The only way to be save right now is (in FireFox) to go to Tools->Options, go to "Web Features", and uncheck "Enable Javascript". Seeing as many sites (including/.) require javascript to use, this really isn't a good option. I hope the team gets a fixed version out soon.
The/. site doesn't require Javascript to work as far as reading and making posts. I keep it turned off all the time except when filling out forms or such where it is useful to me.
without reading TFA, any comparison of this sort does not have much value. Maybe if he reimplemented his app using same Java he would get 50% speed and codebase improvement? Maybe the original was just too poorly coded/overengineered / whatever? Ruby on Rails MAY be much better but any evidence like this is hardly valuable, that's why I would not even bother to RTFA
This was modded insightful. What is actually insightful is TFA.
Really sad. Not that some high school kids can build better robots than the MIT. But that they beat the MIT in the 'Technical Report' category is really sad.
I also find it amusing that the MIT would enter a competition that seems to be targeted towards high schools. Or should I find that sad too?
It is really sad, but Cristian explained how he compensated 30 degrees for laser beam refraction while MIT just gave up. So who do you think is going to produce more excellent technical information?
Also, from the article, the Hayden HS team entered an advanced college level competition.
Couldn't Google just follow the redirect, index the content on the redirected page, and index the URL of the redirected page too? That way a scammer trying to exploit this would find that the page they listed ends up getting ignored entirely (which might make sense for someone legitimately using a 302 as well, where they want people to use the redirected URL in the future and not the original one).
I agree. Who cares if the specs say the intent is for it to be temporary? You're indexing what exists. Googlebot will keep visiting that url and either keep getting a redirect or the temporary redirect is gone.
After awhile, if it isn't temporary, they'll stop visiting the original url. End of hijacker being in google altogether.
The funny thing is, the solution seems pretty simple: Just stop treating 302s this way if they point to a different domain. But for whatever reason Google isn't listening. Hopefully the press that's being generated now will give them the kick in the ass that they need.
The other problem is that many legit sites, including my own, use 302 redirects a lot. They are used a great deal for maintaining backward compatability with old links when URL schemes change. They are also very useful in authentication and personalisation situations.
I asked the question in another post and now see your explanation of legitimate use of 302's. Do the 302's redirect to pages that contain content that you would want in Google and won't be indexed otherwise?
For example, if old pages in a changed URL the content probably have already been indexed. And personalization doesn't sound like googable content. Any thoughts on that?
Is there anything here that is so useful Google should follow 302 redirects? After all, the explanations here (thanks) mentioned that googlebots will find the original good.site pages as well, of course if they are already an indexed site.
This still doesn't solve the problem of encryption (even something as simple as XORing).
Anti-virus deal with that. They look for binary patterns, and yes much of it is encrypted. The point is to make the payload available for standard existing anti-virus inspection, just as any other payload coming onto the system is inspected.
The list of executable extensions is OS dependent and is already done by email monitoring for attachments. It is the same extension list, everything that is executable, which I was surprised to find out awhile back included the wallpaper extension.
These security checks would be handled by a JVM call to an Java Community OS security interface. None of it involves the user. They aren't supposed to click on executable attachments and they do, so many email systems have to ban executable attachments.
I contend the Java security dialogue is obscure at best. There is no way that I would know that that gives permission to install Windows programs. If I don't know that, I don't know how very many others would know it either.
But your points are well taken. It must be automatic, and I lay out three steps to make that automatic detection and stop it. The Java Community needs to act on it. Thanks.
I have to post as AC because I hit my post limit, but wanted to respond to that FF uninstall wipe out disk thing. I gather from another/. thread that it was caused by installing FF to root in Linux and then when uninstalling the FF uninstaller deletes all files and apparently has root authority to do so based on install.
Unconfirmed, but that was the discussion. Responses revolved around authority to accidentally install to root without comparable competency and in cases where installing to root is actually needed installing to a virtual root that could be deleted if there was a problem, etc. Still, that it can happen was not refuted in the thread.
I thought I'd pass it on to you since you're trying to find the basis of that wipe out disk post.
I am having problems with this calculation - I may probably not thinking clearly this morning. If Firefox has 6 percent and IE is now below 90% (granted they don't give an exact figure) then that means that other browsers like Safari, Opera, Netscape, Mozilla and Conquer total for only 4% of usage? Since Apple has about a 5% market share, and Safari is the de-facto browser for Apple, doesn't that mean that mean that all of the other bowsers I mentioned basically are not used by anyone? My website statistics do not show that. I would guess that IE is WAY below 90%; maybe even approaching somewhere in the 70% area.
No, you are thinking clearly this morning. The figures I saw in recent linked articles on this was.5% for Safari, 1% for Netscape (which I use), and similar low figures for the others amounting to the other 4% than IE and FF.
At least those were the figures given out by independent web usage sites that were referenced.
He was asserting that what matters was the "whole Mozilla Project", though -- I was trying to justify that the Suite is soon not really going to be a part of that.
Also, the emphasis of the article is that Firefox is gaining popularity at the direct expense of IE, which implies that Suite usership is staying fairly constant (or, at least, unremarkably so)
Yes, you're right, and staying fairly constantly small. On the other hand, the Mozilla Suite, independent forking of it (suggest Mozilla Preferred), an integration of Mozilla components with advanced Mozilla Suite keyboard functionality (suggest Firefox Classic), and Firefox should be rounded together as it is a cumulative effort that should be reflected as a percentage for Mozilla Firefox, in my opinion.
I think the main reason for the quick growth of Firefox is that it has UI advantages over IE... like tabbed browsing and other things.
My experience has been that people are sick of having their PC's clobbered by spyware and many are recommending they switch to Firefox... and they are.
I have never personally heard of a person switching because of tabbed browsing. Give me a break, it's not that big of a deal.
Well, if it's typing then they ought to call it typing.:) The "keyboarding" thing as I recall did not include any mention of wpm. I doubt seriously that it was typing, especially given that typing requires some skill and effort to learn and the conversation I had was more like clueless meet PC.
As for using the PC as advanced automated flashcards for learning, yes, of course, a PC is a valuable tool, and lower end PC's do just fine for that I'm sure you'll agree.
Along that line, I have seen a number of educational programs available through the years and of course graphics helps in visualizing results, but I think the graphics we have had on the PC since VGA with square squares and round circles on the screen have been more than sufficient for visualizing, in other words DOS.
I worked for ZSoft writing drivers for PC Paintbrush when VGA came out, so going back to the day there.
Do you mean Mozilla Suite? It's no longer being developed by the Mozilla Foundation [mozillazine.org] (well, there's no plan for a version 1.8, so "no longer" soon). There is a group of people who are planning to fork the code, and continue work on it, but it's likely that the Suite is not gaining popularity because it is considered deprecated now.
Whether Mozilla 1.7.x is gaining popularity or not, as the poster said, it counts too. IE is not gaining popularity either.
The only thing I have see recently is Google requiring non-standard browser calls (remote scripting) available in IE and FF for their new mapping competitor to MapQuest. However I accidentally used it yesterday from a Google search thinking I would get MapQuest, but I got Google maps and it apparently adjusted to a different display format just fine to work with other browsers than IE and FF.
No sooner than I post this than I do something that takes me to Google Maps and, no, it still does not fall back to something that will display in Netscape 7.02.
I retried what I did yesterday that I was talking about and it is something called Google Local beta which does render in 7.02. Apparently doesn't require remote scripting like Maps does.
However, recently I saw some quote which I don't recall which said that IE could be removed (?) for some reason, maybe quoted here here in a/. thread?
Anyway, was humorous to me.
Oh, what was humorous about it was that as I recall it was a recent statement that was Microsoft generated to deal with some other problem or situation they had where removing IE would lessen or remove the problem.
With one problem it was impossible to remove, now with another they suggest removing it. I will have to make a note of what that was if I see it again.
I have difficulty with the continued use of Netscape 4.7x on the internet,...
I upgraded from Netscape 4.7 to 7.02 awhile back. Handles everything just fine. In fact, a lot of those dot com requires IE5+ sites that I ignored went away, and I don't see that requires IE crap much anymore.
The only thing I have see recently is Google requiring non-standard browser calls (remote scripting) available in IE and FF for their new mapping competitor to MapQuest. However I accidentally used it yesterday from a Google search thinking I would get MapQuest, but I got Google maps and it apparently adjusted to a different display format just fine to work with other browsers than IE and FF.
Software is obsolete when a newer program can do the same job better, and software is worthless when a newer program can do the same job better AND cheaper.
(For the record, your 23 year old amoritization program is obsolete because even a ten-year old computer can do the same job, better and clearer and with easier to use output.)
Newer and cheaper software does not make existing software worthless, it just lowers its replacement cost, should the software for some reason need to be replaced. There are not many good reasons that software would need to be replaced other than operating system companies trying to force upgrades.
Likewise the 23 year old amoritization program is not obsolete because a newer program performs the same function with a better interface. It is obsolete when it no longer poduces correct results, outmoded interface or otherwise.
This equipment does the job, but it ain't exactly Hot Shit anymore. Personally I think it says alot about how schools here in Sweden are low priority.
I think the same is true here in the US from what I read. On the other hand, I went through school and college before PC's were invented and I really don't have any idea what is supposed to be taught on PC's. I remember a niece saying something about "keyboarding", whatever that is.
As if these IM generation kids need to be taught about a keyboard.
I also think "Does The Job" is the point. Fundamentals are fundamentals, and I think I'm better for learning programming with a Microsoft Basic interpreter and Z-80 assembler on TRS-80 with a cassette tape drive (nowadays Java in a text editor on a low end PC) than if I started on a Hot Shit XP computer pointing and clicking.
Schools should deliberately be teaching the fundamentals with low end, corporate cast off PC's in my opinion.
You have two misconceptions, though. One, Internet Explorer is no more integrated into XP than it is into 98.
The whole Microsoft anti-trust suit is wrapped up in all that. Microsoft claimed that IE was built in and couldn't be removed to refute that they threw it into Windows free to use their monopoly OS position to put Netscape out of business, which of course they did.
However, recently I saw some quote which I don't recall which said that IE could be removed (?) for some reason, maybe quoted here here in a/. thread?
Computers running an older OS is not necessary a bad thing but tends to be interesting that despite the current trend millions find no reason to upgrade.
Not only is it interesting information, it has brought out some interesting comments, especially concerning making sure this huge base can migrate to Linux when they do migrate.
I answered a bunch of questions--er, complaints--from readers in my newsletter after that column ran (which was, um, almost a month ago). In case anybody's curious, here's that link. [washingtonpost.com]
I was one of the people who wrote you and I got a nice reply back. Thanks. I missed this followup column though. That was funny about the kittens.
You point out the very interesting fact that 112 of the 113 attacks on Symantec's list attack pre-XP, which for me is my Win98 SE and Win Me computers. I should feel concerned but I've never been successfully attacked. Why is that?
I would say it's because I don't run IE or Outlook, but instead Netscape. I also don't have SQL Server on my PC or any number of other Microsoft products with their technology service packs.
I also run a BlackIce firewall which intercepts a constant stream of identified attacks, not sure how many would get through to a Win98 SE box, or just what in Win98 would be susceptible to attack.
I haven't ever seen anything susceptible in Win98 SE described in all the attack descriptions I've read through the years, I might have missed some, but totally unlike the many susceptibilities I read about in unpatched Win 2000 and above services that compromise your computer without even browsing.
I just have never seen that described for Win98 at all, so I am puzzled at how all but one of the latest attacks can compromise my Win98 SE PC.
Not asking for a technical answer from you, I appreciate the insight, but just a rhetorical question. It doesn't add up.
Slashdot Mirror
The only way to be save right now is (in FireFox) to go to Tools->Options, go to "Web Features", and uncheck "Enable Javascript". Seeing as many sites (including /.) require javascript to use, this really isn't a good option. I hope the team gets a fixed version out soon.
/. site doesn't require Javascript to work as far as reading and making posts. I keep it turned off all the time except when filling out forms or such where it is useful to me.
The
rd
without reading TFA, any comparison of this sort does not have much value. Maybe if he reimplemented his app using same Java he would get 50% speed and codebase improvement? Maybe the original was just too poorly coded /overengineered / whatever? Ruby on Rails MAY be much better but any evidence like this is hardly valuable, that's why I would not even bother to RTFA
This was modded insightful. What is actually insightful is TFA.
rd
The article said 95% of groups have delivered something late, but the /. header makes it 95% of IT projects are late.
/. headers lately. Maybe RTFA isn't enough?
I've seen a few other such corrections to
rd
Really sad. Not that some high school kids can build better robots than the MIT. But that they beat the MIT in the 'Technical Report' category is really sad.
I also find it amusing that the MIT would enter a competition that seems to be targeted towards high schools. Or should I find that sad too?
It is really sad, but Cristian explained how he compensated 30 degrees for laser beam refraction while MIT just gave up. So who do you think is going to produce more excellent technical information?
Also, from the article, the Hayden HS team entered an advanced college level competition.
rd
Couldn't Google just follow the redirect, index the content on the redirected page, and index the URL of the redirected page too? That way a scammer trying to exploit this would find that the page they listed ends up getting ignored entirely (which might make sense for someone legitimately using a 302 as well, where they want people to use the redirected URL in the future and not the original one).
I agree. Who cares if the specs say the intent is for it to be temporary? You're indexing what exists. Googlebot will keep visiting that url and either keep getting a redirect or the temporary redirect is gone.
After awhile, if it isn't temporary, they'll stop visiting the original url. End of hijacker being in google altogether.
rd
The funny thing is, the solution seems pretty simple: Just stop treating 302s this way if they point to a different domain. But for whatever reason Google isn't listening. Hopefully the press that's being generated now will give them the kick in the ass that they need.
Great kick in the ass post to get them started.
rd
The other problem is that many legit sites, including my own, use 302 redirects a lot. They are used a great deal for maintaining backward compatability with old links when URL schemes change. They are also very useful in authentication and personalisation situations.
I asked the question in another post and now see your explanation of legitimate use of 302's. Do the 302's redirect to pages that contain content that you would want in Google and won't be indexed otherwise?
For example, if old pages in a changed URL the content probably have already been indexed. And personalization doesn't sound like googable content. Any thoughts on that?
rd
Is there anything here that is so useful Google should follow 302 redirects? After all, the explanations here (thanks) mentioned that googlebots will find the original good.site pages as well, of course if they are already an indexed site.
Why follow redirects at all?
rd
This still doesn't solve the problem of encryption (even something as simple as XORing).
Anti-virus deal with that. They look for binary patterns, and yes much of it is encrypted. The point is to make the payload available for standard existing anti-virus inspection, just as any other payload coming onto the system is inspected.
The list of executable extensions is OS dependent and is already done by email monitoring for attachments. It is the same extension list, everything that is executable, which I was surprised to find out awhile back included the wallpaper extension.
These security checks would be handled by a JVM call to an Java Community OS security interface. None of it involves the user. They aren't supposed to click on executable attachments and they do, so many email systems have to ban executable attachments.
I contend the Java security dialogue is obscure at best. There is no way that I would know that that gives permission to install Windows programs. If I don't know that, I don't know how very many others would know it either.
But your points are well taken. It must be automatic, and I lay out three steps to make that automatic detection and stop it. The Java Community needs to act on it. Thanks.
rd
I have to post as AC because I hit my post limit, but wanted to respond to that FF uninstall wipe out disk thing. I gather from another /. thread that it was caused by installing FF to root in Linux and then when uninstalling the FF uninstaller deletes all files and apparently has root authority to do so based on install.
/. user ralphdaugherty
Unconfirmed, but that was the discussion. Responses revolved around authority to accidentally install to root without comparable competency and in cases where installing to root is actually needed installing to a virtual root that could be deleted if there was a problem, etc. Still, that it can happen was not refuted in the thread.
I thought I'd pass it on to you since you're trying to find the basis of that wipe out disk post.
regards,
rd
I am having problems with this calculation - I may probably not thinking clearly this morning. If Firefox has 6 percent and IE is now below 90% (granted they don't give an exact figure) then that means that other browsers like Safari, Opera, Netscape, Mozilla and Conquer total for only 4% of usage? Since Apple has about a 5% market share, and Safari is the de-facto browser for Apple, doesn't that mean that mean that all of the other bowsers I mentioned basically are not used by anyone? My website statistics do not show that. I would guess that IE is WAY below 90%; maybe even approaching somewhere in the 70% area.
.5% for Safari, 1% for Netscape (which I use), and similar low figures for the others amounting to the other 4% than IE and FF.
No, you are thinking clearly this morning. The figures I saw in recent linked articles on this was
At least those were the figures given out by independent web usage sites that were referenced.
rd
He was asserting that what matters was the "whole Mozilla Project", though -- I was trying to justify that the Suite is soon not really going to be a part of that.
Also, the emphasis of the article is that Firefox is gaining popularity at the direct expense of IE, which implies that Suite usership is staying fairly constant (or, at least, unremarkably so)
Yes, you're right, and staying fairly constantly small. On the other hand, the Mozilla Suite, independent forking of it (suggest Mozilla Preferred), an integration of Mozilla components with advanced Mozilla Suite keyboard functionality (suggest Firefox Classic), and Firefox should be rounded together as it is a cumulative effort that should be reflected as a percentage for Mozilla Firefox, in my opinion.
rd
I think the main reason for the quick growth of Firefox is that it has UI advantages over IE... like tabbed browsing and other things.
My experience has been that people are sick of having their PC's clobbered by spyware and many are recommending they switch to Firefox... and they are.
I have never personally heard of a person switching because of tabbed browsing. Give me a break, it's not that big of a deal.
rd
Well, if it's typing then they ought to call it typing. :) The "keyboarding" thing as I recall did not include any mention of wpm. I doubt seriously that it was typing, especially given that typing requires some skill and effort to learn and the conversation I had was more like clueless meet PC.
As for using the PC as advanced automated flashcards for learning, yes, of course, a PC is a valuable tool, and lower end PC's do just fine for that I'm sure you'll agree.
Along that line, I have seen a number of educational programs available through the years and of course graphics helps in visualizing results, but I think the graphics we have had on the PC since VGA with square squares and round circles on the screen have been more than sufficient for visualizing, in other words DOS.
I worked for ZSoft writing drivers for PC Paintbrush when VGA came out, so going back to the day there.
rd
Do you mean Mozilla Suite? It's no longer being developed by the Mozilla Foundation [mozillazine.org] (well, there's no plan for a version 1.8, so "no longer" soon). There is a group of people who are planning to fork the code, and continue work on it, but it's likely that the Suite is not gaining popularity because it is considered deprecated now.
Whether Mozilla 1.7.x is gaining popularity or not, as the poster said, it counts too. IE is not gaining popularity either.
rd
The only thing I have see recently is Google requiring non-standard browser calls (remote scripting) available in IE and FF for their new mapping competitor to MapQuest. However I accidentally used it yesterday from a Google search thinking I would get MapQuest, but I got Google maps and it apparently adjusted to a different display format just fine to work with other browsers than IE and FF.
No sooner than I post this than I do something that takes me to Google Maps and, no, it still does not fall back to something that will display in Netscape 7.02.
I retried what I did yesterday that I was talking about and it is something called Google Local beta which does render in 7.02. Apparently doesn't require remote scripting like Maps does.
rd
However, recently I saw some quote which I don't recall which said that IE could be removed (?) for some reason, maybe quoted here here in a /. thread?
Anyway, was humorous to me.
Oh, what was humorous about it was that as I recall it was a recent statement that was Microsoft generated to deal with some other problem or situation they had where removing IE would lessen or remove the problem.
With one problem it was impossible to remove, now with another they suggest removing it. I will have to make a note of what that was if I see it again.
rd
I have difficulty with the continued use of
Netscape 4.7x on the internet,...
I upgraded from Netscape 4.7 to 7.02 awhile back. Handles everything just fine. In fact, a lot of those dot com requires IE5+ sites that I ignored went away, and I don't see that requires IE crap much anymore.
The only thing I have see recently is Google requiring non-standard browser calls (remote scripting) available in IE and FF for their new mapping competitor to MapQuest. However I accidentally used it yesterday from a Google search thinking I would get MapQuest, but I got Google maps and it apparently adjusted to a different display format just fine to work with other browsers than IE and FF.
rd
Btw, what is the /lite in Win98 SE/lite that has been referred to?
/lite is installing Win98 without IE. I didn't do that, but I don't use IE.
I saw from several posts that
But I did see the recent malware install thread that bypassed IE's blacklist when it wasn't being used.
rd
Software is obsolete when a newer program can do the same job better, and software is worthless when a newer program can do the same job better AND cheaper.
(For the record, your 23 year old amoritization program is obsolete because even a ten-year old computer can do the same job, better and clearer and with easier to use output.)
Newer and cheaper software does not make existing software worthless, it just lowers its replacement cost, should the software for some reason need to be replaced. There are not many good reasons that software would need to be replaced other than operating system companies trying to force upgrades.
Likewise the 23 year old amoritization program is not obsolete because a newer program performs the same function with a better interface. It is obsolete when it no longer poduces correct results, outmoded interface or otherwise.
rd
This equipment does the job, but it ain't exactly Hot Shit anymore. Personally I think it says alot about how schools here in Sweden are low priority.
I think the same is true here in the US from what I read. On the other hand, I went through school and college before PC's were invented and I really don't have any idea what is supposed to be taught on PC's. I remember a niece saying something about "keyboarding", whatever that is.
As if these IM generation kids need to be taught about a keyboard.
I also think "Does The Job" is the point. Fundamentals are fundamentals, and I think I'm better for learning programming with a Microsoft Basic interpreter and Z-80 assembler on TRS-80 with a cassette tape drive (nowadays Java in a text editor on a low end PC) than if I started on a Hot Shit XP computer pointing and clicking.
Schools should deliberately be teaching the fundamentals with low end, corporate cast off PC's in my opinion.
rd
You have two misconceptions, though. One, Internet Explorer is no more integrated into XP than it is into 98.
/. thread?
The whole Microsoft anti-trust suit is wrapped up in all that. Microsoft claimed that IE was built in and couldn't be removed to refute that they threw it into Windows free to use their monopoly OS position to put Netscape out of business, which of course they did.
However, recently I saw some quote which I don't recall which said that IE could be removed (?) for some reason, maybe quoted here here in a
Anyway, was humorous to me.
rd
Computers running an older OS is not necessary a bad thing but tends to be interesting that despite the current trend millions find no reason to upgrade.
Not only is it interesting information, it has brought out some interesting comments, especially concerning making sure this huge base can migrate to Linux when they do migrate.
rd
I answered a bunch of questions--er, complaints--from readers in my newsletter after that column ran (which was, um, almost a month ago). In case anybody's curious, here's that link. [washingtonpost.com]
I was one of the people who wrote you and I got a nice reply back. Thanks. I missed this followup column though. That was funny about the kittens.
You point out the very interesting fact that 112 of the 113 attacks on Symantec's list attack pre-XP, which for me is my Win98 SE and Win Me computers. I should feel concerned but I've never been successfully attacked. Why is that?
I would say it's because I don't run IE or Outlook, but instead Netscape. I also don't have SQL Server on my PC or any number of other Microsoft products with their technology service packs.
I also run a BlackIce firewall which intercepts a constant stream of identified attacks, not sure how many would get through to a Win98 SE box, or just what in Win98 would be susceptible to attack.
I haven't ever seen anything susceptible in Win98 SE described in all the attack descriptions I've read through the years, I might have missed some, but totally unlike the many susceptibilities I read about in unpatched Win 2000 and above services that compromise your computer without even browsing.
I just have never seen that described for Win98 at all, so I am puzzled at how all but one of the latest attacks can compromise my Win98 SE PC.
Not asking for a technical answer from you, I appreciate the insight, but just a rhetorical question. It doesn't add up.
rd
I'm curious to know how developing .NET software in Win98 is.
.NET or have any plans to.
I think it's safe to say that none of us running Win98 SE are developing in
I am developing in Java with JBuilder just fine though.
rd