I have been a long time devotee of ST:TNG. I, like many others, never got involved with Enterprise. And from what I hear, that's a shame, as by all accounts, the show has really become much better toward the end. I do admit I had very high hopes to begin with, but found it stilted and uninteresting during the first four episodes and gave up. But I know I won't be alone watching the finale just to get a glimpse of "new" ST:TNG cast action and the familiar Enterprise-D, no matter how brief.
This will be the first time in almost two decades that a first-run Star Trek hasn't been on TV...the end of an era. Here's hoping that the Star Trek franchise can be revived at some point, even better.
...and not Star Trek, but in this vein, The Physics of Star Trek is one of my favorites. It's written by Lawrence Krauss, a theoretical physicist from Case Western Reserve University. Beyond Star Trek was another good one from him.
He dissects, from a scientific standpoint, some of the common plot elements and familiar staples (such as warp travel, transporters, phasers, etc.) to determine whether they'd be physically possible. An example of some interesting diversions along the way are demonstrating exactly how much data is contained in a human body, and how much bandwidth would be required for a "transporter" to work. It's a fun and interesting read, and includes content that would satisfy anyone from laymen to scientists. Being a fan of Star Trek is a prerequisite, though...
Here's the source for the WebCore from Safari 2.0
on
Safari vs. KHTML
·
· Score: 5, Informative
As long as they're abiding by the terms of the license, does Apple, any corporation, or any entity for that matter, have any obligation to contribute anything back to the project? Who gets to decide when someone is contributing "enough"?
WebCore is a framework for Mac OS X that takes the cross-platform KHTML library (part of the KDE project) and combines it with an adapter library specific to WebCore called KWQ that makes it work with Mac OS X technologies. KHTML is written in C++ and KWQ is written in Objective C++, but WebCore presents an Objective C programming interface. WebCore requires the JavaScriptCore framework.
The current version of WebCore is based on the KHTML library from KDE 3.0.2. Changes that are specific to WebCore are marked with #ifAPPLE_CHANGES. Other changes to improve performance and web page compatibility are intended for integration into future versions of the KHTML library.
Sounds like a case of sour grapes to me. I'm sure the level of cooperation and collaboration that the KDE/KHTML/Konqueror folks had hoped for wasn't there, if only because Apple keeps everything secret before its release (including everything related to Safari 2.0 in Tiger). Another example of a corporate need butting heads with a contrary OSS philosophy. And I'm sure Apple's main priority is not developing an infrastructure to cohesively and voluminously contribute changes back to projects. It's more like, "Ok, here's our stuff..."...it's all there for anyone to see.
Given China's record so far on internet censorship, will Google have to cooperate with the Chinese government, even as it operates physically within China and targets Chinese citizens, on what can and can't be indexed and offered for search to Chinese citizens?
Will Google's presence in China hasten the free flow of information, or end up encouraging the Chinese government to reactively restrict even more?
There's no question it's a lucrative market financially. The question is how much companies - even the "Don't be evil"-Google - will capitulate to the government's demands for censorship to guarantee a share of the spoils.
I said that Dashboard would prompt you when the widget was run for the first time. It turns out that for auto-installed Safari widgets, it does NOT prompt you the first time the widget is run.
Interesting.
This is indeed a security issue, and it should be made to at least prompt the user.
Considering that ALL other new widgets always prompt when first run, this appears to be a bug, and not the intended behavior.
The temporary fix (and what I always recommend anyway) is to disable "Open 'safe' files after downloading" in Safari.
I NEVER said a trojan can't be made for the MacOS (sic).
In fact, I specifically said "it's definitely possible for Mac OS X to have viruses, worms, trojans, and other malware," and made several references to "trojans" that DO exist, so I have no idea where you got that from.
But a trojan, a social engineering exploit that requires explicit and deliberate user action, is completely uninteresting. That will always be possible on all OSes and all platforms. If I write a.command file for Mac OS X, have it autodownloaded on a web page to the user's desktop (which could happen easily by default), and then give them instructions to double click the downloaded file to see a really cool screensaver, but it then does an rm -rf ~, which would require no further prompting, is that some kind of Mac OS X "exploit"? Hardly. It's just as much of an "exploit" as this is.
Will someone call me when there actually *is* a real world, successful remote exploit on Mac OS X due to an actual flaw in the platform? (And not something like a person enabling ssh on a public network and having an account with username 'test' and password 'test'?)
I love you guys who think Mac OS X is really horribly insecure, and the only reason it has had almost zero problems for over 4 years now isn't because the platform is actually inherently more secure, but is because of its low marketshare. (Funnily, it seems like another version of the "Macs have no software" argument.) I love ya. I really do.
I don't care how many remote root vulnerabilities there are if the services that have said vulnerabilities are never even enabled. There have been numerous theoretical remote root exploits in service that ship with OS X. But the services that are affected are, quite literally, almost NEVER ENABLED for the lifetime of the machines in question. So, point 1, that "every Mac in existence" is affected, is completely wrong. To say nothing of the fact that statistically speaking, the vanishingly small relative minority of machines that DO have the service enabled are probably behind a personal firewall/router. In other words, the level of exposure and potential for remote exploitation of the VAST majority of Mac OS X machines is somewhere between zero and nil.
And your other general point about "popularity" is answered below. Nice troll, though.
On this subject, last year I answered a query raised during a Chronicle of Higher Education colloquy. I believe it touches on the major issues here.
Question from Lisa L. Spangenberg, UCLA:
Given that there are no viruses or Trojan horses for the current Macintosh system, OS X 10.3, and given that it is essentially UNIX, and given that the most common applications (Microsoft Office Suite, Adobe applications) work very well on OS X, why don't more institutions adopt Macs and encourage faculty to use them?
Gregory A. Jackson:
Well, first of all, there are viruses and Trojans that afflict MacOS, witness Apple's periodic release of security fixes to counteract them.
First, that isn't true, regarding viruses. To date, there are no known viruses that specifically target Mac OS X. Last week's "trojan" was nothing more than an application with a different icon and misleading name that displayed a dialog box (which was an example posted to a USENET Mac programming group to illustrate this fact that has been known and possible on Mac OS for over twenty years; an antivirus vendor apparently thought this an appropriate time to dress it up, incorrectly, as some new, terrible exploit easily adapted for malicious means, when in reality it's nothing more than an application).
If you're referring more broadly to security issues in general, almost all of the security and security-related updates for Mac OS X to date have been updates for primarily server-type services that ship with the OS, all of which are disabled by default, and the lion's share of which are never even enabled, much less touched, on the vast majority of systems. I'm not saying that they should be ignored, but Apple's comprehensive and swift response to the most minor security issues does not rise to the level of the staggeringly numerous, sometimes completely automated, remote exploits, worms, and so on for Windows. It is no longer possible to even get through a full installation Windows XP on a machine connected to a public network without it being exploited before you even have a chance to patch it.
It's definitely possible for Mac OS X to have viruses, worms, trojans, and other malware - Mac OS X is not invulnerable, and no sensible person would claim it to be. But the underlying philosophical design principles are fundamentally more secure than Windows, period. Since the major ingredient for the success of a worm or virus is some ability to spread, witness the fact that there is no way with anything built into Mac OS X to perform automated propagation of a virus, and no current known ways to exploit a machine remotely, not to mention that potentially exploitable network services are disabled to begin with anyway (and remain that way unless explicitly enabled), a stark contrast to Windows. Any hope for automatic propagation would require a comparatively high level of sophistication, and perhaps even its own mail server - not to mention some intrinsic vulnerability to exploit. On the other hand, there are still, to this moment, unfixed vulnerab
1. You can, and always have been able to, disable "Open 'safe' files after downloading". This means nothing happens except that the widget gets downloaded to you computer in its packed/compressed form. In this case, a.zip.
2. Whether or not a user does 1., ou are *PROMPTED* to run the widget for the first time! What more can Apple do? The site says this is still a problem because of - cue scary music - *social engineering*.
...
Um.
So how would it be any better if you downloaded it and double clicked on it manually? It *still* prompts you to run the widget! You must explicitly give the computer permission to run it.
In other words, there is NO WAY for any widget or any malicious website to do ANYTHING unless you explicitly give it permission!
This reminds me of the MP3 "virus". Some blog/website/AV vendor makes a shiny web page supposedly illustrating the "exploit" and why it's bad.
Except for one thing: the user has to EXPLICITLY GRANT it permission to run! Forget about the fact this is a Dashboard widget, or that he can write a goatse widget, or that he can make Dashboard unusable, etc etc etc. I don't CARE what the widget does. It can only do these things AFTER IT HAS BEEN GIVEN EXPLICIT PERMISSION TO RUN BY THE USER CLICKING "YES" IN A DIALOG BOX ASKING HIM/HER IF THEY'RE SURE THEY WANT TO RUN IT!
To reiterate: there is NOTHING automated or automatic about this, and the fact that Safari in its default state will easily make a widget ready to use is uninteresting. NO MATTER WHAT, THE USER IS STILL PROMPTED AND HAS TO GIVE EXPLICIT PERMISSION.
And I hope we all know by now that if a bad guy can trick you into running ANYTHING on your computer, the game's over.
The mechanism and method via which Safari can install Dashboard widgets coupled with explicit prompts to run them are perfectly acceptable, and this is a non-issue.
(Isn't it funny how the only "exploits" people can find for Mac OS X almost always exclusively revolve around social engineering, and never real flaws in the platform itself?)
Um, no, your statement of "Wrong" would be what's wrong here.
The House already approved a standalone version of the Real ID bill.
1) Rules for a federally approved ID don't belong with a supplemental military spending bill.
I didn't say they did. And a lot of things don't belong in a lot of bills. Next?
2) It means nothing that it was passed by the house.
...
Oh, really? Let me reword for you:
"It means nothing that it was passed by the house if it is also not passed by the senate."
Ok, I'll agree with that. But you forget the converse. In general terms,
"It means nothing that it was passed by the senate if it is also not passed by the house."
The House already had overwhelming support for the standalone bill, and there is no reason to believe it would not have passed in the Senate as well.
It was expected to run into some trouble in the Senate.
Yes. Some people expected it to "run into some trouble".
"Running into trouble" != not passing
And it still likely would have passed. Now it will for sure. And before you repeat that it shouldn't be part of the supplemental, I never said it should be. But it is. But it likely would have passed the House and Senate and been signed by the president regardless.
The worst part is the completely machine-readable/automatic nature of the thing -- you might not even know you're giving your information away.
Um. Huh? With the exception of RFID, how in the living hell would you not know you're "giving your information away"?
If, again, the argument is "ease", thanks to a technological change or technology itself, then why do slashdotters always argue in favor of technology elsewhere, but against it here?
- The card will still be issued by your state motor vehicle agency. It will merely be a federally approved, standardized version of your state Driver's License or state Identification Card.
- The process to obtain the card will be more rigorous, and you will have to provide more documents to prove your identity.
- The House *already approved* a standalone version of the Real ID bill, so the fact this is attached to military spending is irrelevant
- IF the standardized "machine readable technology" (which almost all state issues IDs already have in the form of a bar code, magnetic strip, etc.) ends up being RFID, you must at least concede that this standardization is based on consistency, functionality, and ease of use, not a desire to build a nationwide network of centrally administered RFID detectors for the purposes of tracking every citizen
- All of the information on all of the cards is already accessible to any entity that requests identification, such as banks. However, the information will now be presented and stored in a uniform manner.
- If you think that all of these actions are designed exlusively to institute a 1984-style police state by evil conservatives, you probably don't see the illogic in opposing simple standardization of ID cards that already exist.
- All of the items listed - opening bank accounts, collecting social security checks, travelling by air, etc. - already require ID (and if you want to get retarded about the whole air travel thing, go for it. John Gilmore already found he could travel without ID (a href=http://slashdot.org/comments.pl?sid=140827&ci d=11799450>2, but it didn't serve his agenda).
Look. I don't mind vigilance for the sake of privacy and individual rights. In fact, I think the vigilance of privacy advocates, the ACLU, etc., is necessary and important. But you must realize that extreme views are almost always not the correct ones. It's the interplay and balance between both sides of a reasonable debate that is important. The people who think a national ID card with a DNA fingerprint and everyone implanted with GPS are wrong, and the people who think that every single bit of legislation like this is part of a corporate/government/Republican conspiracy to control them are also wrong. By all means, fight for your convictions, but if you do it from a not-so-tinfoily perspective, you'll have more chance at convincing others of the validity of your position.
...if there is a "supernatural" creator or force that has created the Universe (and the confluence of circumstances that led to its creation from essentially manifestly nothingness, and also life itself, could be considered on what I'd call a "supernatural" scale itself, but that's another topic), why must the scientific processes that describe any such events, and any potential forces that may transcend our understanding of the physical world, have to be mutually exclusive?
Many years ago, a student in my 7th grade biology class asked specifically about creationism during our section on evolution. My biology teacher gave a very short, thoughtful, and diplomatic answer. His answer, after quite a long pause:
"Well, some might say that the Bible tells what God did, and science explains how he did it."
Now, looking back as an engineer and scientist by education, I have always found the simplicity of that statement compelling, and have never had any trouble reconciling whatever beliefs I have in notions that could be described as "supernatural" with scientific fact and sound scientific theory.
I think the problem you have is with the people who literally believe that a white-bearded man in a robe literally created the Universe and Earth in 6 days around 6000 years ago, and then created the life to go on on it, and who discount valid science wholesale. Even though "creationists", and people who believe my last statement, may use "intelligent design" as a tool to further their agendas, that's not my interpretation of "intelligent design".
Personally, I rather liked Picard's response in "Where Silence Has Lease":
DATA:
I have a question, sir. What is death?
PICARD:
You've picked probably the most difficult of all questions, Data.
There is the beginning of a twinkle in Picard's eyes again. It is the sort of question that his mind loves.
Some explain it by inventing gods wearing their own form... and argue that the purpose of the entire universe is to maintain themselves in their present form in an Earth-like garden which will give them pleasure through all eternity. And at the other extreme, assuming that is an "extreme," are those who prefer the idea of our blinking into nothingness with all our experiences, hopes and dreams only an illusion.
DATA:
Which do you believe?
PICARD:
Considering the marvelous complexity of our universe, its clockwork perfection, its balances of this against that... matter, energy, gravitation, time, dimension, pattern, I believe our existence must mean more than a meaningless illusion. I prefer to believe that my and your existence goes beyond Euclidian and other "practical" measuring systems... and that, in ways we cannot yet fathom, our existence is part of a reality beyond what we understand now as reality.
Really: what's wrong with seeing the Universe and the wonderful complexity of everything from the scale of galaxies to the scale of atoms - or smaller - and our very lives as something more than the sum of its parts?
I don't care how many remote root vulnerabilities there are if the services that have said vulnerabilities are never even enabled. There have been numerous theoretical remote root exploits in service that ship with OS X. But the services that are affected are, quite literally, almost NEVER ENABLED for the lifetime of the machines in question. So, point 1, that "every Mac in existence" is affected, is completely wrong. To say nothing of the fact that statistically speaking, the vanishingly small relative minority of machines that DO have the service enabled are probably behind a personal firewall/router. In other words, the level of exposure and potential for remote exploitation of the VAST majority of Mac OS X machines is somewhere between zero and nil.
And your other general point about "popularity" is answered below. Nice troll, though.
On this subject, last year I answered a query raised during a Chronicle of Higher Education colloquy. I believe it touches on the major issues here.
Question from Lisa L. Spangenberg, UCLA:
Given that there are no viruses or Trojan horses for the current Macintosh system, OS X 10.3, and given that it is essentially UNIX, and given that the most common applications (Microsoft Office Suite, Adobe applications) work very well on OS X, why don't more institutions adopt Macs and encourage faculty to use them?
Gregory A. Jackson:
Well, first of all, there are viruses and Trojans that afflict MacOS, witness Apple's periodic release of security fixes to counteract them.
First, that isn't true, regarding viruses. To date, there are no known viruses that specifically target Mac OS X. Last week's "trojan" was nothing more than an application with a different icon and misleading name that displayed a dialog box (which was an example posted to a USENET Mac programming group to illustrate this fact that has been known and possible on Mac OS for over twenty years; an antivirus vendor apparently thought this an appropriate time to dress it up, incorrectly, as some new, terrible exploit easily adapted for malicious means, when in reality it's nothing more than an application).
If you're referring more broadly to security issues in general, almost all of the security and security-related updates for Mac OS X to date have been updates for primarily server-type services that ship with the OS, all of which are disabled by default, and the lion's share of which are never even enabled, much less touched, on the vast majority of systems. I'm not saying that they should be ignored, but Apple's comprehensive and swift response to the most minor security issues does not rise to the level of the staggeringly numerous, sometimes completely automated, remote exploits, worms, and so on for Windows. It is no longer possible to even get through a full installation Windows XP on a machine connected to a public network without it being exploited before you even have a chance to patch it.
It's definitely possible for Mac OS X to have viruses, worms, trojans, and other malware - Mac OS X is not invulnerable, and no sensible person would claim it to be. But the underlying philosophical design principles are fundamentally more secure than Windows, period. Since the major ingredient for the success of a worm or virus is some ability to spread, witness the fact that there is no way with anything built into Mac OS X to perform automated propagation of a virus, and no current known ways to exploit a machine remotely, not to mention that potentially exploitable network services are disabled to begin with anyway (and remain that way unless explicitly enabled), a stark contrast to Windows. Any hope for automatic propagation would require a comparatively high level of sophistication, and perhaps even its own mail server - not to mention some intrinsic vulnerability to exploit. On the other hand, there are still, to this moment, unfixed vulnerabilities in certain versions of Outlook that will spread certain virus variants simply by previewing a
- Apple is not the government (therefore, any ridiculous cries of censorship are just a wee tad bit overboard) - Apple can do what it wants with its own corporate stores - Yes, this may result in more copies of the book being sold, but consider that this is not an effort to "suppress" the book; it's merely a retaliatory move. Apple is under no obligation whatsover, implied or otherwise, to carry any publisher's books.
In short, business as usual and a BIG yawner:
"It's certainly not unprecedented for a company to protest publication of a book or article it finds unflattering.
IBM, for instance, staged a six-year advertising boycott of Fortune magazine after then-Chief Executive Louis V. Gerstner took exception to a 1997 cover story.
More recently, General Motors withdrew its ads from the Los Angeles Times in protest of an April 6 review of its Pontiac G6."
Slashdot Mirror
I have been a long time devotee of ST:TNG. I, like many others, never got involved with Enterprise. And from what I hear, that's a shame, as by all accounts, the show has really become much better toward the end. I do admit I had very high hopes to begin with, but found it stilted and uninteresting during the first four episodes and gave up. But I know I won't be alone watching the finale just to get a glimpse of "new" ST:TNG cast action and the familiar Enterprise-D, no matter how brief.
This will be the first time in almost two decades that a first-run Star Trek hasn't been on TV...the end of an era. Here's hoping that the Star Trek franchise can be revived at some point, even better.
If you ever have an iPod with one of these things, don't send it through the washing machine, and then start stabbing it with a screwdriver...
Wonder why the iTunes phone isn't out yet?
No carrier wants to touch it. Let people sync their *own* files with their *own* phone?? Unheard of!
They want to charge $2 or more per song that you download to your phone. "Paying for convenience", as it were, or so they say...
...and not Star Trek, but in this vein, The Physics of Star Trek is one of my favorites. It's written by Lawrence Krauss, a theoretical physicist from Case Western Reserve University. Beyond Star Trek was another good one from him.
He dissects, from a scientific standpoint, some of the common plot elements and familiar staples (such as warp travel, transporters, phasers, etc.) to determine whether they'd be physically possible. An example of some interesting diversions along the way are demonstrating exactly how much data is contained in a human body, and how much bandwidth would be required for a "transporter" to work. It's a fun and interesting read, and includes content that would satisfy anyone from laymen to scientists. Being a fan of Star Trek is a prerequisite, though...
WebCore-413
And here's everything from 10.4, posted on the same day 10.4 was released. They even posted full binary PowerPC and x86 installers for Darwin corresponding to Tiger that same day.
As long as they're abiding by the terms of the license, does Apple, any corporation, or any entity for that matter, have any obligation to contribute anything back to the project? Who gets to decide when someone is contributing "enough"?
Additionally Apple posts all of its open source code; here's the page for WebCore, which states:
WebCore is a framework for Mac OS X that takes the cross-platform KHTML library (part of the KDE project) and combines it with an adapter library specific to WebCore called KWQ that makes it work with Mac OS X technologies. KHTML is written in C++ and KWQ is written in Objective C++, but WebCore presents an Objective C programming interface. WebCore requires the JavaScriptCore framework.
The current version of WebCore is based on the KHTML library from KDE 3.0.2. Changes that are specific to WebCore are marked with #ifAPPLE_CHANGES. Other changes to improve performance and web page compatibility are intended for integration into future versions of the KHTML library.
Sounds like a case of sour grapes to me. I'm sure the level of cooperation and collaboration that the KDE/KHTML/Konqueror folks had hoped for wasn't there, if only because Apple keeps everything secret before its release (including everything related to Safari 2.0 in Tiger). Another example of a corporate need butting heads with a contrary OSS philosophy. And I'm sure Apple's main priority is not developing an infrastructure to cohesively and voluminously contribute changes back to projects. It's more like, "Ok, here's our stuff..."...it's all there for anyone to see.
Maybe the thief could have made IOS more stable and secure. I'm beginning to think anyone could do a better job...
...what the "???" is in
1.
2. ???
3. Profit!
It's "Get purchased by Google!"
...how rich will these guys be now?
Given China's record so far on internet censorship, will Google have to cooperate with the Chinese government, even as it operates physically within China and targets Chinese citizens, on what can and can't be indexed and offered for search to Chinese citizens?
Will Google's presence in China hasten the free flow of information, or end up encouraging the Chinese government to reactively restrict even more?
There's no question it's a lucrative market financially. The question is how much companies - even the "Don't be evil"-Google - will capitulate to the government's demands for censorship to guarantee a share of the spoils.
Slashdot poster who sees a right wing corporate conspiracy in everything? Check.
All is right with the world.
Well, it turns out I spoke too soon.
I said that Dashboard would prompt you when the widget was run for the first time. It turns out that for auto-installed Safari widgets, it does NOT prompt you the first time the widget is run.
Interesting.
This is indeed a security issue, and it should be made to at least prompt the user.
Considering that ALL other new widgets always prompt when first run, this appears to be a bug, and not the intended behavior.
The temporary fix (and what I always recommend anyway) is to disable "Open 'safe' files after downloading" in Safari.
Um, wha???
.command file for Mac OS X, have it autodownloaded on a web page to the user's desktop (which could happen easily by default), and then give them instructions to double click the downloaded file to see a really cool screensaver, but it then does an rm -rf ~, which would require no further prompting, is that some kind of Mac OS X "exploit"? Hardly. It's just as much of an "exploit" as this is.
I NEVER said a trojan can't be made for the MacOS (sic).
In fact, I specifically said "it's definitely possible for Mac OS X to have viruses, worms, trojans, and other malware," and made several references to "trojans" that DO exist, so I have no idea where you got that from.
But a trojan, a social engineering exploit that requires explicit and deliberate user action, is completely uninteresting. That will always be possible on all OSes and all platforms. If I write a
Also, an addendum to my previous post:
Will someone call me when there actually *is* a real world, successful remote exploit on Mac OS X due to an actual flaw in the platform? (And not something like a person enabling ssh on a public network and having an account with username 'test' and password 'test'?)
I love you guys who think Mac OS X is really horribly insecure, and the only reason it has had almost zero problems for over 4 years now isn't because the platform is actually inherently more secure, but is because of its low marketshare. (Funnily, it seems like another version of the "Macs have no software" argument.) I love ya. I really do.
I don't care how many remote root vulnerabilities there are if the services that have said vulnerabilities are never even enabled. There have been numerous theoretical remote root exploits in service that ship with OS X. But the services that are affected are, quite literally, almost NEVER ENABLED for the lifetime of the machines in question. So, point 1, that "every Mac in existence" is affected, is completely wrong. To say nothing of the fact that statistically speaking, the vanishingly small relative minority of machines that DO have the service enabled are probably behind a personal firewall/router. In other words, the level of exposure and potential for remote exploitation of the VAST majority of Mac OS X machines is somewhere between zero and nil.
And your other general point about "popularity" is answered below. Nice troll, though.
On this subject, last year I answered a query raised during a Chronicle of Higher Education colloquy. I believe it touches on the major issues here.
Question from Lisa L. Spangenberg, UCLA:
Given that there are no viruses or Trojan horses for the current Macintosh system, OS X 10.3, and given that it is essentially UNIX, and given that the most common applications (Microsoft Office Suite, Adobe applications) work very well on OS X, why don't more institutions adopt Macs and encourage faculty to use them?
Gregory A. Jackson:
Well, first of all, there are viruses and Trojans that afflict MacOS, witness Apple's periodic release of security fixes to counteract them.
First, that isn't true, regarding viruses. To date, there are no known viruses that specifically target Mac OS X. Last week's "trojan" was nothing more than an application with a different icon and misleading name that displayed a dialog box (which was an example posted to a USENET Mac programming group to illustrate this fact that has been known and possible on Mac OS for over twenty years; an antivirus vendor apparently thought this an appropriate time to dress it up, incorrectly, as some new, terrible exploit easily adapted for malicious means, when in reality it's nothing more than an application).
If you're referring more broadly to security issues in general, almost all of the security and security-related updates for Mac OS X to date have been updates for primarily server-type services that ship with the OS, all of which are disabled by default, and the lion's share of which are never even enabled, much less touched, on the vast majority of systems. I'm not saying that they should be ignored, but Apple's comprehensive and swift response to the most minor security issues does not rise to the level of the staggeringly numerous, sometimes completely automated, remote exploits, worms, and so on for Windows. It is no longer possible to even get through a full installation Windows XP on a machine connected to a public network without it being exploited before you even have a chance to patch it.
It's definitely possible for Mac OS X to have viruses, worms, trojans, and other malware - Mac OS X is not invulnerable, and no sensible person would claim it to be. But the underlying philosophical design principles are fundamentally more secure than Windows, period. Since the major ingredient for the success of a worm or virus is some ability to spread, witness the fact that there is no way with anything built into Mac OS X to perform automated propagation of a virus, and no current known ways to exploit a machine remotely, not to mention that potentially exploitable network services are disabled to begin with anyway (and remain that way unless explicitly enabled), a stark contrast to Windows. Any hope for automatic propagation would require a comparatively high level of sophistication, and perhaps even its own mail server - not to mention some intrinsic vulnerability to exploit. On the other hand, there are still, to this moment, unfixed vulnerab
2. Whether or not a user does 1., ou are *PROMPTED* to run the widget for the first time! What more can Apple do? The site says this is still a problem because of - cue scary music - *social engineering*.
...
Um.
So how would it be any better if you downloaded it and double clicked on it manually? It *still* prompts you to run the widget! You must explicitly give the computer permission to run it.
In other words, there is NO WAY for any widget or any malicious website to do ANYTHING unless you explicitly give it permission!
This reminds me of the MP3 "virus". Some blog/website/AV vendor makes a shiny web page supposedly illustrating the "exploit" and why it's bad.
Except for one thing: the user has to EXPLICITLY GRANT it permission to run! Forget about the fact this is a Dashboard widget, or that he can write a goatse widget, or that he can make Dashboard unusable, etc etc etc. I don't CARE what the widget does. It can only do these things AFTER IT HAS BEEN GIVEN EXPLICIT PERMISSION TO RUN BY THE USER CLICKING "YES" IN A DIALOG BOX ASKING HIM/HER IF THEY'RE SURE THEY WANT TO RUN IT!
To reiterate: there is NOTHING automated or automatic about this, and the fact that Safari in its default state will easily make a widget ready to use is uninteresting. NO MATTER WHAT, THE USER IS STILL PROMPTED AND HAS TO GIVE EXPLICIT PERMISSION.
And I hope we all know by now that if a bad guy can trick you into running ANYTHING on your computer, the game's over.
The mechanism and method via which Safari can install Dashboard widgets coupled with explicit prompts to run them are perfectly acceptable, and this is a non-issue.
(Isn't it funny how the only "exploits" people can find for Mac OS X almost always exclusively revolve around social engineering, and never real flaws in the platform itself?)
Um, never? Because it actually prompts you and asks you if you're sure you want to run it?
Um, no, your statement of "Wrong" would be what's wrong here.
The House already approved a standalone version of the Real ID bill.
1) Rules for a federally approved ID don't belong with a supplemental military spending bill.
I didn't say they did. And a lot of things don't belong in a lot of bills. Next?
2) It means nothing that it was passed by the house.
...
Oh, really? Let me reword for you:
"It means nothing that it was passed by the house if it is also not passed by the senate."
Ok, I'll agree with that. But you forget the converse. In general terms,
"It means nothing that it was passed by the senate if it is also not passed by the house."
The House already had overwhelming support for the standalone bill, and there is no reason to believe it would not have passed in the Senate as well.
It was expected to run into some trouble in the Senate.
Yes. Some people expected it to "run into some trouble".
"Running into trouble" != not passing
And it still likely would have passed. Now it will for sure. And before you repeat that it shouldn't be part of the supplemental, I never said it should be. But it is. But it likely would have passed the House and Senate and been signed by the president regardless.
I bef of you. Please RTFA.
i d=11799450>2, but it didn't serve his agenda).
The worst part is the completely machine-readable/automatic nature of the thing -- you might not even know you're giving your information away.
Um. Huh? With the exception of RFID, how in the living hell would you not know you're "giving your information away"?
If, again, the argument is "ease", thanks to a technological change or technology itself, then why do slashdotters always argue in favor of technology elsewhere, but against it here?
- The card will still be issued by your state motor vehicle agency. It will merely be a federally approved, standardized version of your state Driver's License or state Identification Card.
- The process to obtain the card will be more rigorous, and you will have to provide more documents to prove your identity.
- The House *already approved* a standalone version of the Real ID bill, so the fact this is attached to military spending is irrelevant
- IF the standardized "machine readable technology" (which almost all state issues IDs already have in the form of a bar code, magnetic strip, etc.) ends up being RFID, you must at least concede that this standardization is based on consistency, functionality, and ease of use, not a desire to build a nationwide network of centrally administered RFID detectors for the purposes of tracking every citizen
- All of the information on all of the cards is already accessible to any entity that requests identification, such as banks. However, the information will now be presented and stored in a uniform manner.
- If you think that all of these actions are designed exlusively to institute a 1984-style police state by evil conservatives, you probably don't see the illogic in opposing simple standardization of ID cards that already exist.
- All of the items listed - opening bank accounts, collecting social security checks, travelling by air, etc. - already require ID (and if you want to get retarded about the whole air travel thing, go for it. John Gilmore already found he could travel without ID (a href=http://slashdot.org/comments.pl?sid=140827&c
Look. I don't mind vigilance for the sake of privacy and individual rights. In fact, I think the vigilance of privacy advocates, the ACLU, etc., is necessary and important. But you must realize that extreme views are almost always not the correct ones. It's the interplay and balance between both sides of a reasonable debate that is important. The people who think a national ID card with a DNA fingerprint and everyone implanted with GPS are wrong, and the people who think that every single bit of legislation like this is part of a corporate/government/Republican conspiracy to control them are also wrong. By all means, fight for your convictions, but if you do it from a not-so-tinfoily perspective, you'll have more chance at convincing others of the validity of your position.
The only "public policy" Microsoft is involved in is exploits or malware for their OS occasionally bringing public agencies to their knees.
...if there is a "supernatural" creator or force that has created the Universe (and the confluence of circumstances that led to its creation from essentially manifestly nothingness, and also life itself, could be considered on what I'd call a "supernatural" scale itself, but that's another topic), why must the scientific processes that describe any such events, and any potential forces that may transcend our understanding of the physical world, have to be mutually exclusive?
Many years ago, a student in my 7th grade biology class asked specifically about creationism during our section on evolution. My biology teacher gave a very short, thoughtful, and diplomatic answer. His answer, after quite a long pause:
"Well, some might say that the Bible tells what God did, and science explains how he did it."
Now, looking back as an engineer and scientist by education, I have always found the simplicity of that statement compelling, and have never had any trouble reconciling whatever beliefs I have in notions that could be described as "supernatural" with scientific fact and sound scientific theory.
I think the problem you have is with the people who literally believe that a white-bearded man in a robe literally created the Universe and Earth in 6 days around 6000 years ago, and then created the life to go on on it, and who discount valid science wholesale. Even though "creationists", and people who believe my last statement, may use "intelligent design" as a tool to further their agendas, that's not my interpretation of "intelligent design".
Personally, I rather liked Picard's response in "Where Silence Has Lease":
DATA:
I have a question, sir. What is death?
PICARD:
You've picked probably the most difficult of all questions, Data.
There is the beginning of a twinkle in Picard's eyes again. It is the sort of question that his mind loves.
Some explain it by inventing gods wearing their own form... and argue that the purpose of the entire universe is to maintain themselves in their present form in an Earth-like garden which will give them pleasure through all eternity. And at the other extreme, assuming that is an "extreme," are those who prefer the idea of our blinking into nothingness with all our experiences, hopes and dreams only an illusion.
DATA:
Which do you believe?
PICARD:
Considering the marvelous complexity of our universe, its clockwork perfection, its balances of this against that... matter, energy, gravitation, time, dimension, pattern, I believe our existence must mean more than a meaningless illusion. I prefer to believe that my and your existence goes beyond Euclidian and other "practical" measuring systems... and that, in ways we cannot yet fathom, our existence is part of a reality beyond what we understand now as reality.
Really: what's wrong with seeing the Universe and the wonderful complexity of everything from the scale of galaxies to the scale of atoms - or smaller - and our very lives as something more than the sum of its parts?
And your other general point about "popularity" is answered below. Nice troll, though.
On this subject, last year I answered a query raised during a Chronicle of Higher Education colloquy. I believe it touches on the major issues here.
Question from Lisa L. Spangenberg, UCLA:
Given that there are no viruses or Trojan horses for the current Macintosh system, OS X 10.3, and given that it is essentially UNIX, and given that the most common applications (Microsoft Office Suite, Adobe applications) work very well on OS X, why don't more institutions adopt Macs and encourage faculty to use them?
Gregory A. Jackson:
Well, first of all, there are viruses and Trojans that afflict MacOS, witness Apple's periodic release of security fixes to counteract them.
First, that isn't true, regarding viruses. To date, there are no known viruses that specifically target Mac OS X. Last week's "trojan" was nothing more than an application with a different icon and misleading name that displayed a dialog box (which was an example posted to a USENET Mac programming group to illustrate this fact that has been known and possible on Mac OS for over twenty years; an antivirus vendor apparently thought this an appropriate time to dress it up, incorrectly, as some new, terrible exploit easily adapted for malicious means, when in reality it's nothing more than an application).
If you're referring more broadly to security issues in general, almost all of the security and security-related updates for Mac OS X to date have been updates for primarily server-type services that ship with the OS, all of which are disabled by default, and the lion's share of which are never even enabled, much less touched, on the vast majority of systems. I'm not saying that they should be ignored, but Apple's comprehensive and swift response to the most minor security issues does not rise to the level of the staggeringly numerous, sometimes completely automated, remote exploits, worms, and so on for Windows. It is no longer possible to even get through a full installation Windows XP on a machine connected to a public network without it being exploited before you even have a chance to patch it.
It's definitely possible for Mac OS X to have viruses, worms, trojans, and other malware - Mac OS X is not invulnerable, and no sensible person would claim it to be. But the underlying philosophical design principles are fundamentally more secure than Windows, period. Since the major ingredient for the success of a worm or virus is some ability to spread, witness the fact that there is no way with anything built into Mac OS X to perform automated propagation of a virus, and no current known ways to exploit a machine remotely, not to mention that potentially exploitable network services are disabled to begin with anyway (and remain that way unless explicitly enabled), a stark contrast to Windows. Any hope for automatic propagation would require a comparatively high level of sophistication, and perhaps even its own mail server - not to mention some intrinsic vulnerability to exploit. On the other hand, there are still, to this moment, unfixed vulnerabilities in certain versions of Outlook that will spread certain virus variants simply by previewing a
Everytime Jobs regain power in the industry...
And this happens how often?
You make it sound as if it's practically every other day.
It seems to me that he's "regained power" once.
While interesting,
:-(
- Apple is not the government (therefore, any ridiculous cries of censorship are just a wee tad bit overboard)
- Apple can do what it wants with its own corporate stores
- Yes, this may result in more copies of the book being sold, but consider that this is not an effort to "suppress" the book; it's merely a retaliatory move. Apple is under no obligation whatsover, implied or otherwise, to carry any publisher's books.
In short, business as usual and a BIG yawner:
"It's certainly not unprecedented for a company to protest publication of a book or article it finds unflattering.
IBM, for instance, staged a six-year advertising boycott of Fortune magazine after then-Chief Executive Louis V. Gerstner took exception to a 1997 cover story.
More recently, General Motors withdrew its ads from the Los Angeles Times in protest of an April 6 review of its Pontiac G6."
(From the Mercury News story)
Think what you want, but businesses shouldn't be forced to support other businesses they disagree with.
Further, it looks like there's a referrer in the submitter's amazon link.
Extensions to email that use PKI to secure and encrypt it in an identifiable, trusted fashion