I just don't get this. This has been an issue I've been aware of for years. I'm shocked people are only now realizing this. Pentium II computers run faster when you ghost it's current hard disk onto a SSD. It literally feels like a new machine! As time goes on those 5ms seek times are becoming large gaps where the CPU sits idle, starved for data.
People haven't just noticed. It's just that for some workloads it really doesn't matter. I almost never stress my harddrive on my desktop except for boot-time.
Partially agree. Perhaps the term should be "surprisingly little amount of can kill you". Drinking 4 liters of water in 2 hours doesn't really SOUND like too much, but it is.
Having said that, I think most people recognize this intuitively.
Since your probably getting tired of acting like a smug asshole all of the time. How about you enlighten us and tell us how to roll out random installers with GPO? A link or two would be sufficient.
Maybe Mozilla doesn't have a patch, or won't for several weeks. In such a case, you can #ifdef 0 the vulnerable code, recompile, and use the crippled version until Mozilla issues a fix. Much less convenient that merely compiling out the problematic code.
Sounds easy. I'll tell my mom to this from now on.
Sure there is advantages for using open-source. But this is NOT one of them. End-users don't give a crap about the code.
No... It could be used to create a hostage situation.
Heck, the security officer totally freaked out when he saw my friends pistol shaped belt-buckle. He had to throw it away!
And I quote: "That's a PERFECT replica, you could hijack the plane with this". The thing was like 3 inches long and was cut in half.:P
Okay I didn't know that. In my country it's standard. Yes i'm refering to OTP tokens. For me that is the only way to provide two-factor authentication. Or using SMS for OTP.
I don't agree. By that logic everyone with a trojan and that is using online banking would loose their money. Why isn't this happening? Because the of the token.
But if you client gets hijacked the hacker gets both. What your password is (what you know) and your certificate (what you have).
A password and a certificate really just sounds redundant in this case.
Perhaps not. Unless you go for the appliance route.
However I think we can get a lot better. I like how Android handles app installations. You get a simple prompt before installation that it requires access to the internet, reading of sms, sending mms etc. If we could get a similar framework in modern desktop operating systems, it would be a lot easier to identify that the app is doing what is advertised. For instance if you download a texteditor and it states in its manifest (correct term?) that it needs access to System files and incoming internet connections I would be a lot more jiffy about installing it. The idea is that the manifest actually requests permissions in a mandatory access control system like grsecurity or SELinux.
Ofcourse this will not eliminate all stupid behaviour from the user, but I think the idea is good anyway.
Exactly. It's secure just the same as your TiVO or Xbox 360 is secure. That's great for a netbook appliance, but for a full laptop or desktop computer not so much.
Slashdot Mirror
You could just let IE6 "try its best". And use a big red notice bar at the top with a link explaining it.
He's in his basement. But in practice it is like he is 1000 feet underground. But only when his mom is home.
Seams like a good way to connect multiple buildings when you don't have any cabled infrastructure between them.
You mean LOCK the door so your mom won't walk in on you while watching porn?
I just don't get this. This has been an issue I've been aware of for years. I'm shocked people are only now realizing this. Pentium II computers run faster when you ghost it's current hard disk onto a SSD. It literally feels like a new machine! As time goes on those 5ms seek times are becoming large gaps where the CPU sits idle, starved for data.
People haven't just noticed. It's just that for some workloads it really doesn't matter. I almost never stress my harddrive on my desktop except for boot-time.
oh lawd.. Thank you guys for awesome posts. I have to take a Whole Step back to gather myself.
Partially agree. Perhaps the term should be "surprisingly little amount of can kill you". Drinking 4 liters of water in 2 hours doesn't really SOUND like too much, but it is. Having said that, I think most people recognize this intuitively.
Since your probably getting tired of acting like a smug asshole all of the time. How about you enlighten us and tell us how to roll out random installers with GPO? A link or two would be sufficient.
Maybe Mozilla doesn't have a patch, or won't for several weeks. In such a case, you can #ifdef 0 the vulnerable code, recompile, and use the crippled version until Mozilla issues a fix.
Much less convenient that merely compiling out the problematic code.
Sounds easy. I'll tell my mom to this from now on.
Sure there is advantages for using open-source. But this is NOT one of them. End-users don't give a crap about the code.
0118 999 881 999 119 725........3
Are you telling me that you know a lot of people that have lost their balls? Seams like the current state works pretty good!
FIRST instant POST!
No... It could be used to create a hostage situation. Heck, the security officer totally freaked out when he saw my friends pistol shaped belt-buckle. He had to throw it away! And I quote: "That's a PERFECT replica, you could hijack the plane with this". The thing was like 3 inches long and was cut in half. :P
Okay I didn't know that. In my country it's standard. Yes i'm refering to OTP tokens. For me that is the only way to provide two-factor authentication. Or using SMS for OTP.
I don't agree. By that logic everyone with a trojan and that is using online banking would loose their money. Why isn't this happening? Because the of the token.
But if you client gets hijacked the hacker gets both. What your password is (what you know) and your certificate (what you have). A password and a certificate really just sounds redundant in this case.
I'm hearing faxing is pretty hot these days.
Only if you're using innodb amiryte? MySQL is the first database language most poeple learn using phpmyadmin so they'll just use the default.
Idiocracy never gets old for me. It's like a new movie everytime. I don't remembrr anyuthg
I will kthxHI
There is no cure for stupid on any platform.
Perhaps not. Unless you go for the appliance route. However I think we can get a lot better. I like how Android handles app installations. You get a simple prompt before installation that it requires access to the internet, reading of sms, sending mms etc. If we could get a similar framework in modern desktop operating systems, it would be a lot easier to identify that the app is doing what is advertised. For instance if you download a texteditor and it states in its manifest (correct term?) that it needs access to System files and incoming internet connections I would be a lot more jiffy about installing it. The idea is that the manifest actually requests permissions in a mandatory access control system like grsecurity or SELinux. Ofcourse this will not eliminate all stupid behaviour from the user, but I think the idea is good anyway.
Ur mom tastes like chicken.
Exactly. It's secure just the same as your TiVO or Xbox 360 is secure. That's great for a netbook appliance, but for a full laptop or desktop computer not so much.
sure? http://en.wikipedia.org/wiki/Shellcode
Thank you nethead. Double win for you and also you made my day; twice :...