Flaw detected and removed. New version of Winamp out. Get the new version. Protected.
Well, there's that much to see - if you use Winamp, you should download the latest version. Now I don't use Winamp, but before I read this article I didn't even know there was a vulnerability, let alone a fix for it. In that sense, there's certainly something here for me to see.
Actually, I'd have stopped at the hyphen. In my experience, about the only thing that sets VS apart from other IDEs is the drag and drop form building, and that's a feature that's increasingly available in other IDEs and for other platforms.
Apart from that, on those occasions when I use VS I tend to find myself longing for features (eg refactoring support) that I'm used to from other IDEs (principally JBuilder and Eclipse) that just aren't there. I'm aware that you can buy third party plugins for a lot of what's missing, but that's not the point - they come as standard with my other IDEs...
That said, at least as far as C# goes it doesn't have a lot of competition. #builder is nice enough, but the lack of an integrated debugger is a deal-breaker for me. Borland's C# Builder looks nice enough, but the currently-available personal edition doesn't support.net 2.0 (it's been coming "soon" on their downloads page for a while now...). The new Express editions of VS.NET look good, but I've been unable to get the C# one running properly; I'm about to upgrade my PC though, so I'll see how it fares on a clean install.
I'd rather have the security problems fixed at the source
The biggest single security problem facing computers these days is the people using them. Nothing (that I've seen) can save a machine from a clueless user with administrative access blinding running every piece of malware they come across.
"Let's automatically believe something the lawyer said" is the last thing I'd ascribe to the typical Slashdot reader.
You've got it wrong, that's not what the OP is doing. What they're doing is automatically believing something that supports their own beliefs, in this case that the RIAA is evil and/or stupid. That sort of thing I see all the time on slashdot, and indeed everywhere else.
1. AOL's login takes too long. 2. AOL doesn't allow a lot of network traffic through.
His parents clearly don't care about that.
3. AOL users get a lot more spam than everyone else.
Do you have any proof of that? Someone's used my domain name in their fake from: headers, so now I get around a thousand spams and bounces a day, and I know I'm not alone in that. I have trouble believing that AOL customers get "a lot more spam" than that...
4. AOL kicks for inactivity at random intervals.
If you're paying for your call and forget to log off, that's a good thing, although I can see how it would be annoying if you weren't actually inactive at the time.
6. AOL requires you to use their mail system.
So what? What other mail system would his parents *want* to use, or even know about? Besides which, they can't stop you from using gmail, yahoo, hotmail, etc - I assume you mean that they don't provide pop3 or smtp access. Big deal - most people don't know what they are anyway.
7. AOL's version of I.E. is terrible.
As opposed to MS's version?;-)
8. AOL is basically impossible to cancel.
But they don't want to cancel it, so that's immaterial.
10. AOL is now charging senders for incoming messages.
I generally find it better to RTFA before trying to comment on it.
11. AOL sells its members list to spammers, even going so far as having a preferred spammer program.
Again, do you have any proof of this?
Bottom line is, they're happy with the service they get, so why are you so keen to see them change it? What does it matter to you?
Mass disobedience, whether "civil" or not is what it takes to get unpopular laws changed.
The point of "civil disobedience" is that you make absolutely no effort to conceal your activities; you act as if you're doing nothing wrong because - and here's the point - in your eyes you're not. You don't go tell the cops what you're doing, but at the same time you don't hide it. If you're caught, arrested, and prosecuted, you stand up, admit what you did and proclaim that the law is unjust.
Hiding your activities and taking great pains to avoid being caught isn't the act of a citizen rightfully protesting an unjust law in the most direct way possible, it's the act of someone who knows that what they're doing is wrong. These guys weren't trying to make a statement, they were just trying to make money.
Water, unlike most chemicals, EXPANDS when frozen - which is why the bottoms of our oceans don't freeze. (i.e. the pressure at the bottom of the ocean prevents the water from freezing.)
That's true up to a point, but if you lowered the temperature sufficiently and kept the pressure the same you'd end up with ice.
I don't know about Bank, but I've seen signs up on Tube platforms banning the use of flash photography as it can distract the driver.
I personally don't think that sort of thing is too bad - the security guard is a duly appointed representative of the owners (or at least managers) of the station you were in, and is a civillian. He can't arrest you or confiscate anything without getting the police involved (IANAL, etc)
You were doing great up until that point, then you had to go and spoil it with a pointless ad hominem. It just cheapens your whole argument - even if it's true, and the GP does pirate Office, what does that have to do with document format compatibility?
There's nothing wrong with developers running as root on a development workstation.
Yes and no; developers can still be clueless about trojans, etc, although they do tend to be rather more savvy than average, I'll agree.
You know, like it works on just about every operating system out there?
Actually that's how it works on Windows, too - accounts without sufficient privileges can't modify files they don't have access to. However, that's not what the GP said - he put forward the idea of only Administrator being allowed "to modify executables on disk" (paraphrased from memory). That's not how it works on any OS I've ever used, as it implies that all exes are protected, regardless of permissions.
A story on slashdot about publishers not checking facts? The only difference is that at least the slashdot admins admit to it in the FAQ (which from experience, precious few people bother to read)...
I think you're missing the GP's point. He's not saying that normal people would prefer not to pay for stuff, he's saying that they couldn't care less about the underlying technology. Thus the peer to peer nature of p2p is irrelevant to them; they just care about what it enables them to do. Likewise, the fact that ITMS is essentially just a bog-standard web app with a fancy thick client is irrelevant, they just care that it lets them get music onto their iPod.
They rest of the stuff is just userland utilities.
Can the OS even boot without the userland utilities? If it does boot, can it do anything more useful than respond to pings? Ok, so it may be able to function as a router or firewall, but even if it can, how do you modify the config files without an editor?
For the cost of a DVD, I'm going to want a DVD. For a file that I could lose in a hard drive crash or through an accidental erasure etc, and that's potentially going to take me a couple of days to download (even if it maxes out my 2Mbps connection) and tie up my connection (if it maxes it out), I'm going to want to spend quite a bit less. That's ignoring the fact that my house can (currently) comfortably store many more DVDs than my hard drive, and somehow I don't see it being quite as simple as just burning it to disc.
Still, that said, this is definitely a step in the right direction.
Re:Fuzzing and Obfuscation
on
Mitnick on OSS
·
· Score: 1
Quick question - which admins are stupid enough to include '.' in thier path?
I've seen plenty do it - perhaps not in their login script, but I've definitely seen people add . to their path manually, when running a lot of stuff in the current dir and tired of typing./ all the time.
However, that was the first thing that sprung to my mind; sure, that's all reasonable, but . isn't in root's path by default (or indeed in that of most user accounts).
I imagine that by "Linux", the submittor means "GNU/Linux" rather than "the Linux kernel".
I know, I know - Linux is the kernel, yadda yadda. When anyone I speak to says "Linux", they mean the OS, not the kernel - just like when people talk about NT, they mean the OS, not the kernel.
As usual, nothing to see here...
Flaw detected and removed. New version of Winamp out. Get the new version. Protected.
Well, there's that much to see - if you use Winamp, you should download the latest version. Now I don't use Winamp, but before I read this article I didn't even know there was a vulnerability, let alone a fix for it. In that sense, there's certainly something here for me to see.
Visual Studio isn't a good IDE - it's a great one
.net 2.0 (it's been coming "soon" on their downloads page for a while now...). The new Express editions of VS.NET look good, but I've been unable to get the C# one running properly; I'm about to upgrade my PC though, so I'll see how it fares on a clean install.
Actually, I'd have stopped at the hyphen. In my experience, about the only thing that sets VS apart from other IDEs is the drag and drop form building, and that's a feature that's increasingly available in other IDEs and for other platforms.
Apart from that, on those occasions when I use VS I tend to find myself longing for features (eg refactoring support) that I'm used to from other IDEs (principally JBuilder and Eclipse) that just aren't there. I'm aware that you can buy third party plugins for a lot of what's missing, but that's not the point - they come as standard with my other IDEs...
That said, at least as far as C# goes it doesn't have a lot of competition. #builder is nice enough, but the lack of an integrated debugger is a deal-breaker for me. Borland's C# Builder looks nice enough, but the currently-available personal edition doesn't support
I'd rather have the security problems fixed at the source
The biggest single security problem facing computers these days is the people using them. Nothing (that I've seen) can save a machine from a clueless user with administrative access blinding running every piece of malware they come across.
And what it makes to you that your os of choice (OS/2) have disapeared despite quite a fan base just because it was closed source ?
What makes you think OS/2 was his OS of choice? It was only one of several that he listed.
Don't you think that you should invest in non-closed source knowledge ?
He ends his post by saying "I also support OSS that does a better job than commercial alternatives. It's about choice.". Did you even read it?
"Let's automatically believe something the lawyer said" is the last thing I'd ascribe to the typical Slashdot reader.
You've got it wrong, that's not what the OP is doing. What they're doing is automatically believing something that supports their own beliefs, in this case that the RIAA is evil and/or stupid. That sort of thing I see all the time on slashdot, and indeed everywhere else.
1. AOL's login takes too long.
;-)
2. AOL doesn't allow a lot of network traffic through.
His parents clearly don't care about that.
3. AOL users get a lot more spam than everyone else.
Do you have any proof of that? Someone's used my domain name in their fake from: headers, so now I get around a thousand spams and bounces a day, and I know I'm not alone in that. I have trouble believing that AOL customers get "a lot more spam" than that...
4. AOL kicks for inactivity at random intervals.
If you're paying for your call and forget to log off, that's a good thing, although I can see how it would be annoying if you weren't actually inactive at the time.
6. AOL requires you to use their mail system.
So what? What other mail system would his parents *want* to use, or even know about? Besides which, they can't stop you from using gmail, yahoo, hotmail, etc - I assume you mean that they don't provide pop3 or smtp access. Big deal - most people don't know what they are anyway.
7. AOL's version of I.E. is terrible.
As opposed to MS's version?
8. AOL is basically impossible to cancel.
But they don't want to cancel it, so that's immaterial.
10. AOL is now charging senders for incoming messages.
I generally find it better to RTFA before trying to comment on it.
11. AOL sells its members list to spammers, even going so far as having a preferred spammer program.
Again, do you have any proof of this?
Bottom line is, they're happy with the service they get, so why are you so keen to see them change it? What does it matter to you?
Do I get a veto on you saying "frack"?
(Seriously though, I completely agree with you)
That whooshing sound you hear is his point going right over your head...
It is a misleading title - these new RAM chips do not use gecko feet as power sources.
In the early days headphones sat on the side of your head and let in other noise. However, with the IPod ear buds fit 100% percent into your ear.
Oh don't be ridiculous - I was using in the ear 'phones like that years before the iPod was available.
While I appreciate that it's probably still the 1st where you are, it's February 1st, not April...
Mass disobedience, whether "civil" or not is what it takes to get unpopular laws changed.
The point of "civil disobedience" is that you make absolutely no effort to conceal your activities; you act as if you're doing nothing wrong because - and here's the point - in your eyes you're not. You don't go tell the cops what you're doing, but at the same time you don't hide it. If you're caught, arrested, and prosecuted, you stand up, admit what you did and proclaim that the law is unjust.
Hiding your activities and taking great pains to avoid being caught isn't the act of a citizen rightfully protesting an unjust law in the most direct way possible, it's the act of someone who knows that what they're doing is wrong. These guys weren't trying to make a statement, they were just trying to make money.
Water, unlike most chemicals, EXPANDS when frozen - which is why the bottoms of our oceans don't freeze. (i.e. the pressure at the bottom of the ocean prevents the water from freezing.)
That's true up to a point, but if you lowered the temperature sufficiently and kept the pressure the same you'd end up with ice.
I don't know about Bank, but I've seen signs up on Tube platforms banning the use of flash photography as it can distract the driver.
I personally don't think that sort of thing is too bad - the security guard is a duly appointed representative of the owners (or at least managers) of the station you were in, and is a civillian. He can't arrest you or confiscate anything without getting the police involved (IANAL, etc)
They oppose the death penalty, which has been declared constitutional by the Supreme Court of the United States since 1976.
Just because it's constitutional doesn't mean it's right.
And I bet you use a pirate copy of MS office...
You were doing great up until that point, then you had to go and spoil it with a pointless ad hominem. It just cheapens your whole argument - even if it's true, and the GP does pirate Office, what does that have to do with document format compatibility?
There's nothing wrong with developers running as root on a development workstation.
Yes and no; developers can still be clueless about trojans, etc, although they do tend to be rather more savvy than average, I'll agree.
You know, like it works on just about every operating system out there?
Actually that's how it works on Windows, too - accounts without sufficient privileges can't modify files they don't have access to. However, that's not what the GP said - he put forward the idea of only Administrator being allowed "to modify executables on disk" (paraphrased from memory). That's not how it works on any OS I've ever used, as it implies that all exes are protected, regardless of permissions.
A story on slashdot about publishers not checking facts? The only difference is that at least the slashdot admins admit to it in the FAQ (which from experience, precious few people bother to read)...
They could implement a sane security model where file permissions disallow non administrative users from modifying executable code on disk
So in your scheme, every developer has to run as an administrative user?
I think you're missing the GP's point. He's not saying that normal people would prefer not to pay for stuff, he's saying that they couldn't care less about the underlying technology. Thus the peer to peer nature of p2p is irrelevant to them; they just care about what it enables them to do. Likewise, the fact that ITMS is essentially just a bog-standard web app with a fancy thick client is irrelevant, they just care that it lets them get music onto their iPod.
The OS *is* the kernel.
They rest of the stuff is just userland utilities.
Can the OS even boot without the userland utilities? If it does boot, can it do anything more useful than respond to pings? Ok, so it may be able to function as a router or firewall, but even if it can, how do you modify the config files without an editor?
Shame about the price?
For the cost of a DVD, I'm going to want a DVD. For a file that I could lose in a hard drive crash or through an accidental erasure etc, and that's potentially going to take me a couple of days to download (even if it maxes out my 2Mbps connection) and tie up my connection (if it maxes it out), I'm going to want to spend quite a bit less. That's ignoring the fact that my house can (currently) comfortably store many more DVDs than my hard drive, and somehow I don't see it being quite as simple as just burning it to disc.
Still, that said, this is definitely a step in the right direction.
Quick question - which admins are stupid enough to include '.' in thier path?
./ all the time.
I've seen plenty do it - perhaps not in their login script, but I've definitely seen people add . to their path manually, when running a lot of stuff in the current dir and tired of typing
However, that was the first thing that sprung to my mind; sure, that's all reasonable, but . isn't in root's path by default (or indeed in that of most user accounts).
I imagine that by "Linux", the submittor means "GNU/Linux" rather than "the Linux kernel".
I know, I know - Linux is the kernel, yadda yadda. When anyone I speak to says "Linux", they mean the OS, not the kernel - just like when people talk about NT, they mean the OS, not the kernel.
This thing is going to have to be pretty darn impressive to actually find a niche other than people who don't know any better.
In my experience, that's still a pretty big niche.