I use Outlook 2002 (XP) (which has the same security as 2000 + SP1) and absolutely nothing is allowed to execute.
Until the next flaw is found, of course. Mind you that the post I was responding to was talking about Outlook 2000.
I got the Klez virus sent to me. Just for yuks, I opened the message, carefully watching and using McAfee to trap anything in case Outlook let it slip through. Nothing. Nada. Zip.
And this proves what?
I think you're making up the buffer overflow stuff (can I see a link, please?)
Umm, nope, I would challenge that point. VBS and other scripting stuff is turned off by default. I've never heard of a buffer overflow exploit in OL, but if you have an example somewhere I'd love to read about it. (in other words, I'm not claiming it doesn't exist.)
The long GMT date field bug bug caused a buffer overflow which allowed running arbitrary code in all versions of Outlook, as well as in some versions of Outlook Express.
Seeing as Outlook uses Internet Explorer to display HTML content, just like Outlook Express does, it inherits IE's flaws as well, as was demonstrated in the Buffer Overrun in HTML Directive flaw.
As for VB scripting being turned off by default now, that may be the case with Outlook XP (2002) or 2000 with all security patches applied, but I can assure that wasn't the case back in 2001 when the Anna Kournikova Worm and other similar exploits scourged through the Outlook community.
Don't confuse Outlook Express for Outlook 2000. OE is the worm attractor. OL2K, though somewhat vulnerable, is nowhere near as problematic as OE. It's kind of surprising considering how much more OL2K does.
Sorry, but this is just not right. Outlook (9x or 200x) is at least as vulnerable as Outlook Express, and probably more so. More often than not the MIME header, buffer overflow or Windows scripting host exploits that affect OE work just as well in Outlook too. And then it's also susceptible to malicious VBA code.
That said, Outlook isn't all bad. For one thing, few people actually have to pay for it, because MS likes to throw it at you as a package deal every chance they get (like say when you buy Microsoft's word processor & spreadsheet, or client licenses for your MS mail server, or a Pocket PC). It's also pretty easy to use - witness the abundance of Windows software that rips off its interface these days, like Evolution does as well.
One annoying thing is that it used to be possible to share information among Outlooks in smaller workgroups without having to go all the way to an Exchange server, using a concept called Net Folders. It was a bit quirky but inexpensive, unlike Exchange. And unlike Bynari InsightServer, which is currently the only way to sort of emulate an Exchange Server on a Linux platform.
More than a new (type of) client, what I'd really love to see is a free open source Exchange Server type program that would be usable with both Outlook and Evolution. Make Exchange unnecessary and let everyone use the client they're used to/like/got for free from MS.
I completely agree. I've used several Nokias over the years and I sure wish every device was as reliable, well engineered and intuitive as these phones.
That said, I'm still gonna try the Ericsson t68i next, as Nokia doesn't currently offer exactly the phone with the features I want.
I know some people went to great lengths to do this test carefully, using high quality amplifiers and waveform analyzers and what more. I simply plugged headphones into my SB Live, listened to each piece twice, and then gave them a grade from 1-5.
I thought the 128 kbit was very hard because there were hardly any noticeable differences between the samples. The fact that they were very short didn't help. I handed out 5 points to 5 of the seven pieces, so the order there is almost random.
After the testing period had finished, C'T sent me the following results:
Ihre Bewertung für 64 kBit/s-Codecs:
Platz 1: MP3Pro Platz 2: unkomprimiert (WAV) Platz 3: Windows Media Audio Platz 4: Ogg Vorbis Platz 5: AAC Platz 6: RealAudio Platz 7: MP3
Ihre Bewertung für 128 kBit/s-Codecs:
Platz 1: AAC Platz 2: MP3 Platz 3: Windows Media Audio Platz 4: RealAudio Platz 5: unkomprimiert (WAV) Platz 6: Ogg Vorbis Platz 7: MP3Pro
The order may not be what I'd like it to be, but my only conclusion can be that compression in general is good enough for me!
Re:Companies need to learn how to make money.
on
VisionTek Folds
·
· Score: 1
Restrictive labor laws? Environmental costs?? High taxes??!
Oh wait, I get it. You're thinking of Europe, not the United States.
Actually, some semi-modern video cards like the Matrox G550 and older versions have a limitation of 1280x1024 for their DVI output. There's a story one step up that talks about a tweak utility which sounds like it might circumvent this, but with the normal drivers settings it is not possible to go higher. The GeForce 4 and possibly the ATI 8500 do not have that problem.
The site seems slashdotted, so I have no idea what the article contains.
Who knows why Lucasarts has these their artificial barriers between different product ranges? Users of other platforms would've enjoyed being able to play products like Rogue Squadron and Jedi Outcast, but Lucasarts so far has never given in to the plentiful requests for ports. Maybe exclusive licenses have something to do with it.
Still, from the pictures I've seen so far, the PS2 might have a hard time rendering the ingame graphics on this one. The game features some pretty spectacular long distance landscapes with buildings constructed of numerous polygons.
This may be meant for system administrators, but maintaining more than a handful of sorcerer boxes sounds terrifying. I for one just don't have the time to compile Gnome every time Dell comes by to deliver another server box.
Managability quickly becomes more important than that squeaky clean feeling once you've got more than 10 systems running. I guess that makes me a sucky admin, but I really can't care. I'll have to stick with the Red Hat network and up2date over this, thanks.
Why, I like his articles. Well, except when he promises a movie review and then goes on to deliver some communist manifest. Heck, I don't always agree with him, but I'm glad he writes here. And actually I think that the silent majority does too.
Get PocketDOS, it does a good job of emulating an XT directly on PocketPC and it runs edit.com fine (as well as Bard's Tale, Ultima, Karateka and many other games - a welcome addition to PocketPC's anemic game collection). What's wrong with PocketWord anyway?
Getting the ROM is a pretty daunting task, though. They actually require you to send them a FAX. In case you're wondering, that's a device people used back in the eighties to send each other documents. I for one had to admit defeat at that point.
Any bets how long it takes until the Palm Inc's legal team will start to make some headlines? I mean, it's the same old story with every damn emulator, isn't it? No matter if there is ROM included or not, they will try it every time. Personally, I've got a IIIx and a PocketPC, and as a Palm customer I feel I have the right to run the apps that I've licensed from them on any machine I want to.
A major advantage would be that the graffiti area is part of the display on the emulator. Presumably that would allow it to work as a soft graffiti area, like on the new Handera. I think that would be an enjoyable feature. Anyone have a Handera ROM to try this with?
> Does theKompany believe that software should be Free? Also is that a reflection of the KDE community or a minority stance?
To quote from the responses:
Our philosophy has essentially been that if it's infrastructure like our projects KDE-DB, VeePee, Korelib, etc then we make it open source because it's in everyone's interest to have it available
Checking over at their website to see what they mean when they say 'open source' reveals that Korelib and KDE-DB are released under the GPL.
So no, they don't seem to share RMS' view that ALL software should be free, but rather the more common notion that some software should definitely be free and others areas left open for competition between free and closed and/or payware apps.
They seem to draw the line for free or for money at whether it is 'infrastructure' or not, which seems to be a reasonable definition to go by if you ask me.
Uhh, it's more a confirmation of how access to PCs and the Internet is distributed among geographical locations. But we're making strides here, I'm glad to see that access to Slashdot is now also available from trailer parks.
I agree completely. We need to go beyond merely providing functional software and get serious on the feel good factor of Free Software.
In general, we should agree on one unified brand along the lines of Win(dows) and Mac. 'Open' or 'Free' might be good, but probably already under claims of various sorts. KDE or to a lesser degree GNU would be ok.
For your next project name, please try to refrain from using the letters x, k or g, recursive acronyms, and geek humor in general.
Instead, try to pick something a little more uplifting. If appropriate, you can decorate your name with some qualifier at the end. What we need now is apps that fit names like KDE Aspire Pro. GNU ManageImpact. OpenImpress Developer edition. KDE Transcend Enterprise. You get the idea.
and I still wouldn't get it. The thing about DVDs is that you go to the effort of the purchase only for those movies that you want to see more than one time. It's simple Mr. Lucas - we want the real Star Wars movies on DVD, you know, that stuff about Chewie and the Death Star.
Most of this piece is conciliatory fluff, but the real point is here somewhere in the middle:
Although the raw data is user submitted, the storage, retrieval, categorization, and organization of the database, the access interface, and the matching and filtering methods are absolutely proprietary, and we will do what is necessary to defend this intellectual property
Current cddb licensees turning to freedb is the most immediate threat to their revenue, so first thing to do is scare their customers. Depending on any patents they have they might then force the freedb to develop a different protocol to do the same thing or even try to get exclusive rights to the concepts of matching CD signatures with an online database. We don't want to go there. Community driven alternatives must prevail.
I'm not sure if Unix on PDAs is relevant yet. In a couple of years, when we can fit high res, lots of memory and a fast CPU inside a small form factor, Linux as core may look more appealing (and PalmOS will need to adapt).
Currently, PDAs don't do advanced things like multimedia very well, so there are some that advocate buying specialised devices and using PDAs solely for taking notes, keeping contacts and the like.
Fine, but just like with regular computers, I don't think we'll ever think of them as completely satisfactory. At least not until they do things like understand what we say to them, project and record graphics and sound with holodeck quality around us and allow instant communications with anyone, while becoming much much less intrusive to wear.
I'm just glad that there are companies other than Palm Inc developing these things too. Their current M?? machines don't offer much that'd make me want to get rid of my IIIx, but the screen on this Clie looks like it could enhance real tasks that we use Palm sized machines for these days, like Internet access, data entry, games, simple multimedia tasks etc. With 320x320 it's even better than the quite cool PocketPCs.. but why 8-bit color only?
I'm looking around my living room and don't consider myself all that unusual for counting 7 trays/slots / lids of various CD devices. Not even counting our portable devices or the removable car player. I don't want to have to test all my audio CDs in all of these.
Since this new audio carrier does not adhere to the Red Book standard, it should get a new name to avoid confusion. What about CD-P, is that still free?
I read on this page about CD standards that the well known little 'Compact Disc digital audio' logo has these requirements:
This logo may be used on discs complying with the CD-DA specifications: the IEC 908 standard and/or the Philips-Sony Compact Disc Digital Audio System Description (the RED Book).
So yeah, it seems as if these protected CDs should not be allowed to carry this logo. But I doubt anyone is going to rub their nose in it. Worse is they'll probably get away with a 'may cause problems in some CDROM drives' sticker - which promotes unwarranted doubts about the compatibility of CDROM drives.
Slashdot Mirror
WARNING: FUD ALERT!!
I use Outlook 2002 (XP) (which has the same security as 2000 + SP1) and absolutely nothing is allowed to execute.
Until the next flaw is found, of course. Mind you that the post I was responding to was talking about Outlook 2000.
I got the Klez virus sent to me. Just for yuks, I opened the message, carefully watching and using McAfee to trap anything in case Outlook let it slip through. Nothing. Nada. Zip.
And this proves what?
I think you're making up the buffer overflow stuff (can I see a link, please?)
Sure, just click a few posts up.
Umm, nope, I would challenge that point. VBS and other scripting stuff is turned off by default. I've never heard of a buffer overflow exploit in OL, but if you have an example somewhere I'd love to read about it. (in other words, I'm not claiming it doesn't exist.)
Well, take for instance the vcard Buffer Overflow vulnerability that was unique to Outlook 2000.
The long GMT date field bug bug caused a buffer overflow which allowed running arbitrary code in all versions of Outlook, as well as in some versions of Outlook Express.
Seeing as Outlook uses Internet Explorer to display HTML content, just like Outlook Express does, it inherits IE's flaws as well, as was demonstrated in the Buffer Overrun in HTML Directive flaw.
As for VB scripting being turned off by default now, that may be the case with Outlook XP (2002) or 2000 with all security patches applied, but I can assure that wasn't the case back in 2001 when the Anna Kournikova Worm and other similar exploits scourged through the Outlook community.
Don't confuse Outlook Express for Outlook 2000. OE is the worm attractor. OL2K, though somewhat vulnerable, is nowhere near as problematic as OE. It's kind of surprising considering how much more OL2K does.
Sorry, but this is just not right. Outlook (9x or 200x) is at least as vulnerable as Outlook Express, and probably more so. More often than not the MIME header, buffer overflow or Windows scripting host exploits that affect OE work just as well in Outlook too. And then it's also susceptible to malicious VBA code.
That said, Outlook isn't all bad. For one thing, few people actually have to pay for it, because MS likes to throw it at you as a package deal every chance they get (like say when you buy Microsoft's word processor & spreadsheet, or client licenses for your MS mail server, or a Pocket PC). It's also pretty easy to use - witness the abundance of Windows software that rips off its interface these days, like Evolution does as well.
One annoying thing is that it used to be possible to share information among Outlooks in smaller workgroups without having to go all the way to an Exchange server, using a concept called Net Folders. It was a bit quirky but inexpensive, unlike Exchange. And unlike Bynari InsightServer, which is currently the only way to sort of emulate an Exchange Server on a Linux platform.
More than a new (type of) client, what I'd really love to see is a free open source Exchange Server type program that would be usable with both Outlook and Evolution. Make Exchange unnecessary and let everyone use the client they're used to/like/got for free from MS.
I completely agree. I've used several Nokias over the years and I sure wish every device was as reliable, well engineered and intuitive as these phones.
That said, I'm still gonna try the Ericsson t68i next, as Nokia doesn't currently offer exactly the phone with the features I want.
I know some people went to great lengths to do this test carefully, using high quality amplifiers and waveform analyzers and what more. I simply plugged headphones into my SB Live, listened to each piece twice, and then gave them a grade from 1-5.
I thought the 128 kbit was very hard because there were hardly any noticeable differences between the samples. The fact that they were very short didn't help. I handed out 5 points to 5 of the seven pieces, so the order there is almost random.
After the testing period had finished, C'T sent me the following results:
Ihre Bewertung für 64 kBit/s-Codecs:
Platz 1: MP3Pro
Platz 2: unkomprimiert (WAV)
Platz 3: Windows Media Audio
Platz 4: Ogg Vorbis
Platz 5: AAC
Platz 6: RealAudio
Platz 7: MP3
Ihre Bewertung für 128 kBit/s-Codecs:
Platz 1: AAC
Platz 2: MP3
Platz 3: Windows Media Audio
Platz 4: RealAudio
Platz 5: unkomprimiert (WAV)
Platz 6: Ogg Vorbis
Platz 7: MP3Pro
The order may not be what I'd like it to be, but my only conclusion can be that compression in general is good enough for me!
Restrictive labor laws? Environmental costs?? High taxes??!
Oh wait, I get it. You're thinking of Europe, not the United States.
Actually, some semi-modern video cards like the Matrox G550 and older versions have a limitation of 1280x1024 for their DVI output. There's a story one step up that talks about a tweak utility which sounds like it might circumvent this, but with the normal drivers settings it is not possible to go higher. The GeForce 4 and possibly the ATI 8500 do not have that problem.
The site seems slashdotted, so I have no idea what the article contains.
Who knows why Lucasarts has these their artificial barriers between different product ranges? Users of other platforms would've enjoyed being able to play products like Rogue Squadron and Jedi Outcast, but Lucasarts so far has never given in to the plentiful requests for ports. Maybe exclusive licenses have something to do with it.
Still, from the pictures I've seen so far, the PS2 might have a hard time rendering the ingame graphics on this one. The game features some pretty spectacular long distance landscapes with buildings constructed of numerous polygons.
This may be meant for system administrators, but maintaining more than a handful of sorcerer boxes sounds terrifying. I for one just don't have the time to compile Gnome every time Dell comes by to deliver another server box.
Managability quickly becomes more important than that squeaky clean feeling once you've got more than 10 systems running. I guess that makes me a sucky admin, but I really can't care. I'll have to stick with the Red Hat network and up2date over this, thanks.
Isn't parody the sincerest form of flattery? Does the silly original really merit this unfunny retort?
Why, I like his articles. Well, except when he promises a movie review and then goes on to deliver some communist manifest. Heck, I don't always agree with him, but I'm glad he writes here. And actually I think that the silent majority does too.
Get PocketDOS, it does a good job of emulating an XT directly on PocketPC and it runs edit.com fine (as well as Bard's Tale, Ultima, Karateka and many other games - a welcome addition to PocketPC's anemic game collection). What's wrong with PocketWord anyway?
Getting the ROM is a pretty daunting task, though. They actually require you to send them a FAX. In case you're wondering, that's a device people used back in the eighties to send each other documents. I for one had to admit defeat at that point.
Any bets how long it takes until the Palm Inc's legal team will start to make some headlines? I mean, it's the same old story with every damn emulator, isn't it? No matter if there is ROM included or not, they will try it every time. Personally, I've got a IIIx and a PocketPC, and as a Palm customer I feel I have the right to run the apps that I've licensed from them on any machine I want to.
A major advantage would be that the graffiti area is part of the display on the emulator. Presumably that would allow it to work as a soft graffiti area, like on the new Handera. I think that would be an enjoyable feature. Anyone have a Handera ROM to try this with?
That'd be LGPL :P
> Does theKompany believe that software should be Free? Also is that a reflection of the KDE community or a minority stance?
To quote from the responses:
Our philosophy has essentially been that if it's infrastructure like our projects KDE-DB, VeePee, Korelib, etc then we make it open source because it's in everyone's interest to have it available
Checking over at their website to see what they mean when they say 'open source' reveals that Korelib and KDE-DB are released under the GPL.
So no, they don't seem to share RMS' view that ALL software should be free, but rather the more common notion that some software should definitely be free and others areas left open for competition between free and closed and/or payware apps.
They seem to draw the line for free or for money at whether it is 'infrastructure' or not, which seems to be a reasonable definition to go by if you ask me.
Uhh, it's more a confirmation of how access to PCs and the Internet is distributed among geographical locations. But we're making strides here, I'm glad to see that access to Slashdot is now also available from trailer parks.
I agree completely. We need to go beyond merely providing functional software and get serious on the feel good factor of Free Software.
In general, we should agree on one unified brand along the lines of Win(dows) and Mac. 'Open' or 'Free' might be good, but probably already under claims of various sorts. KDE or to a lesser degree GNU would be ok.
For your next project name, please try to refrain from using the letters x, k or g, recursive acronyms, and geek humor in general.
Instead, try to pick something a little more uplifting. If appropriate, you can decorate your name with some qualifier at the end. What we need now is apps that fit names like KDE Aspire Pro. GNU ManageImpact. OpenImpress Developer edition. KDE Transcend Enterprise. You get the idea.
and I still wouldn't get it. The thing about DVDs is that you go to the effort of the purchase only for those movies that you want to see more than one time. It's simple Mr. Lucas - we want the real Star Wars movies on DVD, you know, that stuff about Chewie and the Death Star.
This guy is all about helping the big guy and shitting on the little guy.
:) Heck.. he'll even shit in their food supply to prove the point.
Heh this description fits my bovine in Black and White perfectly
Most of this piece is conciliatory fluff, but the real point is here somewhere in the middle:
Although the raw data is user submitted, the storage, retrieval, categorization, and organization of the database, the access interface, and the matching and filtering methods are absolutely proprietary, and we will do what is necessary to defend this intellectual property
Current cddb licensees turning to freedb is the most immediate threat to their revenue, so first thing to do is scare their customers. Depending on any patents they have they might then force the freedb to develop a different protocol to do the same thing or even try to get exclusive rights to the concepts of matching CD signatures with an online database. We don't want to go there. Community driven alternatives must prevail.
I'm not sure if Unix on PDAs is relevant yet. In a couple of years, when we can fit high res, lots of memory and a fast CPU inside a small form factor, Linux as core may look more appealing (and PalmOS will need to adapt).
Currently, PDAs don't do advanced things like multimedia very well, so there are some that advocate buying specialised devices and using PDAs solely for taking notes, keeping contacts and the like.
Fine, but just like with regular computers, I don't think we'll ever think of them as completely satisfactory. At least not until they do things like understand what we say to them, project and record graphics and sound with holodeck quality around us and allow instant communications with anyone, while becoming much much less intrusive to wear.
I'm just glad that there are companies other than Palm Inc developing these things too. Their current M?? machines don't offer much that'd make me want to get rid of my IIIx, but the screen on this Clie looks like it could enhance real tasks that we use Palm sized machines for these days, like Internet access, data entry, games, simple multimedia tasks etc. With 320x320 it's even better than the quite cool PocketPCs.. but why 8-bit color only?
I'm looking around my living room and don't consider myself all that unusual for counting 7 trays /slots / lids of various CD devices. Not even counting our portable devices or the removable car player. I don't want to have to test all my audio CDs in all of these.
Since this new audio carrier does not adhere to the Red Book standard, it should get a new name to avoid confusion. What about CD-P, is that still free?
I read on this page about CD standards that the well known little 'Compact Disc digital audio' logo has these requirements:
This logo may be used on discs complying with the CD-DA specifications: the IEC 908 standard and/or the Philips-Sony Compact Disc Digital Audio System Description (the RED Book).
So yeah, it seems as if these protected CDs should not be allowed to carry this logo. But I doubt anyone is going to rub their nose in it. Worse is they'll probably get away with a 'may cause problems in some CDROM drives' sticker - which promotes unwarranted doubts about the compatibility of CDROM drives.
HUH??? Since they don't distribute the way YOU want, you have the right to steal their property???
I don't steal it, I copy it.