The biggest problem with MS security model relates to what it's built for... Games. As such any read/write access to the filesystem (remotely, etc.) will allow you to completely own any windows box.
This is (mostly) correct for Windows 9x system, but doesn't really hold much for NT/2000/XP.
We'd have to eradicate Microsoft before the KDE, Gnome, and Mono projects finish cloning all of their convenient but insecure features (autorun when someone puts a disk in your CD drive, macros in your documents, Visual Basic scripts in attachments, click and run everything). Trade press folks saying that Linux on the desktop will never succeed until the apps work exactly the same way, when many of the security holes are simply logical consequences of the features as designed.
In that case, Linux developers should pay more attention when Microsoft screw up, the better to make sure that they don't wind up doing the exact same thing at some point in the future...
I subscribe to the Microsoft Security Bulletins at work, and on every security notice there is a section marked Mitigating Factors which details the particulars that are required for an exploit to be performed. These break down into the following types:
Software set to the defaults, not the settings recommended by Microsoft (eg. Outlook (Express) setting for Security Zone to use when viewing messages)
A particular combination of software and settings (eg. IIS, SQL Server, Exchange)
Vectors than can be used to exploit the hole - some will require physical access to the machine, or to a machine on the same local network, or particular user access.
The window of opportunity that can be afforded by exploiting the hole - how much code you could inject, how far you could elevate your privileges on the system, how much access you gain to the system, etc.
A lot of the potential exploits would fall at the first two hurdles above. For instance, by setting Outlook (Express) to use the Restricted Zone, you've already plugged several holes.
This is not to excuse Microsoft for creating the holes in the first place. Particularly odious are those related to allowing scripting to be performed in places where it makes no sense whatsoever, eg. Windows Media files. That is not a case of sloppy coding, that is bad design from the get-go.
Sad to say, even if Microsoft fixed all the outstanding holes tomorrow, you will still need to have a firewall and anti-virus software, because the malware will continue regardless, until such time as we all move to a platform that is secure by design. (And, no, in truth that platform doesn't exist yet)
Microsoft's next trademark: Mouse(R) Lindow's next product: Louse
Douglas Engelbart (the inventor of the original 'mouse' back in the 1960s) might well have something to say on that one...
Besides, it's always been a Microsoft Mouse, as opposed to the Apple Mouse or any of the myriad other mice out there. Bit late for them to try and trademark that one. Unless, of course, they manage to get the same guy that granted them the 'Windows' trademark...:)
I work for a software duplication & fulfilment firm, and we started doing in-house DVD-R duplication this year, alongside our existing CD-R duplicators. Waiting for the machine to burn the DVD-R discs, it feels like we've stepped back in time about 10 years, to when the first CD-R recorders came out (we still have our original Philips CDD-521 box in a cupboard somewhere, bought when writers cost several grand and discs cost 20 quid a pop!) Anything that makes for faster DVD writing would be a good thing indeed!
What he said! I can understand having an initial desktop set-up option that allows people moving over from Windows to get started faster (similar taskbar, similar window controls, etc.), but trying to make a Linux desktop that is exactly like Windows seems to be majorly counterproductive to me, for the simple reason that it's Linux, not Windows, on the inside!
I take my hat off to the guy who wrote XPde, and wish him all the best with his future projects. But this is one itch that run the risk of being scratched so much that it ends up a large scabby wound...
I really don't care if MS absorb me into the collective. They would take care of me real well, and I wouldn't have to worry too much about the stress of modern life. People are always focusing on the bad side.
Sure, you get faster downloads, but your phone line is still tied up for the upload side.
If you can't get anything else, it might be worth a look-in, but I'm sceptical that it will be much use for anything but the most basic of Internet usage.
Nice quote from the article...
on
1.5 TB DVD by 2010
·
· Score: 3, Funny
* BY 2010, according to senior Intel architects, a CPU will have processing power equivalent to the brain of a bumble bee.
Hmm... so what that make my Pentium III equivalent to? A cockroach?:)
Instead of that transparent base, it should be attached to the ceiling, with the power lead attached to the supporting wire. Now that would be cool, clear some desk space, and if you make the support strong enough, it's harder to steal to boot!
Only problem - some fool will go hang up five of them and make a giant Newton's Cradle...:)
And its not just flash, there is another Macromedia product that I'm far more worried about Microsoft getting their hands on: Dreamweaver. Dreamweaver has quickly become the standard HTML editor. Can you imagine what's going to happen if it starts making code like Frontpage does now?
My bet is that Bill and Friends have their eyes on Dreamweaver more than Macromedia.
Don't know about the US press, but the reviews I've read over here in the UK regarding UltraDev (and subquently of Dreamweaver MX) are of the opinion that they are the tool for web development, and leave FrontPage in the dust.
In fact, one commentator over here, John Honeyball, writing in PC Pro, went as far as to say that Macromedia, with their MX products, put Microsoft's Visual Studio.NET to shame when it came to doing web development with IIS/ASP and.NET !
Of course, being in a position to 'persaude' ColdFusion shops to move to.NET would help, but Dreamweaver, if they could get their hands on it, would be a major coup for Microsoft...
Which does NOT make it a PART of Internet Explorer. It just means it is in the same installation package. Big whoop.
Ah, but you're forgetting the code that's shared between Internet Explorer and Outlook Express (and Windows too, of course. Thanks Bill!:) ).
In any case, all the above is a distinction that only the techies can see - as far as my Mum and Dad (and most home users) are concerned, there is no distinction, because it's what came installed on the PC when they got it.
No it is not. Separate directory, separate executables, separate registry entries.
Merely a holdover from the days when it was an application in its own right. Now, however, the only way you can acquire it from Microsoft's web site is as a part of the install package for Internet Explorer.
(I can remember the first incarnations of Internet Mail and News, the predecessors of Outlook Express (yeah, really lame name they chose, since it's only vaguely like Outlook). They actually had a beta version where the two were done as extensions of the My Computer hierarchy, like Control Panel. Probably gave the Windows team fits, because it subsequently changed into the interface we know and loath today. *g*)
(Not that any of this bothers me, I use Forte Agent for my e-mail and news needs.)
From reading the Herald article, the site NewZealand.com was promoting tourism in New Zealand, which is hardly an activity that the government of New Zealand would frown upon, don't you think?
Now, if the site had been home to, say, material inciting act of violence on the citizens and/or institutions of New Zealand, then there most definitely would be a case to answer...
A quick check with Google reveals a healthy-looking govt.nz domain already in existence, similar to the UK's gov.uk system. So it's not as if the New Zealand government are without a home on the Internet, either.:)
Probably just a bunch of fool lawyers trying their luck, nothing to do with the Queen.
When I get popup ads (or whatever) that annoy me too much I just visit the web site sponsoring the ads, and the web site doing the advertising after setting my referrer to a message like "popup ads are annoying and ensure that I wont buy your crap", and my user-agent similarly.
Hmm, you're assuming, of course, that they'll read this message from their web site logs... how likely do you think that is?
I do this because I can't always find an email address, or a complaint page without spending more time than I really want to.
Fair point, but that might be explained by your statement below...
Of course, I dont really want to see the results so I use wget or curl to actually fetch the pages, and just to make sure the message gets seen I do a hundred or three fetches. With delays, of course, as I don't want to do a DOS attack.
And you wonder why the ad firms are a bit reticent about giving out an e-mail address? Behaviour like that will only harden their attitude.
Re:Vote with your e-mail, not just your feet!
on
Next-Gen Pop-up Ads
·
· Score: 2
Yeah, right. They don't give a rats ass about anyone who is annoyed by their advertising. Sending them e-mail is just asking for spam.
Also, I know plenty of people in management positions who make the kind of decisions about what sort of advertising the company should pursue. The vast majority of them know nothing about computers. Many of them don't even own one.
I'm not talking about the companies who run the ads, but the ones buying the ads from them. If they get the message that these new ads are turning people away from their site, and hear it loud enough, then maybe they'll think again, and switch to less intrusive forms of advertising.
Your dismissive attitude is one that I find quite astonishing. You appear to expect only the worst from the sites where these ads are running, and consider this to be an excuse for inaction. Come on, how much effort does it take to send an e-mail?
(Yes, I fully intend to practise what I'm preaching, the next time I come across a site using intrusive advertising).
Re:It Harasses People with Visually Disabilities
on
Next-Gen Pop-up Ads
·
· Score: 2
It's hard enough to make a screen reader work satisfactorily if your need one now; just wait until the screens change (new pop-up windows at the hover of a mouse).
I really think this comprises harassment to PWD's.
Good point! I suspect, though, that the sites that are taking on this new breed of super-intrusive ad probably weren't too concerned with gaining the custom of visually-disabled user in the first place.:(
But we can use this as a lever to persuade other, more civil-minded sites not to succumb...
Vote with your e-mail, not just your feet!
on
Next-Gen Pop-up Ads
·
· Score: 4, Insightful
If more people contacted the websites that are running the really intrusive adverts, telling them why the ads are so annoying, and asking them to reconsider, then we'd stand a better chance of seeing the back of them.
As it is, we seem to be locked into an Arms Race of sorts - ad companies devise new ad format, ad blockers move to block them, repeat ad nauseum... Just blocking the ads will only attract the attention of the ad company, not the owner of the site displaying the ads.
Slashdot Mirror
I love the smell of lawsuits in the morning! :)
:) :)
It smells like... lots of money being burned real fast!
The biggest problem with MS security model relates to what it's built for... Games. As such any read/write access to the filesystem (remotely, etc.) will allow you to completely own any windows box.
This is (mostly) correct for Windows 9x system, but doesn't really hold much for NT/2000/XP.
It doesn't even really matter where it is.
Behind a firewall? Anti-virus?
We'd have to eradicate Microsoft before the KDE, Gnome, and Mono projects finish cloning all of their convenient but insecure features (autorun when someone puts a disk in your CD drive, macros in your documents, Visual Basic scripts in attachments, click and run everything). Trade press folks saying that Linux on the desktop will never succeed until the apps work exactly the same way, when many of the security holes are simply logical consequences of the features as designed.
In that case, Linux developers should pay more attention when Microsoft screw up, the better to make sure that they don't wind up doing the exact same thing at some point in the future...
A lot of the potential exploits would fall at the first two hurdles above. For instance, by setting Outlook (Express) to use the Restricted Zone, you've already plugged several holes.
This is not to excuse Microsoft for creating the holes in the first place. Particularly odious are those related to allowing scripting to be performed in places where it makes no sense whatsoever, eg. Windows Media files. That is not a case of sloppy coding, that is bad design from the get-go.
Sad to say, even if Microsoft fixed all the outstanding holes tomorrow, you will still need to have a firewall and anti-virus software, because the malware will continue regardless, until such time as we all move to a platform that is secure by design. (And, no, in truth that platform doesn't exist yet)
Who knows? If anyone has been exploited, they ain't telling...
Microsoft's next trademark: Mouse(R)
:)
Lindow's next product: Louse
Douglas Engelbart (the inventor of the original 'mouse' back in the 1960s) might well have something to say on that one...
Besides, it's always been a Microsoft Mouse, as opposed to the Apple Mouse or any of the myriad other mice out there. Bit late for them to try and trademark that one. Unless, of course, they manage to get the same guy that granted them the 'Windows' trademark...
Maybe you should come back and type that comment in again, when your other hand becomes free. *g*
Dear Sir,
:)
Would you kindly post your physical address so that my associates can meet and discuss certain matters of great importance with you.
Regards,
Steve Bronson
MPAA Copyright Enforcement Unit B2
Nice try, sonny, marred only by the fact that we do Digital Versatile, not Video, Discs!
Anyway, we're in the UK, so go back to picking on defenceless Yanks.
I work for a software duplication & fulfilment firm, and we started doing in-house DVD-R duplication this year, alongside our existing CD-R duplicators. Waiting for the machine to burn the DVD-R discs, it feels like we've stepped back in time about 10 years, to when the first CD-R recorders came out (we still have our original Philips CDD-521 box in a cupboard somewhere, bought when writers cost several grand and discs cost 20 quid a pop!) Anything that makes for faster DVD writing would be a good thing indeed!
What does this say about the amount of work that Apple's developers are putting into the apps that are supposed to be tempting over the Wintel crowd?
What he said! I can understand having an initial desktop set-up option that allows people moving over from Windows to get started faster (similar taskbar, similar window controls, etc.), but trying to make a Linux desktop that is exactly like Windows seems to be majorly counterproductive to me, for the simple reason that it's Linux, not Windows, on the inside!
I take my hat off to the guy who wrote XPde, and wish him all the best with his future projects. But this is one itch that run the risk of being scratched so much that it ends up a large scabby wound...
I really don't care if MS absorb me into the collective. They would take care of me real well, and I wouldn't have to worry too much about the stress of modern life. People are always focusing on the bad side.
:)
You're right - they could instead be focussing on getting free software out of MS for fun and PROFIT!
if some shady agreement with MS puts Win2k in the labs and Visual Studio on my PC I got no problem with it.
:)
Be careful at the graduation ceremony - I bet the Microserfs will be there waiting to assimilate you into the Collective...
Sure, you get faster downloads, but your phone line is still tied up for the upload side.
If you can't get anything else, it might be worth a look-in, but I'm sceptical that it will be much use for anything but the most basic of Internet usage.
Hmm... so what that make my Pentium III equivalent to? A cockroach?
Instead of that transparent base, it should be attached to the ceiling, with the power lead attached to the supporting wire. Now that would be cool, clear some desk space, and if you make the support strong enough, it's harder to steal to boot!
:)
Only problem - some fool will go hang up five of them and make a giant Newton's Cradle...
And its not just flash, there is another Macromedia product that I'm far more worried about Microsoft getting their hands on: Dreamweaver. Dreamweaver has quickly become the standard HTML editor. Can you imagine what's going to happen if it starts making code like Frontpage does now?
.NET !
.NET would help, but Dreamweaver, if they could get their hands on it, would be a major coup for Microsoft...
My bet is that Bill and Friends have their eyes on Dreamweaver more than Macromedia.
Don't know about the US press, but the reviews I've read over here in the UK regarding UltraDev (and subquently of Dreamweaver MX) are of the opinion that they are the tool for web development, and leave FrontPage in the dust.
In fact, one commentator over here, John Honeyball, writing in PC Pro, went as far as to say that Macromedia, with their MX products, put Microsoft's Visual Studio.NET to shame when it came to doing web development with IIS/ASP and
Of course, being in a position to 'persaude' ColdFusion shops to move to
It's not gonna succeed if they keep ripping off Microsoft's Exchange Icon :-)
What he said!
Which does NOT make it a PART of Internet Explorer. It just means it is in the same installation package. Big whoop.
:) ).
Ah, but you're forgetting the code that's shared between Internet Explorer and Outlook Express (and Windows too, of course. Thanks Bill!
In any case, all the above is a distinction that only the techies can see - as far as my Mum and Dad (and most home users) are concerned, there is no distinction, because it's what came installed on the PC when they got it.
No it is not. Separate directory, separate executables, separate registry entries.
Merely a holdover from the days when it was an application in its own right. Now, however, the only way you can acquire it from Microsoft's web site is as a part of the install package for Internet Explorer.
(I can remember the first incarnations of Internet Mail and News, the predecessors of Outlook Express (yeah, really lame name they chose, since it's only vaguely like Outlook). They actually had a beta version where the two were done as extensions of the My Computer hierarchy, like Control Panel. Probably gave the Windows team fits, because it subsequently changed into the interface we know and loath today. *g*)
(Not that any of this bothers me, I use Forte Agent for my e-mail and news needs.)
From reading the Herald article, the site NewZealand.com was promoting tourism in New Zealand, which is hardly an activity that the government of New Zealand would frown upon, don't you think?
:)
Now, if the site had been home to, say, material inciting act of violence on the citizens and/or institutions of New Zealand, then there most definitely would be a case to answer...
A quick check with Google reveals a healthy-looking govt.nz domain already in existence, similar to the UK's gov.uk system. So it's not as if the New Zealand government are without a home on the Internet, either.
Probably just a bunch of fool lawyers trying their luck, nothing to do with the Queen.
When I get popup ads (or whatever) that annoy me too much I just visit the web site sponsoring the ads, and the web site doing the advertising after setting my referrer to a message like "popup ads are annoying and ensure that I wont buy your crap", and my user-agent similarly.
Hmm, you're assuming, of course, that they'll read this message from their web site logs... how likely do you think that is?
I do this because I can't always find an email address, or a complaint page without spending more time than I really want to.
Fair point, but that might be explained by your statement below...
Of course, I dont really want to see the results so I use wget or curl to actually fetch the pages, and just to make sure the message gets seen I do a hundred or three fetches. With delays, of course, as I don't want to do a DOS attack.
And you wonder why the ad firms are a bit reticent about giving out an e-mail address? Behaviour like that will only harden their attitude.
Yeah, right. They don't give a rats ass about anyone who is annoyed by their advertising. Sending them e-mail is just asking for spam.
Also, I know plenty of people in management positions who make the kind of decisions about what sort of advertising the company should pursue. The vast majority of them know nothing about computers. Many of them don't even own one.
I'm not talking about the companies who run the ads, but the ones buying the ads from them. If they get the message that these new ads are turning people away from their site, and hear it loud enough, then maybe they'll think again, and switch to less intrusive forms of advertising.
Your dismissive attitude is one that I find quite astonishing. You appear to expect only the worst from the sites where these ads are running, and consider this to be an excuse for inaction. Come on, how much effort does it take to send an e-mail?
(Yes, I fully intend to practise what I'm preaching, the next time I come across a site using intrusive advertising).
It's hard enough to make a screen reader work satisfactorily if your need one now; just wait until the screens change (new pop-up windows at the hover of a mouse).
:(
I really think this comprises harassment to PWD's.
Good point! I suspect, though, that the sites that are taking on this new breed of super-intrusive ad probably weren't too concerned with gaining the custom of visually-disabled user in the first place.
But we can use this as a lever to persuade other, more civil-minded sites not to succumb...
If more people contacted the websites that are running the really intrusive adverts, telling them why the ads are so annoying, and asking them to reconsider, then we'd stand a better chance of seeing the back of them.
As it is, we seem to be locked into an Arms Race of sorts - ad companies devise new ad format, ad blockers move to block them, repeat ad nauseum... Just blocking the ads will only attract the attention of the ad company, not the owner of the site displaying the ads.