Seems to me that this could be the begining of a Kit TV era. Kits that would include a broadcast flag 'chip' that could be mistakenly left out by the user.
It would probably be much like 'Police' type scanners that have certain sets of frequencies locked out.
Conveniently, many of those same receivers have an easy way to 'accidentally' short the part/circuit that blocks those sets of frequencies.
It's so convenient, it's hard to imagine that engineers don't do it on purpose.
Maybe they should add torrent functionality to download signed updates or something similar.
That's a great idea but I'm one of those tin-foil hat kinda guys. I'd rather only have my browser directly updated from the source or official mirrors.
My reason being that one of the vulnerabilities might be linked to signed updates themselves or some other Evil Thing.
Install behind a nice little NAT box/cable router. They're only 50 bucks now and solve all these headaches.
Actually, that $50 router isn't the solution. Just one example, it isn't likely to stop an infected computer on the network from infecting the computer you are installing the OS onto.
Make a few partition images for several manufacturers of motherboards and installing XP completely up to date should rarely take more than 15 minutes. And, no networking is needed.
That's hardly a hassle at all and makes sure that you don't have to rely on anything besides some cd/dvd's to quickly get a box up and running.
So what's the secret, then? I don't entirely know, I think it must be alot of little things combining. Partially, I think things aren't quite as horribly insecure as people think; just that when they are, and they often are by default, things go so horribly wrong that it colours one's perspective on the issue
They are as horribly insecure as people think.
It's just that like the fact that most people's homes are horribly insecure but most don't get burglarized often.
It's opportunity and the attractivness of the target + the security measures that determine the likelyhood of of a computer being broken into.
As you mention, you updated the security patches. Much like building a larger gate and more security guards, you're much less likely to be sucessfully attacked.
Never had a machine with a live connection while installing, I'll have to try that.
It'll be ok if you're on a firewalled network and there aren't any infected Win32 boxes on that same network. If you're directly connected to the internet, there's a good chance that you'll be infected before the new patches are applied unless you have a good firewall.
Otherwise, the very best way IMO to install XP on a box is to:
1) Install XP on an unconnected box.
2) Apply all of the patches with MS offline patchers or use Autopatcher.
3) Install a good 3rd party firewall and A/V.
optionally
4) Make an image of the partition of that complete install and use it for installations in the future. All that you need to do is put that image on a new computer, change the XP key to the one that belongs to that box, and connect to the internet to register.
That way, you can build a box, install windows in 5-6 minutes (plus time for any driver changes), and have it legally registered.
apparently someone involved in the design process decided that everyone in the room would like to know that you've just turned your phone off. can someone explain to me how that makes any sense?
On most cell-phones, turning them off requires holding down the off button for a few seconds. Without the sound, the person will have to stare at the phone to make sure that they did it correctly.
It's lame, but it's true.
Most phones allow people to shut that annoying sound off but few people choose to do so. They should be conditioned after a few power-downs to know how long it takes to do it.
Though on the good side technology is getting to the point where it can effectively block cell phone signals so since it is obvious people won't police themselves it is only a matter of time before more and more public places like movie theaters block it for them.
If they could only then block the sound of all of the cellphones beeping the 'I can't get a signal' tones.
1. Make spyware
2. Get removed by Microsoft
3. Sue!
4. Profit
That's one reason I've always believed that any Microsoft Anti-Spyware or Anti-Virus wouldn't be very useful. (Another major reason is that Micrsoft isn't very good at security.)
Microsoft will have to be extremely careful about about breaking other people's software since they have already been in trouble previously for doing it purposely to get rid of competition.
The majority of my work involves cleaning up computers clogged with Spy/Malware & viruses. I've been testing the Microsoft version (just to see what it detects, I haven't used the 'fix' tool) and even though it's a beta, the rules are extremely loose. So far, it seems to be mostly targeted at various p2p Adware/Spyware installed programs and misses the majority of other long-known spyware.
Again, it's just a beta version, but I'm sure that Microsoft will either stay on the safe side and concentrate on applications that are often related to piracy, or will they will create a lot of click agreement buttons to make the burden of legal defense shift to the person using the Microsoft Anti-spyware program.
Microsoft's court defense "Your Honor, we tried to stop them from removing/breaking the application with 3 seperate several page long I AGREE/DO IT ANYWAY! warnings."
OTOH, I wouldn't be surprised though if some enterprising people came up with something that looked like spyware, smelled like spyware, but really wasn't just to bait Microsoft into having their program remove it.
Old timers from the early DOS days may remember differently.:) It was both technical and "PR" grounds that Phil Katz won on. He started out by making a better "ARC" compressor/decompressor, the ARC people litigated (on dubious grounds IMO - see the "Defending Phil" link from the link below),
Ahh, yes, the great rebellion. I do feel old now. (Especially remembering that I paid $900 for a 9600baud modem to make nightly email transfers faster)
I remember being so offended by the archive fiasco that I immediately converted the format of all my BBS files away from ARC.
PS: That $900 modem seems like a lot of money for back then, but when you were passing email across the USA the old way, long distance $$$ added up fast.
You Quoted me saying: Winrar, which creates and reassembles.rar files prompts users to scan files for infections before extracting them.
So you said: Oh great, a false sense of security.
Quite the opposite AC. That option is so that people can delete an infected rar before combining all of the parts and installing them to another part of a drive or another partition.
The files will still get virus scanned by the scanner itself even if the person goes ahead and skips the Winrar request to have the scanner check for viruses before extraction.
It's also beneficial in that it alerts everyone that.rar files could carry infections. If so many people knew about rars carrying infections, we probably wouldn't have Bleeding Edge Slashdot stories entitled 'New Virus Attacks Via RAR Files'.
You quoted: Rar files are much better than zip files in that people can download (let's say) a.rar that's been split into 15 parts.
And said: ZIP has been able to do this since long before RAR has existed; it just wasn't very convenient..
Exactly. If a ZIP part was missing, the recipient was screwed. With RAR, the loads of people screaming for reposts of pieces that their crappy news servers didn't get have mostly gone away. RAR users are spoiled now because they know that with missing RAR parts, it's not a big deal, either wait for the parity files or request them from the person who posted the RAR.
That saves requesting parts, time, flames, and the load that news servers have to carry. Especially when one person asks for ZIP part 7 and 5-10 people 'helpfully' repost that same part which ends up broadcast to every USENET server on the planet even though only 1 person needed that part.
Also, rar files don't necessarily mean Warez is involved. It's actually mostly used because on USENET, a lot of times parts of files don't make it through. It used to really be frustrating when after 15Megs of [WHATEVER] being downloaded, some pieces would be missing or already expunged by the local USENET server.
The solution?.rar files plus Spartpar
Even if parts of a download are missing. there's a good chance the parity check files will fix the problem. This saves time AND having to re-download the files in question.
Any archive, whether, it's a.tar,.gz,.zip,.rar, often contains executable files that could be infected. This is just another hype scare tactic about something that's not new at all.
Well, I know of a few that do now... Seriously, is this that much of a threat? Winzip (AFAIK) doesn't handle Rar archives, and most users wouldn't know how to open one if they did find one in their inbox...
.rar archives being infected is very old news as well as every other archive format.
.rar files have been infected since they have existed and posted to USENET. Rar files are much better than zip files in that people can download (let's say) a.rar that's been split into 15 parts. By using smartpar, even if a part of that.rar is corrupted, Smartpar does parity and other checks to reconstruct the missing part(s)
As you note, most people don't know about rar files. And even if they do, the anti-virus program will block the virus as soon as the rar set is put back together.
This is a complete non-issue.
Not to mention, Winrar, which creates and reassembles.rar files prompts users to scan files for infections before extracting them.
A web site should _never_ open a new window, and it should open a new tab only if I specifically ask for it by middle-clicking on a link.
True, but there are some sites that I need popups on. For instance, Banking and related financial trading sites often need popups on. Trying to get them to reprogram their web pages is extremely unlikely. (I've tried it several times)
It's just a minor inconvenience though. I'll just use a seperate web browser for those site in the future and block all popups in this one with the subject-line fix above.
With hindsight however it's clear that the Tsunami was predicted by thousands of talented pyschics and prominent clairvoyants it's just that it the general population did not interpret the predictions correctly.
I knew. I was on a Dolphin email list and I got the 'So Long, and Thanks For All The Fish' final message.
People are amazed at my excellent ability to remember how to get back from a new place I've been to (even at night) yet I often have trouble describing how to get to that same place.
I blame that one on my Grandma. Everyone who knew her thought she was nuts but I'd listen to her advise anyway.
She told me that it's much easier to remember how to navigate towards a place that I am familiar with than trying the opposite. She told me remember the route in reverse rather than trying to remember how to get to AND from any particular destination.
I now subconciously remember the complete route in reverse. It seems to work well and I do think her theory may have some plausibility.
(I also had to be able to recite the alphabet, number sequences and sentences in reverse just as quickly as forwards. She claimed it speeds your brain's processing time because information can be accessed by the fastest route rather than always starting at the top of the stack of a remembered sequence. I don't know if that's true, but it is a fun party trick...especially if you get pulled over by police after that same party).
By the way, how do you expect magnetic reversals to impact climate? I don't know of any theory that it would matter.
When the magnetic field is in 'mid-phase' or lower than average, we have don't the protection from Sol radiation that we normally enjoy today.
Core samples show that our magnetic field has been reducing for quite a while and has also switched north and south numerous times in the past.
Without shielding from Sol's direct radiation, all sort of 'not so nice' things are likely to happen.
Here are some links about our 'flakey' shielding from Sol: (some people see it as the Northern Lights) It's what deflects most dangerous Sol radiation:
Changes in that shielding will directly change our climate. After all, if the Earth is unprotected for a few days, things will heat up quite a bit unexpectedly. (Not to mention the damage to life forms without protection from that sort of intense radiation)
Slashdot Mirror
(Yes, I realize the law about this, but it'll happen anyway. 'Build it and they will come and hack it')
Seems to me that this could be the begining of a Kit TV era. Kits that would include a broadcast flag 'chip' that could be mistakenly left out by the user.
It would probably be much like 'Police' type scanners that have certain sets of frequencies locked out.
Conveniently, many of those same receivers have an easy way to 'accidentally' short the part/circuit that blocks those sets of frequencies.
It's so convenient, it's hard to imagine that engineers don't do it on purpose.
And if there are no US citizens involved, you have no business with our campaigns.
True.
A lot of Iraqis feel that way also.
M0r3 47 11.
Wow, Slashdot does look weird with the 1.0.1 update.
Yes, I got the update button, and it downloaded and tried to install, but it does not upgrade 1.0 it just installs 1.0.1
HELP -->> ABOUT MOZILLA FIREFOX: "version 1.0.1"
That means that it's upgraded.
Maybe they should add torrent functionality to download signed updates or something similar.
That's a great idea but I'm one of those tin-foil hat kinda guys. I'd rather only have my browser directly updated from the source or official mirrors.
My reason being that one of the vulnerabilities might be linked to signed updates themselves or some other Evil Thing.
why make it so difficult?
Install behind a nice little NAT box/cable router. They're only 50 bucks now and solve all these headaches.
Actually, that $50 router isn't the solution. Just one example, it isn't likely to stop an infected computer on the network from infecting the computer you are installing the OS onto.
Make a few partition images for several manufacturers of motherboards and installing XP completely up to date should rarely take more than 15 minutes. And, no networking is needed.
That's hardly a hassle at all and makes sure that you don't have to rely on anything besides some cd/dvd's to quickly get a box up and running.
You can simply turn on the XP firewall that comes with XP out of the box.
Unless something has changed, the XP firewall activates just slightly after packets start flying over a newly established network connection.
So what's the secret, then? I don't entirely know, I think it must be alot of little things combining. Partially, I think things aren't quite as horribly insecure as people think; just that when they are, and they often are by default, things go so horribly wrong that it colours one's perspective on the issue
They are as horribly insecure as people think.
It's just that like the fact that most people's homes are horribly insecure but most don't get burglarized often.
It's opportunity and the attractivness of the target + the security measures that determine the likelyhood of of a computer being broken into.
As you mention, you updated the security patches. Much like building a larger gate and more security guards, you're much less likely to be sucessfully attacked.
Never had a machine with a live connection while installing, I'll have to try that.
It'll be ok if you're on a firewalled network and there aren't any infected Win32 boxes on that same network. If you're directly connected to the internet, there's a good chance that you'll be infected before the new patches are applied unless you have a good firewall.
Otherwise, the very best way IMO to install XP on a box is to:
1) Install XP on an unconnected box.
2) Apply all of the patches with MS offline patchers or use Autopatcher.
3) Install a good 3rd party firewall and A/V.
optionally
4) Make an image of the partition of that complete install and use it for installations in the future. All that you need to do is put that image on a new computer, change the XP key to the one that belongs to that box, and connect to the internet to register.
That way, you can build a box, install windows in 5-6 minutes (plus time for any driver changes), and have it legally registered.
I mean, $2-3 a PIECE? who the hell pays that?
It is quite a shock to hear about people paying for music in this day and age.
apparently someone involved in the design process decided that everyone in the room would like to know that you've just turned your phone off. can someone explain to me how that makes any sense?
On most cell-phones, turning them off requires holding down the off button for a few seconds. Without the sound, the person will have to stare at the phone to make sure that they did it correctly.
It's lame, but it's true.
Most phones allow people to shut that annoying sound off but few people choose to do so. They should be conditioned after a few power-downs to know how long it takes to do it.
Though on the good side technology is getting to the point where it can effectively block cell phone signals so since it is obvious people won't police themselves it is only a matter of time before more and more public places like movie theaters block it for them.
If they could only then block the sound of all of the cellphones beeping the 'I can't get a signal' tones.
After we've figured out how to properly warm up this planet, we'll be ready to "civilize" mars.
We won't be able to figure that one out.
After all, during each very cold winter we talk about global cooling and what we need to do to save the planet from freezing up.
Then, we run into a really hot summer and try to figure out how to cool everything down before we get run out of Coppertone[tm] and get cancer.
There is a several year attention span on the general consensus of which we need to do so we will never get the job finished.
1. Make spyware
2. Get removed by Microsoft
3. Sue!
4. Profit
That's one reason I've always believed that any Microsoft Anti-Spyware or Anti-Virus wouldn't be very useful. (Another major reason is that Micrsoft isn't very good at security.)
Microsoft will have to be extremely careful about about breaking other people's software since they have already been in trouble previously for doing it purposely to get rid of competition.
The majority of my work involves cleaning up computers clogged with Spy/Malware & viruses. I've been testing the Microsoft version (just to see what it detects, I haven't used the 'fix' tool) and even though it's a beta, the rules are extremely loose. So far, it seems to be mostly targeted at various p2p Adware/Spyware installed programs and misses the majority of other long-known spyware.
Again, it's just a beta version, but I'm sure that Microsoft will either stay on the safe side and concentrate on applications that are often related to piracy, or will they will create a lot of click agreement buttons to make the burden of legal defense shift to the person using the Microsoft Anti-spyware program.
Microsoft's court defense "Your Honor, we tried to stop them from removing/breaking the application with 3 seperate several page long I AGREE/DO IT ANYWAY! warnings."
OTOH, I wouldn't be surprised though if some enterprising people came up with something that looked like spyware, smelled like spyware, but really wasn't just to bait Microsoft into having their program remove it.
Old timers from the early DOS days may remember differently. :) It was both technical and "PR" grounds that Phil Katz won on. He started out by making a better "ARC" compressor/decompressor, the ARC people litigated (on dubious grounds IMO - see the "Defending Phil" link from the link below),
Ahh, yes, the great rebellion. I do feel old now. (Especially remembering that I paid $900 for a 9600baud modem to make nightly email transfers faster)
I remember being so offended by the archive fiasco that I immediately converted the format of all my BBS files away from ARC.
PS: That $900 modem seems like a lot of money for back then, but when you were passing email across the USA the old way, long distance $$$ added up fast.
You Quoted me saying: Winrar, which creates and reassembles .rar files prompts users to scan files for infections before extracting them.
.rar files could carry infections. If so many people knew about rars carrying infections, we probably wouldn't have Bleeding Edge Slashdot stories entitled 'New Virus Attacks Via RAR Files'.
So you said: Oh great, a false sense of security.
Quite the opposite AC. That option is so that people can delete an infected rar before combining all of the parts and installing them to another part of a drive or another partition.
The files will still get virus scanned by the scanner itself even if the person goes ahead and skips the Winrar request to have the scanner check for viruses before extraction.
It's also beneficial in that it alerts everyone that
You quoted: Rar files are much better than zip files in that people can download (let's say) a .rar that's been split into 15 parts.
And said: ZIP has been able to do this since long before RAR has existed; it just wasn't very convenient..
Exactly. If a ZIP part was missing, the recipient was screwed. With RAR, the loads of people screaming for reposts of pieces that their crappy news servers didn't get have mostly gone away. RAR users are spoiled now because they know that with missing RAR parts, it's not a big deal, either wait for the parity files or request them from the person who posted the RAR.
That saves requesting parts, time, flames, and the load that news servers have to carry. Especially when one person asks for ZIP part 7 and 5-10 people 'helpfully' repost that same part which ends up broadcast to every USENET server on the planet even though only 1 person needed that part.
Also, rar files don't necessarily mean Warez is involved. It's actually mostly used because on USENET, a lot of times parts of files don't make it through. It used to really be frustrating when after 15Megs of [WHATEVER] being downloaded, some pieces would be missing or already expunged by the local USENET server.
.rar files plus Spartpar
Even if parts of a download are missing. there's a good chance the parity check files will fix the problem. This saves time AND having to re-download the files in question.
.tar, .gz, .zip, .rar, often contains executable files that could be infected. This is just another hype scare tactic about something that's not new at all.
The solution?
Any archive, whether, it's a
Well, I know of a few that do now... Seriously, is this that much of a threat? Winzip (AFAIK) doesn't handle Rar archives, and most users wouldn't know how to open one if they did find one in their inbox...
.rar archives being infected is very old news as well as every other archive format.
.rar files have been infected since they have existed and posted to USENET. Rar files are much better than zip files in that people can download (let's say) a .rar that's been split into 15 parts. By using smartpar, even if a part of that .rar is corrupted, Smartpar does parity and other checks to reconstruct the missing part(s)
.rar files prompts users to scan files for infections before extracting them.
As you note, most people don't know about rar files. And even if they do, the anti-virus program will block the virus as soon as the rar set is put back together.
This is a complete non-issue. Not to mention, Winrar, which creates and reassembles
A web site should _never_ open a new window, and it should open a new tab only if I specifically ask for it by middle-clicking on a link.
True, but there are some sites that I need popups on. For instance, Banking and related financial trading sites often need popups on. Trying to get them to reprogram their web pages is extremely unlikely. (I've tried it several times)
It's just a minor inconvenience though. I'll just use a seperate web browser for those site in the future and block all popups in this one with the subject-line fix above.
With hindsight however it's clear that the Tsunami was predicted by thousands of talented pyschics and prominent clairvoyants it's just that it the general population did not interpret the predictions correctly.
I knew. I was on a Dolphin email list and I got the 'So Long, and Thanks For All The Fish' final message.
People are amazed at my excellent ability to remember how to get back from a new place I've been to (even at night) yet I often have trouble describing how to get to that same place.
I blame that one on my Grandma. Everyone who knew her thought she was nuts but I'd listen to her advise anyway.
She told me that it's much easier to remember how to navigate towards a place that I am familiar with than trying the opposite. She told me remember the route in reverse rather than trying to remember how to get to AND from any particular destination.
I now subconciously remember the complete route in reverse. It seems to work well and I do think her theory may have some plausibility.
(I also had to be able to recite the alphabet, number sequences and sentences in reverse just as quickly as forwards. She claimed it speeds your brain's processing time because information can be accessed by the fastest route rather than always starting at the top of the stack of a remembered sequence. I don't know if that's true, but it is a fun party trick...especially if you get pulled over by police after that same party).
Also note that many sources of Science news say that "The deterioration began roughly 150 years ago and has accelerated in the past several years"
We may have a much more serious problem on our hands in the future than vehicle emissions & cow farts.
By the way, how do you expect magnetic reversals to impact climate? I don't know of any theory that it would matter.
When the magnetic field is in 'mid-phase' or lower than average, we have don't the protection from Sol radiation that we normally enjoy today.
Core samples show that our magnetic field has been reducing for quite a while and has also switched north and south numerous times in the past.
Without shielding from Sol's direct radiation, all sort of 'not so nice' things are likely to happen. Here are some links about our 'flakey' shielding from Sol: (some people see it as the Northern Lights) It's what deflects most dangerous Sol radiation:
Nova
Wikipedia
About the field
More stuff
Changes in that shielding will directly change our climate. After all, if the Earth is unprotected for a few days, things will heat up quite a bit unexpectedly. (Not to mention the damage to life forms without protection from that sort of intense radiation)