Whoever sent the facebook photo, either is doing something *very* wrong, or found a bug. MS does not sell DRM'ed music via Zune Marketplace. And it does not delete your music, unless yo request it. The only DRM is in subscription, which is fine.
Defense does not necessarily need to be incompetent. As long as the accuser can demonstrate that the patent applies, defense has no choice, until the patent used itself is invalidated, which is not easy. (Remember that one-click shopping patent of Amazon).
I've only seen one recent case of Microsoft using patents against competition (FAT vs TomTom). However, every year they have to pay hundreds of millions of dollars to unknown companies. Especially the Eolas case was ridiculous, and those money, unfortunately, goes from our wallets, as the MS tax, when we purchase a new Dell system.
The main point is, automated Google translation from Turkish is nowhere is good, and any respectable news source (i.e: slashdot) should not refer to it, unless they want to look funny.
As someone mentioned above: "they set us the bomb". But given the context of the article, probably "all your base are belong to us".
It's not a government ban, but actually caused vy a loophole in the law. (It has never been a government ban, nevertheless it's embarrassing).
*Any* court can order the ban of *any* website in Turkey. It only takes a single prosecutor deeming the case worthy, and a judge accepting it.
So for example, you can complain "google is infringing on my intellectual property", and if the prosecutor buys it, the judge can put in a preliminary motion to ban google. The ISPs can not do anything about it (except for going for an appeal).
The related law is being questioned, and will probably be replaced soon. (Hopefully).
Which is why it fails a day or a week later when Microsoft DNS screws itself, or some other random process screws the Registry - or some hacker blows Exchange out of the water entirely....
Not to further mention that you can't run any of these open protocols without buying a very NON-open OS.
You've missed the entire point, I'm not telling AD is the only (or best) option. Yet AD can be setup and maintained very fast and easily.
For your information, the server in question was set up just after the release of Windows Server 2003 SP1. After that it remained online without an antivirus or firewall service on for a long time that I cannot remember. (With no failures or successful attacks, yes the automatic updates option was enabled).
Recently it's been reformatted to install Windows Server 2003 R2. Btw the network remained online, automatically switching to another domain controller (actually they've always been redundant anyway).
Btw, we also maintain (our bigger) system on CentOS/Fedora Directory Server. Yes, it's possible to do everything on an OSS system. But it takes much more time (yep we have that too).
Sorry, but looking at the issue from only a single side is no good. You have to extend your options.
So, you mean that they abuse their economical power... But it is ok, since they do that with a nice GUI? Or are you saying (falsely) that Microsoft has not extended those protocols? Because they have extended (or tried) almost all of them, DNS being the only exception, and irrelevant since they already tried to extend TCP.
In order not to get further into a flamewar, it'll try to get technical.
Let's say we need to build an infrastructure on the open protocols mentioned above. While there're plenty of alternatives, one can propose Active Directory can also do the job well (this does not mean it's best or anything).
AD can also serve Kerberos for Linux clients (in a standard way): (here), it can also do RADIUS as well.
AD is LDAP compliant so use can also use nss_ldap to grab user information on Linux system from it
Linux and Windows nodes can perform two directional file sharing via standard* CIFS protocol
AD (with addition of certificate services) can serve as s X509 Certificate Authority.
AD + Exchange will understand SMTP, SMTP-AUTH (over LDAP), POP3, IMAP, IMAPS, NTTP protocols (additional web based access is also provided).
With Windows Server 2003 R2, AD can also serve standard NIS, NFS, CUPS and similar UNIX protocols.
If you include non standard (but known) protocols in the mix, Windows and Linux machines can also interoperate via DFS (Distributed File Sharing), RPD (Terminal Services), etc.
The required setup is done less than an hour, and will require a (less competent) system administrator for maintenance in the long run.
(It can be argued that the Linux side will require a more educated - i.e: more expensive - system administrator, and preparation of many site specific scripts and configurations - yet this may not seem objective for some people).
Don't misunderstand I'm not proposing converting all the systems to AD. I'm telling AD is also a fine solution based on open protocols.
It's true that Microsoft used a "vendor specific" byte in Kerberos protocol to keep SAMBA out (at least for a while). It's not good.
But Microsoft also handles many protocols nicely (as long as it's on the server side), and provides easy to use GUIs to setup and administer them.
For example, let's say I want to store all my infrastructure for user accounts, X509 certificate and DNS services and email configuration on a LDAP directory and would like to access via Kerberos as well.
The setup wizard for Active Directory will handle all these tasks (automatically) in less than 10 minutes (and add 30 minutes setup for Exchange and service packs). Additionally I'll receive many administration GUIs, fully redundant setup and backup programs. (Not including group policy which does not have a good alternative on Linux side yet).
On the other hand the same infrastructure setup on linux (with Fedora Directory Server or similar), requires coding plenty of scripts (LDAP gateway, sendmail configurations, kerberos password migration, etc, etc) and will probably take 3 days at best. Additionally I'll have to setup Amanda and similar backup strategies by hand.
So, I'd either choose to invest $1000 on a Windows Server 2003 license once, or hire an administrator with $1000 more salary per month than a current one.
Unfortunately many enterprises choose the first one
(btw our current setup uses Fedora Directory Server as main, while we also have an Active Directory installation in parallel, yet this is only because we're a university and we like to experiment more).
The solution is easy: Make options available to choose alternate rating systems and/or hand pick games.
With the (pending) inclusion XBox Live Marketplace to Vista, parental controls could be accepted as a necessary features (at least for those who want to control their children). Yet I'm not sure Microsoft will include those flexibility options.
I think the machines will always be subject to much discussion until their source codes are approved by all the parties and the installation of the hardware is done in front of inspectors in all sites.
But as it will not probably be done, we'll not see an end of unfairness claims.
I still do not see how the courts manage to see "right to deliver unwanted messages" are as free speech, while ignoring the rights and monetary loss of others.
First while "sending" email is free, the cost of actual delivery (internet backbone) and storage (server admins) are handled by other parties.
And the spam which makes the ways to the inbox somehow causes loss of time, two times. First the time of the recepient who must carefully find "real" email which could be lost in the piles of junk. And the time of the programmer who must develop anti-spam technologies.
I guess the best "comprimise" would be "taxing" the e-mails somehow. So that the cost of 1,000,000 messages of a single sender will not be put upon the carriers and the recipients (the attitute is: you're sending me mail to store, so you must pay for it).
By writing from scratch they do not mean throwing away all the previous code, it's not reasonable. However they did indeed redesign many core places of the OS.
At first, as everybody knows, they wanted to increase the value of their desktop platform (winfs, desktop composition,.net only code, etc). However they realized that not only their code was unsecure, but it was also unmaintanable, and not fit these kinds of enhancements.
So they did redesign the presentation (GUI), sound, power management, networking, security (user accounts, remote desktop, etc), monitoring, kernel and application protection schemes, and similar core aspects of their OS. So this enabled them to complete some of their inital goas, on the other hand they were also able to give us a more stable and secure platform.
As for the WMF exploit (it's already probably patched by now), they did not throw away all the utility libraries (metafiles is one of them) so it could somehow stayed there. However since they redisigned IE7 to include a sandbox, this or any other unknown vulnurability will be much harder to exploit (the exploit will not have access to file system, registry, network, etc).
Please understand that I'm not a Microsoft fanboy, I'm just recognizing their hard effords.
Too bad that it won't work, unless they scrap everything they have and start from scratch, likely breaking all most backwards compatibility in the progress.
(Ok, sometimes I remember being surprised to see 3 songs from the same artist played consequently. However considering that there are hundreds of songs in total and ~5 from each artist, it would be not-so-random for this to *not* happen in a single run of the playlist. We tend to consider numbers like 444,499,911,101 not random, however it has the same probabilty with all the other 12 digits numbers in a linear distrubition).
Well, if the "crap" actually install something on the system, except from the browser toolbar, another explicit warning is displayed, including the path detail, which tells about what's happening, there is also more info link on the dialog.
(For example, something like: The program wants to modify registry, key: HKEY_LOCAL_MACHINE\..., etc).
So if the user still clicks ok on this prompt (and the other 2 before, and one after that) the crap will be given access to the system.
And you may say, there are some people who will do that, yep you're right, but Microsoft cannot do anything more than that for people who want to shoot themselves. You cannot be sure that you only install a browser extenstion in this case. This is the same for Firefox also.
(The other ones are not allow to access the system, so very probably it's not "a hide" only for them).
The result is really interesting
on
IE7 Toolbar Mayhem
·
· Score: 3, Insightful
Actually, as everyone has already pointed out, disregarding FOUR (max) security warnings to install software is not "a security" test. However what he does at the end is very interesting.
I did not expect all those applications (where some of them had direct access to file system and registry) could be removed by a single click (and a confirmation).
So we learn three new strong points of IE7 (added to what IE6 already provides):
Every installation requires confirmation (actually several of them) with a big warning dialog
If the installation requires access to file system or registry, it will require another specific confirmation (in a special secure mode)
IE has the capabilty to clean all the crap with a single reset button now
I'll personally continue to use Firefox, however I'm glad to see IE getting secure, because every now and them I have to use some "bad designed" site which only works on IE. And now I can be more assured about the security of my system.
LDAP authentication in Linux is pretty mature now, and there are many alternatives you can choose according to your needs. They've already been discusses above, I'll try to summarize.
If you just want an quick and easy solution with good compatibility, Active Directory is your friend. It stores all the user, machine and configuration information in LDAP, supports authentication via Kerberos and discovery by using DNS. And Windows Server 2003 R2 brought an NIS server, which you can use if you have some old (probably Sun) boxes lying around.
If you do not like Microsoft, you can choose Novell's NDS. They have a very good history in directory space. However NDS does not run (or I could not easily get it to) on "unspported" new Linux releases (like CentOS/RedHat 4.3).
If you want to go open source you may prefer Fedora Directory Server. It's solid, it has many features (4 way multi master replication, GUI administration, live backups, etc), and you can easily migrate your old passwords to it. However if combining with Kerberos, you'll need to sacrifise those passwords (and a lot of time reading kerberos documentation).
You can also choose Sun's directory server (which shares roots with FDS), or Apache DS (which has the most functionality, yet not stable enough).
I'd recommend against OpenLDAP, unless for maintaining legacy systems. Access Control information is store in configuration files as regular expressions. It's both less secure (you may easily make mistakes), and you need to restart the server when changing ACLs. It also has less features than any other alternative. (They had helped the community for a long time, but I guess they've served their purpose).
Any correction is welcome, so I can fix our current system (FDS).
> Nero has a very similar product, but it doesn't work on CSS-encrypted discs.
Actually Nero has the never version of the same program. Since it was so good, Nero apparently bought DVD Shring along with the author and released it as "Nero Recode". For apparent reasons they've dropped CSS decrypting support. Also the author stopped developing (or even distributing) the freeware version, but the website was still intact.
Yes, they sell CDs for cheap. But they still "charge" even if that's small.
We already have a license, and we have the CDs: the "pirated" one, my laptop's cd and several others from my uni's MSDN subscription (every possible Windows XP version actually: home/pro, retail/volume, plain/sp2). However none of them works with "his laptop's" key. I guess it only works with manufacturer's CD.
MSDN does not allow sharing keys with friends,:( we have everything but still no genuine windows installation. And it's not logical to pay for some something which provide no functionality:)
I tried to update one of my friends' laptop, but it failed the activation check. Apparantly he did not install from the original cd that came with his computer (there is a genuine sticker below the laptop so it does have a legal license), but instead used a "corporate version" he got from another friend.
Windows update offered selling a legimate key for retail price. I guess they do this for non-volume versions too.
So all you have to do is engage windows update, get the check failed and follow the corresponding links to get a legal key for its price.
(PS: I did not buy the key, and he could not find his original cd. So he has a legal license that sits as a sticker below his laptop and an illegal copy of windows which he cannot update properly).
Slashdot Mirror
Same here. There is absolutely no reason to pirate if you can pay for it.
And if I don't want to pay for something, it's either not worth it - That also means, it's not worth my time either.
Or... It's too expensive for the purpose. Then I try to find an open source / trial alternative, or get it through my university.
This has worked for me for long time now.
Mod this one (parent) up.
Whoever sent the facebook photo, either is doing something *very* wrong, or found a bug. MS does not sell DRM'ed music via Zune Marketplace. And it does not delete your music, unless yo request it. The only DRM is in subscription, which is fine.
Defense does not necessarily need to be incompetent. As long as the accuser can demonstrate that the patent applies, defense has no choice, until the patent used itself is invalidated, which is not easy. (Remember that one-click shopping patent of Amazon).
I've only seen one recent case of Microsoft using patents against competition (FAT vs TomTom). However, every year they have to pay hundreds of millions of dollars to unknown companies. Especially the Eolas case was ridiculous, and those money, unfortunately, goes from our wallets, as the MS tax, when we purchase a new Dell system.
The main point is, automated Google translation from Turkish is nowhere is good, and any respectable news source (i.e: slashdot) should not refer to it, unless they want to look funny.
As someone mentioned above: "they set us the bomb". But given the context of the article, probably "all your base are belong to us".
Thanks for you mature comment. I hope by writing this, and listening to music on my computer I don't become a hypocrite.
Well, actually I don't think so :)
It's not a government ban, but actually caused vy a loophole in the law. (It has never been a government ban, nevertheless it's embarrassing).
*Any* court can order the ban of *any* website in Turkey. It only takes a single prosecutor deeming the case worthy, and a judge accepting it.
So for example, you can complain "google is infringing on my intellectual property", and if the prosecutor buys it, the judge can put in a preliminary motion to ban google. The ISPs can not do anything about it (except for going for an appeal).
The related law is being questioned, and will probably be replaced soon. (Hopefully).
There is a list of all the media (including several movies) on their press release site:. php
http://visservices.sdsc.edu/projects/nees/article
This includes both real and simulated building captures (and several overlayed ones).
You've missed the entire point, I'm not telling AD is the only (or best) option. Yet AD can be setup and maintained very fast and easily.
For your information, the server in question was set up just after the release of Windows Server 2003 SP1. After that it remained online without an antivirus or firewall service on for a long time that I cannot remember. (With no failures or successful attacks, yes the automatic updates option was enabled).
Recently it's been reformatted to install Windows Server 2003 R2. Btw the network remained online, automatically switching to another domain controller (actually they've always been redundant anyway).
Btw, we also maintain (our bigger) system on CentOS/Fedora Directory Server. Yes, it's possible to do everything on an OSS system. But it takes much more time (yep we have that too).
Sorry, but looking at the issue from only a single side is no good. You have to extend your options.
In order not to get further into a flamewar, it'll try to get technical.
Let's say we need to build an infrastructure on the open protocols mentioned above. While there're plenty of alternatives, one can propose Active Directory can also do the job well (this does not mean it's best or anything).
The required setup is done less than an hour, and will require a (less competent) system administrator for maintenance in the long run.
(It can be argued that the Linux side will require a more educated - i.e: more expensive - system administrator, and preparation of many site specific scripts and configurations - yet this may not seem objective for some people).
Don't misunderstand I'm not proposing converting all the systems to AD. I'm telling AD is also a fine solution based on open protocols.
It's true that Microsoft used a "vendor specific" byte in Kerberos protocol to keep SAMBA out (at least for a while). It's not good.
But Microsoft also handles many protocols nicely (as long as it's on the server side), and provides easy to use GUIs to setup and administer them.
For example, let's say I want to store all my infrastructure for user accounts, X509 certificate and DNS services and email configuration on a LDAP directory and would like to access via Kerberos as well.
The setup wizard for Active Directory will handle all these tasks (automatically) in less than 10 minutes (and add 30 minutes setup for Exchange and service packs). Additionally I'll receive many administration GUIs, fully redundant setup and backup programs. (Not including group policy which does not have a good alternative on Linux side yet).
On the other hand the same infrastructure setup on linux (with Fedora Directory Server or similar), requires coding plenty of scripts (LDAP gateway, sendmail configurations, kerberos password migration, etc, etc) and will probably take 3 days at best. Additionally I'll have to setup Amanda and similar backup strategies by hand.
So, I'd either choose to invest $1000 on a Windows Server 2003 license once, or hire an administrator with $1000 more salary per month than a current one.
Unfortunately many enterprises choose the first one
(btw our current setup uses Fedora Directory Server as main, while we also have an Active Directory installation in parallel, yet this is only because we're a university and we like to experiment more).
The solution is easy: Make options available to choose alternate rating systems and/or hand pick games.
With the (pending) inclusion XBox Live Marketplace to Vista, parental controls could be accepted as a necessary features (at least for those who want to control their children). Yet I'm not sure Microsoft will include those flexibility options.
Why is 360 better for developers?
I can't tell much. I'm not a game developer. But John Carmack did a recent interview and told why: summary here
I guess it means something.
I think the machines will always be subject to much discussion until their source codes are approved by all the parties and the installation of the hardware is done in front of inspectors in all sites.
But as it will not probably be done, we'll not see an end of unfairness claims.
I still do not see how the courts manage to see "right to deliver unwanted messages" are as free speech, while ignoring the rights and monetary loss of others.
First while "sending" email is free, the cost of actual delivery (internet backbone) and storage (server admins) are handled by other parties.
And the spam which makes the ways to the inbox somehow causes loss of time, two times. First the time of the recepient who must carefully find "real" email which could be lost in the piles of junk. And the time of the programmer who must develop anti-spam technologies.
I guess the best "comprimise" would be "taxing" the e-mails somehow. So that the cost of 1,000,000 messages of a single sender will not be put upon the carriers and the recipients (the attitute is: you're sending me mail to store, so you must pay for it).
Ok, I hope this does not turn into a flamewar.
.net only code, etc). However they realized that not only their code was unsecure, but it was also unmaintanable, and not fit these kinds of enhancements.
By writing from scratch they do not mean throwing away all the previous code, it's not reasonable. However they did indeed redesign many core places of the OS.
At first, as everybody knows, they wanted to increase the value of their desktop platform (winfs, desktop composition,
So they did redesign the presentation (GUI), sound, power management, networking, security (user accounts, remote desktop, etc), monitoring, kernel and application protection schemes, and similar core aspects of their OS. So this enabled them to complete some of their inital goas, on the other hand they were also able to give us a more stable and secure platform.
As for the WMF exploit (it's already probably patched by now), they did not throw away all the utility libraries (metafiles is one of them) so it could somehow stayed there. However since they redisigned IE7 to include a sandbox, this or any other unknown vulnurability will be much harder to exploit (the exploit will not have access to file system, registry, network, etc).
Please understand that I'm not a Microsoft fanboy, I'm just recognizing their hard effords.
Too bad that it won't work, unless they scrap everything they have and start from scratch, likely breaking all most backwards compatibility in the progress.
o ws_Vista#Security_and_safety
Yep, as it's pointed out above, this is one of the biggest reasons to why vista is delayed so much. Wikipedia has information on this: http://en.wikipedia.org/wiki/Features_new_to_Wind
iPod just plays fine :)
(Ok, sometimes I remember being surprised to see 3 songs from the same artist played consequently. However considering that there are hundreds of songs in total and ~5 from each artist, it would be not-so-random for this to *not* happen in a single run of the playlist. We tend to consider numbers like 444,499,911,101 not random, however it has the same probabilty with all the other 12 digits numbers in a linear distrubition).
Well, if the "crap" actually install something on the system, except from the browser toolbar, another explicit warning is displayed, including the path detail, which tells about what's happening, there is also more info link on the dialog.
(For example, something like: The program wants to modify registry, key: HKEY_LOCAL_MACHINE\..., etc).
So if the user still clicks ok on this prompt (and the other 2 before, and one after that) the crap will be given access to the system.
And you may say, there are some people who will do that, yep you're right, but Microsoft cannot do anything more than that for people who want to shoot themselves. You cannot be sure that you only install a browser extenstion in this case. This is the same for Firefox also.
(The other ones are not allow to access the system, so very probably it's not "a hide" only for them).
I did not expect all those applications (where some of them had direct access to file system and registry) could be removed by a single click (and a confirmation).
So we learn three new strong points of IE7 (added to what IE6 already provides):
I'll personally continue to use Firefox, however I'm glad to see IE getting secure, because every now and them I have to use some "bad designed" site which only works on IE. And now I can be more assured about the security of my system.
LDAP authentication in Linux is pretty mature now, and there are many alternatives you can choose according to your needs. They've already been discusses above, I'll try to summarize.
If you just want an quick and easy solution with good compatibility, Active Directory is your friend. It stores all the user, machine and configuration information in LDAP, supports authentication via Kerberos and discovery by using DNS. And Windows Server 2003 R2 brought an NIS server, which you can use if you have some old (probably Sun) boxes lying around.
If you do not like Microsoft, you can choose Novell's NDS. They have a very good history in directory space. However NDS does not run (or I could not easily get it to) on "unspported" new Linux releases (like CentOS/RedHat 4.3).
If you want to go open source you may prefer Fedora Directory Server. It's solid, it has many features (4 way multi master replication, GUI administration, live backups, etc), and you can easily migrate your old passwords to it. However if combining with Kerberos, you'll need to sacrifise those passwords (and a lot of time reading kerberos documentation).
You can also choose Sun's directory server (which shares roots with FDS), or Apache DS (which has the most functionality, yet not stable enough).
I'd recommend against OpenLDAP, unless for maintaining legacy systems. Access Control information is store in configuration files as regular expressions. It's both less secure (you may easily make mistakes), and you need to restart the server when changing ACLs. It also has less features than any other alternative. (They had helped the community for a long time, but I guess they've served their purpose).
Any correction is welcome, so I can fix our current system (FDS).
> Nero has a very similar product, but it doesn't work on CSS-encrypted discs.
Actually Nero has the never version of the same program. Since it was so good, Nero apparently bought DVD Shring along with the author and released it as "Nero Recode". For apparent reasons they've dropped CSS decrypting support. Also the author stopped developing (or even distributing) the freeware version, but the website was still intact.
Yes, they sell CDs for cheap. But they still "charge" even if that's small.
:( we have everything but still no genuine windows installation. And it's not logical to pay for some something which provide no functionality :)
We already have a license, and we have the CDs: the "pirated" one, my laptop's cd and several others from my uni's MSDN subscription (every possible Windows XP version actually: home/pro, retail/volume, plain/sp2). However none of them works with "his laptop's" key. I guess it only works with manufacturer's CD.
MSDN does not allow sharing keys with friends,
I tried to update one of my friends' laptop, but it failed the activation check. Apparantly he did not install from the original cd that came with his computer (there is a genuine sticker below the laptop so it does have a legal license), but instead used a "corporate version" he got from another friend.
Windows update offered selling a legimate key for retail price. I guess they do this for non-volume versions too.
So all you have to do is engage windows update, get the check failed and follow the corresponding links to get a legal key for its price.
(PS: I did not buy the key, and he could not find his original cd. So he has a legal license that sits as a sticker below his laptop and an illegal copy of windows which he cannot update properly).
Well actually you'll not see the error message because of the -f parameter...
$ man rm
-f, --force
ignore nonexistent files, never prompt
GPL shooting the "good guys" this time. Nevertheless if the open source community will not obey the rules no one will.
Fortunately there are many ways for them to exit this situation, and I hope everything will be cleared soon.