Whoa WHOA WHOAAAA! Defender was a great game. I'd go so far as to say it was the best "port" on the 2600,
Survey says? No. You may be thinking of Stargate (aka Defender II), not Defender. Unless you really thought that having your spaceship disappear every time you fired to save the nameless city (WTF?) from UFOs was a good port of the arcade.
Pac-Man was pretty horrible in terms of graphics, but it had great gameplay, which is why we remember it with enjoyment. Sure, it's no match for the arcade version. But it's decent.
No, no it wasn't. It was an amazingly terrible port that kids played because they were so excited about having any sort of Pacman at home. If you actually pulled out your 2600 today and played it again, you would be shocked at how bad it was. The ghosts were headache inducing, the colors were outright ugly (not to mention unnecessary), the maze was poorly laid out, and Pacman couldn't even be bothered to turn his head when he moved up or down! (None of this is surprising once you realize that Tod Frye hated Pacman. He did a decent job for the tight timetable, but it was never going to be a very good port.)
Now if you've tried Ms. Pacman or Pacman Jr. for the 2600, those were good ports. They even fixed the God-aweful colors in Pacman Jr. to be less like 2600 Pacman and more like the Pacman Jr. arcade.
Your ship may have disappeared when you fired, but the 2600 was an enormously limited system and it's not like you didn't know where you were (At the beginning of the laser beam, natch.)
I know all about its limitations. I have actually written a game for it. (Depending on how things go, you might actually see it published as a homebrew one day.) It was a limited system, but the programmers knew how to work around those limitations. Most of the tricks developed for the system were developed before it was even released.
The problem was that Atari constantly short-changed their programmers. They wanted arcade ports done quickly with no real eye toward quality. They regularly pushed them for one more title to sell to the masses. Sometimes the programmers managed to do good work in that environment, sometimes they didn't. Many of the good ones simply left to work for Activision. So Atari kept hiring new programmers and churning out sub-standard games.
Again, it's the perception goggles. Take them off and look objectively. You'll find that Atari really did produce a lot of stinkers, and that E.T. was nowhere near the worst.
Bullshit. I happen to be one of the few people around here that cares about the truth. And the truth is that this story (and many others) are overblown non-events.
Of course the FA says documents will be public and the results and all that, but the point of the FA and the point of this discussion for that matter is why go through the trouble of making all that public if you're going to keep the public out of it.
Because it's a meeting of minds, not a public event. It simply isn't a secret event. I don't see why that's so difficult to understand.
Lets say you and I attend the event. We talk about a great way of solving the problem of filing taxes electronically. (To pull an example out of thin air.) In some conferences, this information would be confidential to the attendees. In this case, you and I could talk to the public about our ideas and possibly get feedback.
Weitzner, a lawyer and Washington insider before moving to the W3C, said making an event discussing government transparency less transparent was necessary because government officials could then speak more freely "without wondering how the press would interpret what they have to say."
And that pretty much sums up the entire event. As the invitations said, only the results of the event will be public. Thus the reporter in question is proving Weitzner's point by twisting the words to create this story.
Position papers received for the Workshop will be posted publicly on the Web. In addition, a final document summarizing the outcome of the Workshop and the suggested future actions, will be posted publicly. Conversations and results are public.
TFA quotes part of that and says, "SEE? SEE? It's a PUBLIC event!" No, it's an event about the public that will have its results published to the public. Nowhere does it say that the event is open to the public.
Sorry, there's no story here. Just lame reporters trying to make one.
That's just an urban legend. There were 4 million cartridges made (which was a LOT of cartridges) but only 1.5 million sold. The legend stems from the previous Pacman game which had 12 million cartridges made when there were only 10 million Atari 2600s on the market. Atari obviously expected that demand for Pacman would sell a great deal more 2600s.
Instead, Atari sold about 7 million Pacmans and wrote off the other 5 million as a loss. Kind of stupid when you consider that 7 million units made it one of the best-selling 2600 games of all time.
As it so happens, I have compared it to other games of its day. In fact, I have a light sixer 2600 and a 7800 to play E.T. on. I played it not all that long ago, and it's nowhere near as bad as people remember it being. In fact, it was amazingly advanced for its time. (Especially given the five week development cycle!)
The problem is that everyone is remembering the game through the goggles of time rather than an objective evaluation. Objectively, it was nowhere near the worst game. Just take a look at Pacman or Defender for a much better example of a cruddy game. (Strangely, people have fond memories of those games!)
Can you really say that E.T. was worse? I mean, your ship friggin' disappeared when you fired in Defender! How much worse can you get?
Howard Scott Warshaw has expressed a complete lack of regret for the work he did on E.T. He's even gone as far as to say he's proud of the work he did. Having actually played the game in recent history, I'd have to agree with him. He did a good job with what he was given. No one else could have even come close to the title he put out in that time.
I know it's the game that everyone loves to hate, but E.T. wasn't *that* bad. If it had had more playtesting (primarily to expose the issues with constantly falling in holes you didn't want to fall into), we wouldn't be having this conversation today. But in Atari's infinite wisdom, they only gave HSW five weeks of development time in order to meet the Christmas holiday.
What's even more amazing is that some exec in Atari changed the order size for the game to an incredible 4 million units! They were so sure that it was going to be an instant hit that they effectively bet the farm on a game done in only 5 weeks.
Brilliant, wasn't it?
The coup de grace came from Intellivision with these commercials starring Henry Thomas:
As the article mentions, 18 Wheeler wasn't that bad of a game in the arcade. It was more or less a novelty "truck-driving simulator". Which I personally think it didn't do too bad at. The only real problem there was that it was ported to home consoles. I mean, I know Sega was desparate for Dreamcast games, but seriously! Novelty games don't translate. Period.
Even Hydro Thunder (which *wasn't* a novelty game) lost a LOT in its transition to the Dreamcast. The final game was very similar to the arcade, but felt lame without the engine rumble and bass feedback. All the rush of the arcade was lost through that, and Sega made very little attempt to find a replacement for that feedback.
My esteemed and learned colleagues, who is the fanboy in this frame of reference? The nebulous "Nintendo fanboys" of which the anonymous poster speaks, or the poster himself trying to fanatically put down an entire group? Certainly, there does not seem to be any of these "Nintendo fanboys" present to defend themselves. Yet the AC is contributing to the general impression of "fanboyism" (if you'll forgive the term) against this defenseless party. He even lacks so much as a single reference to the supposed abuses of this supposed Nintendo elite.
This raises the question: Does this incredible group he refers to even exist? Is it possible that such fanaticism is an invention of the AC, designed to cast doubt on the logic of others? After all, we only have his word that said group is so fanatical. He apparently expects that word to be taken on face value. Yet why should anyone? He's responded to no one with an answer to a question no one asked, has no identity to trace, and has produced no references. As arguments go, he hasn't even posited a logical foundation. Merely hearsay disguised as an argument.
So I ask again. Who should we be questioning: A group of alleged fanatics that has not been demonstrated to exist, or a nameless argument with no logic, credibility, or references?
Apologies for responding to a Slashdot troll, but it's amazingly on topic for a change.:)
When someone uses the term "fanboy", it tends to conjure up an image of someone who is so fanatical in their support that they ignore all logic and reality in pursuit of ensuring that their company is the one that wins "the war". (Whatever that may be.) As such, it tends to be a rather derogatory term used to discount someone from a discussion because their fanaticism makes their opinion useless.
Unfortunately, there's a growing trend of abuse in relation to the term. More and more I'm hearing *real* fanboys preemptively use the term to discount others. For example, any true fan of a game system should be willing to acknowledge its faults as well as its strengths. I very much enjoy my Nintendo Wii, but I know that its low cost came at the expense of raw horsepower. That doesn't bother me. Similarly, PS3 fans should be willing to acknowledge that their system is incredibly expensive (in comparison to the rest of the market) and that there is a fairly small game library at the moment.
Yet what I regularly hear is the PS3 fanboys jump in and yell, "Anyone who likes the Wii is a Nintendo fanboy! After all, how could you not like a $600 Bluray player! The game system is FREE!" Or something to that effect, anyway.;)
This constitutes an outright abuse of the term. Now I'll admit that it doesn't help the situation that many Wii fans (and even worse: fanboys) don't like Sony or their business practices. So they tend to cheer on any difficulties that the company may be having. (I'll even admit to this myself. I don't want Sony around if they're going to install rootkits, shut down distributors, sell exploding parts, ignore customer service, or the billion other anti-consumer things they've done of late.) That still doesn't justify the abuse.
Similarly, a lot of Windows users are simply familiar with what they are used to. So they're not so much as fanatical themselves, they're just highly resistant to solid logic that's often used by the Mac community. They're also quite used to the Mac users of yore, who were very much fanboys. (I'm sorry, Mac OS 8 was NOT that great of an OS.) So they also abuse the term in an attempt to get people to stop pestering them about how much better the Mac is. They're comfortable, so they don't want to be bothered. Sometimes they even become a sort of inverse fanboy in that they hang onto ever possible wrong they see with the opposition. (Case in point: Java is slow.) Never mind if it's still true or not. It was once at least sort of true, so that's good enough.
So next time you think of using the term "fanboy", think for a moment. You may be abusing the term and making yourself look bad at the same time.
Talking to another person in the car, eating french fries, etc, is at least if not more distracting.
I can't speak to eating french fries, but I do know why speaking to a passenger isn't as dangerous. The passenger is in the car with you can see things going on just as well as you can. So they're less likely to speak at inopportune times. They also tend to keep their own eyes on the road while speaking, so they can alert you if they see a danger that you don't.
That was my first thought as well, but in that case it would have been "Funny" not "Informative". Unless the mods really believe that the ISS uses Windows for its critical systems. (And before anyone posts links, the astronauts' laptops are independent of the ISS's navigational computers. According to the various articles on this incident, the navcomps run Russian-made software.)
Think of it this way, if you where in the hospital on life support would you want the latest tech or something that powers a cell phone now adays?
???
I'd take something that powers a cellphone myself. As would many doctors and technicians. Sometimes thorough testing and reliability are more important than cutting edge features and performance.
Now THAT'S funny. I have no idea what's up with the mods lately, but they've been acting incredibly random at times.
I should probably keep that in mind for now. I was looking at your post and trying to figure out exactly which Lexington you were talking about. The last USS Lexington I'm aware of was an old Essex-class WWII carrier that was decommissioned in 1991. (Named in honor of the first operational carrier in the US Fleet; valiantly lost in the Battle of the Coral Sea.) Given the age of the carrier, I was doubting that she had any computers running her primary systems.
I figured that everyone else must know something I didn't since you getting modded up!:P
In the worst-case scenario, NASA said the ISS crew members -- two Russians and an American -- may be evacuated from the station.
...when having an overly spacious craft can come in handy. Should an evacuation be necessary, at least we know the Shuttle can carry them all.
Of course, if we launched enough smaller ships to where we had multiple birds in the air at any given time, space for evacuation wouldn't be a problem. Just catch the next transport.
Which reminds me, did NASA ever get around to installing the emergency escape craft? I know it was supposed to be a stripped-down capsule, but I don't remember if they just decided to keep something docked at all times instead.
Not up! As I said above, I was wrong. Mods, please oblivionate the message to -1 Overrated. Obviously, I shouldn't comment without caffeine in my veins.:P
Is there a similar way to insulate yourself against XSS so we can just go back to writing code that doesn't suck?
It would help if we stopped generating web pages as if they were text. Code like "" represents a recipe for disaster.
Dynamically creating the DOM on the server side would be a great start. Just build up the model in memory (much like you use prepared statements for SQL), then write it out to the client when you're done. That would eliminate a good chunk of XSS vulnerabilities right there. Even though someone could still submit "<script src="http://evil.com">" to you, it can't hurt you if it's output as "<script src="http://evil.com">".
Actually, I take that back. You were right, and I apologize. I misread the page. This actually injects an HTML/javascript snippet that steals the cookie. Completely my bad. Go ahead and mod me down.
To get rid of XSS you need to get rid of the injection agent. Which is HTML. Period
You're as bad as the commenter. HTML doesn't fall into this particular problem at all. The problem is with the HTTP protocol and how it gets abused. Specifically, the article is talking about Yahoo using url rewriting to store the session id rather than a session cookie. Since the session is attached to the token in the URL, an attacker would have no problem getting access to your account from the referring URL.
This attack exists regardless of if you're using HTML or some other hyperlinked document. As long as the browser passes the referring URL, you're screwed. Which in the end is Yahoo's fault for forcing url rewriting.
That being said, this *cough* advisory is on a blog called "Net Cooties" that places Paris Hilton behind "penis-painted bars". I'm not sure how far I trust the information they're handing out.
The problem is that good tech support is costly. In order to provide it, you need to pass the cost onto the customer. Customers will compare your computer to a Dell and purchase the Dell for its mildly lower cost.
FWIW, I've always thought it would be neat to find ways of improving computer packages up front rather than relying on tech support calls. For example, POD (Print On Demand) is getting advanced enough to where you could literally print a custom manual for each computer that ships. Thus the manual can exclude features that don't apply to the hardware configuration, display the EXACT memory, disk size, file system format, video card manufacturer, motherboard manufacturer, CPU, speed, etc., and give precise instructions on how to operate each piece of bundled software.
With any luck, this would do wonders to reduce the number of support calls. Even better, it would allow for a company to more cost-effectively pre-install alternative OSes like Linux, FreeBSD, or Solaris as the instruction manual could be tailored to the requested configuration. No more (or at least fewer) support calls on, "How do I do install software?" or "I can't figure out how to switch between booting Windows and Linux." Such items would be listed in the manual. At the very least the support staff could quickly refer the user back to their manual rather than diagnosing their computer's configuration. (It would be even better is said staff had a PDF copy on hand.)
Even Walmart "boxed" computers would benefit from this as the manuals would reflect that configuration rather than mentioning features that exist in the model you didn't buy. (Anyone else get annoyed when their car manual says "if equipped"? It's that much more fun when your TV Capture Card manual discusses all the features you don't have with nothing more than "TV Card 2000" vs. "TV Card 2000 Deluxe" to clue you in to whether it applies to you or not.)
Of course, I'm assuming a lot to think that users would read their manuals. Still, it could be an interesting selling point. Especially if it was advertised correctly.
you can do some approach like ssl: use your peer public key to encrypt the symmetric secret and then use the symmetric key for encrypting the stream.
That's more or less the method I advocated in this post.
But this approach in the context of p2p means that you need to publish your public key to "everybody" out there. the isp then can simply pick up your key (the same way than your peer) and trace you back, shut you down or sue you, or else.
You're missing the concept. You wouldn't use the same keys across the net. You'd generate a keyset for each connection, and then use that keyset to keep the connection secret. As long as your peer doesn't rat you out, AT&T will have no way of decrypting the conversations between you.
AT&T could try a man-in-the-middle attack, but that won't work for a lot of P2P applications. BitTorrent, for example, can connect to a wide variety of hosts and ports depending on the information in the *.torrent file. (Which you can always obtain over an HTTPS connection.) Since AT&T doesn't know what host will be your peer, they'll have much greater difficulty implementing man-in-the-middle attacks.
They'd actually have to check each and every connection for a possible encryption initiation to implement the attack. And that won't work very well if P2P networks start implementing a variety of new initiation protocols. It would be a complete arms race with AT&T always lagging behind.
for me a much more realistic approach is to tunnel everything through port 80
I think you underestimate how easy it is to detect tunneling. "Standard" HTTP requests are in a very strict format. With a bit of Bayesian logic, they could recognize just about any tunneling mechanism and capture it for reverse engineering. It's much better to encrypt the traffic over the tunnel as that way AT&T won't be able to intercept the traffic.
Remember judges and lawyers don't always understand technology.
I remember. What I'm saying comes from TFA (which nobody bothered to read) so the judge obviously understands enough to concoct this wacky legal construction.
Slashdot Mirror
Survey says? No. You may be thinking of Stargate (aka Defender II), not Defender. Unless you really thought that having your spaceship disappear every time you fired to save the nameless city (WTF?) from UFOs was a good port of the arcade.
No, no it wasn't. It was an amazingly terrible port that kids played because they were so excited about having any sort of Pacman at home. If you actually pulled out your 2600 today and played it again, you would be shocked at how bad it was. The ghosts were headache inducing, the colors were outright ugly (not to mention unnecessary), the maze was poorly laid out, and Pacman couldn't even be bothered to turn his head when he moved up or down! (None of this is surprising once you realize that Tod Frye hated Pacman. He did a decent job for the tight timetable, but it was never going to be a very good port.)
Now if you've tried Ms. Pacman or Pacman Jr. for the 2600, those were good ports. They even fixed the God-aweful colors in Pacman Jr. to be less like 2600 Pacman and more like the Pacman Jr. arcade.
I know all about its limitations. I have actually written a game for it. (Depending on how things go, you might actually see it published as a homebrew one day.) It was a limited system, but the programmers knew how to work around those limitations. Most of the tricks developed for the system were developed before it was even released.
The problem was that Atari constantly short-changed their programmers. They wanted arcade ports done quickly with no real eye toward quality. They regularly pushed them for one more title to sell to the masses. Sometimes the programmers managed to do good work in that environment, sometimes they didn't. Many of the good ones simply left to work for Activision. So Atari kept hiring new programmers and churning out sub-standard games.
Again, it's the perception goggles. Take them off and look objectively. You'll find that Atari really did produce a lot of stinkers, and that E.T. was nowhere near the worst.
Bullshit. I happen to be one of the few people around here that cares about the truth. And the truth is that this story (and many others) are overblown non-events.
Because it's a meeting of minds, not a public event. It simply isn't a secret event. I don't see why that's so difficult to understand.
Lets say you and I attend the event. We talk about a great way of solving the problem of filing taxes electronically. (To pull an example out of thin air.) In some conferences, this information would be confidential to the attendees. In this case, you and I could talk to the public about our ideas and possibly get feedback.
Why is that difficult to understand?
And that pretty much sums up the entire event. As the invitations said, only the results of the event will be public. Thus the reporter in question is proving Weitzner's point by twisting the words to create this story.
Here's what the W3C page says:
TFA quotes part of that and says, "SEE? SEE? It's a PUBLIC event!" No, it's an event about the public that will have its results published to the public. Nowhere does it say that the event is open to the public.
Sorry, there's no story here. Just lame reporters trying to make one.
That's just an urban legend. There were 4 million cartridges made (which was a LOT of cartridges) but only 1.5 million sold. The legend stems from the previous Pacman game which had 12 million cartridges made when there were only 10 million Atari 2600s on the market. Atari obviously expected that demand for Pacman would sell a great deal more 2600s.
Instead, Atari sold about 7 million Pacmans and wrote off the other 5 million as a loss. Kind of stupid when you consider that 7 million units made it one of the best-selling 2600 games of all time.
As it so happens, I have compared it to other games of its day. In fact, I have a light sixer 2600 and a 7800 to play E.T. on. I played it not all that long ago, and it's nowhere near as bad as people remember it being. In fact, it was amazingly advanced for its time. (Especially given the five week development cycle!)
The problem is that everyone is remembering the game through the goggles of time rather than an objective evaluation. Objectively, it was nowhere near the worst game. Just take a look at Pacman or Defender for a much better example of a cruddy game. (Strangely, people have fond memories of those games!)
Try watching this video:
http://www.youtube.com/watch?v=r-pzdPLfy9Y
Now tell me, does it really look as bad as you remember it?
Try watching these videos now:
http://www.youtube.com/watch?v=0zwIoJuUsvM
http://www.youtube.com/watch?v=PrLS2S0Cp8U
Can you really say that E.T. was worse? I mean, your ship friggin' disappeared when you fired in Defender! How much worse can you get?
Howard Scott Warshaw has expressed a complete lack of regret for the work he did on E.T. He's even gone as far as to say he's proud of the work he did. Having actually played the game in recent history, I'd have to agree with him. He did a good job with what he was given. No one else could have even come close to the title he put out in that time.
I know it's the game that everyone loves to hate, but E.T. wasn't *that* bad. If it had had more playtesting (primarily to expose the issues with constantly falling in holes you didn't want to fall into), we wouldn't be having this conversation today. But in Atari's infinite wisdom, they only gave HSW five weeks of development time in order to meet the Christmas holiday.
What's even more amazing is that some exec in Atari changed the order size for the game to an incredible 4 million units! They were so sure that it was going to be an instant hit that they effectively bet the farm on a game done in only 5 weeks.
Brilliant, wasn't it?
The coup de grace came from Intellivision with these commercials starring Henry Thomas:
http://www.youtube.com/watch?v=KsmIma0ZQtQ
http://www.youtube.com/watch?v=o3xqu4VrwsU
http://www.youtube.com/watch?v=2mPERZhkboc
http://www.youtube.com/watch?v=xOOvMi7Wzqo
Of course, Intellivision didn't realize that assisting in Atari's demise was assisting in their own demise. Whoops.
"WE'RE CLOSED NOW!"
Too easy.
As the article mentions, 18 Wheeler wasn't that bad of a game in the arcade. It was more or less a novelty
"truck-driving simulator". Which I personally think it didn't do too bad at. The only real problem there was that it was ported to home consoles. I mean, I know Sega was desparate for Dreamcast games, but seriously! Novelty games don't translate. Period.
Even Hydro Thunder (which *wasn't* a novelty game) lost a LOT in its transition to the Dreamcast. The final game was very similar to the arcade, but felt lame without the engine rumble and bass feedback. All the rush of the arcade was lost through that, and Sega made very little attempt to find a replacement for that feedback.
Case in point
My esteemed and learned colleagues, who is the fanboy in this frame of reference? The nebulous "Nintendo fanboys" of which the anonymous poster speaks, or the poster himself trying to fanatically put down an entire group? Certainly, there does not seem to be any of these "Nintendo fanboys" present to defend themselves. Yet the AC is contributing to the general impression of "fanboyism" (if you'll forgive the term) against this defenseless party. He even lacks so much as a single reference to the supposed abuses of this supposed Nintendo elite.
This raises the question: Does this incredible group he refers to even exist? Is it possible that such fanaticism is an invention of the AC, designed to cast doubt on the logic of others? After all, we only have his word that said group is so fanatical. He apparently expects that word to be taken on face value. Yet why should anyone? He's responded to no one with an answer to a question no one asked, has no identity to trace, and has produced no references. As arguments go, he hasn't even posited a logical foundation. Merely hearsay disguised as an argument.
So I ask again. Who should we be questioning: A group of alleged fanatics that has not been demonstrated to exist, or a nameless argument with no logic, credibility, or references?
Apologies for responding to a Slashdot troll, but it's amazingly on topic for a change.
When someone uses the term "fanboy", it tends to conjure up an image of someone who is so fanatical in their support that they ignore all logic and reality in pursuit of ensuring that their company is the one that wins "the war". (Whatever that may be.) As such, it tends to be a rather derogatory term used to discount someone from a discussion because their fanaticism makes their opinion useless.
;)
Unfortunately, there's a growing trend of abuse in relation to the term. More and more I'm hearing *real* fanboys preemptively use the term to discount others. For example, any true fan of a game system should be willing to acknowledge its faults as well as its strengths. I very much enjoy my Nintendo Wii, but I know that its low cost came at the expense of raw horsepower. That doesn't bother me. Similarly, PS3 fans should be willing to acknowledge that their system is incredibly expensive (in comparison to the rest of the market) and that there is a fairly small game library at the moment.
Yet what I regularly hear is the PS3 fanboys jump in and yell, "Anyone who likes the Wii is a Nintendo fanboy! After all, how could you not like a $600 Bluray player! The game system is FREE!" Or something to that effect, anyway.
This constitutes an outright abuse of the term. Now I'll admit that it doesn't help the situation that many Wii fans (and even worse: fanboys) don't like Sony or their business practices. So they tend to cheer on any difficulties that the company may be having. (I'll even admit to this myself. I don't want Sony around if they're going to install rootkits, shut down distributors, sell exploding parts, ignore customer service, or the billion other anti-consumer things they've done of late.) That still doesn't justify the abuse.
Similarly, a lot of Windows users are simply familiar with what they are used to. So they're not so much as fanatical themselves, they're just highly resistant to solid logic that's often used by the Mac community. They're also quite used to the Mac users of yore, who were very much fanboys. (I'm sorry, Mac OS 8 was NOT that great of an OS.) So they also abuse the term in an attempt to get people to stop pestering them about how much better the Mac is. They're comfortable, so they don't want to be bothered. Sometimes they even become a sort of inverse fanboy in that they hang onto ever possible wrong they see with the opposition. (Case in point: Java is slow.) Never mind if it's still true or not. It was once at least sort of true, so that's good enough.
So next time you think of using the term "fanboy", think for a moment. You may be abusing the term and making yourself look bad at the same time.
I can't speak to eating french fries, but I do know why speaking to a passenger isn't as dangerous. The passenger is in the car with you can see things going on just as well as you can. So they're less likely to speak at inopportune times. They also tend to keep their own eyes on the road while speaking, so they can alert you if they see a danger that you don't.
QNX?
Do you even have a meta-moderation link? Mine disappeared with the emergence of the firehose feature.
That was my first thought as well, but in that case it would have been "Funny" not "Informative". Unless the mods really believe that the ISS uses Windows for its critical systems. (And before anyone posts links, the astronauts' laptops are independent of the ISS's navigational computers. According to the various articles on this incident, the navcomps run Russian-made software.)
???
I'd take something that powers a cellphone myself. As would many doctors and technicians. Sometimes thorough testing and reliability are more important than cutting edge features and performance.
IBM AP-101 for the win!
Now THAT'S funny. I have no idea what's up with the mods lately, but they've been acting incredibly random at times.
:P
I should probably keep that in mind for now. I was looking at your post and trying to figure out exactly which Lexington you were talking about. The last USS Lexington I'm aware of was an old Essex-class WWII carrier that was decommissioned in 1991. (Named in honor of the first operational carrier in the US Fleet; valiantly lost in the Battle of the Coral Sea.) Given the age of the carrier, I was doubting that she had any computers running her primary systems.
I figured that everyone else must know something I didn't since you getting modded up!
Of course, if we launched enough smaller ships to where we had multiple birds in the air at any given time, space for evacuation wouldn't be a problem. Just catch the next transport.
Which reminds me, did NASA ever get around to installing the emergency escape craft? I know it was supposed to be a stripped-down capsule, but I don't remember if they just decided to keep something docked at all times instead.
Not up! As I said above, I was wrong. Mods, please oblivionate the message to -1 Overrated. Obviously, I shouldn't comment without caffeine in my veins. :P
Doh! That's supposed to say: Code like "<%=mytext%>" represents a recipe for disaster.
:-/
I'm off to get some coffee. I'm obviously not doing so well without it.
It would help if we stopped generating web pages as if they were text. Code like "" represents a recipe for disaster.
Dynamically creating the DOM on the server side would be a great start. Just build up the model in memory (much like you use prepared statements for SQL), then write it out to the client when you're done. That would eliminate a good chunk of XSS vulnerabilities right there. Even though someone could still submit "<script src="http://evil.com">" to you, it can't hurt you if it's output as "<script src="http://evil.com">".
Actually, I take that back. You were right, and I apologize. I misread the page. This actually injects an HTML/javascript snippet that steals the cookie. Completely my bad. Go ahead and mod me down.
You're as bad as the commenter. HTML doesn't fall into this particular problem at all. The problem is with the HTTP protocol and how it gets abused. Specifically, the article is talking about Yahoo using url rewriting to store the session id rather than a session cookie. Since the session is attached to the token in the URL, an attacker would have no problem getting access to your account from the referring URL.
This attack exists regardless of if you're using HTML or some other hyperlinked document. As long as the browser passes the referring URL, you're screwed. Which in the end is Yahoo's fault for forcing url rewriting.
That being said, this *cough* advisory is on a blog called "Net Cooties" that places Paris Hilton behind "penis-painted bars". I'm not sure how far I trust the information they're handing out.
The problem is that good tech support is costly. In order to provide it, you need to pass the cost onto the customer. Customers will compare your computer to a Dell and purchase the Dell for its mildly lower cost.
FWIW, I've always thought it would be neat to find ways of improving computer packages up front rather than relying on tech support calls. For example, POD (Print On Demand) is getting advanced enough to where you could literally print a custom manual for each computer that ships. Thus the manual can exclude features that don't apply to the hardware configuration, display the EXACT memory, disk size, file system format, video card manufacturer, motherboard manufacturer, CPU, speed, etc., and give precise instructions on how to operate each piece of bundled software.
With any luck, this would do wonders to reduce the number of support calls. Even better, it would allow for a company to more cost-effectively pre-install alternative OSes like Linux, FreeBSD, or Solaris as the instruction manual could be tailored to the requested configuration. No more (or at least fewer) support calls on, "How do I do install software?" or "I can't figure out how to switch between booting Windows and Linux." Such items would be listed in the manual. At the very least the support staff could quickly refer the user back to their manual rather than diagnosing their computer's configuration. (It would be even better is said staff had a PDF copy on hand.)
Even Walmart "boxed" computers would benefit from this as the manuals would reflect that configuration rather than mentioning features that exist in the model you didn't buy. (Anyone else get annoyed when their car manual says "if equipped"? It's that much more fun when your TV Capture Card manual discusses all the features you don't have with nothing more than "TV Card 2000" vs. "TV Card 2000 Deluxe" to clue you in to whether it applies to you or not.)
Of course, I'm assuming a lot to think that users would read their manuals. Still, it could be an interesting selling point. Especially if it was advertised correctly.
That's more or less the method I advocated in this post.
You're missing the concept. You wouldn't use the same keys across the net. You'd generate a keyset for each connection, and then use that keyset to keep the connection secret. As long as your peer doesn't rat you out, AT&T will have no way of decrypting the conversations between you.
AT&T could try a man-in-the-middle attack, but that won't work for a lot of P2P applications. BitTorrent, for example, can connect to a wide variety of hosts and ports depending on the information in the *.torrent file. (Which you can always obtain over an HTTPS connection.) Since AT&T doesn't know what host will be your peer, they'll have much greater difficulty implementing man-in-the-middle attacks.
They'd actually have to check each and every connection for a possible encryption initiation to implement the attack. And that won't work very well if P2P networks start implementing a variety of new initiation protocols. It would be a complete arms race with AT&T always lagging behind.
I think you underestimate how easy it is to detect tunneling. "Standard" HTTP requests are in a very strict format. With a bit of Bayesian logic, they could recognize just about any tunneling mechanism and capture it for reverse engineering. It's much better to encrypt the traffic over the tunnel as that way AT&T won't be able to intercept the traffic.
I remember. What I'm saying comes from TFA (which nobody bothered to read) so the judge obviously understands enough to concoct this wacky legal construction.