Maybe because the world's problems can't be solved by memorizing playing cards. Just because they're good at rote memorization does not necessarily make them better at anything else. They'd probably have a slightly easier time in medical school but other than that I don't see what you would have them do.
I'd also like to ammend my comment after browsing others in the article -- unlike the other fad languages being mentioned here, Pascal was designed as a language to teach programming. It also compiles to native code, and is not interpreted or run in a VM. Depending on what your goals are, you may want to seriously consider how isolated you want to be from the underlying system. If you are trying to learn fundamental CS concepts like data structures, Java may be appropriate because of it's annoyingly strong typing and garbage collection features, and you probably won't want to deal with any system level issues. On the other hand if you want to hack the Linux kernel or develop high-performance games you may want to start off with C. If you just want to write "fun" scripts maybe Perl, Python, or Ruby would be appropriate, or maybe something like LISP.
I recommended Pascal because it can give you the most exposure to all aspects of programming with little barrier to entry. It is object oriented and strictly typed for high-level conceptual programming without the mess of C++, while allowing you access to system level programming. In addition the component-based UI designer can give you a good top-down introduction to creating UIs.
I'd recommend checking out Free Pascal and the Lazarus IDE. These are based on Borland Delphi, of which I believe you can also download a free version, but these are open source and available on many platforms. The Borland products run only on Windows or Linux with KDE (using QT), the Free Pascal libraries use GTK+.
Object Pascal is a good language for beginners. It has strong typing and object-oriented features, but the typing isn't strict to the point of being obnoxious like in Java. It is lower level, so you will deal some with pointers and memory management but it is harder to make a mess with than C/C++. You can also visually design the UI of your application, but the language isn't a disaster like VB (and doesn't run in a VM like C# or Java, so it's quick).
GAIM allows you to write plugins in a variet of languages including python and C++ (and anything else that can link to dynamic libraries). Of course, I don't really see a massive need for IM plugins. All this announcement means is that we will see a million COM host AIM clients with crappy UIs.
I agree, this moral highground spiel is such bologna. They are creating a derivative work (Google Book Search) from the FULL contents of each book. It is irrelevant whether or not any given end users can access the entire contents; the entire contents is being used. Arguments as to this encouraging book sales are also irrelevant, even if it is provably true, it is still up to those who hold the copyrights whether they wish their IP to be used in this way. What if one of the book publishers decided to compete against Google?
Of course if one were to read the actual article, it's about mixed earnings from Yahoo influencing Google's stock, and then a little blurb at the end about the case.
Escape()
is a function in the GDI, you pass it SETABORTPROC and it effectively calls SetAbortProc(). The invalid length comes into play, I believe, after the record containing the Escape() call is processed, and the pointer into the WMF is updated to the next record (which is not an actual record, causing an error).
Well, to go back on what I said a bit, probably they did block SetAbortProc, the exploits call Escape() with SETABORTPROC (which effectively calls SetAbortProc).
The "buffer overrun" is not the actual problem, it is also working correctly, the error is caught and the job is aborted. You can trigger the AbortProc with any error, it is just easier to give it some invalid data rather than contriving a "legitimate" error.
No, the problem is that SetAbortProc as called inside a WMF works *PERFECTLY*. The only difference is, since there are no pointers in the WMF script, you supply the callback as a literal instead of a pointer. The incorrect length is (one way) of then making the script throw an error and abort.
Obviously the real problem is that SetAbortProc has no business being called from a WMF, but the WMF interpreter is likely just an automatic proxy for DLL calls to GDI32.DLL and is not selective about which ones you can and cannot call.
I think it was probably overzealousness to implement every function exactly, and/or perhaps just an oversight in a translation layer between the WMF packets and the DLL function calls that automatically converts every pointer argument to a pointer to the constant argument in the WMF file. It would have been too much a pain in the ass to put in raw code, there are easier ways to debug things.
There is some other discussion that I didn't really follow about how old this code is, if it is really from Windows 3.0 probably they didn't even realize or didn't care that it was a security concern.
I agree your test would be a good idea. Maybe someone could tell Steve Gibson and he could try it, but probably not.
Part of the setup of the AbortProc packet is the callback address. But in this case, the place where the callback address would be is instead the first byte of the newly executed code. So the callback address cannot even be put into the packet properly. That is where the code has to be.
Keep in mind there is an interpreting layer separating the WMF from the actual GDI call. It's entirely plausible that in some confusion the real Escape call is being passed the address of the argument in the script rather than interpreting the data in the script as the pointer value. Not only is this plausible, but it makes perfect sense -- any function interpreted in this context would have to work this way, for example, TextOut usually accepts a pointer to a string, but I bet in a WMF you would simply supply the string literal, and the WMF interpreter would pass a pointer to that data to the real TextOut.
The escape for AbortProc is the way to set the callback in the first place. But since the packet is messed up (the length is one rather than the proper length) then effectively the whole "ESC/AbortProc" packet should never even be properly processed.
It's likely that the length record is merely used to determine what to increment the pointer into the script by once the current packet finishes execution -- if this is the case, an invalid length would not effect the current packet, but then would cause problems after the current packet is processed.
Agreed. I was pointing out that it would not be completely unexpected since the behavior you pointed out as so preposterous (creating a thread, and jumping to a user defined location) is in fact part of the system. Perhaps the invalid length field causes an exception which forces an abort.
I would believe this was intentional if it were an invalid argument to say, FillRect that caused this behavior. But I think there's more than reasonable doubt that this was an intentional hole.
As one of the comments on the actual article pointed out, a much better explanation is that they were thrust from driving their familiar FWD or AWD cars into an unfamiliar RWD car in extreme circumstances. Had they actually controlled their 'experiment' by say, simply disabling the systems in the cars the testers drove the first time, then maybe the experiment would have some validity. As is it is perfectly reasonable to interpret the results as showing that people don't understand the handling characteristics of different drivetrain configurations.
The problem is since it is the submitter supplying the link, they are in effect linking to themselves.
I agree perhaps I am being a bit unrealistic but if Google could choose to accept or reject the link as an argument to their pagerank algorithm I'm sure it would reject it. While Google's published intention on "nofollow" was to prevent blatant comment spam and there is no mention of on topic article spam accompanied by links to unrelated sites, of course their real intention was to prevent abuse of pagerank on websites whose content was partially dictated by the users.
While the content of every slashdot submission does basically consist of "hey guys, check out this [link]" this is because the content linked to is considered relevant to the slashdot community. But the real content is "hey guys, check out this [link] [unrelated link]" and Google goes ahead and considers the unrelated link just as relevant as the real link.
Ultimately of course it IS Slashdot's decision whether or not to include nofollow for this admittedly idealistic purpose, and they are certainly not beholden to Google in any way and can do as they damn well please. But if they want to quell complaints about people submitting for pagerank there is already a perfectly good mechanism in place to do so, and no one would fault them for implementing it.
Slashdot Mirror
Maybe because the world's problems can't be solved by memorizing playing cards. Just because they're good at rote memorization does not necessarily make them better at anything else. They'd probably have a slightly easier time in medical school but other than that I don't see what you would have them do.
I recommended Pascal because it can give you the most exposure to all aspects of programming with little barrier to entry. It is object oriented and strictly typed for high-level conceptual programming without the mess of C++, while allowing you access to system level programming. In addition the component-based UI designer can give you a good top-down introduction to creating UIs.
VB was never a beginner language, it is used to do database reports, not teach programming.
Object Pascal is a good language for beginners. It has strong typing and object-oriented features, but the typing isn't strict to the point of being obnoxious like in Java. It is lower level, so you will deal some with pointers and memory management but it is harder to make a mess with than C/C++. You can also visually design the UI of your application, but the language isn't a disaster like VB (and doesn't run in a VM like C# or Java, so it's quick).
GAIM allows you to write plugins in a variet of languages including python and C++ (and anything else that can link to dynamic libraries). Of course, I don't really see a massive need for IM plugins. All this announcement means is that we will see a million COM host AIM clients with crappy UIs.
Ah good point. Bellsouth owns Cingular, not AT&T.
Yes but he does get a free tech every age.
Sounds like The Sims Online but more boring.
I don't think anyone is arguing that Legend didn't suck.
I agree, this moral highground spiel is such bologna. They are creating a derivative work (Google Book Search) from the FULL contents of each book. It is irrelevant whether or not any given end users can access the entire contents; the entire contents is being used. Arguments as to this encouraging book sales are also irrelevant, even if it is provably true, it is still up to those who hold the copyrights whether they wish their IP to be used in this way. What if one of the book publishers decided to compete against Google?
Ah, so, exactly what Yahoo used to be. Ironic, isn't it.
Well if you're going to be a smartass about it might as well say 365.2425..
His point is still valid -- small towns will chase away big businesses too by eliminating the reasons they might locate themselves there.
Yes I read the two sentences on page 2. I'm using a little more granular metric than you.
Of course if one were to read the actual article, it's about mixed earnings from Yahoo influencing Google's stock, and then a little blurb at the end about the case.
Gates has always said the Microsoft always has been and always will be a software company. You know except for the x-box. And what the hell is MSNBC?
Escape() is a function in the GDI, you pass it SETABORTPROC and it effectively calls SetAbortProc(). The invalid length comes into play, I believe, after the record containing the Escape() call is processed, and the pointer into the WMF is updated to the next record (which is not an actual record, causing an error).
The "buffer overrun" is not the actual problem, it is also working correctly, the error is caught and the job is aborted. You can trigger the AbortProc with any error, it is just easier to give it some invalid data rather than contriving a "legitimate" error.
Obviously the real problem is that SetAbortProc has no business being called from a WMF, but the WMF interpreter is likely just an automatic proxy for DLL calls to GDI32.DLL and is not selective about which ones you can and cannot call.
There is some other discussion that I didn't really follow about how old this code is, if it is really from Windows 3.0 probably they didn't even realize or didn't care that it was a security concern.
I agree your test would be a good idea. Maybe someone could tell Steve Gibson and he could try it, but probably not.
Keep in mind there is an interpreting layer separating the WMF from the actual GDI call. It's entirely plausible that in some confusion the real Escape call is being passed the address of the argument in the script rather than interpreting the data in the script as the pointer value. Not only is this plausible, but it makes perfect sense -- any function interpreted in this context would have to work this way, for example, TextOut usually accepts a pointer to a string, but I bet in a WMF you would simply supply the string literal, and the WMF interpreter would pass a pointer to that data to the real TextOut.
The escape for AbortProc is the way to set the callback in the first place. But since the packet is messed up (the length is one rather than the proper length) then effectively the whole "ESC/AbortProc" packet should never even be properly processed.
It's likely that the length record is merely used to determine what to increment the pointer into the script by once the current packet finishes execution -- if this is the case, an invalid length would not effect the current packet, but then would cause problems after the current packet is processed.
Finally, someone has pointed out that the length does not have to be one.
There is nothing outrageous about this in the least.
Agreed. I was pointing out that it would not be completely unexpected since the behavior you pointed out as so preposterous (creating a thread, and jumping to a user defined location) is in fact part of the system. Perhaps the invalid length field causes an exception which forces an abort.
I would believe this was intentional if it were an invalid argument to say, FillRect that caused this behavior. But I think there's more than reasonable doubt that this was an intentional hole.
As one of the comments on the actual article pointed out, a much better explanation is that they were thrust from driving their familiar FWD or AWD cars into an unfamiliar RWD car in extreme circumstances. Had they actually controlled their 'experiment' by say, simply disabling the systems in the cars the testers drove the first time, then maybe the experiment would have some validity. As is it is perfectly reasonable to interpret the results as showing that people don't understand the handling characteristics of different drivetrain configurations.
The problem is since it is the submitter supplying the link, they are in effect linking to themselves.
I agree perhaps I am being a bit unrealistic but if Google could choose to accept or reject the link as an argument to their pagerank algorithm I'm sure it would reject it. While Google's published intention on "nofollow" was to prevent blatant comment spam and there is no mention of on topic article spam accompanied by links to unrelated sites, of course their real intention was to prevent abuse of pagerank on websites whose content was partially dictated by the users.
While the content of every slashdot submission does basically consist of "hey guys, check out this [link]" this is because the content linked to is considered relevant to the slashdot community. But the real content is "hey guys, check out this [link] [unrelated link]" and Google goes ahead and considers the unrelated link just as relevant as the real link.
Ultimately of course it IS Slashdot's decision whether or not to include nofollow for this admittedly idealistic purpose, and they are certainly not beholden to Google in any way and can do as they damn well please. But if they want to quell complaints about people submitting for pagerank there is already a perfectly good mechanism in place to do so, and no one would fault them for implementing it.
Is this legal? Can't the MPAA sue you if you use BitTorrent, even if it is just to download Linux?