Firefox3 also has only 1 issue unpatched, while IE6 has 22 open issues.
Good. I hit a nerve. Don't fall for Secunia's misleading descriptions and understate the risk significantly. Qo re-read those "moderate" problems on MSIE and compare them to "severe" bugs on other products. Yeah, the MSIE bugs are frequently downplayed in severity.
The advisories are also hidden away for some products and lifted to the start page for others. Just try to find the MSIE advisories in the by product listing. Can't easily do it. Also notice that in the scope notes, most of the MSIE vulnerabilities expand out to include all applications which can inadvertently call MSIE through hard-coded options, such as WMP. That works out to a very large base of vulnerable applications.
Secunia's not the only one obfuscating the unsuitability of MS products. Even the US NVD is affected. None of them mention avoiding the defective product (Windows) or problem tool (MSIE). It wasn't too many years ago that mainstream magazines were talking about banning MS Outlook for the sake of security. Now even "security" specialists are changing the subject or mumbling when asked if the emperor is really wearing any clothes.
There's just not a business case to stay on the autoflagellation combination, Windows+MSIE
Being able to point them to an unbiased, reliable source to back up the "Firefox is safer" claim would help.
Unfortunately the facts are "biased" against MS products. It doesn't matter anyway, since if they're running Windows, then they're not likely to be influenced (or not allowed to be influenced) by troublesome things like empirical studies.
The problem is getting enough mainstream recognition that maybe something might actually be done about it. For now, though, we have the junk science, post-modern business, everything-is-an-opinion legacy to contend with.
On your way out go re-read those "moderate" problems on MSIE and compare them to "severe" bugs on other products. Yeah, the MSIE bugs are frequently downplayed in severity.
If the facts are against you, bang on the law. If the law is against you, bang on the facts. If both are against you, bang on the table.
Making an anti-copyright statement in court would be the equivalent of banging on the table, which Pirate Bay don't appear to need to do.
A harmful piece of glass in the food the media's been serving us has been the propagation of the falsehood that it is always illegal to freely distribute copyrighted material and that only illegal material is available via P2P. Both are wrong. It's perfectly legal to distribute copyrighted material, if it is done in according to the copyright holder's requirements. See GPL, AGPL, LGPL, BSD, ISC, CC, MPL, Aritistic and other licenses.
There is lots of material, from programs to songs, where the copyright holder has granted permission for re-distribution. Sometimes there are constraints, other times with a do-what-thou-will carte blanche. One need look no further than the Creative Commons and the various Free and Open Source Software packages to find examples. A lot of musicians realize the marketing value of free downloads.
Anyway, it has to be said again, loudly, that it is up to the copyright holder to decide who can and can't re-distribute, not the RIAA, MPAA or any other branch of MS. There are an awful lot of people who should know better, who have recently started parroting the falsehoods.
If this asshole did this with what I would have to guess was secure information....putting these plans on a non-secure computer, that alone can get you some heavy legal problems, and possibly jail time.
Except that these incidents happen happens all the time, without jail time. No one's been prosecuted publicly for deploying known insecure systems like Windows, despite there certainly being a paper trail leading to the culprits.
Take the case where Windows somehow got onto base computers in Afghanistan and were subsequently owned by malware letting still more outsiders into the network. Windows has such a cult following that it's likely the authorities will continue to turn a blind eye to the incident and make up excuses for not deploying systems capable of filling mission-critical roles.
Another prime example is that the world's seventh largest economy was shut down for five hours because some individuals decided to override technical decisions with an ideology. There are more such incidents monthly than you can shake a stick at. In a lot of regions, a threat to national economy or security is rated by the cost of the damage. Yet, for anything related to Windows, these metrics appear not to be applied.
"Sanitize all inputs before getting to the database."
NO! How many times to people have to get hammered because their own or someone else's sanatizer didn't really sanitize (ex: php's mysql_escape_string vs mysql_REAL_escape_string, and other idiotic things)
before folks will listen to DBAs and start using well parametrized stored procedures/prepared statements.
If you use a well parametrized stored procedures/prepared statements you don't have to worry about any idiots trying to do sql injection, nor how you or someone else may have botched your sanitizer.
That is correct, but PHP programming is taught generally as the blind leading the blind. I usually say PHP will be fine for those that are already quite good at C. The sanitizers have often been very disappointing when looking under the hood. Quite often there is no real parsing going on, simply global search and replace which can be gamed.
Use of parametrized stored procedures and prepared statements needs to be part of the introduction to databases with any language. The APIs are there, they're documented. Use them.
Obama's campaign was approached in the fall of 2008 by the NSA, to let him and Axelrod know that either the Chinese or the Russians hacked his campaign systems.
I'm not affiliated with any such group, but I did drop by campaign offices in the early part of the summer. I commented to three very separate people on the weaknesses I saw and that the systems would get cracked and approximately when (+/- 1 week). I contacted two of them after the breaches made the news. So far not even one has responded to my finely worded Told You So, accompanied by links to the news articles.
Just to pick a random vulnerability, the staffers did not appear to have Samba or even WebDAV over TLS. Instead it appears that documents were sent around, unencrypted via e-mail as attachments. That works fine if you're wanting to make archiving virtually impossible, waste storage like its going out of style, and ensure that each and every document has a fair chance of being intercepted.
The only way data is leaving off that private network is...
And thus there is no way for the worms to get in. Oh, wait. The base was full of worms.
If they can get in, they can get out. An encrypted network is a nice extra, if it is set up correctly and separately. And it can be a useful component in layered security. But it's still just sending around encrypted Windows worms.
I'm not a fan of certification. However, military suppliers are. And here we have at least one wormless system available.
How the worms got onto the military base are only part of the question and only a symptom. They would only be harmless data without a system designed to run the code on sight. At the bottom of it all, someone or group allowed Windows machines to be deployed on the base. There's almost certainly a paper trail that can be followed. When the culprits are found, double-tap to be sure.
These appear like real-life versions of a DOS and an injection attack. Along similar lines, the FAT lawsuit against TomTom looks also like a case of doing damage for that sake of damage.
... the worm shouldn't be able to "phone home" with data - there is no route from one of these classified computers back to the internet.
As it should be. That's simply a part of layered security. The big question mark is WTF are systems that are, in practice, designed to spread worms doing on the private network in the first place? If the worm got in, then there also exists a way out, private network or not.
The GP is basically describing a system of boondoggless that might be used to link classified networks, but there shouldn't be any routes that lead to an unclassified network.
There fixed that for you. VPNs are fine. Some day someone might even find a legitimate use for one. However, VPN or not, the worm got in, so it follows that there is at least one route out as well.
It's not just a technical problem, but a staffing or management problem: someone selected and deployed systems that spread worms.
. If for example a windows SIPRnet, or JWICs system gets comprised with spyware.
And there you have it. Encrypting the traffic just means that the worms are also encrypted. The real question WTF is Windows doing on a military base at all?
...putting these plans on a non-secure computer, that alone can get you some heavy legal problems, and possibly jail time.
Except that Windows has such a cult following that it's likely the authorities will turn a blind eye to the incident. Take the case where Windows somehow got onto base computers in Afghanistan and were subsequently owned by malware letting still more outsiders into the network. No one's been prosecuted publicly despite there certainly being a paper trail leading to the culprits.
For years we've heard MS boosters bleating the mantra: "reformat, reinstall" That heinous time-waster needs also to be looked at from an anti-trust perspective.
MS "systems" have lacked and still lack a unified, easy to use package management system such as have been available elsewhere for years. APT is probably one of the oldest and best examples, and there are abundant graphical front-ends. Lacking a point-n-click, (nearly) single step installation method for packages, and automatic handling of dependencies on MS Windows, means that when practicing the MS "reformat, re-install" there is an extra barrier to re-installing 3rd party apps. As a result, given enough iterations of the mantra, or when a large enough install base is considered, the loss of market share through attrition is quite large.
In shops afflicted with MS Windows and the mentality of the flunkies that fiddle with it, I hear that excuse all the time though in other words: there is no package repository. The result: MS Uber Alles policies and few or no third party apps.
.... think again. while i don't think these guys are innocents by a long shot, asking for jail time was always bullcrap.
They ARE innocent, thats the point. What they are doing is not...
...is not relevant.
They are innocent and remain that way unless PROVEN guilty in a court of law. Even in places like Sweden where every city square has a green, pigeon-covered bronze statue of Bill Gates with a shiny, bronze-colored ass polished to a shine daily by countless lips and noses.
However much M$, Disney, RIAA, MPAA would like your to believe otherwise, the fact is that
copying copyrighted material is perfectly legal in all Berne Convention countries, unless the copyright owner says otherwise. Even perfectly then it may be allowed but with restrictions.
The GPL, ISC, and CC licenses come to mind as overwhelmingly common examples. Act on the empirical facts not opinions, half-baked or otherwise.
Allies should not be crashing nuclear reactors into each other by accident.
Drivers should not be crashing containers of flammable liquids into each other by accident. Let's ban cars!
I realize the response was tongue-in-cheek, but automobiles account for some 41000 - 43000 deaths per year in the US. That's not counting any that were cripple, maimed, or otherwise injured for long or short term. Getting rid of the cars gets rid of that problem. We see the reduced traffic from the recession is reducing traffic deaths.
In some areas, cars are the leading cause of death for some age groups. It's rather embarassing that folks in the US can live 2km from the city center and still have, for all practical purposes, no public transportation even during business hours. It's the daily commute and the party traffic where public transport pays off for public health. The former because of the sheer number of km travelled, the latter because about 1/3 of accidents are alcohol-related.
Anyway, that's moot since most drivers don't go around with the windows boarded over, trying to sneak up on other cars, as would be the analogy for the subs.
[...] the long-standing U.S. trade embargo against the island makes it difficult for Cubans to get Microsoft software legally
difficult is not quite the same as making it impossible or nearly impossible to get the software legally, nor does it have any mention of who is breaking the embargo. IIRC, M$ has tended to go via intermediaries in cases like that.
So, no, the article does not clear up the question of how M$ violated the embargo.
So, will those eligible for a free copy of W7 by buying craptastic MS Vista count as sales of both?
You know this whole thing would be moot if the OEMs were to become able to ship any distro they want. MS appears to be using much of its staff resources in what now appears to be the end phase of whack-a-mole.
If the OEMs made a coordinated push and all hit the market the same week or even month with linux, bsd or solaris distros pre-loaded, we'd be able to see an and to the racketeering.
And what kind of fines and penalties must now be levied against the management of MS for apparently having violated the long standing, but now defunct, trade embargoes?
The faux investors are complaining about the faux research.
Most of the comments here point out is that MS doesn't do more than mimic existing products and projects and pawn that off as research.
What isn't mentioned yet is that checking the SEC filings, you can see that "research" appeared as a major item about the same time that public ridicule caused marketing to be spread out and stopped from being the major line item.
Considering the fact that they stole 21% of Microsoft's market share, encouraged new competitors and continues to grow new market share based on a grassroots campaign and Google backing, I'd say their track record refutes your statements quite effectively. Until you can show how Microsofts shrinking market share stolen by Firefox was not a direct affect of their growth, I'd say your argument is rendered inneffective.
BZZZT. Thanks for playing. However many MS Windows machines Firefox may or may not be on, 100% of those machines still have MSIE. That's what the anti-trust violation was about.
So as far as the anti-trust remedies are concerned, nothing has changed. As far as security is concerned, nothing has changed. You can run Firefox or Opera, but when another application hits an embedded script or URL, it's MSIE that gets fired up and then exploited.
The courts have found that the bundling of MSIE is anti-competitive and in violation of antitrust laws. Just how would bundling Firefox on Windows remove MSIE from the base sysem? Oh, I see, it wouldn't.
Look if the remedy for anti-competitive and predatory business practices is to remove MSIE, then just remove it. It doesn't matter how many other similar applications are pre-installed, when it is the presence of MSIE, not the absence of other applications, which is in violation of the law.
1/ Using someone's computer without their permission is a criminal act
First there's the upfront sponsoring of criminal acts. Those supporting MS products are sponsoring anti-competitive and often illegal business methods. Second, Windows can be said to, in effect, be designed to make these takeovers easy, we can extend that observation: running Windows while connected to the net is a criminal act.
Now those are from unpatched systems. However, many remote exploits are available for years before Waggener Edstrom / Microsoft even acknowledges their presence. Remember a bug exists, and can have published exploits, whether or not the company acknowledges its existence.
I feel so torn. On one had here is a chance to be paid to work on netbsd. On the other hand the job is with Microsoft.
Time to stick a fork in it, it's done. Sidekick is gone and it's time to move on. Sure it could linger on and slowing languish taking a few good developers with it on the decent into obscurity. But face it, it's owned by MS and the official policy is to stomp anything that does not promote lock-in to Windows/Office. Look at the warning example of Foxpro and see what happens to a good product that MS can't compete with on quality but was too popular to shutdown outright.
Even if the offer is legit, which it probably, isn't, just wasting invaluable developer resources porting Microsoft Useless Widget from Windows CE to NetBSD is a human resources denial of service attack taking developer time away from something useful. An extreme version of that tactic was used against Borland and others.
NetBSD is small enough that it is comparable in size to small companies, and taking out enough developers to sink the project is a realistic goal if some NetBSD developers, or potential developers, are naive or weak enough to turn quisling.
Face it. Sidekick is gone, M$ has it, and its now time to finish your mourning, face reality and move on. Start a new company.
Too true. Or everyone could drive like the crazies do here in Miami. Ignore any color light and just drive. Seriously, this city has the worst problem with running red lights, and moving here from VA I've noticed it's mainly because of the light cycles, and timing. Not even 1s between light changes in the intersection, and the amber light is drastically reduced compared to what I've seen anywhere in VA, including the DC area.
There aren't even any red light cameras and cops don't give a shit. So who knows why the DOT is so inept here?
The timing ought to be one of math: simple physics based on velocity and force of friction.
If they want to get fancy, then weather conditions can be taken into account, but personally I'd be against that since it violates K.I.S.S.
To find out the right length of the yellow light, calculate the time it takes to stop and the distance travelled during that time, assuming moving at the legal speed limit, plus a small buffer for old people, people driving with kids, or DWY.
Slashdot Mirror
Secunia states that Firefox3 has less critical issues: http://secunia.com/advisories/product/19089/
While IE6 and IE7 have moderate problems. Making IE less secure: http://secunia.com/advisories/product/11/ http://secunia.com/advisories/product/12366/
Firefox3 also has only 1 issue unpatched, while IE6 has 22 open issues.
Good. I hit a nerve. Don't fall for Secunia's misleading descriptions and understate the risk significantly. Qo re-read those "moderate" problems on MSIE and compare them to "severe" bugs on other products. Yeah, the MSIE bugs are frequently downplayed in severity.
The advisories are also hidden away for some products and lifted to the start page for others. Just try to find the MSIE advisories in the by product listing. Can't easily do it. Also notice that in the scope notes, most of the MSIE vulnerabilities expand out to include all applications which can inadvertently call MSIE through hard-coded options, such as WMP. That works out to a very large base of vulnerable applications.
Secunia's not the only one obfuscating the unsuitability of MS products. Even the US NVD is affected. None of them mention avoiding the defective product (Windows) or problem tool (MSIE). It wasn't too many years ago that mainstream magazines were talking about banning MS Outlook for the sake of security. Now even "security" specialists are changing the subject or mumbling when asked if the emperor is really wearing any clothes.
There's just not a business case to stay on the autoflagellation combination, Windows+MSIE
Being able to point them to an unbiased, reliable source to back up the "Firefox is safer" claim would help.
Unfortunately the facts are "biased" against MS products. It doesn't matter anyway, since if they're running Windows, then they're not likely to be influenced (or not allowed to be influenced) by troublesome things like empirical studies.
The problem is getting enough mainstream recognition that maybe something might actually be done about it. For now, though, we have the junk science, post-modern business, everything-is-an-opinion legacy to contend with.
Secunia states that Firefox3 has less critical issues:
http://secunia.com/advisories/product/19089/
While IE6 and IE7 have moderate problems. Making IE less secure:
http://secunia.com/advisories/product/11/
http://secunia.com/advisories/product/12366/
Bzzt. Thanks for playing
On your way out go re-read those "moderate" problems on MSIE and compare them to "severe" bugs on other products. Yeah, the MSIE bugs are frequently downplayed in severity.
If the facts are against you, bang on the law. If the law is against you, bang on the facts. If both are against you, bang on the table.
Making an anti-copyright statement in court would be the equivalent of banging on the table, which Pirate Bay don't appear to need to do.
A harmful piece of glass in the food the media's been serving us has been the propagation of the falsehood that it is always illegal to freely distribute copyrighted material and that only illegal material is available via P2P. Both are wrong. It's perfectly legal to distribute copyrighted material, if it is done in according to the copyright holder's requirements. See GPL, AGPL, LGPL, BSD, ISC, CC, MPL, Aritistic and other licenses.
There is lots of material, from programs to songs, where the copyright holder has granted permission for re-distribution. Sometimes there are constraints, other times with a do-what-thou-will carte blanche. One need look no further than the Creative Commons and the various Free and Open Source Software packages to find examples. A lot of musicians realize the marketing value of free downloads.
Anyway, it has to be said again, loudly, that it is up to the copyright holder to decide who can and can't re-distribute, not the RIAA, MPAA or any other branch of MS. There are an awful lot of people who should know better, who have recently started parroting the falsehoods.
If this asshole did this with what I would have to guess was secure information....putting these plans on a non-secure computer, that alone can get you some heavy legal problems, and possibly jail time.
Except that these incidents happen happens all the time, without jail time. No one's been prosecuted publicly for deploying known insecure systems like Windows, despite there certainly being a paper trail leading to the culprits. Take the case where Windows somehow got onto base computers in Afghanistan and were subsequently owned by malware letting still more outsiders into the network. Windows has such a cult following that it's likely the authorities will continue to turn a blind eye to the incident and make up excuses for not deploying systems capable of filling mission-critical roles.
Another prime example is that the world's seventh largest economy was shut down for five hours because some individuals decided to override technical decisions with an ideology. There are more such incidents monthly than you can shake a stick at. In a lot of regions, a threat to national economy or security is rated by the cost of the damage. Yet, for anything related to Windows, these metrics appear not to be applied.
In any other field, heads would roll.
"Sanitize all inputs before getting to the database."
NO! How many times to people have to get hammered because their own or someone else's sanatizer didn't really sanitize (ex: php's mysql_escape_string vs mysql_REAL_escape_string, and other idiotic things)
before folks will listen to DBAs and start using well parametrized stored procedures/prepared statements.
If you use a well parametrized stored procedures/prepared statements you don't have to worry about any idiots trying to do sql injection, nor how you or someone else may have botched your sanitizer.
That is correct, but PHP programming is taught generally as the blind leading the blind. I usually say PHP will be fine for those that are already quite good at C. The sanitizers have often been very disappointing when looking under the hood. Quite often there is no real parsing going on, simply global search and replace which can be gamed.
Use of parametrized stored procedures and prepared statements needs to be part of the introduction to databases with any language. The APIs are there, they're documented. Use them.
Obama's campaign was approached in the fall of 2008 by the NSA, to let him and Axelrod know that either the Chinese or the Russians hacked his campaign systems.
I'm not affiliated with any such group, but I did drop by campaign offices in the early part of the summer. I commented to three very separate people on the weaknesses I saw and that the systems would get cracked and approximately when (+/- 1 week). I contacted two of them after the breaches made the news. So far not even one has responded to my finely worded Told You So, accompanied by links to the news articles.
Just to pick a random vulnerability, the staffers did not appear to have Samba or even WebDAV over TLS. Instead it appears that documents were sent around, unencrypted via e-mail as attachments. That works fine if you're wanting to make archiving virtually impossible, waste storage like its going out of style, and ensure that each and every document has a fair chance of being intercepted.
The only way data is leaving off that private network is...
And thus there is no way for the worms to get in. Oh, wait. The base was full of worms.
If they can get in, they can get out. An encrypted network is a nice extra, if it is set up correctly and separately. And it can be a useful component in layered security. But it's still just sending around encrypted Windows worms.
I'm not a fan of certification. However, military suppliers are. And here we have at least one wormless system available.
How the worms got onto the military base are only part of the question and only a symptom. They would only be harmless data without a system designed to run the code on sight. At the bottom of it all, someone or group allowed Windows machines to be deployed on the base. There's almost certainly a paper trail that can be followed. When the culprits are found, double-tap to be sure.
These appear like real-life versions of a DOS and an injection attack. Along similar lines, the FAT lawsuit against TomTom looks also like a case of doing damage for that sake of damage.
... the worm shouldn't be able to "phone home" with data - there is no route from one of these classified computers back to the internet.
As it should be. That's simply a part of layered security. The big question mark is WTF are systems that are, in practice, designed to spread worms doing on the private network in the first place? If the worm got in, then there also exists a way out, private network or not.
The GP is basically describing a system of boondoggless that might be used to link classified networks, but there shouldn't be any routes that lead to an unclassified network.
There fixed that for you. VPNs are fine. Some day someone might even find a legitimate use for one. However, VPN or not, the worm got in, so it follows that there is at least one route out as well.
It's not just a technical problem, but a staffing or management problem: someone selected and deployed systems that spread worms.
. If for example a windows SIPRnet, or JWICs system gets comprised with spyware.
And there you have it. Encrypting the traffic just means that the worms are also encrypted. The real question WTF is Windows doing on a military base at all?
...putting these plans on a non-secure computer, that alone can get you some heavy legal problems, and possibly jail time.
Except that Windows has such a cult following that it's likely the authorities will turn a blind eye to the incident. Take the case where Windows somehow got onto base computers in Afghanistan and were subsequently owned by malware letting still more outsiders into the network. No one's been prosecuted publicly despite there certainly being a paper trail leading to the culprits.
For years we've heard MS boosters bleating the mantra: "reformat, reinstall" That heinous time-waster needs also to be looked at from an anti-trust perspective.
MS "systems" have lacked and still lack a unified, easy to use package management system such as have been available elsewhere for years. APT is probably one of the oldest and best examples, and there are abundant graphical front-ends. Lacking a point-n-click, (nearly) single step installation method for packages, and automatic handling of dependencies on MS Windows, means that when practicing the MS "reformat, re-install" there is an extra barrier to re-installing 3rd party apps. As a result, given enough iterations of the mantra, or when a large enough install base is considered, the loss of market share through attrition is quite large.
In shops afflicted with MS Windows and the mentality of the flunkies that fiddle with it, I hear that excuse all the time though in other words: there is no package repository. The result: MS Uber Alles policies and few or no third party apps.
.... think again. while i don't think these guys are innocents by a long shot, asking for jail time was always bullcrap.
They ARE innocent, thats the point. What they are doing is not ...
...is not relevant.
They are innocent and remain that way unless PROVEN guilty in a court of law. Even in places like Sweden where every city square has a green, pigeon-covered bronze statue of Bill Gates with a shiny, bronze-colored ass polished to a shine daily by countless lips and noses.
However much M$, Disney, RIAA, MPAA would like your to believe otherwise, the fact is that copying copyrighted material is perfectly legal in all Berne Convention countries, unless the copyright owner says otherwise. Even perfectly then it may be allowed but with restrictions.
The GPL, ISC, and CC licenses come to mind as overwhelmingly common examples. Act on the empirical facts not opinions, half-baked or otherwise.
Allies should not be crashing nuclear reactors into each other by accident.
Drivers should not be crashing containers of flammable liquids into each other by accident. Let's ban cars!
I realize the response was tongue-in-cheek, but automobiles account for some 41000 - 43000 deaths per year in the US. That's not counting any that were cripple, maimed, or otherwise injured for long or short term. Getting rid of the cars gets rid of that problem. We see the reduced traffic from the recession is reducing traffic deaths.
In some areas, cars are the leading cause of death for some age groups. It's rather embarassing that folks in the US can live 2km from the city center and still have, for all practical purposes, no public transportation even during business hours. It's the daily commute and the party traffic where public transport pays off for public health. The former because of the sheer number of km travelled, the latter because about 1/3 of accidents are alcohol-related.
Anyway, that's moot since most drivers don't go around with the windows boarded over, trying to sneak up on other cars, as would be the analogy for the subs.
[...] the long-standing U.S. trade embargo against the island makes it difficult for Cubans to get Microsoft software legally
difficult is not quite the same as making it impossible or nearly impossible to get the software legally, nor does it have any mention of who is breaking the embargo. IIRC, M$ has tended to go via intermediaries in cases like that.
So, no, the article does not clear up the question of how M$ violated the embargo.
So, will those eligible for a free copy of W7 by buying craptastic MS Vista count as sales of both?
You know this whole thing would be moot if the OEMs were to become able to ship any distro they want. MS appears to be using much of its staff resources in what now appears to be the end phase of whack-a-mole.
If the OEMs made a coordinated push and all hit the market the same week or even month with linux, bsd or solaris distros pre-loaded, we'd be able to see an and to the racketeering.
And what kind of fines and penalties must now be levied against the management of MS for apparently having violated the long standing, but now defunct, trade embargoes?
The faux investors are complaining about the faux research. Most of the comments here point out is that MS doesn't do more than mimic existing products and projects and pawn that off as research.
What isn't mentioned yet is that checking the SEC filings, you can see that "research" appeared as a major item about the same time that public ridicule caused marketing to be spread out and stopped from being the major line item.
MS is to computers what Enron was to energy.
Considering the fact that they stole 21% of Microsoft's market share, encouraged new competitors and continues to grow new market share based on a grassroots campaign and Google backing, I'd say their track record refutes your statements quite effectively. Until you can show how Microsofts shrinking market share stolen by Firefox was not a direct affect of their growth, I'd say your argument is rendered inneffective.
BZZZT. Thanks for playing. However many MS Windows machines Firefox may or may not be on, 100% of those machines still have MSIE. That's what the anti-trust violation was about.
So as far as the anti-trust remedies are concerned, nothing has changed. As far as security is concerned, nothing has changed. You can run Firefox or Opera, but when another application hits an embedded script or URL, it's MSIE that gets fired up and then exploited.
Way to miss the issue there, PC Pro.
The courts have found that the bundling of MSIE is anti-competitive and in violation of antitrust laws. Just how would bundling Firefox on Windows remove MSIE from the base sysem? Oh, I see, it wouldn't.
Look if the remedy for anti-competitive and predatory business practices is to remove MSIE, then just remove it. It doesn't matter how many other similar applications are pre-installed, when it is the presence of MSIE, not the absence of other applications, which is in violation of the law.
1/ Using someone's computer without their permission is a criminal act
First there's the upfront sponsoring of criminal acts. Those supporting MS products are sponsoring anti-competitive and often illegal business methods. Second, Windows can be said to, in effect, be designed to make these takeovers easy, we can extend that observation: running Windows while connected to the net is a criminal act.
Now those are from unpatched systems. However, many remote exploits are available for years before Waggener Edstrom / Microsoft even acknowledges their presence. Remember a bug exists, and can have published exploits, whether or not the company acknowledges its existence.
I feel so torn. On one had here is a chance to be paid to work on netbsd. On the other hand the job is with Microsoft.
Time to stick a fork in it, it's done. Sidekick is gone and it's time to move on. Sure it could linger on and slowing languish taking a few good developers with it on the decent into obscurity. But face it, it's owned by MS and the official policy is to stomp anything that does not promote lock-in to Windows/Office. Look at the warning example of Foxpro and see what happens to a good product that MS can't compete with on quality but was too popular to shutdown outright.
Even if the offer is legit, which it probably, isn't, just wasting invaluable developer resources porting Microsoft Useless Widget from Windows CE to NetBSD is a human resources denial of service attack taking developer time away from something useful. An extreme version of that tactic was used against Borland and others. NetBSD is small enough that it is comparable in size to small companies, and taking out enough developers to sink the project is a realistic goal if some NetBSD developers, or potential developers, are naive or weak enough to turn quisling.
Face it. Sidekick is gone, M$ has it, and its now time to finish your mourning, face reality and move on. Start a new company.
Too true. Or everyone could drive like the crazies do here in Miami. Ignore any color light and just drive. Seriously, this city has the worst problem with running red lights, and moving here from VA I've noticed it's mainly because of the light cycles, and timing. Not even 1s between light changes in the intersection, and the amber light is drastically reduced compared to what I've seen anywhere in VA, including the DC area. There aren't even any red light cameras and cops don't give a shit. So who knows why the DOT is so inept here?
The timing ought to be one of math: simple physics based on velocity and force of friction. If they want to get fancy, then weather conditions can be taken into account, but personally I'd be against that since it violates K.I.S.S.
To find out the right length of the yellow light, calculate the time it takes to stop and the distance travelled during that time, assuming moving at the legal speed limit, plus a small buffer for old people, people driving with kids, or DWY.