Would it be much easier for a browser maker to do the following?
If visiting a secure site with a cert from a non-trusted source. Have the browser check to see if there's a good chance that the cert is self-signed. Have a warning pop up, or something that tells the user: "The site's certificate seems to be self-signed. If you want more information, click here."
It could be much less intrusive than the current "OMFG! NO TRUST-es! This site may be Tricksy!"
Note: I'm not a coder by trade. I prefer to use domain CAs for the intranet and am a strong advocate of having a good solid trusted cert for anything outside. I am a huge fan of not scaring my users (much).
Because how do you make money off of it? You just take everything down and... profit?
Let's face it. The internet is much more profitable for your hacker group if you keep it running and allow your bots, and spam generators, and everything else to communicate with each other and report back your earning reports.
Now, some yahoo could go ahead and launch the attack, but that would require use of one of those botnets, and then you'd have to answer to a lot of angry Russians. Last I checked, they don't have to worry about those "criminal justice" thingies.
I've (personally) never heard of a study that states that teaching cursive is bad... So, if you could provide a source, I'd be quite glad to see it.
And I believe that your last sentence is the point of the article here... Pretty soon, there'll be a class of people who can't read, and more who can't write the script. I was one of the last (according to TFA) who went through the forced education of penmanship. Mine sucked... In fact, it still sucks... It sucks enough that I may have once received a 'B' since it's pretty hard to harshly grade writing out a c.
But I could at least still read it. I say, so what if it goes the way of greek? It's what the people want? Let em. There'll be few who can read script, and they'll get some benefit out of it I'm sure.
Well.. no. A spree requires tools, and a location.
In fact, my legal friends indicate that there is a terribly strong correlation between gaming and tendencies toward violence. I've responded with "Correlation isn't causation."
Notably, extended play has been observed to depress activity in the frontal cortex of the brain which controls executive thought and function, produces intentionality and the ability to plan sequences of action...
Wait... isn't that slightly contradictory? If you've achieved a mastery of a game, chances are you're spending a fair amount of time planning your actions. In fact, there are plenty of games out there that force you to think, plan, cooperate, etc. I'd bet that they'd qualify as violent too.
Bah... whatever... We've got a bunch of idiots who are trying to look good by "protecting the kids." If they really want to solve the problem, take your kids outside and play some basketball... Wait... in my family that tends to be more violent than most of the games I played....
If you really want to do some damage to a few targets, you're better off with a slug anyway. There might be innocents nearby, and buckshot isn't as useful from across the office.
If you're looking for a good spray, a fully automatic (slightly modded AK) would be much better.
But somehow installing apps to %appdata% feels so... wrong.
Well, it's no different than installing an application to ~/bin. Yes, the real path is kinda messy pre-Vista, but now it's normally C:\Users\Username\Programs... Which isn't really any more wrong than [/export]/home/username/bin.
In fact, I kinda like it. The permissions are all limited, you don't even need to spend time as an admin to get it installed. Plus, the worst that needs to happen is an administrator says, "Save your documents, I'm going to wipe your profile."
*shrugs* there's still gold farmers in wow, as well as organizations trying to sell powerlevelling and such. My guess is that the Chinese government hasn't blocked the game as well as they think they have.
Or that there are other countries with people who engage in these activities...
Well, certainly the ad/spyware that it was a tunnel for sucked. It certainly worked well enough for a lot of sucker^H^H^H^H^H^H noob^H^H^H^H casual users out there well enough that they considered it essential software on campus. In fact, when looking for songs before the RIAA interference tracks, it did deliver on its core function... grabbing the song you want from other people.
Up until Napster, and then Audiogalaxy, and then Kazaa(lite), I had to depend on browsing the various PCs on campus to find songs. It was a pretty darn slow and manual process.
Wait... Prank post! Prank post! I can't believe that anyone would download from someone else directly! [NO CARRIER]
It's also one thing for Chris to be greedy on his own. I don't know what his intentions are... At the very least, if Time Warner does pay up, then a goodly chunk of that payout goes to the trust and charity. I certainly think that sending that cash to the charity is a much better use of it than pulling other into a copyright court because someone use a DVR on a movie on TV.
Actually, Chris did a goodly amount of work recompiling the whole Middle Earth saga from notes, he tried to fill in unfinished stories of his father. He did try to clarify inconsistencies, add stories, and overall maintain the work that was left behind.
No, he wasn't responsible for the work that these movies is based on directly... But he did become the de facto caretaker of the fictional setting.
Well, if the Tolkiens ever have a hard time getting New Line in court, they could fire up BT and start downloading their movie over and over again. They could air all their differences then....
It doesn't matter what they call it, it's still not as fast, and with a small a footprint as XP?
I remember saying the same thing about XP in regards to Windows 2000... "It's exactly the same, but with a lego-land interface, and a firewall that won't let you use the apps you want, but allows all the viruses in. It's bloated and slow. I want nothing to do with it if I can avoid it."
Then XP SP2 came out: "Well, it's still bloated, but with new hardware it's not bad... At least we can make exceptions to allow our apps to access the network finally. Too bad it has double the footprint of SP1."
Funny how Vista (and a few years) changed our perspective so much... Because it was such a resource hog, it made XP seem tiny.
However, why is this such a problem? Its not so hard to create some level of virtualization for so specific target as a simple webbrowser...
Have you spent a lot of time managing virtual applications? If so, you already know that managing the virtualized application is not trivial. Especially if you have plugins. Adding a plugin (currently) requires reworking the virtual application's package. This has been due to change for years, but I haven't witnessed this in practice yet.
Even when you run stuff like Flash and so on it. Instead of installed all over the OS, Flash and other plugins could be installed on that virtualized and separated space that would be cleaned and restored to original "last good known state" when browser quits. Then there would be another isolated space to save all the temp data, cookies and such which would be even more restricted and hence could be sustained thru different browser sessions too.
Of course, as it stands right now, we have a few browsers that support private browsing. That does prevent much of the data picked up from getting saved. I don't know what it's impact is with malware, but I'd guess it doesn't hurt. Also, what you're suggesting would require a major effort on the part of browser makers. I don't think that the vast majority of users could go and add plugins manually to their virtual browser. I'm not saying that it's impossible thought.
I agree with your original post that it's not necessary to have a "tightly integrated" browser. If it weren't for this integration, you could reduce the need to virtualize in the first place.
You have to take a look at your market to distribute your virus too. Sure, Opera might have more market share in Russia and the Ukraine, but it's still tiny overall.
By attacking IE only, you get 65%, include Firefox, and you're staring at 87% of the browsers in total use. You could target certain countries if you wanted to, but for most malware writers it's pure numbers, and it doesn't matter where they come from. I don't know if Opera is designed/written any better... but I can reasonably assume that it's not being targeted as intensely as IE/FF. I'm not taking my hat off to them until they lock down enough worldwide market share to become worthy of being targeted.
I totally agree that the browser shouldn't be so integrated with the operating system. As a rule, we all know that you don't put yourself out on the public internet... Why have a utility that's part of the OS reach out and grab stuff from there? But don't get me started on virtualization. If we want all the flash and trash we ask for, then virtualization isn't going to deliver it yet... unless you're planning on including all the funny gadgets in a virtual OS. We don't do it already because the products (that I've evaluated) don't do this sort of thing well at all yet.
I thought it was 30,000 for the toilet. Hammers were 20,000. Right? It all goes into that underground government facility where they were holding the aliens. Or was I lied to?
Slashdot Mirror
Would it be much easier for a browser maker to do the following?
If visiting a secure site with a cert from a non-trusted source. Have the browser check to see if there's a good chance that the cert is self-signed. Have a warning pop up, or something that tells the user: "The site's certificate seems to be self-signed. If you want more information, click here."
It could be much less intrusive than the current "OMFG! NO TRUST-es! This site may be Tricksy!"
Note: I'm not a coder by trade. I prefer to use domain CAs for the intranet and am a strong advocate of having a good solid trusted cert for anything outside. I am a huge fan of not scaring my users (much).
Because how do you make money off of it? You just take everything down and... profit?
Let's face it. The internet is much more profitable for your hacker group if you keep it running and allow your bots, and spam generators, and everything else to communicate with each other and report back your earning reports.
Now, some yahoo could go ahead and launch the attack, but that would require use of one of those botnets, and then you'd have to answer to a lot of angry Russians. Last I checked, they don't have to worry about those "criminal justice" thingies.
I've (personally) never heard of a study that states that teaching cursive is bad... So, if you could provide a source, I'd be quite glad to see it.
And I believe that your last sentence is the point of the article here... Pretty soon, there'll be a class of people who can't read, and more who can't write the script. I was one of the last (according to TFA) who went through the forced education of penmanship. Mine sucked... In fact, it still sucks... It sucks enough that I may have once received a 'B' since it's pretty hard to harshly grade writing out a c.
But I could at least still read it. I say, so what if it goes the way of greek? It's what the people want? Let em. There'll be few who can read script, and they'll get some benefit out of it I'm sure.
Well.. no. A spree requires tools, and a location.
In fact, my legal friends indicate that there is a terribly strong correlation between gaming and tendencies toward violence. I've responded with "Correlation isn't causation."
They laughed at me.
Notably, extended play has been observed to depress activity in the frontal cortex of the brain which controls executive thought and function, produces intentionality and the ability to plan sequences of action...
Wait... isn't that slightly contradictory? If you've achieved a mastery of a game, chances are you're spending a fair amount of time planning your actions. In fact, there are plenty of games out there that force you to think, plan, cooperate, etc. I'd bet that they'd qualify as violent too.
Bah... whatever... We've got a bunch of idiots who are trying to look good by "protecting the kids." If they really want to solve the problem, take your kids outside and play some basketball... Wait... in my family that tends to be more violent than most of the games I played....
I have a very competitive family.
If you really want to do some damage to a few targets, you're better off with a slug anyway. There might be innocents nearby, and buckshot isn't as useful from across the office.
If you're looking for a good spray, a fully automatic (slightly modded AK) would be much better.
But somehow installing apps to %appdata% feels so ... wrong.
Well, it's no different than installing an application to ~/bin. Yes, the real path is kinda messy pre-Vista, but now it's normally C:\Users\Username\Programs... Which isn't really any more wrong than [/export]/home/username/bin.
In fact, I kinda like it. The permissions are all limited, you don't even need to spend time as an admin to get it installed. Plus, the worst that needs to happen is an administrator says, "Save your documents, I'm going to wipe your profile."
*shrugs* there's still gold farmers in wow, as well as organizations trying to sell powerlevelling and such. My guess is that the Chinese government hasn't blocked the game as well as they think they have.
Or that there are other countries with people who engage in these activities...
What is this copulation? Is that the average density of law enforcement in a group of people?
It's neat that Google does interesting things like this, but it blows my mind how a company that plays so much can survive.
It could also be why they survive so well. If it's okay to play a little like that, and you *gasp* enjoy what you do at work...
The Inquistion, what a show
The Inquistion, here we go
We know you're wishing
That we'd go away
But the Inquistion's here and it's here to stay!
Well, certainly the ad/spyware that it was a tunnel for sucked. It certainly worked well enough for a lot of sucker^H^H^H^H^H^H noob^H^H^H^H casual users out there well enough that they considered it essential software on campus. In fact, when looking for songs before the RIAA interference tracks, it did deliver on its core function... grabbing the song you want from other people.
Up until Napster, and then Audiogalaxy, and then Kazaa(lite), I had to depend on browsing the various PCs on campus to find songs. It was a pretty darn slow and manual process.
Wait... Prank post! Prank post! I can't believe that anyone would download from someone else directly! [NO CARRIER]
Must be because he was actually stealing satellite?
BTW - Agree. WTF Mods?
It's also one thing for Chris to be greedy on his own. I don't know what his intentions are... At the very least, if Time Warner does pay up, then a goodly chunk of that payout goes to the trust and charity. I certainly think that sending that cash to the charity is a much better use of it than pulling other into a copyright court because someone use a DVR on a movie on TV.
Actually, Chris did a goodly amount of work recompiling the whole Middle Earth saga from notes, he tried to fill in unfinished stories of his father. He did try to clarify inconsistencies, add stories, and overall maintain the work that was left behind.
No, he wasn't responsible for the work that these movies is based on directly... But he did become the de facto caretaker of the fictional setting.
Well, if the Tolkiens ever have a hard time getting New Line in court, they could fire up BT and start downloading their movie over and over again. They could air all their differences then....
[obligatory Canadian Bacon reference]
[further obligatory redundant moderation]
I must be getting older.
It doesn't matter what they call it, it's still not as fast, and with a small a footprint as XP?
I remember saying the same thing about XP in regards to Windows 2000... "It's exactly the same, but with a lego-land interface, and a firewall that won't let you use the apps you want, but allows all the viruses in. It's bloated and slow. I want nothing to do with it if I can avoid it."
Then XP SP2 came out: "Well, it's still bloated, but with new hardware it's not bad... At least we can make exceptions to allow our apps to access the network finally. Too bad it has double the footprint of SP1."
Funny how Vista (and a few years) changed our perspective so much... Because it was such a resource hog, it made XP seem tiny.
In my day, we didn't even have bathroom stalls! We had outhouses! Get off *my* lawn!
However, why is this such a problem? Its not so hard to create some level of virtualization for so specific target as a simple webbrowser...
Have you spent a lot of time managing virtual applications? If so, you already know that managing the virtualized application is not trivial. Especially if you have plugins. Adding a plugin (currently) requires reworking the virtual application's package. This has been due to change for years, but I haven't witnessed this in practice yet.
Even when you run stuff like Flash and so on it. Instead of installed all over the OS, Flash and other plugins could be installed on that virtualized and separated space that would be cleaned and restored to original "last good known state" when browser quits. Then there would be another isolated space to save all the temp data, cookies and such which would be even more restricted and hence could be sustained thru different browser sessions too.
Of course, as it stands right now, we have a few browsers that support private browsing. That does prevent much of the data picked up from getting saved. I don't know what it's impact is with malware, but I'd guess it doesn't hurt. Also, what you're suggesting would require a major effort on the part of browser makers. I don't think that the vast majority of users could go and add plugins manually to their virtual browser. I'm not saying that it's impossible thought.
I agree with your original post that it's not necessary to have a "tightly integrated" browser. If it weren't for this integration, you could reduce the need to virtualize in the first place.
You have to take a look at your market to distribute your virus too. Sure, Opera might have more market share in Russia and the Ukraine, but it's still tiny overall.
By attacking IE only, you get 65%, include Firefox, and you're staring at 87% of the browsers in total use. You could target certain countries if you wanted to, but for most malware writers it's pure numbers, and it doesn't matter where they come from. I don't know if Opera is designed/written any better... but I can reasonably assume that it's not being targeted as intensely as IE/FF. I'm not taking my hat off to them until they lock down enough worldwide market share to become worthy of being targeted.
I totally agree that the browser shouldn't be so integrated with the operating system. As a rule, we all know that you don't put yourself out on the public internet... Why have a utility that's part of the OS reach out and grab stuff from there? But don't get me started on virtualization. If we want all the flash and trash we ask for, then virtualization isn't going to deliver it yet... unless you're planning on including all the funny gadgets in a virtual OS. We don't do it already because the products (that I've evaluated) don't do this sort of thing well at all yet.
maybe, but what happens if the super tuna out competes and eats all non-super tuna?
Darwin wins. See, tuna made themselves to tasty that:
1) They'd be overfished.
2) We'd see that, and then make them EVEN BETTER and plentiful.
Well done tuna. You've won the genetic lottery.
No, it's in there. Look under "Loans."
I thought it was 30,000 for the toilet. Hammers were 20,000. Right? It all goes into that underground government facility where they were holding the aliens. Or was I lied to?
Is that the new justification for never RTFA-ing?