please name any innocent people wrongly imprisoned for terrorist acts.
There are several documented cases of innocent men suspected of being IRA terrorists being wrongly convicted and imprisoned in the United Kingdom.
Yes, they didn't have the "anti-terror" laws there then that they do now, and this is the point - if we can wrongly convict innocent people suspected of terrorism for decades with our normal checks and balances, imagine how easy it would be to do so with our new "anti-terror" laws which remove many of these checks and balances from the process.
Innocent people do get arrested, do get charged, do go to trial and do get convicted. It happens. There's no way to guarantee it won't happen.
The only thing we can do to address this is to make the system open, transparent and subject to independent, external review. Unfortunately the "anti-terror" laws enacted in the US, UK, Australia and many other places have had the opposite effect - they have enacted a parallel system of justice which is closed, opaque and has very little capacity for review of executive decisions by either courts or media.
It strikes me that Microsoft are pursuing a lower rights model in order to allow users to have Administrator privileges in their interactive session but restrict the privileges of specific processes (for example, Internet Explorer) within that session.
This approach is also evident in the unofficial, freetools being created by Microsoft developers.
This approach seems to be a "have my cake and eat it too" solution, and unfortunately seems to be making the same mistakes of attempting to identify and quarantine bad behaviour as those we have made in the past regarding the design of firewalls, antivirus tools and the like.
Remember when it was common practice to only firewall the "bad" ports, and let the "good" ports have free reign? Over time (and in no short measure due to certain worms utilising flaws in Microsoft, and occassionally other, software) we have realised that the only sane approach is to deny all and then selectively allow that which we want.
Likewise, the traditional approach of antivirus software, intrusion detection/prevention systems and the like in recognising "bad" phenomenon has been shown incapable of keeping up with new threats. We are slowly realising that we (somehow!) need to define what is "normal" behaviour in our systems/networks and then quarantine that which does not meet the norm.
Unfortunately it strikes me that Microsoft's current direction in terms of Least User Privilege seems to be to give up on it as an overriding principle, and instead "allow everything" as a default, and then selectively deny those processes which are seen as high-risk. I would have thought the parallels to my previously mentioned examples of firewalls, antivirus and IDS/IPS are clear.
If you're vegetarian for ethical reasons, it actually makes little sense to eat eggs (or milk) but not meat.
Why not?
If the eggs and milk are free-range (i.e. the animals are treated well, are allowed to roam around and are not force-fed or fed inappropriately) then many would disagree with you.
I am a non-meat eater (to avoid misinterpretation of the word "vegetarian") for reasons of personal ethics, and while I know I'm not perfect I think distinguishing between products of pain/death and products of regeneration/life makes much sense.
...actually making Tiger feel as fast as I would have expected with a major OS upgrade.
And this succinctly captures the difference between Apple and most other consumer operating system developers.
Would anyone expect Longhorn to be faster than Windows XP? Or the next iteration of [insert your favourite Linux OS here] to be faster than the previous?
I say full kudos to Apple for demonstrating that OS improvements should not automatically require hardware upgrades (and where they do - for example, utilising Altivec or video memory - either disabling the new features or enabling the user to turn them off easily).
Open the "Folder Options" control panel, select the "View" tab, check "Launch each window in a separate process".
To save resources, the default is to open Explorer windows as new threads of the same explorer.exe process (apologies if my terminology is incorrect) which is running as the interactive user. Use Task Manager to view running processes with the checkbox selected and unselected and see what I mean.
As Apple states, none of their software uses SUID/SGID scripts. And I very much doubt any 3rd-party software does also.
Unfortunately this example from a vendor with 3.4 billion dollars US to spare shows this is not quite true:
% file/Applications/Adobe\ Version\ Cue/*.sh /Applications/Adobe Version Cue/productname.sh: empty /Applications/Adobe Version Cue/startserver.sh: setuid a/bin/sh script text executable /Applications/Adobe Version Cue/stopserver.sh: setuid a/bin/sh script text executable
% file/Applications/Adobe\ Version\ Cue/*.sh /Applications/Adobe Version Cue/productname.sh: empty /Applications/Adobe Version Cue/startserver.sh: setuid a/bin/sh script text excutable /Applications/Adobe Version Cue/stopserver.sh: setuid a/bin/sh script text excutable
...every mac user I've seen who uses a mouse uses a typical multi-button optical mouse, or other exotic device. Almost nobody uses the stock 1 button mouse.
Every QuarkXPress professional setting type on a Mac I have ever seen uses the one-button mouse. These are people who are extremely productive doing keyboard intensive prepress work, using the mouse as little as possible.
I'm not denying that a two-button mouse is effective for some people, and even for most people in some applications, but it equally holds that a one-button mouse is an incredibly productive and ergonomic tool in many of the applications which are (or have been) Apple's core markets.
Two of the vulnerabilities reported attempt to modify the
/etc/httpd/httpd.conf
configuration file used by Apache 1.3.
Those MacOS X users (like me) who manually reconfigure their Apache configuration should note that the update (sensibly) will not modify a customised httpd.conf. If you fit into this category you should read the advice posted by Apple on how to manually update your httpd.conf to ensure your Apache is not serving up content which should not be available.
I've just installed Firefox 1.0 on a Windows 95 test machine in our office [the software company I work for still supports Windows 95] with a Celeron 266 MHz and 160 MB of RAM. It takes about 4 seconds to start up, after that its as fast (if not faster) browsing than IE 5.5 is.
I suggest your comments about being "deathly slow" are just not borne out by my experience.
Incidentally, the startup time of Firefox is about the same on our Windows XP SP2 box with a Celeron 1.5 GHz and 256 MB of RAM. Methinks the accusation of bloat is better placed elsewhere...
I must admit, that was my initial reaction too, but I think what the OP means is that Aby Ghraib has been closed - please correct me if I am wrong.
Re:No. $500 for ADC membership that comes with ext
on
Tiger Early Start Kit
·
· Score: 1
(Like the free copy of OS X Server, which would cost $499 otherwise...)
It should be noted that the version of OS X Server shipped is for development purposes only, and the licence specifically prohibits deployment in a production environment.
i.e. it's nice for seeing what tools Apple put in their Server version of OS X, but not really much more useful than that for anyone other than developers.
It's not the fastest laptop on the planet, but a Combo (DVD/CD-RW) drive is about the only thing I miss on my circa. end-of-2001 iBook G3 600 MHz (I've upgraded it with additional RAM and an Airport card.
Does anyone know if there are other suppliers of Combo Drives for the G3 iBooks? Australian suppliers would be preferred, but not essential.
Read me lips: this is open source software. OSS works because people get a buzz out of developing software that is more effective, more efficient, less buggy, or just plain achieves something that nothing else (free) can do.
There aren't many developers out there that get sufficient joy from making a point-and-click installer to donate hundreds of person-hours of their time. OTOH there are plenty of developers who get paid for doing just that, but their wages have to get paid somehow.
So if you want a point-and-click installer, then there are plenty of alternatives around. You may have to pay for them, and if you don't want to pay then you may have to put up with something that fails on the effectiveness/efficiency criteria I outlined above - that is your choice.
FWIW I've installed SpamAssassin on my MacOSX Powermac (using sendmail and procmail) and it is just about the easiest built-from-source installation I've ever performed on the Mac. The documentation is good, it told me what dependencies it had (I don't like using CPAN). I'm "not even close to a newbie" either, but looking at the Windows installation instructions I can only conclude that (like much *nix OSS software) Windows isn't the best platform for SA.
If you insist on wanting to build OSS software from source on a Win32 box, I really suggest you try cygwin.
Nice theory, but our company's major contractor uses MS Exchange (they're a M$oft shop). Such a rule on our OpenBSD 3.5 gateway would kill our business in about a week.
So, as you can see, this is not an "extremely simple" solution for most people who actually conduct real-world business with electronic mail. The solutions must be a little more flexible than that.
The list is here - as is typical in a point-point release, they're all security fixes only.
(My favourite comment is:
The "send page" function can overrun the heap on very long links.
With compelling content that people will want to forward to all their friends and the right link this could be used to execute arbitrary code.
Have you noticed how the Internet and things dealing with it are slowly sinking into a swamp full of legalization?
Reminds me of something a politics lecturer once told me: Despite the latest fashion for everything to be 'deregulated' our legislatures are passing more legislation (i.e. regulating) more than at any other time in history.
To me it seems this so-called "free" (read the text - it's not really free at all) trade agreement in reality will subject much trading activity to more regulation than already exists.
I mean, seriously, if you're concerned about on-line security, there are a plethora of alternatives about, so this news should be a non-event.
Ours is a small office, gtanted, but I've installed Mozilla 1.7 (and 1.6 before that, and Netscape 7 before that) on all the PCs (Windows/Mac), made it their default browser, and upped security on IE's Internet Zone so that all active content is blocked.
Following this, I emailed (and followed up with personal explanation) the following advice:
Use Mozilla as your first browser of choice. Nine out of ten times the site will work just fine.
If the site appears to be not working, try it in Internet Explorer.
If the site still doesn't work, even in Internet Explorer, email me the URL and I will add it to the 'Trusted Sites' zone - this should allow it to work in Internet Explorer while maintaining our network security.
Given that the majority of serious web developers seem to be mindful of cross-browser support (if not standards compliance outright) these days I am somewhat bemused that any security-minded organisation still insists on using IE.
Perhaps the most significant improvement is what seems to be the integration (finally) of complete HFS+ file-system functionality into the mainstay command-line apps such as cp, tar, rsync etc:
Tiger provides a standard, Darwin-level API for managing resource forks, filesystem metadata, security information, properties and other attributes in a consistent, cross-platform manner. For example, common UNIX utilities such as cp, tar and rsync can properly handle HFS+ resource forks.
It's been a long time coming, but I think finally we have a fully scriptable Mac at all levels of system administration.
Slashdot Mirror
Yes, they didn't have the "anti-terror" laws there then that they do now, and this is the point - if we can wrongly convict innocent people suspected of terrorism for decades with our normal checks and balances, imagine how easy it would be to do so with our new "anti-terror" laws which remove many of these checks and balances from the process.
Innocent people do get arrested, do get charged, do go to trial and do get convicted. It happens. There's no way to guarantee it won't happen.
The only thing we can do to address this is to make the system open, transparent and subject to independent, external review. Unfortunately the "anti-terror" laws enacted in the US, UK, Australia and many other places have had the opposite effect - they have enacted a parallel system of justice which is closed, opaque and has very little capacity for review of executive decisions by either courts or media.
It strikes me that Microsoft are pursuing a lower rights model in order to allow users to have Administrator privileges in their interactive session but restrict the privileges of specific processes (for example, Internet Explorer) within that session.
This approach is also evident in the unofficial, free tools being created by Microsoft developers.
This approach seems to be a "have my cake and eat it too" solution, and unfortunately seems to be making the same mistakes of attempting to identify and quarantine bad behaviour as those we have made in the past regarding the design of firewalls, antivirus tools and the like.
Remember when it was common practice to only firewall the "bad" ports, and let the "good" ports have free reign? Over time (and in no short measure due to certain worms utilising flaws in Microsoft, and occassionally other, software) we have realised that the only sane approach is to deny all and then selectively allow that which we want.
Likewise, the traditional approach of antivirus software, intrusion detection/prevention systems and the like in recognising "bad" phenomenon has been shown incapable of keeping up with new threats. We are slowly realising that we (somehow!) need to define what is "normal" behaviour in our systems/networks and then quarantine that which does not meet the norm.
Unfortunately it strikes me that Microsoft's current direction in terms of Least User Privilege seems to be to give up on it as an overriding principle, and instead "allow everything" as a default, and then selectively deny those processes which are seen as high-risk. I would have thought the parallels to my previously mentioned examples of firewalls, antivirus and IDS/IPS are clear.
If the eggs and milk are free-range (i.e. the animals are treated well, are allowed to roam around and are not force-fed or fed inappropriately) then many would disagree with you.
I am a non-meat eater (to avoid misinterpretation of the word "vegetarian") for reasons of personal ethics, and while I know I'm not perfect I think distinguishing between products of pain/death and products of regeneration/life makes much sense.
Would anyone expect Longhorn to be faster than Windows XP? Or the next iteration of [insert your favourite Linux OS here] to be faster than the previous?
I say full kudos to Apple for demonstrating that OS improvements should not automatically require hardware upgrades (and where they do - for example, utilising Altivec or video memory - either disabling the new features or enabling the user to turn them off easily).
Open the "Folder Options" control panel, select the "View" tab, check "Launch each window in a separate process".
To save resources, the default is to open Explorer windows as new threads of the same explorer.exe process (apologies if my terminology is incorrect) which is running as the interactive user. Use Task Manager to view running processes with the checkbox selected and unselected and see what I mean.
Wow, a thread that is bagging Microsoft and praising Subaru...
I'm in seventh heaven :)
I'm not denying that a two-button mouse is effective for some people, and even for most people in some applications, but it equally holds that a one-button mouse is an incredibly productive and ergonomic tool in many of the applications which are (or have been) Apple's core markets.
Oops... my mistake: Two of the vulnerabilities reported attempt to modify the...
What I meant to say was: The fixes for two of the vulnerabilities reported attempt to modify the...
My apologies...
Two of the vulnerabilities reported attempt to modify the
configuration file used by Apache 1.3.Those MacOS X users (like me) who manually reconfigure their Apache configuration should note that the update (sensibly) will not modify a customised httpd.conf. If you fit into this category you should read the advice posted by Apple on how to manually update your httpd.conf to ensure your Apache is not serving up content which should not be available.
I've just installed Firefox 1.0 on a Windows 95 test machine in our office [the software company I work for still supports Windows 95] with a Celeron 266 MHz and 160 MB of RAM. It takes about 4 seconds to start up, after that its as fast (if not faster) browsing than IE 5.5 is.
I suggest your comments about being "deathly slow" are just not borne out by my experience.
Incidentally, the startup time of Firefox is about the same on our Windows XP SP2 box with a Celeron 1.5 GHz and 256 MB of RAM. Methinks the accusation of bloat is better placed elsewhere...
I must admit, that was my initial reaction too, but I think what the OP means is that Aby Ghraib has been closed - please correct me if I am wrong.
i.e. it's nice for seeing what tools Apple put in their Server version of OS X, but not really much more useful than that for anyone other than developers.
It's not the fastest laptop on the planet, but a Combo (DVD/CD-RW) drive is about the only thing I miss on my circa. end-of-2001 iBook G3 600 MHz (I've upgraded it with additional RAM and an Airport card.
Does anyone know if there are other suppliers of Combo Drives for the G3 iBooks? Australian suppliers would be preferred, but not essential.
You invited flames, so here you go.
Read me lips: this is open source software. OSS works because people get a buzz out of developing software that is more effective, more efficient, less buggy, or just plain achieves something that nothing else (free) can do.
There aren't many developers out there that get sufficient joy from making a point-and-click installer to donate hundreds of person-hours of their time. OTOH there are plenty of developers who get paid for doing just that, but their wages have to get paid somehow.
So if you want a point-and-click installer, then there are plenty of alternatives around. You may have to pay for them, and if you don't want to pay then you may have to put up with something that fails on the effectiveness/efficiency criteria I outlined above - that is your choice.
FWIW I've installed SpamAssassin on my MacOSX Powermac (using sendmail and procmail) and it is just about the easiest built-from-source installation I've ever performed on the Mac. The documentation is good, it told me what dependencies it had (I don't like using CPAN). I'm "not even close to a newbie" either, but looking at the Windows installation instructions I can only conclude that (like much *nix OSS software) Windows isn't the best platform for SA.
If you insist on wanting to build OSS software from source on a Win32 box, I really suggest you try cygwin.
Nice theory, but our company's major contractor uses MS Exchange (they're a M$oft shop). Such a rule on our OpenBSD 3.5 gateway would kill our business in about a week.
So, as you can see, this is not an "extremely simple" solution for most people who actually conduct real-world business with electronic mail. The solutions must be a little more flexible than that.
...and (predictably) this is what it looks like now:
Good to see the slashdot effect is portable to the MySQL protocol :)
I agree entirely with this. Before jumping on the bandwagon, read here for a synopsis of what a secure *nix operating system is about.
The list is here - as is typical in a point-point release, they're all security fixes only.
(My favourite comment is:
)To me it seems this so-called "free" (read the text - it's not really free at all) trade agreement in reality will subject much trading activity to more regulation than already exists.
I mean, seriously, if you're concerned about on-line security, there are a plethora of alternatives about, so this news should be a non-event.
Ours is a small office, gtanted, but I've installed Mozilla 1.7 (and 1.6 before that, and Netscape 7 before that) on all the PCs (Windows/Mac), made it their default browser, and upped security on IE's Internet Zone so that all active content is blocked.
Following this, I emailed (and followed up with personal explanation) the following advice:
Given that the majority of serious web developers seem to be mindful of cross-browser support (if not standards compliance outright) these days I am somewhat bemused that any security-minded organisation still insists on using IE.
Perhaps the most significant improvement is what seems to be the integration (finally) of complete HFS+ file-system functionality into the mainstay command-line apps such as cp, tar, rsync etc:
It's been a long time coming, but I think finally we have a fully scriptable Mac at all levels of system administration.It's at times like this that we need a "-1: Idiocy of post only matched by idiocy of moderation" option for moderation.
I had a free, out-of-warranty repair for this issue with my Dual USB iBook (G3-600 MHz, serial number beginning with UV201) several months ago.
(It was 'only' the second time for me - the first time was during the warranty period.)
So it looks like FOC repairs for these models has been an internal policy within Apple for some time - but now they're making it public?