Slashdot Mirror


User: drsmithy

drsmithy's activity in the archive.

Stories
0
Comments
12,153
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 12,153

  1. Re:testing the waters? on Microsoft Agrees to Changes in Vista Security · · Score: 1

    It's not a myth. If I go down to Wal-mart and buy a PC, it will have Windows on it. That's the result of decades of coercive OEM contracts.

    So you're saying it's not a result of market forces then ? Because that implies there's a fortune out there waiting for someone prepared to sell non-Windows computers.

    No, people use Microsoft Windows because it's what comes on their computers. They don't "like" it. Most users are confused and frustrated with Windows and PCs. Maybe you should try tech support sometime. You'll get a very clear idea of how poorly designed Windows is, how inconsistent its interface is, and how buggy the system is as a whole.

    And if you're *really* in tech support, you'll realise that the same people have the same problems with all platforms.

    My favorite part is the classic sequence of telling them to right-click on something to get a context-sensitive menu, which invariably makes them question "left click or right click" from that point onward whenever you tell them to click anything. And people wonder why Mac OS X is designed to only require one button for its interface?

    For the same reason Windows is designed not to *require* a context menu for anything.

    No, Windows is difficult to use. It has bizarre paradigms. For instance, the Start menu looks like it has your programs on it, but those aren't actually your programs--they're merely "shortcuts" to your programs.

    You mean just like they are in the equivalent UI element in every other mainstream GUI ?

    You install and uninstall programs by running other programs, instead of simply dragging the programs to the Trash--er, sorry, Recycle Bin.

    This is only "bizarre" if you're already indoctrinated to doing it the Mac way.

    Windows also requires apps bury their settings in a convoluted registry [...]

    Which is somehow different to convoluted XML files ?

    that is often exploited by malware, and the operating system as a whole generally requires a ton more clicks to accomplish something than, say, OS X.

    If you pick the slowest way to do something on Windows and the fastest way on OS X, sure. It works both ways, as well, depending on which side of the argument you're trying to prove.

    People do not choose Windows. The vast majority of Windows sales comes solely from OEM sales, which means people are simply using whatever is booting up when they first power on the machine.

    In other words, they choose to buy a PC running Windows.

    Your comments illustrate something of a lack of knowledge about most users, and if you've done any kind of large-scale tech support or IT management, you know exactly how people feel about PCs and Windows.

    Yep, it's exactly the same way most of them feel about computers in general.

    But I think you were just playing devil's advocate in your post--no sane person would argue that Microsoft doesn't have a monopoly. That's just silly. The question is whether that monopoly is abusive, and they were found to be such in the antitrust trial.

    There are (and always have been) multiple functionally equivalent alternatives to Windows easily available to anyone who bothers to look. Therefore, Microsoft don't have a monopoly.

  2. Re:Are the alerts perhaps the problem? on Microsoft Agrees to Changes in Vista Security · · Score: 1

    You must restart your computer. Would you like to do it now, or would you like me to display this same dialog 30 seconds from now, while you're doing something else like typing a slashdot comm

    Except that this popular little Slashdot meme is nothing more than FUD, because when that little dialog pops up, a) neither of the buttons have focus and b) you must hold down Alt for the hotkey selection to work.

  3. Re:testing the waters? on Microsoft Agrees to Changes in Vista Security · · Score: 1

    It's only an author's surmise, but as I understand and interpret Microsoft's position, there is no line they will be able to cross ever while they are still a monopoly. Microsoft enjoys (immensely) their monopoly position in PC OSes, and as long as they do (immensely), they will continue to be proscribed from using their monopoly to leverage, influence, and otherwise compete unfairly with any other of their products.

    The mind boggles at how anyone could reasonably call "PatchGuard" an anti-trust violation.

    The Windows OneCare advertising, maybe (although I'd be willing to bet that was reconfigurable by OEMs as well), but there's no way a (good) security feature could be rationally defined as "monopoly abuse".

  4. Re:How Kind of You on Longhorn Server's "Improved" Security · · Score: 1

    The difference is in Linux and it's application.

    No, the difference is the average (and even below average) Linux user isn't going to randomly execute attachments they receive as email.

    When a Windows user receives a zip file containing a file named hello.txt.exe", the default explorer settings makes it appear as "hello.txt", because of the "mask extension of known file type 'feature'".

    This is a UI semantic, nothing more.

    Then instead of launching a command like "notepad.exe hello.txt" or opening a text editor and opening the file from withing, when you double-click on a file in Windows, it gets EXECUTED.

    Of course it gets executed - it's an executable file. Why wouldn't it ?

    This is such an ill-design that it's not surprising that so many people are tricked.

    Most of them would open the attachment even if it had .exe on the end.

    Not that you can directly open executable attachments on any remotely recent version of Outlook or Outlook Express in the first place, making your whole argument moot.

    (The real irony here is that GUIs like KDE and GNOME are, if anything, *more* vulnerable to this style of attack because they don't make any attempt to verify whether a file's extension matches its type. So a file called blah.txt, if it's really an executable binary, will be run as an executable binary regardless - rename a .exe to .txt in Windows and Explorer will just open the file in notepad.)

    Ok, but in that case, the use would only be able to destroy its own files, which he's allowed to do anyways...

    The user's files are typically the most important on the machine.

    Without Admin access, there is no spyware installation, no dirty tools added at the startup and the like. This makes a huge difference.

    Of course there is. The malware gets hidden away somewhere in ~ and the user's dotfiles and GUI are modified to relaunch it whenever they login (KDE, GNOME, etc - most have some sort of "launch on login" functionality).

    In the linux a stupid user would destroy its own data, in the Windows case, he has destroyed the whole OS and potentially infects other machines around...

    "Destroying the OS" barely qualifies as a minor irritation compared to losing all your data files - and root access is in no way a requirement to "infect other machines around".

    Right, that was a security issue that was patched.

    So are most of those holes you are talking about (launching executables from emails, etc)

    To my knowledge noone had the time to exploit it, no user was victim of this.

    This does not change the fact that the vulnerability existed (and exists, on any machine that is unpatched).

    Again there is a big difference here. On Windows such flaws remain for years and MS only correct them when there are hundreds of thousands of machines infected.

    With Windows, a flaw only needs to exist for a few hours and hundreds of thousands of machines are infected. That's why the marketshare aspect is so significant.

    Which is perfectly sensible from the security point of view.

    But not from a functionality point of view, if such macros are what you need. Ergo, the comparison is meaningless. It's like sayig Linux is a bloated piece of crap because DOS 1.0 can run on machines with 64k of RAM.

    This is also an OS issue. Per default, on Windows, users are running with admin privileges. One small problem in an application and the whole system is compromised.

    No, a vulnerability in an application is solely an application issue.

    Or would you argue that a vulnerability in a daemon running as root is a Linux problem ?

    Which is wrong. In the 80s and beginning of the 90s, there were numerous viruses for Amiga, Atari and Macintosh (the old generation before Mac OS X) Amiga and Atari were much more marginal than Linux.

    I f

  5. I forgot to mention in my other post on Server Cooling Solution for Small Business? · · Score: 1

    Air *flow* is much more important than air *temperature*. A machine in a room with an ambient temp of 30 - 35 degrees, but with good airflow through the case (and most importantly over the drives) is better than a machine in a room with an ambient for 20 - 25 degrees, but no airflow.

  6. Re:How Kind of You on Longhorn Server's "Improved" Security · · Score: 1

    Do you really think a linux user could easily be tricked into saving a suspicious e-mail attachment on the disk, adding the x flag, logging as root and attempting to run it ?

    No, but this is because of the Linux *user*, not Linux. (Although many would argue it is indirectly because of Linux requiring more savvy users).

    Added to that, the "logging in as root" part is largely unnecessary.

    Have you heard such a thing as latex documents, man pages, pdf documents, etc... being infected with rogue macros ?

    I seem to recall some problems with PDF documents...

    The others, of course, aren't a valid comparison since they can't *have* those kinds of macros in them. Not to mention it's an application, not OS, issue.

    Why do Unix anti-virus scanners only search for Windows viruses in files that are typically hosted on Samba shares ? Why don't they recognize Linux viruses ??

    Because no-one bothers writing viruses for other platforms.

    Have you heard of a Web browser on Unix being hijacked by something like Active-X...

    I've heard of remote code execution bugs in versions of Netscape Navigator, yes.

    Why wouldn't Bill Gates simply create huge virus outbreaks for Linux instead of attempting to fool the world with ridiculous FUD arguments ?

    Because, unlike you, Bill Gates isn't an angry teenager who thinks causing damage is the solution to every problem.

    From a technical perspective, because you need more than just malicious code to have a successful virus outbreak. Indeed, the code is the _simplest_ part.

    How many Unix users run word processors, spreadsheets, e-mail clients, web browsers using the root account ?

    How is this relevant ? You're talking about *users* again.

    Even a total beginner wouldn't such a thing on Unix because the normal installation procedure asks the user to create a normal user account. Running as root would in fact be more complicated for the end user than running with his user account.

    Bollocks. Running as root is not particularly hard (hey, some distros even do it by default). Running something as root is trivially easy on pretty much every distro ever made.

    (And, again, running as root isn't even close to a requirement to be the victim of malicious code.)

    Is there any Unix machine in the world that is transformed in a zombie that sends spam ?

    Yes. Please don't tell me you're seriously going to try and say unix machines have never been compromised. Back when unix was young, its poor security was infamous.

    Have you heard of any Unix rootkit that would be automatically installed simply by inserting a CD or a removable device ?

    Nope. Doesn't mean it's impossible to do, however. OS X would be the most likely candidate for such an attack.

    (Congratulations, that's the closest thing you've made to a valid point so far.)

    How many Linux or Unix systems have their executable, drivers or system files writeable by users ?

    OS X (well, everything in /Applications and a few other system areas are writable by "admin" users).

    (Not that Windows _does_ have its "executables, drivers or system files" writable by users, mind you, so I'm not sure why you think that's a valid argument to start with.)

    There simply appear to be no credible virus threat on Linux at all, no propagation mechanism, no way that an eventual malicious program run inadvertently by a user could do any significant damage besides on his own files...

    The propogation mechanism is exactly the same as it is on Windows - users doing something silly.

    And please don't tell that it's a question of market share...

    Of course it is. Who's going to bother writing viruses that only a handful of users would be dumb enough to run ? At least OS X has the demographic to be a reasonable target for viruses and malware, but it lacks the marketshare for attacks t

  7. Re:Here, I'll demonstrate. on Targeted Trojan Attacks Causing Concern · · Score: 1

    The same "logic" can apply to an email telling the "ignorant end user" to buy a hammer and smash the hard drive.

    No, it can't, because the vast, vast majority of users understand that doing that would be A Bad Thing.

    The sheer volume of software that relies on the "download and run it" capability just to exist, handily demonstrates the same does not apply there.

    That is the problem. The problem you have not addressed. The problem you have not addressed is how to get the "ignorant end user" to do that.

    That's because millions of people have proven it for me, and continue to do so, every day.

    Getting people to run arbitrary stuff on a computer - assuming that "running arbitrary stuff" is in itself a relatively easy activity in the environment - is trivial. Just wrap it up with some porn or in a silly little game.

    Not when you're talking about spreading a trojan. The more steps needed, the more likely that the "ignorant end user" will do something wrong or remember something about not running untrusted crap on his/her computer.

    Except, of course, when those steps are perfectly normal because they're the steps followed to use legitimate software.

    A user s more likely to give up in frustration because running something is a long, annoying process, than they are to give up trying to run it because that "hey, this might be a bad idea" lightbulb has come on.

    "Trivial" in this context means:

    Then it qualifies as trivial.

    You can keep arguing that this is not so, but the statistics seem to contradict you. And I'm going to go with the statistics on this.

    I'm not aware of any statistics that support the assertions you are making.

  8. Re:How Kind of You on Longhorn Server's "Improved" Security · · Score: 1

    It's still not proven that a virus can work on Linux or BSDs, [...]

    Uh, of course it is. A "virus" will "work" as well on Linux or the BSDs as it does on Windows, all else being equal.

  9. Re:Because it is. on Targeted Trojan Attacks Causing Concern · · Score: 1

    Because it is.

    No, it's not:

    * Firstly, because the ignorant end user can trivially raise any program's privileges to root
    * Secondly, because 99% of the things most malicious code wants to do, don't require root privileges in the first place

    The code is not "in full view". It is hidden. That way, the user will run the code s/he THINKS is contained in that package, but the real code is something else.

    Er, yes, my whole point. If you want to use to install your malware, you just dress it up in something they _want_ to install. Which is what most malware does.

    Maybe you don't understand "trivial", either.

    A single command (or typed password) seems pretty trivial to me.

    Under a single user Windows box, it was trivial. Just clicking on porn.gif(.exe) in Outlook used to be sufficient to run that .exe as admin (which was what most Windows users were running as).

    Once you've gotten past the dialog boxes telling you it's a stupid thing to do, yes.

    Under Ubuntu, there are more steps. And the user has to specifically type in "sudo blah". The more steps required, the more chance that the user will notice that there is a problem.

    Three or four trivial steps (instead of two) still add up to a trivial process overall.

    If the end user can use the system to easily download and install legitimate software (although, admittedly, I _am_ assuming you're not going to argue Linux makes this task difficult in the first place) then they can do it just as easily with malicious software.

    So, if 99% of Windows users get themselves infected ... but only 1% of Ubuntu users get themselves infected, then, given the same level of knowledge amongst the users, Ubuntu is more secure than Windows.

    Right. Just like because there are proportionally more black people in jail than white people, black people are more likely to commit crimes than white people. Right ?

    Because Ubuntu's default installation has no open ports, it is 100% safe from worms.

    XP's default configuration today has the firewall enabled. Uglier, but just as effective.

    And the virus threat is also limited by the restricted rights and the need to type "sudo virus-file" to "install" the virus.

    Except, as I noted previously, there's little need for malicious code to elevate its privileges to do 99% of things it might want to do.

  10. What kind of "server" ? on Server Cooling Solution for Small Business? · · Score: 3, Insightful

    If the machine is rack based (probably not, but just in case), you're going to be fighting an uphill battle to even have it in the same room as working people from about ten seconds after you first power it on.

    If it's a tower machine, then it's just a PC and needs no additional cooling that your existing PCs don't already have. If it's a 'home brand' PC, just make sure the case has large, slow-spinning fans and the machine's various vents aren't right next to solid objects that will obstruct airflow out of the case. You might also want to make sure the intake fans/vents have some dust filters.

    Also, make sure you're using RAID (with either a hot spare or replacement drive *on hand*) and backing up regularly. Outside of extraordinary circumstances a hard disk will be the first (and only) thing in the machine that dies, probably 12 - 18 months after you first power it up.

    I say this all as an Australian who has looked after the same sort of IT infrastructure you're talking about in the same sort of climate. Indeed, my own home server has 12x7200rpm drives and dual 2.4Ghz Xeons in a large tower case with little more than 12cm fans blowing air directly over the drives and a single 12cm fan exhausting out the back - I keep an automated eye on it with various monitoring tools and even on a hot day like today (where it is 35), the drives are only sitting at 39 - 41 degrees.

    The short version is that you're not going to have any heat-related problems with a single (or even several, if they're reasonably well spaced) tower-style machine in an already airconditioned room.

  11. Re:Get Ubuntu on Targeted Trojan Attacks Causing Concern · · Score: 2, Interesting

    *All Ubuntu .deb packages available by default come from known sources. Adding untrusted repositories requires root privileges and visual warnings.
    * Installing software through apt-get (or synaptic or any of the other automated software installers) requires admin privileges.

    Why do people think "requires admin privileges" is any sort of significant barrier on unmanaged, typically single-user systems ?

    [...] is going to have a very hard time affecting the integrity of the system, let alone hiding from the user.

    The best place to hide is in full view. Or did you miss the whole definition and point of a 'trojan horse' ?

    The default user mode is non-privileged. It's hard (though not impossible) for someone to run Ubuntu as root.

    It's trivial. Every time you go 'sudo blah', 'blah' is running as root.

  12. Re:Two words... on Vista Licenses Limit OS Transfers, Ban VM Use · · Score: 3, Informative

    Actually, serving any clients from a Windows workstation OS is a violation of their EULA if Microsoft didn't write it and bundle it with the OS. So you can serve 10 clients on XP Pro with IIS but zero with Apache. Yes, running a Quake server for your mates at at a LAN is a violation. BitTorrent is a violation. VNC is a violation.

    I thought this sounded bogus, so I actually went and looked up the XP Home EULA. Unsurprisingly, your claim is rubbish.

    1.3 Device Connections. You may permit a maximum of five (5) computers or other electronic devices (each a "Device") to connect to the Workstation Computer to utilize one or more of the following services of the Software: File Services, Print Services, Internet Information Services, and remote access (including connection sharing and telephony services). The five connection maximum includes any indirect connections made through "multiplexing" or other software or hardware which pools or aggregates connections. This five connection maximum does not apply to any other uses of the Software.
  13. Re:Two words... on Vista Licenses Limit OS Transfers, Ban VM Use · · Score: 1

    You'd be able to play on a 10 man lan party if you weren't hosting.

    Just to clarify, that 5 (and 10 for XP Pro) connection limit is only enforced by the server software, not the network stack. So while Microsoft's server programs (like file & print sharing or IIS) restrict you to ten connections, third party programs generally don't (ie: you can serve up content from Apache to 10,000 clients if you want, albeit in technical violation of the EULA).

  14. Re:I'd like to say ... on IE Market Share Drops to Lowest Level in Years · · Score: 1

    The only place I hear this complaint is on /. I have installed firefox for dozens of people not one of them ever complained about memory usage or performance.

    If you have to install it for them, chances are:

    * They wouldn't know what "memory usage" is in the first place, let alone how to measure
    * They probably aren't doing enough to make Firefox use lots of memory, or have its high memory usage impact other software
    * They probably only run it for a few hours at a time then close it again

  15. Re:Exactly! Why Software DRM? on New Copy Protection to Make Playing DVDs on a PC Difficult · · Score: 1

    Simple hardware hack to reverse the polarity of the disc motor in the DVD drive.

    But will they be able to re-route main power through the secondary chipset interconnects ?

  16. Re:anyone think the case might actually have merit on Transmeta Sues Intel for Patent Infringement · · Score: 1

    Oh, come on. Next you'll be suggesting that Intel's patent violations might have had something to do with Transmeta's financial problems, as if patents were actually supposed to protect the little guy from having his inventions stolen by better funded competitors.

    It's very important to remember that "patent infringement" and "theft of ideas" (even ignoring the abuse of the word 'theft') are *NOT* synonymous because of the patent systems ridiculous assumption that two entities cannot come up with the same idea independently.

  17. Re:now just another sleezy IP company eh on Transmeta Sues Intel for Patent Infringement · · Score: 1

    So, when was Pentium 3?

    The first Pentium 3 was released to market in 1999.

    However, the Pentium 3 was little more than a warmed over Pentium 2. The Pentium 2 first hit in 1997.

    However, the Pentium 2 was little more than a warmed over Pentium Pro. The Pentium Pro was first available in 1995.

  18. Re:Why try, and fail to, reinvent the wheel... on Big Challenges for Vista Bug Hunters · · Score: 1

    Oh come now, answer my real question! :-) What would not be lame? Does it have to be new to be not lame? Does it have to have particular features, or an absence of certain flaws?

    It has to be interesting.

    UNIX isn't interesting (and I say this as someone whose job involves lots of servers running UNIX and derivatives).

    Now, as I said, the stuff sitting on top of it *is* interesting, but the guts - Darwin - are not.

    Howeevr, if Apple had gone with, say, BeOS, or stuck their OpenStep update on top of NT, or made Darwin a real microkernel, that would have been more interesting.

  19. Re:They did it by distributing it with the OS on Microsoft Plugs a Record 26 Security Holes · · Score: 1

    "fastest market share growth" means absolutely nothing to me.

    This does not mean it didn't happen.

    Your market share might be growing from 0.1% to 1% very rapidly, this is also a fast growth. from zero to something is always a fast growth come to think of it. and if you notice, the years 97-98 are the years when internet was still niche, people using it was not in numbers comparable to today, and noone would get surprised if most hardcore netscape users gave internet explorer a try then.

    Which wouldn't have been particularly relevant if they'd just dropped it and gone back to Navigator.

    But they didn't. IE (mainly on the back of IE4) went from ca. 10% marketshare to ca. 50% marketshare in the period roughly from the release of the IE4 public betas to about 6 months after the release of Windows 98. This happened because Netscape dropped the ball severely with Navigator 4, which sucked.

  20. Re:Deleted Scenes from the Interview on Ballmer Sounds Off · · Score: 5, Insightful

    In the land of the DCMA, laws banning online gambling, the RIAA and MPAA, this is a huge legal disaster waiting to happen. I'm supportive of Google pushing the envelope, but I think they have overreached on this acquisition. Their first major mistake IMHO.

    On the upside, the impact of such litigation on The Common Man might just wake everyone up to how out of control copyright laws have gotten...

  21. Re:The only vista on my OS horizon: Ubuntu on Microsoft Plugs a Record 26 Security Holes · · Score: 3, Insightful

    Almost any OS that is free... After all, it is hard to argue that Ubuntu (for example), should be flawless when it costs nothing and is in fact shipped out at someone else's expense if one asks for a few sets of the install discs.

    So if it's free it can't suck ?

    How about all those versions of Linux that *aren't* free ?

    Why waste money on a bigger, slower, pile of crapware from Microsoft when it offers nothing substantial in the way of practical improvements over the mess that is XP?

    It offers masses of "substantial, practical improvements". The important question people need to ask is if any of those are important enough to them to upgrade.

    What I'm reading these days is that the Vista release is being given the yawn treatment by many IT professionals.

    IT professionals are waiting for a) the server-side complement to Vista and b) the early rounds of bugs to be shaken out.

    In fact, I'm worried that security will be much worse on Vista than it is on XP since 3rd party security vendors are being prevented by Microsoft from hooking in at the level their code needs to run at to be most effective. I don't trust Microsoft to handle security issues. It has a pathetic track record. The programmers at MS clearly don't understand their own code.

    Sounds to me like you're buying into the standard anti-Windows and anti-Microsoft FUD.

  22. Re:Why not a recall?!? on Microsoft Plugs a Record 26 Security Holes · · Score: 1

    Um, that'd have to be 'Apple'.

    Sorry, but OS X is patched regularly and frequently as well.

  23. Re:Words and words. on The Relevance of Windows · · Score: 1

    Meanwhile, I'm currently replacing all of the 3 year old PCs at work.

    Businesses work on 3 year cycles for tax reasons. A 3 year old PC is more than adequate performance-wise for typical use (heck, a high-end 5-6 year old PC is more than adequate).

    Your 3 year old PCs - apart from being substantially faster than your four year old Mac in raw power - will run both current and upcoming versions of Windows much better than an equivalent four year old Mac will run any version of OS X.

  24. Re:Words and words. on The Relevance of Windows · · Score: 1

    With the exception of the Mac Pro (way out of most people's price range) - the video card.

    And even then, you still need a "Mac version" of $VIDEOCARD (typically priced significantly higher) to have any confidence that it will actually work.

  25. Re:Deja Vu? on The Relevance of Windows · · Score: 1

    But then Microsoft perpetrated the crime that is Internet Explorer on the world and broke the platform-agnostic Internet standards in subtle ways.

    <sigh>

    How soon people forget who invented the <blink> tag...