I believe he's referring to the Trusted Platform Module, which is not the same as EFI, it does exist in the hardware, and it's at least part of the reason why you can't just run an OS X installer on a generic Intel PC and expect it to install.
Yeah, and its also the reasons why new Macs don't run OS X - cause they don't have a stinking TPM. Oh, wait...
You got it backwards. The fraudsters have to use paint that is *less* radioactive than everyday paint. Try to understand the idea before you try to be funny.
Hey, it worked for the moderators - "funny" isn't always a thinking man's moderation.
So you are actually arguing that a human will always be at least as accurate as any such system, because they will never see the whole picture and aren't without prejudice - wow, social "sciences" to the Xtreme!
The problem here is actually something else - which you can see by looking where the paper is coming from. Yup, Social Sciences are worried that people might think that any technological system could be perfect.
People who tune their radios while driving don't grasp how dangerous it is.
As someone who has been in an accident with 4 totaled cars that wouldn't have happened if somebody hadn't tuned his radio (no, not me) - I can attest to that.
If I were a dirt-bag, scum-bucket hacker type, I'd probably really hate Macs and thus, try to attack those because of my out-of-proportion hatred towards Hipsters and Shiny Things. But then you would have no clue how to actually program Mac malware, and you would have to go for slightly modified code snippets from a Slashdot-post to show those Macies.
Now that being the case, if Windows has 93% marketshare, OS-X 6%, and Linux 1% -- what platform will you choose to attack? Let's put it this way - thanks god the malware authors have the same business acumen as you.
What about putting goatse.cx as a background picture, including for the login page.
They might return the laptop to you right away... or just burn it. Your defense will have a hard time: http://www.google.com/trends?q=goatse%2C+apple+pie
Interesting, when you switch to all regions: the gap between orgy and apple pie widens (so Americans are more prude it seems). But Tampa, FL, USA is still the #1 city searching for Orgy, the Czechs beat the Greece, and Polish is the second most used language to search for Orgy.
Ignoring that there is a much bigger hole in IE that the Apple bug makes a tiny bit easier to trigger I would disagree as to which one is the bigger hole.
Anything that lets arbitrary attackers write arbitrary files to protected locations on the local system is worse than IE loading DLLs from known locations.
You would have an argument if the Desktop were a "protected location" - it isn't.
Was there not a recent demonstration on a 'blended threat' based on the safari bug that would execute code next time IE ran, also I beleive there is another similar method for firefox 2/3.
No, there still is a bug in IE that will run any properly named DLL on the Desktop, whether it is downloaded with the "Carpet Bomb", or by hand with any browser, download tool (incl. FTP or P2P), or moved there, or put there by fairies. And there is also a bug in Firefox that allows somebody to "steal files", which has probably to do with a certain kind of file being in its Download Folder (by default the Desktop) - again, no matter how it got there. These are bugs that need to be fixed.
Slashdot Mirror
Get a Fumoto valve, never worry about dropping the plug again
I have an uneasy feeling about buying from someone who writes "formally" when he means "formerly" right in the very first sentence.
I believe he's referring to the Trusted Platform Module, which is not the same as EFI, it does exist in the hardware, and it's at least part of the reason why you can't just run an OS X installer on a generic Intel PC and expect it to install.
Yeah, and its also the reasons why new Macs don't run OS X - cause they don't have a stinking TPM. Oh, wait...
You got it backwards. The fraudsters have to use paint that is *less* radioactive than everyday paint. Try to understand the idea before you try to be funny.
Hey, it worked for the moderators - "funny" isn't always a thinking man's moderation.
So you are actually arguing that a human will always be at least as accurate as any such system, because they will never see the whole picture and aren't without prejudice - wow, social "sciences" to the Xtreme!
The problem here is actually something else - which you can see by looking where the paper is coming from. Yup, Social Sciences are worried that people might think that any technological system could be perfect.
People who tune their radios while driving don't grasp how dangerous it is.
As someone who has been in an accident with 4 totaled cars that wouldn't have happened if somebody hadn't tuned his radio (no, not me) - I can attest to that.
http://it.slashdot.org/article.pl?sid=08/01/24/1930207
http://it.slashdot.org/article.pl?sid=08/01/24/1930207 ?
Jesus Christ, "recently"? Ever heard of Echelon? The NSA?
Gee, if it were only those coming for a visit - they also check people who only transit through and don't (in the legal sense) enter the US.
What domain are you referring to? Gmail.com isn't going anywhere.
Users in Germany now have to use mail.google.com instead of gmail.com Everyone else can continue to use gmail.com the same as before.
Googlemail.com still works, too.Interesting, when you switch to all regions: the gap between orgy and apple pie widens (so Americans are more prude it seems). But Tampa, FL, USA is still the #1 city searching for Orgy, the Czechs beat the Greece, and Polish is the second most used language to search for Orgy.
hmm, Π
The pattern for "Apple Pie" is clearly seasonal, but where did the peak for "Orgy" around October 2006 come from?
Anything that lets arbitrary attackers write arbitrary files to protected locations on the local system is worse than IE loading DLLs from known locations.
You would have an argument if the Desktop were a "protected location" - it isn't.Wow, you found a typo. You know what: you can keep, you don't have much else in life.
Look at almost every security advisory issued out there. "Remedy: Do not/restrict usage of X until bug is resolved".
Making this a stab at MSFT just shows you up as an Apple fanboy.
Ignoring that there is a much bigger hole in IE that the Apple bug makes a tiny bit easier to trigger shows you up as what then?Was there not a recent demonstration on a 'blended threat' based on the safari bug that would execute code next time IE ran, also I beleive there is another similar method for firefox 2/3.
No, there still is a bug in IE that will run any properly named DLL on the Desktop, whether it is downloaded with the "Carpet Bomb", or by hand with any browser, download tool (incl. FTP or P2P), or moved there, or put there by fairies. And there is also a bug in Firefox that allows somebody to "steal files", which has probably to do with a certain kind of file being in its Download Folder (by default the Desktop) - again, no matter how it got there. These are bugs that need to be fixed.How did open source fail? Someone who wasn't the original author had access to the code and found the bugs.
Who says he was the first to find the bugs - he's just the first not not use the exploit to crack servers."Carpet bombing" neither executed arbitrary code nor has it not been fixed.
Pointing out you are a known liar is redundant, not without content.