Operating systems exist to schedule time on the hardware and provide support for the apps being run. Does anyone in Microsoft see faster hardware for the applications to use and not for the OS to waste? The schedulers in modern systems can already take advantage of several processors/cores. Gate's law counteracts Moore's so well Windows Apps run at a constant speed over time.
Being a college engineering student, I felt my writing courses were useless. I would have been a lot more motivated improve my papers if they were reqired to be done in LaTex. Sure the course would be about writing, but it would have an engineering feel to it too. I've taken math courses where our research and papers had to be submitted in TeX source, I don't see any reason why a writing course couldn't do the same.
That link refers to UPnP, Universal Plug and Play, a networking based technology for device discovery and configuration. The vulnerability concerning the ISC is a PnP vulnerability. Plug and Play is used for internal device discovery and configuration. The two are totally different.
Microsoft, in a fit of brilliance though that exposing the internal PnP via RPC to the rest of the world was a good idea. As it turns out there is an unchecked buffer than with Windows 2000 machines in accessible via a NULL Session. In XP and 2003 the buffer requires a valid account or even and admin account to expose.
The threat of a Windows 2000 based worm in the next few days is very real. All of you with XP and 2003 aren't in immediate worm danger.
I'm sorry, your argument doesn't hold for everyone. I switched to Dvorak 3 years ago and now I'm pretty darn bad at QWERTY.
I think saying "you'll forget QWERTY" is a pretty ridiculous argument against Dvorak though. You're *never* FORCED to type in QWERTY. In 3 years I've never had to type more than a few sentences on QWERTY. I can switch every operating system Dvorak in about two seconds.
I'm very glad I switched and I have absolutely no use for QWERTY any longer so not being able to type it doesn't matter.
I switched about 3 years ago and it was a lot of work for me. I'm very glad I did and I wouldn't switch back. I struggle on QWERTY now though so if I'm going to do serious typing (long term, not just fixing a computer) I need to switch it over to Dvorak.
Many of my friends I have gotten to switch were able to do so in 2 weeks and be up a full speed. They can also switch back to QWERTY without any effort and prefer the Dvorak layout.
I'm very glad I switched and I definitely notice less strain but everyone's mileage is going to vary.
Excuse me but isn't this "vulnerability" the same thing as saying the pop-up ads that look just like IE on Windows XP are a IE/Windows XP vulnerability?
This customizability (albeit automatic by the webpage) is closer to a feature than a vulnerability if you ask me.
Agreed. AOL subscribers need AIM to be free so they can chat with their non-AOL friends. If AOL suddenly started charging for regular text usage and people started leaving the service AOL subscribers would have less incentive to stay with the service either.
That argument is invalid. In your scenario there is a human being there giving you permission to take something out of the store in exchange for money. Whether or not that person has the authority to do that is irrelevant. In the case of an open ftp server on port 5554 it may be open and ready to use but no human being (the owner) has given you permission to use it.
Don't get me wrong, I think we should be able to upload a patch and removal tool and execute it on all infected systems. The law historically has not given you the right to do that though.
I guess the legal difference is that the person has not given you permission knowingly and that although something has come around and 'unlocked the door' going inside is still trespassing.
Gaobot/Phatbot/Polybot are able to scan for vulnerable hosts but are not yet spreading by this exploit. Granted that's only a few days away at the most. I imagine the *Bot authors are just debugging their code for maximum bug free affect. Sasser has a number of bugs in it and doesn't infect all systems that well.
And go to jail just like Mr. Code Blue. Good idea but the legal system doesn't like it. Nachi.B was suposed to be a public service too.... That one messed things up more.
If the author has to pay for the paper to be published who is speaking? The ground breaking work they have done or their money? I have a feeling that having the author pay will greatly reduce the quality of scientific journals while skewing the research to fields with money in them.
Yeah I've used it too. It has only had about a 75% success rate with me though. Sometimes I'll reset the password and still won't be able to log in for whatever reason.
So many companies were being started so fast on such simple ideas that if someone else knew what you planned to do they could start up a company before you, or at the same time and compete. The lack of ideas and simplistic business models are also why the dot com boom ended so fast. There really was nothing special about it and it was easy to compete/use the same technology to accomplish the same things.
A lot of people suspect that. I personally think it's the best explanation. However, even if Blaster caused the outage and every "expert" at the plant knew it, it would NEVER be published that way. That would open up a whole new can of worms in the public eye. A security and publicity nightmare. No, if Blaster caused anything that issue will be quietly swept under the rug. Maybe Microsoft will suddenly not get a contract with the power generators anymore, but that's as far as we'll ever hear of it.
Slashdot Mirror
Operating systems exist to schedule time on the hardware and provide support for the apps being run. Does anyone in Microsoft see faster hardware for the applications to use and not for the OS to waste? The schedulers in modern systems can already take advantage of several processors/cores. Gate's law counteracts Moore's so well Windows Apps run at a constant speed over time.
Doing this will increase the chance of damage to the hard drives to do torque while the platters are spinning.
Read the article:
"But Lenovo insisted the state department computers, which were made at former IBM facilities in North Carolina and Mexico, posed no security threat."
> right-clicking an image in Safari
can't be done without first replacing the mouse.
Being a college engineering student, I felt my writing courses were useless. I would have been a lot more motivated improve my papers if they were reqired to be done in LaTex. Sure the course would be about writing, but it would have an engineering feel to it too. I've taken math courses where our research and papers had to be submitted in TeX source, I don't see any reason why a writing course couldn't do the same.
That link refers to UPnP, Universal Plug and Play, a networking based technology for device discovery and configuration. The vulnerability concerning the ISC is a PnP vulnerability. Plug and Play is used for internal device discovery and configuration. The two are totally different. Microsoft, in a fit of brilliance though that exposing the internal PnP via RPC to the rest of the world was a good idea. As it turns out there is an unchecked buffer than with Windows 2000 machines in accessible via a NULL Session. In XP and 2003 the buffer requires a valid account or even and admin account to expose. The threat of a Windows 2000 based worm in the next few days is very real. All of you with XP and 2003 aren't in immediate worm danger.
I'm sorry, your argument doesn't hold for everyone. I switched to Dvorak 3 years ago and now I'm pretty darn bad at QWERTY.
I think saying "you'll forget QWERTY" is a pretty ridiculous argument against Dvorak though. You're *never* FORCED to type in QWERTY. In 3 years I've never had to type more than a few sentences on QWERTY. I can switch every operating system Dvorak in about two seconds.
I'm very glad I switched and I have absolutely no use for QWERTY any longer so not being able to type it doesn't matter.
> You must be joking. How hard can it be? :-)
It was actually pretty hard for me but I'm glad I switched.
I switched about 3 years ago and it was a lot of work for me. I'm very glad I did and I wouldn't switch back. I struggle on QWERTY now though so if I'm going to do serious typing (long term, not just fixing a computer) I need to switch it over to Dvorak. Many of my friends I have gotten to switch were able to do so in 2 weeks and be up a full speed. They can also switch back to QWERTY without any effort and prefer the Dvorak layout. I'm very glad I switched and I definitely notice less strain but everyone's mileage is going to vary.
Excuse me but isn't this "vulnerability" the same thing as saying the pop-up ads that look just like IE on Windows XP are a IE/Windows XP vulnerability? This customizability (albeit automatic by the webpage) is closer to a feature than a vulnerability if you ask me.
Agreed. AOL subscribers need AIM to be free so they can chat with their non-AOL friends. If AOL suddenly started charging for regular text usage and people started leaving the service AOL subscribers would have less incentive to stay with the service either.
Microsoft still doesn't know how to make a produce not susceptible to worms... *sigh*
That argument is invalid. In your scenario there is a human being there giving you permission to take something out of the store in exchange for money. Whether or not that person has the authority to do that is irrelevant. In the case of an open ftp server on port 5554 it may be open and ready to use but no human being (the owner) has given you permission to use it. Don't get me wrong, I think we should be able to upload a patch and removal tool and execute it on all infected systems. The law historically has not given you the right to do that though.
I guess the legal difference is that the person has not given you permission knowingly and that although something has come around and 'unlocked the door' going inside is still trespassing.
Gaobot/Phatbot/Polybot are able to scan for vulnerable hosts but are not yet spreading by this exploit. Granted that's only a few days away at the most. I imagine the *Bot authors are just debugging their code for maximum bug free affect. Sasser has a number of bugs in it and doesn't infect all systems that well.
Yes some of the information provided was updated on the 21st and some on the 28th but the actual patch for everything remains as it was on the 13th.
And go to jail just like Mr. Code Blue. Good idea but the legal system doesn't like it. Nachi.B was suposed to be a public service too.... That one messed things up more.
Came out the 13th if I recall correctly. 17 Days is still a really fast turn around though.
If the author has to pay for the paper to be published who is speaking? The ground breaking work they have done or their money? I have a feeling that having the author pay will greatly reduce the quality of scientific journals while skewing the research to fields with money in them.
Yeah... While a few are funny here or there I see no need to have the entire day of news completely ruined...
Yeah I've used it too. It has only had about a 75% success rate with me though. Sometimes I'll reset the password and still won't be able to log in for whatever reason.
You are probably thinking of ERD commander from Winternals http://www.wininternals.com/products/repairandreco very/erdcommander2002.asp?pid=erd
Gee, the sun is 330,000 times the mass of the earth.... That sure is one bright and fiery gaseous looking rock.
So many companies were being started so fast on such simple ideas that if someone else knew what you planned to do they could start up a company before you, or at the same time and compete. The lack of ideas and simplistic business models are also why the dot com boom ended so fast. There really was nothing special about it and it was easy to compete/use the same technology to accomplish the same things.
A lot of people suspect that. I personally think it's the best explanation. However, even if Blaster caused the outage and every "expert" at the plant knew it, it would NEVER be published that way. That would open up a whole new can of worms in the public eye. A security and publicity nightmare. No, if Blaster caused anything that issue will be quietly swept under the rug. Maybe Microsoft will suddenly not get a contract with the power generators anymore, but that's as far as we'll ever hear of it.