The vulnerability discussed above has now been addressed by an from Apple. I would say pretty fast work--the exploit page on/. is still available for posts when the patch is released. Also, as other posters have mentioned, a number of updaters from other vendors still don't sign their updates.
It's clear that Apple has a security focus now--although they may not always get it right out of the box, they have responded quickly to the last 3 major holes, patching the system in days, not weeks.
Think about it this way: do you tune your own engine? No? Maybe you shouldn't be allowed to drive.
And for those geeks that DO tune their own engine, well, I hope that you see the point also. We all have our own skills, and we shouldn't deny the fruits of our labor to those that couldn't replicate what we do--instead we bill them, and they bill us for what we can't do (and they can't understand why we can't do it, either.)
* let the user turn off the option where you can login with "John Doe" instead of your username --Not sure what your talking about here, unless you mean the Other User option. Which I find very helpful on machines where root access needs to be enabled for one reason or another. Also, this is off by default, but can be turned on in the Prefs.
I'm pretty sure that he means disabling the use of "Steve Jobs" as a login, instead of the Unix-y name "sjobs". I don't particularly see this as a useful security feature; I suppose it gives you one less chance to guess the right answer--you may know your targets full name, but you may not know if they've chosen 'stevej' or 'sjobs'. Whatever.
* let the user turn off the 'helpful' feature that puts the last user's name on the login screen
--This can be turned off via the shell, but an administrator tool to do this would be nice.
Noted above by others, but I'll note it again since I also dislike it: there's a utility to do just this located in kBase 106691. Basically just a script to flip a bit you can also access from the term.
* put a checkbox in the installation process to install a system with maximum security options... stuff like no list of users on the login screen and no web server installed at all, etc
Finally, you can be quite a bit more secure by installing without the BSD tools installed. I dunno if this installs Apache, but it would disable all command line tools. I'm only speculating about that, actually, as I have never done an install like that--as a matter of fact, I rush right out to install the dev tools as soon as possible. But the security minded may want to try it.
Or even try OS X on the iMac that you have now. It won't be fast--not by half--but it should give you some sense of what UNIX with a GUI interface looks like; and what it's like to run a Unix with commercial software apps looks like.
Then, provided it floats your boat, take a look at a new Mac. But there's no reason to live without Unix now simply becasue you don't like the way that Linux runs on your iMac. That's available now, and it's called OS X.
Well, it's a good thing for your father that the government got smart after he got out, rather than before. What kind of retirement would he be having if he bet big on WPPSS stock when they defaulted?
Second question: has be purchased Airline stock recently? The results from that bailout haven't come in, to determine if it supports your first conclusion or your last. But there was the SNL bailout--and who oversaw that, after all?
I may not mind getting a Mac, but please don't force me into it.
The small businesses that were using Macs with QuickBooks Pro don't empathize with you, I'm afraid. A LOT of Mac users were forced to convert to Win by the loss of that tool; these are people that otherwise the Mac would be great for. It's indeed too bad for you, but that's how the ball bounces--and frankly, I'm glad to see that Apple has learned to use this strategy for themselves.
It is, I agree. I apologize: I didn't read your post closely enough before I responded.
Re:Lots of problems ahead for MS
on
Analyzing Palladium
·
· Score: 3, Informative
Remind me, where do I download the software hack for Xbox?
The X Box Hacker Site, of course. Really, I don't follow X Box hacking closely enough to know how far this has progressed, but it seems to me that a mod chip has been developed--in 9 months since the X Box was released, and it's DRM was touted as 'unbreakable'. Give it another 9 months for more development.
In fairness, though, the link to the FAQ indicated that while external-to-the-processor DRM management solutions were feasible to break, the embedded-in-the-processor DRM solutions expected in rev 2 and later of Palladium would be not hackable by individuals, or even groups of individuals.
And as for your other point: This is a big deal. It's the Son of SSSCA--yes it is. This is a big deal--the death of Linux, and the end of Apple, unless Motorola gets on board, and quick. You may be able to run those OSes, but you will have ZERO interoperability with 95% of the market. Two things that I think might save us: public outcry against this like Intel's previous attempt to allow external reading of the processor's serial number. Also, since this plan really requires ubiquity of the OS, the absence of a monopoly OS will hamper or kill it. The Anti-Trust penalty may help here, or may not.
IBM was uniquely positioned to take advantage of the ever-growing number of companies moving away from Microsoft
Well, unique except for Apple. They'll welcome companies moving away from Microsoft, too, and sell you Unix compatible laptops, desktops, and servers. If you really want Unix on a Laptop, try Darwin on an iBook.
You knew all that. But I just think that 'unique' isn't correct.
Monday, May 27, 2002
Posted 1:12 PM by David Hyatt
Eep.
Sometimes I forget that people are actually reading this thing and developing grand conspiracy theories. I especially like the part where I'm referred to as a "long-time Mac nut." Until about 3 months ago, my Mac desktop was a glorified paperweight, Cocoa was something you drank, and Objective-C... well, I would have just blinked and responded with "Objective what?"
Just to set the record straight on this conspiracy theory... all Netscape employees who were hired before AOL took the company over are eligible for a six-week sabbatical after four years of employment. You also have to take the sabbatical within one year of becoming eligible for it, or you have to go through the hassle of filing for an extension. As of July 5, I'll have been working for Netscape/AOLTW for 5 years, so I had to take the sabbatical now. It also seemed like a good time to do so since Mozilla 1.0 is wrapping up (and in very good shape). This sabbatical has absolutely nothing to do with Chimera.
Although an iBrowser would be an interesting development--IE is only one of three third party apps that ships with OS X, and the use of Mozilla in a Beta version of a Mac AOL client gives this some weight, I don't think Hyatt is working on it.
If by "any account needed no adjustment" you don't include the fact that moments previous he rubbed his eye, thereby dislodging his glasses, you might have a point.
I think the funnier part of that dialogue is when Jobs explains that "that was before I came back to Apple, which I consider a dream, like Apple was in a coma". It raises the issue again: what would Apple be like if Jobs never left?
One thing's for sure--nothing like it is now. Whether that means "more successful", "more successful like Microsoft" or "more like Be" I'll leave to future posters.
Well, Mafiaboy himself sure helped. From the article: The administrators at the university produced a copy of the attack tool used, which was registered to a user named Mafiaboy...
Moral of the story: don't register your hacking software back to yourself. Kinda like "don't sign each counterfeit bill you make".
If I spend ten years of my life developing an entirely new OS from scratch, and it's awesome, I should get some compensation.
Oh, you mean like Apple? And before you tell me about Xerox PARC--Apple paid for that technology from Xerox. Why you can patent a trivial technology like a pop-under, but not the whole WIMP paradigm, is beyond me.
Yeah, I'm still sore. And I still use a Mac, dammit.
How about a Slashdot interview with this guy? I haven't know many politicians to shy from another couple million eyeballs regarding their pet project, even if it comes from non-constituents.
Before you go all crazy, at least try a Mac running OS X, first. If you like it enough, you'll have the best of both worlds: Soft chewy desktop supported by a name-brand computer maker, with a crunchy Unix backbone.
You may never have considered a Mac before, but you might like it now--it's worth at least a look.
Their victory over the Empire doesn't liberate the galaxy--it turns the galaxy into Somalia writ large: dominated by local warlords who are answerable to no one.
I've heard that Lucas originally planned three movies, and was told that, in short, each of those three movies were too dense and complicated--that, in fact, each was worth three movies of its own. Hence, Lucas' originally trilogy becomes three trilogies.
Therefore, there is at least a plotline planned for three movies after "Return of the Jedi". And, like the author points out, this could be interesting and even topical: the newly re-established Republic trying to enforce rule of law over often very powerful and recalcitrant backwaters in the Galaxy. Unfortunately, no unified evil to combat, but I think it could lead to interesting storytelling; "Millenium Falcon Down", anyone?
Does anyone who collected all the figurines care to expand on the idea of movies 7, 8, and 9?
For webserving or even file serving, you have a definite point. You could still make an argument for Mac Servers, I think, but price wouldn't be in it.
On the other hand, there are industries that have optimized their applications to maximize the AltiVec of the G4--biotech and video, to name two. These guys are likely to buy these racks by the hundreds, as they can take advantage of the processor. Take a look at who got up on stage with Steve: ClearChannel, "Content-creation with nonlinear, graphics prepress houses", and Genetech, "it does matching of genetic code really well too. The single most common application in bioinformatics is Blast"--optimized for the G4, and by Genetech's own evaluation runs Blast 5 times as fast as on a Pentium.
1. I don't want to talk to my computer. You'd have to try this for a while to see for yourself, but the process is exhausting compared to just typing and clicking on stuff.
Mac Users have had voice recognition for years, too; I think OS 9 was the first, but X has it too. And I think most Mac Users would agree: every time it's updated, we go "oh, shiny!", use it for 2 weeks, and then never activate it again. It's not for lack of power or reliability: I can basically do anything with my voice that I could do with my mouse (although not with the keyboard) and it successfully recognizes my command about 80% of the time. You can even play the chess game bundled in OS X with it. However, it is tedious. And slow, even if it works at the speed of our spoken voice. And we all find this: I don't think you would walk into a Mac lab and all of a sudden hear Mac Users all speaking to their computer.
Now is when another Mac User will come on and say that *he uses it only*, etc, and there must be a reason that Apple continues to update it instead of let it drop. But I work with and support Mac Users, and nobody I know uses it, regularly.
Since you and your replies seem unaware, Apple has bundled in voice control to both OS 9 and X that does exactly this--essentially allows you to use voice in the place of mouse clicks: for example, I have a customized speech control that allows me to "Open Omniweb" and then "Read Slash Dot." It essentially allows you to activate AppleScript scripts by speaking the title of the script. It doesn't attempt speech-to-text at all.
It works fairly well, even; probably reliable 80% of the time. However, I find that I don't use it; when I'm alone, I prefer the quietude of my surroundings and don't need it broken by the sound of my own voice. When others are around, I don't use it to avoid sounding like a freak. But, as in all things, YMMV.
why don't they sell iMacs with CRTs to consumers, and let the consumers decide?
Being a web-savvy/. tech-head, I'm sure that you realized just minutes after your post that Apple does, of course, sell CRT iMacs. Still. Never stopped. And they don't even hide them, unless you consider scrolling to the bottom half the page "hide". You can even have them for $799. So how's that for "choice"?
Slashdot Mirror
The vulnerability discussed above has now been addressed by an from Apple. I would say pretty fast work--the exploit page on
It's clear that Apple has a security focus now--although they may not always get it right out of the box, they have responded quickly to the last 3 major holes, patching the system in days, not weeks.
Think about it this way: do you tune your own engine? No? Maybe you shouldn't be allowed to drive.
And for those geeks that DO tune their own engine, well, I hope that you see the point also. We all have our own skills, and we shouldn't deny the fruits of our labor to those that couldn't replicate what we do--instead we bill them, and they bill us for what we can't do (and they can't understand why we can't do it, either.)
* let the user turn off the option where you can login with "John Doe" instead of your username
--Not sure what your talking about here, unless you mean the Other User option. Which I find very helpful on machines where root access needs to be enabled for one reason or another. Also, this is off by default, but can be turned on in the Prefs.
I'm pretty sure that he means disabling the use of "Steve Jobs" as a login, instead of the Unix-y name "sjobs". I don't particularly see this as a useful security feature; I suppose it gives you one less chance to guess the right answer--you may know your targets full name, but you may not know if they've chosen 'stevej' or 'sjobs'. Whatever.
* let the user turn off the 'helpful' feature that puts the last user's name on the login screen --This can be turned off via the shell, but an administrator tool to do this would be nice.
Noted above by others, but I'll note it again since I also dislike it: there's a utility to do just this located in kBase 106691. Basically just a script to flip a bit you can also access from the term.
* put a checkbox in the installation process to install a system with maximum security options... stuff like no list of users on the login screen and no web server installed at all, etc
Finally, you can be quite a bit more secure by installing without the BSD tools installed. I dunno if this installs Apache, but it would disable all command line tools. I'm only speculating about that, actually, as I have never done an install like that--as a matter of fact, I rush right out to install the dev tools as soon as possible. But the security minded may want to try it.
Or even try OS X on the iMac that you have now. It won't be fast--not by half--but it should give you some sense of what UNIX with a GUI interface looks like; and what it's like to run a Unix with commercial software apps looks like.
Then, provided it floats your boat, take a look at a new Mac. But there's no reason to live without Unix now simply becasue you don't like the way that Linux runs on your iMac. That's available now, and it's called OS X.
Well, it's a good thing for your father that the government got smart after he got out, rather than before. What kind of retirement would he be having if he bet big on WPPSS stock when they defaulted?
Second question: has be purchased Airline stock recently? The results from that bailout haven't come in, to determine if it supports your first conclusion or your last. But there was the SNL bailout--and who oversaw that, after all?
I may not mind getting a Mac, but please don't force me into it.
The small businesses that were using Macs with QuickBooks Pro don't empathize with you, I'm afraid. A LOT of Mac users were forced to convert to Win by the loss of that tool; these are people that otherwise the Mac would be great for. It's indeed too bad for you, but that's how the ball bounces--and frankly, I'm glad to see that Apple has learned to use this strategy for themselves.
That's rather my point
It is, I agree. I apologize: I didn't read your post closely enough before I responded.
Remind me, where do I download the software hack for Xbox?
The X Box Hacker Site, of course. Really, I don't follow X Box hacking closely enough to know how far this has progressed, but it seems to me that a mod chip has been developed--in 9 months since the X Box was released, and it's DRM was touted as 'unbreakable'. Give it another 9 months for more development.
In fairness, though, the link to the FAQ indicated that while external-to-the-processor DRM management solutions were feasible to break, the embedded-in-the-processor DRM solutions expected in rev 2 and later of Palladium would be not hackable by individuals, or even groups of individuals.
And as for your other point: This is a big deal. It's the Son of SSSCA--yes it is. This is a big deal--the death of Linux, and the end of Apple, unless Motorola gets on board, and quick. You may be able to run those OSes, but you will have ZERO interoperability with 95% of the market. Two things that I think might save us: public outcry against this like Intel's previous attempt to allow external reading of the processor's serial number. Also, since this plan really requires ubiquity of the OS, the absence of a monopoly OS will hamper or kill it. The Anti-Trust penalty may help here, or may not.
Is there some way that stories can just be edited for spelling, clarity and facts, and then LEFT ALONE
Yeah, two ways, actually: 1) Do your own story research. 2) Demand the money that you paid for viewing the site back.
IBM was uniquely positioned to take advantage of the ever-growing number of companies moving away from Microsoft
Well, unique except for Apple. They'll welcome companies moving away from Microsoft, too, and sell you Unix compatible laptops, desktops, and servers. If you really want Unix on a Laptop, try Darwin on an iBook.
You knew all that. But I just think that 'unique' isn't correct.
The small unit, called Gaak, was one of 12 taking part in a "survival of the fittest" test at the Magna science centre
The WOPR from WAR GAMES told us: "Interesting game. The only way to win appears to be not to play." Just don't him watch Maximum Overdrive, ok?
From Hyatt's blog:
Monday, May 27, 2002 Posted 1:12 PM by David Hyatt
Eep. Sometimes I forget that people are actually reading this thing and developing grand conspiracy theories. I especially like the part where I'm referred to as a "long-time Mac nut." Until about 3 months ago, my Mac desktop was a glorified paperweight, Cocoa was something you drank, and Objective-C... well, I would have just blinked and responded with "Objective what?"
Just to set the record straight on this conspiracy theory... all Netscape employees who were hired before AOL took the company over are eligible for a six-week sabbatical after four years of employment. You also have to take the sabbatical within one year of becoming eligible for it, or you have to go through the hassle of filing for an extension. As of July 5, I'll have been working for Netscape/AOLTW for 5 years, so I had to take the sabbatical now. It also seemed like a good time to do so since Mozilla 1.0 is wrapping up (and in very good shape). This sabbatical has absolutely nothing to do with Chimera.
Although an iBrowser would be an interesting development--IE is only one of three third party apps that ships with OS X, and the use of Mozilla in a Beta version of a Mac AOL client gives this some weight, I don't think Hyatt is working on it.
If by "any account needed no adjustment" you don't include the fact that moments previous he rubbed his eye, thereby dislodging his glasses, you might have a point.
I think the funnier part of that dialogue is when Jobs explains that "that was before I came back to Apple, which I consider a dream, like Apple was in a coma". It raises the issue again: what would Apple be like if Jobs never left?
One thing's for sure--nothing like it is now. Whether that means "more successful", "more successful like Microsoft" or "more like Be" I'll leave to future posters.
It's damn difficult to totally cover your tracks
Well, Mafiaboy himself sure helped. From the article:
The administrators at the university produced a copy of the attack tool used, which was registered to a user named Mafiaboy...
Moral of the story: don't register your hacking software back to yourself. Kinda like "don't sign each counterfeit bill you make".
If I spend ten years of my life developing an entirely new OS from scratch, and it's awesome, I should get some compensation.
Oh, you mean like Apple? And before you tell me about Xerox PARC--Apple paid for that technology from Xerox. Why you can patent a trivial technology like a pop-under, but not the whole WIMP paradigm, is beyond me.
Yeah, I'm still sore. And I still use a Mac, dammit.
How about a Slashdot interview with this guy? I haven't know many politicians to shy from another couple million eyeballs regarding their pet project, even if it comes from non-constituents.
Before you go all crazy, at least try a Mac running OS X, first. If you like it enough, you'll have the best of both worlds: Soft chewy desktop supported by a name-brand computer maker, with a crunchy Unix backbone.
You may never have considered a Mac before, but you might like it now--it's worth at least a look.
Their victory over the Empire doesn't liberate the galaxy--it turns the galaxy into Somalia writ large: dominated by local warlords who are answerable to no one.
I've heard that Lucas originally planned three movies, and was told that, in short, each of those three movies were too dense and complicated--that, in fact, each was worth three movies of its own. Hence, Lucas' originally trilogy becomes three trilogies.
Therefore, there is at least a plotline planned for three movies after "Return of the Jedi". And, like the author points out, this could be interesting and even topical: the newly re-established Republic trying to enforce rule of law over often very powerful and recalcitrant backwaters in the Galaxy. Unfortunately, no unified evil to combat, but I think it could lead to interesting storytelling; "Millenium Falcon Down", anyone?
Does anyone who collected all the figurines care to expand on the idea of movies 7, 8, and 9?
For webserving or even file serving, you have a definite point. You could still make an argument for Mac Servers, I think, but price wouldn't be in it.
On the other hand, there are industries that have optimized their applications to maximize the AltiVec of the G4--biotech and video, to name two. These guys are likely to buy these racks by the hundreds, as they can take advantage of the processor. Take a look at who got up on stage with Steve: ClearChannel, "Content-creation with nonlinear, graphics prepress houses", and Genetech, "it does matching of genetic code really well too. The single most common application in bioinformatics is Blast"--optimized for the G4, and by Genetech's own evaluation runs Blast 5 times as fast as on a Pentium.
1. I don't want to talk to my computer. You'd have to try this for a while to see for yourself, but the process is exhausting compared to just typing and clicking on stuff.
Mac Users have had voice recognition for years, too; I think OS 9 was the first, but X has it too. And I think most Mac Users would agree: every time it's updated, we go "oh, shiny!", use it for 2 weeks, and then never activate it again. It's not for lack of power or reliability: I can basically do anything with my voice that I could do with my mouse (although not with the keyboard) and it successfully recognizes my command about 80% of the time. You can even play the chess game bundled in OS X with it. However, it is tedious. And slow, even if it works at the speed of our spoken voice. And we all find this: I don't think you would walk into a Mac lab and all of a sudden hear Mac Users all speaking to their computer.
Now is when another Mac User will come on and say that *he uses it only*, etc, and there must be a reason that Apple continues to update it instead of let it drop. But I work with and support Mac Users, and nobody I know uses it, regularly.
Are there any better ones out there
How about iPhoto?
for either Linux or Win32?
Oh, sorry.
Since you and your replies seem unaware, Apple has bundled in voice control to both OS 9 and X that does exactly this--essentially allows you to use voice in the place of mouse clicks: for example, I have a customized speech control that allows me to "Open Omniweb" and then "Read Slash Dot." It essentially allows you to activate AppleScript scripts by speaking the title of the script. It doesn't attempt speech-to-text at all.
It works fairly well, even; probably reliable 80% of the time. However, I find that I don't use it; when I'm alone, I prefer the quietude of my surroundings and don't need it broken by the sound of my own voice. When others are around, I don't use it to avoid sounding like a freak. But, as in all things, YMMV.
...how do you know this?
since a healthy human body has only enough nutrients to feed one adult for about one week or so
why don't they sell iMacs with CRTs to consumers, and let the consumers decide?
Being a web-savvy
Wow, cool icon for this topic! I think I'll use it for my Applications Folder...