"let's argue that there are secure ways antivirus protectors could learn about all installations of software -- good and bad -- that any of their end-users perform. Let's also assume that they could easily collect other data from these machines and users: geographic location, social networking information, type of operating system, installed programs and configurations"
What's going to protect us from defects in these security systems? Wouldn't giving these malware monitoring systems access to computer networks lessen security rather than enhance it? And isn't this the case that in order to be protected from spyware, I have to let this security system spy on me ? And didn't someone once argue against enumerating badness as in it's a bad idea. Because.. 'the amount of Badness in the Internet began to vastly outweigh the amount of Goodness'.
"Stephen Wilson said that schools were 'the most hostile environment you can roll computers into.' While the netbooks are loaded with many hundreds of dollars worth of software, 2GB of RAM, and a 6-hour battery, the cost to the NSW Department of Education is under $435 (US) a unit. Wilson praised Windows' new OS:
'There was no way we could do any of this on XP,' he said. 'Windows 7 nailed it for us.' At the physical layer, each netbook is password-protected and embedded with tracking software that is embedded at the BIOS level of the machine"
As usual with these 'the first ever whatever on Windows' type stories they fail to mention that such functionality has been around previously on other systems. Does anyone really believe that Windows is unhackable. All such features do is hinder the usability of the units. And such 'security' doesn't belong in the OS but embedded into the underlying hardware. Or else on a PCMCIA Card.
"Security tool designed to stealthy run on winnt based systems (win2k to winvista) and to stealthy and efficiently spread with 3 spreaders, which were specially designed and improved compared to already known public methods.[sic]" The three spreaders are MSN, USB, and P2P. Listed P2P networks were "ares, bearshare, imesh, shareaza, kazaa, dcplusplus, emule, emuleplus, limewire.[sic]"
"While it is good to see that the GPL has enough mussel to prevent abuse. However it will also make people feel worried about using GPL software, and possibly being suied from honest mistakes"
Where have people ever been sued for honest mistakes? Why would a case of people wilfully removing the copyright and not providing the source code be a source of worry. What's complicated about: if you distribute GPL progs, you must also include the source, and don't erase other peoples copyright notices. I can understand that and I'm not even a lawyer.
- qu'elle n'a jamais dissimule l'utilisation d'un logiciel libre VCN, sous license GNU GPL.
- qu'elle n'a jamais souscrit l'obligation d'etre proprietaire des logiciels mis en oeuvre et n'a jamais pretendu etre l'auteur du logiciel GNU-GPL
- qu'elle disposiat la possibilite de modifier corriger et adapter le logiciel libre sous license GNU GPL, de l'integrer dans sa solution informatique et de distribuer le logiciel integrant les modifications qu'elle a apportees..
- paste -
'In a landmark ruling that will set legal precedent, the Paris Court of Appeals decided last week that the company Edu4 violated the terms of the GNU General Public License (GPL)'
"FireFox have like serious issues when dealing with JavaScript. I use it in Windows and Linux, just awful for some stuff i use. For example, try kangi If you try to sort by the first column for example (#), in Firefox it just stops responding and CPU is at 100%. This happens in Windows and Linux"
I just tried it in FF under Ubuntu running off a USB device and - not a problem - it sorted in just over a second. Where Java is problematical, it's usually a slow or buggy site, where everything is stuck waiting on a javascript to finish. That's why I use noscript.
"a new wristwatch called num8 has a GPS tracking device.. concealed inside so parents.. The overriding aim of num8 is to give children their freedom and parents peace of mind"
What's the point. How is the possession of a GPS wristwatch going to protect their kids from muggers, abductors etc. How about they spend some 'quality time' with their own kids, instead of allowing an electronic device to substitute for a baby sitter.
alternative headline: company exploits parental concern to sell product
"Most people probably won't know what to do with it anyway and it will end up in the bin. The average person will need help installing and configuring linux"
Insert Ubuntu CD, boot, click on Install, answer a few questions and that's it. Plug in your 3 mobile broadband USB dongle and you're on the Internet. How many Windows users have to install from scratch anyway ?
"Thirdly, I've caught word from the inside that one of the effects this could have will be Microsoft employees being allowed to use open-source software internally"
The whole reason d'atre of The CodePlex Foundation is that it isn't the Free Software Foundation or the Open Inventions Network. Microsoft could have just have easily one of these or similar organizations. But then again they wouldn't be so easy to control - which is the whole point of the exercise. Pollute, extend and embrace Microsoft control of 'open source', and by extension Open Standards. And here's what one of the current members of the board of TCF has to say about his time at the FSF.
"I hope that I can last more on this foundation than I lasted at the FSF, where I was removed by RMS after refusing to be an active part of the campaign to rename Linux as GNU/Linux", Miguel de Icaza
Lets see who else is on the 'open source' CodePlex board: Sam Ramji (Microsoft), Bill Staples (Microsoft), Stephanie Davies Boesch (Microsoft), Miguel de Icaza (Novell), D. Britton Johnston (Microsoft), Shaun Bruce Walker (DotNetNuke)..
"Apple.. failed to implement fully a security technology that Microsoft perfected nearly three years ago in Windows Vista"
Address space layout randomization is a technique to randomize memory addresses of the base of the code, stack, heap, and libraries. First used by PaX and OpenBSD
"That exploit took advantage of code MS left in the beta version of IE8 that opted out of DEP and ASLR, the RTM IE8 disables that code on the internet zone, and it can be disabled on the intranet zone as well, so it's not much of an issue in the RTM IE8"
An interesting hypothesis. Why would they put opted-out non-DEP and non-ASLR code in IE8. And do you have any verifiable third party citations for the above. Wouldn't a more likely explanation was that MS fixed the vulnerability after the fact.
Never 'upgrade', it invariably borks something, go for a clean installation and copy over your files. If you do decide to move your few hundred XP desktops to Windows 7, then create your own unattended installer, saves a lot of endlessly ticking click-boxes and dropdown menus. Like with any other version of Windows, I would hold off until version 7.03 comes out. That way you should avoid most of the bugs
"After watching the stock market struggle for the past year, financial experts from Wall Street and academia are putting more effort into bringing behavioral modeling into their complex financial calculations"
This from the same people that caused the financial meltdown. The sub-prime mortgage fiasco enabled by greed stupidity and the Black-Scholes magic numbers formula. Black-Scholes a variation of a differential equation, borrowed from physics, so it must be true. Nothing but a gigantic shell game thought up by Wall Street, dedicated to getting you dummies to give them your hard earned money.
Look you can't predict the stock market like a physical system as the sample data set alters its behaviour depending on its opinion as to the validity of the call. For instances, the Fed announces confidence in the market and advised everyone to go on a buying spree. If the market believes you then they buy and the stock goes up. If the market loses confidence in you, then they sell, the market collapses and they hire on a new head of the FED. In olden days once the God-King is revealed to have no real magic, they would have flung him off a cliff.
"AnandTech tested a laptop with an AMD CPU, a laptop with an Intel CPU, and a netbook to compare battery life while running Internet Explorer 8, Opera 10, Firefox 3.5, Safari 4, and Chrome. They tested on simple web pages and flash-infested ones. IE8 had the best battery life on both laptops (followed by FF + AdBlock), and Safari had the worst battery life"
I wonder if anyone else out there ran this test and got the same/differing results. What with 4 Gigs of memory why would the browser keep accessing the harddrive. As presumably the harddrive has the biggest power drain.
"in addition to running an Apache webserver to dish up benign content, they've also been hacked to run a second webserver known as nginx, which serves malware [on port 8080]"
How exactly does this 'malware' infect the downstream machines. Does this malware infect Linux desktops, without user interaction or root access. Is there a sample of this malware online anywhere?
Slashdot Mirror
"let's argue that there are secure ways antivirus protectors could learn about all installations of software -- good and bad -- that any of their end-users perform. Let's also assume that they could easily collect other data from these machines and users: geographic location, social networking information, type of operating system, installed programs and configurations"
.. 'the amount of Badness in the Internet began to vastly outweigh the amount of Goodness'.
What's going to protect us from defects in these security systems? Wouldn't giving these malware monitoring systems access to computer networks lessen security rather than enhance it? And isn't this the case that in order to be protected from spyware, I have to let this security system spy on me ? And didn't someone once argue against enumerating badness as in it's a bad idea. Because
"Stephen Wilson said that schools were 'the most hostile environment you can roll computers into.' While the netbooks are loaded with many hundreds of dollars worth of software, 2GB of RAM, and a 6-hour battery, the cost to the NSW Department of Education is under $435 (US) a unit. Wilson praised Windows' new OS: 'There was no way we could do any of this on XP,' he said. 'Windows 7 nailed it for us.' At the physical layer, each netbook is password-protected and embedded with tracking software that is embedded at the BIOS level of the machine"
As usual with these 'the first ever whatever on Windows' type stories they fail to mention that such functionality has been around previously on other systems. Does anyone really believe that Windows is unhackable. All such features do is hinder the usability of the units. And such 'security' doesn't belong in the OS but embedded into the underlying hardware. Or else on a PCMCIA Card.
You can also try disabling any unnecessary background tasks and reniceing up FF. Responsiveness is a priority on the desktop.
http://blogs.techrepublic.com.com/opensource/?p=140
And the vast majority of these 'machine malware infections' run on Windows. machine malware infections.
Half of Fortune 100 companies compromised by new information stealing Trojan
"Security tool designed to stealthy run on winnt based systems (win2k to winvista) and to stealthy and efficiently spread with 3 spreaders, which were specially designed and improved compared to already known public methods.[sic]" The three spreaders are MSN, USB, and P2P. Listed P2P networks were "ares, bearshare, imesh, shareaza, kazaa, dcplusplus, emule, emuleplus, limewire.[sic]"
"Can i ask the distribution and FireFox version?"
..
.. I tweaked it using a config for laptops .. which I can't find now. Google on tweaking FF/Ubuntu for laptops.
Firefox 3.0.8, Ubuntu 9.04 Jaunty Jackalope
I also tweaked FF using about:config
"I have tried in 8.04, 8.10 and 9.04, same problems on different computers"
Is it on the same network. You may get better results tweaking the network. Extremely slow internet in Ubuntu 8.04
"While it is good to see that the GPL has enough mussel to prevent abuse. However it will also make people feel worried about using GPL software, and possibly being suied from honest mistakes"
Where have people ever been sued for honest mistakes? Why would a case of people wilfully removing the copyright and not providing the source code be a source of worry. What's complicated about: if you distribute GPL progs, you must also include the source, and don't erase other peoples copyright notices. I can understand that and I'm not even a lawyer.
"I read the court ruling .. What I understand of the ruling (I'm french, but I'm no lawyer)"
..
Do you mind producing a translation of the ruling so as the rest of us can confirm your understanding. What does this bit say:
- cute -
Considerant que la societe EDU 4 replique:
- qu'elle n'a jamais dissimule l'utilisation d'un logiciel libre VCN, sous license GNU GPL.
- qu'elle n'a jamais souscrit l'obligation d'etre proprietaire des logiciels mis en oeuvre et n'a jamais pretendu etre l'auteur du logiciel GNU-GPL
- qu'elle disposiat la possibilite de modifier corriger et adapter le logiciel libre sous license GNU GPL, de l'integrer dans sa solution informatique et de distribuer le logiciel integrant les modifications qu'elle a apportees
- paste -
'In a landmark ruling that will set legal precedent, the Paris Court of Appeals decided last week that the company Edu4 violated the terms of the GNU General Public License (GPL)'
"FireFox have like serious issues when dealing with JavaScript. I use it in Windows and Linux, just awful for some stuff i use. For example, try kangi If you try to sort by the first column for example (#), in Firefox it just stops responding and CPU is at 100%. This happens in Windows and Linux"
I just tried it in FF under Ubuntu running off a USB device and - not a problem - it sorted in just over a second. Where Java is problematical, it's usually a slow or buggy site, where everything is stuck waiting on a javascript to finish. That's why I use noscript.
"Microsoft, besides copying Apple's retail formula, is now going after Apple's retail employees"
.retail .formula©
How soon will they be going after Apple for stealing the Microsoft
"I said EXACTLY this since 1 or 2 years"
Where, what exactly, is there a record on the Internet, of your comment and the comments of the 'fanatics'?
"If you want advertising you want to catch people's attention. Something like this:"
..
.. :)
You got my attention
"it took me 4 restarts of firefox before flash decided to to shit itself so I could watch the video"
And you were doing so well
But not a director or audio mixer, right?
--
Description of Appeal to Authority
An Appeal to Authority is a fallacy with the following form:
1. Person A is (claimed to be) an authority on subject S.
2. Person A makes claim C about subject S.
3. Therefore, C is true.
"The voice sounds professional, yes. However, the audio quality on the raw material is lacking"
...
To be quite honest, I hadn't even noticed
"a new wristwatch called num8 has a GPS tracking device .. concealed inside so parents .. The overriding aim of num8 is to give children their freedom and parents peace of mind"
What's the point. How is the possession of a GPS wristwatch going to protect their kids from muggers, abductors etc. How about they spend some 'quality time' with their own kids, instead of allowing an electronic device to substitute for a baby sitter.
alternative headline: company exploits parental concern to sell product
Beats parking an "I'm a PC" booth outside Apple Store
"Most people probably won't know what to do with it anyway and it will end up in the bin. The average person will need help installing and configuring linux"
Insert Ubuntu CD, boot, click on Install, answer a few questions and that's it. Plug in your 3 mobile broadband USB dongle and you're on the Internet. How many Windows users have to install from scratch anyway ?
"Thirdly, I've caught word from the inside that one of the effects this could have will be Microsoft employees being allowed to use open-source software internally"
What rule is that ?
The whole reason d'atre of The CodePlex Foundation is that it isn't the Free Software Foundation or the Open Inventions Network. Microsoft could have just have easily one of these or similar organizations. But then again they wouldn't be so easy to control - which is the whole point of the exercise. Pollute, extend and embrace Microsoft control of 'open source', and by extension Open Standards. And here's what one of the current members of the board of TCF has to say about his time at the FSF.
..
.. "There's an old game in politics. If some group is giving you trouble, launch a competing group under your control"
... :)
"I hope that I can last more on this foundation than I lasted at the FSF, where I was removed by RMS after refusing to be an active part of the campaign to rename Linux as GNU/Linux", Miguel de Icaza
Lets see who else is on the 'open source' CodePlex board: Sam Ramji (Microsoft), Bill Staples (Microsoft), Stephanie Davies Boesch (Microsoft), Miguel de Icaza (Novell), D. Britton Johnston (Microsoft), Shaun Bruce Walker (DotNetNuke)
This blog sure has it figured out already
So there you have it, what could be more 'open' than that
"Apple .. failed to implement fully a security technology that Microsoft perfected nearly three years ago in Windows Vista"
Address space layout randomization is a technique to randomize memory addresses of the base of the code, stack, heap, and libraries. First used by PaX and OpenBSD
"That exploit took advantage of code MS left in the beta version of IE8 that opted out of DEP and ASLR, the RTM IE8 disables that code on the internet zone, and it can be disabled on the intranet zone as well, so it's not much of an issue in the RTM IE8"
An interesting hypothesis. Why would they put opted-out non-DEP and non-ASLR code in IE8. And do you have any verifiable third party citations for the above. Wouldn't a more likely explanation was that MS fixed the vulnerability after the fact.
Never 'upgrade', it invariably borks something, go for a clean installation and copy over your files. If you do decide to move your few hundred XP desktops to Windows 7, then create your own unattended installer, saves a lot of endlessly ticking click-boxes and dropdown menus. Like with any other version of Windows, I would hold off until version 7.03 comes out. That way you should avoid most of the bugs
"After watching the stock market struggle for the past year, financial experts from Wall Street and academia are putting more effort into bringing behavioral modeling into their complex financial calculations"
This from the same people that caused the financial meltdown. The sub-prime mortgage fiasco enabled by greed stupidity and the Black-Scholes magic numbers formula. Black-Scholes a variation of a differential equation, borrowed from physics, so it must be true. Nothing but a gigantic shell game thought up by Wall Street, dedicated to getting you dummies to give them your hard earned money.
Look you can't predict the stock market like a physical system as the sample data set alters its behaviour depending on its opinion as to the validity of the call. For instances, the Fed announces confidence in the market and advised everyone to go on a buying spree. If the market believes you then they buy and the stock goes up. If the market loses confidence in you, then they sell, the market collapses and they hire on a new head of the FED. In olden days once the God-King is revealed to have no real magic, they would have flung him off a cliff.
"AnandTech tested a laptop with an AMD CPU, a laptop with an Intel CPU, and a netbook to compare battery life while running Internet Explorer 8, Opera 10, Firefox 3.5, Safari 4, and Chrome. They tested on simple web pages and flash-infested ones. IE8 had the best battery life on both laptops (followed by FF + AdBlock), and Safari had the worst battery life"
I wonder if anyone else out there ran this test and got the same/differing results. What with 4 Gigs of memory why would the browser keep accessing the harddrive. As presumably the harddrive has the biggest power drain.
"in addition to running an Apache webserver to dish up benign content, they've also been hacked to run a second webserver known as nginx, which serves malware [on port 8080]"
How exactly does this 'malware' infect the downstream machines. Does this malware infect Linux desktops, without user interaction or root access. Is there a sample of this malware online anywhere?
"Setup package! Setup package! Setup package!"
See Synaptic in action
See Synaptic in action
See Synaptic in action