windowsupdate is very easy to use, I am not arguing that. My points are:
1) M$ really lags when it comes to posting security updates on windowsupdate
2) The unwashed masses of computer users are unaware that windowsupdat exists.
3) windowsupdate is really practicial only for people that have bandwidth. Most people still use 56K or less. (At least that's what they are saying)
When it comes to applying security patches, and one wishes to do so in a timely fashion, I do not consider it trivial. All those Qxxxxxx.exe files one needs to download from the M$ Security Center, and the Rube Goldberg add-ons that are needed to apply more than one Qxxxxxx.exe per reboot are not "easy to use", especially not for an end user. Personally, I find it easier to download new kernels and Apache source and recompiling from scratch to maintain the Linux boxes than running the Qxxxxxx.exe files from M$.
You make a good point about their relative visibility compared to other OSs. I argue due to M$ monopolistic market share, especially in the workstation market, they have an implied duty to do far more than other OS vendors to make this stuff available.
I would cast the analogy between fueling and oiling ones car to proper file management, labelling floppies/cds and making backups. Patching the system, to me, is more analogous to changing spark plugs, etc. which most motorists don't know how or simply won't do themselves. As with spark plugs too, a mistake during installation can go unnoticed, and creating new drains on resources.
the patch for the exploit in question was released in October 2000
I don't want to harsh on you too roughly. Blaming the end user for not patching their systems is a bit like a programmer blaming a user for pressing that wrong key at that wrong time that crashes said programmers' code. They are innocent and ignorant. Insisting that they become clued about administering their computers is analagous to saying all motorists should be semi-proficient mechanics before climbing behind the wheel. Its just not practical, and it ain't never gonna happen.
Microsoft sure seems to have money to spend when it comes to sicking the BSA on its paying customers, or lobbying various public officials to look the other way while they break the law, yet seems to have $0 when it comes to educating the masses about the flaws in its products. Why not some full-page ads and television spots: "We're sorry we made a boo-boo. Please visit windowsupdate.microsoft.com to repair your Windows installation, and help keep The Internet safe for all of us." (and I have my doubts about whether that plugs these leaks) How about just putting some "Free MSN and Windows Repair CDs" next to the free AOL CDs you see everywhere. Instead, Microsoft seems to be quite content to allow the rest of us to pick up the tab for their follies in the form of lost productivity, upstream bandwidth fees, law enforcement investigations, etc. I would speak to their possible motives as to why they might want us all to waste our time and money, but I've sworn off the flamebait for a while.
I don't think the Pentagon was the target...One of the news sites said that plane was being "tracked" by a pair of F-16s at the time of the crash. My money is on the target being the White House, and the Air Force shooting down a civilian aircraft. Not that we like to do that sort of thing, or talk about it once it happens, it is necessary to defend the White House at almost any expense. Imagine the crush to the psyche of Americans if this icon of our freedom were destroyed. I'll bet the Air Force has standing orders/protocols to shoot any planes that get too close. If not them, then the AAA installed at the White House must.
Anyway, I am going to move away from the keyboard and attempt to go about my business today. I do not mean disrespect to the victims and their families; indeed I fear a friend of mine was working at his office in Tower 2 when the attack started. I know that the ultimate weapons of the terrorist are disruption and confusion. My personal counter attack comes in the form of getting back to business.
I hope we rebuild bigger and better WTC Towers. Adding panic buttons as standard cockpit equipment may be a good idea too.
It is YOUR crappy airport security that allowed these people through.
I disagree. It is our complacency that allowed them to breach security. Complacency should not be confused with Incompetence, in my book. I boarded a flight in the past three months where they did not even ask me the basics questions about how I handled my baggage. I knew that the ticket agent knew what she was supposed to do, and how to do it, and was probably capable of doing it well. She just didn't feel it was necessary any longer.
And if you don't think the US is capable of infiltrating _every_ plane in the offending country and ramming them into _every_ major landmark on their soil, you are a fool. Our guys would probably even live to tell about it, too. Thing is, we have laws that prevent us from doing exactly that. Funny thing too, the laws seem to be enough deterrent for the average United States Citizen. The attack was well planned, well executed, some might even say impressive. The biggest mass murder in history. On the scale of expertise available in the world, it was rank amateur. The Palestinians can rally in the streets today, and celebrate the mass extermination of human beings. I doubt they will have any streets in a few years, whether the US retaliates or not. That kind of hatred is a spiritual disease that will eventually lead to their own destruction.
Dude, you must be out of your mind. The US chose to allow the parties involved to resolve their own differences. This is NOT choosing sides. If anything, the US choosing to stand aside is indicative of a reversal of our previous support, which I believe is in response to the changing opinion of the American public that there is no hope to resolve the conflicts in the Middle East through diplomatic intervention. My attitude has changed over the years from one of hope, to "fuck 'em...let 'em slaughter each other" If the Palestinians are involved, this is a grave political mistake for them...Up till yesterday, I was starting to believe that the Israelis were equally as insane as the Palestinians. Now I'm in favor of getting mideavel on the responsible parties.
And give me a break, peace has never worked in the Middle East. The people never wanted it. Sure, there was mutual tolerance of each other, shrouded in resentment. This is not mutual acceptance, a key ingredient in a lasting peace process. Some lyrics from an american classic song (War in the East, War in the West): Everyone MUST have a place...All this hate MUST become a memory.
Maybe this is the iPaq repackaged under the HP logo. If not, then it is an effort by the PDA division at HP to stay alive in the face of the Compaq acquisition. For those guys it's either make a big splash now or put in for a transfer to the printing division.
Interesting point...Does this then make RedHat into the Free Software parallel of Microsoft? Please think about it before branding my post as flamebait. Great Bridge didn't sell, so RedHat sez "Resistance is futile. Your technology and culture will be adapted to service us"
Ummm I don't think so. Both will get responses that were sent to either. I thought this was the key point of the 802.11 hack, that someone could not only sniff your network, but through MAC address forgery, could join it. DoS attacks against the base station, creating that inadvertant back-door to your LAN/AppleShare/SMB servers, etc. I suppose if someone had 10 base stations on a single network, one could DoS the 100Mbps copper on the other side. Yeah, yeah, switches you might say. I say all you have to do is target the IP of the file server, proxy or gateway, and game over.
Tunneling seems to be the only immediate cure, but I was thinking...(laughs)...why not rewrite 802.11b firmware and drivers to reverse the bytes in a message before transmission, and unreverse upon reception. I know another data movement operation can be expensive, but it _is_ only 11Mbps worst case. Easy for even a 486 to keep up. This would at least thwart the capability of predicting that the first byte of every message is 0xAA. Obscurity, yes, and a bit of relief for the clueless home user. Even with a fix to 802.11b security, do I put the base stations outside the firewall? YES
The funny thing is, now we install more wires just to go wireless.
One of the reasons is that news.pacbell.net is up in the Bay Area, requiring a lot of expensive OC-192 bandwidth (or whatever they're using) to serve people in So. Cal. Moving everything into a centralized point on Prodigy continues their pattern of centralizing instead of distributing services. This trend is probably driven by their inability to acquire and keep competent sysadmins, or they would likely solve their bandwidth issues simply by creating strategically placed distributed servers. I'm not sure this is a bad thing, keeping their human resources available to keep the network up and running.
As others have mentioned, this may backfire by forcing most of the usenet traffic they carry onto their backbone links. I believe SBC is hedging their bets that most of the alt.binaries.* usenet readers are in the sub-18 demographic, and therefore unable to purchase a 3rd party usenet account. I believe this is a bad assumption. Anyway, I'm just guessing/talking out the auxiliary mouth positioned on the side of my neck at this point, but it does sound like some crap a PHB (and don't forget SBC provided the prototype for the PHB) might come up with.
windowsupdate.microsoft.com is not protecting your servers. M$ does not update the windowsupdate.microsoft.com server regularly to include security patches. Check this recent wired article, Steve Lipner (M$ security response center mgr) sez don't use windowsupdate for security patches.
Arguing against full disclosure is a futile waste of time. It is like trying to put the proverbial genie back in the bottle. Things is, this one won't even go away if you make three wishes. The obscurity camp ought to recognize their insanity by now, what after about 3 gazillion wishes that full disclosure would just go away, it is still here. The whines from the obscurity camp are just sour grapes. We have long since left the paradise of the pre-Internet days, where controlling the information was almost a possibility.
It seems a little ridiculous that in 2001 we are still seeing buffer overflows in newly-released software. I mean, has M$ been hiding in a cave, or what? I suppose it is unreasonable for me to expect that all programmers know how to avoid what is now a textbook security risk. The real point is that bug should have never made it outside the castle walls in Redmond.
What Mr. RMS really ought to be bitching about is M$ failure to streamline patching systems running their products. All that windowsupdate.microsoft.com does is automate the installation of those Qxxxxxx.exe "patch" programs. Why don't they update that site more regularly? Can't they afford to take 5-10 of their 20000+ guys to take care of this? Anyone offended by the loss of service due to Code Red et. al. might want to consider a class-action lawsuit against Microsoft for negligence.
New Email Worm Selectively Disables Software on your Computer
Los Angeles, CA February 20, 2003
Think you're safe just because you never open an email attachment, like your computer savvy friends have told you? This is not the case any longer. Software on your computer, software that you have paid hundreds of dollars of your hard-earned cash for, can be disabled on your system, even if you never check your email with it.
You may ask yourself, How is this possible? Well, it seems to be the result of a Half-Baked[tm] feature integrated into the new Microsoft Windows XP Operating System that was designed to prevent the installation of error-prone software on your computer has been subverted by hackers to deny services to computers users on a massive scale.
This technology works by maintaining a list of "good", meaning Microsoft-approved software titles. If a program is not on the list, it cannot run on your computer. Fine enough, but the software ran on my computer yesterday, you might say. The clincher is this, an application that is believed to cause too many errors can be removed from the list, thus rendering it unusable. The hackers authoring this worm have targetted certain software titles, and introduce new computer codes into those titles, causing those titles to create system errors during their use.
Bottom line is that they are saying that vendors will need to upgrade their wares to be compliant with the new platform.
Almost, but not quite. Yes, an app vendor needs to recompile/port/totally rewrite their 9x/NT application to get it running reliably under XP. That's not the issue. The issue is that M$ is now requiring that you certify your software under the XP logo program. This is cost-prohibitive for many companies, almost certainly excludes any GPL programs from running under windows, and it seems that an individual will be unable to author, compile and run a program on their own system!
The only way to get your program into that list is to get the logo. This implies that the database will have to be refreshed on individual user's computers from time-to-time, so a new app when published, will fail to install on any computer that has not been refreshed recently. The user will not blame Microsoft for this, and will likely return the product to the store and buy the competing solution. Also, if you read the entire Register article, it mentions that ill behaved software will have their XP credentials yanked, if too much BSOD events are logged. If you've ever developed any Windows software, you know that Microsoft breaks plenty of API calls during rev-level releases, potentially causing a vendor's application to get blacklisted. Or from the conspiracy theory perspective, this becomes a new tool Microsoft can employ during the "extinguish" phase.
Most of the basic constitutional rights still remain the same no matter whether you are a citizen or not.
Tell that to the Irish Immigrant wife of my Lawyer Boy Best Friend. Not only do they have her return airfare paid up front, the INS recently not only denied her re-entry after a trip to Tijuana, detained her against her will, not even allowing her to return to Mexico.
Your statement No mention of citizens or citizenship at all. is not true, either. You may want to read what some still consider to be an important legal document, The Constitution of The United States of America, which preamble states We the People of the United States, in Order to form a more perfect Union, establish Justice, insure domestic Tranquility, provide for the common defence, promote the general Welfare, and secure the Blessings of Liberty to ourselves and our Posterity, do ordain and establish this Constitution for the United States of America. Since the Bill of Rights is a series of amendments to The Constitution, and citizenship is implied by the preamble, it is quite clear that the Bill of Rights applies only to Citizens.
the dude is not a u.s. citizen. basically the FBI can do WTF they want to him. and the RCMP could too because he's like not a canadian citizen either, ay.
I wonder if Florida, or perhaps the county surrounding Tampa, is one of those jurisdictions where the correctioal system has been privatized. This technology is an excellent marketing tool for a privately owned prison system.
Sorry to reply to my own post. Just one parting shot: there is no way in hell M$ is going to let AOL plant on every Windows machine a SmartTagger[tm] that gives priority to AOL choices in SmartTagging. Think about that... Perhaps that is why they withdrew the technology, they've not figured out a way to lock AOL out yet.
Where do I get that information? It is obvious on its face. Your post, a user is presented with a cascading menu where action options from these two different smart tags are combined actually supports the concept of a "default" SmartTagger[tm].
The browser will have to maintain a registry of SmartTagger[tm] applets, so it can call them. There will no doubt be a default SmartTagger[tm] to work when there are no other applets, handle words that are not SmartTagged by any of the additional applets, and to provide additional SmartTags for those that are. And this is not going to be a simple hash of words mapping to links, because that would not allow for sensing the context of a word. That's why an entry is defined to Recognize. Additionally, I did not rule out the possibility of multiple SmartTagger[tm] applets recognizing the same words. In fact, the NDIS packet reception architechture I point to in my original post allows multiple listeners to receive the same packet.
About the tying to the site of origin, let's see, well for one, it would be a total clusterfuck if they did not do this. The wrong SmartTags will be at the top of that list, if they are intercepted first (or assigned a higher score) by a different SmartTagger[tm] than the one you wrote for your site. And b) uh you'd probably have to have a tag similar to a <APPLET> tag just to reference your SmartTagger[tm], which in itself could be sufficient to restrict access of your SmartTagger[tm] to your own site. Of course, M$ will probably allow for "certified" SmartTagger[tm] applets to be resident at all times, provided they meet all the criteria for certification, including a healthy certification fee.
Using a non-MS compiler on the Mac will no doubt leave you without certain.h files that define the interface. If you've ever actually written any serious code against a MS SDK (as I have), you know that every include file references proprietary shit defined in some other one, making it a practical impossibility to migrate to a different toolset. Not impossible, just practically impossible. You'd have to be foolish to attempt it because as soon as the next round of bugfixes comes from them, you'll be presented with a new porting issue.
So my inflammatory question to you is: ever written any real code? And by "Real" I mean something that has an installed base exceeding 1000 users. Perhaps you have, but I doubt it ran in a Microsoft environment. They have 1001 ways to lock you in, force you out, eat your lunch, and take your money. Besides, this is textbook loadable module crap I am talking about.
Wrong. Smart tags are available from many different places. They are just an ActiveX DLL that conforms to a certain interface.
This is correct. The interface is a chained callback architechture, similar to NDIS packet reception, where SmartTag processors get called in a linear fashion, and then one decides to return a 1 (or whatever), indicating that _it_ will be the one intercepting the SmartTag.
While this allows a 3rd party to design an ActiveX SmartTag interceptor, and insert it before the "default" interceptor, the default one will be written by MS, and return "SmartLinks" (oxymoron?) at their discretion. Conventional wisdom regarding browser security suggests that a SmartTag interceptor ActiveX thingy will only apply to pages delivered by the web server (or domain) from which the SmartTag interceptor originated, meaning if you do take the time to write a SmartTag interceptor, it will only apply to your site(s), thereby giving the M$ "default" handler dominion on all other sites. Not to mention, the SmartTag ActiveX thingy will have to be signed, inserting a new monetary obstacle for web designers to overcome.
Now, let's see, since it's a DLL, I suppose any SmartTag providers will have to code a different verion for IE/Mac. No doubt using a different interface, and of course, you'll have to pay the $2500 add'l to cross-compile for Mac under VC++. Oh, and who gets to make the default SmartTag processor for IE/Mac?
Yes, but the GPL also says you can't restrict the rights of your sublicensees. Caldera can't prevent anyone from copying the free parts of their product onto as many machines as they want. What they've done is bundle proprietary stuff on the same disks, and put a restrictive license on the package.
A good point I did not consider. Maybe they get around it putting GPL stuff on "Disc 2" and their proprietary stuff on "Disc 1". I'll bet their installer is on "Disc 1". Since GPL also says no warranties, I suppose it is fair game to distribute GPL code without a reasonable installer, although you must include the Makefiles. No warranty implies that it is not fit for any purpose. GASP! I'm acting like an amateur lawyer.
Is it me or does the Caldera logo look confusingly similar to Disney's?
To directly address your question, GPL states anyone is free to charge for the cost of distribution, or providing support or guarantees. Oh, I guess it is obvious to me now...IBHT
Slashdot Mirror
1) M$ really lags when it comes to posting security updates on windowsupdate
2) The unwashed masses of computer users are unaware that windowsupdat exists.
3) windowsupdate is really practicial only for people that have bandwidth. Most people still use 56K or less. (At least that's what they are saying)
When it comes to applying security patches, and one wishes to do so in a timely fashion, I do not consider it trivial. All those Qxxxxxx.exe files one needs to download from the M$ Security Center, and the Rube Goldberg add-ons that are needed to apply more than one Qxxxxxx.exe per reboot are not "easy to use", especially not for an end user. Personally, I find it easier to download new kernels and Apache source and recompiling from scratch to maintain the Linux boxes than running the Qxxxxxx.exe files from M$.
You make a good point about their relative visibility compared to other OSs. I argue due to M$ monopolistic market share, especially in the workstation market, they have an implied duty to do far more than other OS vendors to make this stuff available.
I would cast the analogy between fueling and oiling ones car to proper file management, labelling floppies/cds and making backups. Patching the system, to me, is more analogous to changing spark plugs, etc. which most motorists don't know how or simply won't do themselves. As with spark plugs too, a mistake during installation can go unnoticed, and creating new drains on resources.
I don't want to harsh on you too roughly. Blaming the end user for not patching their systems is a bit like a programmer blaming a user for pressing that wrong key at that wrong time that crashes said programmers' code. They are innocent and ignorant. Insisting that they become clued about administering their computers is analagous to saying all motorists should be semi-proficient mechanics before climbing behind the wheel. Its just not practical, and it ain't never gonna happen.
Microsoft sure seems to have money to spend when it comes to sicking the BSA on its paying customers, or lobbying various public officials to look the other way while they break the law, yet seems to have $0 when it comes to educating the masses about the flaws in its products. Why not some full-page ads and television spots: "We're sorry we made a boo-boo. Please visit windowsupdate.microsoft.com to repair your Windows installation, and help keep The Internet safe for all of us." (and I have my doubts about whether that plugs these leaks) How about just putting some "Free MSN and Windows Repair CDs" next to the free AOL CDs you see everywhere. Instead, Microsoft seems to be quite content to allow the rest of us to pick up the tab for their follies in the form of lost productivity, upstream bandwidth fees, law enforcement investigations, etc. I would speak to their possible motives as to why they might want us all to waste our time and money, but I've sworn off the flamebait for a while.
Given the ubiquitous nature of Token Ring, this should have been caught during pre-alpha.
Anyway, I am going to move away from the keyboard and attempt to go about my business today. I do not mean disrespect to the victims and their families; indeed I fear a friend of mine was working at his office in Tower 2 when the attack started. I know that the ultimate weapons of the terrorist are disruption and confusion. My personal counter attack comes in the form of getting back to business.
I hope we rebuild bigger and better WTC Towers. Adding panic buttons as standard cockpit equipment may be a good idea too.
A lack of bombing terrorist bases?
I disagree. It is our complacency that allowed them to breach security. Complacency should not be confused with Incompetence, in my book. I boarded a flight in the past three months where they did not even ask me the basics questions about how I handled my baggage. I knew that the ticket agent knew what she was supposed to do, and how to do it, and was probably capable of doing it well. She just didn't feel it was necessary any longer.
And if you don't think the US is capable of infiltrating _every_ plane in the offending country and ramming them into _every_ major landmark on their soil, you are a fool. Our guys would probably even live to tell about it, too. Thing is, we have laws that prevent us from doing exactly that. Funny thing too, the laws seem to be enough deterrent for the average United States Citizen. The attack was well planned, well executed, some might even say impressive. The biggest mass murder in history. On the scale of expertise available in the world, it was rank amateur. The Palestinians can rally in the streets today, and celebrate the mass extermination of human beings. I doubt they will have any streets in a few years, whether the US retaliates or not. That kind of hatred is a spiritual disease that will eventually lead to their own destruction.
And give me a break, peace has never worked in the Middle East. The people never wanted it. Sure, there was mutual tolerance of each other, shrouded in resentment. This is not mutual acceptance, a key ingredient in a lasting peace process. Some lyrics from an american classic song (War in the East, War in the West): Everyone MUST have a place...All this hate MUST become a memory.
Maybe this is the iPaq repackaged under the HP logo. If not, then it is an effort by the PDA division at HP to stay alive in the face of the Compaq acquisition. For those guys it's either make a big splash now or put in for a transfer to the printing division.
Interesting point...Does this then make RedHat into the Free Software parallel of Microsoft? Please think about it before branding my post as flamebait. Great Bridge didn't sell, so RedHat sez "Resistance is futile. Your technology and culture will be adapted to service us"
Tunneling seems to be the only immediate cure, but I was thinking...(laughs)...why not rewrite 802.11b firmware and drivers to reverse the bytes in a message before transmission, and unreverse upon reception. I know another data movement operation can be expensive, but it _is_ only 11Mbps worst case. Easy for even a 486 to keep up. This would at least thwart the capability of predicting that the first byte of every message is 0xAA. Obscurity, yes, and a bit of relief for the clueless home user. Even with a fix to 802.11b security, do I put the base stations outside the firewall? YES
The funny thing is, now we install more wires just to go wireless.
As others have mentioned, this may backfire by forcing most of the usenet traffic they carry onto their backbone links. I believe SBC is hedging their bets that most of the alt.binaries.* usenet readers are in the sub-18 demographic, and therefore unable to purchase a 3rd party usenet account. I believe this is a bad assumption. Anyway, I'm just guessing/talking out the auxiliary mouth positioned on the side of my neck at this point, but it does sound like some crap a PHB (and don't forget SBC provided the prototype for the PHB) might come up with.
windowsupdate.microsoft.com is not protecting your servers. M$ does not update the windowsupdate.microsoft.com server regularly to include security patches. Check this recent wired article, Steve Lipner (M$ security response center mgr) sez don't use windowsupdate for security patches.
It seems a little ridiculous that in 2001 we are still seeing buffer overflows in newly-released software. I mean, has M$ been hiding in a cave, or what? I suppose it is unreasonable for me to expect that all programmers know how to avoid what is now a textbook security risk. The real point is that bug should have never made it outside the castle walls in Redmond.
What Mr. RMS really ought to be bitching about is M$ failure to streamline patching systems running their products. All that windowsupdate.microsoft.com does is automate the installation of those Qxxxxxx.exe "patch" programs. Why don't they update that site more regularly? Can't they afford to take 5-10 of their 20000+ guys to take care of this? Anyone offended by the loss of service due to Code Red et. al. might want to consider a class-action lawsuit against Microsoft for negligence.
Los Angeles, CA February 20, 2003
Think you're safe just because you never open an email attachment, like your computer savvy friends have told you? This is not the case any longer. Software on your computer, software that you have paid hundreds of dollars of your hard-earned cash for, can be disabled on your system, even if you never check your email with it.
You may ask yourself, How is this possible? Well, it seems to be the result of a Half-Baked[tm] feature integrated into the new Microsoft Windows XP Operating System that was designed to prevent the installation of error-prone software on your computer has been subverted by hackers to deny services to computers users on a massive scale.
This technology works by maintaining a list of "good", meaning Microsoft-approved software titles. If a program is not on the list, it cannot run on your computer. Fine enough, but the software ran on my computer yesterday, you might say. The clincher is this, an application that is believed to cause too many errors can be removed from the list, thus rendering it unusable. The hackers authoring this worm have targetted certain software titles, and introduce new computer codes into those titles, causing those titles to create system errors during their use.
the difference little troll, is Mozilla is not asking anyone to pay money for the Mozilla-Logo Certified App program.
Almost, but not quite. Yes, an app vendor needs to recompile/port/totally rewrite their 9x/NT application to get it running reliably under XP. That's not the issue. The issue is that M$ is now requiring that you certify your software under the XP logo program. This is cost-prohibitive for many companies, almost certainly excludes any GPL programs from running under windows, and it seems that an individual will be unable to author, compile and run a program on their own system!
The only way to get your program into that list is to get the logo. This implies that the database will have to be refreshed on individual user's computers from time-to-time, so a new app when published, will fail to install on any computer that has not been refreshed recently. The user will not blame Microsoft for this, and will likely return the product to the store and buy the competing solution. Also, if you read the entire Register article, it mentions that ill behaved software will have their XP credentials yanked, if too much BSOD events are logged. If you've ever developed any Windows software, you know that Microsoft breaks plenty of API calls during rev-level releases, potentially causing a vendor's application to get blacklisted. Or from the conspiracy theory perspective, this becomes a new tool Microsoft can employ during the "extinguish" phase.
Tell that to the Irish Immigrant wife of my Lawyer Boy Best Friend. Not only do they have her return airfare paid up front, the INS recently not only denied her re-entry after a trip to Tijuana, detained her against her will, not even allowing her to return to Mexico.
Your statement No mention of citizens or citizenship at all. is not true, either. You may want to read what some still consider to be an important legal document, The Constitution of The United States of America, which preamble states We the People of the United States, in Order to form a more perfect Union, establish Justice, insure domestic Tranquility, provide for the common defence, promote the general Welfare, and secure the Blessings of Liberty to ourselves and our Posterity, do ordain and establish this Constitution for the United States of America. Since the Bill of Rights is a series of amendments to The Constitution, and citizenship is implied by the preamble, it is quite clear that the Bill of Rights applies only to Citizens.
the dude is not a u.s. citizen. basically the FBI can do WTF they want to him. and the RCMP could too because he's like not a canadian citizen either, ay.
I wonder if Florida, or perhaps the county surrounding Tampa, is one of those jurisdictions where the correctioal system has been privatized. This technology is an excellent marketing tool for a privately owned prison system.
Sorry to reply to my own post. Just one parting shot: there is no way in hell M$ is going to let AOL plant on every Windows machine a SmartTagger[tm] that gives priority to AOL choices in SmartTagging. Think about that... Perhaps that is why they withdrew the technology, they've not figured out a way to lock AOL out yet.
The browser will have to maintain a registry of SmartTagger[tm] applets, so it can call them. There will no doubt be a default SmartTagger[tm] to work when there are no other applets, handle words that are not SmartTagged by any of the additional applets, and to provide additional SmartTags for those that are. And this is not going to be a simple hash of words mapping to links, because that would not allow for sensing the context of a word. That's why an entry is defined to Recognize. Additionally, I did not rule out the possibility of multiple SmartTagger[tm] applets recognizing the same words. In fact, the NDIS packet reception architechture I point to in my original post allows multiple listeners to receive the same packet.
About the tying to the site of origin, let's see, well for one, it would be a total clusterfuck if they did not do this. The wrong SmartTags will be at the top of that list, if they are intercepted first (or assigned a higher score) by a different SmartTagger[tm] than the one you wrote for your site. And b) uh you'd probably have to have a tag similar to a <APPLET> tag just to reference your SmartTagger[tm], which in itself could be sufficient to restrict access of your SmartTagger[tm] to your own site. Of course, M$ will probably allow for "certified" SmartTagger[tm] applets to be resident at all times, provided they meet all the criteria for certification, including a healthy certification fee.
Using a non-MS compiler on the Mac will no doubt leave you without certain .h files that define the interface. If you've ever actually written any serious code against a MS SDK (as I have), you know that every include file references proprietary shit defined in some other one, making it a practical impossibility to migrate to a different toolset. Not impossible, just practically impossible. You'd have to be foolish to attempt it because as soon as the next round of bugfixes comes from them, you'll be presented with a new porting issue.
So my inflammatory question to you is: ever written any real code? And by "Real" I mean something that has an installed base exceeding 1000 users. Perhaps you have, but I doubt it ran in a Microsoft environment. They have 1001 ways to lock you in, force you out, eat your lunch, and take your money. Besides, this is textbook loadable module crap I am talking about.
This is correct. The interface is a chained callback architechture, similar to NDIS packet reception, where SmartTag processors get called in a linear fashion, and then one decides to return a 1 (or whatever), indicating that _it_ will be the one intercepting the SmartTag.
While this allows a 3rd party to design an ActiveX SmartTag interceptor, and insert it before the "default" interceptor, the default one will be written by MS, and return "SmartLinks" (oxymoron?) at their discretion. Conventional wisdom regarding browser security suggests that a SmartTag interceptor ActiveX thingy will only apply to pages delivered by the web server (or domain) from which the SmartTag interceptor originated, meaning if you do take the time to write a SmartTag interceptor, it will only apply to your site(s), thereby giving the M$ "default" handler dominion on all other sites. Not to mention, the SmartTag ActiveX thingy will have to be signed, inserting a new monetary obstacle for web designers to overcome.
Now, let's see, since it's a DLL, I suppose any SmartTag providers will have to code a different verion for IE/Mac. No doubt using a different interface, and of course, you'll have to pay the $2500 add'l to cross-compile for Mac under VC++. Oh, and who gets to make the default SmartTag processor for IE/Mac?
A good point I did not consider. Maybe they get around it putting GPL stuff on "Disc 2" and their proprietary stuff on "Disc 1". I'll bet their installer is on "Disc 1". Since GPL also says no warranties, I suppose it is fair game to distribute GPL code without a reasonable installer, although you must include the Makefiles. No warranty implies that it is not fit for any purpose. GASP! I'm acting like an amateur lawyer.
I agree that this is more likely to harm them.
Is it me or does the Caldera logo look confusingly similar to Disney's?
To directly address your question, GPL states anyone is free to charge for the cost of distribution, or providing support or guarantees. Oh, I guess it is obvious to me now...IBHT