I'm only relaying what they told me. I've used FirxFox for the occasional hotmail session myself and haven't had problems with it.
All I know for sure is that I installed FireFox (Firebird.7) for them one time, came back a few weeks later and they were back on IE. I asked why, and they said "Hotmail problems." It's the family computer with 3 teens and they use Hotmail, AOL Messenger (they're not on AOL), Yahoo Messenger, Yahoo mail, and they ALL have this insane obsession with installing new search toolbars (spyware) into IE.
I just conceded the battle. I at least got them into the habit of running Ad Aware regularly now. "Thanks for telling us about that Ad Aware. It really helps keep the number of pop ups down." "Yeah, you know what REALLY keeps the pop ups down? Not using friggin IE!!!... Oh, I'm sorry was that my out loud voice?"
If this thing takes off, somebody will figure out how to crack the internal security without destroying the data.
At that point, once a thief gets this device back to his base o' operations he hacks my vault, downloads the cards to his "Spoof Vault" and makes my data his.... Or you do the "Demoliton Man" thang and the thief cuts off my thumb while he's picking my pocket.
Unless it's been changed recently... but by default the shipping version of Windows XP and all versions of IE before that... ActiveX controls install automatically when downloaded from a website.
You can shut it off, but few users do. I've had to clean all of my friends' systems because of spyware and other plug-ins installed because of it. I've told them to use FireFox (It has trouble with the hotmail website so I switched back to IE), I've switched their activeX download permissions to Ask before installing (It said I needed to install this plug-in so I said yes.), so then I turned it off (my hotmail website doesn't work so I turned it back on...)
Microsoft already "fixed" this issue by making "secure" ActiveX controls to stop malicious controls...
I'm in complete agreement that users need to be aware of what they're doing. But its misleading to say that all security issues will be resolved by programming the Microsoft Way when Microsoft continues to allow ActiveX controls and popups to fire automatically because it pads their bottom line.
To wit: The most secure Windows system is one that even Microsoft won't be able to get into. So long as Microsoft leaves one standardized back door for them to get into (Windows Update, remote desktop control, etc) All of this effort is hyperbole! It just directs the "malicious coders" to those areas.
My Norton Internet Security currently interferes with my Visual Studio.NET remote debugging. So I can disable it while debugging or I can configure NIS to track when the program is running and let it use those ports.
Now MS says, with their new firewall, I don't *have* that option? Now anybody who wants to write an app to use a port must first notify MS that it wants to use that port.
Doesn't this mean that malicious programs will just quietly open up firewall ports on their own without notifying the user?
Secondly, what does this mean:
"Another product that Microsoft needs to update is the.Net Framework. The new memory protection features in SP2 require developers of certain applications to mark their code with memory execution permissions. If they don't, the protection features could interfere with the application, according to Microsoft.
"The great bulk of applications will not be affected by memory protection. The number one that leaps to mind is execution environments with just-in-time code generation. The.Net Framework is one," Goodhew said. "
Translation: Mostly only unmanaged C++ programmers will be affected by these security changes. If you had just programmed the Microsoft way to begin with and used.NET like we told you, you won't be affected. (But.NET apps are going to have to be modified to switch on memory protection)
Memory protection only occurs on NEW processors. The vast majority of the world runs Windows on NON-SECURE processors.
Stranger still, Microsoft has had buffer overrun checking BUILT IN to Visual Studio.NET. (Which, last I checked, was the only way to make.NET objects that run on Windows). Without that flag turned on, the.NET object is marked UNSECURE.
Lastly, Microsoft's greatest security problems are not buffer overruns or firewall holes. They're AUTOMATIC ACTIVEX control installation from malicious pop ups to install spyware. They're wide open access to the email address box and a by-default scripting system that allows malicious emails to respawn themselves. They're bugs in the Internet Explorer control that allow malicious URL's.
NONE of these "security innovations" even take a crack at stopping those!
What DO these security innovations do?
Destroy a previously lucrative software market for antivirus tools.
Take the firewall OUT OF THE CONTROL of the user and put it firmly inside the OS to determine what's good for you. (Remember DRM? Isn't it interesting that the main thing broken from this portion of the update are peer-to-peer apps and FTP sharing?)
Further entrench.NET into the programming paradigm and making Microsoft Programming Languages THE programming languages. (Programmer mindshare... if you're busy keeping up with Microsoft, you're not programming for something else or making reusable code to port to other platforms.)
I'm all for security, and now these boxes will be secure... But no moreso than the typical user installation out there today that uses a third party antivirus/firewall solution and keeps their system up to date with the latest patches.
This is about as effective at what MS did with Outlook XP and *by default* turning off the ability to get attachments out of your email. You had to setup a profile configuration OR edit your registry settings to get that feature back.
Y'know, there comes a point where you have to say, I can ride my bicycle without training wheels.
I understand that MS is fighting a bad PR image. But if this is how Microsoft "innovates"... Well, might as well just have lightweight users use Macs (which will hold their hands) and pro users/developers can use Linux.
Instead of stealing one or two cards (since I don't carry all my credit cards with me at one time) A thief can now just steal my vault and get access to not only my credit cards, but get discounts at my grocery store!
I gotta go with the last line... It sounds cool, but it's just more hassle to actually use come purchase time. "Honey, this was a lovely dinner of sushi, are you sure this isn't too expensive" "No problem, I'm just going to pay with my pocket vault... and...uh" "What's wrong?" "I've got soy sauce on the fingerprint scanner and now it won't authenticate me and give me my credit card!" "Don't you have cash?" "I don't use cash because I have the pocket vault! AUUGGGHH THE BATTERY WENT DEAD!"
Once upon a time, long ago in video game company land, there was a development team that developed a super-neato cool 3D shooting game with technology that wouldn't even be mainstreamed until several years later.
The development team, excited by their creation, presented it to the marketers and overlords of the company, in hopes that it would be granted the next stage of production.
And the marketers and overlords saw the advanced technology, and all agreed that it was, indeed, advanced.
But the project was killed you see. Because everybody knew that "3D games just don't sell." and the marketers moved onto, and apporved, their own creation... a new golf game.
This doesn't "disprove" God. But it DOES affect theology.
Guy Consolmagno ponders in his book "Brother Astronomer" about whether or not Jesus visited other planets and whether or not they had their own versions of the crucifixion or if the one here was "truly" universal.
Does the final war at Armageddon mean the end of Earth or the Universe, or just humanity?
Certainly these are questions specifically for Christians, but each religion is going to have to rethink at least some of its traditions when man goes to the stars.
(Except maybe Scientology... Unless there really AREN'T Thetans...)
This whole argument (aside from the Diebold fiasco(s) ) stems from the Florida Election of 2000 fiasco.
Florida used punch cards. Punch out the perforated block, bingo you've voted. The fiaso occurred because, what constiuted a "vote" was being subjectviely defined... by whatever party happened to be reading the ballot. Some puches were partially knocked out. Did that constitute a vote? If so, if there was one punch out for one candidate and a partial punch for another, did that invalidate the vote or did it count for the whole punch or the partial one?
On top of that, while they were handling the ballots during the recount, some of the punch outs were coming off!
And don't think you're safe with your pencil and paper! Oh no! It's politics. Any side will find anyway to hem and haw about interpretations of rules and ballots.
That's what partially kicked off this whole EVoting craze in the US. To try to prevent such a thing from occurring again.
They realize that the cables, extending out into space, slow the Earth's rotation causing massive environmental damage. (That's a joke, moderators)
If anyone's interested, there's an interesting example of a space elevator used in the last episode of the anime Gunbuster (Gainax). They basically treat it as a sort of hanging gondola (like the ones you would use to get up a mountainside)
I live in the midwest and they just started putting them up out here.
I've seen them do 3 things:
- Spew current government safety propoganda. "Buckle Up!" "School has started, watch out for students!" (on the highway?!) "Double fines for speeding in road construction zones!"
- As stated above, give worthless traffic information. "Accident 2 miles ahead." This when you're already stuck in bumper to bumper traffic. Or "Accident at xyz intersection", which is the only way to transfer from highway a to highway b and is ALWAYS the one where somebody crashes at 5pm on a Friday.
- Give worthless weather advisories. Lesse, there's an inch of snow on the ground, snow trucks are everywhere and there's a combination of sleet and rain bouncing off your windshield. What's the sign say? "Weather Advisory: Roads may be slick." DUH!
It seems to me that there's a good idea in there SOMEWHERE... but this aint it.
(Oh, and all the signs have cameras in them pointed at both diretions of traffic.)
I'm not going to be car owner anymore... Now I'm just going to be a user of the Ford Mobile Traffic Network. But I bet I'll be allowed to opt-out... If I can fill out all the paperwork.
I understand about redesigns and such and the need to follow hundreds of dead end trails in the effort to R&D a good one.
But in 20 years the entire tech industry blossomed, grew, changed radically, bombed and changed the world.
It seems to me to that there's something wrong the human race does with R&D (or maybe it's an American thing or maybe it's a politics thing)... But 20 years with nothing to show is the waste of hundreds of human lives.
20 years, no working product? Think about that. That's 1984. That's before web pages, before the internet, before Microsoft "took over the world". That's Commodore 64, Atari and Apple days.
In that amount of time. Nothing. Nada. Zip.
Interesting link here: http://apnews.myway.com/article/20040223/D8 0T6HB01.html
"The Comanche decision reflects a growing realization in the Pentagon that the military has more big-ticket weapons projects in the works than it can afford, even after seeing the Pentagon budget grow by tens of billions of dollars since 2001. And it the reflects the rising popularity of unmanned aircraft, for surveillance as well as attack missions, in recent years."
"From the first days of the Bush administration there has been talk of canceling a number of major aviation projects, including the Marine Corps' V-22 Osprey hybrid helicopter-airplane and the Air Force's F/A-22 Raptor fighter jet, but so far the Comanche has been the only casualty."
"Combining two modules means connecting them together so that they form a single larger program. If either part is covered by the GPL, the whole combination must also be released under the GPL--if you can't, or won't, do that, you may not combine them.
What constitutes combining two parts into one program? This is a legal question, which ultimately judges will decide. We believe that a proper criterion depends both on the mechanism of communication (exec, pipes, rpc, function calls within a shared address space, etc.) and the semantics of the communication (what kinds of information are interchanged).
If the modules are included in the same executable file, they are definitely combined in one program. If modules are designed to run linked together in a shared address space, that almost surely means combining them into one program."
Except for, as I pointed out elsewhere, the C libraries. (which seems to have a special exemption?)
There's no conscious decision here. If I write a program utilizing a GPL'd binary lib, the above lines state that I've just written a GPL'd program. So long as I link to the program through a third party communications system (pipes, etc), then it's OK.
But how DO you get around the patent issue. The GPL is, to some extent, viral. Once any new source code interacts with GPL'd source code, the new source code becomes GPL'd. Even if the GPL'd code is part of a binary static lib, there's still some fuzziness on the use of a GPL'd API. Enough fuzziness that my company's management didn't want to risk using it.
This new Apache solution at least tries to straddle the fence; Providing the intent of OSS while simultaneously offering a "firewall" protection for commercial uses.
I haven't read the new license, but so long as it allows derived works to be licensed under the GPL and still allows the source to be viewed, used and modified without fear of retribution... I don't have a problem with it.
"What's the Beagle look like?" "There's a picture of it here." "What's that coming out of it?" "Lightning, Wrath of God type stuff." "Bush is said to be a nut about this stuff. He's got teams out searching for it." "The army that carries the Beagle in front of it is invincible"
Slashdot Mirror
I'm only relaying what they told me. I've used FirxFox for the occasional hotmail session myself and haven't had problems with it.
.7) for them one time, came back a few weeks later and they were back on IE. I asked why, and they said "Hotmail problems." It's the family computer with 3 teens and they use Hotmail, AOL Messenger (they're not on AOL), Yahoo Messenger, Yahoo mail, and they ALL have this insane obsession with installing new search toolbars (spyware) into IE.
... Oh, I'm sorry was that my out loud voice?"
All I know for sure is that I installed FireFox (Firebird
I just conceded the battle. I at least got them into the habit of running Ad Aware regularly now.
"Thanks for telling us about that Ad Aware. It really helps keep the number of pop ups down."
"Yeah, you know what REALLY keeps the pop ups down? Not using friggin IE!!!
If this thing takes off, somebody will figure out how to crack the internal security without destroying the data.
... Or you do the "Demoliton Man" thang and the thief cuts off my thumb while he's picking my pocket.
At that point, once a thief gets this device back to his base o' operations he hacks my vault, downloads the cards to his "Spoof Vault" and makes my data his.
Unless it's been changed recently... but by default the shipping version of Windows XP and all versions of IE before that... ActiveX controls install automatically when downloaded from a website.
You can shut it off, but few users do. I've had to clean all of my friends' systems because of spyware and other plug-ins installed because of it. I've told them to use FireFox (It has trouble with the hotmail website so I switched back to IE), I've switched their activeX download permissions to Ask before installing (It said I needed to install this plug-in so I said yes.), so then I turned it off (my hotmail website doesn't work so I turned it back on...)
Microsoft already "fixed" this issue by making "secure" ActiveX controls to stop malicious controls...
I'm in complete agreement that users need to be aware of what they're doing. But its misleading to say that all security issues will be resolved by programming the Microsoft Way when Microsoft continues to allow ActiveX controls and popups to fire automatically because it pads their bottom line.
To wit: The most secure Windows system is one that even Microsoft won't be able to get into. So long as Microsoft leaves one standardized back door for them to get into (Windows Update, remote desktop control, etc) All of this effort is hyperbole! It just directs the "malicious coders" to those areas.
My Norton Internet Security currently interferes with my Visual Studio .NET remote debugging. So I can disable it while debugging or I can configure NIS to track when the program is running and let it use those ports.
.Net Framework. The new memory protection features in SP2 require developers of certain applications to mark their code with memory execution permissions. If they don't, the protection features could interfere with the application, according to Microsoft.
.Net Framework is one," Goodhew said. "
.NET like we told you, you won't be affected. (But .NET apps are going to have to be modified to switch on memory protection)
.NET. (Which, last I checked, was the only way to make .NET objects that run on Windows). Without that flag turned on, the .NET object is marked UNSECURE.
.NET into the programming paradigm and making Microsoft Programming Languages THE programming languages. (Programmer mindshare... if you're busy keeping up with Microsoft, you're not programming for something else or making reusable code to port to other platforms.)
Now MS says, with their new firewall, I don't *have* that option? Now anybody who wants to write an app to use a port must first notify MS that it wants to use that port.
Doesn't this mean that malicious programs will just quietly open up firewall ports on their own without notifying the user?
Secondly, what does this mean:
"Another product that Microsoft needs to update is the
"The great bulk of applications will not be affected by memory protection. The number one that leaps to mind is execution environments with just-in-time code generation. The
Translation:
Mostly only unmanaged C++ programmers will be affected by these security changes. If you had just programmed the Microsoft way to begin with and used
Memory protection only occurs on NEW processors. The vast majority of the world runs Windows on NON-SECURE processors.
Stranger still, Microsoft has had buffer overrun checking BUILT IN to Visual Studio
Lastly, Microsoft's greatest security problems are not buffer overruns or firewall holes. They're AUTOMATIC ACTIVEX control installation from malicious pop ups to install spyware. They're wide open access to the email address box and a by-default scripting system that allows malicious emails to respawn themselves. They're bugs in the Internet Explorer control that allow malicious URL's.
NONE of these "security innovations" even take a crack at stopping those!
What DO these security innovations do?
Destroy a previously lucrative software market for antivirus tools.
Take the firewall OUT OF THE CONTROL of the user and put it firmly inside the OS to determine what's good for you. (Remember DRM? Isn't it interesting that the main thing broken from this portion of the update are peer-to-peer apps and FTP sharing?)
Further entrench
I'm all for security, and now these boxes will be secure... But no moreso than the typical user installation out there today that uses a third party antivirus/firewall solution and keeps their system up to date with the latest patches.
This is about as effective at what MS did with Outlook XP and *by default* turning off the ability to get attachments out of your email. You had to setup a profile configuration OR edit your registry settings to get that feature back.
Y'know, there comes a point where you have to say, I can ride my bicycle without training wheels.
I understand that MS is fighting a bad PR image. But if this is how Microsoft "innovates"... Well, might as well just have lightweight users use Macs (which will hold their hands) and pro users/developers can use Linux.
Instead of stealing one or two cards (since I don't carry all my credit cards with me at one time)
A thief can now just steal my vault and get access to not only my credit cards, but get discounts at my grocery store!
I gotta go with the last line... It sounds cool, but it's just more hassle to actually use come purchase time.
"Honey, this was a lovely dinner of sushi, are you sure this isn't too expensive"
"No problem, I'm just going to pay with my pocket vault... and...uh"
"What's wrong?"
"I've got soy sauce on the fingerprint scanner and now it won't authenticate me and give me my credit card!"
"Don't you have cash?"
"I don't use cash because I have the pocket vault! AUUGGGHH THE BATTERY WENT DEAD!"
Once upon a time, long ago in video game company land, there was a development team that developed a super-neato cool 3D shooting game with technology that wouldn't even be mainstreamed until several years later.
The development team, excited by their creation, presented it to the marketers and overlords of the company, in hopes that it would be granted the next stage of production.
And the marketers and overlords saw the advanced technology, and all agreed that it was, indeed, advanced.
But the project was killed you see. Because everybody knew that "3D games just don't sell." and the marketers moved onto, and apporved, their own creation... a new golf game.
"Too many notes." - Amadeus
This doesn't "disprove" God. But it DOES affect theology.
Guy Consolmagno ponders in his book "Brother Astronomer" about whether or not Jesus visited other planets and whether or not they had their own versions of the crucifixion or if the one here was "truly" universal.
Does the final war at Armageddon mean the end of Earth or the Universe, or just humanity?
Certainly these are questions specifically for Christians, but each religion is going to have to rethink at least some of its traditions when man goes to the stars.
(Except maybe Scientology... Unless there really AREN'T Thetans...)
This whole argument (aside from the Diebold fiasco(s) ) stems from the Florida Election of 2000 fiasco.
Florida used punch cards. Punch out the perforated block, bingo you've voted.
The fiaso occurred because, what constiuted a "vote" was being subjectviely defined... by whatever party happened to be reading the ballot. Some puches were partially knocked out. Did that constitute a vote? If so, if there was one punch out for one candidate and a partial punch for another, did that invalidate the vote or did it count for the whole punch or the partial one?
On top of that, while they were handling the ballots during the recount, some of the punch outs were coming off!
And don't think you're safe with your pencil and paper! Oh no! It's politics. Any side will find anyway to hem and haw about interpretations of rules and ballots.
That's what partially kicked off this whole EVoting craze in the US. To try to prevent such a thing from occurring again.
They realize that the cables, extending out into space, slow the Earth's rotation causing massive environmental damage. (That's a joke, moderators)
If anyone's interested, there's an interesting example of a space elevator used in the last episode of the anime Gunbuster (Gainax). They basically treat it as a sort of hanging gondola (like the ones you would use to get up a mountainside)
I live in the midwest and they just started putting them up out here.
I've seen them do 3 things:
- Spew current government safety propoganda. "Buckle Up!" "School has started, watch out for students!" (on the highway?!) "Double fines for speeding in road construction zones!"
- As stated above, give worthless traffic information. "Accident 2 miles ahead." This when you're already stuck in bumper to bumper traffic. Or "Accident at xyz intersection", which is the only way to transfer from highway a to highway b and is ALWAYS the one where somebody crashes at 5pm on a Friday.
- Give worthless weather advisories. Lesse, there's an inch of snow on the ground, snow trucks are everywhere and there's a combination of sleet and rain bouncing off your windshield. What's the sign say? "Weather Advisory: Roads may be slick." DUH!
It seems to me that there's a good idea in there SOMEWHERE... but this aint it.
(Oh, and all the signs have cameras in them pointed at both diretions of traffic.)
I'm not going to be car owner anymore...
Now I'm just going to be a user of the Ford Mobile Traffic Network.
But I bet I'll be allowed to opt-out... If I can fill out all the paperwork.
How do you know I'm not Armintrout?
"Meemmmoorrriiieesss..."
I understand about redesigns and such and the need to follow hundreds of dead end trails in the effort to R&D a good one.
But in 20 years the entire tech industry blossomed, grew, changed radically, bombed and changed the world.
It seems to me to that there's something wrong the human race does with R&D (or maybe it's an American thing or maybe it's a politics thing)... But 20 years with nothing to show is the waste of hundreds of human lives.
Pacific Strike CD... Now THERE was a game that was going to rock!
20 years, no working product? Think about that. That's 1984. That's before web pages, before the internet, before Microsoft "took over the world". That's Commodore 64, Atari and Apple days.
8 0T6HB01 .html
In that amount of time. Nothing. Nada. Zip.
Interesting link here:
http://apnews.myway.com/article/20040223/D
"The Comanche decision reflects a growing realization in the Pentagon that the military has more big-ticket weapons projects in the works than it can afford, even after seeing the Pentagon budget grow by tens of billions of dollars since 2001. And it the reflects the rising popularity of unmanned aircraft, for surveillance as well as attack missions, in recent years."
"From the first days of the Bush administration there has been talk of canceling a number of major aviation projects, including the Marine Corps' V-22 Osprey hybrid helicopter-airplane and the Air Force's F/A-22 Raptor fighter jet, but so far the Comanche has been the only casualty."
Pen Based Computing is back!
(rim shot)
when they THREW OUT Windows Third Party apps (Outlook, etc) because they only wanted to target direct attacks.
I mean, c'mon what are we talking about here? Sendmail? SSH?
From the GNU website GPL FAQ:
;) )
"If the modules are included in the same executable file, they are definitely combined in one program.
If modules are designed to run linked together in a shared address space, that almost surely means combining them into one program."
Dynamically linking = running linked together in a shared address space.
(See what I mean about fuzzy?
From the Gnu website:
"Combining two modules means connecting them together so that they form a single larger program. If either part is covered by the GPL, the whole combination must also be released under the GPL--if you can't, or won't, do that, you may not combine them.
What constitutes combining two parts into one program? This is a legal question, which ultimately judges will decide. We believe that a proper criterion depends both on the mechanism of communication (exec, pipes, rpc, function calls within a shared address space, etc.) and the semantics of the communication (what kinds of information are interchanged).
If the modules are included in the same executable file, they are definitely combined in one program. If modules are designed to run linked together in a shared address space, that almost surely means combining them into one program."
Except for, as I pointed out elsewhere, the C libraries. (which seems to have a special exemption?)
There's no conscious decision here. If I write a program utilizing a GPL'd binary lib, the above lines state that I've just written a GPL'd program. So long as I link to the program through a third party communications system (pipes, etc), then it's OK.
You can statically link to the C libraries (which are GPL'd) without your exe turning into a GPL.
But how DO you get around the patent issue. The GPL is, to some extent, viral. Once any new source code interacts with GPL'd source code, the new source code becomes GPL'd. Even if the GPL'd code is part of a binary static lib, there's still some fuzziness on the use of a GPL'd API. Enough fuzziness that my company's management didn't want to risk using it.
This new Apache solution at least tries to straddle the fence; Providing the intent of OSS while simultaneously offering a "firewall" protection for commercial uses.
So why the hyperbolic headline?
I haven't read the new license, but so long as it allows derived works to be licensed under the GPL and still allows the source to be viewed, used and modified without fear of retribution... I don't have a problem with it.
Humor...
it's a difficult concept...
it's not logical...
That most of those skeletons have been debunked? One was faked and one was shown to have crippling arthritis.
Which is not to say that evolution is wrong. Just that the skeletal evidence doesn't PROVE anything one way or the other.
Really, what do you base your arguments on? The majority opinion of people around you?
"What's the Beagle look like?"
"There's a picture of it here."
"What's that coming out of it?"
"Lightning, Wrath of God type stuff."
"Bush is said to be a nut about this stuff. He's got teams out searching for it."
"The army that carries the Beagle in front of it is invincible"