That will, as you said, PLACE the binaries there. But as long as you don't run them as root, you can't infect files and directories you don't have access to. If you are a normal user you can't write to/root or/bin or/usr or/home/other_users. If you run the infected app, you CAN infect/home/your_directory and/tmp. So the moral of the story is DON'T RUN APPS AS ROOT.
As an aside, you can do an install of Mozilla without running the browser afterwards by doing this:./mozilla_installer -ira
If you install infected binaries, but never execute them as root, the infection will only damage/home/your_username. If you run it as root, then you've compromised the entire system. BIG difference between Windows and *nix in that regard. Which would you rather lose? The entire system requiring a complete OS and application reinstall?, or your user's home dirs? Escpecially if you've got backups of your/home dirs. Personally, I'm not interested in reinstalling the entire OS and applications. That's stupid. It's much easier to just remove the infected software wipe your users, restore their data and be back up and running in short order.
But they need WRITE access to bin in order to inject the virus in the first place. However, you are correct in that most users do install as root in order to get the binaries into/usr. But I don't think the installer is what causes the infection. It is the execution of Mozilla that would infect a system. As long as root doesn't run Mozilla, it shouldn't be an issue.
Exactly. If you run as root, you're a moron. If you run as a regular user, then the only thing you might hose is your own/home dir. If you're a smart user, you've been backup up your/home dir to a location that only root can access... That way recovery is painless. Very different from Windows where you have to reinstall the OS to be sure you're clean. (BTW, we're talking home users, not corporate users)
...expect to see more of this as the popularity of OSS continues. Of course, unlike Windows it won't get far since MOST users are smart enough to not be running as root.
I've been hearing about how grate it is and how is trumps Mozilla in every way. So I would like to install it on my Linux box. Ware do I get teh source?
...I was never a big fan of "Tubthumping". Look at one of my latest posts (Sunday night) in a friend's JE about the worst music evar.
I'll also say, why in the hell is the music business so fired up to make nothing but hit records instead of providing people with access to music with artistic integrity? Yeah, they should make money, there's no doubt about that. They are, after all a businesses and they exist to make money. But, don't they also exist to give artists a voice? Whatever happened to that part of the equation? When did they discard the idea that popular music can also be truly artistic expressions of a musician's mind, body and soul? I don't even have a problem with there being people who make million dollar incomes when they do nothing more than pencil pushing in the whole cycle of musicial distribution. But, the musicians who actually create the stuff should be making at least as much as they do because without the artist, the business is nothing.
All companies have internal employee gripes about working there with very few exceptions. Those exceptions tend to be companies that are flush with cash and are able to treat their employees as they should be treated. But when it comes to "brass tacks", the niceties are the first thing to go. Now, I should also say that I can't stand Microsoft or Windows, I think they're both shite. But, Windows isn't going to suddenly disappear and niether is Microsoft. Witness the auto industry. There are companies out there that make shitty autos but you don't see them dying out. You also don't see consumers russhing out to buy a new car every time the auto industry says to do so. The same thing applies to Windows. As much as Microsoft might wish that people will flock to Vista (whatever flavor) the real truth, and they know this, is that there are people who are STILL going to be running Windows 95 out there if it still works for them. So, none of this article warrants gloating about the demise of Microsoft. It ain't gonna happen. If it were, then Chevy should have disappeared decades ago.
Yeah... I would say that the ALSA (Advanced Linux Sound Architecture) project being intergrated into the Linux kernel is going a long way to improving the audio experience beyond what Windows can ever offer. (With the exception of audio boards that aren't supported by ALSA for the usual corporate non-disclosure reasons) I have a semi-pro audio system (Echo Layla 20) that wasn't supported fully (I needed MIDI, not just audio) for a while so I still had to run XP. But now, I've been able to ditch it and the only thing that keeps me on Windows is video editing. Of course, per my latest journal entry I am trying Cinelerra in the hopes that I can finally ditch that one last reason to run Windows. Everything else that I do (and there is a lot) can be done in Linux and I only need Windows for that last thing.
...Windows Vista Ultimate Security Edition. This Windows release will be very compact (easily fitting in 512 bytes of storage). It will issue a STOP command to the system CPU resulting in a halted machine that is more secure than any pervious OS on the planet. Uncrackable.
I should mention that I hated Xine originally for the same reasons that I don't fancy Cinelerra. Their UI was clunky. I was an MPlayer fan at the time and I didn't care if Xine had a few extras because the UI was so godawful. When they separated the UI from the functionality and allowed others to write UIs, I chose Gxine and was converted to being a bi-platform fan of both Xine and MPlayer.
From the article:...and the word "the" is much more common than "xprld".
JeffK speak suins this assumption since we all know that "the" is properly spelled "teh" accodring to JeffK. I challenge these guys to be able to decode what someone is typing when they are being "leet" like JeffK.
I have to echo this sentiment. I come from a background where I've worked with Avid/Digedesign products, Adobe Premiere and a few low budget Windows apps (Avid had one a few years back, but I currently use Sony Vegas on Windows XP) and I can say that Cinelerra has a lot of great features but an unusable UI. The fact that to work with two video sources, you need to run two instances of Cinelerra is preposterous. This is a perfect situation where the use of MDI is called for. Trust me, I've been able to make the move from say, Photoshop to GIMP with little trouble. Cinelerra (in it's last version) was a bear to work with. And the UI widgets aren't to helpful either. Bevelled buttons might look neat, but without proper graphics to tell when things are engaged or not, Cinelerra adds that much more work for the user.
I'm not trying to assail the project itself. I think the concepts behind it are wonderful, but the UI needs to be rethought. If the developer would do what the Xine folks did, and build a base library of all the power in Cinelerra, then build a separate UI to put over the libs while allowing others to write their own UIs, I think we could have a killer app here...
This is an outrage!!! As a GMail user I expected that Google would have done their homework and not used a similar name to a trademark of another company! I am now confused because I can't tell which GMail is which anymore! This is going to cause major customer confusion on both sides of this issue. Boo on Google! They were my heros and now they did this!!! They have poopmouths!! It's poop!! I hate you Mr. Google!!! (NOTE: This is a vague reference to Anchorman: The Ledgend of Ron Burgundy starring Will Farrell. If you haven't seen this masterpiece of absurdity, rent it tonight!);P
Whereas Muslim terrorists want to keep their women in the home covered from head to toe and pregnant, neocons want to keep their women in the home BAREFOOT and pregnant.
So... Muslims Neocons have a foot fetish? That explains a LOT.;P
Yeah... well I've got a friend who has done large amounts of marijuana, LSD, cocaine, and actually had a crack and herion addiction problem. He's also an alcoholic. How did he stop his addiction problem? He just decided to quit crack and heroin one day. He hasn't touched them since. He's still a drunk though. He's even survived two suicide attempts while he was a junky. So by your logic I guess that means that cocain, crack and heroin are safe? Just because there are instances where something dangerous can be utilized without any negative consequences doesn't mean something is safe. It just means that people have either been extremely cautious with out that something is utilized, or they've just been lucky.
Since it's Sunday and not Troll Tuseday, I can be honest and tell you that what I typed above is my portrayal of the typical Slashbot who thinks they know everything. If you would have read my other posts you would have seen that I was playing both sides of the fence with my new and innovative MPD troll. My reasons for doing so are to spark interesting discussion (of which Slashdot is sorely lacking these days). So, I am aware of the information in the links you provide, but they have no bearing on the character I was playing last Tuesday. BTW... I am not a troll. At least not on any other day but Tuesday.;P
My point exactly. To the poster below who asks me if I'm a vampire, I have to say no. But I also have to say that the Sun is far safer than any nuke that a human will come up with. The point is that it may not matter much (with the exception of close relatives) is a car blows up and a family is killed. But it matters a WHOLE lot if a nuke blows up and an entire city is killed (meaning that even if people don't die, they and the land they came from are permanently damaged). You idiots who think nukes are safe... why don't you have someone build one in your neighborhood and we'll really see how safe you think nukes are.
...the Chernobyl and Three Mile Island disasters didn't teach anyone anything did they? Nuclear power is not and will never be safe. Period. End of story. Unless someone figures out how to un-radiate people and places that have suffered radiation exposure after another disaster. (They will happen repeatedly until people realize that nuclear energy is a stupid idea). Just because it might be relatively inexpensive doesn't mean it's good. Just like Walmart is bad for the average person...
This isn't about two women having a baby. It's about a male and female couple's embryo being altered with material from another woman. In other words, two women and a man = embryo.
1. You shouldn't use your work e-mail address for private stuff. Everything that goes through your employer's server should be considered suspect 2. You should run your own mail server and make it accessible via secure means
I don't run a local mail client at all. I use VPN to get to a workstation back at home and that's where all my e-mail and IM happens. I also run my own IM server so that my friends and I can be sure our communications are secure. It's a simple process really. Running servers at home (if you use open source) isn't that hard.
Hmmm... I hate POP. Users constantly storing their e-mail on their local machine with NO backup or concept of why they should backup if they want it local? No thanks. When you're dealing with users who aren't to clear on where backups happen (at the server), then you don't want their mail on their workstations. IMAP rules. I'd never look back to POP as a suitable mail protocol ever again. I even use IMAP here on my mail server at home. POP? What were you thinking?
Slashdot Mirror
That will, as you said, PLACE the binaries there. But as long as you don't run them as root, you can't infect files and directories you don't have access to. If you are a normal user you can't write to /root or /bin or /usr or /home/other_users. If you run the infected app, you CAN infect /home/your_directory and /tmp. So the moral of the story is DON'T RUN APPS AS ROOT.
./mozilla_installer -ira
./mozilla_installer -h
As an aside, you can do an install of Mozilla without running the browser afterwards by doing this:
For more info do this:
If you install infected binaries, but never execute them as root, the infection will only damage /home/your_username. If you run it as root, then you've compromised the entire system. BIG difference between Windows and *nix in that regard. Which would you rather lose? The entire system requiring a complete OS and application reinstall?, or your user's home dirs? Escpecially if you've got backups of your /home dirs. Personally, I'm not interested in reinstalling the entire OS and applications. That's stupid. It's much easier to just remove the infected software wipe your users, restore their data and be back up and running in short order.
But they need WRITE access to bin in order to inject the virus in the first place. However, you are correct in that most users do install as root in order to get the binaries into /usr. But I don't think the installer is what causes the infection. It is the execution of Mozilla that would infect a system. As long as root doesn't run Mozilla, it shouldn't be an issue.
Exactly. If you run as root, you're a moron. If you run as a regular user, then the only thing you might hose is your own /home dir. If you're a smart user, you've been backup up your /home dir to a location that only root can access... That way recovery is painless. Very different from Windows where you have to reinstall the OS to be sure you're clean. (BTW, we're talking home users, not corporate users)
...expect to see more of this as the popularity of OSS continues. Of course, unlike Windows it won't get far since MOST users are smart enough to not be running as root.
I've been hearing about how grate it is and how is trumps Mozilla in every way. So I would like to install it on my Linux box. Ware do I get teh source?
Signed,
1337 h4x0rz
...I was never a big fan of "Tubthumping". Look at one of my latest posts (Sunday night) in a friend's JE about the worst music evar.
I'll also say, why in the hell is the music business so fired up to make nothing but hit records instead of providing people with access to music with artistic integrity? Yeah, they should make money, there's no doubt about that. They are, after all a businesses and they exist to make money. But, don't they also exist to give artists a voice? Whatever happened to that part of the equation? When did they discard the idea that popular music can also be truly artistic expressions of a musician's mind, body and soul? I don't even have a problem with there being people who make million dollar incomes when they do nothing more than pencil pushing in the whole cycle of musicial distribution. But, the musicians who actually create the stuff should be making at least as much as they do because without the artist, the business is nothing.
So... you're saying there's hope yet? Sun might eventually bite it? ;P
All companies have internal employee gripes about working there with very few exceptions. Those exceptions tend to be companies that are flush with cash and are able to treat their employees as they should be treated. But when it comes to "brass tacks", the niceties are the first thing to go. Now, I should also say that I can't stand Microsoft or Windows, I think they're both shite. But, Windows isn't going to suddenly disappear and niether is Microsoft. Witness the auto industry. There are companies out there that make shitty autos but you don't see them dying out. You also don't see consumers russhing out to buy a new car every time the auto industry says to do so. The same thing applies to Windows. As much as Microsoft might wish that people will flock to Vista (whatever flavor) the real truth, and they know this, is that there are people who are STILL going to be running Windows 95 out there if it still works for them. So, none of this article warrants gloating about the demise of Microsoft. It ain't gonna happen. If it were, then Chevy should have disappeared decades ago.
Yeah... I would say that the ALSA (Advanced Linux Sound Architecture) project being intergrated into the Linux kernel is going a long way to improving the audio experience beyond what Windows can ever offer. (With the exception of audio boards that aren't supported by ALSA for the usual corporate non-disclosure reasons) I have a semi-pro audio system (Echo Layla 20) that wasn't supported fully (I needed MIDI, not just audio) for a while so I still had to run XP. But now, I've been able to ditch it and the only thing that keeps me on Windows is video editing. Of course, per my latest journal entry I am trying Cinelerra in the hopes that I can finally ditch that one last reason to run Windows. Everything else that I do (and there is a lot) can be done in Linux and I only need Windows for that last thing.
Then that must mean coders are safe since most of them can't spell worth a damn unless they are coding. ;P
...Windows Vista Ultimate Security Edition. This Windows release will be very compact (easily fitting in 512 bytes of storage). It will issue a STOP command to the system CPU resulting in a halted machine that is more secure than any pervious OS on the planet. Uncrackable.
I should mention that I hated Xine originally for the same reasons that I don't fancy Cinelerra. Their UI was clunky. I was an MPlayer fan at the time and I didn't care if Xine had a few extras because the UI was so godawful. When they separated the UI from the functionality and allowed others to write UIs, I chose Gxine and was converted to being a bi-platform fan of both Xine and MPlayer.
JeffK speak suins this assumption since we all know that "the" is properly spelled "teh" accodring to JeffK. I challenge these guys to be able to decode what someone is typing when they are being "leet" like JeffK.
I have to echo this sentiment. I come from a background where I've worked with Avid/Digedesign products, Adobe Premiere and a few low budget Windows apps (Avid had one a few years back, but I currently use Sony Vegas on Windows XP) and I can say that Cinelerra has a lot of great features but an unusable UI. The fact that to work with two video sources, you need to run two instances of Cinelerra is preposterous. This is a perfect situation where the use of MDI is called for. Trust me, I've been able to make the move from say, Photoshop to GIMP with little trouble. Cinelerra (in it's last version) was a bear to work with. And the UI widgets aren't to helpful either. Bevelled buttons might look neat, but without proper graphics to tell when things are engaged or not, Cinelerra adds that much more work for the user.
I'm not trying to assail the project itself. I think the concepts behind it are wonderful, but the UI needs to be rethought. If the developer would do what the Xine folks did, and build a base library of all the power in Cinelerra, then build a separate UI to put over the libs while allowing others to write their own UIs, I think we could have a killer app here...
This is an outrage!!! As a GMail user I expected that Google would have done their homework and not used a similar name to a trademark of another company! I am now confused because I can't tell which GMail is which anymore! This is going to cause major customer confusion on both sides of this issue. Boo on Google! They were my heros and now they did this!!! They have poopmouths!! It's poop!! I hate you Mr. Google!!! (NOTE: This is a vague reference to Anchorman: The Ledgend of Ron Burgundy starring Will Farrell. If you haven't seen this masterpiece of absurdity, rent it tonight!) ;P
So... Muslims Neocons have a foot fetish? That explains a LOT. ;P
Yeah... well I've got a friend who has done large amounts of marijuana, LSD, cocaine, and actually had a crack and herion addiction problem. He's also an alcoholic. How did he stop his addiction problem? He just decided to quit crack and heroin one day. He hasn't touched them since. He's still a drunk though. He's even survived two suicide attempts while he was a junky. So by your logic I guess that means that cocain, crack and heroin are safe? Just because there are instances where something dangerous can be utilized without any negative consequences doesn't mean something is safe. It just means that people have either been extremely cautious with out that something is utilized, or they've just been lucky.
Since it's Sunday and not Troll Tuseday, I can be honest and tell you that what I typed above is my portrayal of the typical Slashbot who thinks they know everything. If you would have read my other posts you would have seen that I was playing both sides of the fence with my new and innovative MPD troll. My reasons for doing so are to spark interesting discussion (of which Slashdot is sorely lacking these days). So, I am aware of the information in the links you provide, but they have no bearing on the character I was playing last Tuesday. BTW... I am not a troll. At least not on any other day but Tuesday. ;P
My point exactly. To the poster below who asks me if I'm a vampire, I have to say no. But I also have to say that the Sun is far safer than any nuke that a human will come up with. The point is that it may not matter much (with the exception of close relatives) is a car blows up and a family is killed. But it matters a WHOLE lot if a nuke blows up and an entire city is killed (meaning that even if people don't die, they and the land they came from are permanently damaged). You idiots who think nukes are safe... why don't you have someone build one in your neighborhood and we'll really see how safe you think nukes are.
...the Chernobyl and Three Mile Island disasters didn't teach anyone anything did they? Nuclear power is not and will never be safe. Period. End of story. Unless someone figures out how to un-radiate people and places that have suffered radiation exposure after another disaster. (They will happen repeatedly until people realize that nuclear energy is a stupid idea). Just because it might be relatively inexpensive doesn't mean it's good. Just like Walmart is bad for the average person...
This isn't about two women having a baby. It's about a male and female couple's embryo being altered with material from another woman. In other words, two women and a man = embryo.
Ouch! That's got to hurt! ;P (Note to humour impaired mods: This is a use of good humour. Mod appropriately)
That's why...
1. You shouldn't use your work e-mail address for private stuff. Everything that goes through your employer's server should be considered suspect
2. You should run your own mail server and make it accessible via secure means
I don't run a local mail client at all. I use VPN to get to a workstation back at home and that's where all my e-mail and IM happens. I also run my own IM server so that my friends and I can be sure our communications are secure. It's a simple process really. Running servers at home (if you use open source) isn't that hard.
Hmmm... I hate POP. Users constantly storing their e-mail on their local machine with NO backup or concept of why they should backup if they want it local? No thanks. When you're dealing with users who aren't to clear on where backups happen (at the server), then you don't want their mail on their workstations. IMAP rules. I'd never look back to POP as a suitable mail protocol ever again. I even use IMAP here on my mail server at home. POP? What were you thinking?