Microsoft also claims that Linux has no journaling file system, ignoring the fact that the SGI's XFS is a journaling file system(10). They also ignore the fact that NT 4.0 itself lacks a journaling file system!!(11)
#11 Try this: go to http://www.microsoft.com, select Search, and search the Microsoft web site for NT Journaling File System. You'll get three hits, and the first of these in order of relevance is the "Linux Myths" page! One is a false hit in that it simply links to the "Linux Myths" page, and the third is the Server Operating Systems Newsflash, Volume 5, Issue 40, that quotes from the "Linux Myths" page.
A search for the exact phrase "NT Journaling File System" gives ZERO hits while a match on all words gives 62 hits.
In both cases, footnote #11 is completely incorrect no matter how you search.
It's this sort of thing which makes the analysis no better than MS's Linux myths page.
Did anyone honestly expect JP to be a "stand up guy" about this whole thing?
He's proven time and time again what his motives are and what drives his actions, he even spells them out in his narrative above and people simply follow his carrot right into the trap.
I'm surprised to see that/. allowed him to use this site as more bait for his own financial gain.
I guess this self moderation stuff has it's good and bad points... this is obvious by the score of 3 this post received which is simply a tirade of violent tendencies and over zealous aggression.
Having a minimum threshold of 3 doesn't seem to cut it anymore.
Even though I hate my bank, I do like their online account system. It uses a AccountID/PIN/SecretWord system via 128-bit (required) SSL. The account ID is not my normal account number, the PIN is not my ATM card PIN, and the secret word is actually two words. This is good so no one goes dumpster diving looking for my info.
I'm pretty confident in this system even though I know a system such as this is only as reliable as the weakest link which could very well be my connection/machine/security practices. (I've already said too much already.)
I would be very worried if my personal medical records were only protected by a simple username/password prompt which can be hacked in no time by brute force.
The way to convince them is to setup a mock site and protect it with.htaccess or something, use a real world username/password and then see how long it takes a simple brute force password app to crack it. It won't take long. Then show your boss how readily accessible these tools are to anyone who can type a text tring into a search engine.
If that's not enough, quit your job because you're working for complete idiots. *grin*
The ROM broke my co-pilot
on
Linux on Palm
·
· Score: 3
Well, I was able to get the ROM running on the modified version of co-pilot but when I installed FPSUtil to check out the specs the OS are reporting, my calibration went all haywire... now I can't even get into the right menu to fix it.
Another thing I can't figure out is, if it's Palm compatible... why do they need a modified version of co-pilot? I mean, if it's not gonna work on stock palm hardware (emulated or not), why bother?
Anyway, it looks cool I guess even if it was dog slow, has a HUGE footprint, and broke my co-pilot when I installed an app.
This is kinda scary... as we have always taught people that you cannot get a virus by reading mail, only opening attachments. I hope this doesn't become a growing trend.
We told them this in a world before integration == innovation and our decisions were being made for us regarding what we want our software to do for us.
Consumer: But I don't want my toaster to automatically log into my bank and try to pay my bills for me. Microsoft Toaster 4.0 project manager: Too bad.
It's Dave's time; why should he spend it supporting an OS he doesn't like? I'm sure even his wife would not want him to spend his free time on something so upleasant as fixing windows (taking out the garbage may be another issue.)
Uhhh.. because it's his wife and he loves her and wants her to have the best experience she can have according to her needs, not his agenda?
Like I said, she gained no real value from the "choice" he forced upon her... she actually lost value over time and is now in a worse position than she would have been if Windows was chosen in the first place. This doesn't HELP the linux cause... if anything, it creates resentment in the same way those who "choose" Windows on their OEM'd PC feel when they have to reboot 5 times a day.
This is the same reason people call this community elitist... many are so blinded by their own agenda and can't even see the trees, must less the forest or beyond.
1.I will give her a Windows computer, but will offer nothing in the way of technical support or training assistance. 2.I will give her a Linux box, and will give her complete technical support and training assistance.
For a user such as her, what is different between training for using KDE or Windows 98? Not much for her purposes of email, web browsing, and ICQ. That's the whole POINT of KDE in the first place.
Also, how hard is it to support Windows anyway... the first 3 troubleshooting steps are reboot, reboot, and reboot. *grin*
Seriously though, I understand your argument and you have some valid concerns, but I'm afraid the way you presented them makes it seem like YOU stifled her choice of OS by refusing to support both platforms at her expense. Who in their right mind WOULD choose the system that offered zero support and training when they are brand new to the technology?
How much can we blame Microsoft for forcing consumers and OEM's hands regarding OS choice when we do the same thing for no reason other than to spite them?
Give the people what will best suit their needs... hell, I would have given her an iMac and been done with it. (And no, I don't own a Mac.)
OK - they may have a patent, but since the site has been shut down due to "copyright infringement", such a patent would have nothing to do with this
Actually, Derek wrote the following on the Livid-dev mailing list:
Still haven't got full details, but it "potentially violates the Copyright, Designs & Patents Act 1988; Sectiond 296(1) and (2)".
They seem to be using a statute that covers both copyrights and patents so they could be claiming either, or both. This is why I used the terms in the way that I did.
Disclaimer: I am not a lawyer, programmer, or even a smart guy.
Now, it's my understanding that to read DVD's, you must utilize their encryption/decryption key system. Now, not knowing which system they use... I have to imagine it's not a free standard. Most likely, the DVD Forum (previously the DVD consortium) has a patent or copyright on the way that DVD's utilize this system.
It could be that the only way a Linux DVD player could exist would be to write code that works with this patented system. You can either license it, or steal it. This may lead the Forum to believe that there is only one way to write code to work with their system, so it MUST be a copyright violation.
God forbid another programmer can do the same thing you paid millions for without using your code. *shrug*
Anyway, I'm sure they have enough to completely ruin the lives of anyone that doesn't follow their rules or license their technology.
I've been a long time DVD supporter and my continued support will be directly effected by how the DVD Forum handles this situation.
This is pretty funny: The document will be available for download from this page in two formats: WordPerfect 6 and Adobe Acrobat Portable Document Format (PDF)
My next question is... what does the DOJ have against HTML?!
Yes, it was an attempt at humor. No offense was intended to those gastrointestinally impaired or otherwise sensitive to such a subject.
Obviously someone else with moderator points didn't get it either... that's why it's "over-rated" now... or maybe THEY didn't read my post and simply moderated down due to other's not getting it. We are all sheep at one time or another I guess.
I read this earlier this morning and was amazed at some of the conclusions drawn regarding how to fix this problem.
First off, he suggests making it so PC's cannot play DVD discs... he obviously does not realized that the DVD install base for PCs is 5-10 times greater than set-top boxes which is currently 3.7 million according to CEMA. That puts 18.5 to 37 million PC-DVD ROMS that this guy wants to LOCK OUT from viewing movies just to avoid the use of rippers like DeCSS.
Next he suggests that all the 3.7 million set-top players receive a firmware upgrade... I assume this would hold new encryption keys. What does that do to the existing 3,000+ DVD with the old keys, what would this upgrade cost, and can you opt-out? These are all very important questions which lead to answers as to why this is a bad idea as well.
The problem here is poor planning and implementation of a security system of a product that can NEVER be secure.
I've heard it said many times and I'll repeat it for those in the cheap seats... "If you can see/hear it, you can rip it."
The industry needs to focus on the REASON why people would want to get the encryption keys. In this case, lack of Linux support for DVD. Other reasons people would want this is to pirate discs which cost too much. Much of the basis behind theft is the feeling of entitlement... if an industry sticks it to the consumer for too long, there is a backlash where people feel that they have paid too much for too long and are entitled to things for free. I'm not saying it's right or wrong, just a fact of life and human nature.
The entertainment industry has a choke hold on the wallets of America and anything that give the user some power to breath for one second is immediately attacked with a knee-jerk reaction to snuff it out (i.e. MP3) via regulation and restrictions on private citizens right to own and utilize products in any way they choose.
Instead of treating us like cattle who carry money around for you to milk from us... why not try to build LOYAL consumers who will pay a fair price for a quality product... then your piracy fears will disappear because 90% of people will pay for your product.
It's not the cell phone's microwaves that cause the problems, it's that most mice are lactose intolerant and they are swimming aimlessly around due to the gas the milk is giving them.
If you've ever attached a balloon to a small boat, put it in water, then let it go you'll understand what I'm saying and why the mice swim in circles.
To the best of my knowledge, a post gets a score of -2 if...
I think this is correct with the current system but at the time of the Andover IPO story, a post could be moderated down to -100 if enough points where thrown at it.
Like I said, my old account had this happen and the only way I saw it was because my recent messages in my profile showed a post at -2. Considering the lowest the dropdown threshold menu went was -1... that post was completely invisible to anyone and everyone.
You bring up a very good point and this type of situation has come up in the past with some posts during the whole Andover IPO period where it was posted exactly what taco and hemos made (in the millions) when selling the site. This information came from required SEC filings of Andover.
Instead of the posts being deleted or moderated down into oblivion (-2... and yes, I've seen it happen.) the entire story was removed from the slashdot pages and was only accessible via search. This was also before the meta-moderation feature.
I guess there is always a double standard when you have two sides I guess. *shrug*.
And about those Government mainframes... try "password".
I can't see how they can make a better pinging/latency modem using existing hardware... are they saying their existing Sporster series is flawed which causes "normal" ping times and latency?
I say we all post a BUNCH of news to a bunch of newsgroups with "for dummies" in the title and see what they do to Deja.com... they do the exact same thing as this mailing list archive.
----- Note: Mass hacks involve defacing several domains, even though they are hosted by the same machine. This tends to obscure the actual counts of hacked systems. Take these numbers in stride..
08/1999
Win-NT - 106 - 35.93% Solaris - 77 - 26.10% Linux - 68 - 23.05%
09/1999
Win-NT - 82 - 32.54% Linux - 72 - 28.57% Solaris - 62 - 24.60%
-----
Interesting stuff for those looking for a secure webserver OS I guess. *shrug*
This setting has nothing to do with JavaScript. I remember vaguely some talk several months (years?) back about a vulnerability in Netscape's JavaScript that allowed a malicious coder to retrieve cookies as you suggest, but I believe that was fixed a long time ago
The vulnerability was in version 4.5 I believe and Netscape's "quick" fix was to set the cookie setting to "Accept only cookies which get sent back to the originating server"... now this was quite possibly just smoke up our collective butts but who knows. The reason I felt the original statement was inaccurate was because it said "no server can read another server's data" which is untrue if the right pieces are in place. (i.e. malicious javascript + older Netscape version or malicious ActiveX + poorly configured MSIE)
P.S. What web site's scripts actually put your username and password in the URL string? That sounds incredibly stupid to me, for precisely the reasons you indicate. Any high school web-head knows better than this. Sounds like you need to write a letter.
I've run across "back woods" free email sites that embed usernames/passwords in the URL, myownemail.com is one I remember but it has since been fixed. ValueClick, one of the bigger banner ad brokers used to do this with their account section as well. This was REALLY bad since if someone got your username/password, they could re-route your checks! And I agree, people should know better than to do that. Their initial response was "there are no external links in the account section" but with the way MSIE throws out invalid referrers by grabbing random history URLs, it was very possible that a ValueClick username/password would end up in someone's access.log. After demonstrating this to them, they finally changed the system to use time expiring tokens in the URLs.
Just as importantly, no server can read another server's data, each site reads only its own cookies
This isn't true if you leave Netscape's cookie settings at the default of "Accept All Cookies". You need to change it to "Accept only cookies which get sent back to the originating server" to prevent sites from "stealing" cookies of other sites with malicious javascript. I'm not sure how it works on IE but I'm sure it's just as easy with ActiveX giving out access to your entire hard drive to whomever wants it.
Now, as for tracking, cookies, and ads... I've been fed up with this for a while now. I use AtGuard (Win32) to block ads, cookies, referrers, and access to most ports and transport protocols on my box. This does a few things, first is "secures" my swiss chees... err I mean Windows box a little by allowing me to control all incoming and outgoing packet traffic (ICMP, IGMP, UDP, TCP, etc.) second, it lets me block cookies on a site by site basis. When a site wants to drop a cookie, the software asks me if I want to accept it or block cookies from that site. You'd be AMAZED how many sites use cookies that you'd never expect. Third, I use it to block referrers so if I'm at a page that I don't want public, it won't be due to someone parsing their access.log's looking for stuff. This also helps prevent any poorly written script that uses names/passwords in the URL from giving away my info. And lastly, I use it to block ads on many sites... mainly those commercial sites (like ZDNet) which are simply overrun with ads. I usually allow ads on sites that really need the support for revenue.
And yes, I run ads and cookies on my site out of necessity, not marketing or demographic reasons.
Ok from what I can tell from the excerpts, that has got to be the sorriest piece of "literature" I've run across in a long time. Could it have fallen victim to any more stereotypical preconceptions about "nerds" while at the same time, re-affirming those who buy into them? What a farce.
Yeah, let's teach our daughters that there is something inherently wrong with a person who is more interested in something they truly enjoy rather than their social class or outer appearance.
Let's all teach 'em to go after the QB of the football team so they can end up on the business end of a 2x8 while their drunken former football hero husband beats them like a piñata because the double-wide isn't clean when he came home from his long day at the rock quarry.
Windows CE's problem is the fact that it's not optimized for the average user to utilize efficiently on a day to day basis.
Take the example of the PalmOS... it's fast, efficient, and easy to use... then take Windows CE, it's slow but powerful in some respects but it wants to be a mini-desktop.
I honestly think that as long as Windows CE contains "windows", it will never do much against PalmOS, EPOC, or any of the other truly embedded OS.
Don't get me wrong, there are some good things about CE... but not enough to have me use it everyday, or even once a week. I only use my CE device for very specialized tasks such as remote.doc file editing or dialing in to get email when I MUST get email. (I have a Casio A-20 w/ PCMCIA modem etc.)
When it comes to true PDA functions like schedule, phone lists, etc., my Palm Pro wins every time... soon to be replaced by my Palm IIIx wish I should get from UPS today!
Slashdot Mirror
Microsoft also claims that Linux has no journaling file system, ignoring the fact that the SGI's XFS is a journaling file system(10). They also ignore the fact that NT 4.0 itself lacks a journaling file system!!(11)
#11 Try this: go to http://www.microsoft.com, select Search, and search the Microsoft web site for NT Journaling File System. You'll get three hits, and the first of these in order of relevance is the "Linux Myths" page! One is a false hit in that it simply links to the "Linux Myths" page, and the third is the Server Operating Systems Newsflash, Volume 5, Issue 40, that quotes from the "Linux Myths" page.
A search for the exact phrase "NT Journaling File System" gives ZERO hits while a match on all words gives 62 hits.
In both cases, footnote #11 is completely incorrect no matter how you search.
It's this sort of thing which makes the analysis no better than MS's Linux myths page.
FUD by any other person is still FUD.
Did anyone honestly expect JP to be a "stand up guy" about this whole thing?
/. allowed him to use this site as more bait for his own financial gain.
He's proven time and time again what his motives are and what drives his actions, he even spells them out in his narrative above and people simply follow his carrot right into the trap.
I'm surprised to see that
I guess this self moderation stuff has it's good and bad points ... this is obvious by the score of 3 this post received which is simply a tirade of violent tendencies and over zealous aggression.
Having a minimum threshold of 3 doesn't seem to cut it anymore.
Even though I hate my bank, I do like their online account system. It uses a AccountID/PIN/SecretWord system via 128-bit (required) SSL. The account ID is not my normal account number, the PIN is not my ATM card PIN, and the secret word is actually two words. This is good so no one goes dumpster diving looking for my info.
.htaccess or something, use a real world username/password and then see how long it takes a simple brute force password app to crack it. It won't take long. Then show your boss how readily accessible these tools are to anyone who can type a text tring into a search engine.
I'm pretty confident in this system even though I know a system such as this is only as reliable as the weakest link which could very well be my connection/machine/security practices. (I've already said too much already.)
I would be very worried if my personal medical records were only protected by a simple username/password prompt which can be hacked in no time by brute force.
The way to convince them is to setup a mock site and protect it with
If that's not enough, quit your job because you're working for complete idiots. *grin*
Well, I was able to get the ROM running on the modified version of co-pilot but when I installed FPSUtil to check out the specs the OS are reporting, my calibration went all haywire ... now I can't even get into the right menu to fix it.
... why do they need a modified version of co-pilot? I mean, if it's not gonna work on stock palm hardware (emulated or not), why bother?
Another thing I can't figure out is, if it's Palm compatible
Anyway, it looks cool I guess even if it was dog slow, has a HUGE footprint, and broke my co-pilot when I installed an app.
This is kinda scary... as we have always taught people that you cannot get a virus by reading mail, only opening attachments. I hope this doesn't become a growing trend.
We told them this in a world before integration == innovation and our decisions were being made for us regarding what we want our software to do for us.
Consumer: But I don't want my toaster to automatically log into my bank and try to pay my bills for me.
Microsoft Toaster 4.0 project manager: Too bad.
It's Dave's time; why should he spend it supporting an OS he doesn't like? I'm sure even his wife would not want him to spend his free time on something so upleasant as fixing windows (taking out the garbage may be another issue.)
.. because it's his wife and he loves her and wants her to have the best experience she can have according to her needs, not his agenda?
... she actually lost value over time and is now in a worse position than she would have been if Windows was chosen in the first place. This doesn't HELP the linux cause ... if anything, it creates resentment in the same way those who "choose" Windows on their OEM'd PC feel when they have to reboot 5 times a day.
... many are so blinded by their own agenda and can't even see the trees, must less the forest or beyond.
Uhhh
Like I said, she gained no real value from the "choice" he forced upon her
This is the same reason people call this community elitist
1.I will give her a Windows computer, but will offer nothing in the way of technical support or training assistance.
... the first 3 troubleshooting steps are reboot, reboot, and reboot. *grin*
... hell, I would have given her an iMac and been done with it. (And no, I don't own a Mac.)
2.I will give her a Linux box, and will give her complete technical support and training assistance.
For a user such as her, what is different between training for using KDE or Windows 98? Not much for her purposes of email, web browsing, and ICQ. That's the whole POINT of KDE in the first place.
Also, how hard is it to support Windows anyway
Seriously though, I understand your argument and you have some valid concerns, but I'm afraid the way you presented them makes it seem like YOU stifled her choice of OS by refusing to support both platforms at her expense. Who in their right mind WOULD choose the system that offered zero support and training when they are brand new to the technology?
How much can we blame Microsoft for forcing consumers and OEM's hands regarding OS choice when we do the same thing for no reason other than to spite them?
Give the people what will best suit their needs
OK - they may have a patent, but since the site has been shut down due to "copyright infringement", such a patent would have nothing
to do with this
Actually, Derek wrote the following on the Livid-dev mailing list:
Still haven't got full details, but it "potentially violates the Copyright, Designs & Patents Act 1988; Sectiond 296(1) and (2)".
They seem to be using a statute that covers both copyrights and patents so they could be claiming either, or both. This is why I used the terms in the way that I did.
Disclaimer: I am not a lawyer, programmer, or even a smart guy.
... I have to imagine it's not a free standard. Most likely, the DVD Forum (previously the DVD consortium) has a patent or copyright on the way that DVD's utilize this system.
Now, it's my understanding that to read DVD's, you must utilize their encryption/decryption key system. Now, not knowing which system they use
It could be that the only way a Linux DVD player could exist would be to write code that works with this patented system. You can either license it, or steal it. This may lead the Forum to believe that there is only one way to write code to work with their system, so it MUST be a copyright violation.
God forbid another programmer can do the same thing you paid millions for without using your code. *shrug*
Anyway, I'm sure they have enough to completely ruin the lives of anyone that doesn't follow their rules or license their technology.
I've been a long time DVD supporter and my continued support will be directly effected by how the DVD Forum handles this situation.
This is pretty funny: The document will be available for download from this page in two formats: WordPerfect 6 and Adobe Acrobat Portable Document Format (PDF)
... what does the DOJ have against HTML?!
My next question is
Yes, it was an attempt at humor. No offense was intended to those gastrointestinally impaired or otherwise sensitive to such a subject.
... that's why it's "over-rated" now ... or maybe THEY didn't read my post and simply moderated down due to other's not getting it. We are all sheep at one time or another I guess.
Obviously someone else with moderator points didn't get it either
I read this earlier this morning and was amazed at some of the conclusions drawn regarding how to fix this problem.
... he obviously does not realized that the DVD install base for PCs is 5-10 times greater than set-top boxes which is currently 3.7 million according to CEMA. That puts 18.5 to 37 million PC-DVD ROMS that this guy wants to LOCK OUT from viewing movies just to avoid the use of rippers like DeCSS.
... I assume this would hold new encryption keys. What does that do to the existing 3,000+ DVD with the old keys, what would this upgrade cost, and can you opt-out? These are all very important questions which lead to answers as to why this is a bad idea as well.
... "If you can see/hear it, you can rip it."
... if an industry sticks it to the consumer for too long, there is a backlash where people feel that they have paid too much for too long and are entitled to things for free. I'm not saying it's right or wrong, just a fact of life and human nature.
... why not try to build LOYAL consumers who will pay a fair price for a quality product ... then your piracy fears will disappear because 90% of people will pay for your product.
First off, he suggests making it so PC's cannot play DVD discs
Next he suggests that all the 3.7 million set-top players receive a firmware upgrade
The problem here is poor planning and implementation of a security system of a product that can NEVER be secure.
I've heard it said many times and I'll repeat it for those in the cheap seats
The industry needs to focus on the REASON why people would want to get the encryption keys. In this case, lack of Linux support for DVD. Other reasons people would want this is to pirate discs which cost too much. Much of the basis behind theft is the feeling of entitlement
The entertainment industry has a choke hold on the wallets of America and anything that give the user some power to breath for one second is immediately attacked with a knee-jerk reaction to snuff it out (i.e. MP3) via regulation and restrictions on private citizens right to own and utilize products in any way they choose.
Instead of treating us like cattle who carry money around for you to milk from us
It's not the cell phone's microwaves that cause the problems, it's that most mice are lactose intolerant and they are swimming aimlessly around due to the gas the milk is giving them.
If you've ever attached a balloon to a small boat, put it in water, then let it go you'll understand what I'm saying and why the mice swim in circles.
To the best of my knowledge, a post gets a score of -2 if ...
... that post was completely invisible to anyone and everyone.
I think this is correct with the current system but at the time of the Andover IPO story, a post could be moderated down to -100 if enough points where thrown at it.
Like I said, my old account had this happen and the only way I saw it was because my recent messages in my profile showed a post at -2. Considering the lowest the dropdown threshold menu went was -1
You bring up a very good point and this type of situation has come up in the past with some posts during the whole Andover IPO period where it was posted exactly what taco and hemos made (in the millions) when selling the site. This information came from required SEC filings of Andover.
... and yes, I've seen it happen.) the entire story was removed from the slashdot pages and was only accessible via search. This was also before the meta-moderation feature.
... try "password".
Instead of the posts being deleted or moderated down into oblivion (-2
I guess there is always a double standard when you have two sides I guess. *shrug*.
And about those Government mainframes
It's a PCI WinModem with games bundled.
... are they saying their existing Sporster series is flawed which causes "normal" ping times and latency?
... this all looks like marketing crap to me.
I can't see how they can make a better pinging/latency modem using existing hardware
Bah
I say we all post a BUNCH of news to a bunch of newsgroups with "for dummies" in the title and see what they do to Deja.com ... they do the exact same thing as this mailing list archive.
This is from attrition.org's defacement mirror. I only listed the top 3 exploited OS's to save space:
-----
Note: Mass hacks involve defacing several domains, even though they are hosted by the same machine. This tends to obscure the actual counts of hacked systems. Take these numbers in stride..
08/1999
Win-NT - 106 - 35.93%
Solaris - 77 - 26.10%
Linux - 68 - 23.05%
09/1999
Win-NT - 82 - 32.54%
Linux - 72 - 28.57%
Solaris - 62 - 24.60%
-----
Interesting stuff for those looking for a secure webserver OS I guess. *shrug*
This setting has nothing to do with JavaScript. I remember vaguely some talk several months (years?) back about a vulnerability in Netscape's JavaScript that allowed a malicious coder to retrieve cookies as you suggest, but I believe that was fixed a long time ago
... now this was quite possibly just smoke up our collective butts but who knows. The reason I felt the original statement was inaccurate was because it said "no server can read another server's data" which is untrue if the right pieces are in place. (i.e. malicious javascript + older Netscape version or malicious ActiveX + poorly configured MSIE)
The vulnerability was in version 4.5 I believe and Netscape's "quick" fix was to set the cookie setting to "Accept only cookies which get sent back to the originating server"
P.S. What web site's scripts actually put your username and password in the URL string? That sounds incredibly stupid to me, for precisely the reasons you indicate. Any high school web-head knows better than this. Sounds like you need to write a letter.
I've run across "back woods" free email sites that embed usernames/passwords in the URL, myownemail.com is one I remember but it has since been fixed. ValueClick, one of the bigger banner ad brokers used to do this with their account section as well. This was REALLY bad since if someone got your username/password, they could re-route your checks! And I agree, people should know better than to do that. Their initial response was "there are no external links in the account section" but with the way MSIE throws out invalid referrers by grabbing random history URLs, it was very possible that a ValueClick username/password would end up in someone's access.log. After demonstrating this to them, they finally changed the system to use time expiring tokens in the URLs.
Just as importantly, no server can read another server's data, each site reads only its own cookies
... I've been fed up with this for a while now. I use AtGuard (Win32) to block ads, cookies, referrers, and access to most ports and transport protocols on my box. This does a few things, first is "secures" my swiss chees ... err I mean Windows box a little by allowing me to control all incoming and outgoing packet traffic (ICMP, IGMP, UDP, TCP, etc.) second, it lets me block cookies on a site by site basis. When a site wants to drop a cookie, the software asks me if I want to accept it or block cookies from that site. You'd be AMAZED how many sites use cookies that you'd never expect. Third, I use it to block referrers so if I'm at a page that I don't want public, it won't be due to someone parsing their access.log's looking for stuff. This also helps prevent any poorly written script that uses names/passwords in the URL from giving away my info. And lastly, I use it to block ads on many sites ... mainly those commercial sites (like ZDNet) which are simply overrun with ads. I usually allow ads on sites that really need the support for revenue.
This isn't true if you leave Netscape's cookie settings at the default of "Accept All Cookies". You need to change it to "Accept only cookies which get sent back to the originating server" to prevent sites from "stealing" cookies of other sites with malicious javascript. I'm not sure how it works on IE but I'm sure it's just as easy with ActiveX giving out access to your entire hard drive to whomever wants it.
Now, as for tracking, cookies, and ads
And yes, I run ads and cookies on my site out of necessity, not marketing or demographic reasons.
Ok from what I can tell from the excerpts, that has got to be the sorriest piece of "literature" I've run across in a long time. Could it have fallen victim to any more stereotypical preconceptions about "nerds" while at the same time, re-affirming those who buy into them? What a farce.
Yeah, let's teach our daughters that there is something inherently wrong with a person who is more interested in something they truly enjoy rather than their social class or outer appearance.
Let's all teach 'em to go after the QB of the football team so they can end up on the business end of a 2x8 while their drunken former football hero husband beats them like a piñata because the double-wide isn't clean when he came home from his long day at the rock quarry.
It's not just PalmPilots either - custom solutions are/will be supported, including IBM's WorkPad.
Just for reference, the IBM workpad's are just rebranded Palms (III's, V's) 'cept the Workpad z50 which is a CE mini-laptop.
The "target" list is updated hourly with tens of thousands of co-conspirators ready and willing to do their part for the good of the overall attack.
Many many servers have been brought to their knees by this rouge band of pseudo news followers who claim the "source" is when them.
When will the terror stop?
heh
Windows CE's problem is the fact that it's not optimized for the average user to utilize efficiently on a day to day basis.
... it's fast, efficient, and easy to use ... then take Windows CE, it's slow but powerful in some respects but it wants to be a mini-desktop.
... but not enough to have me use it everyday, or even once a week. I only use my CE device for very specialized tasks such as remote .doc file editing or dialing in to get email when I MUST get email. (I have a Casio A-20 w/ PCMCIA modem etc.)
... soon to be replaced by my Palm IIIx wish I should get from UPS today!
Take the example of the PalmOS
I honestly think that as long as Windows CE contains "windows", it will never do much against PalmOS, EPOC, or any of the other truly embedded OS.
Don't get me wrong, there are some good things about CE
When it comes to true PDA functions like schedule, phone lists, etc., my Palm Pro wins every time