spare. Managers care about productivity, about getting more features implemented in the same time. An extra server costs what, the same as hiring a programmer for a single month?
I too like Python, but let's put this into perspective. This is an article about Ruby and Java, not about Python.
But that is a bit odd. To my mind, Python, Perl and Ruby are a pretty close family of similar languages. Java is rather different (mostly because of all the strict type checking, and the idea that putting everything in classes makes a language OO). Stuff like duck typing is central in both Ruby and Python.
Either compare different types of apple, or apples and oranges. But why would you compare one specific apple with one specific orange:-)
I don't know C#, because I'm also 100% focused on Linux and OSS things. Sometimes I feel that's a pity, it makes me a bit one sided, but I don't have the time to dive into that Windows stuff. Now that you have the option, why not learn something about how the Windows side does it?
The advantage of Java is that you can use it in your home setup, but if you're going to use it as a hobby, surely you can learn it as a hobby as well. It won't be that hard once you know C#, probably.
Actually, anti-virus software is nothing but snake oil and a money grab these days.
Why?
Once you get pwned, your system has been compromised. It's time for vetting any data, a thorough purge and reinstall.
Gee, that sounds serious, and these viruses don't tell you that they've just installed themselves. What someone should make then is some sort of software that scans your system for viruses and warns you if your system has been compromised...
Personally, I think EULAs are completely unenforcable; I bought some piece of software, I should be allowed to use that piece of software without agreeing to anything else. In my view, software should install without any problem if I choose to decline the EULA.
Now of course this is a rootkit, not something you bought, nobody wants on their computer and so on, but then sue them for that. I'd rather see some software maker sued because their software didn't install when the user declined the EULA, than the other way around.
abortion, file sharing, pot smoking, drinking under 21, euthanasia - all legal but in differing countries.
All legal in the Netherlands, plus gay marriage, prostitution, gambling...
Didn't stop us from becoming a bunch of small-minded, anti-intellectual, complaining, intolerant islamophobiacs, so it doesn't really say much. Just means that we like to tax the things we can't stop anyway.
A Bittorrent file is just a link to a tracker. Bittorrent sites are just a collection of links to bittorrent files. Bittorrent search engines are normal search engines. Bittorrent users aren't sharing a directory of files they have over Bittorrent.
Just that the download method uses P2P technology doesn't mean that it's a file sharing app. It's as much a file sharing app as HTTP GET is. It's a P2P version of HTTP GET.
Slashdot Mirror
Yes, but if it does affect 99% of your users, and people trust your site not to be malicious so they keep coming, but you allow random people to post images to your forums... turning that off for now seems like a good idea to me.
The forums of Puzzle Pirates switched off all images when it became clear how bad this exploit is. They later turned back on avatars, since they're checked by the server (only accepts JPEGs and GIFs of a certain max size, and then stored server side, as far as I know).
The original announcement said they'd be back when Microsoft release their official patch, but I think PP is giving everybody time to patch first.
Heck, even money on your bank account is imaginary in exactly the same way that online game money is. It's just that more people accept it, for more things - but there is an exchange rate now, so it doesn't matter much.
In at least some ways (socially for many people, and monetarily, as stories like this show), MMO games are closer and closer to being "real life".
The other guy didn't fix the bug. he did not fix it All the 3rd party patch did was implement a workaround.
The thing is, this vulnerability isn't a bug. WMF files have a feature that allows them to register a callback function, and that callback function can do whatever it wants. Someone apparently thought it was a good idea at the time...
The 3rd party patch disables that feature. As does Microsoft's patch. You might call it a workaround, but what else is there to do?
You're missing the point. He's not saying they're related because they move through fluids, he's saying they're related because they have three dimensional control of where they are. And to some extent, that is something exclusive to them.
Apart from a huge amount of flying insects, bats (which are about one third of all mammal species), marine mammals, squid, jellyfish, all the other invertebrates in the sea... I suspect flying insects alone outnumber birds and fish combined.
Does this mean all those complaints about *BeatlesBeatles* or whatever his name is are completely bogus, since he could do the same with normal posts instead of articles?
You're fighting a lost battle there. The common understanding of the word 'hacker' now implies criminal behaviour.
The whole 'white hat' and 'black hat' thing never made it to the media, so all hackers are 'black hats' now.
He's not even fighting that battle, he's fighting the one before that. What he calls a "hacker" is not what you call a "white hat hacker". A hacker is an exceptionally gifted programmer, the term has nothing to do with security. People trying to break into computers are crackers, regardless of their intentions. So-called "white hats" are crackers.
That said, yeah, that battle is rather lost...
What is my point? Well, I'm not sure, execpt to point out that your question is immediate and requires thought now. We don't need to wait for robots to need the discussion.
Basically, the problem of one side with overpowering technology, is that their politicians can paint a picture in the media of a "quick, clean, heroic" war. There has never been such a war in all of history, but the media love the image and the public falls for it every time. Then of course the war turns out differently than they had expected, every single time, but by then it's too late...
Shrug. I worked at several Internet shops, prepaid by bank transfer and rembours were the only options. I have a credit card, so I was paying the Hattrick subscriptions of ten people before they introduced payment methods where we could use a one time authorization instead.
All post means is that it's probably completely different for every European country as well...
Sorry to go even further off topic, but this is one of those 'difference between the US and Europe' moments again.
People seriously get wages paid in checks? I had no idea the word "paycheck" was literal.
In Europe, there used to be "Eurocheques" for use in foreign countries, but they ceased to exist in 2002 (after all, ATMs work everywhere, can just pay cash in other countries). Bills are paid electronically, or, I guess, by sending a paper transfer order to your bank. Every two months I get a paper record of what went in and out on my accounts, I store them, but I don't think I'll use them ever again.
Just interesting to see how different these Western countries can be. :-)
No, the GNU project is founded on the idea that it is beneficial for people to share contributions to software freely. Troll Tech has adopted the GPL, but it's not being run like an open source project.
Don't make the mistake of mixing up "GNU" and "open source". Most of GNU's own projects aren't run "like an open source project", if I think what you mean by that. Most GNU software is written by developers paid by the FSF, and all individuals who want to contribute something have to sign over all their copyrights, on paper, to the FSF.
What the GNU project is about is to make available a body of software that provides certain freedoms to its users. Qt is available under the GPL, and therefore it's basically part of that body of software. That's great! If anything the FSF is probably not happy that there's another license option available also, but they don't care how the project is run.
GPS was also expensive, but it made the investment back several times over in benefits to US industry. That is expected for Galileo too, for instance by the commercial service. It's an investment.
No they're not. They're everywhere. And yes, the rest of the world uses sometimes different systems but credit cards are used all over the world (yes, that means inclusive Europe) too.
Yes, credit cards exist here. Not many people have them, they use them almost never, and many people would specifically never use them over the Internet. We're used to other ways of paying - a direct bank transfer is most usual, or payment by rembours (where you pay the post man). Payment by SMS for small amounts is growing. Currently gettng popular in the Netherlands is a system called "one time authorization", where you authorize the company to withdraw an amount from your bank account. There's a new system coming soon that will probably be very popular, that connects you to the online systems of your own bank, so you can do the transfer in that like you normally would, then it reports back to the website you bought from that the payment has happened (this relies on cooperation by all the large banks).
Credit cards are for nerds like me who sometimes buy things from US sites.
Suppose I want to add Objective C to the list of languages I know a little about. My preferred way of doing that is to get a good book about it (and then play around a bit of course, but the book is the most important).
Any good book recommendations? I guess "Programming Objective C" by Stephen Kochan, or is there a better one?
I still think they have monopoly power in the OS market, or very close to it. Order a machine from Dell without OS, and you pay the same as with Windows - that shows that Microsoft still has tremendous power over Dell, to be able to force Dell to do that. The same is true for Office - OOo just doesn't have a significant market share.
The other points, that Microsoft doesn't have a monopoly in web browsers, internet search, game consoles, etc are all things they didn't have a monopoly over either in the period that they were convicted over - after all, the problem was that MS used thier OS monopoly to get a foothold in the web browser market, the Xbox came much later, and MSN has never been the top dog in Internet search. It was probably Altavista, Lycos, Yahoo or some such back then.
So, in my view they're almost as much of a monopoly as they used to be, and besides that they've branched into a lot of new markets on which they aren't yet monopolies, but just one of the players.
Because not getting the best performance out of hardware, no matter how old or new it is, puts your application at a disadvantage compared to your competitors. No matter how much you may try and justify things, your users don't care about the language you use to develop - they care about performance.
Simply not true. 95% of software is developed in-house, by small development teams that don't exactly have time to spare. Managers care about productivity, about getting more features implemented in the same time. An extra server costs what, the same as hiring a programmer for a single month?
I too like Python, but let's put this into perspective. This is an article about Ruby and Java, not about Python.
But that is a bit odd. To my mind, Python, Perl and Ruby are a pretty close family of similar languages. Java is rather different (mostly because of all the strict type checking, and the idea that putting everything in classes makes a language OO). Stuff like duck typing is central in both Ruby and Python.
Either compare different types of apple, or apples and oranges. But why would you compare one specific apple with one specific orange :-)
I don't know C#, because I'm also 100% focused on Linux and OSS things. Sometimes I feel that's a pity, it makes me a bit one sided, but I don't have the time to dive into that Windows stuff. Now that you have the option, why not learn something about how the Windows side does it?
The advantage of Java is that you can use it in your home setup, but if you're going to use it as a hobby, surely you can learn it as a hobby as well. It won't be that hard once you know C#, probably.
Even if it is $400Million in revenue per year, that is not profit. GOOG spent a billion in CASH, who knows how many years it will take to recoup that.
You say that as if the $1B is a pure loss; it isn't, they bought a 5% share of AOL with it.
(Yeah yeah, so that means they only have to recoup about $999 million...)
Actually, anti-virus software is nothing but snake oil and a money grab these days.
Why?
Once you get pwned, your system has been compromised. It's time for vetting any data, a thorough purge and reinstall.
Gee, that sounds serious, and these viruses don't tell you that they've just installed themselves. What someone should make then is some sort of software that scans your system for viruses and warns you if your system has been compromised...
Personally, I think EULAs are completely unenforcable; I bought some piece of software, I should be allowed to use that piece of software without agreeing to anything else. In my view, software should install without any problem if I choose to decline the EULA.
Now of course this is a rootkit, not something you bought, nobody wants on their computer and so on, but then sue them for that. I'd rather see some software maker sued because their software didn't install when the user declined the EULA, than the other way around.
abortion, file sharing, pot smoking, drinking under 21, euthanasia - all legal but in differing countries.
All legal in the Netherlands, plus gay marriage, prostitution, gambling...
Didn't stop us from becoming a bunch of small-minded, anti-intellectual, complaining, intolerant islamophobiacs, so it doesn't really say much. Just means that we like to tax the things we can't stop anyway.
A Bittorrent file is just a link to a tracker. Bittorrent sites are just a collection of links to bittorrent files. Bittorrent search engines are normal search engines. Bittorrent users aren't sharing a directory of files they have over Bittorrent.
Just that the download method uses P2P technology doesn't mean that it's a file sharing app. It's as much a file sharing app as HTTP GET is. It's a P2P version of HTTP GET.
Windows isn't trademarked either. Microsoft Windows is.
Well, current DVDs already have invasive DRM. Mandatory ads, hard to copy, etc. I guess you refuse to watch them?
Whatever the new standard will be, they're all DRMed out the wazoo. That's just not a choice, seen from the industry.