I found an interesting contradiction in this article
Only one? I think you need to back and read it again!
My favorite was when he said that if it was as simple as a few lines of copied code, it would be easy to dismiss this as frivilous. But no, he has kindly studied all the facts for us, and discovered that SCO might not even have any rights over SYSV let alone Linux. So we'd better pay up our $699 per server because the risk is too complicated for us mere readers to understand.
How do you prevent something like a particular piece of code being contributed without looking at that code? I feel this is probably a non-trivial problem.
It needs a volunteer who agrees to screen patches, but does not contribute any code. That person would have to have legal access to Microsoft's code, using the leaked code would not be acceptable, and due to the MS NDA they have to sign, could probably only accept or reject patches in full without being specific about which parts of the code have been copied. But I expect that if a contributer was found to have been copying code, they would be considered untrustworthy and the maintainers would not want anything that is contributed by them anyway, so this is not really a disadvantage.
Gzip does not contain any files with those names, so it is more likely that the code simply implements gzip compression as used in the HTTP protocol, probably using zlib given the acknowledgements in Windows documentation, and is not copyed from the gzip command line utility in any way.
<head>
<script language="Javascript">
alert("Prior Art");
</script>
</head>
<body>
<p>
It seems that all we need to do is find a webpage that parses as valid XML (no img, br or hr tags, or XHTML style ones), uses embedded Javascript, and that was published before December 2000.
</p>
</body> </html>
Also - directories for ppc / ppcmac / alpha / mips
Could this be OFFICE 2000 instead of Windows 2000?
More likely that there are a lot of abandoned source files that haven't been removed from the source tree yet. There were alpha and mips versions of NT4, and it was known that Microsoft were working on a PPC version, so it isn't really surprising that some work had been done towards it.
The gnumakefile's are interesting, given Microsoft's distaste for GPL software these days, but they probably date back to the mid '90s when Microsoft's attitude was quite different.
It sounds like they are playing up to the media FUD about open source extremists being responsible for the virus. Since they only did this after the media reports, I think we can assume that they are only releasing the source because they think they've hit on a good diversion. Unfortunately I think the diversion will continue to work as far as mainstream media is concerned.
The anti-virus companies would call it anything but Jim. Virus writers used to be in it for the "fame" (old school ones, before spammers took over and started writing viruses for their own purposes). The last thing anti-virus companies want to do is to give them that on a plate, so they deliberately pick other names for the virus when the author has indicated a name themselves.
Gentoo could be interesting. The main thing keeping me back from Knoppix on my laptop is that it doesn't (or didn't before, I haven't checked these two new releases) include the prism54 driver, so I'd be networkless, and it looks like its moderately painful to customize.
Except this isn't just a niggle, its a major land grab attempt by the employer, and is illegal in many countries and states
...At many smaller companies, it's just "how it is" and you can either "work 5 illegal minutes every day and remain employed" or...
Just to clarify, I was refering to the original article's question over companies claiming ownership of employees own out of hour work when I made my italiced comment above. The 5 minutes extra a day is just a niggle.
Someone who niggles about contracts may be the same guy who pulls out labor laws every time the boss wants 5 minutes of overtime
Except this isn't just a niggle, its a major land grab attempt by the employer, and is illegal in many countries and states. If approached carefully, getting tighter wording on these types of clauses will almost never put you at a disadvantage. By "approached carefully", I mean don't just refuse to sign any contract with any clause claiming personal work, suggest that the employer think about the real reason for the clause and limit it to what they really want to protecting against - usually employees working on personal projects on company time, and employees developing competing software (open source or otherwise) in their own time.
I disagree with those that say get a lawyer. Save your money and let the company's lawyer rewrite the contract. Once a glaring error like this is brought to management's attention, they will usually agree to change it. If they don't, you probably don't want to work there anyway.
If you commit minor crime in a monitored area, then the police will not do much more than use live cameras as a extra pair of eyes.
They don't even do that most of the time. The usual response when asking them to check the CCTV footage after reporting vandalism or theft is to be told "it would be a waste of time, all we'd see is a bunch of kids in hoods". They only bother checking for serious assaults or worse. I suspect the kids in hoods know this.
I concur. Robusta makes me sneeze, so I was surprised recently when I bought some "pure Arabica" Blue Mountain, and it gave me sneezing fits. That'll teach me for being too lazy to go to my usual specialist coffee shop and buying prepackaged rubbish from the supermarket instead.
I thought about something similar around a year ago too. In my version, the port would be opened by connecting to a certain URL, known only to me, on my https server. I never got around to implementing it though. Another related idea I never got around to implementing was to maintain a dynamic blacklist of IPs that tried to connect to certain ports, or access certain URLs (worms, hack attempts and spam spiders) on my webserver. At the moment I'm tarpitting the latter, which manages to keep some worms busy for a while.
It isn't an EXE file, its a an SCR file inside a ZIP, and comes with the comment "The message contains Unicode characters and has been sent as an attachment". Most of the copies I've received have been from Koreans, who are more used to running into encoding issues than elitist Americans, and therefore more easily tricked by such a scam.
Disabling telnet on the servers does nothing to stop telnet clients being used to send arbritary strings to any port. Both you and the original poster who claimed that the gopher URL scheme is a security risk have a lot to learn about network security.
Most browsers killed gopher because the protocol was so insecure, you could use a gopher URL to send any string you wanted to any port you wanted, ditto for finger.
I can use telnet to send any string I want to any port. Your "security" concerns about gopher:// are misguided.
Strange. When I was growing up, I swear 7Up was part of the PepsiCo group, and Sprite was Coca Cola. But I just took a look at the websites, and Coca Cola actually owns both in some markets (including the UK apparently) due to their ownership of Dr Pepper. We didn't have Dr Pepper where I lived, so I'm pretty sure 7Up wasn't owned by them in those days, or 7Up wouldn't have been available.
Interesting that you round 74.5% to 80%, and then call that homogenous. Perhaps you should take a look at your own country's ethnic makeup, its quite a bit closer to 80%. Your views on New Zealand come from a position of extreme ignorance. You didn't see any Maori when you were there? I call your bluff and say you haven't BEEN there. You cannot go to New Zealand and not see Maori, they are everywhere, certainly not "on their reservations".
Re:Its about defaults.. Change IE to use google
on
Google v. Microsoft
·
· Score: 1
You need to download reshacker aka. resource hacker and hack shdoclc.dll.
Is this what you tell your grandmother when you see her using MSN search?
What's this then?
Only one? I think you need to back and read it again!
My favorite was when he said that if it was as simple as a few lines of copied code, it would be easy to dismiss this as frivilous. But no, he has kindly studied all the facts for us, and discovered that SCO might not even have any rights over SYSV let alone Linux. So we'd better pay up our $699 per server because the risk is too complicated for us mere readers to understand.
It needs a volunteer who agrees to screen patches, but does not contribute any code. That person would have to have legal access to Microsoft's code, using the leaked code would not be acceptable, and due to the MS NDA they have to sign, could probably only accept or reject patches in full without being specific about which parts of the code have been copied. But I expect that if a contributer was found to have been copying code, they would be considered untrustworthy and the maintainers would not want anything that is contributed by them anyway, so this is not really a disadvantage.
Gzip does not contain any files with those names, so it is more likely that the code simply implements gzip compression as used in the HTTP protocol, probably using zlib given the acknowledgements in Windows documentation, and is not copyed from the gzip command line utility in any way.
The key words are one or more, so one of those examples would be enough.
<head>
<script language="Javascript">
alert("Prior Art");
</script>
</head>
<body>
<p>
It seems that all we need to do is find a webpage that parses as valid XML (no img, br or hr tags, or XHTML style ones), uses embedded Javascript, and that was published before December 2000.
</p>
</body>
</html>
Could this be OFFICE 2000 instead of Windows 2000?
More likely that there are a lot of abandoned source files that haven't been removed from the source tree yet. There were alpha and mips versions of NT4, and it was known that Microsoft were working on a PPC version, so it isn't really surprising that some work had been done towards it.
The gnumakefile's are interesting, given Microsoft's distaste for GPL software these days, but they probably date back to the mid '90s when Microsoft's attitude was quite different.
If that R is followed by a W, you might want to turn that Windows CD into something more useful.
It sounds like they are playing up to the media FUD about open source extremists being responsible for the virus. Since they only did this after the media reports, I think we can assume that they are only releasing the source because they think they've hit on a good diversion. Unfortunately I think the diversion will continue to work as far as mainstream media is concerned.
The anti-virus companies would call it anything but Jim. Virus writers used to be in it for the "fame" (old school ones, before spammers took over and started writing viruses for their own purposes). The last thing anti-virus companies want to do is to give them that on a plate, so they deliberately pick other names for the virus when the author has indicated a name themselves.
Gentoo could be interesting. The main thing keeping me back from Knoppix on my laptop is that it doesn't (or didn't before, I haven't checked these two new releases) include the prism54 driver, so I'd be networkless, and it looks like its moderately painful to customize.
Just to clarify, I was refering to the original article's question over companies claiming ownership of employees own out of hour work when I made my italiced comment above. The 5 minutes extra a day is just a niggle.
Except this isn't just a niggle, its a major land grab attempt by the employer, and is illegal in many countries and states. If approached carefully, getting tighter wording on these types of clauses will almost never put you at a disadvantage. By "approached carefully", I mean don't just refuse to sign any contract with any clause claiming personal work, suggest that the employer think about the real reason for the clause and limit it to what they really want to protecting against - usually employees working on personal projects on company time, and employees developing competing software (open source or otherwise) in their own time.
I disagree with those that say get a lawyer. Save your money and let the company's lawyer rewrite the contract. Once a glaring error like this is brought to management's attention, they will usually agree to change it. If they don't, you probably don't want to work there anyway.
They don't even do that most of the time. The usual response when asking them to check the CCTV footage after reporting vandalism or theft is to be told "it would be a waste of time, all we'd see is a bunch of kids in hoods". They only bother checking for serious assaults or worse. I suspect the kids in hoods know this.
WTF? Where did this stereotype of geeks come from? We don't appreciate good food and a romantic atmosphere?
I concur. Robusta makes me sneeze, so I was surprised recently when I bought some "pure Arabica" Blue Mountain, and it gave me sneezing fits. That'll teach me for being too lazy to go to my usual specialist coffee shop and buying prepackaged rubbish from the supermarket instead.
I thought about something similar around a year ago too. In my version, the port would be opened by connecting to a certain URL, known only to me, on my https server. I never got around to implementing it though. Another related idea I never got around to implementing was to maintain a dynamic blacklist of IPs that tried to connect to certain ports, or access certain URLs (worms, hack attempts and spam spiders) on my webserver. At the moment I'm tarpitting the latter, which manages to keep some worms busy for a while.
iptables would be more suited than tcpwrappers, it works at a lower level.
It isn't an EXE file, its a an SCR file inside a ZIP, and comes with the comment "The message contains Unicode characters and has been sent as an attachment". Most of the copies I've received have been from Koreans, who are more used to running into encoding issues than elitist Americans, and therefore more easily tricked by such a scam.
So you're the one who was DoSing SCO's website 2 days early.
Disabling telnet on the servers does nothing to stop telnet clients being used to send arbritary strings to any port. Both you and the original poster who claimed that the gopher URL scheme is a security risk have a lot to learn about network security.
I can use telnet to send any string I want to any port. Your "security" concerns about gopher:// are misguided.
Strange. When I was growing up, I swear 7Up was part of the PepsiCo group, and Sprite was Coca Cola. But I just took a look at the websites, and Coca Cola actually owns both in some markets (including the UK apparently) due to their ownership of Dr Pepper. We didn't have Dr Pepper where I lived, so I'm pretty sure 7Up wasn't owned by them in those days, or 7Up wouldn't have been available.
Interesting that you round 74.5% to 80%, and then call that homogenous. Perhaps you should take a look at your own country's ethnic makeup, its quite a bit closer to 80%. Your views on New Zealand come from a position of extreme ignorance. You didn't see any Maori when you were there? I call your bluff and say you haven't BEEN there. You cannot go to New Zealand and not see Maori, they are everywhere, certainly not "on their reservations".
Is this what you tell your grandmother when you see her using MSN search?