If this *were* a stack overflow, you'd have a good point.
However, the WMF format allows you to embed a code in it that basically says "when you've finished drawing this, call the function at this address to execute it". The reason that this exists is that WMF was not originally intended to be a file format. It was intended to allow Windows applications to record the steps necessary to draw an object, so they could do it again later (presumably using less processing at that point because everything's precalculated).
It'd be nice to have a computer that I can use the patch on.. Maybe I can Wine it?
That's an interesting question -- is wine vulnerable to this flaw? As I understand it, it is essentially a design fault in the way WMF files work (i.e., the entire process of using a WMF file was never designed to be secure in the first place, so it is able to do stuff like set up callbacks into the application's address space).
These are not good sites to use with RSS. There's very little point in using RSS with slashdot, as you say.
So far, I've found only three good applications for it:
* Checking a lot of sites that are infrequently updated (e.g. friends' blogs) * Reading BBC news, which is very disorganised and frequently puts the same article into multiple index pages. Viewing it with an RSS reader allows me to filter out the articles I've already seen more easily. * Embedding content into other sites (which is what it was designed for anyway) -- there are a number of useful little boxes on the right hand side of my slashdot homepage that I find indespensibly timesaving.
Yes. The problem is that when you draw a metafile, you can include in the metafile an instruction that tells GDI to execute a callback function in the application.
So, the flaw might be in GDI, but the context the exploit code runs in is that of the application, with lowered priveleges active if the app is using them.
The sad thing is that lowered privileges wouldn't do a damn thing to stop you from being infected by the problem we are discussing. Just view the wrong image and *zap* you're infected.
It's ugly when the flaw is in the graphics display subroutines of the OS itself.
As I understand the flaw, the exploit code is executed in the context of the application, not as the system user. The flaw is in the GDI component, yes, but the flaw is basically that it allows a call back to the application's memory space to be made that shouldn't exist.
In this case, lowered priveleges, if done right, would certainly protect you from infection. The app wouldn't be able to create files except in a well known location, and wouldn't be able to modify the registry to cause files it created to be executed.
Using Firefox with Adblock installed one can stop all files of this dangerous type by adblocking them until a patch is available.
You'll need to block all file types that have a registry entry HKEY_CLASSES_ROOT\.[extension goes here]\PerceivedType = "image", because once the file gets as far as the Windows DLL that is used to display them, it ignores type information and uses a magic number to identify them.
Regardless of any supposed benefit gained by this, allowing a data file to execute arbitrary code upon it being viewed is simply begging for an exploit like this.
You have to understand that WMF files developed from a facility in the Windows GDI that allowed an application to capture a sequence of calls to GDI functions in order to replay them quickly at a later point (e.g., if the application is requested to redraw the content of its window). Having done this, developers then asked "what happens if I dump the data generated by this function into a file, and load it back in later?" and lo and behold it worked. That's what a WMF file *is*: a set of instructions saying "call this function with these parameters".
What's *really* mind-bogglingly stupid is that MS have set up Internet Explorer and Outlook so that they render this format.
Why does the WMF rendering code need to run with any more permissions than: read a block of memory with the WMF file, and write a block with the rendered bitmap? (Or perhaps make display / GDI calls, if performance is a concern.)
Because the WMF rendering code *is* GDI. Seriously - a WMF file is basically a list of GDI functions to call in order, along with the parameters to pass to them.
Well if you run a real OS, then the browser runs only with the permissions of a particular user. Windows which has some security is designed to bypass that secuirty to give users an edge. So your screwed.
That just ain't true. Internet Explorer runs with the permissions of whichever user you're logged in as.
In fact, in Windows Vista, I understand it runs in a restricted user account with less access than the current user.
Throwing out the word "evolution" (since it seems I'm misusing it)... the original story is about teaching origins in school.
No it isn't. It's about teaching biology, which is a science that is not usually concerned with the issues of "origins" -- in fact, that is one of the largest gaps in current biological knowledge, as nobody knows how the first life was formed. There are theories of ways that life could have formed, but as far as I know nobody has thus far been able to come up with a way of choosing between them (or even proving them all wrong).
So where's the spare planet where you tested the evolution of hominids from single cell organisms?
That isn't necessary; the assertions that we need to test are, essentially, that environmental pressures cause selection within groups of creatures that increases the chance of subsequent generations having particular characteristics that help deal with those pressures. This is frequently observed in cases of (e.g.) antibiotic resistant bacteria. Another assertion is that when this is carried on over large periods of time (probably connected with small isolated populations and rapid environmental change) new species can develop. This is also a testable assertion, although I don't believe it has been tested yet, as it is a very long term project.
I have only seen one home computer that drew power on the older of a kilowatt.
It was a dual CPU AMD Athlon MP system. It had a peltier cooler on each CPU, and was watercooled. The water cooling setup had two pumps. It had 5 harddrives. And a DVD burner. It had 2 high end, dual head video cards. It had a seperate TV tuner card. It had 4 CRT monitors (1 19" and 3 17"). And a high end speaker set up. So I'm guessing a kilowatt there, easily.
I don't think so, actually. The way I see it: CPUs = 100W, Cooling = 100W, Hard drives = another 100W, video cards = 150W. Monitors and speakers don't draw fram the main PSU. The rest, probably not a lot. Call it 500W total; an 850W supply should be more than adequate for this one.
Let's keep this objective... can anyone justify the classification of one theory as religion and another as science, when they both address the same thing?
A scientific theory is something that contains an assertion that can be experimentally tested.
A religious theory contains an assertion that one must accept on faith as it is impossible to test.
This is the basic difference between the Theory of Evolution (a scientific theory by the above definition) and that of Intelligent Design (a religious theory by the above definition).
Google's approach has always been large farms of not-very-powerful servers. Python's problems in this area are not an issue to them. For people who've already invested in 32 processor Sun servers or stuff like that, Python isn't very efficient.
If your process is CPU bound, and the work you are doing is in pure Python code [...] then it won't matter that there's a GIL because it will be too slow anyway!
Scalability is about adding extra hardware to solve the issue, not raw speed. Besides, using a just-in-time compiler (i.e. Psyco) can get close to the performance of raw C code in many circumstances.
Most benchmarks suggest it's pretty much equivalent to traditional malloc & free in most cases. The biggest efficiency problem is the same as exists in most other object-oriented languages: you can't allocate multiple objects in a single allocation.
Maybe this is why open-source programs appeal to the stereotypical geek, linguistically/artistically/critically challenged. Too left-brained.
Most geeks I know are pretty creative and generally have very good linguistic skills. While they are (I think) "left brain" dominated, I'd say it's pretty much a myth that art is a right brain activity.
True, but since they've added that, it is becoming less common. Looking at the most recent 3 programs I've installed (OpenOffice, TrueCrypt and BitCollider) only one of them (TrueCrypt) has put an uninstall option in the start menu. Give it a couple of years, and I reckon we'll be up to the point where it's rare to see it.
So, a power supply that never sees more than 50% of it's rated load will run cool and very stable and will have a long service life.
I suspect computers that draw even 500W are few and far between, though. I know I did an overnight measurement of power consumption for my house a few weeks back, after installing a frost protection heater in the shed, and the total usage came in at about 4kWhr over a 9 hour period. During this time I had 2 computers running constantly (without monitors), along with a fridge, chest freezer, dehumidifier, said frost protection heater, router/ADSL modem, overnight lighting circuit (about 30W) and various appliances on standby. I don't have figures for the computers, but they can't be very high given that result.
Re:I love Python, but...
on
Guido Goes Google
·
· Score: 2, Interesting
WxWidgets? PyGTK?
Both of those are substantially lower-level than the grandparent's examples (SWING and Windows.Forms, IIRC). Wx seems to be pretty much an MFC reimplementation ported to Python, while GTK seems to take a different but equally low-level approach to it all.
I'm currently working on a UI framework based around an XML object description framework and layout engine that might fit the bill better. Currently only C++ is supported, but Python's on the roadmap. Not sure what license I'll be able to release under, though, as it includes some of my company's proprietary tech. May be able to convince the boss that a GPL version of it in our competitors' hands wouldn't be a threat to us, a la QT.
Hmm Python's garbage collection...I dunno about that.
It's pretty simple. Refcounting with optional mark & sweep to collect cyclical structures. What's the issue with that?
Re:His name is Guido?
on
Guido Goes Google
·
· Score: 3, Informative
Python has moderately fast bytecode (google stuff could improve a lot here) and it's got a decent oop model and a threading api.
Python's biggest problem from a performance perspective is that the language effectively guarantees operations on several internal objects (e.g. lists, dictionaries, etc) are atomic (from a multithreading point of view). This means that some kind of lock must be held when working with such objects. Because this is how most Python programs spend most of their time, Python usually just has a global lock for all such objects that threads hold whenever they aren't blocked. This means that multithreaded Python apps do not usually benefit from having multiprocessing systems. The obvious alternative (per-object locks acquired when necessary) doesn't seem to help, as it slows single-thread performance significantly.
I think this flaw means that Python cannot really compete with Java or C# on big server systems. And I don't see how to fix it, either, without breaking the beauty of the language.
Where there is a doubt about identity, the police do not let people "drive off into the sunset" with a producer. They'll be interested in what cards you have ion your wallet/pockets, they'll be asking questions etc. People lie to the police about who they are all the time. The police are not naive about this issue. They'll let you and them go only when they are satisfied about who you are.
Unless they want to arrest you, they have to let you go. There's no requirement for you to carry any form of identifying documents with you at all times, so searching you isn't going to help them. Arresting somebody simply because they cannot prove their identity isn't something the police do a lot of, either. My understanding is that if they want to identify the driver of a vehicle, they usually ask for name & address and check against the DVLA records for the vehicle, accepting the information as true if it matches.
Note that anybody with "reasonable cause" can request details of the registered keeper of a vehicle from the DVLA (in order to allow for civil claims when a driver has caused damage and not left ). In practice, this means that anybody willing to lie on the application form and provide a little faked evidence can get hold of the information that will make the police leave them alone if they are stopped driving a vehicle with cloned number plates.
IIRC To get a number plate made in the UK you need to provide documentation proving that you are the owner of that registration mark.
Well, technically, yes. But sticking letter outlines to a piece of reflective plastic isn't exactly rocket science, and there are, I'm sure, plenty of black-market number plate dealers.
I suspect it causes more inconvenience to law abiding citizens than actually stops crime.
Yes. A friend who works in the motor trade finds it very inconvenient -- it adds a complete day to the earliest time he can deliver a vehicle a customer has ordered, because getting the registration documents through is what takes the longest and he can't get the plates until the registration documents are dealt with.
And then the DVLA loses applications from time to time...
If this *were* a stack overflow, you'd have a good point.
However, the WMF format allows you to embed a code in it that basically says "when you've finished drawing this, call the function at this address to execute it". The reason that this exists is that WMF was not originally intended to be a file format. It was intended to allow Windows applications to record the steps necessary to draw an object, so they could do it again later (presumably using less processing at that point because everything's precalculated).
It'd be nice to have a computer that I can use the patch on.. Maybe I can Wine it?
That's an interesting question -- is wine vulnerable to this flaw? As I understand it, it is essentially a design fault in the way WMF files work (i.e., the entire process of using a WMF file was never designed to be secure in the first place, so it is able to do stuff like set up callbacks into the application's address space).
These are not good sites to use with RSS. There's very little point in using RSS with slashdot, as you say.
So far, I've found only three good applications for it:
* Checking a lot of sites that are infrequently updated (e.g. friends' blogs)
* Reading BBC news, which is very disorganised and frequently puts the same article into multiple index pages. Viewing it with an RSS reader allows me to filter out the articles I've already seen more easily.
* Embedding content into other sites (which is what it was designed for anyway) -- there are a number of useful little boxes on the right hand side of my slashdot homepage that I find indespensibly timesaving.
Yes. The problem is that when you draw a metafile, you can include in the metafile an instruction that tells GDI to execute a callback function in the application.
So, the flaw might be in GDI, but the context the exploit code runs in is that of the application, with lowered priveleges active if the app is using them.
The sad thing is that lowered privileges wouldn't do a damn thing to stop you from being infected by the problem we are discussing. Just view the wrong image and *zap* you're infected.
It's ugly when the flaw is in the graphics display subroutines of the OS itself.
As I understand the flaw, the exploit code is executed in the context of the application, not as the system user. The flaw is in the GDI component, yes, but the flaw is basically that it allows a call back to the application's memory space to be made that shouldn't exist.
In this case, lowered priveleges, if done right, would certainly protect you from infection. The app wouldn't be able to create files except in a well known location, and wouldn't be able to modify the registry to cause files it created to be executed.
Using Firefox with Adblock installed one can stop all files of this dangerous type by adblocking them until a patch is available.
You'll need to block all file types that have a registry entry HKEY_CLASSES_ROOT\.[extension goes here]\PerceivedType = "image", because once the file gets as far as the Windows DLL that is used to display them, it ignores type information and uses a magic number to identify them.
That's a lot of file types, BTW.
Regardless of any supposed benefit gained by this, allowing a data file to execute arbitrary code upon it being viewed is simply begging for an exploit like this.
You have to understand that WMF files developed from a facility in the Windows GDI that allowed an application to capture a sequence of calls to GDI functions in order to replay them quickly at a later point (e.g., if the application is requested to redraw the content of its window). Having done this, developers then asked "what happens if I dump the data generated by this function into a file, and load it back in later?" and lo and behold it worked. That's what a WMF file *is*: a set of instructions saying "call this function with these parameters".
What's *really* mind-bogglingly stupid is that MS have set up Internet Explorer and Outlook so that they render this format.
Why does the WMF rendering code need to run with any more permissions than: read a block of memory with the WMF file, and write a block with the rendered bitmap? (Or perhaps make display / GDI calls, if performance is a concern.)
Because the WMF rendering code *is* GDI. Seriously - a WMF file is basically a list of GDI functions to call in order, along with the parameters to pass to them.
Well if you run a real OS, then the browser runs only with the permissions of a particular user. Windows which has some security is designed to bypass that secuirty to give users an edge. So your screwed.
That just ain't true. Internet Explorer runs with the permissions of whichever user you're logged in as.
In fact, in Windows Vista, I understand it runs in a restricted user account with less access than the current user.
Throwing out the word "evolution" (since it seems I'm misusing it)... the original story is about teaching origins in school.
No it isn't. It's about teaching biology, which is a science that is not usually concerned with the issues of "origins" -- in fact, that is one of the largest gaps in current biological knowledge, as nobody knows how the first life was formed. There are theories of ways that life could have formed, but as far as I know nobody has thus far been able to come up with a way of choosing between them (or even proving them all wrong).
So where's the spare planet where you tested the evolution of hominids from single cell organisms?
That isn't necessary; the assertions that we need to test are, essentially, that environmental pressures cause selection within groups of creatures that increases the chance of subsequent generations having particular characteristics that help deal with those pressures. This is frequently observed in cases of (e.g.) antibiotic resistant bacteria. Another assertion is that when this is carried on over large periods of time (probably connected with small isolated populations and rapid environmental change) new species can develop. This is also a testable assertion, although I don't believe it has been tested yet, as it is a very long term project.
I have only seen one home computer that drew power on the older of a kilowatt.
It was a dual CPU AMD Athlon MP system. It had a peltier cooler on each CPU, and was watercooled. The water cooling setup had two pumps. It had 5 harddrives. And a DVD burner. It had 2 high end, dual head video cards. It had a seperate TV tuner card. It had 4 CRT monitors (1 19" and 3 17"). And a high end speaker set up. So I'm guessing a kilowatt there, easily.
I don't think so, actually. The way I see it: CPUs = 100W, Cooling = 100W, Hard drives = another 100W, video cards = 150W. Monitors and speakers don't draw fram the main PSU. The rest, probably not a lot. Call it 500W total; an 850W supply should be more than adequate for this one.
Let's keep this objective... can anyone justify the classification of one theory as religion and another as science, when they both address the same thing?
A scientific theory is something that contains an assertion that can be experimentally tested.
A religious theory contains an assertion that one must accept on faith as it is impossible to test.
This is the basic difference between the Theory of Evolution (a scientific theory by the above definition) and that of Intelligent Design (a religious theory by the above definition).
It's a very simple concept, really.
Light Saber training should be included within the High School Science Curriculumn.
Absolutely. Only by correct training can a large number of rather gruesome light sabre accidents be avoided.
You mean like Google? Oh wait...
Google's approach has always been large farms of not-very-powerful servers. Python's problems in this area are not an issue to them. For people who've already invested in 32 processor Sun servers or stuff like that, Python isn't very efficient.
If your process is CPU bound, and the work you are doing is in pure Python code [...] then it won't matter that there's a GIL because it will be too slow anyway!
Scalability is about adding extra hardware to solve the issue, not raw speed. Besides, using a just-in-time compiler (i.e. Psyco) can get close to the performance of raw C code in many circumstances.
Most benchmarks suggest it's pretty much equivalent to traditional malloc & free in most cases. The biggest efficiency problem is the same as exists in most other object-oriented languages: you can't allocate multiple objects in a single allocation.
Maybe this is why open-source programs appeal to the stereotypical geek, linguistically/artistically/critically challenged. Too left-brained.
Most geeks I know are pretty creative and generally have very good linguistic skills. While they are (I think) "left brain" dominated, I'd say it's pretty much a myth that art is a right brain activity.
True, but since they've added that, it is becoming less common. Looking at the most recent 3 programs I've installed (OpenOffice, TrueCrypt and BitCollider) only one of them (TrueCrypt) has put an uninstall option in the start menu. Give it a couple of years, and I reckon we'll be up to the point where it's rare to see it.
So, a power supply that never sees more than 50% of it's rated load will run cool and very stable and will have a long service life.
I suspect computers that draw even 500W are few and far between, though. I know I did an overnight measurement of power consumption for my house a few weeks back, after installing a frost protection heater in the shed, and the total usage came in at about 4kWhr over a 9 hour period. During this time I had 2 computers running constantly (without monitors), along with a fridge, chest freezer, dehumidifier, said frost protection heater, router/ADSL modem, overnight lighting circuit (about 30W) and various appliances on standby. I don't have figures for the computers, but they can't be very high given that result.
WxWidgets?
PyGTK?
Both of those are substantially lower-level than the grandparent's examples (SWING and Windows.Forms, IIRC). Wx seems to be pretty much an MFC reimplementation ported to Python, while GTK seems to take a different but equally low-level approach to it all.
I'm currently working on a UI framework based around an XML object description framework and layout engine that might fit the bill better. Currently only C++ is supported, but Python's on the roadmap. Not sure what license I'll be able to release under, though, as it includes some of my company's proprietary tech. May be able to convince the boss that a GPL version of it in our competitors' hands wouldn't be a threat to us, a la QT.
Hmm Python's garbage collection...I dunno about that.
It's pretty simple. Refcounting with optional mark & sweep to collect cyclical structures. What's the issue with that?
Python has moderately fast bytecode (google stuff could improve a lot here) and it's got a decent oop model and a threading api.
Python's biggest problem from a performance perspective is that the language effectively guarantees operations on several internal objects (e.g. lists, dictionaries, etc) are atomic (from a multithreading point of view). This means that some kind of lock must be held when working with such objects. Because this is how most Python programs spend most of their time, Python usually just has a global lock for all such objects that threads hold whenever they aren't blocked. This means that multithreaded Python apps do not usually benefit from having multiprocessing systems. The obvious alternative (per-object locks acquired when necessary) doesn't seem to help, as it slows single-thread performance significantly.
I think this flaw means that Python cannot really compete with Java or C# on big server systems. And I don't see how to fix it, either, without breaking the beauty of the language.
I'm wondering what kind of "offer" it was. The variety that you can't refuse, perhaps? ;)
Where there is a doubt about identity, the police do not let people "drive off into the sunset" with a producer. They'll be interested in what cards you have ion your wallet/pockets, they'll be asking questions etc. People lie to the police about who they are all the time. The police are not naive about this issue. They'll let you and them go only when they are satisfied about who you are.
Unless they want to arrest you, they have to let you go. There's no requirement for you to carry any form of identifying documents with you at all times, so searching you isn't going to help them. Arresting somebody simply because they cannot prove their identity isn't something the police do a lot of, either. My understanding is that if they want to identify the driver of a vehicle, they usually ask for name & address and check against the DVLA records for the vehicle, accepting the information as true if it matches.
Note that anybody with "reasonable cause" can request details of the registered keeper of a vehicle from the DVLA (in order to allow for civil claims when a driver has caused damage and not left ). In practice, this means that anybody willing to lie on the application form and provide a little faked evidence can get hold of the information that will make the police leave them alone if they are stopped driving a vehicle with cloned number plates.
IIRC To get a number plate made in the UK you need to provide documentation proving that you are the owner of that registration mark.
Well, technically, yes. But sticking letter outlines to a piece of reflective plastic isn't exactly rocket science, and there are, I'm sure, plenty of black-market number plate dealers.
I suspect it causes more inconvenience to law abiding citizens than actually stops crime.
Yes. A friend who works in the motor trade finds it very inconvenient -- it adds a complete day to the earliest time he can deliver a vehicle a customer has ordered, because getting the registration documents through is what takes the longest and he can't get the plates until the registration documents are dealt with.
And then the DVLA loses applications from time to time...