Slashdot Mirror


User: julesh

julesh's activity in the archive.

Stories
0
Comments
8,446
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 8,446

  1. Re:Good for them on Free Certificate Authority Unveiled by Aussies · · Score: 2, Interesting

    If you, as a small corporation, non-profit or individual, go up in court against a large corporation or an ambulance-chasing shark, your chances or losing are better than not.

    That's not the way it works in the UK. As a director of a small company that has taken a few larger businesses to court, I can tell you that most of the time, the smaller business wins. That's because most of the time, the smaller business is _right_, and that's what the court is interested in.

    I'm convinced that the UK civil court system (which is not entirely a loser-pays system, but similar -- it's a "loser pays winner's reasonable costs if loser's case was unlikely to win from the beginning" system) works, and would suggest to anyone not to knock it unless they've tried it.

  2. Re:who else remmbers on Free Certificate Authority Unveiled by Aussies · · Score: 2, Informative

    This often happens if you've set scripting of ActiveX components in the Internet zone to 'prompt' (which is a good idea) and not set your webmail host to be a trusted site (which is also a good idea, imho - who knows how good they are at stripping out weird HTML?).

  3. I'd get... on How Would You Lock Down a Windows XP Machine? · · Score: 1
  4. Re:Have you tried SpamCop's "quick reporting"? on Comcast Port 25 Blocks Result In Less Spam · · Score: 1

    but no reporting of spamvertized web sites this way

    As a web developer who hosts sites for his clients, I can only say this is a good thing, after one of my *!^#+:> clients decided to hire a company to send "ten thousand opt-in advertising e-mails" for him and nearly got all of my sites blocked.

    Opt-in my arse.

  5. Re:I am okay with this on 'Satan' Missile Now Launches Satellites · · Score: 4, Informative

    You're thinking of the Saturn V, which was designed by Werner von Braun, who also designed the V2, the world's first ballistic missile. So yes, you do recall correctly.

  6. Not the first post on 'Satan' Missile Now Launches Satellites · · Score: 4, Insightful

    Sorry, am I the only one here who doesn't think a virus for which a vaccine exists is a worse threat than an H-bomb?

  7. Re:MFC not included - again on Microsoft Launches Visual Studio Express, VS 2005 Beta · · Score: 1

    You don't ----neeeeeeeeed----- MFC, and in fact I would advise you to stay the hell away from it.

    I don't use MFC. In fact, I have my own framework which is 10x more intuitive and lets me be just as much more productive than when I use MFC.

    There are two problems.

    1: When you look up something about writing Windows programs -- say you wanted an example of how to embed Internet Explorer into your application -- all of the example stuff is written in MFC. If you can't compile that to play around with it and see how to use it, then you're on your own reading Microsoft's obscure documentation.

    2: A large proportion of Windows open source software requires MFC. I, personally, have Visual Studio 6, which lets me compile a proportion of it -- but that proportion is dropping rapidly, and soon I don't think I'll be able to work on 70-80% of Windows open source projects. Which is a big deal to me.

  8. Re:Not directly...? on Microsoft Launches Visual Studio Express, VS 2005 Beta · · Score: 1

    Their free c++ compiler and libs can't handle Visual Studio projects

    Are you sure? I read in an MSDN knowledge base article that nmake from VS.NET 2002 and above can read VS.NET project files, thus eliminating the need for a separate makefile. Have they taken this ability out of the free version, or have you not tried it?

    Failing that, you're down to writing makefiles by hand, at which point you have to ask yourself why you bothered using the VS IDE in the first place.

    Because its integrated debugger is an essential piece of kit that isn't included with the free command line tools?

  9. Re:No you can't on Microsoft Launches Visual Studio Express, VS 2005 Beta · · Score: 1

    That's because it's a beta. I think this is a standard condition in MS's beta compiler licenses.

  10. Re:How can a judge get that dumb? on Court Says Customers May Take IPs Away From ISP · · Score: 1

    As somebody who crosses about 5 of them every day during rush hour when commuting, I'd have to say that your figure is utterly wrong. 2-3% might be more accurate.

  11. Re:Thus the phrase... on EPA Fuel Economy Myth: Too High, Too Low? · · Score: 1

    Have you ever noticed that when they widen a road, the traffic doesn't tend to get lighter?

    There is a tendency for traffic to get denser over time anyway. Road widening tends to happen when the roads are getting so congested that traffic that _should_ be using that road is spilling over onto another (smaller) one.

    Also, there are people who use public transport because of bad traffic -- a freshly widened road tempts them back onto it.

    The first cause of this problem simply doesn't apply here. The second does (e.g., people avoiding making trips because of the expense), but I suspect to a lesser degree. Hard to tell, though. There are quite a few of these over here in the UK, at least, but our fuel prices are approximately double US prices (due mainly to hefty taxation).

  12. MFC not included - again on Microsoft Launches Visual Studio Express, VS 2005 Beta · · Score: 1

    Just like the free command line tools, the Visual Studio C++ Express edition doesn't include MFC. This severely restricts the capabilities of the system, as almost all sample Windows code is written using MFC.

    Although maybe we'll start seeing more applications that don't use MFC in future. That would be nice.

    Anyone know of a free MFC re-implementation?

  13. Re:RTFA "To prevent further abuse" on Corporate Servers Spreading IE Virus [Updated] · · Score: 1

    Also, I don't see how keeping secret the list of affected servers in any way assists with preventing further exploitation.

    Then you are blind


    Please justify your blanket assertion, or stop being insulting. This is in no way obvious to me, and I suspect to many other readers of slashdot. So, in what way does keeping infected servers secret prevent further exploitation?

    [btw: it all seems a little pointless anyway, as MS appear to have identified the hole being used as one that was patched a while ago, see other comments]

  14. Re:The great firewall of ... Western countries on Corporate Servers Spreading IE Virus [Updated] · · Score: 1

    But I wonder how much of it is paid for by US based companies who are outsourcing their spamming?

  15. Re:Here's a few on Corporate Servers Spreading IE Virus [Updated] · · Score: 1

    It amuses me that you can't search MS's knowledge base to fix IE if IE is dead. On the other hand, Windows is probably dead if IE won't run.

    I went to the page you listed, entered "internet explorer sucks" in the search box and hit enter, it did a search for me. Admittedly it only found one result, but it was a good one.

    It seems the advanced search link is broken, though.

    You can also search the knowledge base here (http://search.microsoft.com/search/search.aspx?vi ew=msdn&st=a&c=0&s=1)
    which works fine in Mozilla.

    I also note that your non-MS site is the same link that someone posted previously as a site that installs spyware through an MSIE exploit, but which was discovered in the discussion to have been cleaned up. I guess you didn't read the discussion.

  16. Re:Microsoft Published Workaround on Corporate Servers Spreading IE Virus [Updated] · · Score: 2, Insightful

    Yeah. Except that advice just doesn't help here, because it seems that a security-zone busting exploit is being used, which probably won't be stopped by it. To really prevent it, you'd need to set your Local Computer zone to high safety.

  17. Re:Infected ferociously on Corporate Servers Spreading IE Virus [Updated] · · Score: 2, Informative

    The best approach for this kind of thing: kill everything that starts automatically in your registry and win.ini files, and then quickly switch your machine off, ASAP after you've saved your changes to win.ini, without going through shutdown. Just pull the plug. With any luck, you've prevent them from putting themselves back into those locations and now you can delete them normally.

    I had similar problems removing a piece of shit known as CoolWebSearch from a friend's machine.

  18. Re:What about this? on Corporate Servers Spreading IE Virus [Updated] · · Score: 3, Informative

    Hmmm... it seems the exploit is limited to denial of service, which isn't exactly serious. Essentially, windows appears to trust the calculated image size, and attempts to allocate a huge amount of memory.

  19. Re:Another nail in Javascript's coffin on Corporate Servers Spreading IE Virus [Updated] · · Score: 3, Interesting

    I *always* try to develop web sites that work with javascript disabled. It isn't always easy to make this coincide with client requests, but you can usually do it (even if you have to have a no-js version).

    I've worked in an environment before (a corporate centre for a major UK bank) where javascript was stripped from downloaded web pages at the firewall.

  20. Re:Opera? Firefox? IE.....hell no on Corporate Servers Spreading IE Virus [Updated] · · Score: 1

    I find opera unusable because if you scroll while images are downloading they flicker badly and often don't redraw properly on my machine. Could just be me, though.

  21. Re:Is it an IE only exploit? on Corporate Servers Spreading IE Virus [Updated] · · Score: 3, Informative

    Javascript is sandboxed in IE, too. The problem is, the IE sandbox leaks...

  22. Re:RTFA "To prevent further abuse" on Corporate Servers Spreading IE Virus [Updated] · · Score: 1

    The exploit is server side, not client side according to reports. [...] So the public at large is not under threat from their high-profile site.

    Not according to the linked article. "Security researchers warned Web surfers on Thursday to be on guard after uncovering evidence that widespread Web server compromises have turned corporate home pages into points of digital infection." Sounds pretty threatening to me.

    I think those consumer's PCs are more important than the corporate web servers in question. There are a lot more of them, and it would take substantially more effort to clean up afterwards.

    Also, I don't see how keeping secret the list of affected servers in any way assists with preventing further exploitation. All it does is protect the reputation of the companies whose servers have been exploited. Frankly, I don't give a shit about those companies. You wouldn't catch me running IIS without a protective system around it that filters out unusual looking queries, which you can be pretty sure will stop whatever exploit is being used here.

  23. Re:What really happens... on Corporate Servers Spreading IE Virus [Updated] · · Score: 1

    So if every major website already puts javascript at the bottom of every page, how is my mom supposed to read the code and see whether its real javacript from my bank or from a hacker?

    Who suggested she should? The GP post just gave some technical details on how this works, that might enable those of us in the know to catch it and prevent it spreading further.

  24. Re:Special Pleading on Response to Gordon Cormack's Study of Spam Detection · · Score: 1

    As near as I can tell (I skimmed, admittedly, I didn't read every word carefully), his defense amounts to "please don't test the different filters because..."

    You must have been skimming very badly. I read it, and this kind of argument was never used at all. Basically, he pointed out flaws in the way the test was set up that biased it towards SpamAssassin. Particularly that the test was started with untrained filters, and that the version of SpamAssassin's ruleset used was more recent than the messages being classified (I'm sure you can figure out what that means).

  25. Re:Spamassasin is good but not that good... on Response to Gordon Cormack's Study of Spam Detection · · Score: 1

    Well, of course it was. As stated in the article, he was using the latest version of SA to classify mail that was up to 8 months old. I'd expect it to be pretty close to perfect on that. It's just current stuff it ain't so hot on.