Slashdot Mirror


User: Phroggy

Phroggy's activity in the archive.

Stories
0
Comments
6,452
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 6,452

  1. Re:IIS Secure? on Microsoft Attempts to Secure IIS · · Score: 2

    I wish you the best of luck. The existence of software like this is one of the key reasons why IIS is as popular as it is - lots of stuff is IIS-only, making IIS an attractive choice for many PHBs.

  2. Re:this is a good first step, but.. on Microsoft Attempts to Secure IIS · · Score: 3, Funny

    Yes. That's why sendmail and bind are the paragons of security they are today. From-scratch attempts to replace them are riddled with holes that make IIS look like a pinprick.

    Oh come on. We're talking apples and oranges here. Postfix, qmail and djbdns were written by UNIX guys who knew what they were doing. IIS would be rewritten by Microsoft. Completely different story.

  3. Re:IIS Secure? on Microsoft Attempts to Secure IIS · · Score: 2

    I told them that I would purchase it as soon as they supported a web server that didn't have a new security flaw or bug discovered every week.

    What was his reaction to this? I know many Windows users are shocked by that sort of attitude...

  4. Re:I don't get it! on MAPS and Experian Settle Lawsuit · · Score: 2

    However, they might rule that blacklisting isn't a protected activity, even though it involves speech. I wouldn't agree, but I could see courts ruling that way.

    I seem to recall hearing that the courts have ruled that publishing a list of names and addresses of doctors who perform abortions, and crossing their names off when they get murdered, is protected speech.

    However, the MAPS RBL is machine-readable, not human-readable (AFAIK the RBL is not published in any human-readable form; it's only available in the form of replies to specific DNS queries, so you have to know what IP you're querying for).

  5. Re:Why is it there? on Huge security hole in Internet Explorer for MacOS · · Score: 1

    AppleScript source.

    Yep. And I want it saved to the Desktop (or wherever) when I download it. If I want to open it, I can do so on my own.

  6. Re:Replace IE On Any System on Huge security hole in Internet Explorer for MacOS · · Score: 1

    That's kinda silly. On a Mac, Internet Explorer is a choice. It happens to be the default, but switching to another browser is trivially simple. Trashing IE doesn't break half the OS and several other apps, like it would on Windows. Personally, IE is my choice on Mac OS 9 (with consideration given to Netscape, Mozilla, iCab, Opera, or heck, even Lynx. On Mac OS X, I choose OmniWeb over that list, but still rely on IE for sites that OmniWeb can't yet render. In fact, I still rely on Netscape for sites that IE can't render correctly. The point is, yeah, there are a lot of choices, and I've made mine. IE is faster and/or more reliable than the other options.

  7. Re:Why is it there? on Huge security hole in Internet Explorer for MacOS · · Score: 2

    If I click on a link for a .sit.hqx file and IE decodes the HQX, I'd like it to pass the file off to Expander for further decoding.

    Yep, I agree.

    If I click on a link for a .doc.hqx file or a .pdf.hqx file, I'd like IE to get Word or Acrobat to open the file after it removes the encoding.

    Absolutely not. The is NO REASON why a Word or Acrobat document should be encoded as BinHex, EVER. If I stumble across one, I want to be forced to go through the extra step of double-clicking, just to make sure I really know what I'm doing.

  8. Re:Why is it there? on Huge security hole in Internet Explorer for MacOS · · Score: 2

    Mac OS has always been more dangerous as far as trusting data files goes, simply because their forked file format allowed executable code to be attached to any otherwise "pure" data file. If I'm not mistaken (I'm not overly familiar with the internals of the Mac OS), this behavior was used so that data files could FIND their host application, or another suitable application instead, when they were double-clicked. It's a great convenience feature, but it also makes spreading illicit code easier... you don't have to virus scan a .txt file on Windows, but you do on a Mac.

    Nope, completely wrong. The "finding" you're talking about (where the Finder got its name) in an attribute in the filesystem, not something in the resource fork, and it's simply two 4-byte identifiers in each file. It's true that you can embed executable code in any file, but there's no reason why this code should EVER be executed, unless the file in question is an executable type of file (such as an application, an extension, or a control panel).

    I wonder if this exploit has anything to do with that.

    Nope.

  9. Re:Intrinsic Security in OS X on Huge security hole in Internet Explorer for MacOS · · Score: 2

    The fact that OS X is based on FreeBSD may very well keep this hole from becoming as damaging as it is on Windows. Unless you're logged in as root or an Admin user -- always a good idea to be a 'normal' user whenever possible -- I don't know how damaging a malicious program can be. It'd have to get around some pretty strong security.

    Nope. On a single-user system, you'll probably be logged in as an Administrator, which gives you full write access to /Applications, /Library (including /Library/Printers, /Library/Fonts, /Library/Desktop Pictures, /Library/Internet Plug-Ins, /Library/WebServer, etc.), plus your entire home directory, including everything on the desktop, your Documents folder, all your preferences, etc. etc. If you're not logged in as an Administrator, you don't have write access to /Library or /Applications, but you still have full access to everything in your home.

    The only additional thing root gives you is write access to /System and the hidden BSD directories like /usr, /var, /etc, /bin, /sbin and such. So, you can trash all your files and apps, but can't touch the OS itself, which you could really just reinstall if you wanted to anyway. That takes under half an hour. Recovering all your data? Hope you've been putting that CD-RW drive to good use.

  10. Why Titanium on GeForce3 Titanium Reviews · · Score: 2

    For the same reason everything was translucent fruit-colored plastic two years ago. I'd say it's pretty damned obvious.

  11. Re:No more epic albums on Music Industry Forcing WMA standard? · · Score: 2

    And you won't be able to do this on Linux because you can't have trusted (from the content provider) environment in open system.

    You can run a closed-source binary on an open OS, which could play a closed audio format. However, all Linux users are evil hackers, so if such a binary were made available, it would obviously be compromised within days. Never mind that the people truly interested in reverse-engineering the format won't be hindered by the lack of a Linux binary.

    Oh yeah, and nobody uses anything but Windows anyway, so it's not worth their time to write a Linux player, or even to grant a license to a more interested third party.

  12. Re:Meanwhile... on 3G Cel Service Starts in Japan · · Score: 2

    You'd be THE MAN in Ethiopia with one of these!

    Actually, I understand cell phones are pretty common in third world countries, because they don't have the infrastructure for hard-wired telephone service.

  13. Back button on FTC Shuts Down 'Pop-Up Trapping' Sites · · Score: 3, Interesting

    An important technical point: it sounds like the Back button was not actually reprogrammed to perform a different action. Rather, an onUnLoad event handler was specified in the BODY tag to execute a bit of JavaScript code when the window was closed. There are legitimate uses for this that are not annoying, although offhand I can't think of any (probably cleaning up things that were previously set, perhaps on a site that is designed to use multiple small windows for some special purpose).

  14. Re:I want privileges! on Netcraft Survey Updated · · Score: 1

    I have been a MacOS user all the live long day, and I damn well know that I want to be able to install printer drivers without any of this logging in and out authentication nonsense. Of course, if I were running a server, I'd want more stringent security. However, viewed objectively it is nonsense to make a single-user, or even multi-user, system force me to log out just to install drivers. This is poor interface design and nothing else, if you aren't running a server. (hence OS X)

    In Mac OS X, there are two types of accounts, regular users and administrators. Administrators have group write access to /Applications and /Library, so they can install most applications, printer drivers, etc. without doing anything special - just drag the app to the /Applications folder, or drag the printer driver to /Library/Printers, or whatever.

    However, administrators do NOT have access to /System, which contains the GUI layer of the operating system, and the UNIX stuff like /etc, /var, /usr, /bin and /sbin is completely hidden in the Finder. To mess with this stuff, you have to open a terminal window and type "sudo tcsh", enter your admin password, and you've got a root prompt (any admin can do this; there is no root password).

    To make configuration changes, you would generally use System Preferences, the replacement for the Control Panels folder. There's a little locked padlock icon in the corner. Click it, and you'll be prompted for an administrator username and password. Once it's unlocked, you can change whatever you need to. Click it again (or just quit), and it's locked again. This allows little Timmy to say "hey Mom, can you change this for me?" and Mom to walk over, enter her password, change the setting, and click the lock again, all without interrupting any of Timmy's work.

  15. Re:The correct interpretation... on Netcraft Survey Updated · · Score: 2

    The majority of IIS sites typically run ASP applications, whereas the majority of virtual hosted Apache sites are static.

    How did you arrive at that conclusion?

  16. Re:Interesting also is that i86 is WAY ahead... on Netcraft Survey Updated · · Score: 3, Informative

    Wouldn't it be event more deadly than a simple IIS targeted one ?

    No, because you can't arbitrarily execute x86 machine code on my x86-based server. You have to exploit a hole first, then get your code to execute. Since I run Apache instead of IIS, it's much harder for you to get into my system, and since I run Linux (properly configured) instead of Windows (misconfigured by a PHB who thinks the pretty dialog boxes make him a sysadmin), it's harder for you to do significant damage if you do get your code to run (because Apache setuids itself to a non-root user).

  17. Re:Degree, not Type on Free Speech, Porn And Internet Controls · · Score: 1

    The government's role is to keep people from hurting each other in that process.

    This is a very good point. There are certain things that I may believe to be morally wrong, or that are evil and unholy according to my religious beliefs, but it's not the place of the government to prevent them from happening solely because of my personal sense of morality or my religious beliefs.

  18. Re:Pandora's box (pardon the pun) on Free Speech, Porn And Internet Controls · · Score: 2, Interesting

    But while they'll lobby and rally for all sorts of controls on this monster we call the world wide web, they'd never consider picking up and installing some parental control software.

    Part of the reason is that "parental control software", also called "censorship software", really doesn't work particularly well. Information at PeaceFire - "It's not a crime to be smarter than your parents." Not only does filtering software not block many adult sites, it also blocks many non-adult sites. On top of that, the software can be disabled - Peacefire has instructions.

  19. Re:Age verification systems won't work. on Free Speech, Porn And Internet Controls · · Score: 1

    Just get a coalition of other "soccer moms" together, go down to the porn company's headquarters, and start splattering yourselves against the building, like they did in that South Park episode. Or, just blame Canada. ;-)

  20. Re:I had to ask... on A Quick Look At Mac-On-Linux · · Score: 1

    Oh, and do you have any idea where I can get the Sun JVM from?

    The plugin is here and the regular JRE is here.

  21. Re:Here it is, for all you MSIE trolls on A Quick Look At Mac-On-Linux · · Score: 1

    No, no suggestion. Just an observation. IE is really all I have used on the mac.

    Good observation. Part of this is a limitation of the operating system, which is why OS9 is being thrown out. Carbonizing doesn't fix the problem; some code will have to be reworked to get around the issue.

    I have tried OmniWeb in OSX, but I haven't messed with it much so I have no opinion of it yet.

    It still has some problems, but the Omni Group appears to be working hard on it, and I absolutely LOVE some of the features it has.

  22. Re:I had to ask... on A Quick Look At Mac-On-Linux · · Score: 1

    Of course it does Java; it uses Apple's JVM. Version 6 is probably a ways off, but I can't imagine they'd remove Java support. Microsoft's decision to remove Java support from MSIE/Win stems in part from Sun's lawsuit, which doesn't apply on the Mac platform, because MSIE/Mac doesn't use Microsoft's JVM.

    Apple has been shipping MSIE as the default browser on all Macs for the last several years. Apple is also heavily encouraging Java use on Mac OS X. If Microsoft removed Java support from MSIE/Mac, Apple would not be pleased, and would probably immediately dump MSIE in favor of Netscape (recent builds of Mozilla now run natively on OSX).

    I understand Sun has an ActiveX version of Java that works with IE6 for Windows; Apple did the same with QuickTime. If Microsoft did drop Java support for some reason; I'm sure an ActiveX control could be made.

  23. Re:Contracts ? on Spammers Land Optusnet On spews.org Blacklist · · Score: 2, Informative

    The ISP can easily take the defense that they have the right to protect their network from abuse, and an RBL is an acceptible means to help do that. I'm sure the fine print allows them to do it; if you're not sure, read your contract again.

  24. Re:I see Slashdot has changed its "spam" icon... on Spammers Land Optusnet On spews.org Blacklist · · Score: 2, Informative

    When did this happen? I actually like the new icon. The old one was a little disparaging to Hormel.
    I could never stand SPAM anyway. I guess I'd eat it if I were trapped in a fallout shelter. Maybe.


    Hormel's official policy is that they object to the use of their logo to refer to junk -mail. It was only a matter of time before Slashdot changed it (either voluntarily or involuntarily).

  25. Re:Here it is, for all you MSIE trolls on A Quick Look At Mac-On-Linux · · Score: 1

    Mac MSIE5 does indeed rock, but I have noticed that it chokes, and badly, on big HTML pages. For example, a big /. forum page will grind IE5 to a halt for a minute or more as it parses and renders or whatever the hell it is doing. A REALLY big page, like 1MB of HTML, can lock it up. Time for a force-quit.

    I really haven't seen another Mac browser that doesn't grind to a halt when rendering complex nested tables. Maybe I just haven't been looking. Do you have a better suggestion?

    OmniWeb definitely rocks, btw. As soon as I have some extra cash, I'm sending them $30.