This sounds a lot like policykit -- a 'new' feature introduced in Ubuntu 8.04 where the user interface part of various administration dialogs run as a normal user and only the business end runs as root.
If someone finds some exploitable buffer overflow in your interface or one of the associated libraries, they gain very little if anything.. they certainly don't end up with their exploit code running as root and having unrestricted access to the system.
I don't often defend Microsoft, but it actually sounds like UAC is doing something 'right' in this case.
I'm not sure how the American system works, but over here there's double-white lines at each set of lights. If you stop behind the lines like you're supposed to, your car is right over the sensor and the light will go green. If you stop halfway over the line (like almost everyone does) the sensor can't see you any more and you have to wait until there's another car behind you. The nighttime cycle stays green for the major road and red for everyone else until it detects a car stopped over the sensor, so if you stop past the sensor at 3am you'll be waiting forever.
I totally agree.. a virus is only a program after all. SUDO will be about as effective at stopping Linux malware as UAC is at stopping Windows malware.
One thing that actually does make a difference; package management. I'm really trying to get Linux noobs away from the idea that you go to a website, download something, and run it as the normal way of installing software in Linux.. Add about three repositories beyond the default ubuntu ones and you have just about every piece of useful software that can run on Linux a mere Synaptic-checkbox away.
There isn't the "Black Ice stopped a portscan" "AVG detected a virus" "Adaware detected 3275 cookies which could have reporting your every move directly to the NSA" "Windows has detected a NEW MOUSE!! OMFG!! [Allow] [Deny]" kind of security theatre though...
more importantly, if you were ever actually sued by the MAFIAA the courts would end up in an endless loop of subpoenas only leading to further 'John Doe' lawsuits..
That would cause everyone who wrote a website between 2001 and 2007 for ie6 or ie7 to have to go back and add to every one of their web pages just so those pages would use the rendering engine of the older ie browser, they were originally written for, in ie8.
If they'd written them in standard HTMP and then added some conditional tags to work around bugs in IE6 and IE7 _only_, they would not have to do a thing. The documents MSIE8 is sent would be standard HTML, MSIE8 would render them 'correctly' because it would be expecting standard HTML. And if they made the ASSumption that all versions of MSIE are always going to have the same bugs, they'd just have to go back and make the conditional tags a little more specific.
Special Microsoft tags of any kind == Microsoft weirdness that we have to work around.
no special tags of any kind == assume standard HTML
We should be at the point where people can write W3C-standard html and then add a few conditional comments to deal with MSIE7 and earlier weirdness... and as MSIE7 gets phased out we'd then reach a point where we can write W3C-standard HTML with no 'Microsoft' tags at all, and have it render correctly in any browser.
Microsoft already have conditional comments.. IF IE6 do funky IE6 hacks, if IE7 do funky IE7 hacks.. Otherwise (no special tags at all) assume standards-compliance.. which would cover MSIE8, Firefox, Opera, and all other browsers.
Why do they need to pollute the standard with yet another tag? If they'd just use conditional comments then as IE6 and IE7 get phased out we'd all be able to just do plain old HTML with NO nonstandard tags and expect every browser to render correctly..
Why do Microsoft still insist that every page on the web must do 'something special' to get their browser to render properly?!! It would make more sense if people had to do 'something special' to make MSIE behave like older versions.
Microsoft could single-handedly improve the world's productivity by billions of man-hours a year by throwing out 90% of what Word does (and thus 90% of its complexity), calling it "Word Lite" and offering it as an alternative.
Or they could call it "WordPad" and include it free as part of Windows?
It doesn't seem to be working. People still insist on opening the full Microsoft Office Word to type even the simplest telephone note or shopping list..
I'm sure they haven't thought of having a signal broadcast from a satellite to turn off the anti-missile technology on a plane-by-plane basis, fully encrypted up the wazoo to prevent unauthorized use. Think OnStar(TM) for airlines.
If you're going to go to that length, why not just have a system (encrypted up the wazoo of course, multiple keys required, the kind of crap that it takes to authorize a nuclear warhead launch) that can take full control of the plane and land it safely by remote control? Would have made the whole 9/11 thing impossible from the start.
I think we're talking about the mixture of tin and lead used to connect components on a circuit board (solder) not a member of the armed forces (soldier)
It greys out until you select male or female... This seems pretty logical, how can Google search for a partner the same gender as yourself if you haven't yet told them what gender that is?
He's wrong on so many levels, I hardly know where to begin. So I'll begin with something that I know only a little about; network measurement.
Some of the most pioneering research in this area is conducted by people I know personally, in Waikato University's WAND group. They've made major innovations in network measurement and improving network performance. They rely on Linux and open source tools, and they've contributed back improvements to Linux networking (eg Ian's Datagram Congestion Control Protocol patches) and created entirely new Open Source network measurement tools.
Slashdot Mirror
Tim O'Reilly already provided the answer; "Piracy is a progressive taxation". http://openp2p.com/lpt/a/3015
For more obscure works (eg sci-fi by Cory Doctorow, indie films such as Sita, Ink) free copying has a beneficial, promotional effect.
For already popular works (already heavily promoted legal music and movies) piracy replaces sales more than it encourages new sales.
CP is in the earlier category.
Easier..
Google "xpy", download it and run it.
Tick the "remove WGA" box.
They use benzene, iirc. Which is carcinogenic.
For reactions that require 'dry' ethanol, a little benzene impurity isn't a problem, whereas even a tiny amount of water would be.
This sounds a lot like policykit -- a 'new' feature introduced in Ubuntu 8.04 where the user interface part of various administration dialogs run as a normal user and only the business end runs as root.
If someone finds some exploitable buffer overflow in your interface or one of the associated libraries, they gain very little if anything.. they certainly don't end up with their exploit code running as root and having unrestricted access to the system.
I don't often defend Microsoft, but it actually sounds like UAC is doing something 'right' in this case.
There's an easier test;
The standard is specific enough that some kind of test or reference can be written to judge if an implementation 'complies' with the standard.
The standard has been fully and properly implemented by at least two independent vendors.
You pay for the XP licence over here.
I got the catalog in the mail yesterday. Identical specifications, only the OS differs:
eeePC with Linux: NZ$599
eeePC with Windows: NZ$699
Don't go so far forward..?
I'm not sure how the American system works, but over here there's double-white lines at each set of lights. If you stop behind the lines like you're supposed to, your car is right over the sensor and the light will go green. If you stop halfway over the line (like almost everyone does) the sensor can't see you any more and you have to wait until there's another car behind you. The nighttime cycle stays green for the major road and red for everyone else until it detects a car stopped over the sensor, so if you stop past the sensor at 3am you'll be waiting forever.
http://xkcd.com/277/
I totally agree.. a virus is only a program after all. SUDO will be about as effective at stopping Linux malware as UAC is at stopping Windows malware.
One thing that actually does make a difference; package management. I'm really trying to get Linux noobs away from the idea that you go to a website, download something, and run it as the normal way of installing software in Linux.. Add about three repositories beyond the default ubuntu ones and you have just about every piece of useful software that can run on Linux a mere Synaptic-checkbox away.
There isn't the "Black Ice stopped a portscan" "AVG detected a virus" "Adaware detected 3275 cookies which could have reporting your every move directly to the NSA" "Windows has detected a NEW MOUSE!! OMFG!! [Allow] [Deny]" kind of security theatre though...
This is why I always install avscan and firestarter when setting up Linux for recently defenestrated users...
That's been done before. ... or as the article says, you just pay some guy in Bangalore one cent per captcha to do it.
more importantly, if you were ever actually sued by the MAFIAA the courts would end up in an endless loop of subpoenas only leading to further 'John Doe' lawsuits..
your example password lacks mixed-case and punctuation.. I usually aim for at least two characters of each.
"sqU@m1sh666Oss1$rage" perhaps?
When I want a windows box to ssh, i use putty..
happy geek has run out of happy :-(
That would cause everyone who wrote a website between 2001 and 2007 for ie6 or ie7 to have to go back and add to every one of their web pages just so those pages would use the rendering engine of the older ie browser, they were originally written for, in ie8.
If they'd written them in standard HTMP and then added some conditional tags to work around bugs in IE6 and IE7 _only_, they would not have to do a thing. The documents MSIE8 is sent would be standard HTML, MSIE8 would render them 'correctly' because it would be expecting standard HTML. And if they made the ASSumption that all versions of MSIE are always going to have the same bugs, they'd just have to go back and make the conditional tags a little more specific.
Microsoft have it backwards;
Special Microsoft tags of any kind == Microsoft weirdness that we have to work around.
no special tags of any kind == assume standard HTML
We should be at the point where people can write W3C-standard html and then add a few conditional comments to deal with MSIE7 and earlier weirdness... and as MSIE7 gets phased out we'd then reach a point where we can write W3C-standard HTML with no 'Microsoft' tags at all, and have it render correctly in any browser.
But noooooo, that would be too obvious.
Microsoft already have conditional comments.. IF IE6 do funky IE6 hacks, if IE7 do funky IE7 hacks.. Otherwise (no special tags at all) assume standards-compliance.. which would cover MSIE8, Firefox, Opera, and all other browsers.
Why do they need to pollute the standard with yet another tag? If they'd just use conditional comments then as IE6 and IE7 get phased out we'd all be able to just do plain old HTML with NO nonstandard tags and expect every browser to render correctly..
Why do Microsoft still insist that every page on the web must do 'something special' to get their browser to render properly?!! It would make more sense if people had to do 'something special' to make MSIE behave like older versions.
Microsoft could single-handedly improve the world's productivity by billions of man-hours a year by throwing out 90% of what Word does (and thus 90% of its complexity), calling it "Word Lite" and offering it as an alternative.
Or they could call it "WordPad" and include it free as part of Windows?
It doesn't seem to be working. People still insist on opening the full Microsoft Office Word to type even the simplest telephone note or shopping list..
I'm sure they haven't thought of having a signal broadcast from a satellite to turn off the anti-missile technology on a plane-by-plane basis, fully encrypted up the wazoo to prevent unauthorized use. Think OnStar(TM) for airlines.
If you're going to go to that length, why not just have a system (encrypted up the wazoo of course, multiple keys required, the kind of crap that it takes to authorize a nuclear warhead launch) that can take full control of the plane and land it safely by remote control? Would have made the whole 9/11 thing impossible from the start.
itym ;)
Huh?
I think we're talking about the mixture of tin and lead used to connect components on a circuit board (solder) not a member of the armed forces (soldier)
WRONG.
It greys out until you select male or female... This seems pretty logical, how can Google search for a partner the same gender as yourself if you haven't yet told them what gender that is?
in Soviet Russia a Beowulf cluster runs Linux on you!
He's wrong on so many levels, I hardly know where to begin. So I'll begin with something that I know only a little about; network measurement.
Some of the most pioneering research in this area is conducted by people I know personally, in Waikato University's WAND group. They've made major innovations in network measurement and improving network performance. They rely on Linux and open source tools, and they've contributed back improvements to Linux networking (eg Ian's Datagram Congestion Control Protocol patches) and created entirely new Open Source network measurement tools.