Any reasonable security audit is going to have checks for arbitrary code execution, as well as careful examination of any code that deals with self describing files. WMF fits *BOTH* those categories.
The fact that it was STILL IN THERE more than makes up for it. Trustworthy Computing, what, four years ago, was supposed to involve audits, yet this bug made it in after (at least) two audits - the pre XP one and pre-Vista one.
Leaving it on the page is not. That address would be no more susceptible than others that belong to customers that have ended up on the web for various reasons. If the products they claim can handle normal levels of spam can not, they are reaping what they sowed.
No argument on that here.OP just wanted Windows running on non-x86 hardware, which it did back in the NT 4 days. And now again on PPC (sorta) with the XBox 360.
Heck, some of the security problems are legacy because of the support of the other architectures. For god's sake, add another ring for drivers so they can't touch the kernel. It's supported on the x86.
The PS2 helped, at least some, with DVD adoption. It was cheaper to get a PS2 than most stand alone DVD players at the time, and history may repeat itself with Blu-Ray and the PS3.
The last numbers I remember hearing for stand-alone Blu-Ray players was around $1000, and with the PS3 running at half that, it's going to get Blu-Ray players into homes that wouldn't otherwise bother with one for several years. HD-DVD doesn't have that advantage.
They do. I've had them blocked since the "Download Ep3 here!" and "Get your free PS3" ads. If it's not IFRAME's, then it's script tags with an external source. Either way, it's blockable with AdBlock.
I have reported bugs to Microsoft, none have ever gotten resolved. This includes a buffer overflow I reported more than a year ago.
If you try to do simple things, the API is documented reasonably well. As soon as you try to step outside the norm (try to integrate a MIME filter into an IE session for example), you will start running into problems, documentation and otherwise.
I've been doing EXACTLY that & for over 12-13 years now as a pro!
And so have I, across several vertical industries. Their documentation is incomplete and inconsistent, especially as regards integration. Their sample are buggy (see the security holes introduced in some ethernet drivers from the DDK samples), and documentation and samples for installing stuff as non-admin users is pitiful.
Slashdot Mirror
Less apps are broken on OS X if you don't have admin access, in contrast to Windows ones.
He surmised that Gibson's tests had the offending function as the last entry in the metafile, which caused only incorrect sizes to trigger the flaw
Then how come only size 1 worked, not other incorrect sizes?
Not have bugs? Of course not.
Any reasonable security audit is going to have checks for arbitrary code execution, as well as careful examination of any code that deals with self describing files. WMF fits *BOTH* those categories.
Fixing it is kudos to MS.
The fact that it was STILL IN THERE more than makes up for it. Trustworthy Computing, what, four years ago, was supposed to involve audits, yet this bug made it in after (at least) two audits - the pre XP one and pre-Vista one.
submitting that address to lists is unethical.
Leaving it on the page is not. That address would be no more susceptible than others that belong to customers that have ended up on the web for various reasons. If the products they claim can handle normal levels of spam can not, they are reaping what they sowed.
Why should Windows Update be a web-application anyway?
I'm not entirely sure that it is. The service must be running for the updates to happen.
Symantec owns BrightMail and IIRC, has a consumer level product as well.
If they can't handle spam, then that product manager deserves everything he gets.
No argument on that here.OP just wanted Windows running on non-x86 hardware, which it did back in the NT 4 days. And now again on PPC (sorta) with the XBox 360.
Heck, some of the security problems are legacy because of the support of the other architectures. For god's sake, add another ring for drivers so they can't touch the kernel. It's supported on the x86.
I've got the DEC alpha disk hiding somewhere in my computer room, and the alpha (not turned on in years) downstairs.
What game did you look at?
I double checked San Andreas before posting, and I remember seeing it in Champions of Norrath.
In San Andreas, it's the section labelled "Warranty".
Shrinkwrap licenses have been upheld recently with the printer decision (Lexmark, IIRC)
You have the same problem from studying in Japan. Therefore, school should be banned.
No EULA? No click-through is more accurate.
Go look in the back of the manual.
Then why not get rid of the drinking age laws? Parents can watch their kids to make sure they don't drink.
There is documented developmental harm from alcohol. None from games.
Some places won't sell R movie tickets to those under 18, without a parent there. How is a game different?
If a store wants to do that, let them. Don't legislate it.
The PS2 helped, at least some, with DVD adoption. It was cheaper to get a PS2 than most stand alone DVD players at the time, and history may repeat itself with Blu-Ray and the PS3.
The last numbers I remember hearing for stand-alone Blu-Ray players was around $1000, and with the PS3 running at half that, it's going to get Blu-Ray players into homes that wouldn't otherwise bother with one for several years. HD-DVD doesn't have that advantage.
1 stillborn product. Blu-Ray will get market simply because of the PS3
I just figured that we're talking about products that are still a few years down the pipe that haven't been anywhere close to finalized yet.
MS has committed to an August 31,2006 date, so it better be damn close to finalized.
Now, chances are they won't make that date, but they've publically said they would.
googlesyndication.com is the domain, IIRC, just use that as a filter (straight, no http in front of it)
I'm using Filterset.G through the extension right now, so I don't have the list I used to use any more.
They do. I've had them blocked since the "Download Ep3 here!" and "Get your free PS3" ads. If it's not IFRAME's, then it's script tags with an external source. Either way, it's blockable with AdBlock.
I have reported bugs to Microsoft, none have ever gotten resolved. This includes a buffer overflow I reported more than a year ago.
If you try to do simple things, the API is documented reasonably well. As soon as you try to step outside the norm (try to integrate a MIME filter into an IE session for example), you will start running into problems, documentation and otherwise.
I've been doing EXACTLY that & for over 12-13 years now as a pro!
And so have I, across several vertical industries. Their documentation is incomplete and inconsistent, especially as regards integration. Their sample are buggy (see the security holes introduced in some ethernet drivers from the DDK samples), and documentation and samples for installing stuff as non-admin users is pitiful.
They do. Mark Russonivich (Sysinternals) goes in to Microsoft regularly.
It was default in the install of FC4 I just did, so it's getting closer to standard.
well documented API'
BWAHAHAHAHAHAAH
There's someone that's never programmed Windows.
Ditto for any other encryption client.
Like web browsers that support https?