Seems like the NAT solution is pretty secure to me so I call BS on your "NAT has in no way improved security".:) Firewalls are great when you need access from the internet in general TO the resources. NAT is great when you only need access out, which is 95% of the users on the Internet.
95%? Where'd you get that? I was under the impression many users wanted to communicate directly with each other via P2P things (which was pretty much the only way we did things when I started using the internet). I have a cool app that allows people to transfer files back and forth....or maybe two people want to play a game against each other?
By your logic, that must require some central server in order to work.
If your daughter is behind a NAT, she can initiate a connection out to you and that should work.
*oh*, so I should just have her machine ssh or remote desktop into my machine for maintenence? Got it.
Solutions do exist, see skype for a setup that works properly with NAT enabled (although for voice).
Right, a centralized, closed source, single-vendor, nonstandard solution to work around the broken network.
One key issue with protocols is when they imbed an IP address in the payload, that is a no-no by the OSI stack model, and breaks NAT in horrible ways.
That is not a key issue. The key issue is that you simply can't make two computers arbitrarily talk to each other if you're in a network remotely as large as mine. You don't hear about all of these protocols failing people simply because of embedded IP addresses, but because the software wants to be able to talk to other people running the software.
So you've got one address and a friend over. Which one receives incoming requests for a game you're trying to play online? Stuff like that. Things just work when every machine has an address, and security is not any worse.
Why does this stuff always get propagated? There are several table types in MySQL. If you want ACID, use InnoDB and not the default MyISAM:
Isn't that what wikipedia was running when they had their database corruption due to a power outage that caused them to have to replay the whole thing from backups (minus whatever transactions were lost)?
So it gives you transactions, possibly consistency. It doesn't seem to provide durability.
Short of a block on a hard drive no longer being readable, I can't see how a power outage should make an ACID compliant database corrupt.
Re:Mind you...
on
The Next Net
·
· Score: 2, Insightful
IPv4 only supports 4bil address in a given addressible domain. With NAT, things get more interesting, and to be honest, is the BEST thing that has happened to computer security ever. People whine about NAT, but it's poor protocols that cause NAT to break things (FTP, RTSP and SIP come to mind). Otherwise NAT solves the issues.
NAT has in no way improved security. You're confusing firewalls with NAT. Firewalls would be just as effective without NAT.
Since you seem to be so informed, though, how exactly are you working to fix these ``poor protocols'' that are preventing me from doing video chat with my daughter or managing her computer? I cannot ssh, remote desktop, or ichat AV because her machine is behind a NAT outside of her control.
How does this benefit her, the customer of this service? What does it do to improve security beyond the built-in firewall or any given add-on stateful firewall?
Re:Wow! think of all them IP addresses.
on
The Next Net
·
· Score: 1
They have this other thing called "NAT" (Network Address Translation). You could use it to assign every device in your house a 10.0.0.0/8 (I think that's the CIDR) address, and still only present one IP to the public internet. It's what's making IPv6 so slowly adopted - it's unlikely that you'll have more than 16,000,000 devices in your house.
OK, and how do I address them? With one external address that's a maximum of 64k connections I can bring in. And sure, people may not be likely to have quite that many machines, it's certainly not uncommon to have enough services running to make it inconvenient to keep configuration details in sync with your NAT config.
And it's stupid. Back when I was a kid, we had DNS and we used that to let everybody know where our services were. We had firewalls and we used those to let them know what kinds of things weren't allowed to go across our various network connections.
Things are way easier and no less secure without NAT.
(mumbles something about being unable to video chats or remote management on his daughters computer due to her ISP providing it with a NATted address)
Absolutely. I use no fewer than two mail clients on two different machines on any given business day. Every email I've sent since 1995 or something like that, and received since 1998 is available and searchable. Over this time, I've accessed this archive with the following clients:
* pine (lots of pine) * mac mail * thunderbird * various netscapes/mozillas * ML (some random IMAP reader) * My phone (my old Sony/Ericcson speaks IMAP) * My palm (two different apps) * python * a java webmail system I wrote * three or four other webmail systems * mutt...who knows what else. I've got freedom to try whatever I want at any given moment without losing my current or past mail.
I find developing Mac GUI apps a total pain in the neck because they make you do all the development in a weird, counter-intuitive GUI of their own, and because they have a weird, counter-intuitive memory allocation strategy in their Cocoa development environment, but for regular geek work, you really can't beat Mac OS X.
Weird, I've never heard anyone refer to Interface Builder as counter-intuitive. My experience (and the experience of most I've talked to) is quite to the contrary. I couldn't imagine an easier way to make a GUI. I haven't made very many GUI apps outside of the nextstep/openstep framework, though (I've used tk from perl and tcl, motif, xaw, raw xlib, awt, swing, glut, the palm toolkit, newtonscript...probably some more). Starting with just the simple tutorial, I've made quite a few GUI apps in OS X I use every day (some in objc, some in python. I've done some in java as well, but I always end up porting them to objc).
Reference counting, I suppose could be considered counter-intuitive if I haven't programmed in C a lot. It's pretty much summed up as, if you do something that allocates memory (alloc or copy), release it again (release or autorelease). If you want to hold onto something, retain it.
It may not be what you're used to, but things seem to work the way I'd expect them to.
An IE exploit is (or should not) be a thread[sic] on your server.
Isn't this the OS that doesn't allow you to remove IE? I don't run it, so I don't know for sure, but my casual observation would show that it's required at least if you want to keep it patched.
If your[sic] doing web browsing on your server then you sould[sic] expect nothing but bad things to happen.
That's just silly. We used to run Netscape from our Solaris servers occasionally to get big downloads over the fast connection for patches or whatever. There wasn't much of a chance of that being a risk then.
I looked though many of these advisories and most of them are local exploites or are related to a local user needing direct access to the OS.
Well then, good thing the applications you run on these boxes are written by people who would never have a bug that allowed unauthorized access, right? When I did break into the Solaris boxes as described above, I did it through a bug in a CGI I found. I.e. *our* application let us in, not the OS. Now it's the OS' job to limit the damage.
If you have so many people accessing your server directly/locally, then you have alot[sic] more problems then any advisories listed in their database.
One could see it that way. One could also look to systems that have lots of direct users with few security problems. sourceforge shell servers come to mind. I don't hear about those getting rooted too often, but you can't give people much more direct access.
But neither language has the idea of marking strings or other data that came from an untrusted source, the way Perl does. Which is odd, as both Java and.NET have so far succeeded server side.
Why bother with tainting when you can just do rigorous validation with things like struts? It's been quite a while since I've seen a bug related to inappropriate input handling, and that was in a perl script.
Compared to Perl, Java is insecure as you can too easily fall to a SQL string attack, either in your web page, or, heaven forbid, Web Service.
It's actually rather hard to fall victim to a SQL injection attack unless you are just using the APIs the wrong way (which is more difficult). In our application...I can only think of a couple of places where SQL is generated in the code, and in those places, we generate prepared statements to deal with any input.
I wrote the original utility as a python commandline app. I mocked up a really nice GUI for it and prototyped the whole thing in pyobjc to see how it worked and make sure I liked the UI. It worked OK, but the core was designed as a commandline utility and didn't fit well into a MVC application (it'd take over the event loop while synchronizing, which could take several minutes).
Since the primary purpose of the application is to download a bunch of stuff in order to synchronize a local tree with data from a web site, and the python http client is synchronous, I wouldn't've got a lot out of doing it in python with the cocoa web download toolkit.
Besides, objective C isn't that bad to work in. Kinda feels like smalltalk.
pyobjc is some cool, stuff, though. I have a couple of apps I use that I wrote in it.
I wasn't that impressed by the demo either. Maybe I'm not "with it" enough to see the beauty in all this point-and-click programming, but I think I could have written the same demo app in Java/Swing in about half the time. And I'm by no means an expert Java programmer.
You could not have. Pointing out your lack of experience doesn't help your argument. Spend a few minutes developing for GNUSTEP/NeXTSTEP/MacOS X or whatever, and see what it actually does and how to use it, and you'll realize why people who are ``with it'' get excited about this kind of stuff. What I've found is that I will spend extra time getting my UI to be perfect (IB lets you not only define your UI in shape, actions, resizing, etc..., but also try it out to see how it acts when its resized, or how the buttons click, etc...).
MacOS X is definitely the direction to follow in software development. Native apps built in xcode with ZeroLink and even dynamic code replacement (i.e. smalltalk-style bug fixing from the debugger without restarting your app). So, no time spent linking, but you can use an arbitrarily large and automatically discovered compile farm while developing rich MVC apps quickly and easily.
Also, see what happens when more palettes are completed. If they had the WebKit palette, for example, they could've done a demo where they created a full-featured web browser in the same time (you can do this on MacOS X with *no* code). In the video that was going around of a NS 3.3 demo in 1992 by Steve Jobs, he created a pretty decent graphical employee database application in just a couple of minutes that would allow you to look up departments (with pictures), and look through the list of employees within that department (with pictures of the employees). Again, with no code.
The openstep objects are great to work with, though. I just ported an app from python to objective C just so I could use the URL loading kit from cocoa. That is a particular thing missing from gnustep that I'd like to get ported over (although, it may be part of the webkit that Apple was working in open source).
I've worked in quite a few GUI kits (raw X11, Motif, tk, awt, swing, morphic, nextstep, probably more I can't think of), and I can assure you the objective C MVC kit wins hands-down so far.
Anyway, give it a shot before you say it's pointless. It's very impressive and has huge potential.
I would like to see a comparison to a "real" language like java or python or ruby or something.
I hate XSL and whenever possible use an actual programming language.
Then make one. Just because you enjoy using the wrong tool for the job (in this case, xml transformation), doesn't mean you have to get all cranky because others don't.
You don't know of a platform independent free memory leak finder?
When I used to program in C a lot, I wrote one for myself one day. It was pretty trivial. I just made a little hash table and wrapped all of the malloc, realloc, strdup, free, etc... functions with my own functions that kept up with what I was doing. It didn't have any noticable performance impact, but I could run through a bunch of tests, return to my original state, and then query the allocation table to see if there were any dangling allocations. It would give me the line of code that performed the allocation, the size, and a little printable representation of what was in it.
It'd also do things like assert all frees were things that were actually allocated and stuff.
That requires source modification to get into place, though.
OS X has ``leaks.'' That might also be beneficial. On OS X, I tend to use the GUI objectalloc program, though. You can watch growth by object type and all that and query values and stacks and all kinds of goodness.
my mom "thought" she changed users and didn't. Later, she couldn't find her files. Since there's no real visual reference when you change users on an older system (no cube), it's difficult to tell if you've actually done so.
Perhaps you should suggest she look at the big thing with the name on it that she clicked on in order to change users and see what it says.
Almost every company states projects it's working on. Longhorn is an example here. But not Apple, that is because Steve Jobs loves to go to show off to the Mac zealots. [...] Funny he doesn't keep movies pixar's working on a secret.
Are you serious? Think Blair Witch or The Villiage, the Matrix serious, or any other number of movies. What if some popular industry-specific site was leaking all the details of films that draw people into the box office? You don't think there would be some serious issues about this?
Why is it that, although a huge cast worked on these things, very few details got out. Certainly no details got out that the studios didn't want out.
And honestly, where are all of these companies that are not keeping their products secret? I can't remember the last company I went into that didn't have NDAs. Most of those NDAs have been in regards to describing anything all about product development.
It's one thing to speculate, ``Hey, I bet Sony makes a pocket-sized HD camera that records on a HDD.'' It's another to take product details, price points, etc... illegally and potentially do a lot of damage to their market.
For example, what if, after showing all of the details, it was announced that the mac mini was going to sell for $300? People would feel a bit ripped off since their expectations were a lot higher. Mostly those whose stock tanked because of those expectations.
If you order a mini mac then that's you, voting with your wallet, to support Apple and this lawsuit.
*OR* it's me supporting products I think are good for us as not just consumers, but content creators. Apple seems to be the only ones out there making products that are actually giving us the ability to do things rather than just taking away rights to the data we have and slowly turning our computers into televisions where we mindlessly consume the drivel created by people who can afford the RIAA and MPAA partnerships.
I'm less interested in someone getting sued for trying to make a business out of divulging trade secrets.
For a long while I always said I'd look to get a mac if they were marketed at an affordable price. Now that they have one, I won't even waste the time to look at it.
Of course. No matter how they price it, what the relative quality is, or anything else, there's always some excuse that people will make for not buying one. Nobody expects you to make up excuses. If you don't want one, don't get one.
People leak news about Longhorn and other in-development MSFT products all the time, why aren't they suing webmasters? They're supposed to be the big litigation assholes, after all.
Ah, but there's a difference. The hype is helping to keep people interested in Microsoft. They need it. If it weren't for longhorn hype offering some promise of new mac-like features for Windows users, they'd probably be losing a lot more customers.
Re:USB Drives and TV Shows
on
CES Tidbits
·
· Score: 1
a) Had a huge amount of data (50GB? A terabyte? I don't remember, but it was ridiculous) (cough)
I have a huge (PC-card style) 128KB card in my HP48 that cost me about a dollar a KB when I bought it in high school. Local computer shops sell 1 GB SD cards for somewhere around $80-$90. It wasn't *that* long ago that I was hearing about 1GB hard drives and imagining how I'd use all that space.
It was just yesterday I saw a 512MB SD card that folds to reveal a USB port.
I'm not insulted by fiction showing small things showing large amounts of data.
b) Had USB *and* firewire (cough)
Is that really that far-fetched? I've seen pretty small hard drives with both...such as my iPod which does both with a single cable.
c) Had *serious* encryption, yet they broke it in an afternoon (cough, cough, bird flipped at screen)
Maybe it was less serious than they first thought. Encryption is funny that way. That's the kind of stuff they're most likely to get wrong.
That's not entirely accurate. It uses the client hostname sent as a DHCP option. This name is also used by the internal DNS server to make your client hostname magically work via DNS.
Re:Is THIS the future of TV?
on
The Other VoIP
·
· Score: 1
select what channel you want to watch over TCP!!
You select your TV channel using IGMP, not TCP.
It's not the future, though. There are plenty of places already doing this.
Slashdot Mirror
Didn't you just answer your own question ?
:-)
If you can't reach it, it's a lot more secure.
I know it's not for everyone, but it helps a lot of people.
You also couldn't reach it with a firewall config that's closed by default...until you wanted to, anyway. Then you could.
NAT doesn't help here. Just hurts.
Seems like the NAT solution is pretty secure to me so I call BS on your "NAT has in no way improved security". :) Firewalls are great when you need access from the internet in general TO the resources. NAT is great when you only need access out, which is 95% of the users on the Internet.
...or maybe two people want to play a game against each other?
95%? Where'd you get that? I was under the impression many users wanted to communicate directly with each other via P2P things (which was pretty much the only way we did things when I started using the internet). I have a cool app that allows people to transfer files back and forth.
By your logic, that must require some central server in order to work.
If your daughter is behind a NAT, she can initiate a connection out to you and that should work.
*oh*, so I should just have her machine ssh or remote desktop into my machine for maintenence? Got it.
Solutions do exist, see skype for a setup that works properly with NAT enabled (although for voice).
Right, a centralized, closed source, single-vendor, nonstandard solution to work around the broken network.
One key issue with protocols is when they imbed an IP address in the payload, that is a no-no by the OSI stack model, and breaks NAT in horrible ways.
That is not a key issue. The key issue is that you simply can't make two computers arbitrarily talk to each other if you're in a network remotely as large as mine. You don't hear about all of these protocols failing people simply because of embedded IP addresses, but because the software wants to be able to talk to other people running the software.
So you've got one address and a friend over. Which one receives incoming requests for a game you're trying to play online? Stuff like that. Things just work when every machine has an address, and security is not any worse.
Why does this stuff always get propagated? There are several table types in MySQL. If you want ACID, use InnoDB and not the default MyISAM:
Isn't that what wikipedia was running when they had their database corruption due to a power outage that caused them to have to replay the whole thing from backups (minus whatever transactions were lost)?
So it gives you transactions, possibly consistency. It doesn't seem to provide durability.
Short of a block on a hard drive no longer being readable, I can't see how a power outage should make an ACID compliant database corrupt.
IPv4 only supports 4bil address in a given addressible domain. With NAT, things get more interesting, and to be honest, is the BEST thing that has happened to computer security ever. People whine about NAT, but it's poor protocols that cause NAT to break things (FTP, RTSP and SIP come to mind). Otherwise NAT solves the issues.
NAT has in no way improved security. You're confusing firewalls with NAT. Firewalls would be just as effective without NAT.
Since you seem to be so informed, though, how exactly are you working to fix these ``poor protocols'' that are preventing me from doing video chat with my daughter or managing her computer? I cannot ssh, remote desktop, or ichat AV because her machine is behind a NAT outside of her control.
How does this benefit her, the customer of this service? What does it do to improve security beyond the built-in firewall or any given add-on stateful firewall?
OK, and how do I address them? With one external address that's a maximum of 64k connections I can bring in. And sure, people may not be likely to have quite that many machines, it's certainly not uncommon to have enough services running to make it inconvenient to keep configuration details in sync with your NAT config.
And it's stupid. Back when I was a kid, we had DNS and we used that to let everybody know where our services were. We had firewalls and we used those to let them know what kinds of things weren't allowed to go across our various network connections.
Things are way easier and no less secure without NAT.
(mumbles something about being unable to video chats or remote management on his daughters computer due to her ISP providing it with a NATted address)
One word: IMAP
...who knows what else. I've got freedom to try whatever I want at any given moment without losing my current or past mail.
Absolutely. I use no fewer than two mail clients on two different machines on any given business day. Every email I've sent since 1995 or something like that, and received since 1998 is available and searchable. Over this time, I've accessed this archive with the following clients:
* pine (lots of pine)
* mac mail
* thunderbird
* various netscapes/mozillas
* ML (some random IMAP reader)
* My phone (my old Sony/Ericcson speaks IMAP)
* My palm (two different apps)
* python
* a java webmail system I wrote
* three or four other webmail systems
* mutt
While OS X is UNIX, to anyone who uses Apple's programming APIs (Cocoa or Carbon, as well as Quartz) Mac OS X isn't UNIX in anyway to them.
That's not necessarily true. I've written Cocoa apps in OS X and ported them to FreeBSD with little effort.
I find developing Mac GUI apps a total pain in the neck because they make you do all the development in a weird, counter-intuitive GUI of their own, and because they have a weird, counter-intuitive memory allocation strategy in their Cocoa development environment, but for regular geek work, you really can't beat Mac OS X.
Weird, I've never heard anyone refer to Interface Builder as counter-intuitive. My experience (and the experience of most I've talked to) is quite to the contrary. I couldn't imagine an easier way to make a GUI. I haven't made very many GUI apps outside of the nextstep/openstep framework, though (I've used tk from perl and tcl, motif, xaw, raw xlib, awt, swing, glut, the palm toolkit, newtonscript...probably some more). Starting with just the simple tutorial, I've made quite a few GUI apps in OS X I use every day (some in objc, some in python. I've done some in java as well, but I always end up porting them to objc).
Reference counting, I suppose could be considered counter-intuitive if I haven't programmed in C a lot. It's pretty much summed up as, if you do something that allocates memory (alloc or copy), release it again (release or autorelease). If you want to hold onto something, retain it.
It may not be what you're used to, but things seem to work the way I'd expect them to.
s/call/blame/
An IE exploit is (or should not) be a thread[sic] on your server.
Isn't this the OS that doesn't allow you to remove IE? I don't run it, so I don't know for sure, but my casual observation would show that it's required at least if you want to keep it patched.
If your[sic] doing web browsing on your server then you sould[sic] expect nothing but bad things to happen.
That's just silly. We used to run Netscape from our Solaris servers occasionally to get big downloads over the fast connection for patches or whatever. There wasn't much of a chance of that being a risk then.
I looked though many of these advisories and most of them are local exploites or are related to a local user needing direct access to the OS.
Well then, good thing the applications you run on these boxes are written by people who would never have a bug that allowed unauthorized access, right? When I did break into the Solaris boxes as described above, I did it through a bug in a CGI I found. I.e. *our* application let us in, not the OS. Now it's the OS' job to limit the damage.
If you have so many people accessing your server directly/locally, then you have alot[sic] more problems then any advisories listed in their database.
One could see it that way. One could also look to systems that have lots of direct users with few security problems. sourceforge shell servers come to mind. I don't hear about those getting rooted too often, but you can't give people much more direct access.
C'mon guys, where's the RAD for Linux?
Same place it is for OS X, in the NeXTSTEP API.
see gnustep
I installed gnustep on my FreeBSD box last night and ported one of my Mac GUI apps in just a few minutes.
OK, I'll bite. I don't remember any GUIs in the 60s... what were they?
check wikipedia (and update it if you find anything else)
But neither language has the idea of marking strings or other data that came from an untrusted source, the way Perl does. Which is odd, as both Java and .NET have so far succeeded server side.
Why bother with tainting when you can just do rigorous validation with things like struts? It's been quite a while since I've seen a bug related to inappropriate input handling, and that was in a perl script.
Compared to Perl, Java is insecure as you can too easily fall to a SQL string attack, either in your web page, or, heaven forbid, Web Service.
It's actually rather hard to fall victim to a SQL injection attack unless you are just using the APIs the wrong way (which is more difficult). In our application...I can only think of a couple of places where SQL is generated in the code, and in those places, we generate prepared statements to deal with any input.
Why wouldn't you just use PyObjC?
I wrote the original utility as a python commandline app. I mocked up a really nice GUI for it and prototyped the whole thing in pyobjc to see how it worked and make sure I liked the UI. It worked OK, but the core was designed as a commandline utility and didn't fit well into a MVC application (it'd take over the event loop while synchronizing, which could take several minutes).
Since the primary purpose of the application is to download a bunch of stuff in order to synchronize a local tree with data from a web site, and the python http client is synchronous, I wouldn't've got a lot out of doing it in python with the cocoa web download toolkit.
Besides, objective C isn't that bad to work in. Kinda feels like smalltalk.
pyobjc is some cool, stuff, though. I have a couple of apps I use that I wrote in it.
I wasn't that impressed by the demo either. Maybe I'm not "with it" enough to see the beauty in all this point-and-click programming, but I think I could have written the same demo app in Java/Swing in about half the time. And I'm by no means an expert Java programmer.
You could not have. Pointing out your lack of experience doesn't help your argument. Spend a few minutes developing for GNUSTEP/NeXTSTEP/MacOS X or whatever, and see what it actually does and how to use it, and you'll realize why people who are ``with it'' get excited about this kind of stuff. What I've found is that I will spend extra time getting my UI to be perfect (IB lets you not only define your UI in shape, actions, resizing, etc..., but also try it out to see how it acts when its resized, or how the buttons click, etc...).
MacOS X is definitely the direction to follow in software development. Native apps built in xcode with ZeroLink and even dynamic code replacement (i.e. smalltalk-style bug fixing from the debugger without restarting your app). So, no time spent linking, but you can use an arbitrarily large and automatically discovered compile farm while developing rich MVC apps quickly and easily.
Also, see what happens when more palettes are completed. If they had the WebKit palette, for example, they could've done a demo where they created a full-featured web browser in the same time (you can do this on MacOS X with *no* code). In the video that was going around of a NS 3.3 demo in 1992 by Steve Jobs, he created a pretty decent graphical employee database application in just a couple of minutes that would allow you to look up departments (with pictures), and look through the list of employees within that department (with pictures of the employees). Again, with no code.
The openstep objects are great to work with, though. I just ported an app from python to objective C just so I could use the URL loading kit from cocoa. That is a particular thing missing from gnustep that I'd like to get ported over (although, it may be part of the webkit that Apple was working in open source).
I've worked in quite a few GUI kits (raw X11, Motif, tk, awt, swing, morphic, nextstep, probably more I can't think of), and I can assure you the objective C MVC kit wins hands-down so far.
Anyway, give it a shot before you say it's pointless. It's very impressive and has huge potential.
Imagine stretching your fingers over the keyboard to do a Ctrl-C Ctrl-V (or Cmd-C Cmd-V).
OS X comes with a dvorak mapping that switches to a qwerty mapping when you hit the command key.
Doesn't help me too much in vi (where I spend most of my time).
I would like to see a comparison to a "real" language like java or python or ruby or something.
I hate XSL and whenever possible use an actual programming language.
Then make one. Just because you enjoy using the wrong tool for the job (in this case, xml transformation), doesn't mean you have to get all cranky because others don't.
My favoured platform though is Mac OS X. There's a whole list of platforms in the FAQ, but Mac isn't amongst them.
My main DB server at home has been a G4 cube for a long time now.
You don't know of a platform independent free memory leak finder?
When I used to program in C a lot, I wrote one for myself one day. It was pretty trivial. I just made a little hash table and wrapped all of the malloc, realloc, strdup, free, etc... functions with my own functions that kept up with what I was doing. It didn't have any noticable performance impact, but I could run through a bunch of tests, return to my original state, and then query the allocation table to see if there were any dangling allocations. It would give me the line of code that performed the allocation, the size, and a little printable representation of what was in it.
It'd also do things like assert all frees were things that were actually allocated and stuff.
That requires source modification to get into place, though.
OS X has ``leaks.'' That might also be beneficial. On OS X, I tend to use the GUI objectalloc program, though. You can watch growth by object type and all that and query values and stacks and all kinds of goodness.
my mom "thought" she changed users and didn't. Later, she couldn't find her files. Since there's no real visual reference when you change users on an older system (no cube), it's difficult to tell if you've actually done so.
Perhaps you should suggest she look at the big thing with the name on it that she clicked on in order to change users and see what it says.
Almost every company states projects it's working on. Longhorn is an example here. But not Apple, that is because Steve Jobs loves to go to show off to the Mac zealots. [...] Funny he doesn't keep movies pixar's working on a secret.
Are you serious? Think Blair Witch or The Villiage, the Matrix serious, or any other number of movies. What if some popular industry-specific site was leaking all the details of films that draw people into the box office? You don't think there would be some serious issues about this?
Why is it that, although a huge cast worked on these things, very few details got out. Certainly no details got out that the studios didn't want out.
And honestly, where are all of these companies that are not keeping their products secret? I can't remember the last company I went into that didn't have NDAs. Most of those NDAs have been in regards to describing anything all about product development.
It's one thing to speculate, ``Hey, I bet Sony makes a pocket-sized HD camera that records on a HDD.'' It's another to take product details, price points, etc... illegally and potentially do a lot of damage to their market.
For example, what if, after showing all of the details, it was announced that the mac mini was going to sell for $300? People would feel a bit ripped off since their expectations were a lot higher. Mostly those whose stock tanked because of those expectations.
If you order a mini mac then that's you, voting with your wallet, to support Apple and this lawsuit.
*OR* it's me supporting products I think are good for us as not just consumers, but content creators. Apple seems to be the only ones out there making products that are actually giving us the ability to do things rather than just taking away rights to the data we have and slowly turning our computers into televisions where we mindlessly consume the drivel created by people who can afford the RIAA and MPAA partnerships.
I'm less interested in someone getting sued for trying to make a business out of divulging trade secrets.
For a long while I always said I'd look to get a mac if they were marketed at an affordable price. Now that they have one, I won't even waste the time to look at it.
Of course. No matter how they price it, what the relative quality is, or anything else, there's always some excuse that people will make for not buying one. Nobody expects you to make up excuses. If you don't want one, don't get one.
People leak news about Longhorn and other in-development MSFT products all the time, why aren't they suing webmasters? They're supposed to be the big litigation assholes, after all.
Ah, but there's a difference. The hype is helping to keep people interested in Microsoft. They need it. If it weren't for longhorn hype offering some promise of new mac-like features for Windows users, they'd probably be losing a lot more customers.
a) Had a huge amount of data (50GB? A terabyte? I don't remember, but it was ridiculous) (cough)
I have a huge (PC-card style) 128KB card in my HP48 that cost me about a dollar a KB when I bought it in high school. Local computer shops sell 1 GB SD cards for somewhere around $80-$90. It wasn't *that* long ago that I was hearing about 1GB hard drives and imagining how I'd use all that space.
It was just yesterday I saw a 512MB SD card that folds to reveal a USB port.
I'm not insulted by fiction showing small things showing large amounts of data.
b) Had USB *and* firewire (cough)
Is that really that far-fetched? I've seen pretty small hard drives with both...such as my iPod which does both with a single cable.
c) Had *serious* encryption, yet they broke it in an afternoon (cough, cough, bird flipped at screen)
Maybe it was less serious than they first thought. Encryption is funny that way. That's the kind of stuff they're most likely to get wrong.
The selection must be by NETBIOS name
That's not entirely accurate. It uses the client hostname sent as a DHCP option. This name is also used by the internal DNS server to make your client hostname magically work via DNS.
select what channel you want to watch over TCP!!
You select your TV channel using IGMP, not TCP.
It's not the future, though. There are plenty of places already doing this.