Slashdot Mirror


User: goombah99

goombah99's activity in the archive.

Stories
0
Comments
5,555
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 5,555

  1. Hardware Emulation instead? on WINE for Mac OS X in Development · · Score: 1
    Since you bought up the problem of cost why not make a PCI bus card or a firewire box that has a PC in it? A nice 386 PC or maybe even a pentium.

    the think is people are not going to be buying zillions of these things. So it may well be affordable at say 100 or 200 dollars to just get a hardware device rather then a slow software emulation. Now youjust have to emulate the bios and map the mac's IO onto the PC.

  2. Better Than A Fake Name On the Card on Stores Use Discount Cards To Notify Of Recall · · Score: 1
    To obfuscate by purchasing record, I too used to use a fake name. Then I came up with a better idea I nicknamed "strangers on a train" after the plot of the hitchcock movie.

    When you meet someone who has privacy right concerns, offer to exchage store-cards with them. Rinse lather repeat.

    ideally you will only use any one card four or five times before you end up trading with another person. All your shopping habits get co-mingled.

  3. Mike Rowe Soft is officially dead on Slashback: MyCrowzOft, Inundation, Taxation · · Score: 2, Informative

    Mike Rowe is taking down mike rowe soft because due to all the "helpful" traffic he could not pay the internet bandwidth bill. I submitted this story to slashback but the dumb editors rejected it and instead claim slashdots publicity helped the poor guy. sheesh want incredible self serving disinformation; is karl rove working for Slashdot now?

  4. Good for HP, good for consumers on Microsoft Unhappy With HP's iTunes Decision · · Score: 4, Insightful
    Its a fairly standard bussiness tack. Want to break into a new area, license an indirect competitor's technology. Example: honda wanted to create the passport, a small SUV, so the first two years the re-badge an isuzu rodeo. Then they are in the market early and have the time to develop their own machine.

    In this case it serves another bussiness strategy. Windows Computers are commodities, and among brands with a rep for quality the only distinguishing feature is low price. Dell or HP: buy the cheaper. The only way to beat this game is the way apple does it: differentiate yourself. If you buy dell then you are buying WMA. if you are buying HP you are buying into AAC. One presumes that the computer will come with software that makes it work slightly better with its native player.

    Finally it looks like AAC is about to win. Nokia, panasonic, amybe even RealPlayer are all going to support AAC.

    so HPs move is good for HP. They get room to develop their own. they are in the market early with no R&D costs and differnetiate themselves from dell.

    consumers of course benefit too. HP and others will eventually be making players to compete with ipods. That will bring down prices.

  5. Final scratch on Video Scratching Goes Mainstream · · Score: 3, Informative
  6. No its just Christmass Cookies on ISS May Have A Leak · · Score: 0
    I figure they each put on five or ten pounds over the christmass holiday---no doubt thatdocked cargo ship had a gallon of eggnog in it.

    To create that fat, they would have to consume oxygen from the air which might look like a leak.

    or maybe I'm full of crap.

  7. Dont need 64 bit OS on 90nm 3GHz PPC 970FX by Summer · · Score: 4, Interesting
    Why do you need a 64 bit OS? What does the OS do that requires 64 bits. It will be more stable and have better backwards compatibility just to leave it 32 bit mostly, and tweak around the edges for speed. I would guess that if anything unoptimized 64 bit code would be slower than 32 bit code since its bound to be pulling unneccessarily long instruciton and data words from memory.

    My understanding is that applications are free to use 64 bit instructions if they wish.

    Am I mistaken? Does the system, stack organization or memeory management some how preculde the use of 64 bit instructions?

  8. Apple coming out with new batteries on Washington Post Covers iPod Battery Ruckus · · Score: 2, Informative
    According to mac rumors, apple has 1) dropped their main battery supplier and 2) is moving from Li-polymer to a fluidic batter.

    sounds like apple is taking the steps they need to be taking, they just dont have a fix yet. On the other hand I think this battery bussiness is not so widespread but just a few defective ones. I know loads of people with ipods that have no problems.

  9. The IE hole on ... And the Hits Just Keep On Coming · · Score: 5, Informative

    This post is offtopic to apple abut relevant to security and quick trurn arrounds. The scammers have done a quick turnaround on the announced but not officially patched IE security flaw. The balleyhooed IE URL spoof using %01 has now officially debuted in the wild. I got my first fake Billing statement today witht he following URL
    https://www.earthlink.net%01@211.154.171.106/li_pi n/verification/step1_e.htm
    (mind the break inserted by the lameness filter!)
    I'll leave it to compare with Microsoft versus Apple response times, but I will mention the following. In many industries when a safety standard becomes established or ubiquitously improved it becomes the new legal definition of "reasonable and prudent action". I know many ski areas for example dont mark all the hazards because they dont want hazard marking to become an expectation and a get their asses sued if they dont do it well. In this case I think apple is setting standards for bug fixes that leave microsoft ripe for a suit by someone who get screwed by one of their slow responses to security issues

  10. Seems to work fine on mac on Wal-Mart Music Download Service Launches · · Score: 2, Interesting
    Thier site specifically says it wont work with apple. I just tried out their 30 second song trials using safari/panther and safari played them just fine automatically opening them in Windows Media player 9. I did not try using the shoppiong cart or buying any songs, so maybe the DRM in the downloadable verions wont work in WMP9 on macs. I cant say.

    I did notice their song collection is pretty sparse. For example look at keb' mo and I see two songs listed for download and the rest marked "not available". Also cant buy any of his complete CDs either just individual songs

    many of the songs are edited for content as well. iTunes does this too but offers the originals as well. Also Walmart acknowledges they pull songs they just dont like regardless of specificly "dirty" lyrics (ask sheryl crow).

    Is this good or bad for apple. I'd say good. First was wolworth used to say he liked it when the competion moved next door cause it tended to grow the market. At the same time, it completely guts the profit for all the marketers on the windows side of the house. They will be in ruinous competition. Walmart in their usual strategy just drills out the center. That is, they sell all the millions of brittant and justin albums and leave the onesy-twosey sales of nine-inch nails to Napster. Napster eats it on overhead mamanging diversity and wallmart rakes it in. Meanwhile at the other end of the spectrum for people who want a good music store experience there is Apple gobbling up the quality market. Since apple now leads with 80% of online sales people will/should see the light and realize its the better choice for diversity.

    Meanwhile MS sits back, takes no risks at all but just lets others front its stores and push WMA. If it succeeds they'll swoop in and seize the market by changing WMA somehow and jacking up the royalties.

  11. Uh dude, mac's selling point is simplicity on Slashback: Unstranding, Xecurity, Spurning · · Score: 4, Interesting
    Mac's are so simple your grandma can use them. Heck even a theater arts major or political sci major can use them. Arguing that only sophisticated users use macs is oddly both crazy....and true. Its the same reason that both diserning car owners/racers and people who know nothing about car owners exept they want something sexy that works buy BMWs, mercedes and volvos.

    Windows people buy Pontiac Firebirds thinking they are powerful but really getting 4 cylinder peice of maintinence hell.

    linux users are like fiat owners. And people who re-program their honda's computers. Fun cars if you can keep up with the tweaking and constant search for parts.

    by the way did any one read that rebuttal on the DNS security hole. After you get past the neener neener bit the discussion on the DNS protocol makes the guy who reported it and the Slashdotters who slammed mac look like total idiots.

  12. XCODE update too! on iTunes 4.2 and QuickTime 6.5 · · Score: 1, Offtopic

    Xcode is updated as well

  13. Clever Marketing Dominance Idea on Off-The-Shelf Online Music Stores · · Score: 2, Interesting
    THis is really clever on microsofts part. Already their on-message press releases about iTuns have always crytically emphasized that users want flexibility. This of course never made any sense since WMA is not more flexible that AAC.

    But soon they will be able to say there are 9785+ competing online music stores selling WMA music versus just one place to get your AAC music. This will make a good sound bite. Even though all these are just MS shell companies and as soon as the profit is there MS will bring them into the fold. In the meantime everyone else gets to bear the risks, spend themarketing dollars. MS just collects checks.

  14. List of files affected by ARD update on Apple Updates G5 Firmware, ARD Client; Not MPEG-2 Decoder · · Score: 1
    Here is a list of all the files that changed on my computer after the update that had the words RemoteDesktop or ARD in them.

    /System/Library/CoreServices/ARD Agent.app/Contents/Resources/RemoteDesktopAgent
    /System/Library/CoreServices/Menu Extras/RemoteDesktop.menu
    /System/Library/PreferencePanes/SharingPref.prefPa ne/Contents/Resources/RemoteDesktop.bundle
    /System/Library/StartupItems/RemoteDesktopAgent
    /Applications/System Preferences.app/Contents/Resources/ARDSubstitute.p refPane
    /Library/Receipts/ARDClient124Update.pkg
    /System/Library/CoreServices/ARD Agent.app
    /System/Library/PreferencePanes/SharingPref.prefPa ne/Contents/Resources/RemoteDesktop.bundle/Content s/Resources/English.lproj/ARDBundle.nib

    I have no idea if other files such as xinit and rc files that might start these services were affected by the update. I dont know if there are other ARD files not affected by the update and I dont know if its safe to remove these.



    I would like to know where the settings to turn on and off the ARD service are. I dont see them in the System Sharing preferences or in any other obvious place. I'd like to know what ports it uses to invoke itself remotely or to communicate. I'd like to know how to set my firewall using apples firewall gui to block this (manually setting the firewall seems to cause the apple gui to quit and go home).

  15. Apple Remote Desktop Client looks sinister on Apple Updates G5 Firmware, ARD Client; Not MPEG-2 Decoder · · Score: 1
    yikes this is a bit unnerving. After installing it I just executed
    find --mtime 1 / | grep -i remote
    and here is what I found: a startup time service.

    /System/Library/CoreServices/ARD Agent.app/Contents/Resources/Remote Desktop.icns
    /System/Library/CoreServices/ARD Agent.app/Contents/Resources/RemoteDesktopAgent
    /System/Library/StartupItems/RemoteDesktopAgent

    this cant be good. It seems to be on by default as there is no preferences to control it. It looks like the client is a slave to some other user. So how does this work. If someone guesses my password do they own my desktop?

  16. Its side ways: gonna roast on Upgrade Mac Cube to G5 Look · · Score: 4, Insightful

    Since the plugs that were on the bottom of the cube are now on the back side of this puppy (and the top side on-button is now on the front) its pretty clear this thing is sideways. Since the cube was cooled only by convection this thing is gonna roast.

  17. Spoofing the billboard on Smart Billboards · · Score: 5, Interesting
    I think these things work by detecing the radiated IF leakage from your radio (an old spy trick). But it also means you could spoof one of these. Just put a leaky battery powered radio right near the billboard.

    this way I could get the bill board to restrict its selection to topics. If my Ad was in that rotation then I probably just improved its visibility five or ten fold. I could sell that to people who place ads.

  18. firmware password unsecure: Horrors!!! heavens!!!! on PC Mag - Mac OS X Insecure · · Score: 3, Insightful
    Several people have replyed here to this partent suggesting that the only interprestation of this "default" setting is as a bug. Consider an analogous "bug". Macs ship with the firmware password turned off.

    This means anyone can walk up to your machine and boot it into single user mode and completely root you.

    oh my god you mean someone with physical access could also somehow DNS spoof net info and get root access. Oh my alert the media.

    The point is where one draw the line between ease of intergration versus security becomes cloudy once one gets to the point of requiring physical access to engage in a hack. The ONLY thing that I see distinguishing these analogous root attacks is that most people are aware of the single-user boot attack and though it was well documented the DNS attack was not well known and thus could have surprised a lot of people.

    Fixing this now presents apple with a dilema. Consider that happens if they were to issue a security update that went around and turned off this feature. Suddenly all networks that had actually been using it suddenly stop working and some sysadmin has to figure out why then reconfigure every machine to turn it back on.

    Thus you can see why they have not rushed to change the default. But one assumes that they will ship NEW os's and new computers with it turned off in the future.

    this choice for easy configuration assuming the local network can be trusted dates back to the time of NFS. And NFS is still presents almost exactly the same potential security hole (if you remote NFS mount your home directory you just pulled your pants down, grabbed your ankles, and said "ah" if I can jack onto your network. ). NFS has not fixed this problem yet either cause doing so would break a lot of networks.

  19. What a bunch of crap on PC Mag - Mac OS X Insecure · · Score: 5, Insightful
    Uh the so-called mac hole has been known since the days of NeXT. Its not a whole it was a deliberate choice for default settings. And that's the key difference. Windows security holes are totally blind siding bugs, whereas this so-called hole was a well documented and well considered choice.

    Personally I would not have made that choice, but at least there was check box to turn off the default DNS trust. If only windows came with checkboxes to remove its bugs. And I dont mean like checkboxes that say "turn off scripting and cripple my browser please".

    In fact mac has not even fixed the so-called hole because its not neccessarily a mistake.

    In any case the SSH vulnerability, and the screen-locker vulnerability were in fact true holes created by mistakes. These are what should be scrutinized. But these did not lead to widesperead network worms at least. they did not arrise out of a insecure by desing attitude that pervades all the Active-X philosopy, the power-user-by-default philosophy, the standards crushing embrace-and-extend, the optional log-in password philosophy, or the add features rather than fix bugs philosophy that rightfully inspires all the anti-windows zealotry.

  20. what's the difference from C++ on Stanford Offers Cocoa Class · · Score: 1
    As I (poorly) understand it, the difference between Objective-C and C++ is mainly late binding (alal java), a few unimportant semantic changes, and a general simplification of some language idioms.

    What other changes are there? E.g. is there garbage colletion, is there refernce only calling.

    why would a C++ programmer want to program in objective C or vica versa?

  21. Caveat Emptor on Emachines 64-bit Athlons Now On Sale · · Score: -1
    Athalons can be poo too. They have this awful tendency to overheat. I think this is probably not entirley AMDs fault. Its more likely tha tbecause AMDs end up in bottom of the line machines that they tend to wind up with bottom of the line heat sinks, case flow designs, fan laminations, etc...

    Emachines are poo => roasted athalon

  22. Emacs key bindings on BBEdit 7.1 Adds Safari-Based Preview · · Score: 1, Informative
    I have truly loved bbedit but am thinking of phasing it out in favor of the xcode IDE.

    The thing I really miss in bbedit is the lack of emacs key bindings. So many times I want to just kill a line with a key stroke rather than selecting and cutting it.

    bbedit is really showing its roots as a carbon app by not having these things which all other text windows in OS X have.

    The other thing I'd like would be a nice context sensitive pretty-indent for computer languages. Emacs binds this to the tab-key but bbedit does not seem to have it. which is odd since it does have context sensitive coloring so you know its language aware.

    I dont really care too much about the proliferation of exotic special use features without some of these more basic universal editing features.

  23. why not e-stamps? on Examining an Automated Spam Tool · · Score: 4, Interesting
    How come the idea of e-stamps is not getting any traction? The concept is that you are assessed a small charge for sending unwanted mail.

    I dont see what the technical or social barriers are. For example, it would not require any change in the way mail is transported. Instead it would all be handled by the recipient's browser.

    consider the following straw man scheme. I send you an e-mail.
    1) If I am in your white list the e-mail is accepted.
    2) if not then the e-mail is examined for a signed, serial numbered e-stamp and if present a short message is sent to central post office to debit the senders account one penny, and a receipt is returned to my e-mail program which then lets the message in.
    3) Finally if the message does not contain a stamp and is not white listed, the message is put in a spam folder and a memo sent to the sender (me) telling me that I need to request permission to send e-mail.

    The last step is how for example Earthlink's highest level spam blocker works. If most messages are spam then of course it doubles the total number of messages sent, but does not double the total message sizes or hand shaking. To the extend that it works, the post offices will only be consulted if the sender is not in the white list so unused stamps can be reclaimed. Moreover one could have the option of refunding the senders stamp if the message were welcome.

    I dont see what the sociologocal or technical hurdles are. Not every one has to be using the stamp processing client program. When stamps are not present it defaults to the earthlink system. When they are is skips that nuiscance.

    the best part is that legitimate direct mailers might very well be willing to pay the postage to send you an advertisment but presumbaly in many cases these would be targeted ads to people with potential interest.

  24. salt and recursive crypt on The Death Throes of crypt() · · Score: 2, Insightful
    They have a database of all possible hashes. Your scheme would mean that an attacker would have to do three lookups, instead of one.

    No its not that simple. If it were just a database lookup then simply increasing the size of the salt a million fold would be all that was neccessary to foil any pre-computed attack. The important point in this article is that they it only takes 80 minutes to compute the crypts given the salt.

    thus one way to defeat this is to hide the salt as follows. The attack requires stealing the hashed password file. Each entry will be of the form

    SALT, HASH_code

    since the salt is given they could run their computer for 80 minutes and test 209 billion inversions of the hashcode. However if the stored item were instead: SALT2, crypt( SALT1, crypt(passwd)) then you would have to crack the first one to get the salt for the second. now iterate this.

  25. triple crypt lie DES on The Death Throes of crypt() · · Score: 1

    Why not do the same thing for crypt as was done for DES. DES became triple DES. just iterate it 3 times with different salts at each step. Unless there is something insecure about crypt itself, and the sandiego study does not say this, then this should foil any brute force attack like this for another hundered years.