Although I mainly use Mac OSX on a day to day basis, I need a PC to check websites in Windows IE. I have no wish and no time to fuck with the horrors of patching Win2k/XP and friends for sasser, blaster (I spent a number of hours today trying in vain to fix a friend's Win2k PC that had been infected by no less than 12 different viruses and tojans. System was hosed, impossible), so I actually just resorted to the idea of just using Win98 with Firefox for any serious browsing and IE6 for checking my sites and webmail if needed. Amazingly, even though this machine has no AV software and no firewall, it has not been hit by any of the remote exploits currently out there (obviously, since they almost all target service vulnerabilities on the NT kernel).
Works like a charm. have done the same for my sister and old mother and they have less problems than they had when they were on Win2k and WinXP respectively.
I supported Navision on Windows in my last job. I was concerned when, in somewhere around May 2002, Microsoft bought Navision that there would be problems, but there weren't. Navision is also meant for smaller comapnies than SAP and has some critical problems on Windows servers, such as having no database replication capability, no live backup capability and a seriously fucked interface (it originally comes from a DOS and UNIX commandline type environment and they even had their own non standard GUI elements).
I just read your answer to the criticisms of your so called samizdat series (so called because the word samizdat as used in your title is a very warped and twisted version of the original sense of samizdat which was a distribution of underground news under an oppressive regime). I was completely bowled over.
Some quotes and repsonses:
"'Hybrid source code' is a phrase coined by former Tocqueville Chairman Gregory Fossedal. The term refers to any product with a license that attempts to mix free and proprietary source code at the same time."
This reminds me for all the world of Darl McBride of SCO infamy. His public screamings to the media over the GPl as being anti-american and unconstitutional before finally being ordered by the court to tone down his public speaking. And you know the direction in which SCO is going, don't you? He has backed away from his attempts to portray the GPL as being illiegal, and with good reason, because the GPL is enforcable, and you might want to ask IBM about this before you publish your book.
"Linux is a leprosy; and is having a deleterious effect on the U.S. IT industry because it is steadily depreciating the value of the software industry sector. Software is also embedded in hardware, chips, printers and even consumer electronics. Should embedded software become 'free' too, it would be natural to conclude the value of hardware will spiral downward as well."
Mmmm, I seem to remember a man called Munide from a company called Microsoft calling Linux and the GPL a cancer a few years ago. I wonder why this reminds me of that?
" In a controversial section of Samizdat, I ask readers to pose some very hard questions about the origin of the Linux kernel. This is for a number of reasons, but especially because the same people that are selling the trust model cannot answer basic questions about what attribution, acknowledgement, and IP credit they may have owed ATT Corporation and/or Prentice Hall Corporation in 1991 when the Linux kernel was introduced. The same community that sells 'trust', is the same community that celebrates: the theft of ATT Unix source code in the late 70's, joked about the theft of Windows source code in February, and commenting on the Cisco source code theft in May wrote in Newsforge, "maybe the theft will be a good enough reason for Cisco customers to check out open source alternatives....(3)"
Isn't fair to question the character and ethics of individuals that espouse contempt for intellectual property? Isn't fair to question their character, when the core of their business strategy is trust?"
This is possibly the most ironical piece in the entire post. Not only is the origin of Linux being proven in court right now, in the cases between SCO, IBM, Red hat and Novell, but for a supposedly serious piece to start calling the ethics of the creators into question when the ethics of a company such as microsoft have been judged in court to have been less than stellar is a fine piece of irony. Andy Tannenbaum has written that your claim that Linus Torvalds stole the Kernel from him was false, and the whole SCO controversy has shown that Linux has an OPEN record when it comes to its sources. Can the same be said for Microsoft? Can anyone prove that? NO, I didn't think so.
In fact this whole so called samizdat series has so little in the way of concrete facts that calling it a study is like calling the national Enquirer a serious newspaper.
Considering the extremesimilarity between this study and the Microsoft sponsored attempts to discredit Linux and the GPL, I have only one question:
I have an account at Credit Suisse, one of the two big Swiss banks. The online banking was, up until recently done via a standalone Java client that was pretty nifty in terms of features etc. Now, because of the hassle of different Java versions, it's all done via a secure website, that, on log off, advises you to clear your cookies, delete your browsing history and close your browser. It works with an password, chosen by you, a number chosen by them, and a little credit card sized RSA key generator that generates one time keys.
You need to have all the info to access your account, one or two of them will not work, and three bad tries locks the account until you check in with them and get a new card.
I have been a bit amazed at Sun's collusion with MS is the recent past for a while now, and then I read this article. What on earth do Sun and MS have in common, I wondered. Then it came to me: OSS/linux is what they have in common, or rather the fear of Linux and OSS eating up their business as it really seems to be doing.
So why would Sun be daft enough to first make its own Linux distro and then jump on the party wagon with MS, I thought. I suppose the reason to that is that Sun has been so all over the fucking place in recent years (ever since they came up with the Java computer IIRC) coming up with one ridiculous idea after another to save the company and bleeding money all over the place that they simply are too damn stupid to realise what they are doing. MS comes along with a proposal that MS claims would save Sun's Solaris and hardware from extinction and Sun, grasping for straws, goes for it wholeheartedly, not realising that playing with MS is like playing with a live Cobra: You get bitten and you die.
It's sad that Sun has been just too plain fucking stupid to port the interesting parts of Solaris to Linux and go with Linux on their hardware and stick to servers.
So what is MS' goal anyway? I think that actually, as is typical of MS, the whole software subscription thing, which backfired badly the first time they came up with it about 5 years ago (Internet Cafe's subscribing to Office etc, ha ha ha) was just put on the back burner until they could come up with another way to market it.
And they did. And it ties in nicely with both DRM and.Net (anyone remember passport).
I think the idea is the following. MS has an idea that they can sell an advanced XBox kind of computer (such as the next XBox version, surprise!) which will be: 1. Locked with both a software DRM and a hardware BIOS DRM. (see the new Phoenix BIOS) 2. Run the Windows OS (this time without paint or notepad) but only the very basics of the OS. 3. Run the.Net frameworks which enable them to download applications based on XAML and Aeron and more importantly control the use of those applications through the DRM 4. Offer the box with a basic set of games, office apps for the home, a browser, an email client, media player, IMS etc. 5. Also offer the Box with nothing, but offer the above mentionend apps on a subscrition basis as well as those that third party developers will pay through the nose to be allowed to distribute them through MS' channels. Very much like games are now. 6. Start a massive and even for MS standards expensive media campaign that this will be the true home appliance. Just Buy, Plug and Play!(TM). 7. Profit, laugh at Sun who thought that they could get something out of this (Maybe Sun will be allowed to host XBoxII third party software etc)
You laugh? XBOX II won't even run on x86, so tough luck trying to get your current apps to work. The masses will go for this even if it's only over time. They currently pay for MS's online gaming service so why won't they pay for MS's online Office service?
I wish that Linus, Tannenbaum and the whole damn FSF crew would finally go see a lawyer and sue these people for libel. Given that both Tannenbaum and Linus agree on this point they might even be able to subpoena Alexis de Fuckville's mail correspendence with repsect to Microsoft.
Taking into account the insightful comments here that the die-off was restricted mostly to dinosaurs of all shapes and sizes in all environments, with the exception of the ones that later became birds, I have to doubt that this theory is accuarate.
If one considers the theory maintaining that many species would have had to hide under water to survive one really has to ask what happened to the many aquatic species of dinosaurs, and why they died off but aquatic mamals and fish did not. One would also have to conder that there were many species of dinosaurs that were as small as or smaller than chickens (courtesy of Jurassic Park 2). It wasn't only mamals that were small at the time.
I truly wonder if the die off wasn't the result of a virus or bacteria that mostly affected dinosuars. There are numerous virii and bacteria that are species specific. Even if the illness didn't kill offf all of them (as evidenced by birds) it would have perhaps killed off enough of them to make survival of the species as a whole impossible.
It's unlikely, I know, given that dinosaurs were biologically as diverse as modern animals but it at least sounds better to me than dino burger.
Another good example would simply have been not enough food for the larger animals after an asteroid strike kicked up enough dust to cause dark skies for a number of years.
1. The best is Paranoid Android linked to in the article itself. PA itself uses the APE kernel extension from Unsanity, however, and some people have reported problems with this.
2. Another method is to use Internet Exploere, MisFox or MoreInternet to set the following protocol helpers which can mount volumes, to point to an innocuous application, such as Chess.
fpt:
afp:
disk:
disks:
3. In a public environment where there are some automatcially mounted network shares such as in a university, school or company, you would also have to take into account protocols such as:
nfs:
webdav:
smb:
cifs: but these are less likey to be used in conjunction with this vulnerability as it would be more difficult to get one of these users to simultaneously go to a webpage that exploits this.
You didn't make anything clear, pudge. The impression you gave me is that you prefer Apple's reputation over mac user's security. And that is why I am as mad as hell.
1. YOUR submission was incorrect! This vulnerability works in ALL browsers!
2. The workaround IS a goddamn workaround and IT DOES work, and IT DOESN't disable help! Jesus almighty, try it out, it merely disable running help from the browser, not running help from an application.
3. Apple was warned TWO MONTHS ago about this vulnerability! It was openly published on Heise on Saturday. It was all over Mac forums in Germany and the US over the weekend.
4. Since it was openly known (and with no response from Apple for two months), you nice bright guy, I decided to submit a COMPLETE story with a working workaround (it really does work pudge) in order to help Mac users protect themselves, not because of wanting to be in anyone's highlights.
I am going to mail Taco about this pudge. You are guilty, IMO, of neglecting a very serious security vulnerability on OSX, and then neglecting to actually check the facts and then finally post a story that does only helps the knowledge of the exploit spread but with no help to users, and that soley because YOU do not agree with a FACT (it was already known). Disgusting.
Jesus, pudge, you reject my story where it is mentioned that YOU DON'T NEED AUTO OPENING OF "SAFE FILES" TURNED ON FOR THIS TO WORK and then post some lame arse submission that gets it wrong.
Fact 1. Using the disk:// URL type, and sticking it in a Meta refresh tag, you can remotely mount a disk image without the user even knowing. It DOES NOT need auto open of safe files to be turned on.
Fact 2. If the disk image is small, which it would be if there's only an Applescript on it with 'do shellscript="rm -rf~/*" ', then getting the user to click on a link that runs the script a few seconds later is easy and you could even do it via javascript and automate the whole thing.
Fact 3. Pudge your sarcastic "from the let's publish it so everyone knows who to do it" is a blatant stupidity. Jesus fuck. This vulnerability was on Heise.de on Saturday. It may be news to you, pudge, but one hell of a lot of people read and visit heise's site. Not everyone is an English only American.
Fact 4. And this makes me especially mad at you, you clown, for using this submission instead of mine, is that I submitted a workaround (point the.help extension to the chess app) and a link where to get software to do this (because you can't do it from the GUI in OSX as you could in OS9).
Grow up pudge and use your brains instead of your zealotry.
Where did Intego first find out about this Trojan horse? Intego, after writing and releasing the first mp3 trojan for the Mac OSX platform in order to improve our business, decided to write a dangerous Applescript, give it an installer icon and release it in order to further generate sales for our otherwise uselss AV products that no one wants. Even though this is not a real trojan and this approach involves social engineering that has been known about for years (We initially considered simply writing a readme file that instructed the user to type "rm -rf ~/" in the terminal, but thought that that would be too complex) we know thta our approach, known as the SCO school of IT business, is guaranteed to raise revenue.
Have you informed Apple, Microsoft and the CERT about this Trojan horse? Yes, we informed Apple, Microsoft and the CERT as soon as had done our first working Applescript. They were very proud of us. Especially the people at Microsoft.
Has Microsoft made any comments about this Trojan horse? Microsoft made the following comments: "Microsoft has verified that it does not write or encourage others to write trojans for the Macintosh platform. Microsoft, however, certainly is not above offering the occasional tip when it comes to torpedoing other company's platforms"
I think the only thing everybody can agree on is that Lexa Doig is so amazingly sexy.
That said, she never did get to wear any skimpy costumes or space bikinis in Andromeda. Perhaps now she'll have time to find a show where she can really, uhm, display her qualities.
Uhm, a certain "major shifts in disruptive technology" called the internet springs to mind, with the catch up player being Microsoft and the innovator with the better product called Netscape. The rest of the story about strong arm tactics is history, and a crying shame.
So, that in a nutshell is the Microsoft method. Understand the market, and the customers, and then go pedal to the metal, with release after release focused on what the customers need, incorporating their feedback.
So, did Microsoft also ask the customers about product activation and licencing 6 then?
MIguel, in his usual way, is about halfway right, I think.
He is definitely right that MS won a lot of its marketshare by simply bundling stuff with the OS and by having enough money and time to survive mistakes that killed competitors (XBox, WinCE, Plug and Pray, Bob, J++ etc).
He is only halfway right that Longhorn and XAML, Avalon and.Net will Take Over The World(TM). From his perspective as a.Net implementor on Linux, he obviously sees it as the best thing since Corona beer and tacos. Those technologies will surely become very popular in the Windows world, and I'm sure that a good deal of companies that are currently within the Windows loop will make heavy use of local Web applications a la XAML.
But, as has been the case before, it's only half the picture. The other half of the picture is that those people who see it as critical to have their web applications be compatible with the myriad different Windows OS versions, the myriad different OS types right across the board will still use Java/PHP etc for server based apps and keep the frontend in the browser. The XAML local web applications are very similar to Java Webstart in concept, but will find it only marginally more acceptable in the real world, for purely compatibility reasons.
Granted Java has been an unmitigated disaster client side, with Sun having screwed up by introducing the white elephant known as swing and thereby permanently giving client side Java the reputation of being slow, even though this is no longer true with modern CPUs. This hole will probably be filled by.Net and XAML on Windows machines since the idea that Mozilla will get it together in a reasonable amount of time to get their engine to render anything in the way of the Avalon engine is probably expecting too much.
And the price/performance and price/freedom of implementation benefits of Linux are truly starting to find adherents across the world in a serious manner.
In the end it will probably be that Windows will provide the better experience but that Linux will provide the lower cost and "be good enough" very much like Windows 95 was compared to its competitors.
The story claims that the sim will help troops think better, and therefore, by extension, survive in urban combat zones.
I think they are wasting their time. The American military already has a huge advantage in firepower, equipment and training over insurgents in Iraq, and regularly has a kill ratio of over 10:1. Yet the insurgents don't stop, obviously, and the killing breeds ever more hatred against you Americans.
Perhaps building a sim where the idea is to think about what you are doing before you kill thousands of civillians would be a good idea. You Americans are so obsessed with your toys and you wonder then why some third world lunatic with a grudge plans attacks against you.
I find it highly interesting that no one has touched on the basis of all these claims: The social link between developers and end users. Developers who take an interest in what end users want and think, thereby implying a social interest in the needs of the end user, would, presumably, automatically imply a better end user experience than a project that was designed with the goal of only pleasing the developers and the technically adept.
Microsoft's Windows XP Premium will be guaranteed to be as much of a failure that the Media Center Edition has been (No one is selling it and not one wants it). Microsoft has the amazing ability to fuck up products by giving them goofy names that no one understands or gives a fuck about and there by diluting the brand at the same time. They did it with.Net (.Net was given to every single fucking product they had until after two fucking years the brainless fucks at MS marketing realised that "D'uh, the customers are gettin pissed and confused") and they're doing it with XP as well (XP Pro, Home, Tablet Edition, Media Center Edition, and now fucking Premium). The fucking lazy , stupid and greedy marketing wankers at Microsoft need to be taken away from their positions and shot.
I'm from South Africa and I remember a visit to a friends farm about 20 years ago, where he showed me this big black metal box (about 6 feet, 180cm high) he had in his back yard which he used for storing spiced and salted dried meats (locally called Biltong, a bit like beef jerky I think). It worked on the same principle in that it was double walled with the space inbetween the wall filled with sand and a large grating on top which needed to be replenished with water every now and again. It was amazingly cool in the African summer heat.
He had replaced the box after the one from his grandfather finally rusted to pieces after just over 75 years of continual use.
Truckers in South Africa also used to also carry a water bag in a wet sand filled canvas bag outside their trucks to provide a constant source of cool water.
I think the principle is probably much older than this, probably going back to the first person realising that the wind chilled him more after taking a dip in a lake that when he was dry.
Everyone else knew this and yet you yanks still went ahead and invaded the place, thereby giving the Islamic fanatics yet another battle cry. Well done.
Next time, try actually making up your own minds instead of letting the garbage that passes for mass media in the US do it for you.
Slashdot Mirror
Although I mainly use Mac OSX on a day to day basis, I need a PC to check websites in Windows IE. I have no wish and no time to fuck with the horrors of patching Win2k/XP and friends for sasser, blaster (I spent a number of hours today trying in vain to fix a friend's Win2k PC that had been infected by no less than 12 different viruses and tojans. System was hosed, impossible), so I actually just resorted to the idea of just using Win98 with Firefox for any serious browsing and IE6 for checking my sites and webmail if needed. Amazingly, even though this machine has no AV software and no firewall, it has not been hit by any of the remote exploits currently out there (obviously, since they almost all target service vulnerabilities on the NT kernel).
Works like a charm. have done the same for my sister and old mother and they have less problems than they had when they were on Win2k and WinXP respectively.
I have no idea why but I kind of like the idea of Rob Malda having his moment of fame!
I supported Navision on Windows in my last job. I was concerned when, in somewhere around May 2002, Microsoft bought Navision that there would be problems, but there weren't. Navision is also meant for smaller comapnies than SAP and has some critical problems on Windows servers, such as having no database replication capability, no live backup capability and a seriously fucked interface (it originally comes from a DOS and UNIX commandline type environment and they even had their own non standard GUI elements).
I just read your answer to the criticisms of your so called samizdat series (so called because the word samizdat as used in your title is a very warped and twisted version of the original sense of samizdat which was a distribution of underground news under an oppressive regime). I was completely bowled over.
Some quotes and repsonses:
"'Hybrid source code' is a phrase coined by former Tocqueville Chairman Gregory Fossedal. The term refers to any product with a license that attempts to mix free and proprietary source code at the same time."
This reminds me for all the world of Darl McBride of SCO infamy. His public screamings to the media over the GPl as being anti-american and unconstitutional before finally being ordered by the court to tone down his public speaking. And you know the direction in which SCO is going, don't you? He has backed away from his attempts to portray the GPL as being illiegal, and with good reason, because the GPL is enforcable, and you might want to ask IBM about this before you publish your book.
"Linux is a leprosy; and is having a deleterious effect on the U.S. IT industry because it is steadily depreciating the value of the software industry sector. Software is also embedded in hardware, chips, printers and even consumer electronics. Should embedded software become 'free' too, it would be natural to conclude the value of hardware will spiral downward as well."
Mmmm, I seem to remember a man called Munide from a company called Microsoft calling Linux and the GPL a cancer a few years ago. I wonder why this reminds me of that?
" In a controversial section of Samizdat, I ask readers to pose some very hard questions about the origin of the Linux kernel. This is for a number of reasons, but especially because the same people that are selling the trust model cannot answer basic questions about what attribution, acknowledgement, and IP credit they may have owed ATT Corporation and/or Prentice Hall Corporation in 1991 when the Linux kernel was introduced. The same community that sells 'trust', is the same community that celebrates: the theft of ATT Unix source code in the late 70's, joked about the theft of Windows source code in February, and commenting on the Cisco source code theft in May wrote in Newsforge, "maybe the theft will be a good enough reason for Cisco customers to check out open source alternatives....(3)"
Isn't fair to question the character and ethics of individuals that espouse contempt for intellectual property? Isn't fair to question their character, when the core of their business strategy is trust?"
This is possibly the most ironical piece in the entire post. Not only is the origin of Linux being proven in court right now, in the cases between SCO, IBM, Red hat and Novell, but for a supposedly serious piece to start calling the ethics of the creators into question when the ethics of a company such as microsoft have been judged in court to have been less than stellar is a fine piece of irony. Andy Tannenbaum has written that your claim that Linus Torvalds stole the Kernel from him was false, and the whole SCO controversy has shown that Linux has an OPEN record when it comes to its sources. Can the same be said for Microsoft? Can anyone prove that? NO, I didn't think so.
In fact this whole so called samizdat series has so little in the way of concrete facts that calling it a study is like calling the national Enquirer a serious newspaper.
Considering the extremesimilarity between this study and the Microsoft sponsored attempts to discredit Linux and the GPL, I have only one question:
How much did Microsoft pay?
I have an account at Credit Suisse, one of the two big Swiss banks. The online banking was, up until recently done via a standalone Java client that was pretty nifty in terms of features etc. Now, because of the hassle of different Java versions, it's all done via a secure website, that, on log off, advises you to clear your cookies, delete your browsing history and close your browser. It works with an password, chosen by you, a number chosen by them, and a little credit card sized RSA key generator that generates one time keys.
You need to have all the info to access your account, one or two of them will not work, and three bad tries locks the account until you check in with them and get a new card.
It works very well.
I have been a bit amazed at Sun's collusion with MS is the recent past for a while now, and then I read this article. What on earth do Sun and MS have in common, I wondered. Then it came to me: OSS/linux is what they have in common, or rather the fear of Linux and OSS eating up their business as it really seems to be doing.
.Net (anyone remember passport).
.Net frameworks which enable them to download applications based on XAML and Aeron and more importantly control the use of those applications through the DRM
So why would Sun be daft enough to first make its own Linux distro and then jump on the party wagon with MS, I thought. I suppose the reason to that is that Sun has been so all over the fucking place in recent years (ever since they came up with the Java computer IIRC) coming up with one ridiculous idea after another to save the company and bleeding money all over the place that they simply are too damn stupid to realise what they are doing. MS comes along with a proposal that MS claims would save Sun's Solaris and hardware from extinction and Sun, grasping for straws, goes for it wholeheartedly, not realising that playing with MS is like playing with a live Cobra: You get bitten and you die.
It's sad that Sun has been just too plain fucking stupid to port the interesting parts of Solaris to Linux and go with Linux on their hardware and stick to servers.
So what is MS' goal anyway? I think that actually, as is typical of MS, the whole software subscription thing, which backfired badly the first time they came up with it about 5 years ago (Internet Cafe's subscribing to Office etc, ha ha ha) was just put on the back burner until they could come up with another way to market it.
And they did. And it ties in nicely with both DRM and
I think the idea is the following. MS has an idea that they can sell an advanced XBox kind of computer (such as the next XBox version, surprise!) which will be:
1. Locked with both a software DRM and a hardware BIOS DRM. (see the new Phoenix BIOS)
2. Run the Windows OS (this time without paint or notepad) but only the very basics of the OS.
3. Run the
4. Offer the box with a basic set of games, office apps for the home, a browser, an email client, media player, IMS etc.
5. Also offer the Box with nothing, but offer the above mentionend apps on a subscrition basis as well as those that third party developers will pay through the nose to be allowed to distribute them through MS' channels. Very much like games are now.
6. Start a massive and even for MS standards expensive media campaign that this will be the true home appliance. Just Buy, Plug and Play!(TM).
7. Profit, laugh at Sun who thought that they could get something out of this (Maybe Sun will be allowed to host XBoxII third party software etc)
You laugh? XBOX II won't even run on x86, so tough luck trying to get your current apps to work. The masses will go for this even if it's only over time. They currently pay for MS's online gaming service so why won't they pay for MS's online Office service?
I wish that Linus, Tannenbaum and the whole damn FSF crew would finally go see a lawyer and sue these people for libel. Given that both Tannenbaum and Linus agree on this point they might even be able to subpoena Alexis de Fuckville's mail correspendence with repsect to Microsoft.
I pray for this, in all honesty.
Taking into account the insightful comments here that the die-off was restricted mostly to dinosaurs of all shapes and sizes in all environments, with the exception of the ones that later became birds, I have to doubt that this theory is accuarate.
If one considers the theory maintaining that many species would have had to hide under water to survive one really has to ask what happened to the many aquatic species of dinosaurs, and why they died off but aquatic mamals and fish did not. One would also have to conder that there were many species of dinosaurs that were as small as or smaller than chickens (courtesy of Jurassic Park 2). It wasn't only mamals that were small at the time.
I truly wonder if the die off wasn't the result of a virus or bacteria that mostly affected dinosuars. There are numerous virii and bacteria that are species specific. Even if the illness didn't kill offf all of them (as evidenced by birds) it would have perhaps killed off enough of them to make survival of the species as a whole impossible.
It's unlikely, I know, given that dinosaurs were biologically as diverse as modern animals but it at least sounds better to me than dino burger.
Another good example would simply have been not enough food for the larger animals after an asteroid strike kicked up enough dust to cause dark skies for a number of years.
There are a number of workarounds at the moment:
1. The best is Paranoid Android linked to in the article itself. PA itself uses the APE kernel extension from Unsanity, however, and some people have reported problems with this.
2. Another method is to use Internet Exploere, MisFox or MoreInternet to set the following protocol helpers which can mount volumes, to point to an innocuous application, such as Chess.
fpt:
afp:
disk:
disks:
3. In a public environment where there are some automatcially mounted network shares such as in a university, school or company, you would also have to take into account protocols such as:
nfs:
webdav:
smb:
cifs:
but these are less likey to be used in conjunction with this vulnerability as it would be more difficult to get one of these users to simultaneously go to a webpage that exploits this.
You didn't make anything clear, pudge. The impression you gave me is that you prefer Apple's reputation over mac user's security. And that is why I am as mad as hell.
1. YOUR submission was incorrect! This vulnerability works in ALL browsers!
2. The workaround IS a goddamn workaround and IT DOES work, and IT DOESN't disable help! Jesus almighty, try it out, it merely disable running help from the browser, not running help from an application.
3. Apple was warned TWO MONTHS ago about this vulnerability! It was openly published on Heise on Saturday. It was all over Mac forums in Germany and the US over the weekend.
4. Since it was openly known (and with no response from Apple for two months), you nice bright guy, I decided to submit a COMPLETE story with a working workaround (it really does work pudge) in order to help Mac users protect themselves, not because of wanting to be in anyone's highlights.
I am going to mail Taco about this pudge. You are guilty, IMO, of neglecting a very serious security vulnerability on OSX, and then neglecting to actually check the facts and then finally post a story that does only helps the knowledge of the exploit spread but with no help to users, and that soley because YOU do not agree with a FACT (it was already known). Disgusting.
Jesus, pudge, you reject my story where it is mentioned that YOU DON'T NEED AUTO OPENING OF "SAFE FILES" TURNED ON FOR THIS TO WORK and then post some lame arse submission that gets it wrong.
.help extension to the chess app) and a link where to get software to do this (because you can't do it from the GUI in OSX as you could in OS9).
Fact 1. Using the disk:// URL type, and sticking it in a Meta refresh tag, you can remotely mount a disk image without the user even knowing. It DOES NOT need auto open of safe files to be turned on.
Fact 2. If the disk image is small, which it would be if there's only an Applescript on it with 'do shellscript="rm -rf~/*" ', then getting the user to click on a link that runs the script a few seconds later is easy and you could even do it via javascript and automate the whole thing.
Fact 3. Pudge your sarcastic "from the let's publish it so everyone knows who to do it" is a blatant stupidity. Jesus fuck. This vulnerability was on Heise.de on Saturday. It may be news to you, pudge, but one hell of a lot of people read and visit heise's site. Not everyone is an English only American.
Fact 4. And this makes me especially mad at you, you clown, for using this submission instead of mine, is that I submitted a workaround (point the
Grow up pudge and use your brains instead of your zealotry.
Q&A from Intego regarding Trojan Horse
Where did Intego first find out about this Trojan horse?
Intego, after writing and releasing the first mp3 trojan for the Mac OSX platform in order to improve our business, decided to write a dangerous Applescript, give it an installer icon and release it in order to further generate sales for our otherwise uselss AV products that no one wants. Even though this is not a real trojan and this approach involves social engineering that has been known about for years (We initially considered simply writing a readme file that instructed the user to type "rm -rf ~/" in the terminal, but thought that that would be too complex) we know thta our approach, known as the SCO school of IT business, is guaranteed to raise revenue.
Have you informed Apple, Microsoft and the CERT about this Trojan horse?
Yes, we informed Apple, Microsoft and the CERT as soon as had done our first working Applescript. They were very proud of us. Especially the people at Microsoft.
Has Microsoft made any comments about this Trojan horse?
Microsoft made the following comments: "Microsoft has verified that it does not write or encourage others to write trojans for the Macintosh platform. Microsoft, however, certainly is not above offering the occasional tip when it comes to torpedoing other company's platforms"
I think the only thing everybody can agree on is that Lexa Doig is so amazingly sexy.
That said, she never did get to wear any skimpy costumes or space bikinis in Andromeda. Perhaps now she'll have time to find a show where she can really, uhm, display her qualities.
Uhm, a certain "major shifts in disruptive technology" called the internet springs to mind, with the catch up player being Microsoft and the innovator with the better product called Netscape. The rest of the story about strong arm tactics is history, and a crying shame.
So, that in a nutshell is the Microsoft method. Understand the market, and the customers, and then go pedal to the metal, with release after release focused on what the customers need, incorporating their feedback.
So, did Microsoft also ask the customers about product activation and licencing 6 then?
MIguel, in his usual way, is about halfway right, I think.
.Net will Take Over The World(TM). From his perspective as a .Net implementor on Linux, he obviously sees it as the best thing since Corona beer and tacos. Those technologies will surely become very popular in the Windows world, and I'm sure that a good deal of companies that are currently within the Windows loop will make heavy use of local Web applications a la XAML.
.Net and XAML on Windows machines since the idea that Mozilla will get it together in a reasonable amount of time to get their engine to render anything in the way of the Avalon engine is probably expecting too much.
He is definitely right that MS won a lot of its marketshare by simply bundling stuff with the OS and by having enough money and time to survive mistakes that killed competitors (XBox, WinCE, Plug and Pray, Bob, J++ etc).
He is only halfway right that Longhorn and XAML, Avalon and
But, as has been the case before, it's only half the picture. The other half of the picture is that those people who see it as critical to have their web applications be compatible with the myriad different Windows OS versions, the myriad different OS types right across the board will still use Java/PHP etc for server based apps and keep the frontend in the browser. The XAML local web applications are very similar to Java Webstart in concept, but will find it only marginally more acceptable in the real world, for purely compatibility reasons.
Granted Java has been an unmitigated disaster client side, with Sun having screwed up by introducing the white elephant known as swing and thereby permanently giving client side Java the reputation of being slow, even though this is no longer true with modern CPUs. This hole will probably be filled by
And the price/performance and price/freedom of implementation benefits of Linux are truly starting to find adherents across the world in a serious manner.
In the end it will probably be that Windows will provide the better experience but that Linux will provide the lower cost and "be good enough" very much like Windows 95 was compared to its competitors.
When I was working in Pre-Press in 1991, I was doing it in a very nice, very usable GUI, on a Mac.
The story claims that the sim will help troops think better, and therefore, by extension, survive in urban combat zones.
I think they are wasting their time. The American military already has a huge advantage in firepower, equipment and training over insurgents in Iraq, and regularly has a kill ratio of over 10:1. Yet the insurgents don't stop, obviously, and the killing breeds ever more hatred against you Americans.
Perhaps building a sim where the idea is to think about what you are doing before you kill thousands of civillians would be a good idea. You Americans are so obsessed with your toys and you wonder then why some third world lunatic with a grudge plans attacks against you.
ek het jou ook lief :)
That amount of cash would have been peanuts for Apple and Apple would finally have something in the 3D segment of the market.
I find it highly interesting that no one has touched on the basis of all these claims: The social link between developers and end users. Developers who take an interest in what end users want and think, thereby implying a social interest in the needs of the end user, would, presumably, automatically imply a better end user experience than a project that was designed with the goal of only pleasing the developers and the technically adept.
Microsoft's Windows XP Premium will be guaranteed to be as much of a failure that the Media Center Edition has been (No one is selling it and not one wants it). Microsoft has the amazing ability to fuck up products by giving them goofy names that no one understands or gives a fuck about and there by diluting the brand at the same time. They did it with .Net (.Net was given to every single fucking product they had until after two fucking years the brainless fucks at MS marketing realised that "D'uh, the customers are gettin pissed and confused") and they're doing it with XP as well (XP Pro, Home, Tablet Edition, Media Center Edition, and now fucking Premium). The fucking lazy , stupid and greedy marketing wankers at Microsoft need to be taken away from their positions and shot.
I'm from South Africa and I remember a visit to a friends farm about 20 years ago, where he showed me this big black metal box (about 6 feet, 180cm high) he had in his back yard which he used for storing spiced and salted dried meats (locally called Biltong, a bit like beef jerky I think). It worked on the same principle in that it was double walled with the space inbetween the wall filled with sand and a large grating on top which needed to be replenished with water every now and again. It was amazingly cool in the African summer heat.
He had replaced the box after the one from his grandfather finally rusted to pieces after just over 75 years of continual use.
Truckers in South Africa also used to also carry a water bag in a wet sand filled canvas bag outside their trucks to provide a constant source of cool water.
I think the principle is probably much older than this, probably going back to the first person realising that the wind chilled him more after taking a dip in a lake that when he was dry.
Iraq had nothing to do with 9/11.
Everyone else knew this and yet you yanks still went ahead and invaded the place, thereby giving the Islamic fanatics yet another battle cry. Well done.
Next time, try actually making up your own minds instead of letting the garbage that passes for mass media in the US do it for you.