The whatwg page says that "When the ping attribute is present, user agents should clearly indicate to the user that following the hyperlink will also cause secondary requests to be sent in the background, possibly including listing the actual target URIs."
To me this means that the status bar or some other indicator should show the fact of the ping when you hover over the link. Does Forefox do this? I'm not running a "trunk" build.
The "Landscape has changed" reference in the/. article is a bit of a misrepresentation of the Toulouse reference.
The real point was that this was still the era of non-preemptive (cooperative) multitasking among Windows applications. The point of having a callback was that it was the only way to cancel a print job was through a callback. So there was a reason for having this design, even if it was long-term-stupid.
Nice try, sorry. The WMF implementation change was in Windows 2000, but the Windows Picture and Fax Viewer came in with Windows XP. Windows 2000 by default has no program associated with WMF.
The Toulouse blog basically proves, as if it weren't obvious, that Gibson is full of crap.
>>it also so far has been able to fly through hardware and software firewalls of all shapes and sizes
That's not true. My Servgate Edgeforce Plus has been blocking this since at least Friday morning, and I've been testing. I know from actual testing that all the major AV products have been blocking all the variants, so on what basis do you say it's been getting through all the IDSs?
Yes, it's really really bad, but it's not anywhere near as bad as a real network worm and we've had several of those. At least these attacks do require user interaction and there is workaround that's usually effective.
BTW, according to testing by AV-Test of 73 variants all of the major AV packages and most of the others are detecting all of them. You're right though that there will be holes in this coverage, especially in as much as some of them are doing exploit-by-exploit coverage as opposed to a true heuristic. The ones that do sniff out the actual WMFs and look for the exploit sequence seem to be working so far.
Isn't it obvious that this is just a result of someone confusing Dvorak's "they should buy Opera" into "they have bought Opera"? And it really is inconceivable that they would buy Opera. NFW.
>>I think Dell makes a good case here for why vendors should be forced to package clean OS discs and why Microsoft is helping these fools cause headaches by making it difficult to reinstall the OS...
A very big part of the antitrust case against Microsoft was the decision that they could not push OEMs around at all about what was pre-loaded on their systems, and I'm sure restore disks are part of that. Blaming Microsoft for 3rd-party add-ons is mistaken, they have no control over it.
>>Uh, didn't early versions of NT run drivers in a separate protection ring to improve stability?
No, they didn't. NT has never run in more than 2 security levels, and really couldn't early on because it also ran on RISC chips that had only user and supervisor modes.
For years the ILECs have been telling analysts that they can use QOS to degrade competitor packets, especially for things like VOIP. The dickhead at Bell South is just a little more public about these things, but there's nothing new here.
Notice, by the way, that probably half or more of the Internet traffic in the US travels on wires owned by Verizon or SBC, now that AT&T is digested. It will be hard to tell these guys they can't do what they want.
I'd think at least twice before criticizing Apache's basic structure. There aren't many open source projects that are as successful as Apache and dominate their space as thoroughly.
Exactly, the point of XP N is that it doesn't have Windows Media Player. That's it, that's why it adds no value to anyone at all, and proof that the anti-trust enforcement people in the EU are idiots.
This story first came out on a list I read over a week ago. I'm pretty sure it's actually the media player, not the rootkit, that contains the LAME code.
It's also always seemed to me that a blank drive system is harder for Dell to support. What do they tell you to do when you call up and say, e.g., that you can't get some video mode working? In fact, I bet a blank drive system gets little real support, but I bet they budget for more.
Slashdot Mirror
The whatwg page says that "When the ping attribute is present, user agents should clearly indicate to the user that following the hyperlink will also cause secondary requests to be sent in the background, possibly including listing the actual target URIs."
To me this means that the status bar or some other indicator should show the fact of the ping when you hover over the link. Does Forefox do this? I'm not running a "trunk" build.
You want details? Here are some exploits with different record lengths.
The "Landscape has changed" reference in the /. article is a bit of a misrepresentation of the Toulouse reference.
The real point was that this was still the era of non-preemptive (cooperative) multitasking among Windows applications. The point of having a callback was that it was the only way to cancel a print job was through a callback. So there was a reason for having this design, even if it was long-term-stupid.
Nice try, sorry. The WMF implementation change was in Windows 2000, but the Windows Picture and Fax Viewer came in with Windows XP. Windows 2000 by default has no program associated with WMF.
The Toulouse blog basically proves, as if it weren't obvious, that Gibson is full of crap.
What you said. If you're vulnerable to any real compromise from this you probably got compromised long ago in some other circumstance.
>>port/destination blocking firewalls
Honestly, why would you ever think these would be able to block this threat? Now I'm even less worried about it
>>it also so far has been able to fly through hardware and software firewalls of all shapes and sizes
That's not true. My Servgate Edgeforce Plus has been blocking this since at least Friday morning, and I've been testing. I know from actual testing that all the major AV products have been blocking all the variants, so on what basis do you say it's been getting through all the IDSs?
Yes, it's really really bad, but it's not anywhere near as bad as a real network worm and we've had several of those. At least these attacks do require user interaction and there is workaround that's usually effective.
BTW, according to testing by AV-Test of 73 variants all of the major AV packages and most of the others are detecting all of them. You're right though that there will be holes in this coverage, especially in as much as some of them are doing exploit-by-exploit coverage as opposed to a true heuristic. The ones that do sniff out the actual WMFs and look for the exploit sequence seem to be working so far.
The most predictable thing about this story was that it would be exposed as a hoax because of all the nonsense and contradictions in it.
Now the student, whose anonymous allegations were the only evidence of the whole matter, has recanted.
I pitched this as another story and it was rejected. Maybe it will show up from another author, or maybe the editors prefer the story to be true.
Isn't it obvious that this is just a result of someone confusing Dvorak's "they should buy Opera" into "they have bought Opera"? And it really is inconceivable that they would buy Opera. NFW.
>>No, I blame Microsoft for incorporating the copy protection mechanism into XP which requires me to call Microsoft when I want to reinstall my OS.
Big &&%#%% deal. 3 seconds of communications and you're changing operating systems? Your concerns are massively misplaced.
>>I think Dell makes a good case here for why vendors should be forced to package clean OS discs and why Microsoft is helping these fools cause headaches by making it difficult to reinstall the OS...
A very big part of the antitrust case against Microsoft was the decision that they could not push OEMs around at all about what was pre-loaded on their systems, and I'm sure restore disks are part of that. Blaming Microsoft for 3rd-party add-ons is mistaken, they have no control over it.
>>Uh, didn't early versions of NT run drivers in a separate protection ring to improve stability?
No, they didn't. NT has never run in more than 2 security levels, and really couldn't early on because it also ran on RISC chips that had only user and supervisor modes.
I think that's "...precede police into areas..."
For years the ILECs have been telling analysts that they can use QOS to degrade competitor packets, especially for things like VOIP. The dickhead at Bell South is just a little more public about these things, but there's nothing new here.
Notice, by the way, that probably half or more of the Internet traffic in the US travels on wires owned by Verizon or SBC, now that AT&T is digested. It will be hard to tell these guys they can't do what they want.
>>In some cases, this can result in more effecient code than a precompiled binary such as one created by a C compiler.
This is a bullshit argument that generally presumes a substandard optimization by the binary compiler.
I'd think at least twice before criticizing Apache's basic structure. There aren't many open source projects that are as successful as Apache and dominate their space as thoroughly.
Exactly, the point of XP N is that it doesn't have Windows Media Player. That's it, that's why it adds no value to anyone at all, and proof that the anti-trust enforcement people in the EU are idiots.
This story first came out on a list I read over a week ago. I'm pretty sure it's actually the media player, not the rootkit, that contains the LAME code.
You know, it's kind of clever: Support it, but only in the new version.
I apologize for contributing to the general environment of credulousness on /. If I hadn't already posted here I'd mod you "funny"
I'm calling shenanigans. Where the hell did you hear this?
Here's a FAQ on it at the WTO site.
Roche knows about this and is talking about licensing for exactly this reason, because they can get better terms this way.
You're absolutely right, that whole family of no-OS systems comes with no support included. You have to buy per-incident support.
It's also always seemed to me that a blank drive system is harder for Dell to support. What do they tell you to do when you call up and say, e.g., that you can't get some video mode working? In fact, I bet a blank drive system gets little real support, but I bet they budget for more.