And don't tell me you are safe in Linux because you aren't running as root. A spambot/advertising-downloader-popup does not need to run as root.
As for your question - the IT staff are tasked for cleaning this up. I see it regularly at my sisters school (every kid has a laptop) when the latest worm/virus does the round, the entire school gets hit overnight.
At least with Windows there are people experienced to clean up the mess. Imagine going to prevention.com and it had a Firefox exploit which installed a rootkit/backdoor or whatver in Linux. Good luck finding someone knowledgeable enough to clean up a linux box. Not many exploits for Linux exist? This has nothing to do with the OS, (afterall, its the apps that have the exploits) but everything to do with its popularity. Of course, if its popularity was enough that such exploits were in the wild, then so would the pool of experienced people... But then you are in the same position as Windows, only you have split the pool of experienced people in half.
But what about legal things that are embarrassing? i.e guys like porn. They look at porn. Do you want everyone to see your entire porn browsing history? There are limits to what information you want known, legal or not.
For the majority of local applications, a threaded model is superior. This is because local applications can be "trusted" in the sense they don't need to run each child thread sandboxed etc, so they gain the benefits of greater efficiency without worrying about reduced security. A browser is quite a different beast - it is effectively an OS to run remote "applications" (read: web 2.0 style web sites). So it kind of makes sense to run each as a seperate process.
Windows the OS still runs each application in its own process. So it's not right to compare it to Chrome and argue that it doesn't use seperate processes, because it does - where it counts.
Yep, google earth and picasa install the same crap. Without asking. Call home apps that install without asking and start on boot and run in the background are NOT appreciated. I fuck them off pretty quick with 'autoruns'.
What makes you think those people seeking an alternative browser wouldn't have chosen Opera instead? (not open source, and frankly much better than both FF and IE IMHO).
Yes FF has a bigger market share than Opera, but Opera may have had that share if FF didn't exist, prompting MS to take the same action.
Why would anyone do this if such traffic is detected as p2p traffic and therefore throttled? You are depending on everyone doing this, then complaining about their throttled legitimate traffic - the solution is stop sending legitimate traffic like this, not get the ISP to lift the throttle.
"Dear ISP, I am deliberately making my legitimate traffic look like p2p traffic, and its getting throttled. I don't want to change my legimate traffic back to looking like legimate traffic because I also have p2p traffic and I'm hoping you will lift the throttling due to this complaint".
Basically, your proposal for a workaround is backwards.
This is a rant about micrsoft.*com* - the website (and related update sites etc). It isn't about Microsoft itself, or its applications and operating systems. It's about the usability of the microsoft.com website and download services - which are probably largely outsourced to a few kids in India. It has nothing to do with "how bad Vista is" or lessons learned from XP.
Grab a custom.css file from userstyles or the ilk. I've tweaked it to display:none *all* of the application related spam in my feed, as well as advertisements. It's quite easy to do, as the app junk has its own class. It makes a huge difference - I now only get user generated details in my feed (eg photo updates, comments, status updates etc).
Re:Yeah, if the Winbox and Mac are separate machin
on
OS X Snow Leopard Details
·
· Score: 4, Insightful
"That doesn't help with dual-boot PCs"
The GP was referring to a 'coporate' environment. It's pretty rare to have dual boot machines, it's either one or the other, with networked resources. If you want to dual boot, your data would still be stored on remote servers and accessed via CIFS/whatever in a corporate environment anyway.
I've often wondered about peoples claim to colour blindness and their inability to distinguish red/green etc. While I'm sure they both look brown to them or whatever, surely the red and green would look like a different shade of brown? ie, red + green = dark brown + light brown, and they would still be able to open the lock. ?
Just wanted to add to the comments about Opera being a far better browser, and have just released 9.5. Judging by the comments so far, I gather I'm not the only one who sees it as the superior browser, it really deserves more attention here.
G-mail's searching is fast because it is indexed. If you want fast searching of your emails on your desktop, use a 'desktop search' client, such as the search indexer included in Vista. It is just as fast.
I think Exchange integration is the big one that most other similar clients lack. Being able to schedule a meeting and have it show in a shared calendar, book rooms etc, its pretty much required by any decent sized organisation and I haven't seen anything that comes close to replacing it.
That is not the definition of zero day. If you are going to condemn people for using it incorrectly, at least use it correctly yourself. The 'zero day' status merely refers to how long the exploit has been known - the 'zeroth' day being the day it is publicly disclosed. This day is important due to the fact it is basically impossible for people to be patched against the vulnerability on this day. In other words, tomorrow this will no longer be a 'zero day exploit'. (no doubt it was disclosed several days ago and isn't a zero day exploit today either).
Games are not vulnerable to the 'analog hole'. The game has to execute, not just display on a screen and potentially be captured and recorded. You can have a secure boot process, the bios will only boot if the TPM validates it.. the bios then decrypts and validates the OS... the OS then decrypts and validates the game etc. Any modifications done to 'crack' the game and the 'secure path' is broken and the previous step refuses to decrypt and run it.
The only way to get around it is to have a 'cracked' TPM chip, which could be next to impossible to achieve.
If they have sufficient access to rename a file, why bother rebooting into windows? Just read/write whatever you want when you have the initial disk access. Hell, modify ntoskrnl etc if you really want to.
Taking this approach, you would almost always donate to a GUI based project. The 'most useful' is going to be something you interact with, and not something behind the scenes like the kernel - regardless of how much extra effort may be required for one over the other.
The reason for the name 'Frank Shoemaker' is simply that it contains the letters for the 2nd code of 'employee number base sixteen' - ie the 'noise' helps to determine the subsitution cipher. The full decoding is over here: http://news.ycombinator.com/item?id=192296
Slashdot Mirror
try harder gabe.
Congratulations, you just restored the spambot which installed itself into your userspace area.
And don't tell me you are safe in Linux because you aren't running as root. A spambot/advertising-downloader-popup does not need to run as root.
As for your question - the IT staff are tasked for cleaning this up. I see it regularly at my sisters school (every kid has a laptop) when the latest worm/virus does the round, the entire school gets hit overnight.
At least with Windows there are people experienced to clean up the mess. Imagine going to prevention.com and it had a Firefox exploit which installed a rootkit/backdoor or whatver in Linux. Good luck finding someone knowledgeable enough to clean up a linux box. Not many exploits for Linux exist? This has nothing to do with the OS, (afterall, its the apps that have the exploits) but everything to do with its popularity. Of course, if its popularity was enough that such exploits were in the wild, then so would the pool of experienced people... But then you are in the same position as Windows, only you have split the pool of experienced people in half.
But what about legal things that are embarrassing? i.e guys like porn. They look at porn. Do you want everyone to see your entire porn browsing history? There are limits to what information you want known, legal or not.
For the majority of local applications, a threaded model is superior. This is because local applications can be "trusted" in the sense they don't need to run each child thread sandboxed etc, so they gain the benefits of greater efficiency without worrying about reduced security. A browser is quite a different beast - it is effectively an OS to run remote "applications" (read: web 2.0 style web sites). So it kind of makes sense to run each as a seperate process.
Windows the OS still runs each application in its own process. So it's not right to compare it to Chrome and argue that it doesn't use seperate processes, because it does - where it counts.
Yep, google earth and picasa install the same crap. Without asking. Call home apps that install without asking and start on boot and run in the background are NOT appreciated. I fuck them off pretty quick with 'autoruns'.
What makes you think those people seeking an alternative browser wouldn't have chosen Opera instead? (not open source, and frankly much better than both FF and IE IMHO).
Yes FF has a bigger market share than Opera, but Opera may have had that share if FF didn't exist, prompting MS to take the same action.
Why would anyone do this if such traffic is detected as p2p traffic and therefore throttled? You are depending on everyone doing this, then complaining about their throttled legitimate traffic - the solution is stop sending legitimate traffic like this, not get the ISP to lift the throttle.
"Dear ISP, I am deliberately making my legitimate traffic look like p2p traffic, and its getting throttled. I don't want to change my legimate traffic back to looking like legimate traffic because I also have p2p traffic and I'm hoping you will lift the throttling due to this complaint".
Basically, your proposal for a workaround is backwards.
This is a rant about micrsoft.*com* - the website (and related update sites etc). It isn't about Microsoft itself, or its applications and operating systems. It's about the usability of the microsoft.com website and download services - which are probably largely outsourced to a few kids in India. It has nothing to do with "how bad Vista is" or lessons learned from XP.
Grab a custom .css file from userstyles or the ilk. I've tweaked it to display:none *all* of the application related spam in my feed, as well as advertisements. It's quite easy to do, as the app junk has its own class. It makes a huge difference - I now only get user generated details in my feed (eg photo updates, comments, status updates etc).
Apparently Google already has protection against such "bombs":
http://googlewebmastercentral.blogspot.com/2007/01/quick-word-about-googlebombs.html
I have no idea how the algorithm detects such a bomb, but it appears to be pretty effective.
Yes - but:
Hackers defeat Zelda - 1 pt Hackers
Nintendo defends against hack - 1 pt Nintendo
Hackers defeat Nintendos defense - 1 pt Hackers
Wouldn't it be:
Hackers: 2, Nintento: 1
"That doesn't help with dual-boot PCs"
The GP was referring to a 'coporate' environment. It's pretty rare to have dual boot machines, it's either one or the other, with networked resources. If you want to dual boot, your data would still be stored on remote servers and accessed via CIFS/whatever in a corporate environment anyway.
I've often wondered about peoples claim to colour blindness and their inability to distinguish red/green etc. While I'm sure they both look brown to them or whatever, surely the red and green would look like a different shade of brown? ie, red + green = dark brown + light brown, and they would still be able to open the lock. ?
Just wanted to add to the comments about Opera being a far better browser, and have just released 9.5. Judging by the comments so far, I gather I'm not the only one who sees it as the superior browser, it really deserves more attention here.
G-mail's searching is fast because it is indexed. If you want fast searching of your emails on your desktop, use a 'desktop search' client, such as the search indexer included in Vista. It is just as fast.
I think Exchange integration is the big one that most other similar clients lack. Being able to schedule a meeting and have it show in a shared calendar, book rooms etc, its pretty much required by any decent sized organisation and I haven't seen anything that comes close to replacing it.
W.T.F?
That is not the definition of zero day. If you are going to condemn people for using it incorrectly, at least use it correctly yourself. The 'zero day' status merely refers to how long the exploit has been known - the 'zeroth' day being the day it is publicly disclosed. This day is important due to the fact it is basically impossible for people to be patched against the vulnerability on this day. In other words, tomorrow this will no longer be a 'zero day exploit'. (no doubt it was disclosed several days ago and isn't a zero day exploit today either).
Games are not vulnerable to the 'analog hole'. The game has to execute, not just display on a screen and potentially be captured and recorded. You can have a secure boot process, the bios will only boot if the TPM validates it.. the bios then decrypts and validates the OS... the OS then decrypts and validates the game etc. Any modifications done to 'crack' the game and the 'secure path' is broken and the previous step refuses to decrypt and run it.
The only way to get around it is to have a 'cracked' TPM chip, which could be next to impossible to achieve.
If they have sufficient access to rename a file, why bother rebooting into windows? Just read/write whatever you want when you have the initial disk access. Hell, modify ntoskrnl etc if you really want to.
Taking this approach, you would almost always donate to a GUI based project. The 'most useful' is going to be something you interact with, and not something behind the scenes like the kernel - regardless of how much extra effort may be required for one over the other.
The reason for the name 'Frank Shoemaker' is simply that it contains the letters for the 2nd code of 'employee number base sixteen' - ie the 'noise' helps to determine the subsitution cipher. The full decoding is over here: http://news.ycombinator.com/item?id=192296