well there's plenty of practical evidence MiTM attacks for ssh and ssl are real, no matter what books may say about it.
Funny, both those documents said the user's client would display
a big red warning saying: "HEY DUMBASS, THERE IS SOMETHING
WRONG WITH THE SERVER'S KEY." It isn't the protocol's problem
if the user doesn't understand basic security and will ignore
warnings.
I'm also fairly sure the recent %01 bug in IE could be used advantageously to cheaply pretend to be someone else's SSL server. The URL will look ok, the little lock will be closed, and no warning popup will show up. That's good enough for 99.9% of users.
So because one crappy browser has a bug which may potentially
be exploited, we should forget about using SSL for security? Whatever
you say.
BTW, I check the cert every time I log into an important site,
though an IE bug won't affect me because I use that other crappy
dragon browser (for HTTPS anyway, I use Dillo for most everything
else.)
I don't know what the AC's problem was (Troll? LJ is just a blog
site, and the article even said the main problem was users giving
away their passwords), but it is stupid to say some javascript code
is as secure as SLL.
Especially using windows troll logic--"there is a potential hole in
X, so it negates the tonnes of glaring holes in my favorite
Y. Y is clearly better." It may be more secure than nothing, but
don't just make crap up.
Maybe you should've pointed out Master
Fitzpatrick already said he was working on it and
asked the AC troll
why it wanted to break into 14 year old girl's blog accounts anyway.;-)
Many modern operating
systems use filesystems which are designed to prevent fragmentation in
the first place. Try doing a search for ext2 (or ufs) and defrag.
If you delete the corresponding entry in the first couple lines of
chrome.rdf
(the section starting with RDF:Seq about="urn:mozilla:package:root"),
it seems to get rid of the item in the extensions dialog--I think you have
to delete the extension file as well. It still leaves junk in the rdf file,
but I don't think it causes problems.
Go to ~/.phoenix/default/*/chrome
(for Firebird--start with ~/.mozilla for Mozilla) and edit the chrome.rdf file
(make a backup of it first!!!). The extension's file
should be in the same directory. If it doesn't work for some reason
(the browser will crash on startup), revert chrome.rdf from your backup
and remove the lock file (located in the directory above chrome)
Yeah, isn't easy and may potentially screw up your config,
but if you really want to get rid of an extension,
it seems to work.
How is voluntarily donating to a nonprofit project in any way
similar to communism?
It's not like they are GNU/Microsoft trying to take over the world.
If people find the site useful, they will donate. If they don't care about
it, they won't. Simple choice. No one is trying to deceive anyone into
giving away money or power. Sounds a
lot less like capitalism than revenue by advertisement.
Also, Ads are an inefficient way to pay for something...unless
you think your time is worth less than $0.10(US)/hour. Mine isn't. Many
ad based sites will use any form of deceptive practice to force users
to look at as many ads as possible. Forcing people to read
propagands... Sounds like communism to me.
Yeah, but those buttons are inconvenient to use, and
poorly constructed too (at least on
my controller--maybe it's defective, but I don't think so.)
I don't understand why they didn't
use the A button instead. Use/take makes more sense than
run/take, correct?
My favorite is when you are holding the net and try to talk to an
animal.;-) Sometimes the avatar will keep bopping the animal on the
head, even when you are in the correct position. I usually put it in
inventory, but sometimes I don't have the space, and sometimes I
don't like to waste the time...
I suppose something
can be said for playing games on a real computer, at least there are
enough buttons on the keyboard to go around...
They could build Windows on top of existing distributions; but then they lose control of plug and play, which would be the biggest complaint from users of Windows on Linux; people would blame MS for Linux's shortcomings when their brand new digital camera failed to connect properly.
You don't know what you are talking about here. The reason many
things don't "work" on Linux are because hardware vendors only
support MS Operating Systems. It has nothing to do with plug and pray.
If a bunch of hardware vendors decided to only support Linux and
not MS Windows, then you would have the same problems with
Windows. Not to mention, if a company as big as Microsoft decided to
throw its weight towards Linux as a desktop OS, and MS stopped
their "interesting" practices with hardware vendors (many vendors
are simply afraid to support non-MS systems because of what MS
may do to them--just read the information from the anti-trust case),
then hardware wouldn't have nearly as many problems
in Linux.
Claiming hardware doesn't work with Linux (or other non-MS
systems) because of technical issues is a red herring and FUD.
The main reason they don't support non-MS systems is mostly
political, aside from just not having enough resources to support
multiple OSs or plain old pure laziness.
I have to agree, at least partly.
The gameplay in Animal Crossing is great. If
they'd only make a decent interface. It almost seems designed to waste
your time.
The animals' speech is slowly drawn on the screen character
by character, and even if you press the button to hurry it along, it only
goes faster instead of instantly displaying the text. I don't care about
hearing the Animalese, I can't understand it anyway.
Don't get me started
about them linking the same button to both run and pick up an item.
The interface sucks bigtime.
You sound just like the dickheads on the comp.os.linux newsgroups.
You're too stupid to come up with a helpful idea, so you write a
shitheaded
red herring post slamming the person for wanting to do something. What
the hell is so wrong about wanting to live and work out in the woods???
I don't have much interest in it either, but that doesn't mean other people
are whacko because they don't live the exact same way you do.
Some people find it relaxing. Some people like the woods.
Some people feel the need to get away from idiots (like you), and living
out in the middle of nowhere is a very easy way to do that.
Yes, the P2P program installs a virus called DRM
onto your computer, which wrests away control from you, and allows a
third party total control over your system. Any "pirated materials"[1] will be deleted from your hard drive.
Either that, or since Kazaa isn't made by M$ (
ooh they are very jealous of any competitors)
and Palladium hasn't been released yet (not
that Microsoft would allow Kazaa to run on a pure Palladium system anyway),
the p2p program probably just does something stupid. Probably
downloads the file to a "secret" location on your hard drive, lauches
the player, waits until you close your video player
program, then deletes the file.
[1] Pirated materials are files containing any material critical of our great
overlord.
So you are saying everyone should fuck up their computer with one of the shittiest operating systems ever made?
Total time spent: just under four hours.
Until tomorrow. Then you'll have to spend another four hours trying to get your system working again because 3 lines of M$ code says
"you don't want these settings, let me fix them for you." or
"this driver wasn't signed by Microsoft, I'll just delete it."
8 year old son: Dad, I'm hungry. I haven't eaten for three days.
"Dad": Well son, you should've been more prepared. See? Look, I have all this food because I came into this world prepared. You don't have any because you didn't bother to prepare. Lazy bum.
I also don't understand why you said region coding was "racist" though I also think the AC was off base. I would say region coding seems to be more about price fixing and economic control than any racism. If you look at a region coding map, you'll see it isn't drawn in racial areas.
If it were racial, US/Canada, all of Europe, Russia and Austraila would be in one group. All of Asia would be in one group. Central and South America would be in their own individual group. Yet these groups are all mixed up.
If you look at it, they seem to be divided among more economic lines.
Region 1: US/Canada - both wealthy nations
Region 2: Western Europe, Japan, the Middle East, and others - all wealthy (perhaps regions 1&2 should have been joined, but I suppose the US based organization who made the standard decided they wanted more control over their area)
Region 3: various countries - I suppose they are well off, but not as rich as 1 & 2.
Region 4: Central/South America & the Pacific - Most of these countries can be considered poor, but not the worse. I don't know why they put the Aussies in there though. Maybe they don't care about that market?
Region 5: various countries - many of these countries can be considered "third world" in the respect they are generally the poorest of all. I'm not sure if Eastern Europe and Russia would be lumped in here today (maybe region 4), but at the time DVD was created, those countries weren't doing well.
Region 6: China - They are their own beast, the government probably asked to be in their own region so they can control what can be played.
Dude! Didn't you hear? Americans don't add anymore. The Americans passed a law making addtion illegal. They are directed to used exclusive or instead. It's faster! Here in Soviet Russia, exclusive or adds you!
It is! It is! If you store their secret prime number in your user account, you can view pictures of barely illegal naked teens!;-9 The bad news is it takes 7 days to verify.;-(
When you are talking about different processor architectures, distro does matter as it provides the precompiled binaries for your system to run. A program compiled for a PowerPC won't run on a IA32 (aka i386) system and vice versa.
The kernel and modules are even more critical. Sometimes the basic design of computers using the same processor are different, so the kernel/bootloader has to use different code to load the system. The only examples I can think of right now might be something like the Amiga, the classic Mac, and Atari ST. They all used the 680x0 processor, but I believe the rest of their designs were completely different.
It also matters which hardware options were precompiled into your kernel. If the distro left out ISA support (perhaps they assume everyone uses only PCI), then you can't boot their system on an older computer which uses ISA cards--such as a 386 or many 486s.
Even source based distros (such as Gentoo) have to use binaries at some point. You can't compile without a compiler binary, and you can't run a compiler binary (or even boot) without a kernel binary. Though with source based the maintainers probably have less work to support each new processor.
So, yes it does make a big difference which distro you use when you want to use a new (or less common or just different from what they decided to support) processor architecture. Most of them support the most common type (IA32), but some distros may wait before they try to support these new 64 bit processors, if at all. However IA32 support should work fine--assuming they are fully backwards compatible. The software just won't take advantage of the extra power.
If you were a Linux user, this type of thing would be an old hat who was beaten to death.
I remember in the days of Win98. With every single Linux security story, the WinNuts would cry: "See! See! Linux is just as insecure as Windows!" They would even do this on stories about local compromises, yet Win98 has no local security whatsoever. No permissions. Nothing. It doesn't even keep track of which users own a file. And they'd still insist it overshadows all the Windows holes, which were in effect root level remote compromises.
I especially love when they'd play numbers games. They'd say Linux has twice as many vulnerabilities as Windows this month/year, yet if one would actually look at the reports, one would see the Linux ones weren't nearly as serious. Nearly all Windows ones would say something like "one packet from the internet will cause arbitrary code execution with admin rights." Yet the Linux "vulnerablilties" would be mostly obscure crap from packages almost no one uses. "Video game Boogerman3D will allow any user to change the high score list." Oh no! Some user might give himself a billion point high score...what do I do???
Welcome to the real world. Where a bunch of lusers try to point out the "inferiority" of your OS by claiming your relatively obscure and unimportant security flaws are much worse than glaring and suicidal ones.
My cube's been up for 90 days. I plan to take it down and upgrade it eventually. Does this mean I'm going to be vulnerable?
Give the guy a break. After all, he is used to Windows where you have to reboot every hour just to keep it running. There is no way he could even consider a 90 day uptime.
CASH too easy to counterfeit??? As a certified terroristcriminal(TM), I'd rather work with the credit/debit cards. Smart chips are fun to hack. Anyway, CC companies don't care about fraud, they just push the costs onto the merchant.;-)
IANAL, but I don't think a "no backup" clause is enforceable, at least in the US. If you look in Title 17, Chapter 1, Sec. 117 ("Limitations on exclusive rights: Computer Programs"), it says making an archival copy (I assume this must mean backup) is not a violation of copyrights.
Notwithstanding the provisions of section 106, it is not an infringement for the owner of a copy of a computer program to make or authorize the making of another copy or adaptation of that computer program provided:
...
(2)
that such new copy or adaptation is for archival purposes only and that all archival copies are destroyed in the event that continued possession of the computer program should cease to be rightful.
In fact, paragraph 1 seems to say the programs UbiSoft is blocking may be allowed.
(1)
that such a new copy or adaptation is created as an essential step in the utilization of the computer program in conjunction with a machine and that it is used in no other manner...
It depends upon how the courts will interpet the word "essential." Reading the posts, there seems to be plenty of people on Slashdot who think using a hard drive copy is essential so their CD won't get scratched up. I don't know, maybe I'm stretching a bit.
Look around LA, you not see much of coal plants do you? Do you see any electrical plants or any smoke stacks at all?... Energy is produced elsewhere, like hundreds if not thousand of miles away.
So you are saying the US gets all it's power from asia? Funny, I don't recall hearing about power lines stretched across the Pacific, not to mention the implasability of anyone constructing such a system. Or are you saying places like Nevada and Utah are third world "countries"??? They are hardly dens of polluted filth--unless you are counting the Taliban-like citizens of Utah.
There is one problem with your little theory. Stallman isn't a Linux developer. Harassing people on the mailing list are the only "contributions" he has made to the Linux kernel.
Slashdot Mirror
Funny, both those documents said the user's client would display a big red warning saying: "HEY DUMBASS, THERE IS SOMETHING WRONG WITH THE SERVER'S KEY." It isn't the protocol's problem if the user doesn't understand basic security and will ignore warnings.
So because one crappy browser has a bug which may potentially be exploited, we should forget about using SSL for security? Whatever you say.
BTW, I check the cert every time I log into an important site, though an IE bug won't affect me because I use that other crappy dragon browser (for HTTPS anyway, I use Dillo for most everything else.)
I don't know what the AC's problem was (Troll? LJ is just a blog site, and the article even said the main problem was users giving away their passwords), but it is stupid to say some javascript code is as secure as SLL. Especially using windows troll logic--"there is a potential hole in X, so it negates the tonnes of glaring holes in my favorite Y. Y is clearly better." It may be more secure than nothing, but don't just make crap up.
Maybe you should've pointed out Master Fitzpatrick already said he was working on it and asked the AC troll why it wanted to break into 14 year old girl's blog accounts anyway. ;-)
Many modern operating systems use filesystems which are designed to prevent fragmentation in the first place. Try doing a search for ext2 (or ufs) and defrag.
If you delete the corresponding entry in the first couple lines of chrome.rdf (the section starting with RDF:Seq about="urn:mozilla:package:root"), it seems to get rid of the item in the extensions dialog--I think you have to delete the extension file as well. It still leaves junk in the rdf file, but I don't think it causes problems.
Go to ~/.phoenix/default/*/chrome (for Firebird--start with ~/.mozilla for Mozilla) and edit the chrome.rdf file (make a backup of it first!!!). The extension's file should be in the same directory. If it doesn't work for some reason (the browser will crash on startup), revert chrome.rdf from your backup and remove the lock file (located in the directory above chrome)
Yeah, isn't easy and may potentially screw up your config, but if you really want to get rid of an extension, it seems to work.
Speaking of defective, the ending tag in your sig is cut off.
How is voluntarily donating to a nonprofit project in any way similar to communism? It's not like they are GNU/Microsoft trying to take over the world. If people find the site useful, they will donate. If they don't care about it, they won't. Simple choice. No one is trying to deceive anyone into giving away money or power. Sounds a lot less like capitalism than revenue by advertisement.
Also, Ads are an inefficient way to pay for something...unless you think your time is worth less than $0.10(US)/hour. Mine isn't. Many ad based sites will use any form of deceptive practice to force users to look at as many ads as possible. Forcing people to read propagands... Sounds like communism to me.
Yeah, but those buttons are inconvenient to use, and poorly constructed too (at least on my controller--maybe it's defective, but I don't think so.) I don't understand why they didn't use the A button instead. Use/take makes more sense than run/take, correct?
My favorite is when you are holding the net and try to talk to an animal. ;-) Sometimes the avatar will keep bopping the animal on the
head, even when you are in the correct position. I usually put it in
inventory, but sometimes I don't have the space, and sometimes I
don't like to waste the time...
I suppose something can be said for playing games on a real computer, at least there are enough buttons on the keyboard to go around...
You don't know what you are talking about here. The reason many things don't "work" on Linux are because hardware vendors only support MS Operating Systems. It has nothing to do with plug and pray.
If a bunch of hardware vendors decided to only support Linux and not MS Windows, then you would have the same problems with Windows. Not to mention, if a company as big as Microsoft decided to throw its weight towards Linux as a desktop OS, and MS stopped their "interesting" practices with hardware vendors (many vendors are simply afraid to support non-MS systems because of what MS may do to them--just read the information from the anti-trust case), then hardware wouldn't have nearly as many problems in Linux.
Claiming hardware doesn't work with Linux (or other non-MS systems) because of technical issues is a red herring and FUD. The main reason they don't support non-MS systems is mostly political, aside from just not having enough resources to support multiple OSs or plain old pure laziness.
I have to agree, at least partly. The gameplay in Animal Crossing is great. If they'd only make a decent interface. It almost seems designed to waste your time.
The animals' speech is slowly drawn on the screen character by character, and even if you press the button to hurry it along, it only goes faster instead of instantly displaying the text. I don't care about hearing the Animalese, I can't understand it anyway.
Don't get me started about them linking the same button to both run and pick up an item. The interface sucks bigtime.
You sound just like the dickheads on the comp.os.linux newsgroups. You're too stupid to come up with a helpful idea, so you write a shitheaded red herring post slamming the person for wanting to do something. What the hell is so wrong about wanting to live and work out in the woods??? I don't have much interest in it either, but that doesn't mean other people are whacko because they don't live the exact same way you do. Some people find it relaxing. Some people like the woods. Some people feel the need to get away from idiots (like you), and living out in the middle of nowhere is a very easy way to do that.
Yes, the P2P program installs a virus called DRM onto your computer, which wrests away control from you, and allows a third party total control over your system. Any "pirated materials"[1] will be deleted from your hard drive.
Either that, or since Kazaa isn't made by M$ ( ooh they are very jealous of any competitors) and Palladium hasn't been released yet (not that Microsoft would allow Kazaa to run on a pure Palladium system anyway), the p2p program probably just does something stupid. Probably downloads the file to a "secret" location on your hard drive, lauches the player, waits until you close your video player program, then deletes the file.
[1] Pirated materials are files containing any material critical of our great overlord.
So you are saying everyone should fuck up their computer with one of the shittiest operating systems ever made?
Until tomorrow. Then you'll have to spend another four hours trying to get your system working again because 3 lines of M$ code says "you don't want these settings, let me fix them for you." or "this driver wasn't signed by Microsoft, I'll just delete it."
Ah ha! So you're the one DDoSing SCO's website! Posting links to their servers on Slashdot. Naughty boy.
Oh yeah, I can imagine.
8 year old son: Dad, I'm hungry. I haven't eaten for three days.
"Dad": Well son, you should've been more prepared. See? Look, I have all this food because I came into this world prepared. You don't have any because you didn't bother to prepare. Lazy bum.
Nah, e3 is much better. It's only 13k (statically linked) and supports both vi and emacs key bindings.
But, if you want a real command line editor, go for cat.
I also don't understand why you said region coding was "racist" though I also think the AC was off base. I would say region coding seems to be more about price fixing and economic control than any racism. If you look at a region coding map, you'll see it isn't drawn in racial areas.
If it were racial, US/Canada, all of Europe, Russia and Austraila would be in one group. All of Asia would be in one group. Central and South America would be in their own individual group. Yet these groups are all mixed up.
If you look at it, they seem to be divided among more economic lines.
Region 1: US/Canada - both wealthy nations
Region 2: Western Europe, Japan, the Middle East, and others - all wealthy (perhaps regions 1&2 should have been joined, but I suppose the US based organization who made the standard decided they wanted more control over their area)
Region 3: various countries - I suppose they are well off, but not as rich as 1 & 2.
Region 4: Central/South America & the Pacific - Most of these countries can be considered poor, but not the worse. I don't know why they put the Aussies in there though. Maybe they don't care about that market?
Region 5: various countries - many of these countries can be considered "third world" in the respect they are generally the poorest of all. I'm not sure if Eastern Europe and Russia would be lumped in here today (maybe region 4), but at the time DVD was created, those countries weren't doing well.
Region 6: China - They are their own beast, the government probably asked to be in their own region so they can control what can be played.
Dude! Didn't you hear? Americans don't add anymore. The Americans passed a law making addtion illegal. They are directed to used exclusive or instead. It's faster! Here in Soviet Russia, exclusive or adds you!
It is! It is! If you store their secret prime number in your user account, you can view pictures of barely illegal naked teens! ;-9 The bad news is it takes 7 days to verify. ;-(
When you are talking about different processor architectures, distro does matter as it provides the precompiled binaries for your system to run. A program compiled for a PowerPC won't run on a IA32 (aka i386) system and vice versa.
The kernel and modules are even more critical. Sometimes the basic design of computers using the same processor are different, so the kernel/bootloader has to use different code to load the system. The only examples I can think of right now might be something like the Amiga, the classic Mac, and Atari ST. They all used the 680x0 processor, but I believe the rest of their designs were completely different.
It also matters which hardware options were precompiled into your kernel. If the distro left out ISA support (perhaps they assume everyone uses only PCI), then you can't boot their system on an older computer which uses ISA cards--such as a 386 or many 486s.
Even source based distros (such as Gentoo) have to use binaries at some point. You can't compile without a compiler binary, and you can't run a compiler binary (or even boot) without a kernel binary. Though with source based the maintainers probably have less work to support each new processor.
So, yes it does make a big difference which distro you use when you want to use a new (or less common or just different from what they decided to support) processor architecture. Most of them support the most common type (IA32), but some distros may wait before they try to support these new 64 bit processors, if at all. However IA32 support should work fine--assuming they are fully backwards compatible. The software just won't take advantage of the extra power.
If you were a Linux user, this type of thing would be an old hat who was beaten to death.
I remember in the days of Win98. With every single Linux security story, the WinNuts would cry: "See! See! Linux is just as insecure as Windows!" They would even do this on stories about local compromises, yet Win98 has no local security whatsoever. No permissions. Nothing. It doesn't even keep track of which users own a file. And they'd still insist it overshadows all the Windows holes, which were in effect root level remote compromises.
I especially love when they'd play numbers games. They'd say Linux has twice as many vulnerabilities as Windows this month/year, yet if one would actually look at the reports, one would see the Linux ones weren't nearly as serious. Nearly all Windows ones would say something like "one packet from the internet will cause arbitrary code execution with admin rights." Yet the Linux "vulnerablilties" would be mostly obscure crap from packages almost no one uses. "Video game Boogerman3D will allow any user to change the high score list." Oh no! Some user might give himself a billion point high score...what do I do???
Welcome to the real world. Where a bunch of lusers try to point out the "inferiority" of your OS by claiming your relatively obscure and unimportant security flaws are much worse than glaring and suicidal ones.
Give the guy a break. After all, he is used to Windows where you have to reboot every hour just to keep it running. There is no way he could even consider a 90 day uptime.
CASH too easy to counterfeit??? As a certified terroristcriminal(TM), I'd rather work with the credit/debit cards. Smart chips are fun to hack. Anyway, CC companies don't care about fraud, they just push the costs onto the merchant. ;-)
IANAL, but I don't think a "no backup" clause is enforceable, at least in the US. If you look in Title 17, Chapter 1, Sec. 117 ("Limitations on exclusive rights: Computer Programs"), it says making an archival copy (I assume this must mean backup) is not a violation of copyrights.
In fact, paragraph 1 seems to say the programs UbiSoft is blocking may be allowed.
It depends upon how the courts will interpet the word "essential." Reading the posts, there seems to be plenty of people on Slashdot who think using a hard drive copy is essential so their CD won't get scratched up. I don't know, maybe I'm stretching a bit.
It works as good birth control too!
So you are saying the US gets all it's power from asia? Funny, I don't recall hearing about power lines stretched across the Pacific, not to mention the implasability of anyone constructing such a system. Or are you saying places like Nevada and Utah are third world "countries"??? They are hardly dens of polluted filth--unless you are counting the Taliban-like citizens of Utah.
There is one problem with your little theory. Stallman isn't a Linux developer. Harassing people on the mailing list are the only "contributions" he has made to the Linux kernel.