Slashdot Mirror


User: man_of_mr_e

man_of_mr_e's activity in the archive.

Stories
0
Comments
3,833
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 3,833

  1. Re:Security on The Future of Firefox · · Score: 1

    No, they didn't fix the seriou vulnerabilities immediately. The Newest and "critical" patch in the list is 2 months old. 2 Months! And because the vulnerability was hidden, nobody knew about it until Mozilla released the patch publicly. Even today, even after the patch, the details of the bugs are still embargo'd (was until July 20th, but now for some reason they've moved it back to August 1st).

    The other "critical" patch is 3 Months old.

    Nightly builds and CVS are irrelevant if you don't even know there is a security flaw that needs fixing.

  2. PC Gaming... on Review: Battlefield 2 · · Score: 2, Insightful

    PC Gaming excels at strategy games. Games like Battlefield 2 can easily be done on consoles, while a game like Civilization or even Warcraft are much more difficult (yes, I know they've made warcraft for consoles, but it basically sucks).

    The problem is not the console itself, but the control mechanism. Joysticks (or pads) suck for strategy games.

  3. Re:Keyboard Navigation Mouse Navigation on Fold 'n' Drop Window Interaction · · Score: 1

    Umm.. except it doesn't do that. The Titlebar only shows the name of the document, not the path.

  4. Re:Security on The Future of Firefox · · Score: 1

    Why don't you actually READ the list of vulnerabilities, rather than relying on your "memory".

  5. Re:Slightly O/T 'non-competition'... on Microsoft Sues Google For Hiring MS Exec · · Score: 1

    Of course I'm not a lawyer, but I can tell you that these are NOT common terms.

    There are a lot of common terms, but the ones you've represented here are not.

    The only one I think is even remotely enforceable is the "if you get another job" clause, however it can't be for an infinite time period. 2 years is probably all that's enforceable (and again, i'm not a lawyer, so this is just my personal opinion).

    Take it to a real lawyer. They should only charge you $100 or so to review it.

  6. Re:What are the practical results? on Gates On Future of CS Education · · Score: 1

    Jesus, way to show your ignorance.

    NT has had the equivelent of Capabilities since it's inception. In NT they're called privileges, such as "Can load device drivers" or "can log on locally".

    But it's easier to shoot off your mouth.

  7. Re:Donation on Gates On Future of CS Education · · Score: 2, Informative

    You need to study the tax code a little better.

    You don't get the retail vail of a donation you produce as a tax write off. You can only claim the COGS (Cost of goods sold)

  8. Re:Security on The Future of Firefox · · Score: 3, Interesting

    Wow, you are so completely wrong on a number of counts.

    First, It takes the mozilla team an average of 2 MONTHS to fix security issues, not the "same day". Further, The vast majority of IE vulnerabilities happened before Firefox even reached release candidate stage.

    For example, FF 1.05 patches 12 vulnerabilities. The oldest from April, the newest from late May based on the creation date of the referenced bugzilla reports.

    http://www.mozilla.org/projects/security/known-vul nerabilities.html#Firefox

    Firefox has had 56 publicly announced vulnerabilities this year. 24 of them of High or Critical severity.

  9. Re:Time traveller... on Desktop Linux Mass Migration · · Score: 1

    IMO it's far more likely that someone can press the middle mouse button while scrolling than it is to accidentally press ctrl-v.

    In general, someone isn't going to be pressing ctrl functions unless they're actually doing editing of some sort. Further, ctrl-v would only paste something the user had deliberately put in the buffer via ctrl-c, wheres many people highlight things all the time to increase contrast of the line for reading clarity (I know I do, and I have lots of friends that do as well).

    And again, the point is that paste can occur offscreen so the user may not even see it happen. If you're lucky, the app will scroll to the insert point when it happens, but the user may just see this as a glitch while scrolling.

    There are lots of conveniences that people give up because they're dangerous. Running as root, for instance.

  10. Re:Time traveller... on Desktop Linux Mass Migration · · Score: 1

    See my other message. You're editing a sensitive document in another window, switch to a non-sensitive document to get some information, and while using the scroll wheel to scroll accidentally middle click and paste sensitive information into the document.

    The problem here is that insertion happens at the insert point, which may not even be on screen, so you won't even see it happen. Yeah, the document should warn you that it's changed when you close it, but many people save out of reflex.

    Any action that can happen accidentally, and without the user being aware of it is dangerous in my opinion.

  11. Re:Time traveller... on Desktop Linux Mass Migration · · Score: 1

    Actually, yes. Think of the damage.

    Suppose you had been editing a very sensitive document in another window and have some text selected, then, while scrolling you accidentally insert it without noticing that it happened.

    You could lose your job, give confidential information to your competitors, or possibly just make a fool of yourself (if you're lucky).

    The point with all of your arguments is that none of those things have the potential to do something without your knowledge. It's VERY easy to middle-click instead of scroll without even knowing it.

  12. Re:CSS2 a flawed standard? on MS Urging Developers To Prep For IE 7 · · Score: 1

    Wrong. It's still a working draft.

    Odd you would mention ignorance as you seem to be quite blissful.

  13. Re:CSS2 a flawed standard? on MS Urging Developers To Prep For IE 7 · · Score: 1

    Isn't that really the point? Doesn't that illustrate *WHY* you shouldn't implement draft standard features?

    Because they can change. And if they do, you suddenly have browsers out there supporting broken standards, and add yet another series of hacks to work around the problems.

  14. Re:CSS2 a flawed standard? on MS Urging Developers To Prep For IE 7 · · Score: 1

    Frankly, any browser vendor that adds support for a draft standard, without using proprietary selectors (such as Mozilla's -moz tags) is irresponsible.

    Suppose MS (or Opera, or Mozilla) releases a version of their browser with some feature from a draft standard. Then the standard changes. How in the hell do you handle that going forward? Now you have sites that have to check for broken (pre-standard) implementations as well as ones with just bugs. Stupid.

    Simply put, Until a stnadard is set in stone, no official (ie non-beta) browser should support any feature.

  15. Re:Time traveller... on Desktop Linux Mass Migration · · Score: 3, Interesting

    The first rule of UI design is to never do dangerous operations without first warning the user. It's way too easy for a user to accidentally click the middle mouse button when they're trying to scroll. Depending on what they're doing, and especially if they have no idea what they did to cause it, it can paste do all kinds of damage to their documents. Hopefully the application supports Undo, and they know how to use it.

    Middle mouse paste just seems way too dangerous to me for the average user. Why not tie format to the middle mouse button while you're at it.

  16. Re:Desktop Integration, X, GTK/QT, /etc, etc on Desktop Linux Mass Migration · · Score: 1

    I think you overstate the situation on Windows. While Office's GUI may change in superficial (skinnable) ways, it doesn't really change in terms of functionality and/or ways people are used to dealing with it. Media players aren't as big of a deal anyways, because they're a specific class, and they all seem to "skin" similarly.. The vast majority of apps all are much more similar than the differences between KDE and Gnome apps, for example.

  17. Re:Accountability on Desktop Linux Mass Migration · · Score: 2, Insightful

    There's a difference between "Accountable" as in "I can sue you if your stuff breaks" and "I can blame you, and not get fired if your stuff breaks".

  18. Re:why we cant switch on Desktop Linux Mass Migration · · Score: 1

    Umm.. not quite. Most of the LEGAL media content out there will work just fine with WMP out of the box (other than iTunes). It's only stuff that's been re-encoded with all these weird codec's out there that has trouble.

  19. Re:Funny that on Desktop Linux Mass Migration · · Score: 1

    I'm curious. Don't you think this kind of "Well, it works fine in other distro's" answer is passing the buck?

    Don't you think that inconsisten results across various distro's will work against Linux's adoption and success?

  20. Re:Funny that on Desktop Linux Mass Migration · · Score: 2, Interesting

    Not really the same argument, in my opinion. The same version of Xorg works fine on other distributions, thus the software itself is not a "beta", merely the configuration of it.

    Part of the problem with distro's like Debian is that if you want all the same good stuff everyone else has, you'r stuck with "experimental" branches.

  21. Re:I Never Use Remote Desktop on New Batch of XP SP2 Holes · · Score: 1

    I advise against installing it because it has a known vulnerability with no fix available (other than one that will disable the feature).

    The point is, the beta version of terminal services *IS* vulnerable. Period.

  22. Re:don't use the standard RDC Port on New Batch of XP SP2 Holes · · Score: 1

    In Windows 2003 or XP you can use the :port field after the address to specify port. In Windows 2000 you have to edit the .rdp file with a text editor and add a "port" field.

  23. Re:don't use the standard RDC Port on New Batch of XP SP2 Holes · · Score: 1

    Actually, I do the same thing. And yes, if someone is deliberately scanning all ports on your computer (which takes a significant amount of time) they will find it.

    What it does, however, is prevent another code red or blaster worm style worm from finding me, since such worms aren't going to be scanning all ports and analyzing what each port does. That would be far too slow fo such worms that work primarily by infecting lots of machines very quickly.

    In this case, "security by obscurity" works pretty well if you're just a faceless machine in th sea of random IP addresses. If, however, you are a deliberate target than no, it's not so effective.

    Basically, it's like locking your house. Anyone that really wants to break in can do so quite easily, but it will stop the people that try all the doors looking for one that's unlocked from getting in.

  24. Re:I Never Use Remote Desktop on New Batch of XP SP2 Holes · · Score: 1

    I would advise against installing this, other than in behind a firewall in a trusted environment. Obviously, once the patch comes out for this security issue, it will "fix" this feature as well.

    That means that if you install this, you will be insecure moving forward. Best bet would be to install an SSH server and then tunnel to it and execute locally behind a firewall.

  25. Re:Outstanding on Longhorn to Require Monitor-Based DRM · · Score: 2, Informative

    But will it look like shit? Or will it look "good enough", like a standard TV?

    Most people can't tell the difference between HD and ED, and many can't tell the difference between HD and SD. Most people aren't videophiles. If it looks "good enough" to them, why should they care?