Why not? Microsoft (though bigger and older), stands up to the DOJ all of the time, often playing Jedi Mind Tricks to pass off things that are knowingly wrong as correct.
Meanwhile, Google is in full compliance with the law, and believes that certain lawyers are overstepping their constitutional boundries by requesting data that they believe is not only a trade secret, but also an infringment of privacy. Sure, lawyers can sue them all they like, but Google has a very good shot at winning the case.
This also could bring up the question of constitutionality of releasing ISP records as well, and maybe finally companies will stop pussing out on the people that feed them and attempt to stand up for their customers.
Or maybe it's all just a pipedream and Google's just delaying the inevitable. Either way I commend them for standing up for my privacy.
To the original point of the article: You're staring down the barrel of a revolver half loaded, half not when it comes to upgrading CPUs these days. Sockets are flying by so quickly that you might only see two different cores and only 3-6 speed grades for each core (Banias->Dothon->new socket).
To me, computers are so damned fast now if you actually *need* to upgrade, you probably need to just get a new computer. Everything about these new Macs breathes cutting edge, from the new PC slot on the MacBook to both being entirely SATA (the only thing that ISN'T cutting edge is Firewire, and there's probably a very sound reasoning behind that such as chip availability (any current Intel ICHs with FW800?)), and so a lot of shifting and settling still has to occur. In that time, some of the standards today might meet the axe, and you're going to be SOL when trying to upgrade anyways. Just buy a quality computer and replace it every 3-5 years as nessicary (yes, if you're nerdy, go with every 18 months).
On the other hand, the numbers don't exist for OS X/x86 (publicly, yet). While you might get a general code performance idea, there are a lot of specific things that OS X does oddly that might cause one compiler to be "better" than another.
There are around 40 Mac-specific viruses and related threats.
++Mac users with [Microsoft] Word 6 or versions of Word/Excel supporting Visual Basic
for Applications, however, are vulnerable to infection by macro
viruses which are specific to these applications. Indeed, these
viruses can, potentially, infect other files on any hardware
platform supporting these versions of these applications. I don't
know of a macro virus with a Mac-specific payload that actually
works at present, but such a payload is entirely possible.
++[Microsoft] Office 98 applications are in principle vulnerable to most of the
threats to which Office 97 applications are vulnerable.
Funny. 40 Mac viruses compared to how many PC viruses? 71989 and counting according to Symantec. And the most mentioned causes of problems in security on the Mac Platform? Microsoft products. I rest my case.
First of all, after my Googling, has there EVER been a virus for OS X? Seriously?
Secondly, any kid who's seen an AOL commercial realizes how bad viruses are. n new viruses a day. 50k Windows viruses and counting. And Windows still has no way to stop these things, whereas OS X/Linux/*BSD are designed from the ground up to be immune to the kinds of attacks that Windows gets constantly pounded by.
Next, look at the patch release time. Open Source developers get patches out almost the instant a volunerability is found that is considered to be serious enough to be patched. Mac OS X is an OS project (and thusly, all of the nasty bits that generally cause problems like network applications are OS), with a nice pretty closed GUI. Sure there have been security holes in their products, but they are extremly quick about getting patches out. Microsoft has proved time and again to be a beast of burden when it comes to patches, as seen just recently after it took them over a week to patch a ZERO DAY exploit.
No, Mac users aren't invulnerable. We're simply more secure overall. And we're proud of that.
If you want to talk about any audience that's too smug, talk about Linux. Linux is on more important machines, and yet everyone talks about how safe and secure it is, even though in some cases it's just not true at all. Yes, Open Source code is generally more secure, but the major parts that need to be secured in OS X are Open Source.
As far as I'm concerned, both Linux and OS X are going to be one hell of a lot safer than Windows for a long time running, and so I can rest and relax in my relative security thanks to Microsoft's inferior security practices.
Eh. This design borrows heavily from the old Mac/NeXT Cube idea, and the more recent Mac Mini idea. People have already figured out you can duplicate the footprint of all three and make components that "stack" well together.
The problem is, stacking isn't really a good interface for a computer, it's best to be as freeform as possible, just in case someone wants to put their computer sideways on a bookshelf, or mount it in some odd configuration inside of their car/boat/etc.
But, then again, you could always build USB/Firewire/SVideo into the "stack connector", so that it would look seemless. No ugly 1' usb cables going from the harddrive to the computer, to the speakers or anywhere else.
This website for example has quite a bit of WMF files. The internet is teeming with them. Oh, you think they have to end in.wmf, I see. Well, you'd be mistaken. Any image format (_any_) that Windows understands is a WMF file. That's right, all of them. Not only that, but quite a few document formats also fall under that umbrella, but most of them are Windows-proprietary anyways.
I say that there's just not enough evidence to convict Apple of copying Konfabulator for Dashboard, but there's a lot of reasoning that could make it go either way. And then of course you could say Konfabulator copied Active Desktop in a more effective way, but that's something everyone doesn't give credit for.
The truth is, until historians can look back on it, it'll be hard to see. There's still too much FUD being flung in all directions to know for sure which chicken originally laid the egg.
I believe that comment makes you out the fool not me.
You've basically said your archecture only allowed code from one company/programmer to be ran at once; sectioning off address space to each program means that for shared components to work, they'd have to be loaded into each address space, which of course, defeats the point of having a Shared Object (and unless you're working on a computer that nobody can afford with 64GB of ram, this is ridiculous; imagine every program on your computer statically linked).
The part about "you requesting"; computers don't request anything. They follow instructions. And if the instruction says "Jump to this address", that's exactly what to do. Whether that address is off a bridge or on in secured ram with No Execute or just ram, it's going to jump there (whether or not it gets executed, it will jump, causing the program to crash, which is bad in itself, or causing the exploit to run). If your CPU has a No Execute flag on the ram, and you're lucky enough to have an operating system that supports it AND you're lucky enough that the exploiter isn't smart enough to figure out how to attach code arbitarily to executable files, then and then alone would this work.
Hell, if you were a good crypto-stenography student, you probably could write a program that is exceptionally beign at one offset, only to reveil a nastier, malevolent program when you offset the code by a certain number of bytes. The program would load into memory and do what its supposed to do, but then when the program hit an instruction to jump to the address space within itself, the exploit would run, and you'd be just as owned as before.
Trusted computing just doesn't work. You've got to trust everyone on every step of the development process, and even then, someone will find a way in. Bugs happen because nobody is perfect and nobody can afford to be, not even Microsoft.
Huh? I am not aware of any current implementations of "trustworthy computing" that would prevent you applying this sort of patch. The TPM chip and the like simply let you prove things about the configuration of your computer to other computers (and lock data to a particular machine) - by all means, go wild, do whatever you want to your own computer. Just don't expect to then be able to lie about it to others.
If you then rely on others for various things who refuse to trust you because you're loading patch DLLs into every process then you may have a problem yes, but this is only temporary and the benign applications of such a technology (death to game cheaters!) IMHO outweigh the very slight theoretical risks.
So let's say I'm JoeISP. Hi JoeISP you might say, I'd laugh and go about my business. Some nasty cruel internet underdwellers would go about writing their programs as they do today, and start delivering their payloads to people over my network. I can't really stop them from doing this; there's simply too much data that goes through my network to look at every packet and assure that the content isn't executable or worse, a virus. I can take some countermeasures, but not to many. Nope, it's the end users who have to be trusted.
So over there is Miss Jane. She loves the internet, and her newly bought Laptop from Dell with a pretty new TPM chip in it. She's a customer as JoeISP, and I love her for it, she pays me a pretty penny a month she could be getting for free if her neighbor would share his wireless access point, but sadly for Jane, her computer doesn't detect that his WAP has a TPM chip, and her operating system says to her that even if the network weren't protected by WPA2, she still wouldn't be allowed to connect to it because it isn't a Trusted connection. She shrugs it off.
So, Jane goes about checking her email when she sees a really funny picture her aunt sent her. Oh boy that's funny she said, and she saves the picture on her desktop so she can look at it later, or maybe even send it to a friend! But what's this? Her computer suddenly locks up tighter than a steel drum and a little popup tells her that "Windows Trusted Computing has detected unauthorized code in memory, and will not allow it to be executed." But she wants to save the image! She dismisses the popup, and saves it again, same message.
She is disheartened and goes to Trusted Go^W Microsoft Search to find an answer. Turns out, lots of people have been having this same exact problem, and nobody knows why. Some guy with a pocket protector and glasses tell them to reboot their computers, go into their BIOS and turn off TPM protection, and she does.
Now when she gets back on the Internet (this of course, assuming that she can, more on this in a minute), she saves the picture and poof, she's now got the exploit running on her machine. Her virus protector (assuming she has one) goes haywire! Of course, Windows File Protection make certain that she can't easily select the file and delete it, after all, it is a running executable now. (Or, even if WFP *did* allow it, most viruses these days are smart enough to break virus protectors in a way that they can't remove the virus on their own, even if their data files are up to date).
She's smarter than your average bear, however, and is able to go to another computer and get back on the internet. She finds a patch for the bug, and a clean up tool that allows her to remove the code from the image. "Goodie" she thinks.
She goes back to the other machine, fixes the DLL, turns back on TPM, and goes to get on the internet.
My ISP (remember me, JoeISP?) instantly alerts an error. Someone has connected to our network with TPM on, but has modified their files! Our policy is not to let those people on our network at all, since that's what Microsoft told us to do. So we block her MAC and continue about our day. She calls in later, furious that she can't get the Internet to work in her house anymore. Any attempts to quell her ar
And what archetecure would you suggest? IIRC, every archetecture I've worked on has allowed for an arbitary jump. This is a neccesity because this is how looping structures work.
For an archecture that you present, you'd have to have some way of trusting a section of RAM, but how can you lend a section of RAM trust? Furthermore, how do you move items with trust into and out of the trusted RAM cell? Any programmer worth his title knows that if trust (in this case a flag, a CRC, an encrypted value, whatever you want) can be given to one object, it can be given to any other object as well. If you "trust" the data by encrypting it with a certain key, then all that is needed to encrypt any data is the key and the data.
Let's keep going; if you want the computer to be a general use computer (and not something like a DVD player or a music player), you'll have to distribute that key to people. Why? Because people make programs too.
Now let's step back and see what all you affected with Trusted Computing: You've first reworked the processor, so that requires distributing and replacing everyone elses, then you've reworked the memory, that may or may not require a rework, but it'll at least take investigation into reworking it. You've reworked network protocols so they can be "trusted", you've reworked the Kernel (because of course, it has to be loaded from an untrusted medium), you've reworked the programming language to support trustable code, and you've reworked the compiler to make trusted code. You've changed the whole industry, and you're banking on the fact that there wasn't a single bug introduced *anywhere* along the process, especially in the Hardware, which is much harder to revise once it's distributed.
Now let's look at the alternative: Better code. What needs to be changed? The code. That's it. Oh, I guess that's cheaper, more sensible, and it works with what we've got.
Come again? Any Microsoft patch is likely to outright remove the file and replace it with the patched copy. If it were a binary-patch, it would scroll to the right location in the file, check to see that what was supposed to be there was, and when it discovered that it had already been affected in some way, it would die with some error.
Microsoft's patch and this patch surely won't be compatible, but that doesn't mean that they won't be identical. If you don't understand this, try patching your already patched software sometime. You'll find you can't do it.
I don't have a problem unregistering the DLL either (if I had a Windows computer to unreg the DLL from), except for that some programs, despite library registration, still search for certain libraries in the file system, and of course, when they stumble upon them, they load them. And this, of course, puts you right back into the hot seat. How do you know if you're running one of those programs? Well, delete the DLL and see how many programs have a fit including Explorer itself).
Reasons you should install it:
-You refuse to (or can't) use an operating system where executability is set by a filesystem flag and not an extension.
-The simple act of clicking on this image anywhere in your filesystem will cause the arbitrary code to be executed.
-Firefox, while being a more secure broswer than Internet Explorer, isn't going to do any bit of good for an image that may already be on your computer as we speak.
-This exploit isn't limited to the WMF extension; any file with Windows Meta information is subject to the insertion attack, which includes all image formats and a lot of document formats (Word).
The fact is, you're being ignorant of the problem instead of trying to be part of the solution, and your post outlines the different various reasons why. The fact is, Microsoft might not even include a fix for this specific bug on the next patch Tuesday. They've been known to forego fixing certain bugs for arbitrary amounts of time. This is fact, not opinion.
Here's to hoping you don't get infected before Microsoft gets a patch out.
..that if we all were running "trustworthy" computers, this problem would be much, much worse than it is now. Imagine that now instead of having a patch that's already been made by someone else while we sit and wait for Microsoft to get off their asses, we now have to wait on Microsoft, who still hasn't shown up.
Instead of having *some* machines patched, we'd have none. This late after the exploit has been released, and a zero-day attack has happened, we'd see no respite.
If you try to argue that Trustworthy computers wouldn't allow this to be exploited, what if the trustworthy compontent itself was exploited? As the Xbox and soon the Xbox 360 have shown, the more complex the hardware, the more complicated the bugs are. Microsoft's betting that the hardware complexity can outgrow the programmer's abilities to crack it, but if there's any truth in the world, it's that if it can be engineered, it can be destroyed. So imagine if this virus was actually signed by Microsoft through the exploit. How would this look for their company? How can you save face from a disaster like that?
No, trusted computers aren't the answer, just more secure computers, with better code. And the fact of the matter is, the more eyes that are on the code, the better it is, and that's why Open Source will always succeed. No amount of cryptography will help you if there's a hole in your crypto system.
It's really not that the Linux application's are named so bad, it's that they were never really named that well to begin with.
Windows applications for the most part started with good, easy names that described what things did. Paint painted pictures. Photoshop helped with Photo-editing, Paint Shop Pro found the middle ground.
Linux applications never had these easy to remember names to begin with; the GIMP has always been the GIMP, and even though the parent of its acronym, GNU Image Manipulation Program, is a good name.
A suggestion; edit the links to the Applications with nice pretty names. Many distros are already doing this. (Image Editor -> GIMP).
And even though Outlook might be a bad name for a mail application, I can hardly imagine "Evolution", or even worse, "Thunderbird" as being any better. At least "Outlook" could be interpreted as a good name; an Outlook on your business would be all of the documents pertaining to it. (And yes, we have Microsoft beat with our spreadsheet app; Excel vs (Gnumeric???), Open Office.. Calc?! Come on I know a spreadsheet is a tabulation device, but seriously, "calc"? KSpread wins simply out of having a least a *fraction* of the functionality in the name).
Anyways, I would hardly call it "accidential". It wasn't any accident that Microsoft got to license their OS to the IBM (and compatible) machines, it was cold and calculated. While they might not have known they'd end up being some of the richest people to have ever lived, they had to have known that they were never going to have to worry about money again in their lives.
I always thought that was FOX though; the F is only a letter away from G, and the X is simply a clever ploy to hide the obvious P that should be there.
I'm sorry, but I have to question Alexa in it's entirity; it's information is gathered from users with a piece of spyware installed that calls home and tells Alexa which sites are being used more than others.
Of course, this is fundamentally flawed; the people without the spyware or an alexa web-tag (which is unmeasurable short of a site survey of every website) simply aren't counted and are left out. I would like to believe that if the percentage is even 50/50 people with/without spyware, that destroys the conclusivity of their ranking system.
The web was designed so that no one site had to know anything else about another site. The greatest link between two websites would be the anchor tag, and there is no "central repository" that indexes anchor tag usage (a search engine might tell you the number of the tags out there, but a search engine can't nessicarily tell you how many times it was clicked.
I call bullocks on any website that claims itself to be more popular than any other website without seeing its logs.
Slashdot Mirror
Very stupid people considering adblock does everything subscriptions would do, except seeing the story early..
But then again, if I want to see a story early, I go to Digg.com.
Why not? Microsoft (though bigger and older), stands up to the DOJ all of the time, often playing Jedi Mind Tricks to pass off things that are knowingly wrong as correct.
Meanwhile, Google is in full compliance with the law, and believes that certain lawyers are overstepping their constitutional boundries by requesting data that they believe is not only a trade secret, but also an infringment of privacy. Sure, lawyers can sue them all they like, but Google has a very good shot at winning the case.
This also could bring up the question of constitutionality of releasing ISP records as well, and maybe finally companies will stop pussing out on the people that feed them and attempt to stand up for their customers.
Or maybe it's all just a pipedream and Google's just delaying the inevitable. Either way I commend them for standing up for my privacy.
To the original point of the article: You're staring down the barrel of a revolver half loaded, half not when it comes to upgrading CPUs these days. Sockets are flying by so quickly that you might only see two different cores and only 3-6 speed grades for each core (Banias->Dothon->new socket).
To me, computers are so damned fast now if you actually *need* to upgrade, you probably need to just get a new computer. Everything about these new Macs breathes cutting edge, from the new PC slot on the MacBook to both being entirely SATA (the only thing that ISN'T cutting edge is Firewire, and there's probably a very sound reasoning behind that such as chip availability (any current Intel ICHs with FW800?)), and so a lot of shifting and settling still has to occur. In that time, some of the standards today might meet the axe, and you're going to be SOL when trying to upgrade anyways. Just buy a quality computer and replace it every 3-5 years as nessicary (yes, if you're nerdy, go with every 18 months).
They didn't lose it though, they just aren't applying it to current generation chips. They could easily drop Merom and start calling it Pentium 5.
On the other hand, the numbers don't exist for OS X/x86 (publicly, yet). While you might get a general code performance idea, there are a lot of specific things that OS X does oddly that might cause one compiler to be "better" than another.
Better yet:
There are around 40 Mac-specific viruses and related threats. ++Mac users with [Microsoft] Word 6 or versions of Word/Excel supporting Visual Basic for Applications, however, are vulnerable to infection by macro viruses which are specific to these applications. Indeed, these viruses can, potentially, infect other files on any hardware platform supporting these versions of these applications. I don't know of a macro virus with a Mac-specific payload that actually works at present, but such a payload is entirely possible. ++[Microsoft] Office 98 applications are in principle vulnerable to most of the threats to which Office 97 applications are vulnerable.
Funny. 40 Mac viruses compared to how many PC viruses? 71989 and counting according to Symantec. And the most mentioned causes of problems in security on the Mac Platform? Microsoft products. I rest my case.
First of all, after my Googling, has there EVER been a virus for OS X? Seriously?
Secondly, any kid who's seen an AOL commercial realizes how bad viruses are. n new viruses a day. 50k Windows viruses and counting. And Windows still has no way to stop these things, whereas OS X/Linux/*BSD are designed from the ground up to be immune to the kinds of attacks that Windows gets constantly pounded by.
Next, look at the patch release time. Open Source developers get patches out almost the instant a volunerability is found that is considered to be serious enough to be patched. Mac OS X is an OS project (and thusly, all of the nasty bits that generally cause problems like network applications are OS), with a nice pretty closed GUI. Sure there have been security holes in their products, but they are extremly quick about getting patches out. Microsoft has proved time and again to be a beast of burden when it comes to patches, as seen just recently after it took them over a week to patch a ZERO DAY exploit.
No, Mac users aren't invulnerable. We're simply more secure overall. And we're proud of that.
Not another one of these articles.
If you want to talk about any audience that's too smug, talk about Linux. Linux is on more important machines, and yet everyone talks about how safe and secure it is, even though in some cases it's just not true at all. Yes, Open Source code is generally more secure, but the major parts that need to be secured in OS X are Open Source.
As far as I'm concerned, both Linux and OS X are going to be one hell of a lot safer than Windows for a long time running, and so I can rest and relax in my relative security thanks to Microsoft's inferior security practices.
Eh. This design borrows heavily from the old Mac/NeXT Cube idea, and the more recent Mac Mini idea. People have already figured out you can duplicate the footprint of all three and make components that "stack" well together.
The problem is, stacking isn't really a good interface for a computer, it's best to be as freeform as possible, just in case someone wants to put their computer sideways on a bookshelf, or mount it in some odd configuration inside of their car/boat/etc.
But, then again, you could always build USB/Firewire/SVideo into the "stack connector", so that it would look seemless. No ugly 1' usb cables going from the harddrive to the computer, to the speakers or anywhere else.
Apples need Sun to grow.
A lot of people said that about Apple and Intel too, ya know.
Yes. The Fifth Element is classic in my book for the ample bussoms of Milla Jovovich being seen on the big screen.
But this does pose a problem; to buy HD-DVD (Serenity), or Blu Ray (Fifth Element).. decisions decisions.
Yes.
.wmf, I see. Well, you'd be mistaken. Any image format (_any_) that Windows understands is a WMF file. That's right, all of them. Not only that, but quite a few document formats also fall under that umbrella, but most of them are Windows-proprietary anyways.
This website for example has quite a bit of WMF files. The internet is teeming with them. Oh, you think they have to end in
Thanks for trolling!
I say that there's just not enough evidence to convict Apple of copying Konfabulator for Dashboard, but there's a lot of reasoning that could make it go either way. And then of course you could say Konfabulator copied Active Desktop in a more effective way, but that's something everyone doesn't give credit for.
The truth is, until historians can look back on it, it'll be hard to see. There's still too much FUD being flung in all directions to know for sure which chicken originally laid the egg.
I believe that comment makes you out the fool not me.
You've basically said your archecture only allowed code from one company/programmer to be ran at once; sectioning off address space to each program means that for shared components to work, they'd have to be loaded into each address space, which of course, defeats the point of having a Shared Object (and unless you're working on a computer that nobody can afford with 64GB of ram, this is ridiculous; imagine every program on your computer statically linked).
The part about "you requesting"; computers don't request anything. They follow instructions. And if the instruction says "Jump to this address", that's exactly what to do. Whether that address is off a bridge or on in secured ram with No Execute or just ram, it's going to jump there (whether or not it gets executed, it will jump, causing the program to crash, which is bad in itself, or causing the exploit to run). If your CPU has a No Execute flag on the ram, and you're lucky enough to have an operating system that supports it AND you're lucky enough that the exploiter isn't smart enough to figure out how to attach code arbitarily to executable files, then and then alone would this work.
Hell, if you were a good crypto-stenography student, you probably could write a program that is exceptionally beign at one offset, only to reveil a nastier, malevolent program when you offset the code by a certain number of bytes. The program would load into memory and do what its supposed to do, but then when the program hit an instruction to jump to the address space within itself, the exploit would run, and you'd be just as owned as before.
Trusted computing just doesn't work. You've got to trust everyone on every step of the development process, and even then, someone will find a way in. Bugs happen because nobody is perfect and nobody can afford to be, not even Microsoft.
Huh? I am not aware of any current implementations of "trustworthy computing" that would prevent you applying this sort of patch. The TPM chip and the like simply let you prove things about the configuration of your computer to other computers (and lock data to a particular machine) - by all means, go wild, do whatever you want to your own computer. Just don't expect to then be able to lie about it to others. If you then rely on others for various things who refuse to trust you because you're loading patch DLLs into every process then you may have a problem yes, but this is only temporary and the benign applications of such a technology (death to game cheaters!) IMHO outweigh the very slight theoretical risks.
So let's say I'm JoeISP. Hi JoeISP you might say, I'd laugh and go about my business. Some nasty cruel internet underdwellers would go about writing their programs as they do today, and start delivering their payloads to people over my network. I can't really stop them from doing this; there's simply too much data that goes through my network to look at every packet and assure that the content isn't executable or worse, a virus. I can take some countermeasures, but not to many. Nope, it's the end users who have to be trusted.
So over there is Miss Jane. She loves the internet, and her newly bought Laptop from Dell with a pretty new TPM chip in it. She's a customer as JoeISP, and I love her for it, she pays me a pretty penny a month she could be getting for free if her neighbor would share his wireless access point, but sadly for Jane, her computer doesn't detect that his WAP has a TPM chip, and her operating system says to her that even if the network weren't protected by WPA2, she still wouldn't be allowed to connect to it because it isn't a Trusted connection. She shrugs it off.
So, Jane goes about checking her email when she sees a really funny picture her aunt sent her. Oh boy that's funny she said, and she saves the picture on her desktop so she can look at it later, or maybe even send it to a friend! But what's this? Her computer suddenly locks up tighter than a steel drum and a little popup tells her that "Windows Trusted Computing has detected unauthorized code in memory, and will not allow it to be executed." But she wants to save the image! She dismisses the popup, and saves it again, same message.
She is disheartened and goes to Trusted Go^W Microsoft Search to find an answer. Turns out, lots of people have been having this same exact problem, and nobody knows why. Some guy with a pocket protector and glasses tell them to reboot their computers, go into their BIOS and turn off TPM protection, and she does.
Now when she gets back on the Internet (this of course, assuming that she can, more on this in a minute), she saves the picture and poof, she's now got the exploit running on her machine. Her virus protector (assuming she has one) goes haywire! Of course, Windows File Protection make certain that she can't easily select the file and delete it, after all, it is a running executable now. (Or, even if WFP *did* allow it, most viruses these days are smart enough to break virus protectors in a way that they can't remove the virus on their own, even if their data files are up to date).
She's smarter than your average bear, however, and is able to go to another computer and get back on the internet. She finds a patch for the bug, and a clean up tool that allows her to remove the code from the image. "Goodie" she thinks.
She goes back to the other machine, fixes the DLL, turns back on TPM, and goes to get on the internet.
My ISP (remember me, JoeISP?) instantly alerts an error. Someone has connected to our network with TPM on, but has modified their files! Our policy is not to let those people on our network at all, since that's what Microsoft told us to do. So we block her MAC and continue about our day. She calls in later, furious that she can't get the Internet to work in her house anymore. Any attempts to quell her ar
And what archetecure would you suggest? IIRC, every archetecture I've worked on has allowed for an arbitary jump. This is a neccesity because this is how looping structures work.
For an archecture that you present, you'd have to have some way of trusting a section of RAM, but how can you lend a section of RAM trust? Furthermore, how do you move items with trust into and out of the trusted RAM cell? Any programmer worth his title knows that if trust (in this case a flag, a CRC, an encrypted value, whatever you want) can be given to one object, it can be given to any other object as well. If you "trust" the data by encrypting it with a certain key, then all that is needed to encrypt any data is the key and the data.
Let's keep going; if you want the computer to be a general use computer (and not something like a DVD player or a music player), you'll have to distribute that key to people. Why? Because people make programs too.
Now let's step back and see what all you affected with Trusted Computing: You've first reworked the processor, so that requires distributing and replacing everyone elses, then you've reworked the memory, that may or may not require a rework, but it'll at least take investigation into reworking it. You've reworked network protocols so they can be "trusted", you've reworked the Kernel (because of course, it has to be loaded from an untrusted medium), you've reworked the programming language to support trustable code, and you've reworked the compiler to make trusted code. You've changed the whole industry, and you're banking on the fact that there wasn't a single bug introduced *anywhere* along the process, especially in the Hardware, which is much harder to revise once it's distributed.
Now let's look at the alternative: Better code. What needs to be changed? The code. That's it. Oh, I guess that's cheaper, more sensible, and it works with what we've got.
I'll stick with the latter thanks.
Come again? Any Microsoft patch is likely to outright remove the file and replace it with the patched copy. If it were a binary-patch, it would scroll to the right location in the file, check to see that what was supposed to be there was, and when it discovered that it had already been affected in some way, it would die with some error.
Microsoft's patch and this patch surely won't be compatible, but that doesn't mean that they won't be identical. If you don't understand this, try patching your already patched software sometime. You'll find you can't do it.
I don't have a problem unregistering the DLL either (if I had a Windows computer to unreg the DLL from), except for that some programs, despite library registration, still search for certain libraries in the file system, and of course, when they stumble upon them, they load them. And this, of course, puts you right back into the hot seat. How do you know if you're running one of those programs? Well, delete the DLL and see how many programs have a fit including Explorer itself).
So this is a total non-issue.
Reasons you should install it:
-You refuse to (or can't) use an operating system where executability is set by a filesystem flag and not an extension.
-The simple act of clicking on this image anywhere in your filesystem will cause the arbitrary code to be executed.
-Firefox, while being a more secure broswer than Internet Explorer, isn't going to do any bit of good for an image that may already be on your computer as we speak.
-This exploit isn't limited to the WMF extension; any file with Windows Meta information is subject to the insertion attack, which includes all image formats and a lot of document formats (Word).
The fact is, you're being ignorant of the problem instead of trying to be part of the solution, and your post outlines the different various reasons why. The fact is, Microsoft might not even include a fix for this specific bug on the next patch Tuesday. They've been known to forego fixing certain bugs for arbitrary amounts of time. This is fact, not opinion.
Here's to hoping you don't get infected before Microsoft gets a patch out.
..that if we all were running "trustworthy" computers, this problem would be much, much worse than it is now. Imagine that now instead of having a patch that's already been made by someone else while we sit and wait for Microsoft to get off their asses, we now have to wait on Microsoft, who still hasn't shown up.
Instead of having *some* machines patched, we'd have none. This late after the exploit has been released, and a zero-day attack has happened, we'd see no respite.
If you try to argue that Trustworthy computers wouldn't allow this to be exploited, what if the trustworthy compontent itself was exploited? As the Xbox and soon the Xbox 360 have shown, the more complex the hardware, the more complicated the bugs are. Microsoft's betting that the hardware complexity can outgrow the programmer's abilities to crack it, but if there's any truth in the world, it's that if it can be engineered, it can be destroyed. So imagine if this virus was actually signed by Microsoft through the exploit. How would this look for their company? How can you save face from a disaster like that?
No, trusted computers aren't the answer, just more secure computers, with better code. And the fact of the matter is, the more eyes that are on the code, the better it is, and that's why Open Source will always succeed. No amount of cryptography will help you if there's a hole in your crypto system.
It's really not that the Linux application's are named so bad, it's that they were never really named that well to begin with.
Windows applications for the most part started with good, easy names that described what things did. Paint painted pictures. Photoshop helped with Photo-editing, Paint Shop Pro found the middle ground.
Linux applications never had these easy to remember names to begin with; the GIMP has always been the GIMP, and even though the parent of its acronym, GNU Image Manipulation Program, is a good name.
A suggestion; edit the links to the Applications with nice pretty names. Many distros are already doing this. (Image Editor -> GIMP).
And even though Outlook might be a bad name for a mail application, I can hardly imagine "Evolution", or even worse, "Thunderbird" as being any better. At least "Outlook" could be interpreted as a good name; an Outlook on your business would be all of the documents pertaining to it. (And yes, we have Microsoft beat with our spreadsheet app; Excel vs (Gnumeric???), Open Office.. Calc?! Come on I know a spreadsheet is a tabulation device, but seriously, "calc"? KSpread wins simply out of having a least a *fraction* of the functionality in the name).
zillionaire - more money than what?
Jeebus.
Anyways, I would hardly call it "accidential". It wasn't any accident that Microsoft got to license their OS to the IBM (and compatible) machines, it was cold and calculated. While they might not have known they'd end up being some of the richest people to have ever lived, they had to have known that they were never going to have to worry about money again in their lives.
I always thought that was FOX though; the F is only a letter away from G, and the X is simply a clever ploy to hide the obvious P that should be there.
I'm sorry, but I have to question Alexa in it's entirity; it's information is gathered from users with a piece of spyware installed that calls home and tells Alexa which sites are being used more than others.
Of course, this is fundamentally flawed; the people without the spyware or an alexa web-tag (which is unmeasurable short of a site survey of every website) simply aren't counted and are left out. I would like to believe that if the percentage is even 50/50 people with/without spyware, that destroys the conclusivity of their ranking system.
The web was designed so that no one site had to know anything else about another site. The greatest link between two websites would be the anchor tag, and there is no "central repository" that indexes anchor tag usage (a search engine might tell you the number of the tags out there, but a search engine can't nessicarily tell you how many times it was clicked.
I call bullocks on any website that claims itself to be more popular than any other website without seeing its logs.
...are stranded on a desserted island...
:(
Why can't I get stranded on a desserted island?