You keep calling me kid even tough you don't know my age. Stop being condescending. I am not a kid, and you are being rude. It doesn't make your point or make you look smarter or wiser.
This is a privilege escalation, not a remote exploit. Learn the difference.
If I didn't knew the difference I wouldn't post the SSH example. Also SSH is used in many servers trough non-VM based servers(at least in my country).
I probably didn't understand the total meaning of "Obscurity" word well since English is not my first language, with I already pointed out in another response, but this doesn't give you the right or to call me fan-boy or kid or whatever.
If you are frustrated with someone go point your rage at someone else. Don't pick up guys that you don't know on the net with personal attacks, and try to be intellectually honest.
Since you are argue here that your dick is bigger than mine, because you use you use UNIX longer than me I suspect I can't really have a civilized conversation with you.
Also I'm programmer with several works published in open-source from encryption to network programming, so I can hardly be considered a fan-boy.
And yes. If nobody knew it wasn't a security issue.
What is it in If nobody knew that you don't understand?
If some hacker knew != "If nobody knew".You could have what we Linux "fun-boys" called an algorithmic thinking to figure this out.
By the way.
No. Because it's a freaking LOCAL EXPLOIT and nearly no-one uses Linux for multi-user systems now that everyone can afford their OWN FREAKING COMPUTER.
You don't need to have physical access to use this exploit. It can bed done with SSH or any kind of remote user login with limited privileges. Who's the fan-boy now.
It's impossible to have a complex system without bugs. The speed that they are addressed once they are discovered tells much about the system. Also it's very unlikely that a severe exploit stays secret once it's discovered unless it's not used.
I don't know what do you mean with Obscurity.
For me obscurity is closed source code. It's to try to hide vulnerabilities from the public to argue that it's more safe. Obscurity for me definitely isn't posting a patch in the same day that the vulnerability is discovered.
Why is it a shame? Because you don't like the current ones. Guess what. Not everybody have the same tastes, and it's impossible to please Greeks and Trojans at the same time.
There's no tool that allow regular people to design themes.
The same suggestion than before. You can build one. Or better. You can pay someone to build you one, if you don't know C++. Just don't come here whining about how it's a shame that the KDE devs don't work for you for free to make you a theme that you do like.
For starters, why is everything gray.
Can't they break the tradition where the whole UI uses only two colors (one for "3d" elements, one for list backgrounds), and add some differentiation?
Great idea.
Why don't you design a new theme at your taste and submit it.
No. If you are referring to the looks it's a matter of taste. If you are referring to Qt, I can tell you that the Qt toolkit is at this point nothing less than Windows Libraries. If you are referring to polishment you should talk about specific applications and not the whole toolkits. Take Smplayer for example. It's an app that is exactly he same on windows an Linux(and I actually like it better on Linux). Qt 4 is relatively new, and it was from my point of view a necessary break from Qt3. The great modifications are at the programming level, and I find it one of the best toolkits I ever programed.
I'm sorry about the interface thing, since I was not very clear(I guess i choose the wrong word). What I've meant was not the menus and buttons, but a something like the object positioning. Since word was primarily to print text the features of including images and other type of media were implemented after. It's very difficult to exactly position a object in Word. Word tries to have a dynamic layout to be compatible with Web Page publishing. But the nature of printing is not dynamic at all. Word tries to do all, and at the end is not very good in anything. If you used Scribus, you know what I mean, although I think Scribus is not yet mature for production purposes, it's way better than word(I'm very optimistic about scribus, but I can't yet recommend my boss to switch).
It's true when you say:
...PRECISELY the (ab)use of Word for layout purposes...
MS Word only survival at this time is because of compatibility issues(mainly caused by MS). Beyond that, MS Word doesn't really have any features that justify is price. Their is still very fear and ignorance about this. People are afraid they would not be able to open Word documents if they switch to the free alternatives, and MS makes sure MS word would not ever be 100% compatible.
Disclaimer: I'm not an english native speaker, so I'm sorry for some lack of English technical terms.
I've worked many years on printing industry and Word was useless. Well to be frank I've develop a anti-word kind of felling since many clients tough they could save some bucks by sending us their Word formatted previews, and saying things like: "We already did the job of the document so you can just print this.". The truth is a word document is completely useless for professional printing, since Microsoft word is not good with outputs. As a matter of fact, is garbish. I never understood how 20 year of "improvement" couldn't make MS Word better on one of the supposed areas of Word. Printing. We had to convert all documents to Quark or In-Design before sending to offset.
Anti-word-ism apart, I know what word-processors are for. And I know they are very useful to many bureaucratic institutions. Although I think the modern word processors are bowed with what people are used to in the interface, and I think a break from the current interface to a new one is the way to go. Of course, vendors are very afraid on innovating on this field, since probably they will loose many clients.
Anyway, the article is stupid. It's a narrow view of a single user usage of word, and I agree that it shouldn't make Slashdot main page.
Where I live in Portugal(Europe), this issue was discussed several years ago. At the time phone calls were collected by the minute, and not by the second. When you called someone and if the person was out of network or disconnected, it will charged 1 minute even if you didn't want to leave a message.
A bill was passed with the solution. Now the call just starts to count after the beep, so if you don't want to leave a message you just hangup before the beep.
Yes. You are right. It's impossible to go trough an incident like this without lost of credibility. But ultimately, if the project is good enough, and the motivation to continue also, the credibility will be restored.
The objective is to study botnet behavior and propagation on Windows environments on large scale.
They don't need everything to work on WINE. They just need the some specific software like the botnets they use to behave and propagate exactly like in windows.
And that can be easily achieved.
I'm sorry that you guys don't like it, but it's OK for people to want to make money off their ideas. Wanting to make lots of money is at the core of our system. You aren't going to change that.
You are kidding right. Do you really think someone who is intellectually honest, and it isn't biased, and with two fingers of intelligence will agree with something like this:
A system and methods for implementing education online by providing institutions with the means for allowing the creation of courses to be taken by students online, the courses including assignments, announcements, course materials, chat and whiteboard facilities, and the like, all of which are...
You are kidding right. Do you know how vague this "idea" is, and how many possibilities it range? Do you really think this is an original idea, or the natural way technology evolve. Maybe they can also patent networks on the moon since we probably are going there and will need networks.
Seems to me like this is one more case of defense blowing up the chances of success on the case.
Isn't the defendant totally screwed since he already admitted guilt. If so, how can the defense allow the case to be lost before trial.
Slashdot Mirror
This is a privilege escalation, not a remote exploit. Learn the difference.
If I didn't knew the difference I wouldn't post the SSH example. Also SSH is used in many servers trough non-VM based servers(at least in my country).
I probably didn't understand the total meaning of "Obscurity" word well since English is not my first language, with I already pointed out in another response, but this doesn't give you the right or to call me fan-boy or kid or whatever. If you are frustrated with someone go point your rage at someone else. Don't pick up guys that you don't know on the net with personal attacks, and try to be intellectually honest.
What are you asking me? If it's OK OS's to have bugs.
No. It's not ok. But it's inevitable.
Also I'm programmer with several works published in open-source from encryption to network programming, so I can hardly be considered a fan-boy.
And yes. If nobody knew it wasn't a security issue.
What is it in If nobody knew that you don't understand?
If some hacker knew != "If nobody knew".You could have what we Linux "fun-boys" called an algorithmic thinking to figure this out.
By the way.
No. Because it's a freaking LOCAL EXPLOIT and nearly no-one uses Linux for multi-user systems now that everyone can afford their OWN FREAKING COMPUTER.
You don't need to have physical access to use this exploit. It can bed done with SSH or any kind of remote user login with limited privileges. Who's the fan-boy now.
It's impossible to have a complex system without bugs. The speed that they are addressed once they are discovered tells much about the system. Also it's very unlikely that a severe exploit stays secret once it's discovered unless it's not used.
I don't know what do you mean with Obscurity.
For me obscurity is closed source code. It's to try to hide vulnerabilities from the public to argue that it's more safe.
Obscurity for me definitely isn't posting a patch in the same day that the vulnerability is discovered.
No. If nobody knew it wasn't a security issue. I'm sure there are bugs on every OS with more than 8 years old yet to discover.
You could bother to read the article.
A patch already was made.
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e694958388c50148389b0e9b9e9e8945cf0f1b98
Does this mean that Linux was never more secure than Windows--only more obscure?
No.
You could have a point if this was resolved only 6-12 months after it's discovery.
This is a non-issue.
Why the hell this articles keep coming when there are plenty of real issues about Microsoft, IE.
Why is it a shame? Because you don't like the current ones.
Guess what. Not everybody have the same tastes, and it's impossible to please Greeks and Trojans at the same time.
There's no tool that allow regular people to design themes.
The same suggestion than before. You can build one.
Or better. You can pay someone to build you one, if you don't know C++.
Just don't come here whining about how it's a shame that the KDE devs don't work for you for free to make you a theme that you do like.
Your anonymous coward origin just shows how much you are trolling. You probably never wrote a line of code on your life.
For starters, why is everything gray. Can't they break the tradition where the whole UI uses only two colors (one for "3d" elements, one for list backgrounds), and add some differentiation?
Great idea. Why don't you design a new theme at your taste and submit it.
No. If you are referring to the looks it's a matter of taste.
If you are referring to Qt, I can tell you that the Qt toolkit is at this point nothing less than Windows Libraries. If you are referring to polishment you should talk about specific applications and not the whole toolkits. Take Smplayer for example. It's an app that is exactly he same on windows an Linux(and I actually like it better on Linux).
Qt 4 is relatively new, and it was from my point of view a necessary break from Qt3. The great modifications are at the programming level, and I find it one of the best toolkits I ever programed.
I'm sorry about the interface thing, since I was not very clear(I guess i choose the wrong word). What I've meant was not the menus and buttons, but a something like the object positioning. Since word was primarily to print text the features of including images and other type of media were implemented after. It's very difficult to exactly position a object in Word. Word tries to have a dynamic layout to be compatible with Web Page publishing. But the nature of printing is not dynamic at all. Word tries to do all, and at the end is not very good in anything. If you used Scribus, you know what I mean, although I think Scribus is not yet mature for production purposes, it's way better than word(I'm very optimistic about scribus, but I can't yet recommend my boss to switch).
It's true when you say:
...PRECISELY the (ab)use of Word for layout purposes...
MS Word only survival at this time is because of compatibility issues(mainly caused by MS). Beyond that, MS Word doesn't really have any features that justify is price. Their is still very fear and ignorance about this. People are afraid they would not be able to open Word documents if they switch to the free alternatives, and MS makes sure MS word would not ever be 100% compatible.
Disclaimer: I'm not an english native speaker, so I'm sorry for some lack of English technical terms.
I've worked many years on printing industry and Word was useless. Well to be frank I've develop a anti-word kind of felling since many clients tough they could save some bucks by sending us their Word formatted previews, and saying things like: "We already did the job of the document so you can just print this.". The truth is a word document is completely useless for professional printing, since Microsoft word is not good with outputs. As a matter of fact, is garbish. I never understood how 20 year of "improvement" couldn't make MS Word better on one of the supposed areas of Word. Printing. We had to convert all documents to Quark or In-Design before sending to offset.
Anti-word-ism apart, I know what word-processors are for. And I know they are very useful to many bureaucratic institutions. Although I think the modern word processors are bowed with what people are used to in the interface, and I think a break from the current interface to a new one is the way to go. Of course, vendors are very afraid on innovating on this field, since probably they will loose many clients.
Anyway, the article is stupid. It's a narrow view of a single user usage of word, and I agree that it shouldn't make Slashdot main page.
I think any post here that doesn't include a direct link should be modded troll or off topic.
...
...
...
Ha! Almost forgot.
Seiko Smart Label Printer 450
and the linux drivers: Linux Drivers
Where I live in Portugal(Europe), this issue was discussed several years ago. At the time phone calls were collected by the minute, and not by the second. When you called someone and if the person was out of network or disconnected, it will charged 1 minute even if you didn't want to leave a message.
A bill was passed with the solution. Now the call just starts to count after the beep, so if you don't want to leave a message you just hangup before the beep.
It seems a good solution to me.
Yes. You are right. It's impossible to go trough an incident like this without lost of credibility. But ultimately, if the project is good enough, and the motivation to continue also, the credibility will be restored.
You can't even guarantee that a major project isn't just going to stop without notice
CentosOS will never die. Ultimately I will fork it and continue it. That's the guarantee you have for good projects.
The objective is to study botnet behavior and propagation on Windows environments on large scale.
They don't need everything to work on WINE. They just need the some specific software like the botnets they use to behave and propagate exactly like in windows.
And that can be easily achieved.
I'm sorry that you guys don't like it, but it's OK for people to want to make money off their ideas. Wanting to make lots of money is at the core of our system. You aren't going to change that.
You are kidding right. Do you really think someone who is intellectually honest, and it isn't biased, and with two fingers of intelligence will agree with something like this:
A system and methods for implementing education online by providing institutions with the means for allowing the creation of courses to be taken by students online, the courses including assignments, announcements, course materials, chat and whiteboard facilities, and the like, all of which are...
You are kidding right. Do you know how vague this "idea" is, and how many possibilities it range? Do you really think this is an original idea, or the natural way technology evolve. Maybe they can also patent networks on the moon since we probably are going there and will need networks.
Yes. I'm relatively new. Seems now that my last post was useless. But I'm learning.
Troll. WTF? What is troll about my comment???
Seems to me like this is one more case of defense blowing up the chances of success on the case.
Isn't the defendant totally screwed since he already admitted guilt. If so, how can the defense allow the case to be lost before trial.
"Cyberspace is real, and so is the risk that comes with it,"
Did someone stopped to think this is the kind of alarming news that can elevate simple computer hackers to dangerous international terrorists.