The framework is a good start, but Linux would not be considered enterprise-ready until it actually appears in
TPC-C results list (at least in first hundred).
The reason people change UI behavior back to Win 95 or Win 3.11 ways is not that old behavior is better or more intuitive, but because they are accoustomized to it, so it is more intuitive for them.
For new users, who are not used to old ways, the new interface is usually better. So novice users have no need to customize interface - the default is usually better for them.
A good example is standard File Open/Save dialog. You are probably well familiar and comfortable with it. But why do we use it? Should not we drag and drop from File manager, would not this be more intuitive?
The answer is yes, it would be more intutive. But since first Macintosh was single tasked OS, you could not have Finder and your app running simultaneously. So you could not drag and drop from one app to another. File Open/Save dialog was born. Now we are so accostomized to it, that we think it is very natural and convinient way. But the only reason for its existance is restriction of 20-year old OS.
A more authorative answer from netcraft: Apache/1.3.27 (Unix) AuthMySQL/2.20 mod_log_bytes/1.0 mod_bwlimited/1.0 PHP/4.3.0 FrontPage/5.0.2.2510 on Linux
One piece of prior art is known to every science student who needed to find most important articles on a subject. Without any computers, we looked the references (now hyperlinks) and searched for articles that are referenced most, thus finding articles with highest "rank".
But since USPTO considers "find a common knowlegde algorithm and patend a way to do it with computers" a valid patenting method, they probably would not consider it a prior art.
The DRA vulnerability was in Windows 2000 only, it does not affect XP. XP does not have a data recovery agents by default. See Data Recovery and Data Recovery Agents:
The default design for the EFS recovery policy is different in Windows XP Professional than it was in Windows 2000 Professional. Stand-alone computers do not have a default DRA.
So I believe the "vulnerability" of XP computers in Workgroup is just another FUD. If you use EFS on XP, you should be pretty safe.
If any user was in possession of this recovery console, he or she could defeat the XP's multi-user environment while XP is still running.
That is plain lie. You can't use recovery console without rebooting XP.
Moreover, it proves that it is possible for someone to design a tool that effectively bypasses XP's multi-user security *without* having to boot into a different OS and mount partitions from there.
It only proves the article's point: that obvious facts (like being able to have file access if you have physical access) grow into lots of FUD if they include word Microsoft.
That would be nice. I plug my USB flash memory pen to your computer and bang! the trojan (driver) is loaded from the card and executed on your PC. I really like this.
Another point why this is impossible is because you can't store hundreds of drivers for all the OS the device can be used with.
And assuming that you have the preview pane turned off.
What is wrong with preview panel? There was an exploit, but it is fixed a year or more ago.
If you can't use your email client to read all your email, then your client is broken.
He said "the trick is to just not open attachments from people I don't know", not "not to read my email".
If you think you have to run all the attachments you got, you should save the.sh files you get in emails to disk and run them, hoping your OS will protect you. The result: it does not.
You imply that magic filenames are the same as an execute permission. I'm saying the same thing, but stating that it's a bad idea to confer execute permission to a file based on its name.
Can you provide any better argument to why it is bad except "I think so"?
Yes but if they admit that then they're admitting to running an illegal software monopoly.
The console market is dominated by Sony, not Microsoft. Microsoft has monopoly in personal computers market.
Saying that Microsoft has illegal monopoly on XBox is like saying that Dell has illegal monopoly on Dell-brand computers:) Of course MS has 100% market share of XBox consoles:), but the real market is entertainment consoles, where Microsoft has maybe quater market share, or even less.
P.S. Note also that monopoly itself can't be illegal. It is abuse of the monopoly which is illegal.
Just as I can use FedEx, a pigeon or kid on a bike to deliver a package / letter for me without the involvement of the postal service, would they be able to stop me from using another email service?
U.S. already have laws protecting USPS monopoly. In particular USPS owns your mailbox, like AT&T used to own your phone. FedEx, UPS, DHL etc can't deliver mail to your mailbox unless they provide you an "extra" service that USPS does not provide. So usually they have to knock the door, and mainly deviler urgent mail that USPS can't do in timely manner.
So if USPS could get hold of your e-mail they would definetely lobby act that would restrict you from using non-USPS e-mail.
I am absolutely sure FBI and CIA would strongly support this (this would ease their survailance). And even if they could not pass this law, they would condemn using non-USPS e-mail as unpartiotic and then equal using non-USPS e-mail to being terrorist.
The Common Criteria Evaluation Assurance Level 4 evaluation given to Windows 2000 only means that Microsoft followed some kind of software engineering methodology when designing and implementing Windows 2000.
Security experts have been saying for years that the security of the Windows family of products is hopelessly inadequate. Now there is a rigorous government certification confirming this.
So does RedHat certification for even lesser EAL2 means that Linux security is certified to be even more hopelessly inadequate?:)
This is not a bug at all. This is a desing decision, which is very sound from my point of view. Default system installation without using encripted file system is not protected against physical access. Same with [mostly] any other OS.
If you are paranoid, use encripted file system. SysKey is also your friend, althought it is not a full solution.
Palladium may also help when implemented, if you would like to use it.
How would certification for EAL Level 2 would position Linux above Microsoft? Windows 2000 is already certified for EAL Level 4 (supposed to be more secure).
And where are all those articles that were popular on/. when NT was certified, basically telling us that this Common Criteria is total crap? Is it not a crap anymore?
what namespace are apples osx extensions in?
I bet they are not in the java.* namespace that microsoft used, which impled they were a core part of the java standard.
wfc were in com.ms.wfc namespace.
there were also custom attributes for COM interop, also in com.ms and very similar to Apple's version
and delegates.
I think only delegates were in core namespace.
In terms of programming languages/environments, what a standard forbids is as important as what it accepts.
Standard can't forbid adding new libraries to environment. E.g. take a look at Apple - they ship Java machine with extensions for accessing MacOS X APIs.
Or if somebody ships a Linux claiming conformance to LSB, but adds some proprietary applications to it, he violates the standard?
Slashdot Mirror
The framework is a good start, but Linux would not be considered enterprise-ready until it actually appears in TPC-C results list (at least in first hundred).
For new users, who are not used to old ways, the new interface is usually better. So novice users have no need to customize interface - the default is usually better for them.
A good example is standard File Open/Save dialog. You are probably well familiar and comfortable with it. But why do we use it? Should not we drag and drop from File manager, would not this be more intuitive?
The answer is yes, it would be more intutive. But since first Macintosh was single tasked OS, you could not have Finder and your app running simultaneously. So you could not drag and drop from one app to another. File Open/Save dialog was born. Now we are so accostomized to it, that we think it is very natural and convinient way. But the only reason for its existance is restriction of 20-year old OS.
A more authorative answer from netcraft:
Apache/1.3.27 (Unix) AuthMySQL/2.20 mod_log_bytes/1.0 mod_bwlimited/1.0 PHP/4.3.0 FrontPage/5.0.2.2510 on Linux
I agree, we should not be surprised. But we should probably replace "In Soviet Russia ..." jokes with "In Democratic United States ..." jokes.
But since USPTO considers "find a common knowlegde algorithm and patend a way to do it with computers" a valid patenting method, they probably would not consider it a prior art.
The default design for the EFS recovery policy is different in Windows XP Professional than it was in Windows 2000 Professional. Stand-alone computers do not have a default DRA.
So I believe the "vulnerability" of XP computers in Workgroup is just another FUD. If you use EFS on XP, you should be pretty safe.
If you have admin rights, you don't need recovery console to crack yourself. Just go and hit your head to the wall.
That is plain lie. You can't use recovery console without rebooting XP.
Moreover, it proves that it is possible for someone to design a tool that effectively bypasses XP's multi-user security *without* having to boot into a different OS and mount partitions from there.
It only proves the article's point: that obvious facts (like being able to have file access if you have physical access) grow into lots of FUD if they include word Microsoft.
Windows XP Kills Dog, Steals Toaster: Media Gone Mad
Another point why this is impossible is because you can't store hundreds of drivers for all the OS the device can be used with.
What is wrong with preview panel? There was an exploit, but it is fixed a year or more ago.
He said "the trick is to just not open attachments from people I don't know", not "not to read my email".
If you think you have to run all the attachments you got, you should save the .sh files you get in emails to disk and run them, hoping your OS will protect you. The result: it does not.
Can you provide any better argument to why it is bad except "I think so"?
Why do you think this is a problem?
You are too tolerate. Only ASM itself is real programming. Everything else is a joke, no matter how it gets to ASM, via compiler or JIT-compiler.
I wonder, when Linux takes 90% of PC OS market, whom will DOJ sue? :)
You mean Linux is doing this "embrace and extend" thing? :)
Then ... profit
And you truly believe they would be glad to loose even more money by allowing Linux to be run on XBox?
The console market is dominated by Sony, not Microsoft. Microsoft has monopoly in personal computers market.
Saying that Microsoft has illegal monopoly on XBox is like saying that Dell has illegal monopoly on Dell-brand computers :) Of course MS has 100% market share of XBox consoles :), but the real market is entertainment consoles, where Microsoft has maybe quater market share, or even less.
P.S. Note also that monopoly itself can't be illegal. It is abuse of the monopoly which is illegal.
U.S. already have laws protecting USPS monopoly. In particular USPS owns your mailbox, like AT&T used to own your phone. FedEx, UPS, DHL etc can't deliver mail to your mailbox unless they provide you an "extra" service that USPS does not provide. So usually they have to knock the door, and mainly deviler urgent mail that USPS can't do in timely manner.
So if USPS could get hold of your e-mail they would definetely lobby act that would restrict you from using non-USPS e-mail.
I am absolutely sure FBI and CIA would strongly support this (this would ease their survailance). And even if they could not pass this law, they would condemn using non-USPS e-mail as unpartiotic and then equal using non-USPS e-mail to being terrorist.
So does RedHat certification for even lesser EAL2 means that Linux security is certified to be even more hopelessly inadequate? :)
If you are paranoid, use encripted file system. SysKey is also your friend, althought it is not a full solution.
Palladium may also help when implemented, if you would like to use it.
Wake up, and stop spreading FUD. Not only "without a network" was NT4, but it also was completely different certification.
For Common Criteria EAL 4 Microsoft certified Windows 2000, and with full networking.
And where are all those articles that were popular on /. when NT was certified, basically telling us that this Common Criteria is total crap? Is it not a crap anymore?
wfc were in com.ms.wfc namespace.
there were also custom attributes for COM interop, also in com.ms and very similar to Apple's version
and delegates. I think only delegates were in core namespace.
Standard can't forbid adding new libraries to environment. E.g. take a look at Apple - they ship Java machine with extensions for accessing MacOS X APIs.
Or if somebody ships a Linux claiming conformance to LSB, but adds some proprietary applications to it, he violates the standard?