Predictable filenames from tmpnam is an implementation issue, not a design one. The lack of fine-grained permissions *is* a design flaw with UNIX, however. NT has a superior design in that regard, although a combination of flawed implementations, legacy support, and culture work heavily to defeat it.
There are, however, several other major design based issues in Windows. For example, there is no (very little) concept of security past the interactive desktop. Any application that is allowed to interact with the desktop can gain the permissions of the signed-on user, even if run with lower permissions (thats why services shouldn't have interactive access turned on).
Even more importantly, a failed handshake on a port where netstat doesn't show a process is a near-certain indicator. If you combine with handshake with an actual connection attempt to a remote system, you should be able to detect any active rootkit (a rootkit in a dormant state would still be hidden).
It's nominally possible to use the toolkit as a drop in replacement for the C++ 6.0 tools, while still using the VC 6 IDE, but you'll lose debugging because VC 6 can't read the debugging info the 2003/7 compiler generates.
VC 2005 is all around superior to VC 6 in pretty much every way and there's not really any good reason not to switch other than inertia. You get a better compiler, a better IDE, better standards compliance, etc.
The police state does not grow out of state funding for the arts. It doesn't grow out of big government at all, and a claim that it does it heinously stupid. Many of the most repressive police states provide(ed) little or nothing in the way of services anyway.
The police state grows out a desire for power on the part of the state (obvious) and the inability or unwillingess of the populace to draw boundaries of acceptable limits of authority. The difference, especially in the US, is that the liberals think the government should provide support but not exercise authority, while the conservatives believe that the government should exercise authority but not provide support.
I check for it. The problem is that the place where the CD logo is important, which is to say on the CD itself, isn't visible. The CD logo is on the jewel box of many non-CDs.
The OP probably mistakenly believes that the Constitution provides only limited powers to various elected officials. While modern government certainly does push it boundaries quite far, having totally corrupted for-sale politicians in office wouldn't help - Congress, for example, has the Constitutionally mandated ability to regulate insterstate commerce, an ability which would be invaluable for an corporation.
Of course, but, as I said, it means you have to take proactive steps to do that - you either have to intentionally run something via sudo, or you have to respond to a prompt from the system. And while you do have to install as root (via sudo, of course), you don't run applications that way. I'm still unclear from the article if the virus took effect at installation or when Mozilla ran.
All the system admin stuff (like synaptic) should be set up to run though gnome-sudo (name? I'm not at home...) or the equivilent under KDE. It's the little dialog box that dims the screen and asks for your password. If you run it directly, then yeah, you'll get permission errors when it tries to install.
No, Windows is more secure because you can't write to a binary thats being executed or has been loaded by another process. Viruses can only infect your system files if you reboot!
User-friendly distros (like Ubuntu), borrow a page from OSX and don't even expose the root account. You create a user account in setup, you're prompted for your admin password when you need to install stuff, and when you use the CLI you use sudo. Therefore, without taking proactive steps, it's not even possible run programs at root, and you have to go well out of your way to log in as root.
It's kinda funny. Porn is some of the most-pirated content around, both the full blown commercial infringment (like sites stealing content from one another) and casual consumer piracy. It's also far, far, far more profitable than the regular movie industry, theres a thriving cottage industry of amateurs and an equally thriving industry providing tools (hosting, web applications, cam/phone brokering) to those amateurs. It's actually a very healthy, vibrant economy. The traditional movie houses could do worse than to watch what pornographers do more.
It's not alarmist to say that there are factual errors and biased reporting in well known print encycolopedias. It's well known and I've seen them myself.
Thats not to say that they're the product of some grand conspiracy. But people *assume* that they are correct (note the parents implication that you can rely on print encyclopedias to be 100% correct, in contrast to Wikipedia). And there is no basis for this assumption - indeed, there is signifigant basis for the opposite. I've never seen anyone do a conclusive, objective study on the actual integrity of Wikipedia vs a print one, just vauge handwaving about how they don't trust it as much.
The fact is, the information you get from a traditional encyclopedia is just as likely to be biased as some fanboy edit Wikipedia article. You have no more information on the background or credentials of the authors - they may as well be anonymous. You have faith that it's accurate. In some cases it's because the encyclopedia has a history and reputation of correctness to support it, but frankly most people believe them for exactly the same reasons they believe anything in a newspaper - because it's printed "officially".
I'm not attempting to say "OMG don't use THE MANs books, use only Wikipedia!". I'm saying that it's stupid and unrealistic to assume 100% correctness in the information in an encyclopedia. If you don't trust Wikipedia because the authors are anonymous, you shouldn't trust a print one either.
I believe you drastically over-estimate the reliability and objectivity of traditional encyclopedias. It's astonishing how willing people are to trust anything thats closed and opaque, simply out of the assumption that someone must have said it was okay.
You mean like how the money for speeding tickets goes directly into police department funds, and how the property siezed in drug raids is auctioned off, with the funds going to police funds?
it will install its Windows service even if you decline the licensing agreement
This almost certainly falls under various US anti-spyware laws. It *probably* falls under good old 18 USC 1030 as well. The reason why spyware and other trojans don't is the nominal "authorization" of the EULA. If it installs even when you specifically decline that authorization, that should be a violation of law. Granted that the odds of any DA choosing to go after media companies for this is... poor.
This is the real problem, in my opinion. I've never worked at a company where they had both the will and the ability to totally lock down the machines, AND the will and ability to be quickly responsive to installation and authorization requests. This gets especially bad when IT people get to make policy instead of being responsible for implementing it.
It can take *6 months* to get approval to install a no-cost, industry standard application (Eclipse, for example). Too many IT departments get into this us & them attitude, and want to lock down users so they can't waste anyones time. Anyone with a complaint is obviously a whiner or a wannabe hacker, so push anything you have to do for them off as much as possible. If you need to lock down my PC so that it remains stable and working, then *you* need to provide the kind of service that I could do for myself. Which means not waiting 24 hours to install an approved application, or 6 months to get one approved. And especially not rebooting peoples PCs in the middle of the day while they're trying to work.
a) Growing animals just to kill them so we can render them into biodiesel would be dumb. Using alread-dead remains that are otherwise cremated or buried to make buidiesel is smart.
b) "Mass scale rotting organic material"... like graveyards and landfills and slaughterhouses?
c) There's no reason to believe this stuff would make you any sicker than regular petroleum if it gets on you, and some reason to believe it'd actually be safer.
The minidumps generated by XP are actually extremely powerful, assuming you've got good project management. You can load up the minidump in a debugger and it will restore the application state at the time of the crash. It can load the debugging info and symbol maps from local files, so you can still ship release binaries.
Drop Office XP in front of someone who used Office 95 a decade ago, and they'll largely find it the same (just with more/better features).
Have you actually done this? This is totally false. First and most obviously, personalized menus (still on by default, thanks to whatever brain dead inept cretin at MS thought this up). The menu and toolbar layouts are totally different between Office 95 and XP, even if you turn the personalized crap off so they don't re-arrange themselves. The formatting dialogs are laid out differently. Formatting in general has different semantics. Someone moving off of Office 95 won't be any better with Office XP than they would with any other word processor.
And this is exactly the sort of conservative yes-man attitude that causes the massive wastes of money and effort at every level of government, and not a few corporations, too. I don't see why you'd be obliged to support Office if you don't want to. If I emailed you right now and asked for an OOo version of one of your documents you'd tell me to piss off. So why don't you actually do what your job is - which is to support and provide value for your constituents - instead of just handing over your IT budget to Microsoft?
Office didn't just appear out of nowhere. You and people in your position didn't have any qualms about forcing Office onto everyone to start with. So your preaching about it now is irritating and dishonest.
Slashdot Mirror
There are, however, several other major design based issues in Windows. For example, there is no (very little) concept of security past the interactive desktop. Any application that is allowed to interact with the desktop can gain the permissions of the signed-on user, even if run with lower permissions (thats why services shouldn't have interactive access turned on).
Even more importantly, a failed handshake on a port where netstat doesn't show a process is a near-certain indicator. If you combine with handshake with an actual connection attempt to a remote system, you should be able to detect any active rootkit (a rootkit in a dormant state would still be hidden).
VC 2005 is all around superior to VC 6 in pretty much every way and there's not really any good reason not to switch other than inertia. You get a better compiler, a better IDE, better standards compliance, etc.
Similarly, though I have no real desire to tape shows off TV, I have a very real desire to preserve my right to do so.
The market for anything involving copyrights is *by definition* a monopoly market. You can be a cumudgeon without being an idiot.
The police state grows out a desire for power on the part of the state (obvious) and the inability or unwillingess of the populace to draw boundaries of acceptable limits of authority. The difference, especially in the US, is that the liberals think the government should provide support but not exercise authority, while the conservatives believe that the government should exercise authority but not provide support.
I check for it. The problem is that the place where the CD logo is important, which is to say on the CD itself, isn't visible. The CD logo is on the jewel box of many non-CDs.
The OP probably mistakenly believes that the Constitution provides only limited powers to various elected officials. While modern government certainly does push it boundaries quite far, having totally corrupted for-sale politicians in office wouldn't help - Congress, for example, has the Constitutionally mandated ability to regulate insterstate commerce, an ability which would be invaluable for an corporation.
Of course, but, as I said, it means you have to take proactive steps to do that - you either have to intentionally run something via sudo, or you have to respond to a prompt from the system. And while you do have to install as root (via sudo, of course), you don't run applications that way. I'm still unclear from the article if the virus took effect at installation or when Mozilla ran.
All the system admin stuff (like synaptic) should be set up to run though gnome-sudo (name? I'm not at home...) or the equivilent under KDE. It's the little dialog box that dims the screen and asks for your password. If you run it directly, then yeah, you'll get permission errors when it tries to install.
No, Windows is more secure because you can't write to a binary thats being executed or has been loaded by another process. Viruses can only infect your system files if you reboot!
User-friendly distros (like Ubuntu), borrow a page from OSX and don't even expose the root account. You create a user account in setup, you're prompted for your admin password when you need to install stuff, and when you use the CLI you use sudo. Therefore, without taking proactive steps, it's not even possible run programs at root, and you have to go well out of your way to log in as root.
Did you know theres more explicit sex in a romance novel in a grocery store checkout line than there is in GTA? True fact!
It's kinda funny. Porn is some of the most-pirated content around, both the full blown commercial infringment (like sites stealing content from one another) and casual consumer piracy. It's also far, far, far more profitable than the regular movie industry, theres a thriving cottage industry of amateurs and an equally thriving industry providing tools (hosting, web applications, cam/phone brokering) to those amateurs. It's actually a very healthy, vibrant economy. The traditional movie houses could do worse than to watch what pornographers do more.
Thats not to say that they're the product of some grand conspiracy. But people *assume* that they are correct (note the parents implication that you can rely on print encyclopedias to be 100% correct, in contrast to Wikipedia). And there is no basis for this assumption - indeed, there is signifigant basis for the opposite. I've never seen anyone do a conclusive, objective study on the actual integrity of Wikipedia vs a print one, just vauge handwaving about how they don't trust it as much.
The fact is, the information you get from a traditional encyclopedia is just as likely to be biased as some fanboy edit Wikipedia article. You have no more information on the background or credentials of the authors - they may as well be anonymous. You have faith that it's accurate. In some cases it's because the encyclopedia has a history and reputation of correctness to support it, but frankly most people believe them for exactly the same reasons they believe anything in a newspaper - because it's printed "officially".
I'm not attempting to say "OMG don't use THE MANs books, use only Wikipedia!". I'm saying that it's stupid and unrealistic to assume 100% correctness in the information in an encyclopedia. If you don't trust Wikipedia because the authors are anonymous, you shouldn't trust a print one either.
I believe you drastically over-estimate the reliability and objectivity of traditional encyclopedias. It's astonishing how willing people are to trust anything thats closed and opaque, simply out of the assumption that someone must have said it was okay.
You mean like how the money for speeding tickets goes directly into police department funds, and how the property siezed in drug raids is auctioned off, with the funds going to police funds?
Current mood: Sad :(
This almost certainly falls under various US anti-spyware laws. It *probably* falls under good old 18 USC 1030 as well. The reason why spyware and other trojans don't is the nominal "authorization" of the EULA. If it installs even when you specifically decline that authorization, that should be a violation of law. Granted that the odds of any DA choosing to go after media companies for this is... poor.
http://www.thebricktestament.com/genesis/the_flood /gn06_11.html
It can take *6 months* to get approval to install a no-cost, industry standard application (Eclipse, for example). Too many IT departments get into this us & them attitude, and want to lock down users so they can't waste anyones time. Anyone with a complaint is obviously a whiner or a wannabe hacker, so push anything you have to do for them off as much as possible. If you need to lock down my PC so that it remains stable and working, then *you* need to provide the kind of service that I could do for myself. Which means not waiting 24 hours to install an approved application, or 6 months to get one approved. And especially not rebooting peoples PCs in the middle of the day while they're trying to work.
b) "Mass scale rotting organic material"... like graveyards and landfills and slaughterhouses?
c) There's no reason to believe this stuff would make you any sicker than regular petroleum if it gets on you, and some reason to believe it'd actually be safer.
The minidumps generated by XP are actually extremely powerful, assuming you've got good project management. You can load up the minidump in a debugger and it will restore the application state at the time of the crash. It can load the debugging info and symbol maps from local files, so you can still ship release binaries.
Have you actually done this? This is totally false. First and most obviously, personalized menus (still on by default, thanks to whatever brain dead inept cretin at MS thought this up). The menu and toolbar layouts are totally different between Office 95 and XP, even if you turn the personalized crap off so they don't re-arrange themselves. The formatting dialogs are laid out differently. Formatting in general has different semantics. Someone moving off of Office 95 won't be any better with Office XP than they would with any other word processor.
Office didn't just appear out of nowhere. You and people in your position didn't have any qualms about forcing Office onto everyone to start with. So your preaching about it now is irritating and dishonest.