Use something else- it's not hard at all to make medical devices using QNX, Lynx, Linux, or *BSD. And you really, really can't say that WinCE and XP Embedded is really any cheaper than the alternatives- and if you're not using an embedded OS on a medical device, you need to have your head examined and your company ran out of business anyhow.
MS'ers are saying it's robust for the OS itself, but that it's going to mess up a bunch of things because everyone and their dog was relying on the loopholes in past versions. And it's supposed to get worse with the next security upgrades I've heard. People may not have their machines die on them (word is that the virii, trojans, and spyware's causing the dying machines...) but you're going to have fun trying to use the apps you do have without a BUNCH of tinkering around with registry edits and all- and some apps may need a patch from the vendor for varying reasons because they're "fixing" a LOT of the OS with this service pack
It closes all ports and you must place an executable on the exclusion list in order to even be able to RUN it.
Nice security features which break a whole hell of a lot of things. Quicken. Yahoo! Messenger. A host of others. One of my associates who's a certified engineer (who's not just a paper MCSE...) told me that he put it on a test machine yesterday and it took him over three hours to be able to even use it on the Internet. His contacts within MS (which I consider relatively reliable since I know whom he's talking about over in MS' Las Colinas support center...) said they're at ove 80% call volume for the enterprise customers who got it automatically yesterday anyway.
MS lost a Patent infringement suit recently, and everyone that was using the software was stuck with the bill with no redress whatsoever. Simply put, you have absolutely no guarantees with Patents that you're protected whatever your path.
It's why software Patents are such a bad idea in the big picture sense (I can see the legitimacy of some of them, but pretty much all but a few of them should never have been granted...)- and they're granted for some of the silliest damn things.
Opera right at the moment. It's at least a little harder to pull the same stunt off with it than Firefox.
The whole thing's a bad idea from the get-go- right on up there with some of the IE bad ideas.
The WWW is not an application framework. That you can do many applications under it is a testament to it's overall power and flexibility, but it doesn't mean you should do intrinsically bad things to make making application use "prettier" or "easier".
Yes, and it's a damned security risk- just like all the "convienient" features of IE, like ActiveX scripting.
The WWW wasn't meant for the sort of thing you're describing. Just because it's convienient for you doesn't mean that it's a good idea- or that it's safe.
With this little "feature" I can't reccomend Firefox or Mozilla to any of my clients. As much as I want to, I can't, because it's as much a National Security risk as IE is right now.
Webapps shouldn't be able to manipulate things that closely. Anything that allows a spoof attack is a security risk- and therefore SHOULD NOT be available for use. Simply put, let the apps be local or via something like VNC, but don't let them manipulate the UI of the browser in such a way as to allow this sort of thing- if it's via the web, it needs to look like it's via the web.
Convienience should never take precedence to security on the Internet- and it's the lack of applying that thinking to Windows (they've got it exactly BACKWARDS...) that has made it the virus/worm/trojan haven that it is today.
It's not a weapons platform in the sense that it's designed for the task. Contrast and compare a 747 with a B-52 or a B-1/B-2. Completely different beast. The only reason why they're using a 747 for the airborne laser system is that it's one of the only "off-the-shelf" airframe that could handle putting the laser in it and still be airworthy- just because it's being used in the initial tests does not mean that they'll deploy with it or if they do, it's not heavily modified to suit the military purpose.
The software in question has been "in the making" for over four years now. Simply put, you have to be using TurboLinux to get it at this time. Prior to that it was "available" to IA and other embedded systems integrators for evaluation and possible inclusion in their products. Well, I couldn't get a single copy out of them when we needed it and LinDVD (The competing product...) was a steaming pile of dung and we had to fight to evaluate that.
IFF they're worth it (as in quality software) and IFF they're available for more than one distribution will I not complain about having to pay for it.
I wasn't actively trying to remember the model series in question- but you're right, it'd probably have been worse if it'd been 747's. In any case, the statement I made overall stands- something doesn't have to be "militarily" viable to be a real problem or threat.
It's a telling comment on the US currently when FX produces a movie with one of the truer things said about the whole thing after 9/11- I don't have it verbatim from the movie, but the movie says it all:
That there's chemical plants, electric power plants, and reactors, with horrific results for someone successfully attacking them totally unprotected while we worry about taking a pair of nail clippers away from a little old lady in an airport...
What's wrong with this picture, I ask you?
And, it's not to show ignorant governments as much as it's to show their ignorant populaces that they're much more at risk than they've been led to believe.
It's obvious you know very little about how things really work- or how friggin' simple most of this stuff is. Just because it's not his field of work, doesn't make it undoable by him- assuming that he's only capable of hardware engineering is beyond arrogant on your part.
A 747 isn't militarily viable as a weapons platform- but yet TWO of the damn things were used by terrorists to trash our country a while back. His engines are viable- and yes, any idiot with a machine shop can build pulse jets and ram jets that are effective enough to carry a payload quite some distance. Add a pre-programmed navigation sequence, a GPS reciever, and a lift surface capable of lifting the whole lot and you've got a cruise missile. Doesn't matter if it's "militarily" viable if a terrorist uses it to deploy sarin, tabun, VX, or a myriad of biological agents over an area or uses it to take out pieces of critical infrastructure.
While I'm not sure he could achieve his $5k price point, I'm pretty sure someone could achieve a $10-15k price point and have something very nasty to play with.
Like I suggest on the title, you might want to talk about things you actually KNOW about instead of guessing about them- you're not very good at it.
Plug-ins are not something that automatically gets downloaded and installed on your machine. You have to knowingly download and then install them. This is for Windows or any other OS that the plug-in framework is residing on.
On the other hand, IE provides "helpful" features like self-installing plug-ins (ActiveX) and a help framework that completely circumvents the security- all without ANY user intervention.
In the proposed solution you offer, there is no difference with the plug-in model of things- you have to actually install something with your own intervention to be able to view "rich" content. The moment you do anything Internet centric, you change the security profile completely. Having one or more applications to do things doesn't change the amount of work, etc. like you seem to think it does. In fact, in some cases, you just made the work harder because now you've got to add more rules in your firewall and monitoring tools which could leave loopholes in your security. And it still doesn't stop idiots from running malware passed along via e-mail, etc.
Based upon the descriptions of the seperate vulnerabilities, there is no safe way to use IE. Apparently MS doesn't realize that there's already a bunch of zero-day exploits out and about using the latest IE exploits.
Microsoft's days are numbered at this point. It doesn't matter if they fix this mess- there's a perponderance of evidence that indicates that they band-aid things instead of fix them (including one of the newest exploits going around- supposedly it was fixed in recent times...). They can not be trusted at all for things that require security- anywhere.
...I don't think IE's going to be much more of an issue shortly, considering it's now a National Security Risk, per the DHS (That is, after all, the reason for this whole discussion in the first place...).
Simply put, I'm using this as a reason to get as many home users as I possibly can onto Firefox or Opera under Windows and it's some "ultimate" ammo for me to use to reccomend anything but Windows and Microsoft for our customers as it's a grave security risk like few others.
...that they are. If Infinity was telling the truth and believed the stuff they're saying, it'd do no harm to have a neutral third party assess the codebases. Refusing's not looking good on their part, if you ask me- it's not good faith like they're claiming they're trying to work under here.
I'm not saying I believe that Google's not guilty, either- I'm just saying there's some questionable business going on here and some of the out in the open questionableness is coming from Affinity as well as Google.
Seems to me, unless Orkut signed a non-compete, Affinity has no leg to stand on with regards to that route. Unless the code is close to identical or identical (and bugs can be DESIGN related as well as code related, mind...) then they have no leg to stand on in that arena either.
I wonder if they even care. Most of their budget comes from patent filings- so it's in their best interests to approve things, believe it or not. They're just only "slightly" careful about what they rubber-stamp. I mean, after all, if they were to rubber-stamp perpetual motion machines things that don't jive with our current models of science- I mean, someone might notice other than the geeks, you know...
Or, express the wheel as a function of software or part of the Internet...
Musn't forget that avenue of insanity, you know. It's just more popular (at the moment) than this bank thing.
(Though, I will admit that I'd like to know what kind of drugs the PTO examiner was on when he/she rubber-stamped this one... It's the stupidest thing I've seen since the One-Click Patent...)
All MRAM does is make it non-volatile. It doesn't prevent or even ameliorate the problem you mentioned- it's not more reliable in the sense you're looking for.
Dominion Tank Police New Dominion Tank Police Appleseed Baoh
The first three are from Masamune Shirow who's the party responsible for Ghost in the Shell... Baoh's short, but cool in and of itself- it's in the same violence and gore class with Ninja Scroll. If you liked NS, you'll probably like Baoh.
That you won't see even remotely the same level of performance with WineX on the same bleeding edge hardware. Typically, you don't need bleeding edge to be able to play the game under Windows- middle of the line usually will do. However, you'll need near bleeding edge or right on the cutting edge just to be able to play the silly thing under WineX in many cases.
CMM is about process and only process, relying on you to get your process just right to ensure product quality- but it's NOT about product quality in and of itself. I discovered this when they started doing all the initial audit work for CMM at one of my previous employers. CMM is just another vain attempt at trying to make software and network work be just like manufacturing. Sorry boys, just doesn't work that way and may never do so.
1) The certs mean nothing. In all honesty, a cert means you passed a certain level on a test- which means you know terminology and proper coding, administration, etc. It does not mean that the developer in question is a good one in the sense that he'll mesh with your team, writes good clean code, etc. All it means is he/she can pass a test with the way things are done right now.
2) See 1. Your idea of a test is no different than making people get certifications with the current scheme. It's not going to help you much.
How to fix things? Your guess is as good as mine on that one, but what you've espoused isn't it.
The fact that your post got modded up as "Informative".
From Dictionary.com:
treaty ( P ) Pronunciation Key (trt) n. pl. treaties
1.
a. A formal agreement between two or more states, as in reference to terms of peace or trade.
b. The document in which such an agreement is set down.
2. A contract or agreement.
Also from Dictionary.com:
law ( P ) Pronunciation Key (lô) n.
1. A rule of conduct or procedure established by custom, agreement, or authority.
2.
a. The body of rules and principles governing the affairs of a community and enforced by a political authority; a legal system: international law.
b. The condition of social order and justice created by adherence to such a system: a breakdown of law and civilized behavior.
3. A set of rules or principles dealing with a specific area of a legal system: tax law; criminal law.
4. A piece of enacted legislation.
The complex of agreed upon treaties and the laws enacted by the various signatories thereof are what comprises "international law". Treaties, in and of themselves aren't the law. They're agreements for a given group of countries to act in a specified way that is signed by various diplomats for varying concessions. Law is where the countries enact the rules by which they endeavor to carry out the promises made in the treaty.
DON'T USE WINDOWS.
Use something else- it's not hard at all to make medical devices using QNX, Lynx, Linux, or *BSD. And you really, really can't say that WinCE and XP Embedded is really any cheaper than the alternatives- and if you're not using an embedded OS on a medical device, you need to have your head examined and your company ran out of business anyhow.
MS'ers are saying it's robust for the OS itself, but that it's going to mess up a bunch of things because everyone and their dog was relying on the loopholes in past versions. And it's supposed to get worse with the next security upgrades I've heard. People may not have their machines die on them (word is that the virii, trojans, and spyware's causing the dying machines...) but you're going to have fun trying to use the apps you do have without a BUNCH of tinkering around with registry edits and all- and some apps may need a patch from the vendor for varying reasons because they're "fixing" a LOT of the OS with this service pack
It closes all ports and you must place an executable on the exclusion list in order to even be able to RUN it.
Nice security features which break a whole hell of a lot of things. Quicken. Yahoo! Messenger. A host of others. One of my associates who's a certified engineer (who's not just a paper MCSE...) told me that he put it on a test machine yesterday and it took him over three hours to be able to even use it on the Internet. His contacts within MS (which I consider relatively reliable since I know whom he's talking about over in MS' Las Colinas support center...) said they're at ove 80% call volume for the enterprise customers who got it automatically yesterday anyway.
MS lost a Patent infringement suit recently, and everyone that was using the software was stuck with the bill with no redress whatsoever. Simply put, you have absolutely no guarantees with Patents that you're protected whatever your path.
It's why software Patents are such a bad idea in the big picture sense (I can see the legitimacy of some of them, but pretty much all but a few of them should never have been granted...)- and they're granted for some of the silliest damn things.
Opera right at the moment. It's at least a little harder to pull the same stunt off with it than Firefox.
The whole thing's a bad idea from the get-go- right on up there with some of the IE bad ideas.
The WWW is not an application framework. That you can do many applications under it is a testament to it's overall power and flexibility, but it doesn't mean you should do intrinsically bad things to make making application use "prettier" or "easier".
Yes, and it's a damned security risk- just like all the "convienient" features of IE, like ActiveX scripting.
The WWW wasn't meant for the sort of thing you're describing. Just because it's convienient for you doesn't mean that it's a good idea- or that it's safe.
With this little "feature" I can't reccomend Firefox or Mozilla to any of my clients. As much as I want to, I can't, because it's as much a National Security risk as IE is right now.
Webapps shouldn't be able to manipulate things that closely. Anything that allows a spoof attack is a security risk- and therefore SHOULD NOT be available for use. Simply put, let the apps be local or via something like VNC, but don't let them manipulate the UI of the browser in such a way as to allow this sort of thing- if it's via the web, it needs to look like it's via the web.
Convienience should never take precedence to security on the Internet- and it's the lack of applying that thinking to Windows (they've got it exactly BACKWARDS...) that has made it the virus/worm/trojan haven that it is today.
It's not a weapons platform in the sense that it's designed for the task. Contrast and compare a 747 with a B-52 or a B-1/B-2. Completely different beast. The only reason why they're using a 747 for the airborne laser system is that it's one of the only "off-the-shelf" airframe that could handle putting the laser in it and still be airworthy- just because it's being used in the initial tests does not mean that they'll deploy with it or if they do, it's not heavily modified to suit the military purpose.
The software in question has been "in the making" for over four years now. Simply put, you have to be using TurboLinux to get it at this time. Prior to that it was "available" to IA and other embedded systems integrators for evaluation and possible inclusion in their products. Well, I couldn't get a single copy out of them when we needed it and LinDVD (The competing product...) was a steaming pile of dung and we had to fight to evaluate that.
IFF they're worth it (as in quality software) and IFF they're available for more than one distribution will I not complain about having to pay for it.
I wasn't actively trying to remember the model series in question- but you're right, it'd probably have been worse if it'd been 747's. In any case, the statement I made overall stands- something doesn't have to be "militarily" viable to be a real problem or threat.
It's a telling comment on the US currently when FX produces a movie with one of the truer things said about the whole thing after 9/11- I don't have it verbatim from the movie, but the movie says it all:
That there's chemical plants, electric power plants, and reactors, with horrific results for someone successfully attacking them totally unprotected while we worry about taking a pair of nail clippers away from a little old lady in an airport...
What's wrong with this picture, I ask you?
And, it's not to show ignorant governments as much as it's to show their ignorant populaces that they're much more at risk than they've been led to believe.
It's obvious you know very little about how things really work- or how friggin' simple most of this stuff is. Just because it's not his field of work, doesn't make it undoable by him- assuming that he's only capable of hardware engineering is beyond arrogant on your part.
A 747 isn't militarily viable as a weapons platform- but yet TWO of the damn things were used by terrorists to trash our country a while back. His engines are viable- and yes, any idiot with a machine shop can build pulse jets and ram jets that are effective enough to carry a payload quite some distance. Add a pre-programmed navigation sequence, a GPS reciever, and a lift surface capable of lifting the whole lot and you've got a cruise missile. Doesn't matter if it's " militarily " viable if a terrorist uses it to deploy sarin, tabun, VX, or a myriad of biological agents over an area or uses it to take out pieces of critical infrastructure.
While I'm not sure he could achieve his $5k price point, I'm pretty sure someone could achieve a $10-15k price point and have something very nasty to play with.
Like I suggest on the title, you might want to talk about things you actually KNOW about instead of guessing about them- you're not very good at it.
They're redirecting all the common worm and trojan exploit attempts for IIS to MS' website. Nice.
Plug-ins are not something that automatically gets downloaded and installed on your machine. You have to knowingly download and then install them. This is for Windows or any other OS that the plug-in framework is residing on.
On the other hand, IE provides "helpful" features like self-installing plug-ins (ActiveX) and a help framework that completely circumvents the security- all without ANY user intervention.
In the proposed solution you offer, there is no difference with the plug-in model of things- you have to actually install something with your own intervention to be able to view "rich" content. The moment you do anything Internet centric, you change the security profile completely. Having one or more applications to do things doesn't change the amount of work, etc. like you seem to think it does. In fact, in some cases, you just made the work harder because now you've got to add more rules in your firewall and monitoring tools which could leave loopholes in your security. And it still doesn't stop idiots from running malware passed along via e-mail, etc.
Your whole premise doesn't work.
Based upon the descriptions of the seperate vulnerabilities, there is no safe way to use IE . Apparently MS doesn't realize that there's already a bunch of zero-day exploits out and about using the latest IE exploits.
Microsoft's days are numbered at this point. It doesn't matter if they fix this mess- there's a perponderance of evidence that indicates that they band-aid things instead of fix them (including one of the newest exploits going around- supposedly it was fixed in recent times...). They can not be trusted at all for things that require security- anywhere.
...I don't think IE's going to be much more of an issue shortly, considering it's now a National Security Risk, per the DHS (That is, after all, the reason for this whole discussion in the first place...).
Simply put, I'm using this as a reason to get as many home users as I possibly can onto Firefox or Opera under Windows and it's some "ultimate" ammo for me to use to reccomend anything but Windows and Microsoft for our customers as it's a grave security risk like few others.
...that they are. If Infinity was telling the truth and believed the stuff they're saying, it'd do no harm to have a neutral third party assess the codebases. Refusing's not looking good on their part, if you ask me- it's not good faith like they're claiming they're trying to work under here.
I'm not saying I believe that Google's not guilty, either- I'm just saying there's some questionable business going on here and some of the out in the open questionableness is coming from Affinity as well as Google.
Seems to me, unless Orkut signed a non-compete, Affinity has no leg to stand on with regards to that route. Unless the code is close to identical or identical (and bugs can be DESIGN related as well as code related, mind...) then they have no leg to stand on in that arena either.
I wonder if they even care. Most of their budget comes from patent filings- so it's in their best interests to approve things, believe it or not. They're just only "slightly" careful about what they rubber-stamp. I mean, after all, if they were to rubber-stamp perpetual motion machines things that don't jive with our current models of science- I mean, someone might notice other than the geeks, you know...
Or, express the wheel as a function of software or part of the Internet...
Musn't forget that avenue of insanity, you know. It's just more popular (at the moment) than this bank thing.
(Though, I will admit that I'd like to know what kind of drugs the PTO examiner was on when he/she rubber-stamped this one... It's the stupidest thing I've seen since the One-Click Patent...)
All MRAM does is make it non-volatile. It doesn't prevent or even ameliorate the problem you mentioned- it's not more reliable in the sense you're looking for.
Dominion Tank Police
New Dominion Tank Police
Appleseed
Baoh
The first three are from Masamune Shirow who's the party responsible for Ghost in the Shell... Baoh's short, but cool in and of itself- it's in the same violence and gore class with Ninja Scroll. If you liked NS, you'll probably like Baoh.
That you won't see even remotely the same level of performance with WineX on the same bleeding edge hardware. Typically, you don't need bleeding edge to be able to play the game under Windows- middle of the line usually will do. However, you'll need near bleeding edge or right on the cutting edge just to be able to play the silly thing under WineX in many cases.
There IS a distinction there.
CMM is about process and only process, relying on you to get your process just right to ensure product quality- but it's NOT about product quality in and of itself. I discovered this when they started doing all the initial audit work for CMM at one of my previous employers. CMM is just another vain attempt at trying to make software and network work be just like manufacturing. Sorry boys, just doesn't work that way and may never do so.
1) The certs mean nothing. In all honesty, a cert means you passed a certain level on a test- which means you know terminology and proper coding, administration, etc. It does not mean that the developer in question is a good one in the sense that he'll mesh with your team, writes good clean code, etc. All it means is he/she can pass a test with the way things are done right now.
2) See 1. Your idea of a test is no different than making people get certifications with the current scheme. It's not going to help you much.
How to fix things? Your guess is as good as mine on that one, but what you've espoused isn't it.
From Dictionary.com:
Also from Dictionary.com:
The complex of agreed upon treaties and the laws enacted by the various signatories thereof are what comprises "international law". Treaties, in and of themselves aren't the law. They're agreements for a given group of countries to act in a specified way that is signed by various diplomats for varying concessions. Law is where the countries enact the rules by which they endeavor to carry out the promises made in the treaty.