I agree, I've found Security Now to be a good listen. I especially appreciate how Steve listens to feedback and will correct himself from previous broadcasts.
phpBB is not at all hard to upgrade, I inherited a heavily modded phpBB site and have found that the patches supplied by the phpBB team to be easy to run and have yet (through 4+ upgrades) to break any of the mods or addons.
In Sol 8 the stock vi lets you go up to 163, I tend not to go over 132 so it's safe for me. I've found 132 is safe for many of the stock distributions.
I am a computer professional so maybe I play the game more than the non-technical. But if someone came to me and offered me a pen (last year) or chocolate for my password, I'd just make one up on the spot and give it to them. It wouldn't do them any good since it would work on anything, and I'd have the chocolate.
Hmm, no problems with an 12" iBook G4 here. I'm using FileVault and have 2gig+ in IMAP mail and so far the system seems happy (28 hours up since update).
I'm really hoping it fixes the longevity problems I've been having with 10.3, I could leave 10.2 running for a month w/o a reboot. 10.3 really seems to need one ever week to keep the system running smoothly.
Apple just doesn't want to confuse the masses with to many choices.
If you want to pick and choose your apps and versions use Fink or the NetBSD Ports Collection. Why wait for Apple to update your software when you can do it your self?
Calm down a bit, he didn't say "we shouldn't feed the homless - we should pay the debt off first" he said "we shouldn't go shoving money at robots until we pay our debt off". There is a really big difference there.
Now I don't think we should stop all spending on new science, but we sure do need to reduce the US debt load.
Hard to hold any kind of conversation on a pager, even a blackberry (and if you going to pay for a RIM, the phone is cheaper).
With a pager people on the road don't have a way to get back in touch with you. If they have a personal cell, then you have to deal with charge back, if not they have to find a payphone.
Cell is much more convenient, and saves time in the long run.
Where do you get $100 for a service pack? They charge $100 for each version upgrade (like 10.2 to 10.2) but thats just like going from Windows 95 to Windows 98, heck you pay more to go from 2k to XP (last time I checked) and I saw more improvement between 10.1 and 10.2 than I did between 2k and XP.
The 'service packs' are free and have been since the begining, 10.2.1, 10.2.2, 10.2.3-10.2.6 don't cost a thing, you just download and install them.
Are you exaggerating for fun and effect or do you really think that? I know some geeks who use it, but know more who use mutt, Ximian Evolution, Apple Mail, nmh, exmh, SquirrelMail and a few others but hardly 99%, I don't even think 50%. That's the joy of being a geek, you use what ever you like the most, not what you preserve the majority use./s
There's no Linux equivalent to Microsoft Money, for example -- not something that can connect to my bank automatically and get statements and process transfers without having to import and export qif files. Same with Microsoft Streets&Trips -- there's simply no equivalent.
Actually there is a great equivalent to Microsoft Mondey, it's called Moneydance. It does all the that MM does and it runs on Windows, Linux, MacOS, Solaris and many other platforms. Not only that, but the data files are transfurable between platforms (Quicken doesn't do that). Take a look, I recommend it.
On top of that WalMart has a history of only selling stuff it felt was up to its standards. If they keep up this trend there will be a lot of movies that won't be available from their service that NetFlix offers.
Have you missed other discussions going on here? MS is already doing it, just to a lesser degree. Wow, you should brush up on what's really going on in your computer.
I'm not against educating users, I'm against putting unresonable limitations on them.
You work for a hospital, the people who work there have no need to send executables to each other. That's fine. What about word docs, do you force them all to convert those to RTF as the original poster suggested?
I've worked at places where the employees toss all sorts of stuff across the net, and you can 'show them the way' all you want but if it's an extra step then a good number of them will ignore it (now when Outlook will do the compression automatically, that's another thing, but it wouldn't help the issue anyway would it?)
Compression does not add security, it adds obuscation (sp?). So the user has to click twice insted of just once to launch it, how does that stop them from doing it? With a zip tool tied in to the mail tool it's just another popup window that people will click on.
When I was working at Atari, we had all executable types (bat, exe, com, vbs etc) changed so that they were {blah}.txt. Then when people got their files it opened in NotePad insted of launching. They would call us to find out why this was, we would tell them and then the 'security' of it was gone. They knew how to get 'around' it and just renamed the file before launching it. Same thing with compression.
AFAIK fancy formatting (I've had papers which had to be on a specific template loose some of the formatting when converted).
Also, macros are not a bad thing in and of themselves, they are just to powerful. I've seen them used before in Word and Excell quite well.
Do viruses enable the communication?
Now that is a really stupid question and you know it, you're just trying to be cute to belittle my opinion.
No, they do not. But that doesn't mean you should block all exe files at your mail server because you think all of your users should be trained to compress them first.
Like I said in another thread, I'm not saying that's the reason they paid $$$ for the company. It's probably just another of their expansion campains.
But it would be a lot easer to hide a DRM scanner inside of a virus scanner than it would inside of Windows Update (which people watch closly) or Word (which isn't supposed to be scanning your entire drive on a daily bases).
1. Virus-scanning takes place on the local PC by a binary. Lets agree on that.
I don't completely agree. Virus-scannign takes place by a binary, but it can happen on your local PC, or on the remote mail server.
2. Current Virus scanning software works by downloading via HTTP or FTP a new definition file which tells the binary in step #1 how to work.
Yes, and your point is?
3. If ANY non-HTTP information is sent to the server, that'll cause suspicion.
Why? A number of companies are looking at moving toward HTTPS as a step toward validating the site you are recieving the data from is the intended site. What is suspicious in that? But you can't see what's in the encryped stream.
There is NOTHING in a virus scanning package that MS can't already include without spending MILLIONS on buying a third-party company.
MS may have evil intentions here, but your position is baseless and illogical.
Except that very few of the tools on the system are supposed to scan every single file on your system and check those files against a database of fingerprints. Don't you think people would raise alarms if Scandisk or MSWord started refrencing what it was looking at against a database?
AntiVirus tools are supposed to do that by design.
I never said that enforcing DRM was the reason MS purchase the product, I was just showing how that functionality could be easily added to the product with out raising red flags for the watch groups. Calling my suggestion illogical (which it is not) you gave no reasons backing up your claim besides MS wouldn't pay $$$ just for that purpose, when I never suggested that was the only reason.
As for being baseless, perhaps, but a lot more possible than other suggestions made here on/.
Why would one send a.doc to another user? Sending RTF (Microsoft Rich Text Format, a textual encoding of.doc) is safer, as RTF cannot carry macros and thus cannot carry macro viruses.
Because SysAds should not be putting lame requirements on their users ("Even though everyone in this office uses MSWord I want you to do a save-as and save the document in a format that doesn't retain all of your information so the e-mail server can handle it"). I'm a SysAd and I think that is bull.
And yes, I know you can go in to Word and tell it to use RTF as it's default format. But then it asks you "Are you sure you don't want to save this in the native format" when you try to do something fancy and "Do you want to change the format of this document" when you are working with something that wasn't saved in RTF.
We should be finding ways to enable the communication, no matter how useless some high and mighty individuals think it is.
The point is that it would be harder to track what Microsoft was doing if they did it though a tool like an anti-virus program.
What do you expect a virus program to do:
Scan all of the files in your system.
Ok, so it's scanning all of your files, if the anti-virus datafile is encripted how do you know what it's scanning for? Just viruses, are you sure?
Connect to a remote site and request updates
Well, it has to send data to prove it's a currently registered product and deserving of a free update right? So how much data can you encript and compress in to that packet? ("Here is a list of software apps on the system that were downloaded last week xxx xxx xxx")
Connect to a remote site and download new virus definitions
Is it just that, or is it also a list of known ripped off serial numbers/activiation codes. Oops, MSWord has a virus, must quarinteen it to protect your system!
There is a lot you could do, and explain it all away as the normal actions of the anti-virus tool.
Put aside that it's a virus scanner. What does it really do? It scans all of the files on your systems, and those being transmitted in and out of your system and matches fingerprints of those files to a database.
What's to stop them from tracking all of the files sent in and out of the system under the guise of the virus scanner? It could pop up different messages "This file contains the virus {blah}" or "this is a DRM protected application and is not legal to transfer to your system".
It could piggy back that information in it's virus datafile updates. It would be hard to track becuase all of the things that it would do, it needs to do to be a succesful anti-virus tool.
First, on the original topic. I agree with the Eudora conversion suggestion, It's worked for me in the past.
Now: I'm not sure where you are getting unbearably slow. I just converted my local mail files on a NetBSD server to IMAP (1gig of mail, 180k+ messages of list traffic and such).
Sure it took about 20 hours to sync the first time (I have Mail caching all of my mail and attachments to the local disk so I can get at them offline) but once that task was over I find mail to be quite responsive. Esp when I need to resync the tree (yes, even with new mail - not just the old cached ones).
There are some companies who use MSN for their off-site dialup access (Don't ask my why when there are cheaper alternatives).
With MSN for OSX the folks at those companies can use the 'approved' access method insted of having to poney up for their own dialup access. Esp helpful these days when most of the people I work with don't have their own dialup accounts anymore becuase they have switched to DSL/Cable at home for their Internet access.
One problem with that kind of poll is you don't know the quality of the responces.
If someone walked up to me on the street and said "I'll give you this pen for your password" I'd say "fluffy" or something like that, take the pen and be on my way. "fluffy" Isn't my password anywhere, but they wouldn't know that.
How many people did they ask that just wanted the pen? (This wouldn't count for tbe people like the CEO who they actually tricked in to giving the password, just the ones who answered right away).
Slashdot Mirror
I agree, I've found Security Now to be a good listen. I especially appreciate how Steve listens to feedback and will correct himself from previous broadcasts.
phpBB is not at all hard to upgrade, I inherited a heavily modded phpBB site and have found that the patches supplied by the phpBB team to be easy to run and have yet (through 4+ upgrades) to break any of the mods or addons.
So, I guess it's just a matter of RTFM.
In Sol 8 the stock vi lets you go up to 163, I tend not to go over 132 so it's safe for me. I've found 132 is safe for many of the stock distributions.
-M
I am a computer professional so maybe I play the game more than the non-technical. But if someone came to me and offered me a pen (last year) or chocolate for my password, I'd just make one up on the spot and give it to them. It wouldn't do them any good since it would work on anything, and I'd have the chocolate.
Hmm, no problems with an 12" iBook G4 here. I'm using FileVault and have 2gig+ in IMAP mail and so far the system seems happy (28 hours up since update).
I'm really hoping it fixes the longevity problems I've been having with 10.3, I could leave 10.2 running for a month w/o a reboot. 10.3 really seems to need one ever week to keep the system running smoothly.
It doesn't :)
Apple just doesn't want to confuse the masses with to many choices.
If you want to pick and choose your apps and versions use Fink or the NetBSD Ports Collection. Why wait for Apple to update your software when you can do it your self?
Wow man, talk about over reacting!
Calm down a bit, he didn't say "we shouldn't feed the homless - we should pay the debt off first" he said "we shouldn't go shoving money at robots until we pay our debt off". There is a really big difference there.
Now I don't think we should stop all spending on new science, but we sure do need to reduce the US debt load.
Hard to hold any kind of conversation on a pager, even a blackberry (and if you going to pay for a RIM, the phone is cheaper).
With a pager people on the road don't have a way to get back in touch with you. If they have a personal cell, then you have to deal with charge back, if not they have to find a payphone.
Cell is much more convenient, and saves time in the long run.
Where do you get $100 for a service pack? They charge $100 for each version upgrade (like 10.2 to 10.2) but thats just like going from Windows 95 to Windows 98, heck you pay more to go from 2k to XP (last time I checked) and I saw more improvement between 10.1 and 10.2 than I did between 2k and XP.
The 'service packs' are free and have been since the begining, 10.2.1, 10.2.2, 10.2.3-10.2.6 don't cost a thing, you just download and install them.
I realize 99% of us geeks already use it.
/s
Are you exaggerating for fun and effect or do you really think that? I know some geeks who use it, but know more who use mutt, Ximian Evolution, Apple Mail, nmh, exmh, SquirrelMail and a few others but hardly 99%, I don't even think 50%. That's the joy of being a geek, you use what ever you like the most, not what you preserve the majority use.
There's no Linux equivalent to Microsoft Money, for example -- not something that can connect to my bank automatically and get statements and process transfers without having to import and export qif files. Same with Microsoft Streets&Trips -- there's simply no equivalent.
Actually there is a great equivalent to Microsoft Mondey, it's called Moneydance. It does all the that MM does and it runs on Windows, Linux, MacOS, Solaris and many other platforms. Not only that, but the data files are transfurable between platforms (Quicken doesn't do that). Take a look, I recommend it.
http://www.moneydance.com/
(BTW, I do not work for, nor do I have a personal stake in the company that makes Mondeydance, I just like the product.)
Dogma != Pulp Fiction || Xtro
On top of that WalMart has a history of only selling stuff it felt was up to its standards. If they keep up this trend there will be a lot of movies that won't be available from their service that NetFlix offers.
Have you missed other discussions going on here? MS is already doing it, just to a lesser degree. Wow, you should brush up on what's really going on in your computer.
I'm not against educating users, I'm against putting unresonable limitations on them.
You work for a hospital, the people who work there have no need to send executables to each other. That's fine. What about word docs, do you force them all to convert those to RTF as the original poster suggested?
I've worked at places where the employees toss all sorts of stuff across the net, and you can 'show them the way' all you want but if it's an extra step then a good number of them will ignore it (now when Outlook will do the compression automatically, that's another thing, but it wouldn't help the issue anyway would it?)
Compression does not add security, it adds obuscation (sp?). So the user has to click twice insted of just once to launch it, how does that stop them from doing it? With a zip tool tied in to the mail tool it's just another popup window that people will click on.
When I was working at Atari, we had all executable types (bat, exe, com, vbs etc) changed so that they were {blah}.txt. Then when people got their files it opened in NotePad insted of launching. They would call us to find out why this was, we would tell them and then the 'security' of it was gone. They knew how to get 'around' it and just renamed the file before launching it. Same thing with compression.
-Sean
Other than macros, what does RTF lose?
AFAIK fancy formatting (I've had papers which had to be on a specific template loose some of the formatting when converted).
Also, macros are not a bad thing in and of themselves, they are just to powerful. I've seen them used before in Word and Excell quite well.
Do viruses enable the communication?
Now that is a really stupid question and you know it, you're just trying to be cute to belittle my opinion.
No, they do not. But that doesn't mean you should block all exe files at your mail server because you think all of your users should be trained to compress them first.
Like I said in another thread, I'm not saying that's the reason they paid $$$ for the company. It's probably just another of their expansion campains.
But it would be a lot easer to hide a DRM scanner inside of a virus scanner than it would inside of Windows Update (which people watch closly) or Word (which isn't supposed to be scanning your entire drive on a daily bases).
-Sean
1. Virus-scanning takes place on the local PC by a binary. Lets agree on that.
/.
I don't completely agree. Virus-scannign takes place by a binary, but it can happen on your local PC, or on the remote mail server.
2. Current Virus scanning software works by downloading via HTTP or FTP a new definition file which tells the binary in step #1 how to work.
Yes, and your point is?
3. If ANY non-HTTP information is sent to the server, that'll cause suspicion.
Why? A number of companies are looking at moving toward HTTPS as a step toward validating the site you are recieving the data from is the intended site. What is suspicious in that? But you can't see what's in the encryped stream.
There is NOTHING in a virus scanning package that MS can't already include without spending MILLIONS on buying a third-party company.
MS may have evil intentions here, but your position is baseless and illogical.
Except that very few of the tools on the system are supposed to scan every single file on your system and check those files against a database of fingerprints. Don't you think people would raise alarms if Scandisk or MSWord started refrencing what it was looking at against a database?
AntiVirus tools are supposed to do that by design.
I never said that enforcing DRM was the reason MS purchase the product, I was just showing how that functionality could be easily added to the product with out raising red flags for the watch groups. Calling my suggestion illogical (which it is not) you gave no reasons backing up your claim besides MS wouldn't pay $$$ just for that purpose, when I never suggested that was the only reason.
As for being baseless, perhaps, but a lot more possible than other suggestions made here on
-Sean
Why would one send a .doc to another user? Sending RTF (Microsoft Rich Text Format, a textual encoding of .doc) is safer, as RTF cannot carry macros and thus cannot carry macro viruses.
Because SysAds should not be putting lame requirements on their users ("Even though everyone in this office uses MSWord I want you to do a save-as and save the document in a format that doesn't retain all of your information so the e-mail server can handle it"). I'm a SysAd and I think that is bull.
And yes, I know you can go in to Word and tell it to use RTF as it's default format. But then it asks you "Are you sure you don't want to save this in the native format" when you try to do something fancy and "Do you want to change the format of this document" when you are working with something that wasn't saved in RTF.
We should be finding ways to enable the communication, no matter how useless some high and mighty individuals think it is.
-Sean
The point is that it would be harder to track what Microsoft was doing if they did it though a tool like an anti-virus program.
What do you expect a virus program to do:
Scan all of the files in your system.
Ok, so it's scanning all of your files, if the anti-virus datafile is encripted how do you know what it's scanning for? Just viruses, are you sure?
Connect to a remote site and request updates
Well, it has to send data to prove it's a currently registered product and deserving of a free update right? So how much data can you encript and compress in to that packet? ("Here is a list of software apps on the system that were downloaded last week xxx xxx xxx")
Connect to a remote site and download new virus definitions
Is it just that, or is it also a list of known ripped off serial numbers/activiation codes. Oops, MSWord has a virus, must quarinteen it to protect your system!
There is a lot you could do, and explain it all away as the normal actions of the anti-virus tool.
-Sean
How about this:
Put aside that it's a virus scanner. What does it really do? It scans all of the files on your systems, and those being transmitted in and out of your system and matches fingerprints of those files to a database.
What's to stop them from tracking all of the files sent in and out of the system under the guise of the virus scanner? It could pop up different messages "This file contains the virus {blah}" or "this is a DRM protected application and is not legal to transfer to your system".
It could piggy back that information in it's virus datafile updates. It would be hard to track becuase all of the things that it would do, it needs to do to be a succesful anti-virus tool.
-Sean
First, on the original topic. I agree with the Eudora conversion suggestion, It's worked for me in the past.
Now: I'm not sure where you are getting unbearably slow. I just converted my local mail files on a NetBSD server to IMAP (1gig of mail, 180k+ messages of list traffic and such).
Sure it took about 20 hours to sync the first time (I have Mail caching all of my mail and attachments to the local disk so I can get at them offline) but once that task was over I find mail to be quite responsive. Esp when I need to resync the tree (yes, even with new mail - not just the old cached ones).
I'm using it with a 800G3 iBook.
-Sean
There are some companies who use MSN for their off-site dialup access (Don't ask my why when there are cheaper alternatives).
With MSN for OSX the folks at those companies can use the 'approved' access method insted of having to poney up for their own dialup access. Esp helpful these days when most of the people I work with don't have their own dialup accounts anymore becuase they have switched to DSL/Cable at home for their Internet access.
One problem with that kind of poll is you don't know the quality of the responces.
If someone walked up to me on the street and said "I'll give you this pen for your password" I'd say "fluffy" or something like that, take the pen and be on my way. "fluffy" Isn't my password anywhere, but they wouldn't know that.
How many people did they ask that just wanted the pen? (This wouldn't count for tbe people like the CEO who they actually tricked in to giving the password, just the ones who answered right away).
I don't think so.
He is correct, current markets go for the majority and don't bother for the minority (excepting small speciality groups).
Unless you show one of the big players how to turn it in to a cash cow, they won't put to much time or money in to it.