I know it's not privilege escalattion per-se which is why I said "I was wrong". But UAC is Microsoft's answer to running as a non privileged user for the average end user, the default user is an admin. The user has root privileges, but apps they run arent meant to, so the effect is meant to be like running as a regular user on *nix OS and using sudo. So the effect here is that essentially, from a malware having root privs point of view Win7 is no better than XP was, but now you have to put up with lots of password prompts that dont actually give you any added security. But hey, it's by design.
OK I was wrong, it's not a flaw to get root from an un-privileged account, but it does allow malicious code to completely bypass UAC for the default account, so UAC with Win7 default settings is completely broken out of the box, and it's also one MS say is by design and won't fix.
Oh, you mean like this UAC flaw that allows any user to gain 'root' which Microsoft in their infinite wisdom has decided isn't a security flaw and have *completely refused to fix*. Despite the fact that you know, it allows anyone with a user account to get admin privileges.
No you're wrong sorry, most Core Duos do support VT. (I have a T2300, not T2300E)
"Contrary to early reports, the Intel Core Duo supports Intel VT x86 virtualization, except in the T2300E model and proprietary T2050/T2150/T2250 mounted by OEMs"
"All it's doing is decoding the image from a source and displaying it."
Decoding 1080p h.264 should take a *lot* more CPU than this. Moving a few vector based circles around is not exactly taxing on a processor. The people that are having problems have fast enough computers, the problem must lie elsewhere.
The GP said dropped, I was just replying to that. My point is that it hit the ground because there was smoke ('vapour' apparently) coming out of it, which is a reasonable reaction when a piece of consumer electronics does that. It still shouldn't explode whether thrown or not. Break yes, explode no.
You said: "In this thread already some guy was saying how Apple offered to replace his aging machine with a brand new one for no cost. Now would that happen to any other computer maker?". I said this is common for anything inside the statutory warranty. I also outlined the UK statutory requirements if the product is older but less than 5 years old.
It is common to replace a product with the current model. The statutory warranty is actually 2 years now (I forgot it had changed) which covers repair or replacement, not partial refund. Usually if it's not something very expensive then you'll get a replacement, and generally that'll be the current model.
For example when Panasonic couldn't repair my projector they replaced my AX100 with an AX200 as that was the current model.
Sorry, are you saying that Apple is the only electronics manufacturer that would replace a faulty product? What planet are you on? The thing *exploded* for christ sake!
If it failed within 1 year of purchase it would be covered by statutory warranty and Apple would have to repair or replace it (if you see the photo in TFA you'll see repair is unlikely). If the product were bought in the last 5 years then Apple are required to repair or refund a portion of the purchase cost (not the full amount due to the product having been used for some time. For example if it were 2.5 years old it might be considered reasonable to refund half the original cost.
However considering their product *exploded* I think the absolute minimum I'd expect from any manufacturer is a replacement.
When laptop batteries started exploding a couple of years back Sony (amongst others) did a full recall, they sent me a replacement battery (RRP ~ £120).
Well it's not unknown for governments to share a little financial data acquired through intelligence means with industry. I *think* the US has done it before, I'm really not sure though, just a vague memory.
Of course this is a one way deal, the US gov isn't offering a reciprocal arrangement.
There was a stand up Battlezone unit at our local swimming pool when I was a kid, with the two forward/backard sticks, one for controlling each track. It kicked arse.
Nothing will beat my first game of the first Star Wars vector graphics cab, sit down version WITH SAMPLED SPEECH! It was quite loud too, quote the rush:D
Indeed. Though CSRF flaws are also dependent on you being logged into the vulnerable application at the time that you visit the compromised website (or that the application doesn't require any login but I'd be very surprised if that were the case here).
Thanks for the insults, but maybe you could actually read what I said?
I did say that it's *not* a market monopoly, which is what people get sued over, but it is a monopoly in terms of "exclusive possession or control of something" [OED].
Slashdot Mirror
Wave has a stronger concept of identity, it should be much easier to close down spammers quickly.
It would have to be a native GUI app that supports HTML, for the widgets. Wait a minute there is one... a browser!
I know it's not privilege escalattion per-se which is why I said "I was wrong". But UAC is Microsoft's answer to running as a non privileged user for the average end user, the default user is an admin. The user has root privileges, but apps they run arent meant to, so the effect is meant to be like running as a regular user on *nix OS and using sudo. So the effect here is that essentially, from a malware having root privs point of view Win7 is no better than XP was, but now you have to put up with lots of password prompts that dont actually give you any added security. But hey, it's by design.
OK I was wrong, it's not a flaw to get root from an un-privileged account, but it does allow malicious code to completely bypass UAC for the default account, so UAC with Win7 default settings is completely broken out of the box, and it's also one MS say is by design and won't fix.
http://www.pretentiousname.com/misc/win7_uac_whitelist2.html
Oops that's the wrong flaw, though it's also rather bad and MS are also refusing to fix it. Sec I'll find the right one.
Oh, you mean like this UAC flaw that allows any user to gain 'root' which Microsoft in their infinite wisdom has decided isn't a security flaw and have *completely refused to fix*. Despite the fact that you know, it allows anyone with a user account to get admin privileges.
Yeah great.
http://www.istartedsomething.com/20090130/uac-security-flaw-windows-7-beta-proof/
No you're wrong sorry, most Core Duos do support VT. (I have a T2300, not T2300E)
"Contrary to early reports, the Intel Core Duo supports Intel VT x86 virtualization, except in the T2300E model and proprietary T2050/T2150/T2250 mounted by OEMs"
http://en.wikipedia.org/wiki/Core_duo
http://ark.intel.com/ProductCollection.aspx?familyID=22731
My old-ish Vaio (has a Core Duo, not the later Core 2 Duo) has VT disabled too, no BIOS setting to re-enable it, bery annoying and very pointless.
"All it's doing is decoding the image from a source and displaying it."
Decoding 1080p h.264 should take a *lot* more CPU than this. Moving a few vector based circles around is not exactly taxing on a processor. The people that are having problems have fast enough computers, the problem must lie elsewhere.
IE6 still has something in the region of 30% 'market' share though, it's not dead yet. Hopefully major sites dropping support will kill it though.
YouTube are going to be dropping support for IE6 soon. Bet you see the numbers drop off rapidly then.
Fine on my Core 1(!) Duo, 1 gig ram, crappy embedded video card, FF3.5, Ubuntu Intrepid.
The GP said dropped, I was just replying to that. My point is that it hit the ground because there was smoke ('vapour' apparently) coming out of it, which is a reasonable reaction when a piece of consumer electronics does that. It still shouldn't explode whether thrown or not. Break yes, explode no.
The iPod was dropped because there was smoke coming out of it!
You said: "In this thread already some guy was saying how Apple offered to replace his aging machine with a brand new one for no cost. Now would that happen to any other computer maker?". I said this is common for anything inside the statutory warranty. I also outlined the UK statutory requirements if the product is older but less than 5 years old.
It is common to replace a product with the current model. The statutory warranty is actually 2 years now (I forgot it had changed) which covers repair or replacement, not partial refund. Usually if it's not something very expensive then you'll get a replacement, and generally that'll be the current model.
For example when Panasonic couldn't repair my projector they replaced my AX100 with an AX200 as that was the current model.
Sorry, are you saying that Apple is the only electronics manufacturer that would replace a faulty product? What planet are you on? The thing *exploded* for christ sake!
If it failed within 1 year of purchase it would be covered by statutory warranty and Apple would have to repair or replace it (if you see the photo in TFA you'll see repair is unlikely). If the product were bought in the last 5 years then Apple are required to repair or refund a portion of the purchase cost (not the full amount due to the product having been used for some time. For example if it were 2.5 years old it might be considered reasonable to refund half the original cost.
However considering their product *exploded* I think the absolute minimum I'd expect from any manufacturer is a replacement.
When laptop batteries started exploding a couple of years back Sony (amongst others) did a full recall, they sent me a replacement battery (RRP ~ £120).
Well the iPhone's a computer isn't it?
Heh :D
Joking aside though, I loved the demo of the curses interface :)
Well it's not unknown for governments to share a little financial data acquired through intelligence means with industry. I *think* the US has done it before, I'm really not sure though, just a vague memory.
Of course this is a one way deal, the US gov isn't offering a reciprocal arrangement.
Generally when non-mathematicians talk about something being 2D or 3D we're talking about spatial dimensions. :)
There was a stand up Battlezone unit at our local swimming pool when I was a kid, with the two forward/backard sticks, one for controlling each track. It kicked arse.
Nothing will beat my first game of the first Star Wars vector graphics cab, sit down version WITH SAMPLED SPEECH! It was quite loud too, quote the rush :D
Indeed. Though CSRF flaws are also dependent on you being logged into the vulnerable application at the time that you visit the compromised website (or that the application doesn't require any login but I'd be very surprised if that were the case here).
I'm guessing you saw the 'Green' in their name and just thought 'damn hippies'.
http://www.greenpeace.org.uk/about/how-we-work/scientific-research
Greenpeace aren't saying we can't use plastic, they're saying that companies can use less polluting materials and processes.
Electrical appliance waste is a serious problem, many of the materials used are extremely toxic and causing serious problems where they're dumped.
That's why Europe has the Waste Electrical and Electronic Equipment directive for example:
http://www.environment-agency.gov.uk/business/topics/waste/32084.aspx
Whinge moan :)
They decided to release early so people can have a go with it, give them a chance fs.
Thanks for the insults, but maybe you could actually read what I said?
I did say that it's *not* a market monopoly, which is what people get sued over, but it is a monopoly in terms of "exclusive possession or control of something" [OED].