Given administrator access, you can simply replace the windows logon screen. Just replace msgina.dll with your own concoction. Microsoft offers handy guides for this, and even the sourcecode to stock msgina.dll with MSDN, IIRC.
What's that supposed to mean? And why would one expect them to be interrupted?
On windows Ctrl-Alt-Del is the "Secure Attention Key". In theory, when you hit Ctrl-Alt-Del the only program that can respond to it should be the OS itself, making it safe to enter a password (to log on to the OS that is) after hitting Ctrl-Alt-Del, since you can be sure no login-simulators can hook into it.
Of course, Ctrl-Alt-Del does nothing to secure machines that have been tampered with on the system level, and does nothing to help secure web passwords.
Or to look at it another way; crappy firewall/proxy software does a crappy job at parsing pipelined HTTP and allows people to get at banned content or to have their caches poisoned. You wouldn't expect them to do a half-assed job, as it's their entire purpose in life to make sure malicious traffic doesn't occur, so the least they could do is strict parsing.
Webservers do a better job of parsing HTTP headers, and where they fail, it just results in an additional request that's interpreted as per usual, so no vulnerability there, they're just serving up content they're supposed to serve.
Re:Intel working on silicon laser to link cores
on
AMD Quad Cores, Oh My
·
· Score: 1
No, because AMD and Intel crosslicense their patents.
What? Not all of them silly.
Apparently, all except direct copies of intel chips and the cpu-bus, at least until 2011. They first cross-licensed across the board (except for the pentium design) in 1995 over anti-trust concerns.
Re:Intel working on silicon laser to link cores
on
AMD Quad Cores, Oh My
·
· Score: 4, Insightful
Question: will Intel's possession of si-lasers shut AMD out?
No, because AMD and Intel crosslicense their patents. Under the same agreement Intel gets to use AMD's AMD64 instruction set and call it EM64T.
I recently ditched a dual pentium-II for a AMD64 3000+.. and I miss the SMP machine. Why? Because if some stupid app was taking 100% CPU power, on the old machine that meant it was using 50% of my CPUs, and I had a whole nother CPU available for killing errant apps with.
Even gamers now do stuff like run skype side-by-side with their resource-hogging game.
Yes, you need multi-core, multi-processor, whatever.
Re:Rails, great for those fed up with J2EE.
on
Ajax On Rails
·
· Score: 1
I'm sure many developers like myself have a day job that probably involves J2EE. The first time I did the iniitial tutorials for Rails several weeks ago I was blown away. Connecting to a database is not susposed to be this easy.
Damn right! Databases all ought to be like Oracle, where even typing in a query is a hellish quest involving obscure replacements for DNS (tnsnames), client software that's incompatible when even a minor versionnumber changes, convoluted connectstrings and non-gui client tools (unless you shell out for toad). And a database should cost a thousands of dollars, require gigabytes of storage and memory, and the constant supervision of a DBA to make sure the thing doesn't explode!
Connecting to such complex high-tech databases should of course not be easy! If the database's license costs tens of thousands of dollars, there should be no objection to paying some J2EE guys to figure out how to do that within the space of a few weeks.
You all know who to thank for your job security, database geeks!
You are correct...it was solved. And the solution was to NOT have a paper trail and just trust the secret vote. There were NO mechanisms in place to determine whether there was ballot stuffing, fraud, or anything else we are talking about here.
No paper trail? No mechanisms? Could have fooled me, what with all the paper ballots, all the recounting, sealed ballot boxes, (international) observers, partisan and non-partisan oversight, doublechecking, stringent procedures.
You are only required to register for primary elections. By registering, you tell the gov't "I am going to vote in the primaries". You DO NOT tell them who you voted for.
Yes, because in no country in the history of the world ever has any one been persecuted by government for party affilition...
I'll put your name down as "doesn't give a rat's ass about secret ballots" then.
Anonymity - for voting - is VERY highly valued here in the USA. People don't like it when other's know who they voted for.
I probably should have pointed this out in my earlier post. But no, it's not taken seriously. I know of no other country that requires citizens to register with their State's Government in order to vote in parties' internal affairs - primaries.
In other countries, when you're registered to a political party, that means the political party concerned has your records and knows your affiliation, not the Government.
That's not to say elections shouldn't be secret, they should, but a large amount of people don't care.
Part of the issue is privacy. If you can take the paper trail and use it to say "you" voted for candidate X, then you have violated privacy for that person.
Part of me says "wait a minute, disassociating a physical ballot from a voter, isn't that a problem that has been solved a few thousand years ago, when the first secret ballots were cast in ancient Greece? Or was that Babylonia?".. But that part of me is just silly, I guess.
Printing to PDF does NOT dump a bitmap image into a PDF container. Try it.
Printing to PDF first prints using a postscript driver (driven bij Window's native GDI/EMF format), and then converts to PDF. This entire path is vector based, unless the printing application fucks up.
And yes, PDFCreator will embed fonts, be they truetype, type-1 or opentype, and even subset.
Also, if you DO want a bitmap, PDFCreator will print to JPG, PNG, etc.
Note that if you have an Oo.o document that uses transparancy, Oo.o's export to PDF function WILL rasterize transparant sections, while PDFCreator will retain vectors. PDFCreator will even add metadata, encryption and stuff like that.
Exporting directly to PDF will help in one area; if you're creating a file that isn't supposed to be in one of the standard paper size like Letter or A4. Also, it's faster than GDI->PS->PDF.
Right now, my NTFS filesystem is in a state such that XP can't boot from it (chkdsk/autochk says "Unrecoverable errors and it appears to have hit the HKLM registry hive). Running knoppix from a CD-R just fine. Browsing the web is much faster even! Detecting all my hardware is a lot faster than XP's install/recovery CD manages. Loading programs from CD takes a while, but other than that, it's great.
Oh, and the maxi-version will of course not be multi-CD, but single-DVD...
maybe it's just me, but i'm never putting physical addresses on ANY network map with any company i work for, especially maps that will be posted publicly.
I hear that the BBC even put great big 'BBC' logos on their offices! Imagine the risks! Think of the terrorists!
(On the other hand I suspect that unlike the BBC you've never been attacked by terrorists, so you might just be a bit paranoid).
You can't brute-force 10,000 combinations with a good hope of succeeding if you only get three tries. Even a 25 second wait after 3 incorrect PINs would make the attack last a full day.
Let's see, - the colors do not contrast - the colors aren't strong colors, like primary or tertiary colors, not do they evoke warmth (purples, reds) or a feeling of modernity (greys, blues, metal), rather they remind us of biological substances we'd rather avoid (urine, vomit) - colors that don't translate well to black/white, spot color or halftone - busy background - illegible font (also, not hinted, the letters aren't just anti-aliassed, it's as if they've been painted with water based paint on blotter paper. smudgy.) - unnecessary change of color for the lines - the lines themselves add nothing to the logo (especially with the busy background) - as an aside; the logo is actually more legible if you run it through a color-blindness simulator, which suggests the designer might be colorblind - tiny - not a scalable vector (it's a logo for a flash clone!!! well, like, duh!) - the name gplflash itself isn't ideal; only geeks have any notion of what the GPL is, other people won't remember the name. FreeFlash would be better, though a tonguetwister (say it out loud 10 times). - no personality. It's just a wacky font, 2 lines and a busy background. I bet the font wasn't designed by the logo 'designer' either.
Take a look at some BigAssCompany's websites.. IBM, Microsoft, BMW, McDonalds, Motorola, Exxon, etc. etc. Notice how their logos are legible? Don't have icky colors? Don't have busy backgrounds? Are vector-scaleable? Also work in monochrome?
Ok, Oracle uses a wacky font, I'll give you that. But at least they use a primary color. It burns away your eyes, but at least it stands out.
Now, there might be worse logos. I can think of one just like that.. "Goatse Retirement Homes".
But it's still a pretty darn bad logo. If you'd hand it in a class, you should get 0%.
Add to that antialiased fonts and you're in for a winner on the eyes.
A hinted font is much better - if the rounding down to pixels yield 1 pixel wide lines, you're golden. No need for smoothing.
I have a Dell laptop with 1900 x 1200 screen - which results in a hell of a lot of eyestrain, seeing as how damn small everything appears. Run it in a non-native (lower) resolution, and everything is blurry. That's no fun. Using (only) smoothed in stead of properly hinted fonts results in much the same - blurriness. Not good on your eyes at all. Of course, most system fonts on a windows or mac are pretty well-hinted (or fixed size); but Bitstream Vera is hell on screen.
Even if the MPAA/RIAA buys a law mandating the broadcast flag, I'm sure that some clever and enterprising individual will come up with a way to defeat it. Like for example, designing and building thier own HDTV demodulator that does not incorporate the broadcast flag and sharing the design.
Non-US HDTV equipment (Canadian, Mexican, etc.) will not have broadcast flag. The US version will differ only in (flashable) firmware. The manufacturers, not wanting to lose the poweruser market to grey imports, will make flashing the device very, very easy, though to cover their asses will make sure it can't be done legally (i.e. it would violate DMCA, but no-one would ever be able to find out about it).
Slashdot Mirror
Given administrator access, you can simply replace the windows logon screen. Just replace msgina.dll with your own concoction. Microsoft offers handy guides for this, and even the sourcecode to stock msgina.dll with MSDN, IIRC.
On windows Ctrl-Alt-Del is the "Secure Attention Key". In theory, when you hit Ctrl-Alt-Del the only program that can respond to it should be the OS itself, making it safe to enter a password (to log on to the OS that is) after hitting Ctrl-Alt-Del, since you can be sure no login-simulators can hook into it.
Of course, Ctrl-Alt-Del does nothing to secure machines that have been tampered with on the system level, and does nothing to help secure web passwords.
"Psst."
"Yeah?"
"Want one of these?"
"No."
"It's free!"
"Don't need it."
"I'll give you TWO! for free! costs you nothing!"
"It's a pointless piece of crap, I don't need it, nobody wants one, it sucks, get it away from me!!"
"Ok, ok, how about 500 thousand of these things? For only $0.30 a piece!"
"Wow! I'm a sucker for a bargain! Who thought a total piece of crap could be that cheap if you buy in bulk! Give me 2 million!"
Or to look at it another way;
crappy firewall/proxy software does a crappy job at parsing pipelined HTTP and allows people to get at banned content or to have their caches poisoned. You wouldn't expect them to do a half-assed job, as it's their entire purpose in life to make sure malicious traffic doesn't occur, so the least they could do is strict parsing.
Webservers do a better job of parsing HTTP headers, and where they fail, it just results in an additional request that's interpreted as per usual, so no vulnerability there, they're just serving up content they're supposed to serve.
.. it DIDN'T go "beep beep beep".
What? Not all of them silly.
Apparently, all except direct copies of intel chips and the cpu-bus, at least until 2011. They first cross-licensed across the board (except for the pentium design) in 1995 over anti-trust concerns.
No, because AMD and Intel crosslicense their patents. Under the same agreement Intel gets to use AMD's AMD64 instruction set and call it EM64T.
Even gamers now do stuff like run skype side-by-side with their resource-hogging game.
Yes, you need multi-core, multi-processor, whatever.
Damn right! Databases all ought to be like Oracle, where even typing in a query is a hellish quest involving obscure replacements for DNS (tnsnames), client software that's incompatible when even a minor versionnumber changes, convoluted connectstrings and non-gui client tools (unless you shell out for toad). And a database should cost a thousands of dollars, require gigabytes of storage and memory, and the constant supervision of a DBA to make sure the thing doesn't explode!
Connecting to such complex high-tech databases should of course not be easy! If the database's license costs tens of thousands of dollars, there should be no objection to paying some J2EE guys to figure out how to do that within the space of a few weeks.
You all know who to thank for your job security, database geeks!
"Simpsons dit it!"
While the episode aired in 1993, Pi to a million digits was published by the Gutenberg project on 1993-01-01.
No paper trail? No mechanisms? Could have fooled me, what with all the paper ballots, all the recounting, sealed ballot boxes, (international) observers, partisan and non-partisan oversight, doublechecking, stringent procedures.
Yes, because in no country in the history of the world ever has any one been persecuted by government for party affilition...
I'll put your name down as "doesn't give a rat's ass about secret ballots" then.
I probably should have pointed this out in my earlier post. But no, it's not taken seriously. I know of no other country that requires citizens to register with their State's Government in order to vote in parties' internal affairs - primaries.
In other countries, when you're registered to a political party, that means the political party concerned has your records and knows your affiliation, not the Government.
That's not to say elections shouldn't be secret, they should, but a large amount of people don't care.
Part of the issue is privacy. If you can take the paper trail and use it to say "you" voted for candidate X, then you have violated privacy for that person.
Part of me says "wait a minute, disassociating a physical ballot from a voter, isn't that a problem that has been solved a few thousand years ago, when the first secret ballots were cast in ancient Greece? Or was that Babylonia?".. But that part of me is just silly, I guess.
And yes, PDFCreator will embed fonts, be they truetype, type-1 or opentype, and even subset.
Also, if you DO want a bitmap, PDFCreator will print to JPG, PNG, etc.
Note that if you have an Oo.o document that uses transparancy, Oo.o's export to PDF function WILL rasterize transparant sections, while PDFCreator will retain vectors. PDFCreator will even add metadata, encryption and stuff like that.
Exporting directly to PDF will help in one area; if you're creating a file that isn't supposed to be in one of the standard paper size like Letter or A4. Also, it's faster than GDI->PS->PDF.
Any windows application can export to PDF via the miracle of PDFCreator.
Not as fast as an Oo.o export to PDF, but export to PDF is hardly a world-shattering feature.
Right now, my NTFS filesystem is in a state such that XP can't boot from it (chkdsk/autochk says "Unrecoverable errors and it appears to have hit the HKLM registry hive). Running knoppix from a CD-R just fine. Browsing the web is much faster even! Detecting all my hardware is a lot faster than XP's install/recovery CD manages.
Loading programs from CD takes a while, but other than that, it's great.
Oh, and the maxi-version will of course not be multi-CD, but single-DVD...
maybe it's just me, but i'm never putting physical addresses on ANY network map with any company i work for, especially maps that will be posted publicly.
I hear that the BBC even put great big 'BBC' logos on their offices! Imagine the risks! Think of the terrorists!
(On the other hand I suspect that unlike the BBC you've never been attacked by terrorists, so you might just be a bit paranoid).
You can't brute-force 10,000 combinations with a good hope of succeeding if you only get three tries. Even a 25 second wait after 3 incorrect PINs would make the attack last a full day.
Let's see,
- the colors do not contrast
- the colors aren't strong colors, like primary or tertiary colors, not do they evoke warmth (purples, reds) or a feeling of modernity (greys, blues, metal), rather they remind us of biological substances we'd rather avoid (urine, vomit)
- colors that don't translate well to black/white, spot color or halftone
- busy background
- illegible font (also, not hinted, the letters aren't just anti-aliassed, it's as if they've been painted with water based paint on blotter paper. smudgy.)
- unnecessary change of color for the lines
- the lines themselves add nothing to the logo (especially with the busy background)
- as an aside; the logo is actually more legible if you run it through a color-blindness simulator, which suggests the designer might be colorblind
- tiny
- not a scalable vector (it's a logo for a flash clone!!! well, like, duh!)
- the name gplflash itself isn't ideal; only geeks have any notion of what the GPL is, other people won't remember the name. FreeFlash would be better, though a tonguetwister (say it out loud 10 times).
- no personality. It's just a wacky font, 2 lines and a busy background. I bet the font wasn't designed by the logo 'designer' either.
Take a look at some BigAssCompany's websites.. IBM, Microsoft, BMW, McDonalds, Motorola, Exxon, etc. etc. Notice how their logos are legible? Don't have icky colors? Don't have busy backgrounds? Are vector-scaleable? Also work in monochrome?
Ok, Oracle uses a wacky font, I'll give you that. But at least they use a primary color. It burns away your eyes, but at least it stands out.
Now, there might be worse logos. I can think of one just like that.. "Goatse Retirement Homes".
But it's still a pretty darn bad logo. If you'd
hand it in a class, you should get 0%.
Add to that antialiased fonts and you're in for a winner on the eyes.
A hinted font is much better - if the rounding down to pixels yield 1 pixel wide lines, you're golden. No need for smoothing.
I have a Dell laptop with 1900 x 1200 screen - which results in a hell of a lot of eyestrain, seeing as how damn small everything appears. Run it in a non-native (lower) resolution, and everything is blurry. That's no fun. Using (only) smoothed in stead of properly hinted fonts results in much the same - blurriness. Not good on your eyes at all. Of course, most system fonts on a windows or mac are pretty well-hinted (or fixed size); but Bitstream Vera is hell on screen.
Also, have you seen how big the antenna on a GPS receiver needs to be? Not an ideal piece of electronics to cram into your girlfriend's thong.
Even if the MPAA/RIAA buys a law mandating the broadcast flag, I'm sure that some clever and enterprising individual will come up with a way to defeat it. Like for example, designing and building thier own HDTV demodulator that does not incorporate the broadcast flag and sharing the design.
Non-US HDTV equipment (Canadian, Mexican, etc.) will not have broadcast flag. The US version will differ only in (flashable) firmware. The manufacturers, not wanting to lose the poweruser market to grey imports, will make flashing the device very, very easy, though to cover their asses will make sure it can't be done legally (i.e. it would violate DMCA, but no-one would ever be able to find out about it).
No program that accepts input is safe. /dev/null is holding up fine.