I don't think Microsoft purposefully broke the net apps, whereas this:
I found out that since Greasemonkey is distributed on addons.mozilla.org it will automatically update itself, even though I didn't put that in the code.
Neat. I'm going to upload the neutered versions at 7pm PST. It'd be great if people could poke it a little before then.
... is being done on purpose. The way to fix such a potential exploit is to inform people and let them make the INFORMED choice.
For example, I didn't bother upgrading from firefox 0.8 when everyone was worried about the image bug. I looked at it, decided that my risk was precisely zero, based on my browsing patterns, existing security measures, etc., and stayed with 0.8 until I upgraded my distro. That is my choice.
Not every potential exploit has to be fixed RSN in every situation (even Linus agrees on that).
They're called personal computers for a reason - what I put on them is mine. Tell me what is wrong, and let me be the judge as to whether I patch or not. Don't try to cripple stuff under guise of "patching". Maybe I have a different work-around, or I have other precautions in place, or I've balanced the risk/benefit ratio and determined that removing the functionality is more damaging in the heare-and-now than some potential damage that might happen in the future.
F/LOSS is based on trust. This was NOT the way to go about engendering more trust.
turning something off becuase it is a big security hole? I don't think that fits cleanly under "intentionally causing damage".
According to your line of thinking, then its perfectly fine for me to DDoS or trojan every Windows box on the planet out of existence, because they're all gaping security holes.
You don't have the legal right to cripple software on another person's computer w/o their informed consent. This is unauthorized access. That's the law. Work within it:
inform them of what the problem is,
THEN offer them the ability to decide whether they want to disable the features.
Most users who click on "update" won't get to see that message. They think they'll be installing something that fixes greasemonkey, in the non-veterinarian sense.
When you have a problem, its best to be as open and aboveboard as possible. Tylenol was a good example of this when that guy started putting poison in their pills. More recently, ditto Wendys and the finger.
What they're doing (posting crippleware as an "update") is more like giving everyone the finger.
You mean like in Firefox, where when updates are available all the auto-update feature does is display a little "updates available" icon in a browser window, then offer to install the updates when you click the
You make 2 assumptions, both wrong:
You assume I don't use firefox - I do
You assume I use Windows - I don't - the update mechanism is different under linux
Calling it an update, when in actual fact its not, is not the way to engender trust among users. Its also illegal to cripple functioning software on a persons computer w/o their informed consent, as I've pointed out elsewhere.
This was decided by the courts almost 20 years ago, when L'Oreal and their IT supplier got into a dispute, and the IT supplier unilaterally disabled L'Oreal's software. The IT supplier lost, damages in the millions were awarded.
No one is forcing you to update. If you see an upgrade is available for Greasemonkey on your Firefox updates list, it's your responsibility to go see what was changed before installing.
You aren't giving informed consent to the update when its called an "update", and its really designed to toally cripple the software.
It's about transparency and trust. If you can't see that, they you are just as blind as the developers who pulled this stunt.
5)(A)(i) knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage without authorization, to a protected computer;
Computers connected to the internet are "protected computers" under the statute. Crippling the software under the guise of an "update" is illegal.
Its the next one that people should be alarmed about.
I found out that since Greasemonkey is distributed on addons.mozilla.org it will automatically update itself, even though I didn't put that in the code.
Neat. I'm going to upload the neutered versions at 7pm PST. It'd be great if people could poke it a little before then.
It should be up to the individuals to decide if they want to make such significant mods to their system as purposefully crippling software.
If the Bitch from Redmond pulled a stunt like that, we'd be all over them like viruses on a Windows Box.
Purposefully breaking an app because of a possible exploit is arrogant, dishonest, alarmist, and just plain stupid. If we applied the same thinking to all other areas of our life, we wouldn't be able to do anything, paralyzed by possible fear of a possible bad meal, a potential flat tire, a possible power failure.
... or if you just don't like vaginas, you could look for someone who's had an add-a-dick-to-me...
Son: What's the difference between a cunt and a vagina Dad: Follow me. son, and I'll show you. ... leads kid into bedroom where mom is sleeping, pulls back sheet.. Dad: See that patch of hair between her legs, with the 2 lips and the hole? That's a vagina. Son: Okay, but what's a cunt? Dad: The rest of her.
>ecode>
he didn't seem to get that sending an unsolicited email to thousands, even with an altruistic goal was still spam.... then there's the idiots spamming their resumes around, looking for a computer job. Now, really, who's going to hire a fucking spammer?
For those who are running long jobs, its no diff whether its local or on the blade. Turn off the monitor and walk away till monday.
Those that don't want to reopen Windows need to be educated that they're just leaving their machines open to be abused, either locally or over the network, as well as wasting electricity.
Those with active connections monitoring other services, its the same whether its local or over a blade.
For those who are just dumb and forgot to save their work, again, education.
For those who hate having to log in and leave their login sessions active for weeks, again, they need to be educated that they're just leaving their machines open to be abused, either locally or over the network, as well as wasting electricity.
Anyone who leaves their login session open for weeks at a time because they're too lazy to reboot deserves to have all their personal settings changed (wallpaper of tubgirl, halflife.zoy.org as their homepage, all their desktop icons deleted, and their menus renamed). Then tell them "Gee, your box must have gotten hacked. How did that happen? You didn't leave it on all weekend, did you?"
If you have 10 people doing this, you're wasting a couple of grand of electricity (pc, monitor, extra AC load), as well as helping ruin the environment for our kids.
That's the point - if it had been fabricated locally, it could have been done in 1 piece like earlier military designs, the casings of which were 1-piece spun glass-reinforced resin on a large mold.
They get away with this because they don't burn from one end to the other - rather, they have a long hollow core (star-shaped cross-section, to increase surface area), and burn along the whole length, from the inside to the outside. A side benefit is the increased burn surface area, resulting in more thrust.
This whole multi-segment SRB fiasco was pork-barrelling at its worst, and was pointed out as an example of politics interfering with implementation by the same people who did the Apollo 1 fire report. NASA should learn to grow some stones and just say no to design compromises (multi-segment SRBs) and bad projects (ISS, STS).
When the they designed the lunar lander, they had to have something that would work 100% to get off the moon, and they used... a solid fuel rocket.
Both the descent and ascent rockets on the Lunar excursion module were powered by liquid propellants - specifically Nitrogen Tetroxide (N204) and Unsymmetrical Dimethylhydrazine ((CH3)2NNH2)
Look here for a cutaway diagram where you can see both the fuel and oxidizer tanks on the LEM.
Nitrogen tetroxide became the storable liquid propellant of choice from the late 1950's. Nitrogen tetroxide consists principally of the tetroxide in equilibrium with a small amount of nitrogen dioxide (NO2). .... Unsymmetrical Dimethylhydrazine ((CH3)2NNH2) became the storable liquid fuel of choice by the mid-1950's. Development of UDMH in the Soviet Union began in 1949. It is used in virtually all storable liquid rocket engines except for some orbital manoeuvring engines in the United States, where MMH has been preferred due to a slightly higher density and performance.
The need to use o-rings in the SRBs was because of pork-barrelling the contract. The winning contractor (Morton Thiokol) had to fabricate the boosters in sections so they could be shipped by barge, rather than fabricating them in one piece, which would have eliminated the o-ring that failed.
Damn - we made a hardware/software product presentation today and didn't even think to use a single buzzword! Stuck with those old-fashioned terms "easy to use" (then show them), "simple to maintain" (then tell them how), etc.
I don't know - I think all the buzzwords would tend to work against you nowadays when you're trying to build trust, because people recognize them for what they are... marketing bafflegab.
I mean, when is the last time that the phrase "TCO" didn't set off your bullshit detector?
Unlike Sun, IBM will actually still be in business and providing support for their hardware in another five years.
... except its not IBM... its Lenovo. Who knows where they'll be in 5 years (if you had RTFA, you'd know they're even losing market share to Dell and HP in China)
... except this isn't a real "thin client". You get a dedicated cpu/disk/etc in a rack for each user.
Also, because of the complexity of configuring, etc., they'll be more expensive to set up and maintain than a beige box (which the article points to as one of the reasons it hasn't been done that way before).
Think of it as the equivalent of your current PC stuffed in another room, with a long mouse cord, a long keyboard cord, and a long monitor cord. Also, since all the "servers" will be in one place, you'll need a dedicated cooling solution, so look for more $$$.
So, no energy savings, higher acquisition, setup and maintenance costs, less expandability/flexibility, and a single point of failure/total data loss.
[ ] "reduces desk clutter" - so they can now make your cubby smaller, since you no longer need a desk - a tea wagon should suffice [ ] they can now appropriate your amd64-3000 for themselves, since you don't need such a powerful unit any more [ ] "a clean desk is a sign of a sick mind" - and this will reduce desk clutter... so you can be fired because you're now obviously a sicko perv [ ] central management - "all your pr0n are belong to us"
... I for one don't welcome our asian blade-serving overlords.
I have several trees growing in my garden from seed, which I intend to gnaw down with my own teeth
Sorry, but I represent the Beavers of North America, and you are being served with a Cease and Desist for copying our prior art and patents.
The Department of Homeland Security has also been informed that you are in possession of terrorist devices, namely augmented dentition, which you could only have obtained if you were gene-spliced.
As someone who has defied and defiled creation through this gene-splicing, your name and location has also been handed over to the new ultra-secret, government-funded Fundamentalists for Human Purity, who will quickly show you the error of your ways during your upcoming "vacation".
Also, after running your words through Echelon, we have determined that "trees... gnaw down" is code for "Bush... knock off", or a threat to assassinate the president. Your room at Gitmo is being prepared even as you read this.
Um, those books never get read - used as they are in making space for shelving to hold the other books!
Sure they do - how else are you going to get the "real deal", the background, the culture, the arcana, that separates you from the (m)asses? And that also lets you grok the whys of something as opposed to just the hows.
Great justification for sitting on the can for an hour at the office any day.
For example, I didn't bother upgrading from firefox 0.8 when everyone was worried about the image bug. I looked at it, decided that my risk was precisely zero, based on my browsing patterns, existing security measures, etc., and stayed with 0.8 until I upgraded my distro. That is my choice.
Not every potential exploit has to be fixed RSN in every situation (even Linus agrees on that).
They're called personal computers for a reason - what I put on them is mine. Tell me what is wrong, and let me be the judge as to whether I patch or not. Don't try to cripple stuff under guise of "patching". Maybe I have a different work-around, or I have other precautions in place, or I've balanced the risk/benefit ratio and determined that removing the functionality is more damaging in the heare-and-now than some potential damage that might happen in the future.
F/LOSS is based on trust. This was NOT the way to go about engendering more trust.
You don't have the legal right to cripple software on another person's computer w/o their informed consent. This is unauthorized access. That's the law. Work within it:
Its misleading the way it was done. The user thinks they're getting an upgrade or bug fix, when in fact they're losing functionality.
If its wrong for spammers to be dishonest to end users, its also wrong for developers. Good intentions are no excuse.
When you have a problem, its best to be as open and aboveboard as possible. Tylenol was a good example of this when that guy started putting poison in their pills. More recently, ditto Wendys and the finger.
What they're doing (posting crippleware as an "update") is more like giving everyone the finger.
Calling it an update, when in actual fact its not, is not the way to engender trust among users. Its also illegal to cripple functioning software on a persons computer w/o their informed consent, as I've pointed out elsewhere.
This was decided by the courts almost 20 years ago, when L'Oreal and their IT supplier got into a dispute, and the IT supplier unilaterally disabled L'Oreal's software. The IT supplier lost, damages in the millions were awarded.
It's about transparency and trust. If you can't see that, they you are just as blind as the developers who pulled this stunt.
Its also illegal.
http://www.usdoj.gov/criminal/cybercrime/1030NEW.h tm
Computers connected to the internet are "protected computers" under the statute. Crippling the software under the guise of an "update" is illegal.There's a proper way to handle exploits. Disabling a piece of software under the guise of an "update" wasn't the way to do it.
If the Bitch from Redmond pulled a stunt like that, we'd be all over them like viruses on a Windows Box.
Purposefully breaking an app because of a possible exploit is arrogant, dishonest, alarmist, and just plain stupid. If we applied the same thinking to all other areas of our life, we wouldn't be able to do anything, paralyzed by possible fear of a possible bad meal, a potential flat tire, a possible power failure.
... or if you just don't like vaginas, you could look for someone who's had an add-a-dick-to-me ...
>ecode> he didn't seem to get that sending an unsolicited email to thousands, even with an altruistic goal was still spam. ... then there's the idiots spamming their resumes around, looking for a computer job. Now, really, who's going to hire a fucking spammer?
Those that don't want to reopen Windows need to be educated that they're just leaving their machines open to be abused, either locally or over the network, as well as wasting electricity.
Those with active connections monitoring other services, its the same whether its local or over a blade.
For those who are just dumb and forgot to save their work, again, education.
For those who hate having to log in and leave their login sessions active for weeks, again, they need to be educated that they're just leaving their machines open to be abused, either locally or over the network, as well as wasting electricity.
Anyone who leaves their login session open for weeks at a time because they're too lazy to reboot deserves to have all their personal settings changed (wallpaper of tubgirl, halflife.zoy.org as their homepage, all their desktop icons deleted, and their menus renamed). Then tell them "Gee, your box must have gotten hacked. How did that happen? You didn't leave it on all weekend, did you?"
If you have 10 people doing this, you're wasting a couple of grand of electricity (pc, monitor, extra AC load), as well as helping ruin the environment for our kids.
They get away with this because they don't burn from one end to the other - rather, they have a long hollow core (star-shaped cross-section, to increase surface area), and burn along the whole length, from the inside to the outside. A side benefit is the increased burn surface area, resulting in more thrust.
This whole multi-segment SRB fiasco was pork-barrelling at its worst, and was pointed out as an example of politics interfering with implementation by the same people who did the Apollo 1 fire report. NASA should learn to grow some stones and just say no to design compromises (multi-segment SRBs) and bad projects (ISS, STS).
yep, and libraries have an exemption from certain restrictions of the copyright act.
Look here for a cutaway diagram where you can see both the fuel and oxidizer tanks on the LEM.
More about both fuel and oxidizer here
The need to use o-rings in the SRBs was because of pork-barrelling the contract. The winning contractor (Morton Thiokol) had to fabricate the boosters in sections so they could be shipped by barge, rather than fabricating them in one piece, which would have eliminated the o-ring that failed.I don't know - I think all the buzzwords would tend to work against you nowadays when you're trying to build trust, because people recognize them for what they are ... marketing bafflegab.
I mean, when is the last time that the phrase "TCO" didn't set off your bullshit detector?
Also, because of the complexity of configuring, etc., they'll be more expensive to set up and maintain than a beige box (which the article points to as one of the reasons it hasn't been done that way before).
Think of it as the equivalent of your current PC stuffed in another room, with a long mouse cord, a long keyboard cord, and a long monitor cord. Also, since all the "servers" will be in one place, you'll need a dedicated cooling solution, so look for more $$$.
So, no energy savings, higher acquisition, setup and maintenance costs, less expandability/flexibility, and a single point of failure/total data loss.
So what is the upside, again?
The Department of Homeland Security has also been informed that you are in possession of terrorist devices, namely augmented dentition, which you could only have obtained if you were gene-spliced.
As someone who has defied and defiled creation through this gene-splicing, your name and location has also been handed over to the new ultra-secret, government-funded Fundamentalists for Human Purity, who will quickly show you the error of your ways during your upcoming "vacation".
Also, after running your words through Echelon, we have determined that "trees ... gnaw down" is code for "Bush ... knock off", or a threat to assassinate the president. Your room at Gitmo is being prepared even as you read this.
Great justification for sitting on the can for an hour at the office any day.