In a corporate environment where they _wanted_ you to be using an IM client, they'd have the correct ports open.
Will someone buy London bridge from me then?
on
New Standard Keyboard
·
· Score: 2, Interesting
Can someone more enlightened or chemically enhanced explain how somebody can get the financial backing necessary to actually get a production line producing what is obviously (to me anyhoo) a product with no chance of success?
I mean what are these people thinking? That cornering the 'Fisher Price, water-proof keyboards for the nearly toilet trained' is going to make them rich?
While The Register claims it has done an indepth evaluation, they didn't actually test to see if the firewall was blocking non-local subnet access to all the ports used by the services they were complaining about.
If they had, then they would have realised that this is nowhere near the big terrible gaping hole that they are making it out to be.
They also claim that activating a DHCP client is unneeded by most home users. That might have been true 5 years ago, but these days anybody with any kind of home network even if it is just a simple cable or DSL modem will typically need DHCP running. I mean good grief, come on! Even so, I know full well that while you are installing XP it asks you if you want to have your IP settings automatically configured and then DHCP gets turned on.
As for all their complaints about the Zones in IE, speaking as someone who has had to deploy extranet applications to part time casual workers who use their own home PCs to access it, the ability to have a trusted and a non-trusted set of security policies is a blessing.
All in all, I think this article has been poorly researched and written by people who fail to appreciate the bigger picture of what home users may need to do.
I've not seen it mentioned anywhere, so maybe it's just a drive incompatibility issue, but when I installed SP2 RC1, I could no longer play DVDs - I would receive an error telling me that the TV OUT on my card must be disabled first.
I rolled back to SP1 and bingo, everything would play fine again.
I once had a friend who was a psychology major. She asked me, "How can you study computer science when there are children out there being abused, and women out there being raped?"
How does she think she's helping? She's not preventing it, she's making money out of the aftermath.
Well clearly our mileage varies, because I've never had to go through multiple reboots on Windows Update, nor have I had to use it several times in a row because it misses patches.
Mind you, I'm referring to the automatic update service rather than their website.
My point wasn't really XXX is bad and Windows Update is great though, what I was really trying to point out was that Windows Update (via the auto-update service) is a far more pervasive mechanism than any of the distribution-specific techniques. I think that far more of the user base of Windows gets automatic updates than do Linux distributions, if only because by default it is configured to happen automatically and without any user intervention other than to click 'Yes' when you are told there are new updates to install.
Sure the OSS community releases fixes faster, but how quickly do they penetrate the userbase? I think Windows Update is a far superior platform for distributing fixes than currently exists in the Linux world, if only because not every Linux distribution offers such a powerful tool.
Now I realise that you can also be the unwitting recipient of functionality and licence changing updates through Windows Update, but as a technology I think it's way better than what is available in the OSS world right now.
Am I just too cynical, or is this just a way for MS to keep friendly with the local Attorney General? Seems like she's the one getting all the press...
The DLLs in question -.NET assemblies do not go into the registry, instead they go into either the 'Global Assembly Cache' (think */lib) or they can reside in the same directory as the.NET executable that needs them.
This is partial FUD - the document says that IF your BIOS counts processors the way Intel tell BIOS manufacurers they should, then your 4-CPU licence of 2000 server will utilize the 1st logicalCPU of each physicalCPU.
However, it won't go on to use the extra 2nd logical CPU in each physical CPU because you've used up all your licences by then (2000 server only gives you a 4 CPU licence).
If your BIOS doesn't enumerate CPUs the way Intel says they should, then 2000 will use both logical CPUs on the 1st and 2nd physical CPUs, and presumably leave your other two physical CPUs idle.
In.NET, it appears that Microsoft have not only taught it how to count CPUs properly regardless of potential BIOS problems, and also decided that only physical CPUs count towards licencing (well DUH!) and so with a 4 CPU hyperthreaded system, all 8 of your logical CPUs will be used.
Not obsolete - inappropriate for web services
on
HTTP's Days Numbered
·
· Score: 2, Interesting
The article just points out that using HTTP as a basic transport for more higher level concepts such as a Microsoft Web Service is problematic because:
a) The way most of the Internet's IP infrastructure treats port 80 traffic will not allow long durtation web service transactions to work reliably (presumably because things like NAT mapping tables will get cleaned up before the transaction finishes)
b) Because the server can't initiate a connection to a client.
It's NOT talking about HTTP being unsuitable for pushing web server content around the Internet.
Slashdot Mirror
Just trawling roughly through our logs, we have:
/. :) Let's all pretend it's Konqueror!
0.2% Opera
6.5% Firefox
88.1% IE
Dunno what the other 6% is, and I ain't about to trawl through and investigate for
Yeah look, they contributed those little green arrow icons! :-)
In a corporate environment where they _wanted_ you to be using an IM client, they'd have the correct ports open.
Can someone more enlightened or chemically enhanced explain how somebody can get the financial backing necessary to actually get a production line producing what is obviously (to me anyhoo) a product with no chance of success?
I mean what are these people thinking? That cornering the 'Fisher Price, water-proof keyboards for the nearly toilet trained' is going to make them rich?
Sheesh!
While The Register claims it has done an indepth evaluation, they didn't actually test to see if the firewall was blocking non-local subnet access to all the ports used by the services they were complaining about.
If they had, then they would have realised that this is nowhere near the big terrible gaping hole that they are making it out to be.
They also claim that activating a DHCP client is unneeded by most home users. That might have been true 5 years ago, but these days anybody with any kind of home network even if it is just a simple cable or DSL modem will typically need DHCP running. I mean good grief, come on! Even so, I know full well that while you are installing XP it asks you if you want to have your IP settings automatically configured and then DHCP gets turned on.
As for all their complaints about the Zones in IE, speaking as someone who has had to deploy extranet applications to part time casual workers who use their own home PCs to access it, the ability to have a trusted and a non-trusted set of security policies is a blessing.
All in all, I think this article has been poorly researched and written by people who fail to appreciate the bigger picture of what home users may need to do.
Um, this article is 13 months old :-)
What version are you using? There is no 'Options' sub-menu in my 'Tools' menu in Firefox 0.91 for FC2.
Well, IMHO if Firefox wasn't doing the hand-off to the Windows shell, then the hole would not be remote exploitable.
What I don't get is how come the exploit is considered Windows only. How come you can't exploit it as something like: shell:///sbin/reboot or worse?
I've not seen it mentioned anywhere, so maybe it's just a drive incompatibility issue, but when I installed SP2 RC1, I could no longer play DVDs - I would receive an error telling me that the TV OUT on my card must be disabled first.
I rolled back to SP1 and bingo, everything would play fine again.
This is an add-on layer, not an integral part of the OS.
Um by most people's definitions of Linux, your entire GUI is an add-on layer and not an integral part of the OS.
Well, either that or nobody will buy your device because it doesn't support uPnP :-)
I'm JK of course, but now the hardware industry to support two protocols OR knowlingly make themselves incompatible with one market segment.
I once had a friend who was a psychology major. She asked me, "How can you study computer science when there are children out there being abused, and women out there being raped?"
How does she think she's helping? She's not preventing it, she's making money out of the aftermath.
I don't see any documentation about how requests to launch applications will be validated.
/bin/sh and then opening a payload script?
What is to stop a malicious java applet from registering an action that is executed via
Is JDIC restricted to applets running on the local machine, or could any old web page host an applet that could launch documents for you?
Well clearly our mileage varies, because I've never had to go through multiple reboots on Windows Update, nor have I had to use it several times in a row because it misses patches.
Mind you, I'm referring to the automatic update service rather than their website.
My point wasn't really XXX is bad and Windows Update is great though, what I was really trying to point out was that Windows Update (via the auto-update service) is a far more pervasive mechanism than any of the distribution-specific techniques. I think that far more of the user base of Windows gets automatic updates than do Linux distributions, if only because by default it is configured to happen automatically and without any user intervention other than to click 'Yes' when you are told there are new updates to install.
Sure the OSS community releases fixes faster, but how quickly do they penetrate the userbase? I think Windows Update is a far superior platform for distributing fixes than currently exists in the Linux world, if only because not every Linux distribution offers such a powerful tool.
Now I realise that you can also be the unwitting recipient of functionality and licence changing updates through Windows Update, but as a technology I think it's way better than what is available in the OSS world right now.
Am I just too cynical, or is this just a way for MS to keep friendly with the local Attorney General? Seems like she's the one getting all the press...
The DLLs in question - .NET assemblies do not go into the registry, instead they go into either the 'Global Assembly Cache' (think */lib) or they can reside in the same directory as the .NET executable that needs them.
This is partial FUD - the document says that IF your BIOS counts processors the way Intel tell BIOS manufacurers they should, then your 4-CPU licence of 2000 server will utilize the 1st logicalCPU of each physicalCPU.
.NET, it appears that Microsoft have not only taught it how to count CPUs properly regardless of potential BIOS problems, and also decided that only physical CPUs count towards licencing (well DUH!) and so with a 4 CPU hyperthreaded system, all 8 of your logical CPUs will be used.
However, it won't go on to use the extra 2nd logical CPU in each physical CPU because you've used up all your licences by then (2000 server only gives you a 4 CPU licence).
If your BIOS doesn't enumerate CPUs the way Intel says they should, then 2000 will use both logical CPUs on the 1st and 2nd physical CPUs, and presumably leave your other two physical CPUs idle.
In
The article just points out that using HTTP as a basic transport for more higher level concepts such as a Microsoft Web Service is problematic because:
a) The way most of the Internet's IP infrastructure treats port 80 traffic will not allow long durtation web service transactions to work reliably (presumably because things like NAT mapping tables will get cleaned up before the transaction finishes)
b) Because the server can't initiate a connection to a client.
It's NOT talking about HTTP being unsuitable for pushing web server content around the Internet.
I totally agree, and would add that there's normally a further implicit specification for command line *nix projects:
Operate silently if successful.
getopt() et al style of command lines.
Output to stdout, Errors to stderr, useful exit codes etc.
All of these add up to help make *nix (command line), quite an easy place to build a utility that fits in.
Stony.