Intelligent person: Knows the difference between reading an email and running a program.
I take it you don't use Oulook 2000, then - it very "helpfully" runs any attached/embeded scripts for you when you preview the mail. You don't even have to open up the attachment.
(No, I don't run it either, but a depressing number of people at work insist on using it, despite at least one having had to appologise to clients in the past because "he" sent them a virus...)
You don't run anything; Outlook does it for you, without asking or informing you.
If you took the principle to something else like source code, the copies are perfect and identical. You cannot GPL one and not the other!
<pedantic> Yes, you can. As the code's author, you are perfectly at liberty to distribute it to different people under different licences. If I write some code, I can give it to you under a licence that forbids you from redistributing it, while at the same time giving it to someone else under the GPL. </pedantic>
I do agree, however, with the sense of your argument - there sould be no difference between an mp3 I made from my CD copy of a song, and an mp3 of the same song, from the same CD, that some else made from their copy. As long as I satisfied them that I owned a legitimate copy of the CD before they gave me access to the mp3, I really don't see what the problem is.
Sure, people will abuse the system, but that is unavoidable, and occurs with any system, including the "system" of selling CDs. The only thing to stop me from borrowing CDs from my friends and copying them to tapes/CDs/ripping them to mp3s is my sense of morals. I don't not do it because it's impossible (which it clearly isn't) or illegal, but because I believe that it's wrong. The point is that you can't legislate against everything that is open to abuse, or you'll quickly find yourself unable to do anything.
Using cdparanoia I attempted to create a "repaired" copy for him using my computer, my CD burner, and my recordable media. Is that illegal?
No, I doubt that it is; after all, you are making a "backup" copy for him using his original copy. I don't see that as being any different than saying "Here ya go, here's my hardware, help yourself". If it is illegal, it damn well shouldn't be:-)
However the disc was so badly damaged that I couldn't create a good copy for him. So I made a copy from my legal purchased copy of the CD. Is that illegal? Should that be illegal?
That may sound reasonable, but I think you'll find that it is illegal under current copyright law. Owning an album entitles you to make backup copies of it; it does not entitle you to copy someone else's copy.
This is offtopic, but we've been fruitlessly brainstorming here all morning. Is there any valid business use for having an email execute itself?
Well, the only thing I can think of is self-propagating advertising. Why bother finding an open relay/getting a temporary account, etc, then sending out tens of thousands of mails, when you can send one or two, and sit back and watch as they propagate themselves for you?
I'm not advocating this as a realistic use (I can imagine that more than a few ISPs, companies, etc would sue for the amount of traffic it generated on their networks), but it's the only one I've been able to think of.
Anyone else got any ideas?
Cheers,
Tim
Re:Don't let Microsoft's numbering confuse you
on
Linux 2.2.15 Released
·
· Score: 1
Actually, in Europe if I recall correctly, it's a decimal comma, not a point.
Yup, that's right - except in the UK, where it's a decimal point...
Why does this bother you so much to the point where you waste time posting about it on Slashdot?
I thought this was a discussion forum, a place for people to air their views. That's all I'm doing; if you decide I'm a moron with nothing to say that's worth reading, feel free to ignore me, I always post logged in as Tim C:-)
so at least 30% of us care enough to post about it, and who knows how many others who don't because they know someone else will/already has?
If you are so concerned about it, use the time you spend here bitching about it to go get some adblocking software.
What makes you think that I haven't? I run junkbuster both at home and at work. I'm not moaning about banner ads per se, I'm accusing someone at ZDNet of orchestrating the entire thing to drive up their hits and ad revenue.
...but the ZDNet marketing people must be laughing all the way to the bank.
First, an article gets linked to from Slashdot that is so controversial (to us), that it's bound to get everyone reading it, generating lots of hits on the ads.
Now, the same site posts what is sure to be an equally-popular rebuttal, and (naturally) gets it linked to from Slashdot.
That's an awful lot of free hits and ad revenue we've just earned them, all because of an insignificant journalist who doesn't seem to be living on the same planet as the rest of us...
Ah, but I suspect that Napster will get tired of shuting down 300,000 accounts/week much faser than 300,000 users will get tired of setting them up again.
Even if it takes 5 times as long to set up an account as it does to find one and shut it down, Napster will be putting in 60,000 times as much effort as any of the users it is acting against. I know which side I'd bet on...
So, Napster bans them. How do they enforce the ban?
It can't be on IP address, because people will be logging on from dial-up acocunts, and so not have a static IP address. (Not to mention people coming from behind firewalls that have been configured to allow them to use Napster, etc)
It can't be on username, because what's to stop someone just re-registering with a different one?
I really can't see this being enforceable; all it's going to do is delay the inevitable call for Napster to be banned altogether, which will almost certainly happen when Metallica realise that the user ban doesn't make a blind bit of difference.
Almost; I think that the real difference is that you can't even install Windows (98) without installing IE. Under Linux, there's no need for KDE/Konqueror to even be on the install disk.
Basically, with Windows, you are forced to install IE (so why bother with any other browser?), while with Linux, you don't need to know that KDE/Konqueror even exist.
The problem is one of striking a balance between the needs of the community and the needs of the individual.
On the one hand, it is understandable that the community may want to know if a convicted paedophile or rapist has moved into the area. On the other hand, the person in question may have undergone treatment/been under the influence of [drugs alcohol a cult] at the time. Do not forget, also, that once they have been released from prison they have paid their debt to society (in law, at least).
Yes, I would want to know if a convicted paedophile moved in next door to me, or into the same area - I have a five month old daughter, and of course, as she grows older, I will be concerned for her safety. OTOH, if I had some minor conviction fomr my youth (possession of canabis, or something), I would be unhappy at the thought of prospective employers having an easy way to find this out and possibly refusing me an offer of a job that they would otherwise have made.
There is also, of course, the danger of people convicted of certain "unsavoury" crimes (rape, paedophilia, race hate crimes, etc) being victimised or even lynched. Whatever you may think of such people, you have no right to exact your own punishment on them. That is what the court system is there for - it may not be perfect, but it's better than leaving law and order up to roving gangs of vigilantes...
Don't ask me, I run junkbuster with a pretty comprehensive sblock.ini file:-)
You have an excellent point though, although you may not realise it. The article in question absolutely stinks of having been written with one purpose in mind: to be linked to from Slashdot so as to generate the associated hits and, therefore, advertising revenue.
I cannot, will not believe that "in this day and age" a so-called professional technology journalist could be so woefully misinformed. I also refuse to believe that such a person would write an article so sweeping in its criticism of something based on such a small facet of it.
Sure, mozilla is taking a while to get out of the door, but to dismiss open source as being of no real substance is little short of professional misconduct.
As others have already pointed out, two of the most widely-installed and used software products in the world, apache and sendmail, are both open source. To ignore them and dismiss the entire open source movement based on the perceived failings of a single, relatively minor piece of software beggars belief.
I knew that ZDNet had a reputation for being so blindly pro-Microsoft that it hurt (not unlike Slashdot's somewhat over-the-top anti-Microsoft stance can be at times...), but I didn't realise that it could be this bad.
Here in the UK, it is difficult to find a shop-sold PC that doesn't come with Office, and impossible to find one that doesn't come with Windows. (Okay, so the figure of 75% was pulled out of the air)
Office IS better than other office products out there
That's a matter of opinion; I personally find Office to be overly-powerful and bloated; YMMV, I guess.
(it's a compelte development enviroment for developers as well).
And that's complete crap, IMNHO. (No offence meant:-) )
Speaking as a full-time programmer, I would never use Office for development work (and that's even if you mistakenly include InteDev/VC++ as part of Office). I know some people like IDEs, but you can't seriously be suggesting writing code in Word?!
Or are you talking about the tight integration (read: serious security issues) of Windows? Sure, that may have started with Office, but it certainly isn't confined to it anymore. Besides, that's available (to greater and lesser degrees) on other platforms, too.
Two buttons may somehow confuse people with no computer experience, but it's an incredible boon to those of us who can use it.
Hey, I find only having two buttons restrictive, having become used to three:-)
(This was taken a bit out of context; I don't think the poster was trying to hold up MacOS as the perfect standard to aspire to.)
No, I wasn't; I was merely making the point that Windows is not the be-all and end-all of user-friendlines, despite the fact that some people seem to regard it as being just that.
And what happens when everyone uses different suites, each with thier own propeitary formats?
The vendors should be encouraged not to use proprietary formats.
We have standard, or at least open, formats for a number of other things, why not documents? After all, they're a pretty fundamental aspect of the average user's use of a computer. It oculd be argued tat someting so important should not be left up to one or two corporations to control (no matter who those corporations are)
Part of the problem is that Microsoft and their products have become all-but ubiquitous(sp?) - and in the case of Windows, they are ubiquitous (although that's kind of unavoidable;-) ).
Has anyone else here noticed that IE5.0 (at least, and probably 4 as well) gives HTML documents the type "Microsoft HTML document" when it associates the.htm and.html file extensions with itself? (OTOH, Netscape calls them "Netscape Hypertext Document"s, which is almost as bad...)
What we really need is interoperability and compatibility, not integration. As long as I can read your documents and you mine, who cares if I used Office 2000 or StarOffice? (apart from MS and Sun, that is)
I'm sorry, but I really don't believe that a "high level of integration" necessarily requires the sort of anti-competitive business practices that seem to be the mainstay of Microsoft's business plan.
The fact of the matter is that it is incredibly difficult for any company to compete against Microsoft in its key areas of business, namely operating systems and office suites. Ask yourself how many people you know use an office suite other than MS Office? In fact, ask yourself how many ("non-techy") people you know who can name an office suite other than MS Office.
Is this really because MS Office is so much better than anything the competition can put out? Or is it because 75% or more of new PCs come with it pre-installed "for free"? (I say "for free" because I do not believe that the cost is not passed on to the customer in the price of the hardware) That's all fine and dandy, until a few people you know get the version of Office up from yours, and suddenly their documents are incompatible with yours in annoying little ways...
Next, let's look at operating systems. If ease of use was really the reason that Windows is so popular, then everyone would be using Macintoshes. In my (admittedly limited) experience, MacOS is much more user-friendly than Windows. Linux zealotry asside, better operating systems than Windows do exist.
Breaking up Microsoft will not "harm the average user". In fact, it is more likely to benefit the average user, by finally allowing some real competition for a change. People will no longer be tied into a specific set of tools from a single vendor; they will be able to shop around for the software that most suits their needs at a better price. No longer will they be forced to buy the latest version of Office just because a couple of their business partners/customers/colleagues have and they can no longer read their documents properly.
No, Microsoft is not the root of all evil, and their software is not all buggy and bloated, and only half-way secure because it crashes too often to present anyone enough opportunity to crack it. But neither are they the maligned saints that you seem to think they are.
I use the original release every day at home, compiled & installed from source, on a Celeron 266 with a TNT2u (and 96meg of RAM), running Slackware 7 and Enlightenment 0.16.3 and it's been fine. Well, it's run fine; I had a few hoops to jump through when I installed it, of course:-)
...since I got GeForce. It was a big jump from Riva128.
Yeah, I went from a 4MB ViRGE and a PowerVR PCX2 to a TNT2u - on an otherwise identical machine, the fps at 800x600 in Forsaken went from roughly 15 to around 100:-)
Okay, whilst I welcome this as much as anyone else (I own a TNT2u, and I didn't pay 180UK pounds for it just to be forced to boot to Windows everytime I want to use it properly...), I have to say that this sucks. It sucks because:
a) It's a binary only release, with no specs for the chipsets, etc
b) It's a beta.
a) sucks for all the obvious reasons - the "community" can't make bug fixes or learn from it, only x86 Linux is supported so everyone else is SOL, etc.
b) sucks for a slightly less obvious reason. Both of the previous driver releases, for XFree3, were also beta "development only" releases. When are we going to get the real thing?
Yes, I realise that this isn't easy, and that they have a decade or two more man-hours in Windows driver development, and that Linux is a niche market, etc etc, but damnit, I want real drivers! Failing that, I want the chance to fail to write them myself!
Thank you, NVidia, for a really good graphics card, but I'm afraid that my next card is going to have to be from a company that shows a little more commitment to my OS of choice.
Okay, hands up anyone that's never used software that creates an account with a dumb password when it's intsalled?
Two notable examples are Oracle's database (I've been told that it's set to change_this by default - my apologies if that is no longer the case), and MS SQL Server (the admin account has no password set by default - we were using it like that for at least the first 6 months that I was at the company before someone thought to change it...)
There is absolutely no reason whatsoever for creating an account with either no password or a default one. To not prompt the user to enter a password smacks of laziness and/or thoughtlessness. Someone at RedHat needs to have a good, long talk to whoever there is responsible about good security practice. Unfortunately, the same can be said of a good few other companies, too.
As for the second flaw, that you can cause arbitrary commands to be executed by the user running the web server when using piranha to change the password, that is utterly inexcusable. Assuming that the server is not running as root, then it is not too serious, (as long as you don't mind your website being deleted/defaced), but it displays an almost breathtaking lack of thought on the part of the person responsible.
I assume that the password is changed by way of a call to passwd, and that the "hack" is to append a "; arbitrary commands go here" to the end of the password field. If this is the case, then why on earth isn't the string checked for that sort of thing?
This has to be the oldest way of attacking a web site in the book; ever since the concept of CGIs was invented, people have been trying to get arbitrary commands run on servers in this way. (Another common first attack is to do a similar thing to any input field that looks like it'll be used to construct an SQL query - just end the field with '; (single-quote semi-colon) and insert your own commands. A coleague and I very nearly had one of our SQL servers play ball when we did it to one of the sites that he'd developed using SiteServer Commerce edition - the code being executed was in a SiteServer module, not something that he'd written. IIRC it was only the max length being set on the field that stopped us, and we couldn't be bothered to write a perl script to bypass the html page...)
I know that everyone makes mistakes, but this really is very basic stuff indeed. I'm no security expert, and even I know about it:-)
In this day and age of entire businesses depending on the security of machines that are open to attack 24/7 (and have to be up 24/7, too), people really do need to be more security conscious.
Okay, rant over - I just needed to get that off my chest:-)
That's a bunch of bullshit. Outlook doesn't run ANYTHING for you unless its scripting (which runs in a sandbox) in an HTML page.
;-) ) and a sysadmin or two who claim otherwise.
:-)
Well, I know a marketer (yeah, I know..
Oh, and incidently, arguments generally carry more weight if you manage not to swear...
Cheers,
Tim
...maybe they'll blow so much money on legal fees they'll bankrupt each other ;-)
Cheers,
Tim
Intelligent person: Knows the difference between reading an email and running a program.
I take it you don't use Oulook 2000, then - it very "helpfully" runs any attached/embeded scripts for you when you preview the mail. You don't even have to open up the attachment.
(No, I don't run it either, but a depressing number of people at work insist on using it, despite at least one having had to appologise to clients in the past because "he" sent them a virus...)
You don't run anything; Outlook does it for you, without asking or informing you.
Cheers,
Tim
If you took the principle to something else like source code, the copies are perfect and identical. You cannot GPL one and not the other!
<pedantic>
Yes, you can. As the code's author, you are perfectly at liberty to distribute it to different people under different licences. If I write some code, I can give it to you under a licence that forbids you from redistributing it, while at the same time giving it to someone else under the GPL.
</pedantic>
I do agree, however, with the sense of your argument - there sould be no difference between an mp3 I made from my CD copy of a song, and an mp3 of the same song, from the same CD, that some else made from their copy. As long as I satisfied them that I owned a legitimate copy of the CD before they gave me access to the mp3, I really don't see what the problem is.
Sure, people will abuse the system, but that is unavoidable, and occurs with any system, including the "system" of selling CDs. The only thing to stop me from borrowing CDs from my friends and copying them to tapes/CDs/ripping them to mp3s is my sense of morals. I don't not do it because it's impossible (which it clearly isn't) or illegal, but because I believe that it's wrong. The point is that you can't legislate against everything that is open to abuse, or you'll quickly find yourself unable to do anything.
Cheers,
Tim
Using cdparanoia I attempted to create a "repaired" copy for him using my computer, my CD burner, and my recordable media. Is that illegal?
:-)
:-)
No, I doubt that it is; after all, you are making a "backup" copy for him using his original copy. I don't see that as being any different than saying "Here ya go, here's my hardware, help yourself".
If it is illegal, it damn well shouldn't be
However the disc was so badly damaged that I couldn't create a good copy for him. So I made a copy from my legal purchased copy of the CD. Is that illegal? Should that be illegal?
That may sound reasonable, but I think you'll find that it is illegal under current copyright law. Owning an album entitles you to make backup copies of it; it does not entitle you to copy someone else's copy.
Of course, this is Slashdot, and so IANAL
Cheers,
Tim
This is offtopic, but we've been fruitlessly brainstorming here all morning. Is there any valid business use for having an email execute itself?
Well, the only thing I can think of is self-propagating advertising. Why bother finding an open relay/getting a temporary account, etc, then sending out tens of thousands of mails, when you can send one or two, and sit back and watch as they propagate themselves for you?
I'm not advocating this as a realistic use (I can imagine that more than a few ISPs, companies, etc would sue for the amount of traffic it generated on their networks), but it's the only one I've been able to think of.
Anyone else got any ideas?
Cheers,
Tim
Actually, in Europe if I recall correctly, it's a decimal comma, not a point.
Yup, that's right - except in the UK, where it's a decimal point...
Cheers,
Tim
At 2.2lbs/kg, .99lb is 450g
Hope that helps,
Tim
Why does this bother you so much to the point where you waste time posting about it on Slashdot?
:-)
I thought this was a discussion forum, a place for people to air their views. That's all I'm doing; if you decide I'm a moron with nothing to say that's worth reading, feel free to ignore me, I always post logged in as Tim C
Cheers,
Tim
who the fsck cares?
...
You answer your own question later...
I'm sick of seeing 30% of the posts
so at least 30% of us care enough to post about it, and who knows how many others who don't because they know someone else will/already has?
If you are so concerned about it, use the time you spend here bitching about it to go get some adblocking software.
What makes you think that I haven't? I run junkbuster both at home and at work. I'm not moaning about banner ads per se, I'm accusing someone at ZDNet of orchestrating the entire thing to drive up their hits and ad revenue.
Cheers,
Tim
...but the ZDNet marketing people must be laughing all the way to the bank.
First, an article gets linked to from Slashdot that is so controversial (to us), that it's bound to get everyone reading it, generating lots of hits on the ads.
Now, the same site posts what is sure to be an equally-popular rebuttal, and (naturally) gets it linked to from Slashdot.
That's an awful lot of free hits and ad revenue we've just earned them, all because of an insignificant journalist who doesn't seem to be living on the same planet as the rest of us...
Cheers,
Tim
Ah, but I suspect that Napster will get tired of shuting down 300,000 accounts/week much faser than 300,000 users will get tired of setting them up again.
Even if it takes 5 times as long to set up an account as it does to find one and shut it down, Napster will be putting in 60,000 times as much effort as any of the users it is acting against. I know which side I'd bet on...
Cheers,
Tim
So, Napster bans them. How do they enforce the ban?
It can't be on IP address, because people will be logging on from dial-up acocunts, and so not have a static IP address. (Not to mention people coming from behind firewalls that have been configured to allow them to use Napster, etc)
It can't be on username, because what's to stop someone just re-registering with a different one?
I really can't see this being enforceable; all it's going to do is delay the inevitable call for Napster to be banned altogether, which will almost certainly happen when Metallica realise that the user ban doesn't make a blind bit of difference.
Cheers,
Tim
Almost; I think that the real difference is that you can't even install Windows (98) without installing IE. Under Linux, there's no need for KDE/Konqueror to even be on the install disk.
Basically, with Windows, you are forced to install IE (so why bother with any other browser?), while with Linux, you don't need to know that KDE/Konqueror even exist.
Cheers,
Tim
The problem is one of striking a balance between the needs of the community and the needs of the individual.
On the one hand, it is understandable that the community may want to know if a convicted paedophile or rapist has moved into the area. On the other hand, the person in question may have undergone treatment/been under the influence of [drugs alcohol a cult] at the time. Do not forget, also, that once they have been released from prison they have paid their debt to society (in law, at least).
Yes, I would want to know if a convicted paedophile moved in next door to me, or into the same area - I have a five month old daughter, and of course, as she grows older, I will be concerned for her safety. OTOH, if I had some minor conviction fomr my youth (possession of canabis, or something), I would be unhappy at the thought of prospective employers having an easy way to find this out and possibly refusing me an offer of a job that they would otherwise have made.
There is also, of course, the danger of people convicted of certain "unsavoury" crimes (rape, paedophilia, race hate crimes, etc) being victimised or even lynched. Whatever you may think of such people, you have no right to exact your own punishment on them. That is what the court system is there for - it may not be perfect, but it's better than leaving law and order up to roving gangs of vigilantes...
Cheers,
Tim
Don't ask me, I run junkbuster with a pretty comprehensive sblock.ini file :-)
You have an excellent point though, although you may not realise it. The article in question absolutely stinks of having been written with one purpose in mind: to be linked to from Slashdot so as to generate the associated hits and, therefore, advertising revenue.
I cannot, will not believe that "in this day and age" a so-called professional technology journalist could be so woefully misinformed. I also refuse to believe that such a person would write an article so sweeping in its criticism of something based on such a small facet of it.
Sure, mozilla is taking a while to get out of the door, but to dismiss open source as being of no real substance is little short of professional misconduct.
As others have already pointed out, two of the most widely-installed and used software products in the world, apache and sendmail, are both open source. To ignore them and dismiss the entire open source movement based on the perceived failings of a single, relatively minor piece of software beggars belief.
I knew that ZDNet had a reputation for being so blindly pro-Microsoft that it hurt (not unlike Slashdot's somewhat over-the-top anti-Microsoft stance can be at times...), but I didn't realise that it could be this bad.
Tim
Since when did 75% of new PCs come with Office?
:-) )
Here in the UK, it is difficult to find a shop-sold PC that doesn't come with Office, and impossible to find one that doesn't come with Windows. (Okay, so the figure of 75% was pulled out of the air)
Office IS better than other office products out there
That's a matter of opinion; I personally find Office to be overly-powerful and bloated; YMMV, I guess.
(it's a compelte development enviroment for developers as well).
And that's complete crap, IMNHO. (No offence meant
Speaking as a full-time programmer, I would never use Office for development work (and that's even if you mistakenly include InteDev/VC++ as part of Office). I know some people like IDEs, but you can't seriously be suggesting writing code in Word?!
Or are you talking about the tight integration (read: serious security issues) of Windows? Sure, that may have started with Office, but it certainly isn't confined to it anymore. Besides, that's available (to greater and lesser degrees) on other platforms, too.
Cheers,
Tim
Two buttons may somehow confuse people with no computer experience, but it's an incredible boon to those of us who can use it.
:-)
Hey, I find only having two buttons restrictive, having become used to three
(This was taken a bit out of context; I don't think the poster was trying to hold up MacOS as the perfect standard to aspire to.)
No, I wasn't; I was merely making the point that Windows is not the be-all and end-all of user-friendlines, despite the fact that some people seem to regard it as being just that.
Cheers,
Tim
And what happens when everyone uses different suites, each with thier own propeitary formats?
The vendors should be encouraged not to use proprietary formats.
We have standard, or at least open, formats for a number of other things, why not documents? After all, they're a pretty fundamental aspect of the average user's use of a computer. It oculd be argued tat someting so important should not be left up to one or two corporations to control (no matter who those corporations are)
Cheers,
Tim
Precisely.
;-) ).
.htm and .html file extensions with itself? (OTOH, Netscape calls them "Netscape Hypertext Document"s, which is almost as bad...)
Part of the problem is that Microsoft and their products have become all-but ubiquitous(sp?) - and in the case of Windows, they are ubiquitous (although that's kind of unavoidable
Has anyone else here noticed that IE5.0 (at least, and probably 4 as well) gives HTML documents the type "Microsoft HTML document" when it associates the
What we really need is interoperability and compatibility, not integration. As long as I can read your documents and you mine, who cares if I used Office 2000 or StarOffice? (apart from MS and Sun, that is)
Cheers,
Tim
I'm sorry, but I really don't believe that a "high level of integration" necessarily requires the sort of anti-competitive business practices that seem to be the mainstay of Microsoft's business plan.
The fact of the matter is that it is incredibly difficult for any company to compete against Microsoft in its key areas of business, namely operating systems and office suites. Ask yourself how many people you know use an office suite other than MS Office? In fact, ask yourself how many ("non-techy") people you know who can name an office suite other than MS Office.
Is this really because MS Office is so much better than anything the competition can put out? Or is it because 75% or more of new PCs come with it pre-installed "for free"? (I say "for free" because I do not believe that the cost is not passed on to the customer in the price of the hardware)
That's all fine and dandy, until a few people you know get the version of Office up from yours, and suddenly their documents are incompatible with yours in annoying little ways...
Next, let's look at operating systems. If ease of use was really the reason that Windows is so popular, then everyone would be using Macintoshes. In my (admittedly limited) experience, MacOS is much more user-friendly than Windows. Linux zealotry asside, better operating systems than Windows do exist.
Breaking up Microsoft will not "harm the average user". In fact, it is more likely to benefit the average user, by finally allowing some real competition for a change. People will no longer be tied into a specific set of tools from a single vendor; they will be able to shop around for the software that most suits their needs at a better price. No longer will they be forced to buy the latest version of Office just because a couple of their business partners/customers/colleagues have and they can no longer read their documents properly.
No, Microsoft is not the root of all evil, and their software is not all buggy and bloated, and only half-way secure because it crashes too often to present anyone enough opportunity to crack it. But neither are they the maligned saints that you seem to think they are.
Cheers,
Tim
I use the original release every day at home, compiled & installed from source, on a Celeron 266 with a TNT2u (and 96meg of RAM), running Slackware 7 and Enlightenment 0.16.3 and it's been fine. Well, it's run fine; I had a few hoops to jump through when I installed it, of course :-)
Cheers,
Tim
...since I got GeForce. It was a big jump from Riva128.
:-)
Yeah, I went from a 4MB ViRGE and a PowerVR PCX2 to a TNT2u - on an otherwise identical machine, the fps at 800x600 in Forsaken went from roughly 15 to around 100
Cheers,
Tim
Okay, whilst I welcome this as much as anyone else (I own a TNT2u, and I didn't pay 180UK pounds for it just to be forced to boot to Windows everytime I want to use it properly...), I have to say that this sucks. It sucks because:
a) It's a binary only release, with no specs for the chipsets, etc
b) It's a beta.
a) sucks for all the obvious reasons - the "community" can't make bug fixes or learn from it, only x86 Linux is supported so everyone else is SOL, etc.
b) sucks for a slightly less obvious reason. Both of the previous driver releases, for XFree3, were also beta "development only" releases. When are we going to get the real thing?
Yes, I realise that this isn't easy, and that they have a decade or two more man-hours in Windows driver development, and that Linux is a niche market, etc etc, but damnit, I want real drivers! Failing that, I want the chance to fail to write them myself!
Thank you, NVidia, for a really good graphics card, but I'm afraid that my next card is going to have to be from a company that shows a little more commitment to my OS of choice.
Cheers,
Tim
Okay, hands up anyone that's never used software that creates an account with a dumb password when it's intsalled?
:-)
:-)
Two notable examples are Oracle's database (I've been told that it's set to change_this by default - my apologies if that is no longer the case), and MS SQL Server (the admin account has no password set by default - we were using it like that for at least the first 6 months that I was at the company before someone thought to change it...)
There is absolutely no reason whatsoever for creating an account with either no password or a default one. To not prompt the user to enter a password smacks of laziness and/or thoughtlessness. Someone at RedHat needs to have a good, long talk to whoever there is responsible about good security practice. Unfortunately, the same can be said of a good few other companies, too.
As for the second flaw, that you can cause arbitrary commands to be executed by the user running the web server when using piranha to change the password, that is utterly inexcusable. Assuming that the server is not running as root, then it is not too serious, (as long as you don't mind your website being deleted/defaced), but it displays an almost breathtaking lack of thought on the part of the person responsible.
I assume that the password is changed by way of a call to passwd, and that the "hack" is to append a "; arbitrary commands go here" to the end of the password field. If this is the case, then why on earth isn't the string checked for that sort of thing?
This has to be the oldest way of attacking a web site in the book; ever since the concept of CGIs was invented, people have been trying to get arbitrary commands run on servers in this way. (Another common first attack is to do a similar thing to any input field that looks like it'll be used to construct an SQL query - just end the field with '; (single-quote semi-colon) and insert your own commands. A coleague and I very nearly had one of our SQL servers play ball when we did it to one of the sites that he'd developed using SiteServer Commerce edition - the code being executed was in a SiteServer module, not something that he'd written. IIRC it was only the max length being set on the field that stopped us, and we couldn't be bothered to write a perl script to bypass the html page...)
I know that everyone makes mistakes, but this really is very basic stuff indeed. I'm no security expert, and even I know about it
In this day and age of entire businesses depending on the security of machines that are open to attack 24/7 (and have to be up 24/7, too), people really do need to be more security conscious.
Okay, rant over - I just needed to get that off my chest
Cheers,
Tim