Nice strawman you created. No, I was primarily referring to the Microsoft emails and document exhibits in the Comes vs Microsoft trial. Here's a quote from Mr Gates himself (exhibit 2151):
"I have decided that we should not publish these extensions. We should wait until we have a way to do a high level of integration that will be harder for the likes of Notes, Wordperfect to achieve, and which will give Office a real advantage. This means that Capone and Marvel can still live in the top level of the Explorer namespace, but will run separately. We can continue to use the iShellBrowser APIs for MS provided views such as control panel, and can use them for other MS-provided views that don't create a large compatibility or ISV issue."
"In fact, Microsoft goes out of its way to make early copies of API and protocol specifications available, hold design reviews (that even our competitors attend), and run the largest beta test programs in the industry. Novell has been invited to participate in many of these "Open Process" events -- and all without requiring a tit-for-tat arrangement."
Unfortunately, Novell's claims and these exhibits have not been tested in court. And now with Attachmate in control, I can see a confidential settlement happening. But we can see Microsoft's unpalatable tactics in these exhibits for ourselves, and while Gates poo-poos Novell's anti-trust concerns in the above letter, they were vindicated by the federal monopoly abuse conviction, the adverse settlement with Caldera for Microsoft's anti-competitive behaviour with DR-DOS, and with the adverse browser ruling from the EU.
As we saw with the ISO OOXML "Standard" farce, the patent suit against TomTom and now another against Barnes and Noble, Microsoft certainly hasn't changed its ways. I just hope they shrink from the scene sooner than later.
Your point about Word Perfect is false and misleading. Word Perfect died because Microsoft targeted it. MS viewed Word Perfect as a big threat and abused their monopoly position to end that threat. They purposefully changed specifications and withdrew APIs in Windows 95 a month before it was due to be released. Word Perfect/Novell had to recode much of the program, hence it was late and bug ridden. All this came out in the Comes vs MS trial and is about to resurface if Novell continues their case against MS. Before you say prove it, read for yourself:
The satellites scour the planet for heat trails produced by flying rockets and missiles.
But never airplanes, drones, jets, helicopters, ships, cars and other road vehicles, trains, those on horse, donkey or camel back, whales and dolphins, big game animals, joggers or skateboard riders.
No, I think this is just IBM's stupidity? narrow mindedless? I can't work them out. Ride the monopoly as hard as possible but of course this isn't quite a monopoly. Two years ago we bought a new IBM SAN from the "broker market" for just over 1/2 the "best" price from IBM. Of course IBM *still* made profit on the deal. Their POWER servers are so over priced, for the same money (broker market mind you) we can buy 3 beefy Intel servers with quite adequate performance, so they are seriously losing a lot of market. Go figure.
Agreed, an open computer will run what the user wants. But surely one's computer should not become compromised through normal use. This is a fundamental design issue - if the OS is securely structured, a user would be precluded from doing what they shouldn't yet be able to use it freely. There is no reason why I need modification access to system config files, kernel modules or system libraries, for example, just to install an app or run it. This is extremely difficult to do - computers are still very primitive devices, yet Linux is slowly getting there, Windows glacially so - reactively so. MS have squandered so many opportunities to make genuine improvements I can only see them as a disingenuous, shambling security actor.
You are mistaken that a corporation must be state owned for a government to act on its behalf. There are numerous well known US examples: United Fruit (historically), Haliburton, Microsoft, RIAA/MPAA and the recent revelation (via Wikileaks) of US diplomats aiding manufacturers of genetically engineered products. In such a corrupt system, ownership is not required.
Along with beowolf clusters and Russia doing stuff in reverse, we now have the equally tiresome joke that Microsoft is being nicer to open source. Why do these articles keep getting posted?
> I could travel back in time, the first thing I would do is buy as many water rights in Colorado as I possibly could.
How about restricting how much water is taken from the river - and appropriately distributing what is available? Rivers, like any other finite system, need management. Then there wouldn't be a problem with retaining rainwater....
I'm using SLED, the paid-for version. *Every* time there is an fglrx update, SaX2 breaks the config and I can't start X. Unfortunately I'm using a Dell desktop, so I'm guessing that is the real issue. That and the ATI proprietary module.
I get around it by running aticonfig and then rebuilding the xorg.conf file by hand.
Firefox 4 also adds an implementation of the Websockets API, a tool for enabling the browser and the server to pass data back and forth as needed
And there is talk of support for cross-domain comms and binary data - see hacks.mozilla.org. Who needs Microsoft (for poor security) when there are designs like this?
Yes, I can theoretically envision (and I think you were hinting at) an overriding system/application, combining:
1. iptables / tcpd / selinux, etc at the host level
2. tcpdump to get an idea of "normal" traffic
3. nmap for checking
4. expect for logging into text-based systems for config changes
5. secure comms between systems
etc, etc.
However, I don't think it will be practical to have a canned GUI thing - too many variables, too many things to go wrong.
A better approach is just have a secure system: no firewalls, strip out unrequired services, configure required services securely, user account sandboxing, etc. Have a linux/Unix distribution setup for security and usability *on installation* and have automatic, secured updating. Obviously this will not work with Windows, but I think modern distributions are potentially good enough for this provided they are setup correctly for the critical installation stage and initial update.
Sure, users can't be trusted, but they can't be trusted with firewalls or whatever security measures.
There is a problem if you have to use rdesktop - that window will span both screens so you have to dedicate a workspace to it.
I just converted my system to two separate X sessions as the OP mentions, it is nice having two different task bars but a minor pain not being able to move an active window between sessions.
Dark Reading (ooh, spooky) as is their wont, lists no actual details so we don't know what the guy actually did. But mail clients in general are pretty hopeless at interpreting "who" a message is from. There are several fields that can be used - the actual sending address (the "mail from: " in the SMTP exchange), Reply-to:, From: Sender:. There is no agreed prioritisation that I know of as to what actually goes in the "From" that we see in the client...
I once had a weird circumstance where messages from a mail script I wrote using the MIME::Entity perl module were being received as from "nobody". I hadn't specified the sender field in the entity mail object and the module thoughtfully provided one for me, using the owner of the process running the script. So even though the reply-to and from fields were correctly set, I got a number of calls about who this nobody was....
One can prevent spoofed email using filters, etc, at least with Unix/Linux-based mail transfer agents, presumably this can also be done with MS Exchange. So the breathless report that 100% of the spoofed messages got through just indicates the low priority spoofing has in those administrators' minds.
I see nothing here about what I see to be one of the primary culprits. Microsoft have consistently produced easily exploited, vulnerable software. And they run services and programs with full system access. Sure, they have improved somewhat lately, but they continue to include legacy code in SMB and probably in Office and IE - the whole code base is no doubt riddled with it. No way you should be able to compromise a system with a just a document or a web page.
There are enough vulnerabilities in Linux and MacOS, no doubt, but not such easy meat as Windows.
I've checked the number of DNS queries to our domain looking for these SPF records a few months ago - got about 50 requests / hour compared to say 2-300 messages/hour total. Of course there is no direct relation between the number of messages we send and those queries necessarily....
It is easy enough to test for it: dig -t txt domain.tld - I found it funny that most of the large corporates here in Oz don't use it.
If You engage in the commercial distribution or importation of software derived from an open source project or if You make or use such software outside the scope of creating such software code, You do not benefit from this promise for such distribution or for these other activities.
So this basically rules out the GPL. What a wank. This also only applies only to "Covered Implementations" which at the moment are undefined. So they "cover" moonlight 2.0 and then neglect to cover 2.1.
Well in Australia, you can in fact patent the gene sequence - well not the sequence but the result. There is specific legislation in place - The Plant Variety Rights Act. I don't know if this is replicated in the US but here a loophole allows you to patent a variety merely by discovering and describing it.
Slashdot Mirror
Nice strawman you created. No, I was primarily referring to the Microsoft emails and document exhibits in the Comes vs Microsoft trial. Here's a quote from Mr Gates himself (exhibit 2151):
"I have decided that we should not publish these extensions. We should wait until we have a way to do a high level of integration that will be harder for the likes of Notes, Wordperfect to achieve, and which will give Office a real advantage. This means that Capone and Marvel can still live in the top level of the Explorer namespace, but will run separately. We can continue to use the iShellBrowser APIs for MS provided views such as control panel, and can use them for other MS-provided views that don't create a large compatibility or ISV issue."
While telling Novell (Gates' letter to Novell's Frankenburg in 1995 - http://www.groklaw.net/pdf2/NovvMS-104-21.pdf):
"In fact, Microsoft goes out of its way to make early copies of API and protocol specifications available, hold design reviews (that even our competitors attend), and run the largest beta test programs in the industry. Novell has been invited to participate in many of these "Open Process" events -- and all without requiring a tit-for-tat arrangement."
Unfortunately, Novell's claims and these exhibits have not been tested in court. And now with Attachmate in control, I can see a confidential settlement happening. But we can see Microsoft's unpalatable tactics in these exhibits for ourselves, and while Gates poo-poos Novell's anti-trust concerns in the above letter, they were vindicated by the federal monopoly abuse conviction, the adverse settlement with Caldera for Microsoft's anti-competitive behaviour with DR-DOS, and with the adverse browser ruling from the EU.
As we saw with the ISO OOXML "Standard" farce, the patent suit against TomTom and now another against Barnes and Noble, Microsoft certainly hasn't changed its ways. I just hope they shrink from the scene sooner than later.
Your point about Word Perfect is false and misleading. Word Perfect died because Microsoft targeted it. MS viewed Word Perfect as a big threat and abused their monopoly position to end that threat. They purposefully changed specifications and withdrew APIs in Windows 95 a month before it was due to be released. Word Perfect/Novell had to recode much of the program, hence it was late and bug ridden. All this came out in the Comes vs MS trial and is about to resurface if Novell continues their case against MS. Before you say prove it, read for yourself:
http://www.groklaw.net/staticpages/index.php?page=2007021720190018
I note your plugging a Microsoft shop in your sig - aren't astroturfers normally less obvious?
But never airplanes, drones, jets, helicopters, ships, cars and other road vehicles, trains, those on horse, donkey or camel back, whales and dolphins, big game animals, joggers or skateboard riders.
If that happens, they will just sell to some other troll. They've shown they will follow the money anywhere.
Is that Bing down there in the moat, going down for the third time?
No, I think this is just IBM's stupidity? narrow mindedless? I can't work them out. Ride the monopoly as hard as possible but of course this isn't quite a monopoly. Two years ago we bought a new IBM SAN from the "broker market" for just over 1/2 the "best" price from IBM. Of course IBM *still* made profit on the deal. Their POWER servers are so over priced, for the same money (broker market mind you) we can buy 3 beefy Intel servers with quite adequate performance, so they are seriously losing a lot of market. Go figure.
I didn't think it would be enough to bring down Slashdot, I was wrong.
It smells, too.
I note that IANA has classified 240/8 - 255/8 (well 254/8 really - 255 is for broadcasts) as reserved for future use. Is not the future now?
Agreed, an open computer will run what the user wants. But surely one's computer should not become compromised through normal use. This is a fundamental design issue - if the OS is securely structured, a user would be precluded from doing what they shouldn't yet be able to use it freely. There is no reason why I need modification access to system config files, kernel modules or system libraries, for example, just to install an app or run it. This is extremely difficult to do - computers are still very primitive devices, yet Linux is slowly getting there, Windows glacially so - reactively so. MS have squandered so many opportunities to make genuine improvements I can only see them as a disingenuous, shambling security actor.
Why are you blaming the user? Blame MS for their crappy OS .
What really annoys me is this attempt to lock down hardware. I refuse to buy a computer I can't install whatever I like on it.
You are mistaken that a corporation must be state owned for a government to act on its behalf. There are numerous well known US examples: United Fruit (historically), Haliburton, Microsoft, RIAA/MPAA and the recent revelation (via Wikileaks) of US diplomats aiding manufacturers of genetically engineered products. In such a corrupt system, ownership is not required.
A bomb. I wonder how long it will take to produce it.
Then you get illicit market activity, such as kickbacks, blackmail,
lobbying, donations, special access ...
And how is Java secure?
Along with beowolf clusters and Russia doing stuff in reverse, we now have the equally tiresome joke that Microsoft is being nicer to open source. Why do these articles keep getting posted?
> I could travel back in time, the first thing I would do is buy as many water rights in Colorado as I possibly could.
How about restricting how much water is taken from the river - and appropriately distributing what is available? Rivers, like any other finite system, need management. Then there wouldn't be a problem with retaining rainwater....
I'm using SLED, the paid-for version. *Every* time there is an fglrx update, SaX2 breaks the config and I can't start X. Unfortunately I'm using a Dell desktop, so I'm guessing that is the real issue. That and the ATI proprietary module.
I get around it by running aticonfig and then rebuilding the xorg.conf file by hand.
And there is talk of support for cross-domain comms and binary data - see hacks.mozilla.org. Who needs Microsoft (for poor security) when there are designs like this?
Yes, I can theoretically envision (and I think you were hinting at) an overriding system/application, combining:
1. iptables / tcpd / selinux, etc at the host level
2. tcpdump to get an idea of "normal" traffic
3. nmap for checking
4. expect for logging into text-based systems for config changes
5. secure comms between systems
etc, etc.
However, I don't think it will be practical to have a canned GUI thing - too many variables, too many things to go wrong.
A better approach is just have a secure system: no firewalls, strip out unrequired services, configure required services securely, user account sandboxing, etc. Have a linux/Unix distribution setup for security and usability *on installation* and have automatic, secured updating. Obviously this will not work with Windows, but I think modern distributions are potentially good enough for this provided they are setup correctly for the critical installation stage and initial update.
Sure, users can't be trusted, but they can't be trusted with firewalls or whatever security measures.
There is a problem if you have to use rdesktop - that window will span both screens so you have to dedicate a workspace to it.
I just converted my system to two separate X sessions as the OP mentions, it is nice having two different task bars but a minor pain not being able to move an active window between sessions.
Dark Reading (ooh, spooky) as is their wont, lists no actual details so we don't know what the guy actually did. But mail clients in general are pretty hopeless at interpreting "who" a message is from. There are several fields that can be used - the actual sending address (the "mail from: " in the SMTP exchange), Reply-to:, From: Sender:. There is no agreed prioritisation that I know of as to what actually goes in the "From" that we see in the client...
I once had a weird circumstance where messages from a mail script I wrote using the MIME::Entity perl module were being received as from "nobody". I hadn't specified the sender field in the entity mail object and the module thoughtfully provided one for me, using the owner of the process running the script. So even though the reply-to and from fields were correctly set, I got a number of calls about who this nobody was....
One can prevent spoofed email using filters, etc, at least with Unix/Linux-based mail transfer agents, presumably this can also be done with MS Exchange. So the breathless report that 100% of the spoofed messages got through just indicates the low priority spoofing has in those administrators' minds.
I see nothing here about what I see to be one of the primary culprits. Microsoft have consistently produced easily exploited, vulnerable software. And they run services and programs with full system access. Sure, they have improved somewhat lately, but they continue to include legacy code in SMB and probably in Office and IE - the whole code base is no doubt riddled with it. No way you should be able to compromise a system with a just a document or a web page.
There are enough vulnerabilities in Linux and MacOS, no doubt, but not such easy meat as Windows.
I've checked the number of DNS queries to our domain looking for these SPF records a few months ago - got about 50 requests / hour compared to say 2-300 messages/hour total. Of course there is no direct relation between the number of messages we send and those queries necessarily....
It is easy enough to test for it: dig -t txt domain.tld - I found it funny that most of the large corporates here in Oz don't use it.
From the pledge:
So this basically rules out the GPL. What a wank. This also only applies only to "Covered Implementations" which at the moment are undefined. So they "cover" moonlight 2.0 and then neglect to cover 2.1.
They have given nothing.
Well in Australia, you can in fact patent the gene sequence - well not the sequence but the result. There is specific legislation in place - The Plant Variety Rights Act. I don't know if this is replicated in the US but here a loophole allows you to patent a variety merely by discovering and describing it.