Mac OS X has ACLs now. This means that Apple could set up the system to prevent or allow certain types of access on a file-by-file basis. All of this, if done correctly, could certainly increase the security of a system.
Windows has ACLs too. Solaris has them. Linux has them if you'd like. ACLs per se do NOT prevent individual programs running with a certain user's credentials from accessing the user's other files.
It's what you do with ACLs.
The scheme I describe whereby you'd give programs access only to the files they've created could be implemented using Bell-Lapadula (ugo) permissions as well.
However, the concept of capabilities is really what you'd be spoofing. That's the concept whereby programs do not inheret ALL the user's privilige, but a subset.
[..]say that as the Mac gains a larger market share, the number of viruses available for it will grow. I think this is of little consequence.[..] The permissions system means that a common virus could damage a user's home directory, but the system for the most part would remain unaffected, including other users [..] and most of all the fact that users don't run as administrators, all of these reasons make it much less likely that viruses could be as damaging as on Windows
I think this is thinking too much from the perspective of old-school "format c:" destructive virusses.
Today's malware isn't purely destructive anymore; in fact, little incentive exists to create a virus that merely destroys stuff.
Today we're seeing worms that are used to send spam or perform DDOS attacks, and ransomware that encrypts your files and will only unlock them after you pay up.
Access to a user's home directory is perfectly adequate for ransomware. Access to networkresources is sufficient to turn your computer into a zombie. Privileged system access is not the holy grail; access to specific resources are.
User-based security offers no protection against this. Instead people often install programs to limit access to, for example, network resources - a software firewall that will inspect a process to see if it's legit before letting it use the network. Likewise we will need a security subsystem that prevent programs to write to files not created by them. For example; firefox should be able to upload a word document (read permissions) perhaps, but surely only word or openoffice should be permitted to (over)write it.
This is more along the lines of capabilities, but it could be grafted onto user-based security systems (just run processes as different users and give those users permissions only to write to their own files and/or read from their own directories, with some exceptions (e.g. the filemanager)).
Todays programs are so flexible and scriptable, not to mention just plain big and unverifiable, let alone complex and exploitable, that simply saying 'these programs have been deemed safe by an administrator, so they can access all your files if you run them' is no longer an adequate means of making sure applications stay within bounds. We really need to make programs stay on their own turf. Not just files; how about that registry? Why the hell should every program be able to read all of it, and write almost all of it, even keys that belong to a different program?
It's not just windows; MacOS lacks such stuff at the moment too (though it will undoubtedly be much easier to integrate into it than into Windows). Really only SE Linux is set up to handle this sort of thing.
They say: "Your finger is unique to you, which means only you can access your financial accounts. The Pay By Touch service helps protect you from physical or identity theft. Because there's nothing to carry, there's nothing to be lost or stolen."
Really?
What about the fingerprint information you're evidently (there's nothing to carry) sending over the wire? No way to intercept that huh? How about the fingerprints you leave on just about everything you touch? No way to lift those off of that surface and to use them on a scanner, in the case of on-line purchases, a scanner that's right there beside you without anyone looking over your shoulder to see you're actually using your own finger and not some copy made out of gummy bears.
You have to wonder what they thought might be causing the few laptops that did ignite to go up in smoke.. On the one hand, you have charred batteries, which you know have a huge energy density and caustic, chain-reaction, chemistry.
And on the other? Pixie dust? Maybe the numlock-indicator-led was the supposed root cause of exploding, erm, batteries rather than the batteries themselves?
ARIN is a Regionnal Internet Registry, it only doles out IP's for North America. In Europe, there's RIPE, then there's APNIC for Asia-Pacific, LACNIC for Latin America and AfriNic for Africa (the latest RIR).
The RIRs have handled IP and AS address allocation since before ICANN existed. While ICANN is officially (to some) at the top of the hierarchy, the RIRs don't really need ICANN. For that matter, nobody really needs ICANN - if the entire staff of ICANN were to go on holiday for 2 years, scant anyone would notice. In fact, I'm not entirely sure they have been working for the past few years at all.
. I am an unpaid volunteer working because I believe in the party. Have you no decency, sir? Are you so jaded that you refuse to believe anybody is ever acting in anything other than purely their own self-interest? Do you think that whoever's calling you, paid or not, asking for money or not--do you think you're really getting back at them if you vote for their opponent?
You're a phone spammer. You might not be motivated by greed, but you're still spamming. Yes, people will be pissed off at you, because you're interrupting them. Harassing them in their homes. That's hurting your party. But you still do it. Because you have some irrational belief that annoying people is good for the cause? You're still a spammer.
2) As for the oil companies themselves, they're in a similar situation. SOMEONE is going to invent alternate fuels and alternate fuel vehicles. If an American company doesn't do it, a European or Japanese company will. What makes more sense: be the first and try to put your competition out of business, or sit on your hands and do nothing, praying that nobody will manage it in your lifetime?
The investment horizon for a CEO of a mayor corporation isn't his lifetime. He's not concerned about his 401(K). He's concerned about the current and next batch of Quarterly results.
While putting everyone out of business sounds great, it carries with it the risk of requiring investment, depressing your results for 2, 3 or even more Quarters.
So, even without any need to cry 'conspiracy' there are reasons for corporations to not want to rock the boat too much.
Then again, there's this book out by some guy named Chris Paine "Who Killed the Electric Car?" - he owned (well, leased) an electric car from GM, which he was very happy with. But after a year GM took it back, not even offering him the opportunity to buy it. Weird.
Signature-based virus scanners have ALWAYS been a joke. Basically, it's a technology that was barely good enough when the first one was written, and all that time we've been using it until something better comes along.
The real solution to virusses lies not in signature-based scanners, but in policing applications. The discontinued Thunderbyte AV (of DOS days) had the right idea. It scanned files for instructions that shouldn't be in normal programs, like an API call to format your hard disk. It had a list of exceptions (format.com etc.), but otherwise, it would complain loudly.
Nowadays, we can do much better. We have usernames, credentials, priviliges etc. Why don't programs run as separate users with separate priviliges? There is NO reason why Word (or openoffice for that matter) should be able to access every part of the registry or harddisk that the user running it can. Firefox should basically be restricted to making TCP connections and writing it's configuration, cache, and a download directory. The security model now allows it to write to c:\windows\system32 if you're logged in as administrator, even though it clearly has no business doing so.
Newly downloaded applications should be granted permission only to write to registry keys they themselves created, and files likewise. And if an app overstretches its default permissions, the OS should complain loudly and ask permission (OS "professional" edition), lookup a policy file (OS "corporate/enterprise" edition) or simply disallow it and require some sort of wizzardry - e.g. editing an.ini file - to overrule it (OS "home" edition).
This doesn't require rocket science to implement, though it will break some stuff and force users to copy files from My Documents\Microsoft Office to My Documents\Firefox if they want to upload a document. Small price to pay, I say.
Of course Norton and McAfee suffer not just from being unreliable in detecting virusses, they also fuck up your OS so it won't work properly anymore, and are a bitch to uninstall. But the solution to that is simple; switch to another product. The fact that the other product would, again, be a signature based scanner is the lamentable part.
Everything that doomsdayers say is evil is part of the market giving us better lives -- engines, industrialization replacing human labor, commoditization of common goods and needs, etc.
Erm, yeah.. If global warming were the only conceivable doomsdayscenario..
Nuclear weaponry isn't quite enhancing my life, nor are worldwide influenza pandemics, direct meteor hits, global overexposure to radiation as a result of a freakishly excessive sunspot or near-by exploding supernova, or even, in fact, global alien invasion bent on genocide.
As for wanting to live in a bubble city; no-one's stopping you. You can just move into the basement and hook up the airco. I for one like having some forrest on hand to walk about in, with fresh air too.
I personally don't know why microsoft doesn't work on some clever way to treat the desktop as a part of My Documents though, seeing as most computer illiterate people still save all their files there.
Erm..
\Documents and Settings\username\Desktop is your desktop. \Documents and Settings\username\My Documents is your "My Documents" folder.
it is treated in entirely the same way.
In fact, Desktop has the advantage of being a shorter name, and constant across language-editions of windows ("My documents" is translated).
So, yes, I store most of my stuff on my desktop. It's as good a place as any. Neat little folders on there and everything.
TV stations routinely get offered deals that include a few blockbuster hits, or really good movies, and 10 pieces of indefensible filler. Sometimes, the contract even spells out that the crappy movies MUST be aired. This is why TV stations will sometimes have 'specials' focussing on a particular actor (or e.g. the entire Police Academy serieS); they had to buy all his movies, just to show the good ones. This is also why you can sometimes see feature films programmed in the middle of the night. No one will watch them, but they're aired, so the requirements of the package deal are fulfilled. The TV stations get 12 movies for the price of 3, the studios get royalties on their back-catalogue (and can claim million dollar losses if you download one of those long forgotten movies), and everybody's a winner - except if you happen to be awake in the middle of the night and flipping over to a channel showing Police Academy 6..
Don't you get it? It's easier to get the studios to pay for a sequal, so they shot BTTF2 first, but then had to go back in time to make the original, so BTTF was shot AFTER BTTF2.
Nobody on the world would expect a ten dollar watch to have the same quality as a ten thousand dollar watch so why do we expect the guy who can do the job for a million to be as good as the one who wants two million?
That's actually a pretty bad comparison. A ten thousand dollar watch is most likely a collectible with mechanical movement, wheres a 10 dollar watch is most likely to be a digital quartz-driven affair. If it's keeping time you're after, a quartz-mechanism is a hundred times more accurate than a mechanical movement; and that's compared to the upper end of mechanical movement accuracy. If you're willing to spend $40 or even $150 you can buy yourself a quartz-driven and radio-synchronized watch; if you're willing to spend a few hundred you'd get a GPS driven one (which takes into account the latency of the radio (gps) signals reaching it).
A ten-thousand dollar watch is either an antique or a luxury item.
When I see a study like this, I ask myself, what in the world is so interesting about what percentage of bloggers are seen to be journalists?
The only reason the "is a blogger a journalist" question ever comes up, is when people want to sue a blogger for things like not revealing sources, etc.
By claiming that a) protection of the freedom of the press only applies to some select bunch of bona fide journalists and that b) bloggers ain't them, they seek to basically harrass bloggers (and their sources) if a story carried by a blog is inconvenient.
Now, of course, this is riding rough shot with civil liberties. Anyone who publishes anything, to the extent that the content is of a journalistic nature, enjoys protection0s awarded to journalistic endeavour. It's the freedom of the press that's protected, not the freedom of a select bunch of bona fide accredited card-carying yale-educated fee-paying journalists.
That still doesn't stop, e.g. Apple, sueing blogs for dumb-ass reasons (and sometimes succeeding, though they really shouldn't in most cases).
But the question shouldn't be "are bloggers journalists" but "are we doing enough to ensure that all journalistic endeavour is protected, and that everyone can utilize their freedom of speech, and press, without fear for heavyhanded legal actions". The answer to the first question is "to the extent their content is journalism, yes of course, duh, and by the by, that guy that draws Garfield isn't one either even if it is printed in a newspaper", the answer to the latter is "hell no".
The US tortures people. They rationalize it by saying it's legal. It's still torture.
The people in gitmo are being held without any charges. How is that right? Without access to lawyers, impartial tribunals etc. Well, they're finally getting those, because - get this - turns out it's not legal to treat prisoners that way, not even in gitmo, and if they're not citizens. Why? Because it's immoral and inhumane.
"They're worse than us". Great, so what, you now have to be 1 degree less bad?
The US are pretending that non-citizens are non-humans. That what the US does on foreign soil can be as bad as they like, as long as you can rationalize it being "legal" or "less bad than the other guy".
That simply doesn't fly. It never has, and it never will. It's bullshit. And it's evil. No matter how indignant you may be about terrorists, or how much you may like to rationalize it, if you don't hold yourself up to standards that make you treat human beings as humans, then you've lost your humanity.
See how you'd like it if the roles were reversed. And oh, say the guy being 'waterboarded' is your son. Not quite as fun anymore, when the biggest military in the world is torturing your kid, who was probably only sold to them by some guys making a buck turning in supposed terrorists? Well, tough luck.
Does it have a "healing brush"?
on
Beginning GIMP
·
· Score: 2, Interesting
Does it have a "healing brush"? That's really the only neat feature I can think of that photoshop offers that the gimp doesn't/didn't. The "healing brush" basically makes retouching a picture to remove, say, a zit a fool-proof 5 second job. Which is nice.
It's a miracle the market is growing as it is.. For a while now, your 2 or 3 year old computer has been "good enough" for most people. Why would you upgrade if you don't really do new stuff with it? As I see it, reasons for buying a new computer are; - you don't have one yet (which is getting more and more unlikely) - you're doing new stuff with it, such as getting broadband or editing homevideos - you're a nerd/geek/gamer - it's broken in some fashion.
In other words; a replacement market. Now, the OEMs know this. This is why Dell is getting into sidelines like PDAs, digital cameras, TV screens etc. And, in a certain way, they've always known this. OEMs have always sold PCs that were essentially underspecced when it came to the cheapest upgrade; RAM. A 1GB P3 will simply do for most people. I bet they're glad they shipped them with 256MB (or "double your ram limited time only offer" 512MB).
A cynical mind might think that this is part of the reason why OEMs include so much "handy" bundled software.. Fill up that memory good, let the apps update (get bigger) once in a while, so the system gets cruftier and cruftier. Have the anti-virus software disable after a month or two to lower defenses..
There actually are (I'm afraid to say: a lot) of people who buy a new computer simply because the old one got so bogged down with spyware. Dell should have a checkbox on their order pages "[x] my old computer is teh broken with virusses" so they can pick up the old computer as they bring the new one, and ship the old one to Africa, where a simple linux install makes it usable for at least another 3 years..
First, But, to say that Microsoft's market capitalization is not affected by this ruling is naive at best, and outright wrong at worst. that's not what the grandparentposter said. He said that market cap is not a good indicator of how impactful a fine is. For example, it might affect existing credits adversely, increasing the cost of existing lines of credit as their credit rating drops. That's an effect unrelated to market cap, and related more to things like the actual assets and cashflow.
Anything and everything can and will influence the stock quotes themselves, and influence market cap, including whether the weather is nice or not, if some trader is having a good day, etc.
For a lot of companies market capitalization says next to nothing. Think about companies that float 20% of their stock, with 80% remaining in private hands. The public will never hold a controlling interest, some one looking to take over the company will never buy up open market shares; the stock's price simply doesn't influence the fundamentals much, let alone the actual price paid for company ownership.
What about arbitrage? Basically, if a stock goes into freefall for no apparent reason other than a change in supply/demand for stock trades, then the value of their shares would be lower/higher than the value of the company. This is a classic case of arbitrage, and will eventually lead to an arbiteur to buy (if it is undervalued) or short (if it is overvalued) the stock. If the company is significantly undervalued, an arbiteur might decide to purchase a significant portion of the outstanding shares and attempt to divide the company into pieces & sell it off. This is what a corporate raider does. Now we're headed in "invisible hand of the market" territory; which isn't as flawless as you suggest.
I'll give an example where this simply won't work. Consider the largest owner of commercial real estate (shops) in, say, The Netherlands (Maxeda). Maxeda's assets, its real estate, are worth more combined than its marketcap! Madness, you'd say! The invisible hand of the market should correct this outrage! Either Maxeda is worth more, or a corporate raider should split the company up and sell it in parts.
The problem is, that as soon as you try to liquidate ALL of Maxeda's assets, you're looking for one (or a handful) of companies that need its real estate, and that want to operate shops on there. The problem of course is, that such parties cannot be found. In fact, if you could find a company that would buy all the real estate, they would then have to open up shops in them. Then you're left with a company with the exact same real estate with more or less the same shops in them. How likely are they to do better than Maxeda itself? Given the cost of selling their real estate; not. Corporate raiding cannot save Maxeda.
Of course the point here is that the real estate is probably valued fairly; but only if you expect to sell those shops one at a time. If you look at the valuation of your own home, you might find reference to an amount of time the valuer would expect your house to be for sale, before it sells at its valuation price.
The same goes for market cap, as the grandparentposter eloquently explained; if you suddenly dump every share on the market, you won't get a good price for them - and it's doubtful the price would recover. Conversely, if you try to do a hostile takeover of a company, expect to pay a premium over the market value, like Mittal recently did to acquire Arcelor. There was no magic arbitrage going on there that made sure Mittal paid the right price; in fact, they probably paid too much, but they expect to make good on that by using their controlling interest to do new and exciting things. And that is merely a gamble.
(Another example; airliners. Airlines have HUGE amounts in assets. A corporate raider should surely split them up and sell the assets. But those assets are airplanes. And the only way to make money from airplanes is to operate.. an airline! To non-airline companies those assets are worth exactly $0 of their money. Good luck raiding them.)
The vast majority of people are merely average Joes. Everyone cannot be Einstein, nor can everyone be Crichton. That's just the way it is and the way it always will be. Most people don't post anything deeper because most people simply aren't deeper, and it's unlikely that they ever will be, in particular when they're born, raised, and socialized in a consumer orgy of a society that is itself incredibly inane.
You know, had myspace been available in Einstein's day, I don't think he would have used it much.
Well, not after they passed around that video he made of himself stumbling over pretending to be a jedi with that fake lightsaber..
The statement that people could introduce malicus code into Linux that then makes it's way into secure systems. Of course with companies outsourcing programming jobs to other countries the same thing could happen with a closed source system. American programmers are just as capable of introducing (intentional) bugs as foreign programmers.
Of course the same thing should be done with any software that goes into a military, aerospace, or any other mission critical system. In this case OSS does have a clear advantage in that the end user can select any group to perform the code audit instead of depending on the vendor.
The US armed forces have enough spending power to convince even Microsoft to pony up the source code. And they do.
Of course if the military does a code audit on Linux they would have contribute back the patches so it is a win win situation.
Under the GPL, you only have to contribute patches if you distribute your modified code to third parties. The result of a code audit might also just be "don't use module X", in which case there's nothing to patch.
The way I read it the article is more about encouraging DoD programmers to be more like the open source community in sharing programs, ideas and sourcecode with each other, rather than continually reinventing the wheel.
1) the website is simply at another address, well-educated users will spot the lack of https and the different URL 2) I have an account at postbank(.nl) which uses a password for logging in, and then additional codes for transactions. The password will only give you read only access. 3) At this same bank, the transactions are verified by sending you a text-message; not the most secured channel, but the message doesn't just include a "transaction acceptance code", but also the amount of money being transferred. If something is amiss it's spotted easily through this second channel, beyong the phishers' control. 4) Another bank, abnamro.nl, lists the IP number you were last logged in from on the welcome page.
I feel that 1) could be attacked by phishers using malware, so that's no guarantee. Using the amount of money to be transferred as part of the challenge is trivial and should simply be implemented at first opportunity. One of citibank's problems is that they're using a token that simply displays a code, rather than a challenge response system; no way to enhance the challenge.. Number 3) is also pretty neat. Reall, I don't care so much about my bankstatements per se that they need to be protected with two-factor authentication (though of course in the US, identity theft might make this more prudent). The ability to check my account without too much rigmarole is very user friendly. Number 4) would be neat, but also confusing to many users, especially those behind DHCP.
Sum conclusion; use challenge response, with the amount to be transferred firmly embedded in the challenge, or communicated to the user out-of-bounds.
Slashdot Mirror
Mac OS X has ACLs now. This means that Apple could set up the system to prevent or allow certain types of access on a file-by-file basis. All of this, if done correctly, could certainly increase the security of a system.
Windows has ACLs too. Solaris has them. Linux has them if you'd like. ACLs per se do NOT prevent individual programs running with a certain user's credentials from accessing the user's other files.
It's what you do with ACLs.
The scheme I describe whereby you'd give programs access only to the files they've created could be implemented using Bell-Lapadula (ugo) permissions as well.
However, the concept of capabilities is really what you'd be spoofing. That's the concept whereby programs do not inheret ALL the user's privilige, but a subset.
[..]say that as the Mac gains a larger market share, the number of viruses available for it will grow. I think this is of little consequence.[..] The permissions system means that a common virus could damage a user's home directory, but the system for the most part would remain unaffected, including other users [..] and most of all the fact that users don't run as administrators, all of these reasons make it much less likely that viruses could be as damaging as on Windows
I think this is thinking too much from the perspective of old-school "format c:" destructive virusses.
Today's malware isn't purely destructive anymore; in fact, little incentive exists to create a virus that merely destroys stuff.
Today we're seeing worms that are used to send spam or perform DDOS attacks, and ransomware that encrypts your files and will only unlock them after you pay up.
Access to a user's home directory is perfectly adequate for ransomware. Access to networkresources is sufficient to turn your computer into a zombie. Privileged system access is not the holy grail; access to specific resources are.
User-based security offers no protection against this. Instead people often install programs to limit access to, for example, network resources - a software firewall that will inspect a process to see if it's legit before letting it use the network. Likewise we will need a security subsystem that prevent programs to write to files not created by them. For example; firefox should be able to upload a word document (read permissions) perhaps, but surely only word or openoffice should be permitted to (over)write it.
This is more along the lines of capabilities, but it could be grafted onto user-based security systems (just run processes as different users and give those users permissions only to write to their own files and/or read from their own directories, with some exceptions (e.g. the filemanager)).
Todays programs are so flexible and scriptable, not to mention just plain big and unverifiable, let alone complex and exploitable, that simply saying 'these programs have been deemed safe by an administrator, so they can access all your files if you run them' is no longer an adequate means of making sure applications stay within bounds. We really need to make programs stay on their own turf. Not just files; how about that registry? Why the hell should every program be able to read all of it, and write almost all of it, even keys that belong to a different program?
It's not just windows; MacOS lacks such stuff at the moment too (though it will undoubtedly be much easier to integrate into it than into Windows). Really only SE Linux is set up to handle this sort of thing.
Panasonic says, "You get what you pay for." Is that supposed to mean burn-in's not a problem on high-end sets?
Replace early, replace often?
They say: "Your finger is unique to you, which means only you can access your financial accounts. The Pay By Touch service helps protect you from physical or identity theft. Because there's nothing to carry, there's nothing to be lost or stolen."
Really?
What about the fingerprint information you're evidently (there's nothing to carry) sending over the wire? No way to intercept that huh? How about the fingerprints you leave on just about everything you touch? No way to lift those off of that surface and to use them on a scanner, in the case of on-line purchases, a scanner that's right there beside you without anyone looking over your shoulder to see you're actually using your own finger and not some copy made out of gummy bears.
You have to wonder what they thought might be causing the few laptops that did ignite to go up in smoke.. On the one hand, you have charred batteries, which you know have a huge energy density and caustic, chain-reaction, chemistry.
And on the other? Pixie dust? Maybe the numlock-indicator-led was the supposed root cause of exploding, erm, batteries rather than the batteries themselves?
I'd love to hear their theories..
I though ARIN was in charge of IP's?
ARIN is a Regionnal Internet Registry, it only doles out IP's for North America. In Europe, there's RIPE, then there's APNIC for Asia-Pacific, LACNIC for Latin America and AfriNic for Africa (the latest RIR).
The RIRs have handled IP and AS address allocation since before ICANN existed. While ICANN is officially (to some) at the top of the hierarchy, the RIRs don't really need ICANN. For that matter, nobody really needs ICANN - if the entire staff of ICANN were to go on holiday for 2 years, scant anyone would notice. In fact, I'm not entirely sure they have been working for the past few years at all.
. I am an unpaid volunteer working because I believe in the party. Have you no decency, sir? Are you so jaded that you refuse to believe anybody is ever acting in anything other than purely their own self-interest? Do you think that whoever's calling you, paid or not, asking for money or not--do you think you're really getting back at them if you vote for their opponent?
You're a phone spammer. You might not be motivated by greed, but you're still spamming. Yes, people will be pissed off at you, because you're interrupting them. Harassing them in their homes. That's hurting your party. But you still do it. Because you have some irrational belief that annoying people is good for the cause? You're still a spammer.
2) As for the oil companies themselves, they're in a similar situation. SOMEONE is going to invent alternate fuels and alternate fuel vehicles. If an American company doesn't do it, a European or Japanese company will. What makes more sense: be the first and try to put your competition out of business, or sit on your hands and do nothing, praying that nobody will manage it in your lifetime?
The investment horizon for a CEO of a mayor corporation isn't his lifetime. He's not concerned about his 401(K). He's concerned about the current and next batch of Quarterly results.
While putting everyone out of business sounds great, it carries with it the risk of requiring investment, depressing your results for 2, 3 or even more Quarters.
So, even without any need to cry 'conspiracy' there are reasons for corporations to not want to rock the boat too much.
Then again, there's this book out by some guy named Chris Paine "Who Killed the Electric Car?" - he owned (well, leased) an electric car from GM, which he was very happy with. But after a year GM took it back, not even offering him the opportunity to buy it. Weird.
Signature-based virus scanners have ALWAYS been a joke. Basically, it's a technology that was barely good enough when the first one was written, and all that time we've been using it until something better comes along.
.ini file - to overrule it (OS "home" edition).
The real solution to virusses lies not in signature-based scanners, but in policing applications. The discontinued Thunderbyte AV (of DOS days) had the right idea. It scanned files for instructions that shouldn't be in normal programs, like an API call to format your hard disk. It had a list of exceptions (format.com etc.), but otherwise, it would complain loudly.
Nowadays, we can do much better. We have usernames, credentials, priviliges etc. Why don't programs run as separate users with separate priviliges? There is NO reason why Word (or openoffice for that matter) should be able to access every part of the registry or harddisk that the user running it can. Firefox should basically be restricted to making TCP connections and writing it's configuration, cache, and a download directory. The security model now allows it to write to c:\windows\system32 if you're logged in as administrator, even though it clearly has no business doing so.
Newly downloaded applications should be granted permission only to write to registry keys they themselves created, and files likewise. And if an app overstretches its default permissions, the OS should complain loudly and ask permission (OS "professional" edition), lookup a policy file (OS "corporate/enterprise" edition) or simply disallow it and require some sort of wizzardry - e.g. editing an
This doesn't require rocket science to implement, though it will break some stuff and force users to copy files from My Documents\Microsoft Office to My Documents\Firefox if they want to upload a document. Small price to pay, I say.
Of course Norton and McAfee suffer not just from being unreliable in detecting virusses, they also fuck up your OS so it won't work properly anymore, and are a bitch to uninstall. But the solution to that is simple; switch to another product. The fact that the other product would, again, be a signature based scanner is the lamentable part.
Everything that doomsdayers say is evil is part of the market giving us better lives -- engines, industrialization replacing human labor, commoditization of common goods and needs, etc.
Erm, yeah.. If global warming were the only conceivable doomsdayscenario..
Nuclear weaponry isn't quite enhancing my life, nor are worldwide influenza pandemics, direct meteor hits, global overexposure to radiation as a result of a freakishly excessive sunspot or near-by exploding supernova, or even, in fact, global alien invasion bent on genocide.
As for wanting to live in a bubble city; no-one's stopping you. You can just move into the basement and hook up the airco. I for one like having some forrest on hand to walk about in, with fresh air too.
Who wouldn't want to advertise to the gullible?
"Install our free screensaver and it will speed up your Internet tubes 200%!!!"
"Most online services broaden your bands. AOL widens your pipes, so you can be sure your band fits on myspace!"
I personally don't know why microsoft doesn't work on some clever way to treat the desktop as a part of My Documents though, seeing as most computer illiterate people still save all their files there.
Erm..
\Documents and Settings\username\Desktop is your desktop.
\Documents and Settings\username\My Documents is your "My Documents" folder.
it is treated in entirely the same way.
In fact, Desktop has the advantage of being a shorter name, and constant across language-editions of windows ("My documents" is translated).
So, yes, I store most of my stuff on my desktop. It's as good a place as any. Neat little folders on there and everything.
Two words; "package deals".
TV stations routinely get offered deals that include a few blockbuster hits, or really good movies, and 10 pieces of indefensible filler. Sometimes, the contract even spells out that the crappy movies MUST be aired. This is why TV stations will sometimes have 'specials' focussing on a particular actor (or e.g. the entire Police Academy serieS); they had to buy all his movies, just to show the good ones. This is also why you can sometimes see feature films programmed in the middle of the night. No one will watch them, but they're aired, so the requirements of the package deal are fulfilled. The TV stations get 12 movies for the price of 3, the studios get royalties on their back-catalogue (and can claim million dollar losses if you download one of those long forgotten movies), and everybody's a winner - except if you happen to be awake in the middle of the night and flipping over to a channel showing Police Academy 6..
Sequels suck and will always suck.
Umm, what about Back to the Future?
Don't you get it? It's easier to get the studios to pay for a sequal, so they shot BTTF2 first, but then had to go back in time to make the original, so BTTF was shot AFTER BTTF2.
Nobody on the world would expect a ten dollar watch to have the same quality as a ten thousand dollar watch so why do we expect the guy who can do the job for a million to be as good as the one who wants two million?
That's actually a pretty bad comparison. A ten thousand dollar watch is most likely a collectible with mechanical movement, wheres a 10 dollar watch is most likely to be a digital quartz-driven affair. If it's keeping time you're after, a quartz-mechanism is a hundred times more accurate than a mechanical movement; and that's compared to the upper end of mechanical movement accuracy. If you're willing to spend $40 or even $150 you can buy yourself a quartz-driven and radio-synchronized watch; if you're willing to spend a few hundred you'd get a GPS driven one (which takes into account the latency of the radio (gps) signals reaching it).
A ten-thousand dollar watch is either an antique or a luxury item.
When I see a study like this, I ask myself, what in the world is so interesting about what percentage of bloggers are seen to be journalists?
The only reason the "is a blogger a journalist" question ever comes up, is when people want to sue a blogger for things like not revealing sources, etc.
By claiming that a) protection of the freedom of the press only applies to some select bunch of bona fide journalists and that b) bloggers ain't them, they seek to basically harrass bloggers (and their sources) if a story carried by a blog is inconvenient.
Now, of course, this is riding rough shot with civil liberties. Anyone who publishes anything, to the extent that the content is of a journalistic nature, enjoys protection0s awarded to journalistic endeavour. It's the freedom of the press that's protected, not the freedom of a select bunch of bona fide accredited card-carying yale-educated fee-paying journalists.
That still doesn't stop, e.g. Apple, sueing blogs for dumb-ass reasons (and sometimes succeeding, though they really shouldn't in most cases).
But the question shouldn't be "are bloggers journalists" but "are we doing enough to ensure that all journalistic endeavour is protected, and that everyone can utilize their freedom of speech, and press, without fear for heavyhanded legal actions".
The answer to the first question is "to the extent their content is journalism, yes of course, duh, and by the by, that guy that draws Garfield isn't one either even if it is printed in a newspaper", the answer to the latter is "hell no".
The US tortures people. They rationalize it by saying it's legal. It's still torture.
The people in gitmo are being held without any charges. How is that right? Without access to lawyers, impartial tribunals etc. Well, they're finally getting those, because - get this - turns out it's not legal to treat prisoners that way, not even in gitmo, and if they're not citizens. Why? Because it's immoral and inhumane.
"They're worse than us". Great, so what, you now have to be 1 degree less bad?
The US are pretending that non-citizens are non-humans. That what the US does on foreign soil can be as bad as they like, as long as you can rationalize it being "legal" or "less bad than the other guy".
That simply doesn't fly. It never has, and it never will. It's bullshit. And it's evil. No matter how indignant you may be about terrorists, or how much you may like to rationalize it, if you don't hold yourself up to standards that make you treat human beings as humans, then you've lost your humanity.
See how you'd like it if the roles were reversed. And oh, say the guy being 'waterboarded' is your son. Not quite as fun anymore, when the biggest military in the world is torturing your kid, who was probably only sold to them by some guys making a buck turning in supposed terrorists? Well, tough luck.
Does it have a "healing brush"? That's really the only neat feature I can think of that photoshop offers that the gimp doesn't/didn't. The "healing brush" basically makes retouching a picture to remove, say, a zit a fool-proof 5 second job. Which is nice.
It's a miracle the market is growing as it is.. For a while now, your 2 or 3 year old computer has been "good enough" for most people. Why would you upgrade if you don't really do new stuff with it? As I see it, reasons for buying a new computer are;
- you don't have one yet (which is getting more and more unlikely)
- you're doing new stuff with it, such as getting broadband or editing homevideos
- you're a nerd/geek/gamer
- it's broken in some fashion.
In other words; a replacement market.
Now, the OEMs know this. This is why Dell is getting into sidelines like PDAs, digital cameras, TV screens etc.
And, in a certain way, they've always known this. OEMs have always sold PCs that were essentially underspecced when it came to the cheapest upgrade; RAM. A 1GB P3 will simply do for most people. I bet they're glad they shipped them with 256MB (or "double your ram limited time only offer" 512MB).
A cynical mind might think that this is part of the reason why OEMs include so much "handy" bundled software.. Fill up that memory good, let the apps update (get bigger) once in a while, so the system gets cruftier and cruftier. Have the anti-virus software disable after a month or two to lower defenses..
There actually are (I'm afraid to say: a lot) of people who buy a new computer simply because the old one got so bogged down with spyware. Dell should have a checkbox on their order pages "[x] my old computer is teh broken with virusses" so they can pick up the old computer as they bring the new one, and ship the old one to Africa, where a simple linux install makes it usable for at least another 3 years..
First,
But, to say that Microsoft's market capitalization is not affected by this ruling is naive at best, and outright wrong at worst.
that's not what the grandparentposter said. He said that market cap is not a good indicator of how impactful a fine is. For example, it might affect existing credits adversely, increasing the cost of existing lines of credit as their credit rating drops. That's an effect unrelated to market cap, and related more to things like the actual assets and cashflow.
Anything and everything can and will influence the stock quotes themselves, and influence market cap, including whether the weather is nice or not, if some trader is having a good day, etc.
For a lot of companies market capitalization says next to nothing. Think about companies that float 20% of their stock, with 80% remaining in private hands. The public will never hold a controlling interest, some one looking to take over the company will never buy up open market shares; the stock's price simply doesn't influence the fundamentals much, let alone the actual price paid for company ownership.
What about arbitrage? Basically, if a stock goes into freefall for no apparent reason other than a change in supply/demand for stock trades, then the value of their shares would be lower/higher than the value of the company. This is a classic case of arbitrage, and will eventually lead to an arbiteur to buy (if it is undervalued) or short (if it is overvalued) the stock. If the company is significantly undervalued, an arbiteur might decide to purchase a significant portion of the outstanding shares and attempt to divide the company into pieces & sell it off. This is what a corporate raider does.
Now we're headed in "invisible hand of the market" territory; which isn't as flawless as you suggest.
I'll give an example where this simply won't work. Consider the largest owner of commercial real estate (shops) in, say, The Netherlands (Maxeda). Maxeda's assets, its real estate, are worth more combined than its marketcap! Madness, you'd say! The invisible hand of the market should correct this outrage! Either Maxeda is worth more, or a corporate raider should split the company up and sell it in parts.
The problem is, that as soon as you try to liquidate ALL of Maxeda's assets, you're looking for one (or a handful) of companies that need its real estate, and that want to operate shops on there. The problem of course is, that such parties cannot be found. In fact, if you could find a company that would buy all the real estate, they would then have to open up shops in them. Then you're left with a company with the exact same real estate with more or less the same shops in them. How likely are they to do better than Maxeda itself? Given the cost of selling their real estate; not. Corporate raiding cannot save Maxeda.
Of course the point here is that the real estate is probably valued fairly; but only if you expect to sell those shops one at a time. If you look at the valuation of your own home, you might find reference to an amount of time the valuer would expect your house to be for sale, before it sells at its valuation price.
The same goes for market cap, as the grandparentposter eloquently explained; if you suddenly dump every share on the market, you won't get a good price for them - and it's doubtful the price would recover. Conversely, if you try to do a hostile takeover of a company, expect to pay a premium over the market value, like Mittal recently did to acquire Arcelor. There was no magic arbitrage going on there that made sure Mittal paid the right price; in fact, they probably paid too much, but they expect to make good on that by using their controlling interest to do new and exciting things. And that is merely a gamble.
(Another example; airliners. Airlines have HUGE amounts in assets. A corporate raider should surely split them up and sell the assets. But those assets are airplanes. And the only way to make money from airplanes is to operate.. an airline! To non-airline companies those assets are worth exactly $0 of their money. Good luck raiding them.)
The vast majority of people are merely average Joes. Everyone cannot be Einstein, nor can everyone be Crichton. That's just the way it is and the way it always will be. Most people don't post anything deeper because most people simply aren't deeper, and it's unlikely that they ever will be, in particular when they're born, raised, and socialized in a consumer orgy of a society that is itself incredibly inane.
You know, had myspace been available in Einstein's day, I don't think he would have used it much.
Well, not after they passed around that video he made of himself stumbling over pretending to be a jedi with that fake lightsaber..
Actually, we as geeks care.
Yeah. Cause slashdot is and always has been the paragon of neat code and standards compliant HTML+CSS.
The statement that people could introduce malicus code into Linux that then makes it's way into secure systems. Of course with companies outsourcing programming jobs to other countries the same thing could happen with a closed source system.
American programmers are just as capable of introducing (intentional) bugs as foreign programmers.
Of course the same thing should be done with any software that goes into a military, aerospace, or any other mission critical system. In this case OSS does have a clear advantage in that the end user can select any group to perform the code audit instead of depending on the vendor.
The US armed forces have enough spending power to convince even Microsoft to pony up the source code. And they do.
Of course if the military does a code audit on Linux they would have contribute back the patches so it is a win win situation.
Under the GPL, you only have to contribute patches if you distribute your modified code to third parties. The result of a code audit might also just be "don't use module X", in which case there's nothing to patch.
The way I read it the article is more about encouraging DoD programmers to be more like the open source community in sharing programs, ideas and sourcecode with each other, rather than continually reinventing the wheel.
Let's see
1) the website is simply at another address, well-educated users will spot the lack of https and the different URL
2) I have an account at postbank(.nl) which uses a password for logging in, and then additional codes for transactions. The password will only give you read only access.
3) At this same bank, the transactions are verified by sending you a text-message; not the most secured channel, but the message doesn't just include a "transaction acceptance code", but also the amount of money being transferred. If something is amiss it's spotted easily through this second channel, beyong the phishers' control.
4) Another bank, abnamro.nl, lists the IP number you were last logged in from on the welcome page.
I feel that 1) could be attacked by phishers using malware, so that's no guarantee.
Using the amount of money to be transferred as part of the challenge is trivial and should simply be implemented at first opportunity. One of citibank's problems is that they're using a token that simply displays a code, rather than a challenge response system; no way to enhance the challenge..
Number 3) is also pretty neat. Reall, I don't care so much about my bankstatements per se that they need to be protected with two-factor authentication (though of course in the US, identity theft might make this more prudent). The ability to check my account without too much rigmarole is very user friendly.
Number 4) would be neat, but also confusing to many users, especially those behind DHCP.
Sum conclusion;
use challenge response, with the amount to be transferred firmly embedded in the challenge, or communicated to the user out-of-bounds.
Good luck in explaining the spike in traffic 3 full days after the article was posted.
Suckers!