Most viruses depend on good human engineering to propagate, meaning they will make you want to give your machine permission to run their code.
Anyone hear of email attachment viruses? People are silly enough to click on unknown attachments from unknown senders, what makes you think they can be allowed to decide when unsafe code should be run over the net?
I just wanted to make that point. You can dynamically allocate memory in C as easily as you can in most object oriented languages.
As someone who spent a great deal of time (about 13 years) designing and writing code for imbedded products, all of the issues relating to reliability are familiar ones. One of those projects was the monitoring system of a DME for the FAA, definitely a place where reliability is paramount (aircraft do need to know where they are). The key to reliability is always the developer, since anyone can write unreliable code in the language of their choice. It sounds like the aviation industry is still driven by people who have more hot button issues than real understanding of the technical issues, not that I really expected a change.
You probably write code in C that works with objects (structs), and have code modules devoted to each type of struct in your system. This is object oriented programming, just without any help from the tool.
In a similar way, you can write a program in Java, using entirely static methods, and create a completely procedural program that uses NO objects. In this case you would be fighting the tool.
Good developers frequently use very similar techniques, whatever language they are working in.
It's funny, but I thought that all software produced for the US government, including (perhaps especially) the control systems for military aircraft, was required to be written in Ada. Ada is an object oriented language.
Garbage collection, dynamic allocation of resources, and most other issues people bring up about object oriented languages are either language implementation details (C++ does not garbage collect, Java does), or developer choices (allocate all objects at startup, not dynamically while the program performs it's main function).
Object oriented programming is a set of practices that most good programmers have been using for many years. An object oriented language is a tool that makes using these practices easier, not a cure all for the programming ills of the world.
Evidently, you read a different article than I did. Perhaps that is because you only wanted to shoot it down.
1. They had backup servers for each of the functions, which was clearly stated in the srticle.
2. They didn't say the OS was responsible for uptime issues with the hardware, they said the OS crashed frequently. Spending resources making the crashed server work again was the main complaint there, not the expense of having a backup server.
I could say more, but clearly you scanned the article looking for things to shoot it down for, inetead of actually reading it. Having said that, I do think the article over generalized at times, and it does have some things that raise significant questions.
Re:Microsoft should be sued
on
Code Red III
·
· Score: 1
Correction, the version of IIS that is being used by Code Red to get control of machines doesn't run on Win9x or ME. Windows 98 at least offers the Personal Web Server, which is basically an earlier version of IIS.
My Linux Mandrake V8.0 cautions me about possible security problems if I select servers (like web of ftp) and have them active when I install it. The Microsoft Windows installer does not warn me.
Most of the non-administrators with IIS on their machines probably had no idea that they were creating a security problem by inslalling IIS. They probably don't have firewall software or hardware either. They don't know the net is a dangerous neighborhood, but Microsoft should.
The IIS patch was not (last time I looked) available on Windows Update, which is the place most users would go to find it. Shouldn't it be there as an important security fix? This is a serious oversight by Microsoft. They distributed fixes for other security problems on Windows Update, but not for the most serious one to date.
Trade secrets enjoy no legal protection. To get legal protection you register it (patent) with the government. Since you didn't break into their equipment to get it, there should be no way to prosecute you if you distributed it.
You might want to consider if it would be financially better for you to sell your silence to the company involved. If it really is essential information to keep secret, it could be worth it for them to pay you off.
On the other hand, they could accuse you of stealing it, get all of your computers confiscated, and let you suffer through the legal system proving your innocence, while they come up with a way to control the damage.
"hasn't decided whether to drop charges or not" vrs "won't drop charges".
Read your own posting! They didn't say "won't drop charges", they said "with no promise to drop charges". No promise to drop charges sounds very much like "no decision" to me.
In some states it is illegal to drive down the road without someone walking 50 ft in front of you carrying a lantern at night. This law, needless to say, is not actively enforced at this time.
The FBI and the Prosecutor would not have known where to find Skylarov if Adobe had not put them on his trail. Whatever the attitude they take now, they are responsible for his arrest.
Not all laws are enforced with equal vigor. In some cases, even if a law may have been broken, may not be prosecutable, because of a lack of evidence.
The only things it appears he was guilty of doing in the US was talking about the weaknesses of the Adobe security on their products, and possibly distributing copies of the program that enabled you to copy ebooks. Since this program is freely available on the net (or so I understand), that would seem to be a difficult thing to prosecute him for. This would appear to be a case that would be difficult to sell to a jury, since there is no evidence any reasonable person would find to say any US law was violated while he was in the US, if at all.
It is sad that the first person arrested for violating the DMCA was a visitor to our country, and that he hasn't been given the treatment that people in our justice system are supposed to get.
Unfortunately, instead of an American patriot, we arrested a foreign national, a man with a family, who is paying the price for the Law purchased by big business in our country.
Sadly, the people responsible for this law will probably never suffer for their abrogation of duties, and they obviously don't qualify as patriots, at least from my perspective.
I know we don't have the votes to really hurt the politicians who voted this law into effect, but we should generate as much attention as we can, and remind people that the Chinese government isn't the only one that detains foreign nationals without due process, as this case shows!
This is a very different issue. If someone had copied the IBM BIOS and sold the copies, it was a simple copyright violation. The reson they did a clean room approach to copying the functionality of the IBM BIOS was to avoid that copyright issue.
This is more like locking up the man who invented the EPROM programmer that let them copy it. Oh Yes, and he invented it in another country, but we decided to arrest him, even though he didn't break any laws while he was actually in the US.
I guess their approach is saying that the Internet is everywhere, so if you broke one of our laws on the net, wherever you were located, then we have the right to arrest you, at least if you walk into our hands.
Question: Would the FBI have gone through extradition proceedings to get this man? If not, then they probably didn't have a case that a foreign court would accept.
Internet Explorer doesn't have 'hooks' built into it for Sun's JRE, it has ones for Microsoft's JRE, so including Sun's JRE doesn't make it automatically work with IE. You would still have have to include special syntax to cause the Sun Java plugin to run, which could make the applet not run under some other browsers.
The Sun JRE can't act like other Browser plugins because IE already checks for Java Applets, and offers to load the Microsoft JRE to run it.
If Microsoft actually removed all support for Java Applets, then Sun could build a standard browser plugin, and the whole issue would go away. We would have the ability to support the latest JRE under Internet Explorer, and Microsoft could quit supporting Java. Sun could even have the plugin check for newer versions of the JRE and offer to download the upgrade.
This could indeed be a blessing to the Java community, but a really big one if things play out right. Microsoft could still keep Sun from making Java Applet support easy to use.
Slashdot Mirror
Calling it a "safe feature" doesn't make it one!
Most viruses depend on good human engineering to propagate, meaning they will make you want to give your machine permission to run their code.
Anyone hear of email attachment viruses? People are silly enough to click on unknown attachments from unknown senders, what makes you think they can be allowed to decide when unsafe code should be run over the net?
I just wanted to make that point. You can dynamically allocate memory in C as easily as you can in most object oriented languages.
As someone who spent a great deal of time (about 13 years) designing and writing code for imbedded products, all of the issues relating to reliability are familiar ones. One of those projects was the monitoring system of a DME for the FAA, definitely a place where reliability is paramount (aircraft do need to know where they are). The key to reliability is always the developer, since anyone can write unreliable code in the language of their choice. It sounds like the aviation industry is still driven by people who have more hot button issues than real understanding of the technical issues, not that I really expected a change.
You probably write code in C that works with objects (structs), and have code modules devoted to each type of struct in your system. This is object oriented programming, just without any help from the tool.
In a similar way, you can write a program in Java, using entirely static methods, and create a completely procedural program that uses NO objects. In this case you would be fighting the tool.
Good developers frequently use very similar techniques, whatever language they are working in.
It's funny, but I thought that all software produced for the US government, including (perhaps especially) the control systems for military aircraft, was required to be written in Ada. Ada is an object oriented language.
Garbage collection, dynamic allocation of resources, and most other issues people bring up about object oriented languages are either language implementation details (C++ does not garbage collect, Java does), or developer choices (allocate all objects at startup, not dynamically while the program performs it's main function).
Object oriented programming is a set of practices that most good programmers have been using for many years. An object oriented language is a tool that makes using these practices easier, not a cure all for the programming ills of the world.
Evidently, you read a different article than I did. Perhaps that is because you only wanted to shoot it down.
1. They had backup servers for each of the functions, which was clearly stated in the srticle.
2. They didn't say the OS was responsible for uptime issues with the hardware, they said the OS crashed frequently. Spending resources making the crashed server work again was the main complaint there, not the expense of having a backup server.
I could say more, but clearly you scanned the article looking for things to shoot it down for, inetead of actually reading it. Having said that, I do think the article over generalized at times, and it does have some things that raise significant questions.
Correction, the version of IIS that is being used by Code Red to get control of machines doesn't run on Win9x or ME. Windows 98 at least offers the Personal Web Server, which is basically an earlier version of IIS.
My Linux Mandrake V8.0 cautions me about possible security problems if I select servers (like web of ftp) and have them active when I install it. The Microsoft Windows installer does not warn me.
Most of the non-administrators with IIS on their machines probably had no idea that they were creating a security problem by inslalling IIS. They probably don't have firewall software or hardware either. They don't know the net is a dangerous neighborhood, but Microsoft should.
The IIS patch was not (last time I looked) available on Windows Update, which is the place most users would go to find it. Shouldn't it be there as an important security fix? This is a serious oversight by Microsoft. They distributed fixes for other security problems on Windows Update, but not for the most serious one to date.
Trade secrets enjoy no legal protection. To get legal protection you register it (patent) with the government. Since you didn't break into their equipment to get it, there should be no way to prosecute you if you distributed it.
You might want to consider if it would be financially better for you to sell your silence to the company involved. If it really is essential information to keep secret, it could be worth it for them to pay you off.
On the other hand, they could accuse you of stealing it, get all of your computers confiscated, and let you suffer through the legal system proving your innocence, while they come up with a way to control the damage.
Do you feel lucky?
Turn yourself in and get it over with, then we won't have to listen to thoughtless comments from you.
Read your own posting! They didn't say "won't drop charges", they said "with no promise to drop charges". No promise to drop charges sounds very much like "no decision" to me.
In some states it is illegal to drive down the road without someone walking 50 ft in front of you carrying a lantern at night. This law, needless to say, is not actively enforced at this time.
The FBI and the Prosecutor would not have known where to find Skylarov if Adobe had not put them on his trail. Whatever the attitude they take now, they are responsible for his arrest.
Not all laws are enforced with equal vigor. In some cases, even if a law may have been broken, may not be prosecutable, because of a lack of evidence.
The only things it appears he was guilty of doing in the US was talking about the weaknesses of the Adobe security on their products, and possibly distributing copies of the program that enabled you to copy ebooks. Since this program is freely available on the net (or so I understand), that would seem to be a difficult thing to prosecute him for. This would appear to be a case that would be difficult to sell to a jury, since there is no evidence any reasonable person would find to say any US law was violated while he was in the US, if at all.
It is sad that the first person arrested for violating the DMCA was a visitor to our country, and that he hasn't been given the treatment that people in our justice system are supposed to get.
The FBI make a mistake? What a concept?
Unfortunately, instead of an American patriot, we arrested a foreign national, a man with a family, who is paying the price for the Law purchased by big business in our country.
Sadly, the people responsible for this law will probably never suffer for their abrogation of duties, and they obviously don't qualify as patriots, at least from my perspective.
I know we don't have the votes to really hurt the politicians who voted this law into effect, but we should generate as much attention as we can, and remind people that the Chinese government isn't the only one that detains foreign nationals without due process, as this case shows!
This is a very different issue. If someone had copied the IBM BIOS and sold the copies, it was a simple copyright violation. The reson they did a clean room approach to copying the functionality of the IBM BIOS was to avoid that copyright issue.
This is more like locking up the man who invented the EPROM programmer that let them copy it. Oh Yes, and he invented it in another country, but we decided to arrest him, even though he didn't break any laws while he was actually in the US.
I guess their approach is saying that the Internet is everywhere, so if you broke one of our laws on the net, wherever you were located, then we have the right to arrest you, at least if you walk into our hands.
Question: Would the FBI have gone through extradition proceedings to get this man? If not, then they probably didn't have a case that a foreign court would accept.
Internet Explorer doesn't have 'hooks' built into it for Sun's JRE, it has ones for Microsoft's JRE, so including Sun's JRE doesn't make it automatically work with IE. You would still have have to include special syntax to cause the Sun Java plugin to run, which could make the applet not run under some other browsers.
The Sun JRE can't act like other Browser plugins because IE already checks for Java Applets, and offers to load the Microsoft JRE to run it.
If Microsoft actually removed all support for Java Applets, then Sun could build a standard browser plugin, and the whole issue would go away. We would have the ability to support the latest JRE under Internet Explorer, and Microsoft could quit supporting Java. Sun could even have the plugin check for newer versions of the JRE and offer to download the upgrade.
This could indeed be a blessing to the Java community, but a really big one if things play out right. Microsoft could still keep Sun from making Java Applet support easy to use.