This is old news -- it showed up on a MS developer blog a couple of months back.
The interesting part is that VBA is not fully supported on the 64-bit Office for Windows, and is in fact depricated, which traditionally means that no further imporovements will be made and further use is discouraged.
Don't believe me? Go search Microsoft's Office site.
I left the Mac after 7.5 for (GNU/)Linux (because I was moving into software developement as a career and LOVED the free development tools). I came back after a few of my Mac-using friends told me that Jaguar was finally a truly "Mac-worthy" OS. Went down to the local Apple retailer and tried it for myself. I bought a custom-configured iBook a week later, and bought a desktop Mac three months after that. I'm saving my money now for both an Intel-based 'Book and an Intel-based 'Mac (although I might be persuaded to buy a dual-core G4 'Book if Apple makes one before the Intel switch).
Of course you're going to get "burned" when Apple releases updated hardware with better specs at the same (or lower) price. However, you must consider the value of the increased productivity you will experience between the time of your initial purchase and the release of the upgraded hardware. I really debated my purchase when I bought my first OS X computer almost 2 years ago -- and finally decided that I'd waited too long. Sure, I'd purchased a better computer for the money than if I'd just gone out and purchased an OS X computer when I first decided I wanted one, but the time I spent trying to create a comparable environment on various Intel-compatible machines I time I can't get back. Had I just purchased a OS X computer sooner, I'd have just been doing the things I wanted to do, rather than trying to make my computer do the things I wanted to do.
If you have a USB keyboard and mouse and a good monitor already, buy the $599 Mac mini (add wireless and DVD-R if you need them) and put a 1GB DIMM in when you get it. Get a 20GB iPod with it. For under $1000, you've got a good selection of Apple products. Try them out. Try not to use Windows or Linux -- use OS X as your primary computing environment. Don't try to make OS X behave just like Linux (or whatever other UNIX you prefer). Installing Fink does not count as trying to make OS X just like Linux (Fink is good!). Don't partition the HD. Use one partition. You may remove Classic (I don't have Classic/OS 9 on any of my Macs -- who'd want it?). Use OS X on Apple's terms and see if you like it.
Alternately, you could do what I do -- wait for the hardware updates, then buy the discontinued models on closeout for substantial savings. I got a previous model $999 eMac for $600 with AppleCare included when Apple last upgraded the eMacs. My wife loves this machine. She doesn't even know that I use it to serve my Subversion repository and as my MySQL server!
While I wish this were true, I can't support your claim -- in fact, the only one of these that appears to be fixed after applying 10.3.4 is the Help Viewer exploit. All of the rest still seem to work as advertised. Too bad.
Nothing new here. I clicked on every link on the page and the only thing I got was a copy of "Test.dmg" in my Downloads folder after clicking http://ozwicx.dk/OpnAppFixer/Test.dmg (the second link on the page), which of course I did not mount.
I'm not debating whether or not this is a real security issue -- it is evident that it is. What I'm debating is whether or not Paranoid Android is the only way to protect oneself from it as is claimed on the Unsanity web site. It is not, and thus I'm still baffled by the baseless claims to the contrary. And I quote:
Because this sample exploit registers its own URL scheme, none of the methods people had been using involving disabling certain scripts, moving Help.app or changing the 'help' URL scheme would protect against it. At this time, only Paranoid Android provides protection from it.
Ive written a sample exploit that delivers and executes its payload without user intervention and operates by registering its own URL scheme handler. Until Paranoid Android, there was no way of protecting against this attack, which freaked me out enough to write Paranoid Android.:)
If you click the sample exploit link below, heres what will happen:
A disk image named MalwareDiskImage will be mounted on your desktop.
LaunchServices will read the Info.plist file of the application in this disk image automatically, and register the application as the default handler for URLs with a 'malware' scheme.
The webpage will wait 10 seconds, and then redirect to malware:unused, causing LaunchServices to launch the payload application within the disk image.
The application within the disk image will write a text file to the users home directory called owned.txt explaining that the machine has been exploited, will present an alert to the user, and will eject the disk image.
Because this sample exploit registers its own URL scheme, none of the methods people had been using involving disabling certain scripts, moving Help.app or changing the 'help' URL scheme would protect against it. At this time, only Paranoid Android provides protection from it.
Portions of this sample exploit are based heavily on a prior sample exploit at insecure.ws
Conclusions
Until Apple fixes this vulnerability, you should install Paranoid Android and surf safely.
Copyright Jason Harris, 2004, All Rights Reserved
</quote>
I'm using 10.3.3 and when I click on the sample exploit URI, nothing happens -- nothing. I've tried this thing 10+ times, scoured my HD for "owned.txt" and can find nothing. Of course, I installed the RCDefaultApp PreferencePane a couple of days ago and had already followed the suggestions posted by John Gruber on http://daringfireball.net but since Paranoid Android is the ONLY thing that can protect against this exploit, I'm at a loss as to explain why my machines aren't affected.
I have worked in IT and non-IT jobs over the past 10 years, and I have discovered that ALL companies want employees with two skills:
1. The ability to communicate.
2. The ability to think.
You don't get these skills in a Finance class, or a Software Design class. You get these skills in English Composition classes, Philosophy classes, Art and Music classes, and Science classes. This is what a "Well-Rounded Education" means (or at least SHOULD mean).
If you are applying for a job in a particular field (IT, for instance), they assume you have a basic set of skills in that field. However, what will set you apart from those who are competing for the same position is your ability to communicate with others (written and verbal) and to demonstrate the ability to use what you have learned as a basis for learning new things. These skills will land you your first job, and by continuing to exercise these skills in the workplace, you will get raises, promotions, and new job offers.
However, I feel it is sad that you seem to view your college education as a means to obtain a job. If all you want is to work in the IT field, you can go to a Technical School, get a certificate in Computer Programming, and go to work. However, your future potential will be limited. The reason I went to University was to improve myself, not just to get a good job. My education gives me the ability to evaluate critically any idea to which I am exposed and to decide for myself the value of those ideas. My education gives me a lens to focus my view of my experiences and to learn from them. I am a more self-reflective person because of my education. I can examine my own feelings, thoughts, and belief in a critical, rational way. I can discuss art, literature, science, history, philosophy, politics, and current events in a meaningful way with others. In short, my education helped me become a more well-rounded person.
"I am amazed at the people who would never dream of stealing a book from a bookstore (and thus indirectly from the writer) but have no problem stealing music from the artists who create it."
talks_to_birds: Christ!
talks_to_birds: Every time I read this I want to strangle someone!
talks_to_birds: Idiot!
talks_to_birds: The music on Napster is not being stolen from some CD store, nor is it stolen from the artists!
talks_to_birds: It's a copy of some one person's copy of the CD that they bought!
talks_to_birds: Somebody, somewhere bought every single one of the cuts available through Napster!
Thank you for making my point. Theoretically, your argument says that only ONE Napster user must buy the CD in question, then they can legally make an mp3 to share with all the other users on Napster who may or may not have purchased the CD in question. I don't care how you choose to see it: Anyone who downloads a mp3 of a song from a CD that they do not personally own is a thief.
talks_to_birds: This is an issue revolving about whether you, as the purchaser of a CD, has the right to make as many (any?) MP3-quality copies of the cuts and distribute them as you please!
talks_to_birds: The RIAA thinks you have no rights whatsoever regarding the use of the CD's you buy! You can listen to that one original, but that's it.
Here you are wrong. In the USA, you have the right to make as many copies of any media you purchased that you care to make. The copies can be stored on any other media you choose. Where your rights stop is in delivery and distribution of those copies. You may not sell or give away a copy, nor may you sell the original and keep any copies. You may not make a public broadcast of the media's contents for profit (or not) without the written consent of the copyright holder or the agent of the copyright owner. Your right to copy anything on any media is secure, at least in the USA. What you get to do with those copies is what is in question, not your right to make the copies.
talks_to_birds: Don't forget that the issue of copying was unknown until MP3 quality copying became possible.
Again, you are wrong. Ask any media distributor about copyright violations worldwide. For the past 20 years the MPAA, RIAA and software industry has fought to have our government to deny trade relations with countries who do not respect USA copyright, such as China and the former CCCP. The issue of copying has been around for a long time. Where the hell do you think the legal concept of copyright came from in the first place?
talks_to_birds: Hell, my kid's had a dual-well tape player since the very first one she got, when she was maybe five years old! What the hell do you think you're supposed to do with two-well tape decks? Make copies!
That's the biggest red herring I ever saw. Ever hear of logic? Didn't think so.
talks_to_birds: This whole deal is about whether you have the right (any right!?) to make and distribute MP3-quality copies of CD's you own!
Again, it is not. It is about what you can do with the copies you make from the media (CD or other) you own.
talks_to_birds: Have you heard about the RIAA wanting the government to clamp down on the production and sales of blank cassette tapes? Hell no! The RIAA could care less about cassettes!
Personally, my way of protesting Napster is not to use it. I suppose I am one of the few members of the Free Software/Open Source "community" that came to free/open source software because it allowed me to share software without the ethical problem of theft. Thus, because not being a thief is important to me, I use free/open source software and don't use Napster. Again, I am amazed at the people who would never dream of stealing a book from a bookstore (and thus indirectly from the writer) but have no problem stealing music from the artists who create it.
Oh, well. I guess I'm just afflicted with a terrible case of outmoded ethics.
Slashdot Mirror
This is old news -- it showed up on a MS developer blog a couple of months back.
The interesting part is that VBA is not fully supported on the 64-bit Office for Windows, and is in fact depricated, which traditionally means that no further imporovements will be made and further use is discouraged.
Don't believe me? Go search Microsoft's Office site.
I left the Mac after 7.5 for (GNU/)Linux (because I was moving into software developement as a career and LOVED the free development tools). I came back after a few of my Mac-using friends told me that Jaguar was finally a truly "Mac-worthy" OS. Went down to the local Apple retailer and tried it for myself. I bought a custom-configured iBook a week later, and bought a desktop Mac three months after that. I'm saving my money now for both an Intel-based 'Book and an Intel-based 'Mac (although I might be persuaded to buy a dual-core G4 'Book if Apple makes one before the Intel switch).
If you have a USB keyboard and mouse and a good monitor already, buy the $599 Mac mini (add wireless and DVD-R if you need them) and put a 1GB DIMM in when you get it. Get a 20GB iPod with it. For under $1000, you've got a good selection of Apple products. Try them out. Try not to use Windows or Linux -- use OS X as your primary computing environment. Don't try to make OS X behave just like Linux (or whatever other UNIX you prefer). Installing Fink does not count as trying to make OS X just like Linux (Fink is good!). Don't partition the HD. Use one partition. You may remove Classic (I don't have Classic/OS 9 on any of my Macs -- who'd want it?). Use OS X on Apple's terms and see if you like it.
Alternately, you could do what I do -- wait for the hardware updates, then buy the discontinued models on closeout for substantial savings. I got a previous model $999 eMac for $600 with AppleCare included when Apple last upgraded the eMacs. My wife loves this machine. She doesn't even know that I use it to serve my Subversion repository and as my MySQL server!
Oh, well. Back to RCDefaultApp!
Nothing new here. I clicked on every link on the page and the only thing I got was a copy of "Test.dmg" in my Downloads folder after clicking http://ozwicx.dk/OpnAppFixer/Test.dmg (the second link on the page), which of course I did not mount.
I'm not debating whether or not this is a real security issue -- it is evident that it is. What I'm debating is whether or not Paranoid Android is the only way to protect oneself from it as is claimed on the Unsanity web site. It is not, and thus I'm still baffled by the baseless claims to the contrary. And I quote:
Because this sample exploit registers its own URL scheme, none of the methods people had been using involving disabling certain scripts, moving Help.app or changing the 'help' URL scheme would protect against it. At this time, only Paranoid Android provides protection from it.
If not a PR stunt, then what?Ive written a sample exploit that delivers and executes its payload without user intervention and operates by registering its own URL scheme handler. Until Paranoid Android, there was no way of protecting against this attack, which freaked me out enough to write Paranoid Android.:)
If you click the sample exploit link below, heres what will happen:
Because this sample exploit registers its own URL scheme, none of the methods people had been using involving disabling certain scripts, moving Help.app or changing the 'help' URL scheme would protect against it. At this time, only Paranoid Android provides protection from it.
benign sample exploit -->innocousPage.html
Portions of this sample exploit are based heavily on a prior sample exploit at insecure.ws Conclusions
Until Apple fixes this vulnerability, you should install Paranoid Android and surf safely.
Copyright Jason Harris, 2004, All Rights Reserved
I'm using 10.3.3 and when I click on the sample exploit URI, nothing happens -- nothing. I've tried this thing 10+ times, scoured my HD for "owned.txt" and can find nothing. Of course, I installed the RCDefaultApp PreferencePane a couple of days ago and had already followed the suggestions posted by John Gruber on http://daringfireball.net but since Paranoid Android is the ONLY thing that can protect against this exploit, I'm at a loss as to explain why my machines aren't affected.I too saw a comic book movie today. However, the title was Spider-Man. Who the hell is this Spiderman?
I have worked in IT and non-IT jobs over the past 10 years, and I have discovered that ALL companies want employees with two skills:
1. The ability to communicate.
2. The ability to think.
You don't get these skills in a Finance class, or a Software Design class. You get these skills in English Composition classes, Philosophy classes, Art and Music classes, and Science classes. This is what a "Well-Rounded Education" means (or at least SHOULD mean).
If you are applying for a job in a particular field (IT, for instance), they assume you have a basic set of skills in that field. However, what will set you apart from those who are competing for the same position is your ability to communicate with others (written and verbal) and to demonstrate the ability to use what you have learned as a basis for learning new things. These skills will land you your first job, and by continuing to exercise these skills in the workplace, you will get raises, promotions, and new job offers.
However, I feel it is sad that you seem to view your college education as a means to obtain a job. If all you want is to work in the IT field, you can go to a Technical School, get a certificate in Computer Programming, and go to work. However, your future potential will be limited. The reason I went to University was to improve myself, not just to get a good job. My education gives me the ability to evaluate critically any idea to which I am exposed and to decide for myself the value of those ideas. My education gives me a lens to focus my view of my experiences and to learn from them. I am a more self-reflective person because of my education. I can examine my own feelings, thoughts, and belief in a critical, rational way. I can discuss art, literature, science, history, philosophy, politics, and current events in a meaningful way with others. In short, my education helped me become a more well-rounded person.
"I am amazed at the people who would never dream of stealing a book from a bookstore (and thus indirectly from the writer) but have no problem stealing music from the artists who create it."
talks_to_birds: Christ!
talks_to_birds: Every time I read this I want to strangle someone!
talks_to_birds: Idiot!
talks_to_birds: The music on Napster is not being stolen from some CD store, nor is it stolen from the artists!
talks_to_birds: It's a copy of some one person's copy of the CD that they bought!
talks_to_birds: Somebody, somewhere bought every single one of the cuts available through Napster!
Thank you for making my point. Theoretically, your argument says that only ONE Napster user must buy the CD in question, then they can legally make an mp3 to share with all the other users on Napster who may or may not have purchased the CD in question. I don't care how you choose to see it: Anyone who downloads a mp3 of a song from a CD that they do not personally own is a thief.
talks_to_birds: This is an issue revolving about whether you, as the purchaser of a CD, has the right to make as many (any?) MP3-quality copies of the cuts and distribute them as you please!
talks_to_birds: The RIAA thinks you have no rights whatsoever regarding the use of the CD's you buy! You can listen to that one original, but that's it.
Here you are wrong. In the USA, you have the right to make as many copies of any media you purchased that you care to make. The copies can be stored on any other media you choose. Where your rights stop is in delivery and distribution of those copies. You may not sell or give away a copy, nor may you sell the original and keep any copies. You may not make a public broadcast of the media's contents for profit (or not) without the written consent of the copyright holder or the agent of the copyright owner. Your right to copy anything on any media is secure, at least in the USA. What you get to do with those copies is what is in question, not your right to make the copies.
talks_to_birds: Don't forget that the issue of copying was unknown until MP3 quality copying became possible.
Again, you are wrong. Ask any media distributor about copyright violations worldwide. For the past 20 years the MPAA, RIAA and software industry has fought to have our government to deny trade relations with countries who do not respect USA copyright, such as China and the former CCCP. The issue of copying has been around for a long time. Where the hell do you think the legal concept of copyright came from in the first place?
talks_to_birds: Hell, my kid's had a dual-well tape player since the very first one she got, when she was maybe five years old! What the hell do you think you're supposed to do with two-well tape decks? Make copies!
That's the biggest red herring I ever saw. Ever hear of logic? Didn't think so.
talks_to_birds: This whole deal is about whether you have the right (any right!?) to make and distribute MP3-quality copies of CD's you own!
Again, it is not. It is about what you can do with the copies you make from the media (CD or other) you own.
talks_to_birds: Have you heard about the RIAA wanting the government to clamp down on the production and sales of blank cassette tapes? Hell no! The RIAA could care less about cassettes!
talks_to_birds: Inconsistent? You're damn straight!
Totally irrelevant to this issue. Wow, you *really* can't form a logically sound argument.
talks_to_birds: I, for one, think we all should be able to make whatever copies we want to of our own personal property!
And guess what? In the USA, you can do just that. You just don't get to give away a copy of material where someone else holds the copyright.
"Oh, well. I guess I'm just afflicted with a terrible case of outmoded ethics."
talks_to_birds: No: you're an idiot!
I may be an idiot, but I am not a self-justifying thief.
Personally, my way of protesting Napster is not to use it. I suppose I am one of the few members of the Free Software/Open Source "community" that came to free/open source software because it allowed me to share software without the ethical problem of theft. Thus, because not being a thief is important to me, I use free/open source software and don't use Napster. Again, I am amazed at the people who would never dream of stealing a book from a bookstore (and thus indirectly from the writer) but have no problem stealing music from the artists who create it.
Oh, well. I guess I'm just afflicted with a terrible case of outmoded ethics.