Yes. It's still an exploit. At least Opera throws up a warning.
Can you explain to me how following the standard is an exploit? I think it's great that Opera has a warning, but Mozilla shows exactly the URL that you clicked on in the location bar. What is it that you think they should do?
I agree! In fact, I'd like to see people required to pass a test and get a license whenever they want to tow a trailer or drive any sort of oversized vehicle. I'll admit that the SUV's have it both ways, that's why I bought one. My RV weighs 7000 before it's loaded and I think that I should be required to prove that I know what I'm doing behind the wheel. However, the problem isn't just about SUVs. People can (and do) buy medium duty trucks (which bear a striking resemblance to semis) and can pull an RV trailer and put a boat trailer on the back of that.
Yeah, as soon as those tonka toys get enough power to pull my trailers and haul my family at the same time, I'll be able to get rid of that gas guzzler. My pet peeve is people who think they understand my motive behind owning an SUV!
The mistake is the lack of Manufacturing software, like CAD/CAM systems, Quality Analysis systems and other extremely important engineering and design software. -- Get Catia and Unigraphics as well as the other software I mentioned to be fully supported and released on Linux and then there will be nothing stopping Linux from hitting the desks of the manufacturing industry.
You start to make a great point and then limit it to a select group of users. Specialty software exists in many domains. I'm doing Video Editing and DVD burning. Sure there may be stuff out there for Linux, but last I looked it required finding and combining a bunch of different packages. I have a nice audio processing app that runs on Windows. They don't have a version for Linux. My wife has a specialty program that helps her design quilts...not available on Linux. She also has an embroidery machine with very expensive embroidery software for Windows. That's not to mention the gaggle of games we have that run on Windows Sure, there are bunches of games for Linux...but we already own tons for Windows. I hate Windows as much as anybody...but right now the world is tilted that way and it's just simply to inconvenient to let that hatred take over and get rid of Windows.
Re:Baked a SUN server once
on
Baked Apple
·
· Score: 1
I would think that if you bake apples, you should attempt to make tea with the SUN.
Actually, I think this is a good suggestion. Maybe even make one of the books into a movie. If you are a DS9 fan, the book "Fallen Heroes" is a great read and I think would make a fantastic movie.
There is a pref for it, but there is also a plugin (that will install from a webpage!) that will allow you to change it on the fly. go to http://uabar.mozdev.org
Call it stupid if you want, it doesn't change the fact that the mugger broke the law and should be punished the same as the mugger who attacks outside a fancy restaurant.
It seems to me that PKI could solve the e-mail problem using white lists without the problem of missing e-mails because an acceptable sender is not on a white list. I'm curious as to what slashdotters think of this solution:
The first issue is that I don't see changing billions of MUAs. Therefore, mail servers must still accept SMTP traffic from their clients. However, they would not talk SMTP to each other (at least not in the final solution). First, they would have to authenticate themselves to one another. Then, one mail server would not accept a message from another server without a key authorizing the sender (end user) to send messages to the recipient. If the sending server has no such key, an intermediate message would be sent to the receiving server requesting a key. This message would only contain identifying information about the sender that could be passed on to the end user (recipient). The receiving server would create a normal e-mail message saying that someone for whom no key exists is attempting to send email. The recipient can then forward the message to one of two known addresses that correspond to the receiving mail server (such as accept@smtp.domain.com or reject@smtp.domain.com). The receiving mail server can then send a key to the sending mail server to allow it to send the message with a key, or send a rejection message to the sending mail server. Note that the message itself must be held on the senders mail server until they possess a key with which to send a message. A mechanism would have to exist to allow the end user to revoke a key, in which case a receiving mail server could respond to a sending mail server with a revocation message when it receives such a key.
Since we can't flash cut all of the mail servers in the world at once, the new mail servers would still communicate with standard SMTP if its peer does not yet support the new protocol. Even then, messages accepted via SMTP can be flagged as such by the server, providing a mechanism for MUAs to see that a received message was not authorized. ISPs and end users can handle that case as they do today. If standard headers are used to mark the messages generated by your mail server to ask about accepting or rejecting a sender, MUAs will begin to code for those headers, creating pretty GUIs to handle those requests instead of having the user respond to messages as if it were standard email.
While spammers could try to fake the identity information in requesting a key, I don't think that it would be likely that they could provide something that would make me think that it was a legitimate email. And if they could, they'd only get one through before I revoked the key and subsequent ploys would most likely fail.
The key feature here (pardon the pun) is that the MUAs don't have to deal with key creation, etc. Since traffic between the MUAs and the MTAs remains the same, MTAs could be swapped for ones using the new protocol without any impact to the ISPs customers.
I don't think that this counts as an exception. I believe that the original poster was talking about process. The average person does not simply update the code base because the maintainer of the package reviews code to be added as part of a process. If there's a security breach, that doesn't qualify as an exception to the process.
He mentions how snappy Windows NT is even on a Pentium 90 box. No way that Gnome or KDE, which are the closest we have to a integrated desktop environment, can ever beat that. Actually I was running Linux/Gnome on a Pentium 66 with 32MB of memory. Will NT even install on such a machine?
Slashdot Mirror
Yes. It's still an exploit. At least Opera throws up a warning. Can you explain to me how following the standard is an exploit? I think it's great that Opera has a warning, but Mozilla shows exactly the URL that you clicked on in the location bar. What is it that you think they should do?
I agree! In fact, I'd like to see people required to pass a test and get a license whenever they want to tow a trailer or drive any sort of oversized vehicle. I'll admit that the SUV's have it both ways, that's why I bought one. My RV weighs 7000 before it's loaded and I think that I should be required to prove that I know what I'm doing behind the wheel. However, the problem isn't just about SUVs. People can (and do) buy medium duty trucks (which bear a striking resemblance to semis) and can pull an RV trailer and put a boat trailer on the back of that.
Show me the minivan that will pull my 7000 lb trailer
Yeah, as soon as those tonka toys get enough power to pull my trailers and haul my family at the same time, I'll be able to get rid of that gas guzzler. My pet peeve is people who think they understand my motive behind owning an SUV!
The mistake is the lack of Manufacturing software, like CAD/CAM systems, Quality Analysis systems and other extremely important engineering and design software. -- Get Catia and Unigraphics as well as the other software I mentioned to be fully supported and released on Linux and then there will be nothing stopping Linux from hitting the desks of the manufacturing industry. You start to make a great point and then limit it to a select group of users. Specialty software exists in many domains. I'm doing Video Editing and DVD burning. Sure there may be stuff out there for Linux, but last I looked it required finding and combining a bunch of different packages. I have a nice audio processing app that runs on Windows. They don't have a version for Linux. My wife has a specialty program that helps her design quilts...not available on Linux. She also has an embroidery machine with very expensive embroidery software for Windows. That's not to mention the gaggle of games we have that run on Windows Sure, there are bunches of games for Linux...but we already own tons for Windows. I hate Windows as much as anybody...but right now the world is tilted that way and it's just simply to inconvenient to let that hatred take over and get rid of Windows.
I would think that if you bake apples, you should attempt to make tea with the SUN.
Actually, I think this is a good suggestion. Maybe even make one of the books into a movie. If you are a DS9 fan, the book "Fallen Heroes" is a great read and I think would make a fantastic movie.
There is a pref for it, but there is also a plugin (that will install from a webpage!) that will allow you to change it on the fly. go to http://uabar.mozdev.org
Call it stupid if you want, it doesn't change the fact that the mugger broke the law and should be punished the same as the mugger who attacks outside a fancy restaurant.
The first issue is that I don't see changing billions of MUAs. Therefore, mail servers must still accept SMTP traffic from their clients. However, they would not talk SMTP to each other (at least not in the final solution). First, they would have to authenticate themselves to one another. Then, one mail server would not accept a message from another server without a key authorizing the sender (end user) to send messages to the recipient. If the sending server has no such key, an intermediate message would be sent to the receiving server requesting a key. This message would only contain identifying information about the sender that could be passed on to the end user (recipient). The receiving server would create a normal e-mail message saying that someone for whom no key exists is attempting to send email. The recipient can then forward the message to one of two known addresses that correspond to the receiving mail server (such as accept@smtp.domain.com or reject@smtp.domain.com). The receiving mail server can then send a key to the sending mail server to allow it to send the message with a key, or send a rejection message to the sending mail server. Note that the message itself must be held on the senders mail server until they possess a key with which to send a message. A mechanism would have to exist to allow the end user to revoke a key, in which case a receiving mail server could respond to a sending mail server with a revocation message when it receives such a key.
Since we can't flash cut all of the mail servers in the world at once, the new mail servers would still communicate with standard SMTP if its peer does not yet support the new protocol. Even then, messages accepted via SMTP can be flagged as such by the server, providing a mechanism for MUAs to see that a received message was not authorized. ISPs and end users can handle that case as they do today. If standard headers are used to mark the messages generated by your mail server to ask about accepting or rejecting a sender, MUAs will begin to code for those headers, creating pretty GUIs to handle those requests instead of having the user respond to messages as if it were standard email.
While spammers could try to fake the identity information in requesting a key, I don't think that it would be likely that they could provide something that would make me think that it was a legitimate email. And if they could, they'd only get one through before I revoked the key and subsequent ploys would most likely fail.
The key feature here (pardon the pun) is that the MUAs don't have to deal with key creation, etc. Since traffic between the MUAs and the MTAs remains the same, MTAs could be swapped for ones using the new protocol without any impact to the ISPs customers.
I don't think that this counts as an exception. I believe that the original poster was talking about process. The average person does not simply update the code base because the maintainer of the package reviews code to be added as part of a process. If there's a security breach, that doesn't qualify as an exception to the process.
He mentions how snappy Windows NT is even on a Pentium 90 box. No way that Gnome or KDE, which are the closest we have to a integrated desktop environment, can ever beat that.
Actually I was running Linux/Gnome on a Pentium 66 with 32MB of memory. Will NT even install on such a machine?