I didn't think you could even sign up for a free trial without giving them your credit card. Perhaps she just forgot about it. I doubt they were listening to all her web traffic, unless they were able to crack the ssl session between her browser and amazon.
I think theres a bug in the Halifax software at the moment. I've seen a couple of them showing the same error message "Object Variable or With Block Not Set", which is clearly a VB runtime error. Not only are they running on Windows but they are also using VB for their front end. Actually when its running it looks more like a flash animation so perhaps they are hosting the flash activex control within a small VB app.
Because you can do it directly on the device and for a specific period of time. So you have a half hour bus trip to go on, you just hit Entertain Me! and set 30 minutes and it plays a random mix of your favourite tunes for that period.
You don't need to give it an IP address as it can pick one up via DHCP. You don't even need to look at the screen to find out what IP its been given since it advertises itself on your network via UPNP. (On windows it shows up as a media device under "My Network Places" and you just double click to launch its web page to download the Java client. Once you have the Java client or the Rio music manager installed you don't need to care about the IP address at all since the client will autodetect it.
It really isn't that bad. I've had mine over 6 months and its only locked up twice. Both times was when it was attempting to connect to a computer over both USB and Ethernet at the same time, which is obviously not advisable. It sounds good, the battery life is good. It plays all of my mixed collection of MP3s and OGGs and works with Napster DRMed WMA should I require it. I charge it up about once a week and connect it up about once every couple of months to add some new tracks. Its currently also holding ISO images for Xandros, Knoppix, Linspire and Longhorn and theres still room to spare. I can use the Rio Software, WMP and Notmad Explorer from windows and the Java client from my Powerbook. It looks nice and I've bought a nice case from VajaCases to help protect the screen while still being able to access all the controls.
It wouldn't be that difficult to achieve. All IE and HTML rendering functionality is encapsulated behind a com interface implemented in shdocvw.dll. You would just need to create a new com object that implemented this interface and then register it on your system with the same CLSID as the original IE renderer. Every application that tries to render html would then use your code instead.
Of course with so many parts of the shell and third party applications dependant on the precise implementation it would be very tricky to make sure you are compatible with everything, which is why they have such a big regression test matrix to cover when any modifications are made to IE itself.
There is already a slot in replacement for MSHTML.dll that uses the Gecko engine rather than IEs, it would just need to implement the extra interfaces correctly.
We are always hearing about this Apache thing as to disprove attacks being focused on the biggest targets. "Why is IIS attacked more when apache runs virtually all of the internet?", hardly anyone seems to question this assertion.
People keep saying how their apache server logs are filled with code red and nimbda probes as evidence of how many IIS servers are being broken into.
Code Red and nimbda are really old worms, the exploits they attacked were patched years ago. The fact that the traces still show up in logs is evidence that there are a lot of unpatched IIS5 machines out there, machines that havn't been patched in the last two years. If a similar number of Apache servers were being left unpatched for that length of time how would they be faring?
Why are these old machines still around to keep spewing this stuff? Because IIS5 was installed and active by defualt on new Windows 2000 server installations and the admins never figured out they were even running it let alone that it was highly insecure out of the box and should be locked down and kept up to date with patches. Anyone running Apache is most likely doing so deliberately and is at least trying to keep it up to date and locked down.
Is IIS being broken into on a daily basis?, probably, but so is Apache as hacks on various high profile open source projects have shown. Is a patched and up to date IIS6 server being broken into more often than the most recent Apache? I don't know, but somehow I doubt it.
IIS6 and Server2003 are some of the first products to benifit from Microsofts focus on security. So far there have been very few updates required for IIS6, and it is disabled and configured in a locked down state out of the box.
The Grandparent has shown that attempted attacks on both IIS and Apache are roughly equal in scale, how many of those are successful with competant admins is rarely discussed.
If you stop counting the exploits of unmaintained and possibly unknown IIS5 boxes as examples of problems endemic to all versions of IIS you would probably find that there is not such a clear devide between them.
Also the Netcraft server usage figures are probably misleading. They count the number of servers hosting sites with different domain names.
A lot of sites run on shared hosting services running apache which probably means there are fewer actual apache servers than the count of domains would tend to indicate. Also a lot of IIS servers are being used for corperate intranet applications which are not supposed to be externally acessible and without a domain name, these servers are not counted by netcraft at all.
The few IIS servers that are (deliberately) on the public internet tend to be serving up large internet applications for businesses and so present a much larger target to potential hackers than the vast number of shared hosting accounts with a few php scripts running someones blog or homepage running on apache.
I don't see how you can claim a flaw in Outlook Express is a flaw in Windows but a flaw in Sendmail is not a flaw in Linux where sendmail was bundled with the distribution. Sure its not a flaw in the kernel but neither is msimn.exe a part of ntoskrnl.exe they are produced by entirely seperate teams at MS and just bundled by the OS packagers.
Both pieces of software are included in the distribution, both can optionally be used or not used, both can be easily uninstalled.
A flaw in OE also cannot take over the whole maching where OE was not run from an Administrator account. Windows and the programs included in it work fine from limited accounts, its only third party and other MS apps that have problems with it.
It wasn't so much the kernel that didn't work, it was all the stuff they put on top of it. By all accounts NT3.5 was very stable, but they insisted on adding on the shell from Windows95 which had been so commercially successful, for NT4. The graphics performance of NTs client-server model wasn't fast enough so they moved that into kernel space, and it added the enormous complexity of the shells extensibility model. For Windows XP they did the same thing again by adding in all the stuff that had so overloaded Windows ME.
Strip it back to the kernel and a few critical services and it would probably be very reliable, but the cruft that has built up in the Win32 API subsystem, included browser and countless extraneous services has meant that as a whole it is all interdependant and difficult to lock down.
Its quite impressive that they made the fundamental shift from 9x to NT with the vast majority of applications barely noticeing the change, but that means there is an accumulated 20 years of cludges and backwards compatibility hacks to keep all the business customers happy.
OSX is potentially a much cleaner system, its only been around for about 3 years and doesn't have the huge number of legacy applications to support. Also it seems that backwards compatibility is not so highly prized, it seems most OSX applications require at least version 10.2
Recently? Windows NT has been around over 10 years and has always been multiuser at the heart! Just because the average consumer didn't get it until XP doesn't mean it didn't exist. How many businesses would run their servers on Windows 9x anyway? Whats so "inherently" better about it Linux security than NTs model?
You could always get a DVB receiver. Looks like BBC6 and 7 are 160kbps and Radios 1-4 are 192kbps, at least at the moment. A nebula digitv can be USB or PCI and you can easily schedule recordings using the broadcast epg.
I think it might be a long term strategy to move away from X86. They already have XP and 2k3 running on ia64 and the XboX 2 will be some form of NT on ppc970. If they are successful in getting the majority of Longhorn era apps written in.Net they could transition to a new architecture in the next couple of iterations after that.
Every copy of MacOS sold is actually an upgrade. The only computers you can run it on were shipped with it included to begin with. A copy of Panther is really just an upgrade from a previous version of MacOS. Windows has full versions and upgrade versions because you can actually buy the hardware compants seperately and build your own computer then choose to install Windows or some other OS. With OSX you've already paid for the OS when you bought your Mac.
Sound like you need to try SP2. It doesn't pop up a box asking if you want to install for each object tag, it just adds a little information bar to the top of the page and carries on loading. If you decide you need the activex you can click on the bar and agree to install it. It then refreshes the page and pops up a redesigned permissions box with a severe warning.
You have to be pretty determined to get any activex control to install at all.
The browser isn't part of the kernel, it never has been. Its just a com object that gets hooked into lots of applications, particularly explorer.exe the shell. It has no special privileges and runs with the same access as the user who started the process.
Updating it does not strictly require a reboot, merely shutting down any processes that have loaded it. To shut down all the user processes and the shell the most that should be needed is a logoff/logon.
They won't change what the levels mean, they will just introduce new levels. So the best you can get now, P4 3+Ghz, 1Gb Ram will be a level 7 or something, and in a couple of years the best will be a level 10, but your machine will forever be a level 7 so you know if you buy games marked level 6+ it will still run OK.
So long as manufacturers don't skimp on less high profile componants, bus speed etc I think it would make choosing a PC and suitable software easier.
It's only Extremeists that have the attitude that everyone should convert to Islam or die, thats not the belief of the general Muslim population. In the same way its only the christian fundamentalists who believe that if you don't except Jesus as your personal saviour you will burn forever in Hell. The majority of people on both sides are perfectly happy for both religions to coexist. By attacking the Muslim population you only persuade more of them to side with the extemeists. If instead we could be tolerant of other religions and cultures the majority of people would see the extremeists for what they are and they would have very limited support and cease to be a threat to anyone.
Instead of thinking "They hate us, they hate our freedoms, they would kill us all if they had a chance", why not think, "There are a few people on both sides with extreme beliefs but most people just want to get along"
I just don't understand why people think MS will scrap NT in favour of Linux and then build Win32 over the top. The problems people have with Windows today are with Win32 and not with the kernel itself. The viruses, spyware, shatter attack, activex, etc all attack the Win32 subsystem not the underlying kernel. What benifit is there in replaceing a fully functioning kernel that has had over a decade of development? MS is going in the other direction and introducing WinFX as a replacement for Win32 still built on NT. They have also released services for unix for free so you can have the full posix environment running on NT as well.
Having applications that run on Linux is certainly a possibility if Linux gets enough market share for it to be worthwhile, but why bother with an MS version of Linux? Doesn't make any sense to me.
I have a Nebula DigiTV DVB PCI card, and a Creative DXR3 Mpeg decoder card. Is there a way to use these to set up a box as a PVR? With it recording mpeg2 streams straight off the air and a hardware decoder it ought to be able to run on minimal processing power, a VIA C3 ought to do it. I'd like to make one as small and quiet as possible, perhaps with wireless networking and a web interface as well. I'd like to be able to replace our Pace Twin PVR which has some reliability issues.
To do that you have to modify a registry key in the HKEY_LOCAL_MACHINE hive. By default only those with Administrator rights can modify that portion of the registry. Obviously if you have administrator rights there is nothing you can't do anyway so this policy would only ever have been effective in controlling the behaviour of those without administrator rights. So it is not a security flaw that this feature can be disabled by an administrator.
Slashdot Mirror
they do, its called runas. /user:administrator cmd
>runas
I didn't think you could even sign up for a free trial without giving them your credit card. Perhaps she just forgot about it.
I doubt they were listening to all her web traffic, unless they were able to crack the ssl session between her browser and amazon.
I think theres a bug in the Halifax software at the moment. I've seen a couple of them showing the same error message "Object Variable or With Block Not Set", which is clearly a VB runtime error.
Not only are they running on Windows but they are also using VB for their front end.
Actually when its running it looks more like a flash animation so perhaps they are hosting the flash activex control within a small VB app.
Because you can do it directly on the device and for a specific period of time. So you have a half hour bus trip to go on, you just hit Entertain Me! and set 30 minutes and it plays a random mix of your favourite tunes for that period.
You don't need to give it an IP address as it can pick one up via DHCP. You don't even need to look at the screen to find out what IP its been given since it advertises itself on your network via UPNP. (On windows it shows up as a media device under "My Network Places" and you just double click to launch its web page to download the Java client.
Once you have the Java client or the Rio music manager installed you don't need to care about the IP address at all since the client will autodetect it.
It really isn't that bad. I've had mine over 6 months and its only locked up twice. Both times was when it was attempting to connect to a computer over both USB and Ethernet at the same time, which is obviously not advisable. It sounds good, the battery life is good. It plays all of my mixed collection of MP3s and OGGs and works with Napster DRMed WMA should I require it.
I charge it up about once a week and connect it up about once every couple of months to add some new tracks.
Its currently also holding ISO images for Xandros, Knoppix, Linspire and Longhorn and theres still room to spare.
I can use the Rio Software, WMP and Notmad Explorer from windows and the Java client from my Powerbook.
It looks nice and I've bought a nice case from VajaCases to help protect the screen while still being able to access all the controls.
It wouldn't be that difficult to achieve. All IE and HTML rendering functionality is encapsulated behind a com interface implemented in shdocvw.dll. You would just need to create a new com object that implemented this interface and then register it on your system with the same CLSID as the original IE renderer. Every application that tries to render html would then use your code instead.
Of course with so many parts of the shell and third party applications dependant on the precise implementation it would be very tricky to make sure you are compatible with everything, which is why they have such a big regression test matrix to cover when any modifications are made to IE itself.
There is already a slot in replacement for MSHTML.dll that uses the Gecko engine rather than IEs, it would just need to implement the extra interfaces correctly.
We are always hearing about this Apache thing as to disprove attacks being focused on the biggest targets. "Why is IIS attacked more when apache runs virtually all of the internet?", hardly anyone seems to question this assertion.
People keep saying how their apache server logs are filled with code red and nimbda probes as evidence of how many IIS servers are being broken into.
Code Red and nimbda are really old worms, the exploits they attacked were patched years ago. The fact that the traces still show up in logs is evidence that there are a lot of unpatched IIS5 machines out there, machines that havn't been patched in the last two years. If a similar number of Apache servers were being left unpatched for that length of time how would they be faring?
Why are these old machines still around to keep spewing this stuff? Because IIS5 was installed and active by defualt on new Windows 2000 server installations and the admins never figured out they were even running it let alone that it was highly insecure out of the box and should be locked down and kept up to date with patches. Anyone running Apache is most likely doing so deliberately and is at least trying to keep it up to date and locked down.
Is IIS being broken into on a daily basis?, probably, but so is Apache as hacks on various high profile open source projects have shown.
Is a patched and up to date IIS6 server being broken into more often than the most recent Apache? I don't know, but somehow I doubt it.
IIS6 and Server2003 are some of the first products to benifit from Microsofts focus on security.
So far there have been very few updates required for IIS6, and it is disabled and configured in a locked down state out of the box.
The Grandparent has shown that attempted attacks on both IIS and Apache are roughly equal in scale, how many of those are successful with competant admins is rarely discussed.
If you stop counting the exploits of unmaintained and possibly unknown IIS5 boxes as examples of problems endemic to all versions of IIS you would probably find that there is not such a clear devide between them.
Also the Netcraft server usage figures are probably misleading. They count the number of servers hosting sites with different domain names.
A lot of sites run on shared hosting services running apache which probably means there are fewer actual apache servers than the count of domains would tend to indicate. Also a lot of IIS servers are being used for corperate intranet applications which are not supposed to be externally acessible and without a domain name, these servers are not counted by netcraft at all.
The few IIS servers that are (deliberately) on the public internet tend to be serving up large internet applications for businesses and so present a much larger target to potential hackers than the vast number of shared hosting accounts with a few php scripts running someones blog or homepage running on apache.
I don't see how you can claim a flaw in Outlook Express is a flaw in Windows but a flaw in Sendmail is not a flaw in Linux where sendmail was bundled with the distribution.
Sure its not a flaw in the kernel but neither is msimn.exe a part of ntoskrnl.exe they are produced by entirely seperate teams at MS and just bundled by the OS packagers.
Both pieces of software are included in the distribution, both can optionally be used or not used, both can be easily uninstalled.
A flaw in OE also cannot take over the whole maching where OE was not run from an Administrator account. Windows and the programs included in it work fine from limited accounts, its only third party and other MS apps that have problems with it.
It wasn't so much the kernel that didn't work, it was all the stuff they put on top of it. By all accounts NT3.5 was very stable, but they insisted on adding on the shell from Windows95 which had been so commercially successful, for NT4. The graphics performance of NTs client-server model wasn't fast enough so they moved that into kernel space, and it added the enormous complexity of the shells extensibility model. For Windows XP they did the same thing again by adding in all the stuff that had so overloaded Windows ME.
Strip it back to the kernel and a few critical services and it would probably be very reliable, but the cruft that has built up in the Win32 API subsystem, included browser and countless extraneous services has meant that as a whole it is all interdependant and difficult to lock down.
Its quite impressive that they made the fundamental shift from 9x to NT with the vast majority of applications barely noticeing the change, but that means there is an accumulated 20 years of cludges and backwards compatibility hacks to keep all the business customers happy.
OSX is potentially a much cleaner system, its only
been around for about 3 years and doesn't have the huge number of legacy applications to support. Also it seems that backwards compatibility is not so highly prized, it seems most OSX applications require at least version 10.2
Recently? Windows NT has been around over 10 years and has always been multiuser at the heart! Just because the average consumer didn't get it until XP doesn't mean it didn't exist. How many businesses would run their servers on Windows 9x anyway?
Whats so "inherently" better about it Linux security than NTs model?
Is that really what you think the issue is? That the terrorists want to convert all of America to Islam? If so I think you are sorely mistaken.
MCE 2005 is version 3. The original was 2002 and version 2 was 2004.
You could always get a DVB receiver. Looks like BBC6 and 7 are 160kbps and Radios 1-4 are 192kbps, at least at the moment. A nebula digitv can be USB or PCI and you can easily schedule recordings using the broadcast epg.
I think it might be a long term strategy to move away from X86. They already have XP and 2k3 running on ia64 and the XboX 2 will be some form of NT on ppc970. If they are successful in getting the majority of Longhorn era apps written in .Net they could transition to a new architecture in the next couple of iterations after that.
Every copy of MacOS sold is actually an upgrade.
The only computers you can run it on were shipped with it included to begin with. A copy of Panther is really just an upgrade from a previous version of MacOS.
Windows has full versions and upgrade versions because you can actually buy the hardware compants seperately and build your own computer then choose to install Windows or some other OS.
With OSX you've already paid for the OS when you bought your Mac.
Sound like you need to try SP2. It doesn't pop up a box asking if you want to install for each object tag, it just adds a little information bar to the top of the page and carries on loading.
If you decide you need the activex you can click on the bar and agree to install it. It then refreshes the page and pops up a redesigned permissions box with a severe warning.
You have to be pretty determined to get any activex control to install at all.
The browser isn't part of the kernel, it never has been. Its just a com object that gets hooked into lots of applications, particularly explorer.exe the shell. It has no special privileges and runs with the same access as the user who started the process.
Updating it does not strictly require a reboot, merely shutting down any processes that have loaded it. To shut down all the user processes and the shell the most that should be needed is a logoff/logon.
They won't change what the levels mean, they will just introduce new levels. So the best you can get now, P4 3+Ghz, 1Gb Ram will be a level 7 or something, and in a couple of years the best will be a level 10, but your machine will forever be a level 7 so you know if you buy games marked level 6+ it will still run OK.
So long as manufacturers don't skimp on less high profile componants, bus speed etc I think it would make choosing a PC and suitable software easier.
But the sounds are much better in the books.
It's only Extremeists that have the attitude that everyone should convert to Islam or die, thats not the belief of the general Muslim population.
In the same way its only the christian fundamentalists who believe that if you don't except Jesus as your personal saviour you will burn forever in Hell.
The majority of people on both sides are perfectly happy for both religions to coexist. By attacking the Muslim population you only persuade more of them to side with the extemeists. If instead we could be tolerant of other religions and cultures the majority of people would see the extremeists for what they are and they would have very limited support and cease to be a threat to anyone.
Instead of thinking "They hate us, they hate our freedoms, they would kill us all if they had a chance", why not think, "There are a few people on both sides with extreme beliefs but most people just want to get along"
I think you got the wrong story.
This is Hacking the RoboSapien
You wanted Deaf Children Invent Language
I just don't understand why people think MS will scrap NT in favour of Linux and then build Win32 over the top.
The problems people have with Windows today are with Win32 and not with the kernel itself. The viruses, spyware, shatter attack, activex, etc all attack the Win32 subsystem not the underlying kernel.
What benifit is there in replaceing a fully functioning kernel that has had over a decade of development?
MS is going in the other direction and introducing WinFX as a replacement for Win32 still built on NT. They have also released services for unix for free so you can have the full posix environment running on NT as well.
Having applications that run on Linux is certainly a possibility if Linux gets enough market share for it to be worthwhile, but why bother with an MS version of Linux? Doesn't make any sense to me.
I have a Nebula DigiTV DVB PCI card, and a Creative DXR3 Mpeg decoder card. Is there a way to use these to set up a box as a PVR? With it recording mpeg2 streams straight off the air and a hardware decoder it ought to be able to run on minimal processing power, a VIA C3 ought to do it.
I'd like to make one as small and quiet as possible, perhaps with wireless networking and a web interface as well.
I'd like to be able to replace our Pace Twin PVR which has some reliability issues.
To do that you have to modify a registry key in the HKEY_LOCAL_MACHINE hive. By default only those with Administrator rights can modify that portion of the registry. Obviously if you have administrator rights there is nothing you can't do anyway so this policy would only ever have been effective in controlling the behaviour of those without administrator rights. So it is not a security flaw that this feature can be disabled by an administrator.