Our company does a lot of data processing on job applicants and up to about three years ago, saying that the collection of SSN's was mandatory wasn't even second guessed. Within the last nine months, two of our customers demanded that not only do we stop collecting the applicants SSN's, but that we also purge our entire DB of previous applicant SSN. This is all due to the growing trend of corporate policy of collecting data that could be linked to identity theft. It's a liability thing for them.
Not to say that we're not taking the proper steps to protect this data. In California there are state laws in place that require encryption of data if you collect any combination of personal data (including last name, home address, etc., etc.). We abide by these laws and use AES-256 encryption within our actual database systems, enforce 128bit SSL for web systems and also implement strict firewall and IDS rule sets.
Recently I spearheaded a corporate IT security review. What were our weak links and how could we prevent our company from falling victim to identity theft in the event of compromised security.
At first my IT department rebuffed this review because they felt that our data systems were secure, and I agreed! Our datacenter systems were under strict lock and key and the data was secure without question and according to California state law.... BUT, what about our desktop computers or company laptops? All too often our data analysis people perform data exports to crunch the data within SPSS or other statistical applications on their work PC's or Laptop computers.
To remedy this issue we've implemented two very simple solutions which solve any data security issues:
1) RSA SecurID Appliances -- We've implemented a two factor password/token system using RSA Key fobs. This is implemented in Domain Logins, File Server Access, Source Control and.....
2) Hard Drive Encryption (on portable computers) -- We use DriveCrypt Plus Pack to encrypt the entire hard drive using AES-256 encryption using two factor password/token authentication. This way, even if the laptop were lost/stolen, none of the data on the drive could be compromised (unless complete theft of key fob and knowledge of password).
Now we can boast complete data security at on our datacenter side AND any device with sensitive personal data is secure from theft.
This entire overhaul only cost our (small) company $25,000 in hardware, software and staff time.
So do I think corporate policys are to blame? Not so much. I think a lot of blame falls on the IT department and their "good enough" stance towards their companies IT security.
If you are victim of Identity theft, I would seriously research the Identity Theft prevention laws in your state, because if the company was not in compliance with those laws, you're within your rights to sue for their negligence.
I recently had raised the same questions when getting a new cell phone.
My previous phone was a Nokia 6230 (link) and at the time I purchased it, was at the bleeding edge of cell phone technology. Bluetooth, GPRS Modem, Camera, Video, SD Card, you name it. So the decision to upgrade FROM this phone was a tough one. Which phones on the market today made the $$ I'd have to spend WORTH the upgrade?
After spending a lot of time researching, I finally settled upon the Nokia 6682 (link). It had the same features as my previous phone, but also a few key others:
- The 6682 is the only 3G Phone offered by Cingular (my carrier), thus future proofing me for a while - It supports GPRS/EDGE over USB (cable included with phone) or Bluetooth - Supports syncing with PC (My Powerbook uses iSync, which installed automatically on my phone and worked flawlessly) - !ACTUAL! Web Browser Support. Phone comes installed with Opera 7.2.x. I updated it to the latest version of Opera by downloading it from Operas website. - Next-Gen Data features such as MobiTV (Mobile TV, 35 channels including Weather Channel, CNBC, MSNBC, Cartoons, Music Videos) and MobiRadio - PLENTY of Open Source applications (ie: Putty) are available for this phone because it runs Symbian Series 60 (S60)
I think this phone is right up your ally, especially because all of it's Bluetooth functionality is also available through the USB data cable, which is included with the phone.
I think credit should be given to IE and Microsoft for inspiring the next generation of browsers. I mean, if it weren't for Internet Explorer setting the bar in browser features and functionality, we wouldn't have such a great open source push for a great new browser platform such as Firefox or Opera.
Imagine if Microsoft's only competition was Netscape:-(
I think the general issue here is you're putting an environmentally sensetive device in the hands of the masses, and as I'm sure 90% of the IT professionals here that have served tech support can tell you, the masses are flaming idiots.
The XBox360 itself does run very hot. Mine I keep in an open AV cabinet with plenty of ventilation and I keep the PSU in a cool area as well. The XBox360 itself is pretty much a super-charged PC in a space 1/10th a standard PC's size. So of course it's going to run hot, and people should take the proper measures.
The design of the XBox360 was one that had to meet a few goals.
1) Had to look cool 2) Had to be smaller or as small as original XBox 3) Had to have adequate cooling WHILE not producing excessive noise from fans and other cooling elements
So Microsoft had to compromise on #3. They had to have the fans run quiet enough so people wouldn't yell, "OMG, ITS TOO LOUD!".. yet have them run fast enough where people wouldn't yell "OMG, MY XBOX IS OVERHEATING NO MATTER WHAT!"
With any manufactured device, there are going to be failures, be it mechanical failure or failure due to the manufacturing process. I'm sure if someone wrote CNN every time one of their Hard Drives died, or every time they got a bad pixel on an LCD, you'd see many other CONSUMER ALERTS for MASS HARDWARE FAILURE, but you don't. Because we've all been using computers long enough to know that with anything, sometimes you just get a bum device and have to get a new one.
Why is the XBox360 different from other computer devices? Well, as I see it, two reasons:
Reason #1 -- It's Microsoft, easy target for hate from some people. Reason #2 -- There's nothing we can do. The reason Intel doesn't get sued because their CPU's run too hot, is because as consumers we can crack open our case and swap out the cooling with a solution that better fits our needs. Unfortunately, we cannot do this with the XBox360 because there are no alternatives to the cooling and it would void your warranty.
What are we to do?
Well, personally, I haven't had a single issue with the Xbox360 that was worth even getting on the phone over. It has locked up twice, but this isn't the first time in my 24 years that a console game as locked up on me. I recall RC Pro-AM locking up on level 98 and almost having a stroke.
For those of you having issues, explore every option in making sure it's in the proper environment before immediately pointing to hardware defect. If this still doesn't work, just call Microsoft and open up an RMA. Their process takes no more than 4 days before you'll have a new Xbox360 in your hot little hands.
At our company, we do pre-employment screening for Fortune 500 companies. When filling out these online employment surveys, we HAVE to get the end users SSN. It is the ONLY identifier that is unique to that person and will follow that person throughout their entire lives. We have to collect it to tie their post-hire data to their pre-hire data.
How else can we identify people? First/Last Name? Over 20% of women between the ages of 20 and 30 will have their last name changed due to marriage. Address? People Move. e-Mail? People change emails. Phone? People change phone numbers.
I think what frustrates me about this whole SSN and identity theft issue is that people will hand over their SSN on paper "IRL" without thinking twice about it's physical security after that. Loan Applications, Job Applications, Legal Forms, etc., etc. all require you to give your Social. Do people ask, "Will my SSN be protected from anyone else seeing it on this paper?" (SSL), "Will my SSN be stored in a protected file cabinet with a combination lock? (Secure Servers, Encryption)". When filling in these forms, do you look over your shoulder suspiciously to make sure nobody's trying to see your SSN as you're entering it (Sniffing/Packet Capturing)?
It's just ridiculous how people treat their information security between online and offline. As an online service provider, It drives me NUTS how there are LAWS in place making it mandatory for us to encrypt parts of a persons information and meet 'payment industry security requirements' to be able to handle this information, where as at my local Taco Bell, job applications will sit on the managers back desk for a week, open to ANY prying eyes who may walk by. Should we make a law for that too?
Anyways, I think the REAL question that should be asked is WHAT CAN WE USE THAT HAS THE SAME PROPERTIES AS THE SSN? I'm all for using something else, but it has to be just as unique and follow that person for their entire lives.
Not to sound like a broken record, but I think Mr. Nash's comments are only a bluff to try to direct some negative press towards Apple and iTunes.
His whole argument doesn't make any sense when you have services like Napster, Rhapsody and Yahoo Music offering -FLAT RATE- monthly subscriptions for UNLIMITED DOWNLOADS. If a user downloads enough songs, the average cost per song could EASILY drop below $0.05 each.
I think record companies are seeing the cash flow POTENTIAL of raising the price of iTunes songs, by even $0.10, could results in MILLIONS of dollars yearly in increased earnings.
My hat goes off to Steve Jobbs and Apple for not sticking it to their users just to make a buck.
I think this was a decision made by the powers that be, by reviewing where things went wrong with the previous XBox, and how they could avoid taking such a hit in the pocket book this time around.
Personally, I can't blame them too much. 3rd Party products do cut into their profits. I mean, why would I show someone else how to make my lunch when they're going to be eating half of it?
This is just Microsoft getting a bigger kick-back from 3rd party products so Microsoft doesn't lose as much money from their sales.
Obviously you don't have an HDTV or Surround Sound, as XBox's OBVIOUS edge over other game consoles is Dolby Digital 5.1 and 480p on most titles.
That alone is reason for anyone with a semi-decent home theatre to lean toward XBox titles over PS2.
I as well own all three game systems, and when a title comes out for all three, let's say Midnight Club 3 for example, I'm going to choose to play this title on XBox because of it's superior feature set.
"The more daylight we have, the less electricity we use," said Markey, who cited Transportation Department estimates that showed the two-month extension would save the equivalent of 10,000 barrels of oil a day.
Apparently they're also going to change how the Earth tilts on its axis. The weather doesn't care what time of day it is.
Leave it to American politicians to think this one up.
Unfortunately with software, when new features are implemented, the testing process can only be taken so far. And unfortunately there are malicious people out there who will try to exploit any new feature that is added to a popular application.
Even FireFox ran into this issue with their interface being spoofed by malicious code. Bug was reported on 5/28, but not fixed until August.
I think my point is that users should be using COMMON SENSE when browsing. Don't install any application or navigate to any site you don't trust. I honestly doubt the home user searching for information for a Biology exam or information on a Hotel would come across a site that would exploit them using one such as the IFrame vulnerability you described.
Perhaps The X-Files put it best, and it should be applied to the web, Trust No One.
Actually, I think you're completely wrong in your statement, "It isn't just a numbers game, either."
Fact of the matter is, it is a numbers game.
W3Schools.com reports that over 90% of the web browsing world is running one form of the Windows Operating System.
Spyware, Virii and other types of malicious (non-remote) applications ARE platform specific. I'm also willing to bet a shiny penny that over 99% of all Spyware and Virii in the world are written for x86 Windows Platforms.
"If you're going to blame the users and say it is all their fault for clicking on everything that pops up, you'd think the Mac crowd would be just filled with viruses and that Mac machines would be bogged down with useless junk because the users on those systems are far more likely to just click and agree with anything that pops up so that they can get on with what they were doing. Yet that isn't the case at all."
The last part of your statement is actually correct. Because only a small amount of the internet browsing population use a non-Windows platform, even a smaller percentage of that population will probably be susceptible to spyware and virii written for their non-Windows platform (we're talking a percent of a percent here, very very very small numbers).
It amuses me that people constantly use a car analogy when referring to windows. When in reality, this is not a good analogy at all. We have many servers that are running a base install of Windows 2000 server with no third party applications (except perhaps Microsoft SQL Server 2000 and some form of virus protection), and we have screen shots of our HEAVY USE (by internet users) servers having close to a 300+ days uptime, only being restarted to install critical updates.
If you wanted to use a car analogy (which I think is a poor analogy, any way you slice it), a more appropriate one (but by no means 100% accurate) would to be comparing windows to a stock Honda Civic (for example). Every application you install is an addition, or a mod to your vehicle. If you install a mod or an enhancement on your vehicle, and your vehicle becomes unstable, is it Honda's fault?
I completely agree that OSX, because of its smaller audience, and much smaller community of users who are deploying malicious applications for the platform, compared to Windows, is a better choice for the average home user.
But who's to say if OSX were as widely used as Windows for home users, just as many (if not more) malicious applications would be coded to target it?
Again, your not considering why some programs NEED installers, even on OSX.
If you're going to be installing something that'll be running as a service (say, a syslog daemon), you'll need to integrate it into your startup script.
Same applies for Windows users (back back back in windows 3.x), when support DLLs needed to be loaded on startup, so installers would automatically put the information in the WIN.INI for you.
You couldn't expect the novice home user to accurately modify their WIN.INI or any other system file without completely trashing their PC.
I'm not saying you're WRONG, I happen to agree with your concept, but you didn't consider all sides.
I think this is just a real blatant "let the flame war ensue" story on Slashdot.
the problem with systems these days that are used by the masses, is that the grossly unintelligent are able now to get their hands on a computer and begin, "Surfing the Net". Our company even is receiving support calls from people when typing in a URL do not know the difference between a "slash" and a "dash". So the average IQ of an Internet user these days is much lower than before.
That being said, a lot of Spy ware and Virii on that have infected people's computers were put there by the users own stupidity and/or ignorance.
A good example of this is a user receives a URL from their friend for a funny movie, they click on the URL, a window pops up to install an ActiveX control. "SURE! I must need to install this to watch the movie." BAM! Spy ware, Virus, Ad ware, etc.
The reason for such a prolific spread in spy ware and virii for windows is because there are many less computer savvy running windows.
I mean, could you imagine if one of these "Average home users" installed Red Hat Linux, and just ran the base install for over a year with no virus protection, firewall or updating the kernel/components? You're damned right that person would get hacked!
The problem is that operating systems put the accountability of how your system performs, what gets updated, and what gets installed into the users hands. It's a catch 22 for Microsoft, because they can't DISABLE all the advanced features, because the power users would complain and at the same time, they cant ENABLE all the advanced features because the ignorant would complain that its too complex/hard to use.
The bottom line is, if you have stupid ignorant user, stupid ignorant decisions will be made.
If your girlfriend plugs her Windows PC onto the net without a firewall or updated OS, and clicks "Yes" to install unknown ActiveX controls, and runs her computer without a real-time virus scanning program, then yes, she'll get over-run with virii and spy ware. Is it Microsoft's fault that your girlfriend is a moron?
You have to pass a test to prove you're competent enough to drive a car, why can't we have one for computer use?
They compare it against a Dell Axim x30 624Mhz (based on the Intel PXA263 processor) and then a Dell Axim x50 (based on the Intel PXA270 processor), which has the very same processor as the HP PDA being reviewed.
Whets wrong? The Dell Axim x50v is the Dell PDA they -SHOULD- be comparing it against, as it has not only the same CPU (Intel PXA270), but THE SAME CLOCK SPEED!
How can they call this a fair review and comparison when the PDAs they compare it against are spec'd below the HP in question.
That's like comparing this 2.0Ghz Celeron against a 2.0Ghz P4 (as in comparing the PXA263 at 624mhz on the Axim x30, vs. the PXA270 at 624mhz in the HP). They're different chips! Of course the newer generation is going to be more refined and a better performer.
I'm just very disappointed with hardware review sites these days as they seem very slated towards their sponsors or preferred hardware.
Can someone explain to me how this 12-foot "Aircraft" is not referred to as a rocket? I'm just curious how you draw these lines of definition.
Re:George Bush ignores the way of Christ
on
Pre-Election Discussion
·
· Score: 4, Interesting
After reading your reply, I'm reminded of a Fake Campaign ad where they parody what the Bush Administration would say about Jesus if he were running for president against G.W. Bush:
I personally spend a lot of time playing Magic: The Gathering Online and at the same time, have a SO as well.
I find that in the long run, the SO is much more important to me than any game will ever be, no matter how powerful/how much money/how much time I spend playing it.
A game should be just that, a game.
I think when you find a game or virtual activity getting in the way of real life friendships (let alone relationships), you probably have an addiction problem.
Slashdot Mirror
Our company does a lot of data processing on job applicants and up to about three years ago, saying that the collection of SSN's was mandatory wasn't even second guessed. Within the last nine months, two of our customers demanded that not only do we stop collecting the applicants SSN's, but that we also purge our entire DB of previous applicant SSN. This is all due to the growing trend of corporate policy of collecting data that could be linked to identity theft. It's a liability thing for them.
.....
Not to say that we're not taking the proper steps to protect this data. In California there are state laws in place that require encryption of data if you collect any combination of personal data (including last name, home address, etc., etc.). We abide by these laws and use AES-256 encryption within our actual database systems, enforce 128bit SSL for web systems and also implement strict firewall and IDS rule sets.
Recently I spearheaded a corporate IT security review. What were our weak links and how could we prevent our company from falling victim to identity theft in the event of compromised security.
At first my IT department rebuffed this review because they felt that our data systems were secure, and I agreed! Our datacenter systems were under strict lock and key and the data was secure without question and according to California state law.... BUT, what about our desktop computers or company laptops? All too often our data analysis people perform data exports to crunch the data within SPSS or other statistical applications on their work PC's or Laptop computers.
To remedy this issue we've implemented two very simple solutions which solve any data security issues:
1) RSA SecurID Appliances -- We've implemented a two factor password/token system using RSA Key fobs. This is implemented in Domain Logins, File Server Access, Source Control and
2) Hard Drive Encryption (on portable computers) -- We use DriveCrypt Plus Pack to encrypt the entire hard drive using AES-256 encryption using two factor password/token authentication. This way, even if the laptop were lost/stolen, none of the data on the drive could be compromised (unless complete theft of key fob and knowledge of password).
Now we can boast complete data security at on our datacenter side AND any device with sensitive personal data is secure from theft.
This entire overhaul only cost our (small) company $25,000 in hardware, software and staff time.
So do I think corporate policys are to blame? Not so much. I think a lot of blame falls on the IT department and their "good enough" stance towards their companies IT security.
If you are victim of Identity theft, I would seriously research the Identity Theft prevention laws in your state, because if the company was not in compliance with those laws, you're within your rights to sue for their negligence.
I recently had raised the same questions when getting a new cell phone.
My previous phone was a Nokia 6230 (link) and at the time I purchased it, was at the bleeding edge of cell phone technology. Bluetooth, GPRS Modem, Camera, Video, SD Card, you name it. So the decision to upgrade FROM this phone was a tough one. Which phones on the market today made the $$ I'd have to spend WORTH the upgrade?
After spending a lot of time researching, I finally settled upon the Nokia 6682 (link). It had the same features as my previous phone, but also a few key others:
- The 6682 is the only 3G Phone offered by Cingular (my carrier), thus future proofing me for a while
- It supports GPRS/EDGE over USB (cable included with phone) or Bluetooth
- Supports syncing with PC (My Powerbook uses iSync, which installed automatically on my phone and worked flawlessly)
- !ACTUAL! Web Browser Support. Phone comes installed with Opera 7.2.x. I updated it to the latest version of Opera by downloading it from Operas website.
- Next-Gen Data features such as MobiTV (Mobile TV, 35 channels including Weather Channel, CNBC, MSNBC, Cartoons, Music Videos) and MobiRadio
- PLENTY of Open Source applications (ie: Putty) are available for this phone because it runs Symbian Series 60 (S60)
I think this phone is right up your ally, especially because all of it's Bluetooth functionality is also available through the USB data cable, which is included with the phone.
Hope this helped! Cheers!
I think credit should be given to IE and Microsoft for inspiring the next generation of browsers. I mean, if it weren't for Internet Explorer setting the bar in browser features and functionality, we wouldn't have such a great open source push for a great new browser platform such as Firefox or Opera.
:-(
Imagine if Microsoft's only competition was Netscape
I think the general issue here is you're putting an environmentally sensetive device in the hands of the masses, and as I'm sure 90% of the IT professionals here that have served tech support can tell you, the masses are flaming idiots.
The XBox360 itself does run very hot. Mine I keep in an open AV cabinet with plenty of ventilation and I keep the PSU in a cool area as well. The XBox360 itself is pretty much a super-charged PC in a space 1/10th a standard PC's size. So of course it's going to run hot, and people should take the proper measures.
The design of the XBox360 was one that had to meet a few goals.
1) Had to look cool
2) Had to be smaller or as small as original XBox
3) Had to have adequate cooling WHILE not producing excessive noise from fans and other cooling elements
So Microsoft had to compromise on #3. They had to have the fans run quiet enough so people wouldn't yell, "OMG, ITS TOO LOUD!".. yet have them run fast enough where people wouldn't yell "OMG, MY XBOX IS OVERHEATING NO MATTER WHAT!"
With any manufactured device, there are going to be failures, be it mechanical failure or failure due to the manufacturing process. I'm sure if someone wrote CNN every time one of their Hard Drives died, or every time they got a bad pixel on an LCD, you'd see many other CONSUMER ALERTS for MASS HARDWARE FAILURE, but you don't. Because we've all been using computers long enough to know that with anything, sometimes you just get a bum device and have to get a new one.
Why is the XBox360 different from other computer devices? Well, as I see it, two reasons:
Reason #1 -- It's Microsoft, easy target for hate from some people.
Reason #2 -- There's nothing we can do. The reason Intel doesn't get sued because their CPU's run too hot, is because as consumers we can crack open our case and swap out the cooling with a solution that better fits our needs. Unfortunately, we cannot do this with the XBox360 because there are no alternatives to the cooling and it would void your warranty.
What are we to do?
Well, personally, I haven't had a single issue with the Xbox360 that was worth even getting on the phone over. It has locked up twice, but this isn't the first time in my 24 years that a console game as locked up on me. I recall RC Pro-AM locking up on level 98 and almost having a stroke.
For those of you having issues, explore every option in making sure it's in the proper environment before immediately pointing to hardware defect. If this still doesn't work, just call Microsoft and open up an RMA. Their process takes no more than 4 days before you'll have a new Xbox360 in your hot little hands.
At our company, we do pre-employment screening for Fortune 500 companies. When filling out these online employment surveys, we HAVE to get the end users SSN. It is the ONLY identifier that is unique to that person and will follow that person throughout their entire lives. We have to collect it to tie their post-hire data to their pre-hire data.
How else can we identify people? First/Last Name? Over 20% of women between the ages of 20 and 30 will have their last name changed due to marriage. Address? People Move. e-Mail? People change emails. Phone? People change phone numbers.
I think what frustrates me about this whole SSN and identity theft issue is that people will hand over their SSN on paper "IRL" without thinking twice about it's physical security after that. Loan Applications, Job Applications, Legal Forms, etc., etc. all require you to give your Social. Do people ask, "Will my SSN be protected from anyone else seeing it on this paper?" (SSL), "Will my SSN be stored in a protected file cabinet with a combination lock? (Secure Servers, Encryption)". When filling in these forms, do you look over your shoulder suspiciously to make sure nobody's trying to see your SSN as you're entering it (Sniffing/Packet Capturing)?
It's just ridiculous how people treat their information security between online and offline. As an online service provider, It drives me NUTS how there are LAWS in place making it mandatory for us to encrypt parts of a persons information and meet 'payment industry security requirements' to be able to handle this information, where as at my local Taco Bell, job applications will sit on the managers back desk for a week, open to ANY prying eyes who may walk by. Should we make a law for that too?
Anyways, I think the REAL question that should be asked is WHAT CAN WE USE THAT HAS THE SAME PROPERTIES AS THE SSN? I'm all for using something else, but it has to be just as unique and follow that person for their entire lives.
What makes me want to puke is that this only highlights the movie studios profit margin per-copy of a DVD that is actually purchased.
Not to sound like a broken record, but I think Mr. Nash's comments are only a bluff to try to direct some negative press towards Apple and iTunes.
His whole argument doesn't make any sense when you have services like Napster, Rhapsody and Yahoo Music offering -FLAT RATE- monthly subscriptions for UNLIMITED DOWNLOADS. If a user downloads enough songs, the average cost per song could EASILY drop below $0.05 each.
I think record companies are seeing the cash flow POTENTIAL of raising the price of iTunes songs, by even $0.10, could results in MILLIONS of dollars yearly in increased earnings.
My hat goes off to Steve Jobbs and Apple for not sticking it to their users just to make a buck.
Here's the actual link to the challenge issued by AMD to Intel on AMD's own website.
/. link.
Much more information than the
I think this was a decision made by the powers that be, by reviewing where things went wrong with the previous XBox, and how they could avoid taking such a hit in the pocket book this time around.
Personally, I can't blame them too much. 3rd Party products do cut into their profits. I mean, why would I show someone else how to make my lunch when they're going to be eating half of it?
This is just Microsoft getting a bigger kick-back from 3rd party products so Microsoft doesn't lose as much money from their sales.
XBox has only A slight edge?
Obviously you don't have an HDTV or Surround Sound, as XBox's OBVIOUS edge over other game consoles is Dolby Digital 5.1 and 480p on most titles.
That alone is reason for anyone with a semi-decent home theatre to lean toward XBox titles over PS2.
I as well own all three game systems, and when a title comes out for all three, let's say Midnight Club 3 for example, I'm going to choose to play this title on XBox because of it's superior feature set.
Period.
I've been subscribed to XTV (link) for a few months now. It's a pretty great service!
They provide 50 Channels of IPTV porn 24 hours a day, plus several other features such as Pay-Per-View and other interactive features.
I think the only down side to this technology will be video quality and BANDWIDTH.
Aside from that, kudos to Time Warner!
"The more daylight we have, the less electricity we use," said Markey, who cited Transportation Department estimates that showed the two-month extension would save the equivalent of 10,000 barrels of oil a day.
Apparently they're also going to change how the Earth tilts on its axis. The weather doesn't care what time of day it is.
Leave it to American politicians to think this one up.
Unfortunately with software, when new features are implemented, the testing process can only be taken so far. And unfortunately there are malicious people out there who will try to exploit any new feature that is added to a popular application.
Even FireFox ran into this issue with their interface being spoofed by malicious code. Bug was reported on 5/28, but not fixed until August.
I think my point is that users should be using COMMON SENSE when browsing. Don't install any application or navigate to any site you don't trust. I honestly doubt the home user searching for information for a Biology exam or information on a Hotel would come across a site that would exploit them using one such as the IFrame vulnerability you described.
Perhaps The X-Files put it best, and it should be applied to the web, Trust No One.
Actually, I think you're completely wrong in your statement, "It isn't just a numbers game, either."
Fact of the matter is, it is a numbers game.
W3Schools.com reports that over 90% of the web browsing world is running one form of the Windows Operating System.
Spyware, Virii and other types of malicious (non-remote) applications ARE platform specific. I'm also willing to bet a shiny penny that over 99% of all Spyware and Virii in the world are written for x86 Windows Platforms.
"If you're going to blame the users and say it is all their fault for clicking on everything that pops up, you'd think the Mac crowd would be just filled with viruses and that Mac machines would be bogged down with useless junk because the users on those systems are far more likely to just click and agree with anything that pops up so that they can get on with what they were doing. Yet that isn't the case at all."
The last part of your statement is actually correct. Because only a small amount of the internet browsing population use a non-Windows platform, even a smaller percentage of that population will probably be susceptible to spyware and virii written for their non-Windows platform (we're talking a percent of a percent here, very very very small numbers).
It amuses me that people constantly use a car analogy when referring to windows. When in reality, this is not a good analogy at all. We have many servers that are running a base install of Windows 2000 server with no third party applications (except perhaps Microsoft SQL Server 2000 and some form of virus protection), and we have screen shots of our HEAVY USE (by internet users) servers having close to a 300+ days uptime, only being restarted to install critical updates.
If you wanted to use a car analogy (which I think is a poor analogy, any way you slice it), a more appropriate one (but by no means 100% accurate) would to be comparing windows to a stock Honda Civic (for example). Every application you install is an addition, or a mod to your vehicle. If you install a mod or an enhancement on your vehicle, and your vehicle becomes unstable, is it Honda's fault?
I completely agree that OSX, because of its smaller audience, and much smaller community of users who are deploying malicious applications for the platform, compared to Windows, is a better choice for the average home user.
But who's to say if OSX were as widely used as Windows for home users, just as many (if not more) malicious applications would be coded to target it?
and other philosophical blockbusters, such as:
;-)
- Where God went wrong
- Some More of God's Greatest Mistakes
and
- Who is thie God person anyway
Again, your not considering why some programs NEED installers, even on OSX.
If you're going to be installing something that'll be running as a service (say, a syslog daemon), you'll need to integrate it into your startup script.
Same applies for Windows users (back back back in windows 3.x), when support DLLs needed to be loaded on startup, so installers would automatically put the information in the WIN.INI for you.
You couldn't expect the novice home user to accurately modify their WIN.INI or any other system file without completely trashing their PC.
I'm not saying you're WRONG, I happen to agree with your concept, but you didn't consider all sides.
Again, this would require a users action to navigate to the malicious page.
The computer just wouldn't up and navigate there itself.
The user is still causing the error to happen, just as if the user ran an infected EXE.
I think this is just a real blatant "let the flame war ensue" story on Slashdot.
the problem with systems these days that are used by the masses, is that the grossly unintelligent are able now to get their hands on a computer and begin, "Surfing the Net". Our company even is receiving support calls from people when typing in a URL do not know the difference between a "slash" and a "dash". So the average IQ of an Internet user these days is much lower than before.
That being said, a lot of Spy ware and Virii on that have infected people's computers were put there by the users own stupidity and/or ignorance.
A good example of this is a user receives a URL from their friend for a funny movie, they click on the URL, a window pops up to install an ActiveX control. "SURE! I must need to install this to watch the movie." BAM! Spy ware, Virus, Ad ware, etc.
The reason for such a prolific spread in spy ware and virii for windows is because there are many less computer savvy running windows.
I mean, could you imagine if one of these "Average home users" installed Red Hat Linux, and just ran the base install for over a year with no virus protection, firewall or updating the kernel/components? You're damned right that person would get hacked!
The problem is that operating systems put the accountability of how your system performs, what gets updated, and what gets installed into the users hands. It's a catch 22 for Microsoft, because they can't DISABLE all the advanced features, because the power users would complain and at the same time, they cant ENABLE all the advanced features because the ignorant would complain that its too complex/hard to use.
The bottom line is, if you have stupid ignorant user, stupid ignorant decisions will be made.
If your girlfriend plugs her Windows PC onto the net without a firewall or updated OS, and clicks "Yes" to install unknown ActiveX controls, and runs her computer without a real-time virus scanning program, then yes, she'll get over-run with virii and spy ware. Is it Microsoft's fault that your girlfriend is a moron?
You have to pass a test to prove you're competent enough to drive a car, why can't we have one for computer use?
That review is Poppycock!
They compare it against a Dell Axim x30 624Mhz (based on the Intel PXA263 processor) and then a Dell Axim x50 (based on the Intel PXA270 processor), which has the very same processor as the HP PDA being reviewed.
Whets wrong? The Dell Axim x50 v is the Dell PDA they -SHOULD- be comparing it against, as it has not only the same CPU (Intel PXA270), but THE SAME CLOCK SPEED!
How can they call this a fair review and comparison when the PDAs they compare it against are spec'd below the HP in question.
That's like comparing this 2.0Ghz Celeron against a 2.0Ghz P4 (as in comparing the PXA263 at 624mhz on the Axim x30, vs. the PXA270 at 624mhz in the HP). They're different chips! Of course the newer generation is going to be more refined and a better performer.
I'm just very disappointed with hardware review sites these days as they seem very slated towards their sponsors or preferred hardware.
Can someone explain to me how this 12-foot "Aircraft" is not referred to as a rocket? I'm just curious how you draw these lines of definition.
After reading your reply, I'm reminded of a Fake Campaign ad where they parody what the Bush Administration would say about Jesus if he were running for president against G.W. Bush:
link
I think it covers what you said in your reply almost word for word.
And kudos for you for standing up for what YOU believe in, not what they tell you to.
You forgot Poland :-(
From the Google Toolbar version information:
Version 2.0.112
New! Browse by Name - save time by typing names instead of URLs in your browser's address bar
Current version is 2.0.114. The browse by name feature has been in it for the last few months.
Welcome to now.
I've had an auto engine die on me before.
God forbid I was at 2,000 ft.
I personally spend a lot of time playing Magic: The Gathering Online and at the same time, have a SO as well.
I find that in the long run, the SO is much more important to me than any game will ever be, no matter how powerful/how much money/how much time I spend playing it.
A game should be just that, a game.
I think when you find a game or virtual activity getting in the way of real life friendships (let alone relationships), you probably have an addiction problem.