Unprivileged programs can connect to ports under 1024; they just can't listen on these ports. How would normal users run HTTP and FTP clients otherwise?
Good point, though the same effect could also be achieved with conventional unix security. I only wanted to debunk the idea that the browser being unable to write system files makes the system invincible.
Users need no special permissions to run executables, and for most people, rm -rf $HOME would be as disastrous as rm -rf/. If we're talking about malware, it's trivial to get a user program to run on login without administrative privileges.
The only viable long-term solution is to put email clients, web browsers, and other sensitive programs each in their own separated, limited environments to contain any damage. The approach works for network servers; why not for clients?
You're not right. There's nothing preventing any user from setting up executables directly in his home directory; hell, back in my shell account days, I must have had the equivalent of a pretty good-sized unix system in ~/bin, ~/usr and ~/var.
You are conflating computer science and computer engineering, just like almost everyone. A "C++ teacher" is not teaching computer science, but computer engineering, whereas an algorithms professor is teacher computer science, but not computer engineering.
Any class that requires the instructor to know actual coding is, on its face, a computer engineering class (though it may also be a computer science one.) Ugh.
In the hard sciences, labs and lectures are often separate classes with different instructors and grades. I think computer science departments need to create the same separation.
See posix_fadvise. Using that API, a process can have as much control over a file as it needs; too bad the kernel does basically nothing with that information.
In a democracy, laws, as long as they respect basic pre-agreed-upon rights, should reflect the wide gamut for opinion. In a democracy, what other legitimate criterion is there? The low speed limits in the US are the fault of the screeching few, and that nearly everyone speeds is simply a public rejection of the law.
Oddly enough, I've noticed that while my female friends couldn't care less about most games, they go absolutely crazy over The Sims. Perhaps this effect has something to do with that game's popularity.
It's funny how those troll mods only appeared after I started arguing with somebody who mentioned using modpoints upthread. Those sockpuppets of yours won't do any good. Also, the original typo was "eaden", not "eiden". It speaks volumes that you can't even reliably reproduce an error -- not to mention that in reading your posts out loud, I'm reminded of "Romy and Michele's High School Reunion".
And besides - it's not that I'm defining anti-intellectual -- it's that you don't think things like evidence and reason have anything to do with the quality of a comment. Your philosophy would be postmodern drivel, if only you could articulate it better than a third grader.
Using "eiden" for "eden" is clearly a typo. On the other hand, there are errors that reflect sloppy thinking and a more profound ignorance of the English language. They include making a singular noun plural by adding "'s", inadvertent double negation* , and substituting "most every" for "almost every". These more serious errors reflect poorly on the poster's education and reasoning ability: any rational person would want to correct them. But when a poster, instead of learning from his errors, embraces or dismisses them, he is attacking learning and reason, and is an anti-intellectual. Everyone should discount his opinions; these opinions are not based on fact or reason.
Anyone interested in being taken seriously should be interested in learning about his errors. Pointing these errors out educates those who want to learn, and warns others about those who don't value learning.
Ah, so your one of those people who have nothing better to do than correct typo's(and spelling mistakes). Do you really think someone who has a disability regarding spelling or has english as a second language respects you more because you can spot a spelling error? It would be like you pointing out that a blind person missed you walking down the street? Ya, he's impressed!
If a poster is simply ignorant of English grammar, the pointer will be appreciated. On the other hand, if a poster just don't care, the pointer serves as a warning to others. Willful ignorance of basic grammar is the mark of a demented anti-intellectual, one whose thoughts shouldn't be taken seriously.
Nobody "deserves" regressions. That's a stupid mentality. Users who don't know a thing about web standards should be lauded for actually clicking the "update" button; why should they be punished by having their favorite web pages break? So what if the developers are lazy? That's not the user's fault.
As some of the few people who know what we're doing, we have a duty to make life as easy as possible for those who can't help themselves. Not point, laugh, and say "hahaha. That dry cleaner should have known the new version would ignores CSS2.5.4.6 paragraph 2. He deserves to not be able to do his online banking for a few weeks."
In the real world, we can't create web pages that are functional, attractive, portable web pages that don't contain browser-specific workarounds. Programming to standards and having a page work everywhere, so far, has been a pipe dream, and IE8 won't change that overnight.
Microsoft's original proposal was the least bad option: codify and standardize the existing practice of using browser-version switches and various quirks modes.
No. The OP's point was that this move will cost them users. Either nobody will adopt IE8, at which point Microsoft can say, "look, EU, I tried, but nobody wants this thing!" or intranet users will upgrade, see their internal applications break, and while fixing them, consider other browsers. Some of these users will switch.
Your comment is garbage. You're thinking like a freshman at a second-rate school. Encapsulation (which is what you're talking about) is not something exclusive to object-oriented languages, or even object-oriented design, but a general principle of good program design.
What WebKit is doing is both unfair and bad code design -- it amounts to a layering violation. WebKit, be it written in Forth, Lisp, C or BASIC, should use the same APIs available to any other application.
So you'd rather have the thermodynamic inefficiency of distributed generation than the bureaucratic inefficiency of centralized generation? I'll take the huge nuclear plant, thankyouverymuch.
I'm not talking about forcing calculus on the poor kid. We're talking about memorizing a password, a short arbitrary series of letters. Reading, which I imagine this seven year old is capable of, involves exactly the same mental faculties. What's the difference between remembering that "kitten" means [baby cat] and "agjnad" means [password for computer]? Heck, if anything, it's a wonderful opportunity to teach the child about memnotics.
The notion that a seven year old can't learn a password is an insult to the child's intelligence. We can't lower the bar forever! Ever wonder why grade-school children in Japan learn calculus, while most in the United States wait until college?
Just tell the child to memorize a password already. Anyone capable of using a computer ought to be able to remember a password or two, and indulging anything less is just catering to intellectual sloppiness. I'm sorry to be harsh, but when we make things increasingly easy for kids, we end up increasingly incapable adults.
No, you still can't, because the whole system relies on a set of pre-shared public root keys. You can't fake a certificate saying "I'm Verisign, and I promise this is eBay.com" even if you can control the IP address eBay.com resolved to. It doesn't work that way.
If you can control the client, yes, you can disable certificate warnings, but that doesn't really count as having broken SSL.
A MITM attack on SSL is only feasible if you don't care that the client sees the wrong certificate. Sure, this fancy logic board of yours can handle the wire protocol, but it can't fake an RSA key, and any good SSL program will tell the user about the kind of deception you describe.
Slashdot Mirror
Unprivileged programs can connect to ports under 1024; they just can't listen on these ports. How would normal users run HTTP and FTP clients otherwise?
Good point, though the same effect could also be achieved with conventional unix security. I only wanted to debunk the idea that the browser being unable to write system files makes the system invincible.
Users need no special permissions to run executables, and for most people, rm -rf $HOME would be as disastrous as rm -rf /. If we're talking about malware, it's trivial to get a user program to run on login without administrative privileges.
The only viable long-term solution is to put email clients, web browsers, and other sensitive programs each in their own separated, limited environments to contain any damage. The approach works for network servers; why not for clients?
You're not right. There's nothing preventing any user from setting up executables directly in his home directory; hell, back in my shell account days, I must have had the equivalent of a pretty good-sized unix system in ~/bin, ~/usr and ~/var.
Your solution simply does not address the dancing bunnies problem.
You are conflating computer science and computer engineering, just like almost everyone. A "C++ teacher" is not teaching computer science, but computer engineering, whereas an algorithms professor is teacher computer science, but not computer engineering.
Any class that requires the instructor to know actual coding is, on its face, a computer engineering class (though it may also be a computer science one.) Ugh.
In the hard sciences, labs and lectures are often separate classes with different instructors and grades. I think computer science departments need to create the same separation.
I use qotd all the time, you insensitive clod!
Seriously, it's a pity such a memorably low port number was allocated to such a useless service. Does IANA have a port revocation policy?
I read that thread; IIRC, downthread, people complain that posix_fadvise doesn't yet have the needed semantics.
See posix_fadvise. Using that API, a process can have as much control over a file as it needs; too bad the kernel does basically nothing with that information.
And have speed limits actually reduced the number of fatalities? Or have they simply made most people minor criminals?
In a democracy, laws, as long as they respect basic pre-agreed-upon rights, should reflect the wide gamut for opinion. In a democracy, what other legitimate criterion is there? The low speed limits in the US are the fault of the screeching few, and that nearly everyone speeds is simply a public rejection of the law.
Oddly enough, I've noticed that while my female friends couldn't care less about most games, they go absolutely crazy over The Sims. Perhaps this effect has something to do with that game's popularity.
It's funny how those troll mods only appeared after I started arguing with somebody who mentioned using modpoints upthread. Those sockpuppets of yours won't do any good. Also, the original typo was "eaden", not "eiden". It speaks volumes that you can't even reliably reproduce an error -- not to mention that in reading your posts out loud, I'm reminded of "Romy and Michele's High School Reunion".
And besides - it's not that I'm defining anti-intellectual -- it's that you don't think things like evidence and reason have anything to do with the quality of a comment. Your philosophy would be postmodern drivel, if only you could articulate it better than a third grader.
Using "eiden" for "eden" is clearly a typo. On the other hand, there are errors that reflect sloppy thinking and a more profound ignorance of the English language. They include making a singular noun plural by adding "'s", inadvertent double negation* , and substituting "most every" for "almost every". These more serious errors reflect poorly on the poster's education and reasoning ability: any rational person would want to correct them. But when a poster, instead of learning from his errors, embraces or dismisses them, he is attacking learning and reason, and is an anti-intellectual. Everyone should discount his opinions; these opinions are not based on fact or reason.
Anyone interested in being taken seriously should be interested in learning about his errors. Pointing these errors out educates those who want to learn, and warns others about those who don't value learning.
* as in the first sentence of your own post
If a poster is simply ignorant of English grammar, the pointer will be appreciated. On the other hand, if a poster just don't care, the pointer serves as a warning to others. Willful ignorance of basic grammar is the mark of a demented anti-intellectual, one whose thoughts shouldn't be taken seriously.
Nobody "deserves" regressions. That's a stupid mentality. Users who don't know a thing about web standards should be lauded for actually clicking the "update" button; why should they be punished by having their favorite web pages break? So what if the developers are lazy? That's not the user's fault.
As some of the few people who know what we're doing, we have a duty to make life as easy as possible for those who can't help themselves. Not point, laugh, and say "hahaha. That dry cleaner should have known the new version would ignores CSS2.5.4.6 paragraph 2. He deserves to not be able to do his online banking for a few weeks."
In the real world, we can't create web pages that are functional, attractive, portable web pages that don't contain browser-specific workarounds. Programming to standards and having a page work everywhere, so far, has been a pipe dream, and IE8 won't change that overnight.
Microsoft's original proposal was the least bad option: codify and standardize the existing practice of using browser-version switches and various quirks modes.
No. The OP's point was that this move will cost them users. Either nobody will adopt IE8, at which point Microsoft can say, "look, EU, I tried, but nobody wants this thing!" or intranet users will upgrade, see their internal applications break, and while fixing them, consider other browsers. Some of these users will switch.
By the way - it's "lose", not "loose".
Your comment is garbage. You're thinking like a freshman at a second-rate school. Encapsulation (which is what you're talking about) is not something exclusive to object-oriented languages, or even object-oriented design, but a general principle of good program design.
What WebKit is doing is both unfair and bad code design -- it amounts to a layering violation. WebKit, be it written in Forth, Lisp, C or BASIC, should use the same APIs available to any other application.
Then why does WebKit come with the binary-only blobs TFA mentions?
So you'd rather have the thermodynamic inefficiency of distributed generation than the bureaucratic inefficiency of centralized generation? I'll take the huge nuclear plant, thankyouverymuch.
I'm not talking about forcing calculus on the poor kid. We're talking about memorizing a password, a short arbitrary series of letters. Reading, which I imagine this seven year old is capable of, involves exactly the same mental faculties. What's the difference between remembering that "kitten" means [baby cat] and "agjnad" means [password for computer]? Heck, if anything, it's a wonderful opportunity to teach the child about memnotics.
The notion that a seven year old can't learn a password is an insult to the child's intelligence. We can't lower the bar forever! Ever wonder why grade-school children in Japan learn calculus, while most in the United States wait until college?
Just tell the child to memorize a password already. Anyone capable of using a computer ought to be able to remember a password or two, and indulging anything less is just catering to intellectual sloppiness. I'm sorry to be harsh, but when we make things increasingly easy for kids, we end up increasingly incapable adults.
Has anyone checked out whether Sessions has any personal interest in this bill, or whether he might be getting a kickback?
Of course you can "sniff" traffic as web operator. As a cashier, you can open the cash drawer. What's the point?
No, you still can't, because the whole system relies on a set of pre-shared public root keys. You can't fake a certificate saying "I'm Verisign, and I promise this is eBay.com" even if you can control the IP address eBay.com resolved to. It doesn't work that way.
If you can control the client, yes, you can disable certificate warnings, but that doesn't really count as having broken SSL.
A MITM attack on SSL is only feasible if you don't care that the client sees the wrong certificate. Sure, this fancy logic board of yours can handle the wire protocol, but it can't fake an RSA key, and any good SSL program will tell the user about the kind of deception you describe.