Slashdot Mirror


User: jonwil

jonwil's activity in the archive.

Stories
0
Comments
5,010
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 5,010

  1. Re:Now we use IE6 and XP only for banking on Extremely Critical IE6/SP2 Exploit Found · · Score: 1

    regular HTTPS with some javascript.

    In this day and age with good high strength HTTPS readily available on the server and available on most client machines, using java, ActiveX or other such technologies on a bank site doesnt make sense.

  2. Re:Ya I pretty much have to recommend no IE now on Extremely Critical IE6/SP2 Exploit Found · · Score: 1

    Is there a list somewhere of the banks and such that DONT work with mozilla/firefox?
    Having a "name and shame" list of all the banks that dont work with mozilla/firefox would be a great way for FF users looking for a bank to know which banks to avoid.

    If National Australia Bank online banking stopped working with browsers other than IE and started requiring IE, I would probobly switch banks.

  3. Re:Windows 2003 Server? on Extremely Critical IE6/SP2 Exploit Found · · Score: 1

    Most of the windows vulnerabilities are in user level programs like IE, OE, WMP, MSN etc.

  4. Re:Now we use IE6 and XP only for banking on Extremely Critical IE6/SP2 Exploit Found · · Score: 1

    Mine (The National Australia Bank) works just great in Mozilla 1.7.5
    It does give me a small "warning" about using something that isnt on their "list" (probobly just a CYA move in case someone uses something that doesnt work 100% and something goes wrong somewhere) but it works just great.

  5. What is it with nintendo and mario? on Mario to Shake His Groove Thing · · Score: 1

    They have put mario into just about everything EXCEPT a true sequal to Super Mario 64...

  6. Re:open source entertainment-Couldn't get a loan. on US CD Sales Increase in 2004 · · Score: 1

    But if the mortgage company was the one paying your sallery and they were making record profits whilst paying you a pittance, you might have a complaint.

  7. Re:Unfortunately on Regional Bells Blocking Broadband Competition · · Score: 1

    Anyone who thinks that having the government run all telecommunications should just look at Telstra here in australia to see why it would be a BAD idea.

  8. Re:this does suck on Carmack Discusses Delay of Q3A Source · · Score: 1

    I dont know much about Quake or Quake 2 but look at DOOM.
    Look at zdoom for example, that takes the DOOM engine and adds many many features to it.
    A fair number of maps and mods out there take advantage of the new features added to ports like zdoom.
    check sites like www.doomworld.com to see what people are doing with DOOM and its engine.

  9. Re:Some TA Stuff is out on Carmack Discusses Delay of Q3A Source · · Score: 4, Informative

    That is the source code to various game-specific bits and is released under a restrictive EULA.
    The same thing has recently been done for Doom III (releasing lots of the game bits and stuff under a similar licence)

  10. Re:Sounds Fair to me on Carmack Discusses Delay of Q3A Source · · Score: 5, Informative

    no, you can use the engine alongside commercial content for it as long as you comply with the GPL for the actual engine source code.
    This means that things like data files, code written in the quake 3 scripting language, maps, sounds, 3d models, textures and whatever else could still be released with a commercial no-copying-allowed EULA attached.

  11. this does suck on Carmack Discusses Delay of Q3A Source · · Score: 1, Insightful

    This sucks that Q3 code is being delayed.
    Unless there is some provision somewhere in one of the licence aggreements with the companies still using Q3 code, they should just release it like they promised damnit.
    The companies who have licenced it can still use it for whatever it is they are using it for without any problems.

    Releasing the Q3 source code would provide people wanting to produce 3d games (well those that would fot onto the quake 3 engine and its way of doing things anyway i.e. FPS's mainly) a good base to work from.
    Just look at what people have done with the previous code releases (Doom, Quake, Quake 2 etc)

  12. I am in favor of this only if on German Court Sets Copyright Tax on New PCs · · Score: 1

    I (as someone who holds the copyright to a bunch of things) can get my share of the money to compensate me for any illegal copies of MY copyrighted material out there.

  13. Re:Too bad this wouldn't work in the US on Smart Car-to-Car Navigation Network in Japan · · Score: 1

    You wouldnt need to do it for the entire US.
    Just pick somewhere with a big traffic problem (say, the central parts of New York City) and roll it out there.

    The only problem is getting the american people to A.Buy navigation devices (or whatever) to be able to use the system
    and more to the point B.actually follow the directions the device says are the most efficiant.

  14. Re:Cannot trust Microsoft on Microsoft Loses Passport · · Score: 1

    Firstly, Open Source is much better at getting fixes out "right away".
    If you absolutly HAVE to have the fix NOW, you can get it.
    Or you can wait for your distro to release a fix that is a little more tested if you like.
    Anyone (well anyone with the programming skills) can create a fix for a flaw.

    With microsoft, you have to wait untill they decide to fix it and release it.

    Also, there are architecture flaws in the way Windows works that make it insecure.
    These include:
    1.On windows, any application (spyware, viruses, trojans etc) can add itself to the "load me at global OS startup" lists without user permission or knowledge. On linux you would need to be root to do this globally or you could do it just for that one user.
    2.On windows, several ports, network services etc (RPC for one) are exposed to the world by default (and some of them you cant even turn off). On linux, its much easier to lock it down so no ports are open and to only expose the network services you want to expose.
    There are others.

    One big thing I hate is how Internet Explorer handles MIME types. Specifically, any web browser should always use any MIME type the server provides to figure out what the content is. Mozilla/Firefox does this, IE does not. IE uses a combination of the MIME type, file extention and file content to figure out what to do with the file.
    This has lead to several security flaws in IE caused where a server spits out a file with a MIME type and extention that differ.
    If they treated the MIME type as authoratitive, everything would be consistant (and you wouldnt have one bit of code examine the MIME type and see that its text/plain and therefore there is no need to warn the user about potentially harmfull files then another bit check the extention and see that its .exe and that it should be passed to the OS and run).

  15. Re:Must offer something better on Time Sharing Cars · · Score: 1

    I have seen spots for a similar program here in australia only for boats.
    The idea is that you own part share in a boat and everyone who "owns" that boat takes it in turns to use it. The people who run the scheme take care of maintainence, cleaning and so on.

  16. Re:Not without a change in sysadmin policies on Microsoft Not Worried about FireFox · · Score: 1

    Another thing about IE from the perspective of a sysadmin (e.g. corporate network,computer lab etc) is that the Group Policy Editor has all these great settings they can use to change how IE looks, how IE works and etc.
    Also they can set particular configuration options to a specific setting (and allow or disallow users from changing them).

    Mozilla does not have any of that lockdown/configuration capability.

  17. This is no different to what other bosses do on Bosses Keep Sharp Eye on Mobile Workers · · Score: 1

    For example, if your job is to use a computer all day, your boss has a right to know what you are using the computer for (i.e. are you using it to work or are you using it to look at pornography or slashdot or to play solitare).

    Its the same thing here, these employers want to know where you are when you are on company time.
    If you are not where your job requires you to be, you are not doing your job and therefore you can be fired. Simple as that.

    This is not "big brother". This is an employer wanting to make sure that when you are at work, you are doing your job.

  18. Re:Nostradamus Predicts on Netcraft Releases Anti-Phishing Toolbar · · Score: 1

    Why not make it so that it automatically blocks access to the sites.
    i.e. anytime you access a known scam site (with a continually updated database where entries are checked to make sure they are scam sites), it will block access to it with a "cant access this site" message of some kind.
    If you really want to access the site, there should be a way to do it but a way that is difficult to use (so that most newbies wont be able to find out how to use it) and it should have many warnings about why accessing a known scam site is a very very very bad idea.

  19. Re:Same old, same old... on Microsoft Compares Windows And Linux · · Score: 1

    What version of visual studio is that?
    I have Visual Studio 6, Visual Studio .NET 2003 and a bunch of Microsoft SDKs and none of them include that code :)

  20. Re:Same old, same old... on Microsoft Compares Windows And Linux · · Score: 2, Insightful

    There are good reasons (Financial and others) for Microsoft NOT to Open Source products like Microsoft Office, Microsoft Windows etc.

    However, there is no big overriding reason why they couldnt open source specific components.
    For example, the Internet Explorer HTML rendering engine.
    Or the code for the Microsoft Visual Studio C/C++ Runtime Library
    Or the code to Solitare.
    Or whatever.

    In fact, I have said it before and I will say it again, open sourcing the IE rendering engine & core makes sense. By open-sourcing it, MS doesnt need to spend as much time fixing all the ever-present security holes that are turning up in said product. Also, it would enable the community to add the features Internet Explorer is missing (such as proper alpha transparency and blending for PNG files and better complience with the HTML standards) that Microsoft doesnt care about.
    And it would allow features to be added to make IE more secure out of the box (although the work MS did in XPSP2 makes some of these points less valid now)

    If microsoft implemented a policy of taking back the best of what the community created and using it in the "official" versions of whatever component it is, everybody wins.
    Microsoft gets a better program without spending a huge amount of effort.
    The IE-using community gets a better program with the stuff implemented that microsoft wont implement because it doesnt make business sense to do so.
    And the internet as a whole would be better off because there would be potentially less crap (viruses etc) floating around and the crap that is there wouldnt spread as easily)

  21. Leasure Suit Larry on The Year in Gaming · · Score: 1

    I think one thing affecting LSL is the negative press it got in various places as well as the fact that classification bodies around the world classified it very higly (for example, last I checked, it is banned in australia).

    This means that advertising and marketing for it is difficult and getting it out there for gamers to see and play is also difficult.

  22. Why does it need to be RFID in the first place? on RFID Cards to Include Tin Foil Hats? · · Score: 2, Interesting

    Is there any reason it needs to be RFID and cant just be a smartcard thingo that gets plugged into the immigration guys box which then reads the data off it or whatever.

  23. Re:Wonder if it works for something useful as well on China Closes 1,129 Web Sites · · Score: 1

    Problem is, the SPAM sites arent illegal in china. SPAM sites dont hurt chinese governments abillity to control chinese people like the sites that were shut down do so there is no reason for the government to make them illegal.

  24. Re:IPSec is a pair of MMC snap-ins in Windows 2K-X on WEP And PPTP Password Crackers Released · · Score: 1

    Is it something extra you have to pay for?
    Or does it come standard with the OS?
    Is there a reason why OS vendors (or more specifically those who write TCP/IP stacks/code) dont add IPSec and have it on by default?

    Is there action that has to be taken to use IPSec (e.g. obtaining certificates/keys or something) that prevents it from being "on by dfefault"?

  25. One solution to all this security mess... IPSec on WEP And PPTP Password Crackers Released · · Score: 1

    We should see more movement towards encryption at the IP layer with something like IPSec.
    I know its not the "magic bullet" but it would certainly help with some areas of weak security.

    Only problem is that no-one is interested in implementing IPSec. Why cant we implement IPSec like we do with IPv6 where if both ends support it, it gets used.
    Then, people can install IPSec on their clients and servers and start using it.

    Although unless Microsoft added IPSec support to tcpip.sys or whatever (and released versions for current MS operating systems), its probobly not going to go anywhere :(