Re:different levels of importance
on
Real Security?
·
· Score: 2, Funny
That made me grin:) Just listen to all the busy little keyboards as rokzy is tried as a username by 27,000 people at/., buy.com, CompUSA, Newegg, Amazon, and B&N. Someone is getting some free hardware tonight..
Please correct me if I'm wrong, but I thought resolution, dpi, and physical size were all related. If the physical size stays the same and the resolution is changed, doesn't that changed the effective dpi?
btw, if you have a monitor that changes physical size when you bump the resolution, let me know where I can buy one;o)
Furthermore, the linked article says that Iain "really only interested in being able to recompile kernel for the Liteon product which I own." Presumably, the stock kernel won't compile without changes.
And if one of the threads blocks on IO? You would actually want more processes running than the total number of processes. The exact number depends on how many and how often processes get blocked for various reasons, but I think 1.5 or 2 is considered a good factor. That means something like 4000 processes would make pretty efficient use of a 512 processor box.
If you are just simply uncomfortable with them seeing inappropriate images, bear in mind they'll see them elsewhere if not at home, so what's the point in stopping them?
Because that is part of your responsibility as a parent. Head in the sand is a pretty weak way out.
You probably mean Aki Ross. IMHO, some of the most impressive CG work in recent history. At some points in that movie, it's easy to forget that she's not a real actress...
I'm not an investor, but it seems like MS investing in a competitor would be a bad idea. If the competitor does really well and MS gains some money off the investment, they are likely no longer in a position to compete with that company. If, on the other hand, MS destroys the competition, they lose money on their initial investment.
Either way, it appears that they lose on some front. Seems like a better idea to invest that same money into their competing product (ie, MSN in this case).
The code for Terabyte Triangle's website was done entirely with text editors. Note that it's all pretty and stuff, but it isn't littered with all kinds of extra markup crap that WYSIWYG editors tend to produce...
Really, HTML isn't *that* hard. And if you're feeling like a techie demi-god, you might take a look at PHP, Zope, or (gag) ASP.
is it also bad to use visual editors when you design GTK or QT dialogs? No, I love Qt Designer, but then again, I never have to edit the code it produces directly. I subclass, whip out Nedit, and go to work. HTML WYSIWYG editors can't offer anything like that 'cause you can't really subclass "HTML" (although you can do cool things like that with PHP/ASP.NET/etc).
WYSIWYG has it's place for one-off, small websites, but if you are designing commercial sites, bite the bullet and learn something a little more powerful.
btw, is the Perl at http://www.slackersguild.com/ created in Frontpage? Didn't think so. Probably built by guy with a text editor. Heck, it looks like the/. code base...
a number of hacks could be discovered, and kept secret by some techie That's *exactly* why I wouldn't mind seeing the code open for public review...
Perhaps they should just take more care when designing the actual product to make sure it's bulletproof - i.e. hire really good people to write the code. The problem here is that companies are driven by profit and hiring better people, spending more time in design, doing more testing, and even a formal translation of a formal model for proof of correctness all cut into the bottom line. It only needs to be good enough to sell copies in the current market to satisfy the corporate need.
The/. community didn't produce the binary in question nor did open source. The point is that a source code leak shouldn't imply a security risk and a binary leak *really* shouldn't imply a problem.
You don't. Someone who was upset with what happened during the elections probably posted it so tech people could find the flaws and make the people in charge look foolish.
When the article said "changes the light immediately to clear the intersection", I assumed that it meant that the other lights would flip to yellow instantly and then give time for the intersection to clear before flipping the light you just tagged to green. That means the cycles would be at least long enough for a single car to jump through a yellow light. Seems like flipping the light to green would make all the cars waiting in front of the firetruck think they were clear to go. Even for emergency vehicles, this seems too extreme.
No, not at all. In fact, it would be much worse. The lights are supposed to be timed so a batch of cars can travel through most of the stoplights on a main street without having to stop if everyone is traveling the speed limit. Every car having one of these would mean that the lights would cycle on and off much more quickly meaning you would be stopping at every light in the city.
Whether or not it's ok for people/companies to do white hat hacking is not the issue
Why not? That's a scary proposition. Should we ask instead if AOL is powerful enough to ignore the law in general? I don't think there is any question that this is considered white hat hacking. It's just being done under the guise of corporate good.
service performing an almost universally beneficial change to its users PCs Ack! Did I agree to the change? Am I in the minority affected negatively by this? Was I allowed to consider the "side effects" when I signed up for AOL? (Thank goodness these are rhetorical questions).
perhaps AOL should have presented the user with some lengthy announcement about their intentions, and then allowed the user to opt out of the change Yes, no. The announcement should have informed the user and allowed them to opt in.
It's a simple business decision that essentially does no harm. Yes, it appears to be a simple business decision and hopefully it is for the exact reasons that you assume. Hopefully it doesn't involve my tinfoil hat theory:( Hopefully it isn't something that hasn't even been considered yet...
Look, if disabling that service was a normal step in the installation of the AOL client software, nobody would be screaming "hack!" Look, if it did it without asking me, I would be just as pissed.
Finally, consider that this might not be the only change they make. What if they are *legally required* to shut off file sharing services because they *can*? What happens when Outlook or IIS or MSSQL 2000 falls under their guns because of the latest MS suckage? The precedent is freaky. You do not read enough Tom Clancy;o)
It's not about that. It's about AOL taking action like they did. Of course you can disable messenger and of course messenger sucks huge chunks for most users. The real question is if AOL should have made the change they did and if we should be concerned about any possible implications.
BS. First, it is illegal if not specifically included in the contract. Second, it is probably in a grey area even if it is not specified by the contract and AOL is likely liable for any "damages" they cause. Third, it is a little creepy that AOL can weld that kind power if legal action is not pursued by someone.
Sure, in this case, it probably helped the greater good. Sure, in this case, it probably helped more than it harmed. That wouldn't always have to be the case and we now know that AOL is capable, and more importantly, willing to modify end-user's computers *any time* they feel it necessary.
<Tin-foil hat on> Also, consider that AOL just lost a certain degree of deniability. ISPs have been able act simply as a conduit and not take responsibility for the data transfered over their pipes. AOL has demonstrated that a ISP is *able* to take action against disagreeable things even if it requires modification to a user's computer. Where does the interests of AOL reside? Could this simply be a setup that *requires* AOL to take action against file sharers in the same way? <hat off>
Regardless, the implications are a little alarming.
IMHO, the more striking thing is that this is possible:( Although most of the/. crowd is likely aware that Windows, by default, is fairly insecure, AOL is making a pretty public demostration of the fact that it is dangerous to trust your data to MS.
I personally have witnessed two fried systems due to ps2 ports being connected while the system was running. It's not common, but it is certainly possible.
Slashdot Mirror
That made me grin :) Just listen to all the busy little keyboards as rokzy is tried as a username by 27,000 people at /., buy.com, CompUSA, Newegg, Amazon, and B&N. Someone is getting some free hardware tonight..
Yep, Knoppix is pretty tough to use...
Please correct me if I'm wrong, but I thought resolution, dpi, and physical size were all related. If the physical size stays the same and the resolution is changed, doesn't that changed the effective dpi?
;o)
btw, if you have a monitor that changes physical size when you bump the resolution, let me know where I can buy one
Furthermore, the linked article says that Iain "really only interested in being able to recompile kernel for the Liteon product which I own." Presumably, the stock kernel won't compile without changes.
And if one of the threads blocks on IO? You would actually want more processes running than the total number of processes. The exact number depends on how many and how often processes get blocked for various reasons, but I think 1.5 or 2 is considered a good factor. That means something like 4000 processes would make pretty efficient use of a 512 processor box.
If you are just simply uncomfortable with them seeing inappropriate images, bear in mind they'll see them elsewhere if not at home, so what's the point in stopping them?
Because that is part of your responsibility as a parent. Head in the sand is a pretty weak way out.
That's the whole point. Existing methods take months while he claims it can be done in a single day with a single computer.
Which? The rat or the answer? :)
You probably mean Aki Ross. IMHO, some of the most impressive CG work in recent history. At some points in that movie, it's easy to forget that she's not a real actress...
I'm not an investor, but it seems like MS investing in a competitor would be a bad idea. If the competitor does really well and MS gains some money off the investment, they are likely no longer in a position to compete with that company. If, on the other hand, MS destroys the competition, they lose money on their initial investment.
Either way, it appears that they lose on some front. Seems like a better idea to invest that same money into their competing product (ie, MSN in this case).
8 different $2 cards out of a beat up box at an army surplus store, check.
Seriously, someone found an ethernet card that Linux *doesn't* support?
The code for Terabyte Triangle's website was done entirely with text editors. Note that it's all pretty and stuff, but it isn't littered with all kinds of extra markup crap that WYSIWYG editors tend to produce...
/. code base...
Really, HTML isn't *that* hard. And if you're feeling like a techie demi-god, you might take a look at PHP, Zope, or (gag) ASP.
is it also bad to use visual editors when you design GTK or QT dialogs?
No, I love Qt Designer, but then again, I never have to edit the code it produces directly. I subclass, whip out Nedit, and go to work. HTML WYSIWYG editors can't offer anything like that 'cause you can't really subclass "HTML" (although you can do cool things like that with PHP/ASP.NET/etc).
WYSIWYG has it's place for one-off, small websites, but if you are designing commercial sites, bite the bullet and learn something a little more powerful.
btw, is the Perl at http://www.slackersguild.com/ created in Frontpage? Didn't think so. Probably built by guy with a text editor. Heck, it looks like the
a number of hacks could be discovered, and kept secret by some techie
That's *exactly* why I wouldn't mind seeing the code open for public review...
Perhaps they should just take more care when designing the actual product to make sure it's bulletproof - i.e. hire really good people to write the code.
The problem here is that companies are driven by profit and hiring better people, spending more time in design, doing more testing, and even a formal translation of a formal model for proof of correctness all cut into the bottom line. It only needs to be good enough to sell copies in the current market to satisfy the corporate need.
The /. community didn't produce the binary in question nor did open source. The point is that a source code leak shouldn't imply a security risk and a binary leak *really* shouldn't imply a problem.
You don't. Someone who was upset with what happened during the elections probably posted it so tech people could find the flaws and make the people in charge look foolish.
When the article said "changes the light immediately to clear the intersection", I assumed that it meant that the other lights would flip to yellow instantly and then give time for the intersection to clear before flipping the light you just tagged to green. That means the cycles would be at least long enough for a single car to jump through a yellow light. Seems like flipping the light to green would make all the cars waiting in front of the firetruck think they were clear to go. Even for emergency vehicles, this seems too extreme.
No, not at all. In fact, it would be much worse. The lights are supposed to be timed so a batch of cars can travel through most of the stoplights on a main street without having to stop if everyone is traveling the speed limit. Every car having one of these would mean that the lights would cycle on and off much more quickly meaning you would be stopping at every light in the city.
You have to look at these issues case by case.
:( Hopefully it isn't something that hasn't even been considered yet...
;o)
Ok
Whether or not it's ok for people/companies to do white hat hacking is not the issue
Why not? That's a scary proposition. Should we ask instead if AOL is powerful enough to ignore the law in general? I don't think there is any question that this is considered white hat hacking. It's just being done under the guise of corporate good.
service performing an almost universally beneficial change to its users PCs
Ack! Did I agree to the change? Am I in the minority affected negatively by this? Was I allowed to consider the "side effects" when I signed up for AOL? (Thank goodness these are rhetorical questions).
perhaps AOL should have presented the user with some lengthy announcement about their intentions, and then allowed the user to opt out of the change
Yes, no. The announcement should have informed the user and allowed them to opt in.
It's a simple business decision that essentially does no harm.
Yes, it appears to be a simple business decision and hopefully it is for the exact reasons that you assume. Hopefully it doesn't involve my tinfoil hat theory
Look, if disabling that service was a normal step in the installation of the AOL client software, nobody would be screaming "hack!"
Look, if it did it without asking me, I would be just as pissed.
Finally, consider that this might not be the only change they make. What if they are *legally required* to shut off file sharing services because they *can*? What happens when Outlook or IIS or MSSQL 2000 falls under their guns because of the latest MS suckage? The precedent is freaky. You do not read enough Tom Clancy
It's not about that. It's about AOL taking action like they did. Of course you can disable messenger and of course messenger sucks huge chunks for most users. The real question is if AOL should have made the change they did and if we should be concerned about any possible implications.
Even if it is in the contract, is it enforcable? Seems like pretty shaky ground to me.
Unethical, yes.
Legal? Possibly.
Exactly, and AOL is probably still legally responsible for any damages they caused even when acting in presumably good faith.
BS. First, it is illegal if not specifically included in the contract. Second, it is probably in a grey area even if it is not specified by the contract and AOL is likely liable for any "damages" they cause. Third, it is a little creepy that AOL can weld that kind power if legal action is not pursued by someone.
Sure, in this case, it probably helped the greater good. Sure, in this case, it probably helped more than it harmed. That wouldn't always have to be the case and we now know that AOL is capable, and more importantly, willing to modify end-user's computers *any time* they feel it necessary.
<Tin-foil hat on>
Also, consider that AOL just lost a certain degree of deniability. ISPs have been able act simply as a conduit and not take responsibility for the data transfered over their pipes. AOL has demonstrated that a ISP is *able* to take action against disagreeable things even if it requires modification to a user's computer. Where does the interests of AOL reside? Could this simply be a setup that *requires* AOL to take action against file sharers in the same way?
<hat off>
Regardless, the implications are a little alarming.
And at best, it is simply illegal.
:( Although most of the /. crowd is likely aware that Windows, by default, is fairly insecure, AOL is making a pretty public demostration of the fact that it is dangerous to trust your data to MS.
IMHO, the more striking thing is that this is possible
Except that it's really three and ect-update is not a very fun one to run :(
I personally have witnessed two fried systems due to ps2 ports being connected while the system was running. It's not common, but it is certainly possible.