Perhaps this is due to a limited production run, but 1500$ for one of these buggers? Wheres the cost breakdown? Does a 800x600 LCD head unit truely cost THAT much?
This reminds me of the high cost associated with the Netwinder boxes, truely. They also where priced fairly high for a comparible box. I assume the cost must be in the limited production runs of the devices. *sigh*
Now they just have to get you to accept a p2p connection between the AIM clients. 8-( Ok, BETTER then waiting a long arse time, but it doesnt address the issue of having to update to a fixed client..
DoH! I have NO idea why I said that. Of course I meant one of the dozens of #pragma warning statement you can make to the Visual C++ NOT issue warmings regarding things such as redefinition of a function declared elsewhere, etc..
You know, the kinds you need to use to manage to include the STL in Visual C++ without generating hundreds of warnings. 8-)
Actually, something occured to me that makes it a little bit more possible. I once read somewhere on MSDN regarding the realease of localized versions of Microsofts OSes ad applications where generally localized by outside contractors, such as those used in India, etc..
This could have, indeed, made it a great deal easier to insert some hidden #ifdef inside of, say, a comment that looks funny, and cause some issues such as providing uid checks, etc..
Perhaps I'm just thinking to much. It's amazing how easy something appears to be if you can think about it long enough..
I dunno, it could be argued that the engineers that worked on the components of MS Office have in the past slipped in MANY the easter eggs into the product that went unnoticed.
I could also see how it could be done. a simple #progma and redefinition of a core Win32 API function placed in something as silly as stdafx.h might just slip by.
I'm sorry, but this sort of statement is just plain silly. Any 'newly hired engineers' would hardly be in a position to place any sort of major bugs in such a large project. EVEN IF THEY COULD, since XP is relatively new, bugs placed on purpose would be no worse then any existing bugs simply due to the nature of newly released software.
Perhaps, just perhaps, a few well placed bugs could have an effect on the end product, but I see no reason why such an orginization would want to target such a thing. I can see the reason to want to make such false statement to cause yet more public doubt as to their safety, though. The likelyhood this is a ploy to crete more doubt is much greater then the likelyhood that they actually did such a thing.
On the other hand, it could very well be true. It is so out there that it just might be truely something that happened. It most certainly is no more out there then the very same network obtaining Anthrax from a US source, and mailing it all over the country..
Data transfered to variouse financial routines are routinely transmitted using insecure protocols in an unencrypted format. I've wored in at least 2 positions, one in a creditcard clearinghouse, another at an ECN. This data goes over unsecured channels all the time.
Just as a note, once your logged in, you can navigate over to 'Exit', and disconnect from the wireless web. When you recieve a message, it will send your phone the URL to the conversation. IIRC, the message sent to the phone is 'You have a message from AIM, View Now?', which will connect you to the conversation URL.
The pain is logging OFF means you have to go back, login AGAIN, then logout..
I'll have to take a greater look at it. I was using SSL sockets simply becouse of the simple availability of software, really. Does it provide session based encryption?
Actually, there is already an implementation of something simular to this in httptunnel. I forget the web address of it, but you can find it via freshmeat.net. Basically, it tunnels either IP socket data over HTTP, or, as an even MORE evil thing, raw ethernet data.. 8-O
After posting my last reply, I thought of something that is a GOOD thing regarding SOAP over HTTP that deserves mentioning. By directing and detecting all web traffic, you now have a transactional log off all RPC calls being made into your system. So while yes, you are possibly exposing things, you have a much better logging mechanism in a central location then you would have by having any given application tunneling thru its own socket, making calls to its hearts content. All calls cal now be logged, filter, redirected, etc..
Now of course, this does apply only to SOAP over HTTP, and possibly not SMTP/POP3, Raw socket, MSMQ, etc..etc..
SOAP is NOT bound to HTTP by any means. It is the most popular implementation of the transport layer, but it can, just as I'm looking at now, go thru other transports, such as an SSL socket connection.
This is definatly a valid question, and I think, personally, the answer would be yes, the entire notion of web services have some serious security reprocusions. In the past, web traffic was web traffic. Now that HTTP is being used to essentially tunnel an RPC call into your servers, it means that that same servers that have, time after time, been compromised, are now the same servers providing vital access to critical data systems.
Now, this does NOT mean that web services are bad, simply that web services have to be written with the understanding that they ARE more open then normal simple RPC calls. Greater use of this design means greater risk in general, since now access to functions that may be suseptable to buffer overflows, denial or service attacks, etc, are basically sitting out there in the open. I've never heard of a denial of service attack targeted at an RPC mechanism, but with little or NO modification, this type of attack could be deployed 'out of the box'.
New security measures will have to be created in order to thwart this greater risk that will now be exposed.
Unfortionatly, they would have a hard time tightening the noose around a HARDWARE platform. I'll agree with you the moment some Microsoft employee comes knocking at my door, demanding to upgrade some chips inside my XBox. In the meantime, the box is out of their control.. 8-)
Re:There is more to it than that
on
XBox Released
·
· Score: 1
And what mess would that be? Are you saying we should always use 'The most ethically correct tool for the job'? Whos ethics are we to follow? Yours? Mine? Who knows. I see nothing wrong etically with buying an XBox. Bring it up to an ethical issue is silly. Is Sony of all people 'more ethically sound' then Microsoft? Cripes no. Is Sega? Nope. Does Greenpeace make a gaming console? Please, explain further..
No. Abstracting your code provides you many things. Only ONE of which being the ability to cross compile easily. It also allows you to cross compile using DIFFERENT libraries on the SAME OS. Or even provide different networking capabilities. It makes alot of sense, really..
Ok, this entire review is a giant contradiction of ideals. First, the guy seems to rank of Microsoft for trying to control everything everywhere with its operating system. "Internet Explorer of the Game world". IMMEDIATLY after that, he ranks on the fact that Microsoft has secured no incredible new games, and are simply presenting the same lackluster games that everyone else has..
So answer me this. Why is that their job?? They provide the platform, and for ONCE in their lives actually try to provide developers, in this case, GAME developers, a platform they can flurish on without locking shackles on them, and they get yelled at for NOT doing EXACTLY WHAT EVERYONE COMPLAINS ABOUT??
Talk about your catch22 no win situations..
Hands down, the XBox has more capabilities then the PS2 does. You simply cant argue with the numbers. Does the PS2 have a better developer following, which hence, utilize the hardware better? Hands down, yes. But for crying out loud, that doesnt mean that the entire platform is a peice of crap.
I bet some of these guys saying how crappy of a platform it is are the SAME ones drooling over the GeForce 3 cards, that actually have LESS capabilities then this beast does..
For crying out loud. He didnt resign over the violations. He resigned becouse he didnt feel he was being given credit where he thought it was due. Totally understandably. In none of the above cases where there ANY GPL violations. If anything, I'd say wanting to recieve public credit is, in part, against the 'feeling' of the GPL. It shouldn't be, but the GPL basically says 'Take it, use it, modify it, pass it on'. It doesnt say 'Ensure that you've bent over backwards to stroke the ego of the individuals that wrote it'. Ok, last statement not really fair the the above individual, becouse credit IS deserved, but I dunno, hes so fed up, he sounds kinda whiny..
Thats why you ensure that something is watching the system all along, and ensuring that certain things are within limits.
Ever notice how Windows will occassionally say 'Your system is low on virtual memory'? Same thing. Presumably, you can get the app to shut itself down to prevent such a catastrophic failure.
Slashdot Mirror
Perhaps this is due to a limited production run, but 1500$ for one of these buggers? Wheres the cost breakdown? Does a 800x600 LCD head unit truely cost THAT much?
This reminds me of the high cost associated with the Netwinder boxes, truely. They also where priced fairly high for a comparible box. I assume the cost must be in the limited production runs of the devices. *sigh*
I will never understand the IETF, I must say. They cannot even agree on a standard for Instant Messaging, NEVER MIND Multimedia messaging..
How is ANY standard they are going to put forth going to be worth a DIME if they cannot even agree on a solution for basic TEXT messaging?
As someone who sells to them, thats there adress sure enough.. 8-)
But it IS humerouse..
Now they just have to get you to accept a p2p connection between the AIM clients. 8-( Ok, BETTER then waiting a long arse time, but it doesnt address the issue of having to update to a fixed client..
Grr.. You wouldnt SAY CLEPT Test. You'd say 'I took the CLEPT to get out of the class'
Add the 't' to refer to the test.. 8-)
DoH! I have NO idea why I said that. Of course I meant one of the dozens of #pragma warning statement you can make to the Visual C++ NOT issue warmings regarding things such as redefinition of a function declared elsewhere, etc..
You know, the kinds you need to use to manage to include the STL in Visual C++ without generating hundreds of warnings. 8-)
Actually, something occured to me that makes it a little bit more possible. I once read somewhere on MSDN regarding the realease of localized versions of Microsofts OSes ad applications where generally localized by outside contractors, such as those used in India, etc..
This could have, indeed, made it a great deal easier to insert some hidden #ifdef inside of, say, a comment that looks funny, and cause some issues such as providing uid checks, etc..
Perhaps I'm just thinking to much. It's amazing how easy something appears to be if you can think about it long enough..
I dunno, it could be argued that the engineers that worked on the components of MS Office have in the past slipped in MANY the easter eggs into the product that went unnoticed.
I could also see how it could be done. a simple #progma and redefinition of a core Win32 API function placed in something as silly as stdafx.h might just slip by.
I'm sorry, but this sort of statement is just plain silly. Any 'newly hired engineers' would hardly be in a position to place any sort of major bugs in such a large project. EVEN IF THEY COULD, since XP is relatively new, bugs placed on purpose would be no worse then any existing bugs simply due to the nature of newly released software.
Perhaps, just perhaps, a few well placed bugs could have an effect on the end product, but I see no reason why such an orginization would want to target such a thing. I can see the reason to want to make such false statement to cause yet more public doubt as to their safety, though. The likelyhood this is a ploy to crete more doubt is much greater then the likelyhood that they actually did such a thing.
On the other hand, it could very well be true. It is so out there that it just might be truely something that happened. It most certainly is no more out there then the very same network obtaining Anthrax from a US source, and mailing it all over the country..
DoH! Shows me for not proofreading the darned post. Worked.
Data transfered to variouse financial routines are routinely transmitted using insecure protocols in an unencrypted format. I've wored in at least 2 positions, one in a creditcard clearinghouse, another at an ECN. This data goes over unsecured channels all the time.
Just as a note, once your logged in, you can navigate over to 'Exit', and disconnect from the wireless web. When you recieve a message, it will send your phone the URL to the conversation. IIRC, the message sent to the phone is 'You have a message from AIM, View Now?', which will connect you to the conversation URL.
The pain is logging OFF means you have to go back, login AGAIN, then logout..
Shesh.. 'News for Nerds'.. Or do you forget. 8-) It's a darned cool looking phone, so hence, gets 'space'.
I'll have to take a greater look at it. I was using SSL sockets simply becouse of the simple availability of software, really. Does it provide session based encryption?
Actually, there is already an implementation of something simular to this in httptunnel. I forget the web address of it, but you can find it via freshmeat.net. Basically, it tunnels either IP socket data over HTTP, or, as an even MORE evil thing, raw ethernet data.. 8-O
After posting my last reply, I thought of something that is a GOOD thing regarding SOAP over HTTP that deserves mentioning. By directing and detecting all web traffic, you now have a transactional log off all RPC calls being made into your system. So while yes, you are possibly exposing things, you have a much better logging mechanism in a central location then you would have by having any given application tunneling thru its own socket, making calls to its hearts content. All calls cal now be logged, filter, redirected, etc..
Now of course, this does apply only to SOAP over HTTP, and possibly not SMTP/POP3, Raw socket, MSMQ, etc..etc..
SOAP is NOT bound to HTTP by any means. It is the most popular implementation of the transport layer, but it can, just as I'm looking at now, go thru other transports, such as an SSL socket connection.
This is definatly a valid question, and I think, personally, the answer would be yes, the entire notion of web services have some serious security reprocusions. In the past, web traffic was web traffic. Now that HTTP is being used to essentially tunnel an RPC call into your servers, it means that that same servers that have, time after time, been compromised, are now the same servers providing vital access to critical data systems.
Now, this does NOT mean that web services are bad, simply that web services have to be written with the understanding that they ARE more open then normal simple RPC calls. Greater use of this design means greater risk in general, since now access to functions that may be suseptable to buffer overflows, denial or service attacks, etc, are basically sitting out there in the open. I've never heard of a denial of service attack targeted at an RPC mechanism, but with little or NO modification, this type of attack could be deployed 'out of the box'.
New security measures will have to be created in order to thwart this greater risk that will now be exposed.
Unfortionatly, they would have a hard time tightening the noose around a HARDWARE platform. I'll agree with you the moment some Microsoft employee comes knocking at my door, demanding to upgrade some chips inside my XBox. In the meantime, the box is out of their control.. 8-)
And what mess would that be? Are you saying we should always use 'The most ethically correct tool for the job'? Whos ethics are we to follow? Yours? Mine? Who knows. I see nothing wrong etically with buying an XBox. Bring it up to an ethical issue is silly. Is Sony of all people 'more ethically sound' then Microsoft? Cripes no. Is Sega? Nope. Does Greenpeace make a gaming console? Please, explain further..
No. Abstracting your code provides you many things. Only ONE of which being the ability to cross compile easily. It also allows you to cross compile using DIFFERENT libraries on the SAME OS. Or even provide different networking capabilities. It makes alot of sense, really..
Ok, this entire review is a giant contradiction of ideals. First, the guy seems to rank of Microsoft for trying to control everything everywhere with its operating system. "Internet Explorer of the Game world". IMMEDIATLY after that, he ranks on the fact that Microsoft has secured no incredible new games, and are simply presenting the same lackluster games that everyone else has..
So answer me this. Why is that their job?? They provide the platform, and for ONCE in their lives actually try to provide developers, in this case, GAME developers, a platform they can flurish on without locking shackles on them, and they get yelled at for NOT doing EXACTLY WHAT EVERYONE COMPLAINS ABOUT??
Talk about your catch22 no win situations..
Hands down, the XBox has more capabilities then the PS2 does. You simply cant argue with the numbers. Does the PS2 have a better developer following, which hence, utilize the hardware better? Hands down, yes. But for crying out loud, that doesnt mean that the entire platform is a peice of crap.
I bet some of these guys saying how crappy of a platform it is are the SAME ones drooling over the GeForce 3 cards, that actually have LESS capabilities then this beast does..
For crying out loud. He didnt resign over the violations. He resigned becouse he didnt feel he was being given credit where he thought it was due. Totally understandably. In none of the above cases where there ANY GPL violations. If anything, I'd say wanting to recieve public credit is, in part, against the 'feeling' of the GPL. It shouldn't be, but the GPL basically says 'Take it, use it, modify it, pass it on'. It doesnt say 'Ensure that you've bent over backwards to stroke the ego of the individuals that wrote it'. Ok, last statement not really fair the the above individual, becouse credit IS deserved, but I dunno, hes so fed up, he sounds kinda whiny..
Thats why you ensure that something is watching the system all along, and ensuring that certain things are within limits.
Ever notice how Windows will occassionally say 'Your system is low on virtual memory'? Same thing. Presumably, you can get the app to shut itself down to prevent such a catastrophic failure.