Thanks dude. I was going to tell IceBike that he clearly didn't actually know what he was talking about, but you've done that job much better than I would have.
Your beliefs don't stack up with reality. Even if they stop supporting silverlight on mac, Moonlight is out for linux NOW, and silverlight 2 compatibility is already alpha.
This is all from a 100% open source firefox plugin. How will MS kill that? They have nothing to do with it!! They wrote the spec and are helping the moonlight developers. Don't bring out the "patents will kill mono" card, its not real. MS know any attempt to kill mono (or linux) with patents would do too much damage to themselves.
The sandboxing of.Net apps is actually quite well done. Microsoft put a lot of effort into this, they really really didn't want to get burnt.
AFAIK there has only ever been one security hole in the.Net VM that allowed code to escape its sandbox, this was way back in the.net 1.1 days and was fixed by MS in double quick time.
There have been numerous JVM vulnerabilities, a webpage with an applet that runs and breaks out of its sandbox using one of these holes is a very common way to get infected with malware.
When you write a ClickOnce app you specify what level of sandboxing you need. If you specify the app is a "full trust" application then the user is warned before the application install and it runs with no restrictions (except any restrictions placed on the user's account of course) and runs just like any other desktop app.
If your app settings say you need no "insecure" capibilities, like reading or writing files (outside the sandbox), read/write the registry, ANY win32 API calls, etc etc, and your app binary is signed by a trusted certification authority then I believe when you click on the.application file it will be immediately launched, without a warning but I've never done that. If an app tries to do anything that violates its policy then the runtime will kill the app.
So, to answer your question, no its not possible to create what looks like an ordinary link button that launches a clickonce app that will do something bad. The.net runtime on your pc will either ask you if you trust the application you are about to install, or it will run the app in a pretty tight sandbox.
Its a method of deploying.Net applications, mainly from a website.
On the web server you have a ClickOnce package, which contains a bunch of files including one with the extension ".application". Visual studio generates a basic HTML page for you which you can customise, which has a hyperlink to this.application file. A user visits this page, clicks on the link to the.application file, the browser downloads it and passes it to the.Net runtime which parses the file, downloads the binaries referenced in it, verifies signatures etc and starts the app. Unfortunately this isn't quite as simple as a file association, IE handles the magic for you, and this extension is just a bit of glue to enable Firefox to do the same. Nothing special happens on the server, you could host a ClickOnce app on apache on linux if you wanted. All you need is.Net on the client machine, and all this browser extension is doing is providing a little bit of glue between the.application file, and the.net runtime on your PC.
ClickOnce apps are normally installed into an obscure folder somewhere in your profile, not into c:\program files or anywhere, so they are PER USER and not per machine. Its actually a damn good way of installing.net apps, they can be sandboxed and all the files are hashed to prevent any tampering with the package.
I got vista on a new laptop when it first came out, and yes pre-SP1 it was pretty dire. I nearly downgraded to XP, but held out for SP1. As soon as the final bits were released I formatted and re-installed with SP1 and there was a _world_ of difference. Now I'm perfectly happy with Vista, and I'm planning on upgrading my XP desktop at home to the 7 beta this weekend. I don't try and ram vista down everyone's throat, but it does annoy me when I hear such uninformed vista bashing. Vista isn't perfect (and likely neither is 7) but your broad sweeping generalisations are complete rubbish. I don't fit into any of your three pidgeonholes. Neither do most other people I know who use vista. There is NO WAY to get DX10 on xp. Yes, some games can be fooled into thinking they are on DX10 but that is completely different.
Huh? Why do you have such an issue with Aero? If it bugs you so much, turn it off... Its mainly just bling. Unless you have crappy onboard graphics the performance cost of aero is negligible. I like the bling, and the preview on alt-tab or mouse hover on the taskbar is useful.
2. The performance sucks; it uses clock cycles and memory to automate things I don't care about
IMHO Vista doesn't have a performance problem. I've got an XP desktop at home that is loaded up with plenty of stuff like file indexing and other things that come out of the box with vista. Its performance is slightly better than vista when lightly loaded, and _heaps_ worse when heavily loaded (couple of users logged on, lots of memory-hungry apps open) In situations where XP would have problems even responding well enough to even shut down Vista just keeps on chugging along. Performance degradation under load in vista is mugh more graceful than XP, no question.
3. Massive intrusive support for DRM and content protection (HDCP, etc)
Pop quiz. Can you point to just one thing that you can do with XP, but the DRM in vista blocks you? Things like HDCP suck a bit, but they weren't invented by microsoft, but they were required by the MPAA in order for vista to support high def output of "protected" content - something XP can't do at all. Vista will not stop you ripping a DVD or CD, playing a dodgy Xvid download or anything else you can do on XP. Please don't use any references or quotes from Peter whatsisname from Auckland University or you'll just look as uninformed as him.
4. Windows Genuine Advantage is mandatory.
Yeah, kinda a pain, but only if you have pirated windows. If you have an OEM install then its "preactivated" via a key in the bios, but having to activate retail copies is a hassle, particuarly if you change hardware or rebuild. I'm not happy about this one either, but its hardly a dealbreaker.
The differences in the way the NT api and Win32 api handle registry strings has been very well documented by Mark Russinovich and others.
Rootkit Revealer (written by mark) uses this difference to try and detect rootkits - read the registry using both APIs, and see what comes back different.
Hence Rootkit Revealer would put a huge flashing neon sign above malware that uses this technique
Be careful when mucking around with your winsxs folder. Its not as big as you think, a lot of the files are actually symbolic links, meaning the same file is counted more than once.
In SQL server if you are using full recovery model then you can recover up to the second before the bad command was run. Backup the transaction log (which will include all transactions beween the prior log backup, and now - including the transaction you need to "undo") then restore your last full backup, then restore the transaction logs up until the one you did AFTER the bad transaction, then restore that last one specifying a stop time of just before the bad transaction was committed.
Point-in-time recovery is why you use full recovery model and not simple. Sadly I've worked on plenty of "mission critical" sql dbs that don't use full recovery. When this is brought to their attention they typically say "we don't need point in time recovery, we use RAID and do nightly backups". Thats all fine, as long as you are prepared to lose everything between backups. This can be done in every version of SQL server, even the free version. I'd be stunned if you couldn't do the same thing in Oracle.
...even the Wii will probably fall short unless it gets real games. Ours, like everyone we know who has had one over three months, gathers dust.
Amen to that. I've got a Wii, and the only game I've got is super mario galaxy (which is very good btw). I know four other people who have a Wii, and _none_ of them have brought any games.
Everyone is applauding Nintendo's marketing genius for aiming at the "non-gamers" market. It might be a big market, but unfortunately its not a very lucrative market.
The changes definitely are not just the UI. It does some smarter stuff, like not defragging a file if the fragments are bigger than 64 mb.
If you have 2 64mb fragments its going to take a lot of reads and writes to join them up, for very little benefit. Not bothering with fragments like this means defragging is a LOT quicker
Yep, thats right. The AU govt is planning on increasing the blacklist of banned websites by an order of magnitude (that they will admit to, but now it will be difficult to tell), and they have taken steps to make sure there can be no oversight
While I'm not pro-censorship or anything like that, I find your argument and sig.... disagreeable. You seem to be seeing the world in black and white, without the shades of grey.
You say a picture or a video is just information. Ok, fair enough.
But just because information can be freely duplicted doesn't mean it isn't affected by the laws of supply and demand.
Some people will pay for this "information" (kiddie porn). Therefore other people will create child porn, for money.
Unfortunately those people do unspeakable awful things to innocent children in order to create the information, in order to satisfy that demand.
By your logic I have done nothing wrong if I say I will provide $10,000,000 for a video of someone shooting you in the head, and someone follows through and I pay them. Or your children. Heck, your whole family. If all of you died horribly, simply because I paid for some "information" have I done anything wrong? By your logic, no.
One thing that I haven't seen mentioned anywhere is were there any above-board customers of McColo? Sureley they weren't *all* bad?
Assuming there were, I feel for them. They have had the rug pulled out from under their feet, with (presumeably) no recourse and no way to get their data. You might blame them for choosing such a shady hosting company, but they probably had no idea.
Slashdot Mirror
Apparently George Lucas based the way Chewbacca talks on the sounds his Alaskan Malamute made
http://en.wikipedia.org/wiki/Malamute#Temperament>(linky)
I work with a guy who has a Malamute, and he says his dog makes the craziest noises, he swears its trying to talk to him.
Yes but he's also behind Supernatural, which IMHO is one of the best series on the box at the moment.
Yes, knowing he is behind charlies angels is worrying, but I'd like to think that Christian Bale isn't dumb enough to star in a stinker.
Is that him on the right or the left?
I got some spam the other day that said this:
This iis your penis: 8--o
This iis your penis on drugs: 8=====O
I showed it to a workmate. He said "I didn't know they were personalizing spam these days"
Bastard.
Thanks dude. I was going to tell IceBike that he clearly didn't actually know what he was talking about, but you've done that job much better than I would have.
Your beliefs don't stack up with reality. Even if they stop supporting silverlight on mac, Moonlight is out for linux NOW, and silverlight 2 compatibility is already alpha.
This is all from a 100% open source firefox plugin. How will MS kill that?
They have nothing to do with it!! They wrote the spec and are helping the moonlight developers. Don't bring out the "patents will kill mono" card, its not real. MS know any attempt to kill mono (or linux) with patents would do too much damage to themselves.
The sandboxing of .Net apps is actually quite well done. Microsoft put a lot of effort into this, they really really didn't want to get burnt.
AFAIK there has only ever been one security hole in the .Net VM that allowed code to escape its sandbox, this was way back in the .net 1.1 days and was fixed by MS in double quick time.
There have been numerous JVM vulnerabilities, a webpage with an applet that runs and breaks out of its sandbox using one of these holes is a very common way to get infected with malware.
When you write a ClickOnce app you specify what level of sandboxing you need. If you specify the app is a "full trust" application then the user is warned before the application install and it runs with no restrictions (except any restrictions placed on the user's account of course) and runs just like any other desktop app.
If your app settings say you need no "insecure" capibilities, like reading or writing files (outside the sandbox), read/write the registry, ANY win32 API calls, etc etc, and your app binary is signed by a trusted certification authority then I believe when you click on the .application file it will be immediately launched, without a warning but I've never done that. If an app tries to do anything that violates its policy then the runtime will kill the app.
So, to answer your question, no its not possible to create what looks like an ordinary link button that launches a clickonce app that will do something bad. The .net runtime on your pc will either ask you if you trust the application you are about to install, or it will run the app in a pretty tight sandbox.
ActiveX this is not...
Its a method of deploying .Net applications, mainly from a website.
On the web server you have a ClickOnce package, which contains a bunch of files including one with the extension ".application". Visual studio generates a basic HTML page for you which you can customise, which has a hyperlink to this .application file. A user visits this page, clicks on the link to the .application file, the browser downloads it and passes it to the .Net runtime which parses the file, downloads the binaries referenced in it, verifies signatures etc and starts the app. Unfortunately this isn't quite as simple as a file association, IE handles the magic for you, and this extension is just a bit of glue to enable Firefox to do the same. Nothing special happens on the server, you could host a ClickOnce app on apache on linux if you wanted. All you need is .Net on the client machine, and all this browser extension is doing is providing a little bit of glue between the .application file, and the .net runtime on your PC.
ClickOnce apps are normally installed into an obscure folder somewhere in your profile, not into c:\program files or anywhere, so they are PER USER and not per machine. Its actually a damn good way of installing .net apps, they can be sandboxed and all the files are hashed to prevent any tampering with the package.
If you can't find out what it is that vista is doing in the background, then you aren't much of a software engineer.
Look up process explorer, process monitor and autoruns sometime.
Crap.
I got vista on a new laptop when it first came out, and yes pre-SP1 it was pretty dire. I nearly downgraded to XP, but held out for SP1. As soon as the final bits were released I formatted and re-installed with SP1 and there was a _world_ of difference. Now I'm perfectly happy with Vista, and I'm planning on upgrading my XP desktop at home to the 7 beta this weekend.
I don't try and ram vista down everyone's throat, but it does annoy me when I hear such uninformed vista bashing.
Vista isn't perfect (and likely neither is 7) but your broad sweeping generalisations are complete rubbish. I don't fit into any of your three pidgeonholes. Neither do most other people I know who use vista. There is NO WAY to get DX10 on xp. Yes, some games can be fooled into thinking they are on DX10 but that is completely different.
1. Aero is pretty, but not useful
Huh? Why do you have such an issue with Aero? If it bugs you so much, turn it off...
Its mainly just bling. Unless you have crappy onboard graphics the performance cost of aero is negligible. I like the bling, and the preview on alt-tab or mouse hover on the taskbar is useful.
2. The performance sucks; it uses clock cycles and memory to automate things I don't care about
IMHO Vista doesn't have a performance problem. I've got an XP desktop at home that is loaded up with plenty of stuff like file indexing and other things that come out of the box with vista. Its performance is slightly better than vista when lightly loaded, and _heaps_ worse when heavily loaded (couple of users logged on, lots of memory-hungry apps open)
In situations where XP would have problems even responding well enough to even shut down Vista just keeps on chugging along. Performance degradation under load in vista is mugh more graceful than XP, no question.
3. Massive intrusive support for DRM and content protection (HDCP, etc)
Pop quiz. Can you point to just one thing that you can do with XP, but the DRM in vista blocks you? Things like HDCP suck a bit, but they weren't invented by microsoft, but they were required by the MPAA in order for vista to support high def output of "protected" content - something XP can't do at all. Vista will not stop you ripping a DVD or CD, playing a dodgy Xvid download or anything else you can do on XP.
Please don't use any references or quotes from Peter whatsisname from Auckland University or you'll just look as uninformed as him.
4. Windows Genuine Advantage is mandatory.
Yeah, kinda a pain, but only if you have pirated windows. If you have an OEM install then its "preactivated" via a key in the bios, but having to activate retail copies is a hassle, particuarly if you change hardware or rebuild. I'm not happy about this one either, but its hardly a dealbreaker.
The differences in the way the NT api and Win32 api handle registry strings has been very well documented by Mark Russinovich and others.
Rootkit Revealer (written by mark) uses this difference to try and detect rootkits - read the registry using both APIs, and see what comes back different.
Hence Rootkit Revealer would put a huge flashing neon sign above malware that uses this technique
Be careful when mucking around with your winsxs folder. Its not as big as you think, a lot of the files are actually symbolic links, meaning the same file is counted more than once.
This link has some more info
Source please? Not that I'm skeptical - but I'd love to be able to comprehensively shoot down the next dude that says EMF is baaaad, mmkay
Hmmm I'd hate to think what the rest of your body would be like after going from 0 to 100 and back again on the testosterone tap every few months.
I'm imagining very hairy saggy man-boobs :(
In SQL server if you are using full recovery model then you can recover up to the second before the bad command was run.
Backup the transaction log (which will include all transactions beween the prior log backup, and now - including the transaction you need to "undo") then restore your last full backup, then restore the transaction logs up until the one you did AFTER the bad transaction, then restore that last one specifying a stop time of just before the bad transaction was committed.
Point-in-time recovery is why you use full recovery model and not simple. Sadly I've worked on plenty of "mission critical" sql dbs that don't use full recovery. When this is brought to their attention they typically say "we don't need point in time recovery, we use RAID and do nightly backups".
Thats all fine, as long as you are prepared to lose everything between backups.
This can be done in every version of SQL server, even the free version. I'd be stunned if you couldn't do the same thing in Oracle.
You don't get it.
Would you have problems with having sex infront of a bunch of monkeys?
Your argument makes no sense at all.
Also, you fail to realise the "emotion or intimacy" aspect of sex is just another way of nature ensuring the "furthering the species".
Why do you think we have these feelings and we enjoy them? Its natures way of bribing us into doing what it wants.
...even the Wii will probably fall short unless it gets real games. Ours, like everyone we know who has had one over three months, gathers dust.
Amen to that. I've got a Wii, and the only game I've got is super mario galaxy (which is very good btw). I know four other people who have a Wii, and _none_ of them have brought any games.
Everyone is applauding Nintendo's marketing genius for aiming at the "non-gamers" market. It might be a big market, but unfortunately its not a very lucrative market.
The changes definitely are not just the UI. It does some smarter stuff, like not defragging a file if the fragments are bigger than 64 mb.
If you have 2 64mb fragments its going to take a lot of reads and writes to join them up, for very little benefit. Not bothering with fragments like this means defragging is a LOT quicker
I don't know what happens in the UK and the rest of Europe, but I know here in australia they have already passed an amendment to the freedom of information act to *exclude* the internet blacklist from any FOI requests.
http://www.efa.org.au/2008/11/15/filtering-pilot-and-acma-blacklist-not-just-illegal-material/
Yep, thats right. The AU govt is planning on increasing the blacklist of banned websites by an order of magnitude (that they will admit to, but now it will be difficult to tell), and they have taken steps to make sure there can be no oversight
We all know how well this works, don't we.
That scares me more than the actual censorship.
+1 Irony to the author of TFA, if the article becomes slashdotted....
While I'm not pro-censorship or anything like that, I find your argument and sig.... disagreeable. You seem to be seeing the world in black and white, without the shades of grey.
You say a picture or a video is just information. Ok, fair enough.
But just because information can be freely duplicted doesn't mean it isn't affected by the laws of supply and demand.
Some people will pay for this "information" (kiddie porn).
Therefore other people will create child porn, for money.
Unfortunately those people do unspeakable awful things to innocent children in order to create the information, in order to satisfy that demand.
By your logic I have done nothing wrong if I say I will provide $10,000,000 for a video of someone shooting you in the head, and someone follows through and I pay them. Or your children. Heck, your whole family. If all of you died horribly, simply because I paid for some "information" have I done anything wrong? By your logic, no.
Ahh ok. Sorry, You're quite right :)
Antimatter weighs the same as normal matter.
Yep, about .6g of matter was converted to energy by little boy. That means the same energy would be released as .3g of matter meeting .3g of antimatter.
Not sure where you got 10^-16g.
Yes antimatter is powerful. But not by that many more orders of magnitude.
One thing that I haven't seen mentioned anywhere is were there any above-board customers of McColo? Sureley they weren't *all* bad?
Assuming there were, I feel for them. They have had the rug pulled out from under their feet, with (presumeably) no recourse and no way to get their data. You might blame them for choosing such a shady hosting company, but they probably had no idea.