he defined the concept of using a special character to "escape" from one character set to another, and proposed to use the backslash for this (which hadn't existed in character sets until then).
It's really making me sad how many people are excitedly awaiting the features IE "will have in SP2 or Longhorn". All alternative browsers have those features today, you can download and use them right away.
If you don't know what a browser is or that you're using one, ask your local superuser to "repair" your computer. But then you're not reading this thread (site) anyway.
But if you know how to replace IE: Why let MS decide when you're going to get tabbed browsing and popups blocked? MS is a saturated monopolist making software for the wrong reasons. The are 1st in marketing strategy, but when it comes to product quality and innovation, it's a bunch of lazy schmucks.
If you've used a "real" browser just once, the next time MS announces that from the 22nd century on their browser will implement (insert your favorite IE web standards bug) correctly, you'll just shrug and probably feel a bit sorry for the poor bastards who get their ashes fscked (voluntarily or not) by an arrogant monopolist.
Microsoft has the luxury of being able to hire the best people...
And the luxury of letting them make software of poor quality. I wonder about M$' enterprise culture, and I imagine it's somewhere between Spartacus and Indiana Jones II.
Or maybe once the "best people" work there and receive their heavy rewards they just say themselves "Wow, I did it, I fooled them into employing me", lean back and go reading/. all day.
As for my part, I'm already into reading/. all day, it's just the "heavy rewards" part I have to figure out yet...
Paranoid Android does not "protect" against anything, it just lets the user decide which URL schemes he wants to allow and which he doesn't, on a case by case basis. But not everyone is an IT professional and knows by heart which protocols are good and which are evil. My mom doesn't. So, is there a workaround that doesn't involve P.A.? I think so.
I can see three different (but related) issues here:
The "new and unknown URL scheme" issue exploited by malicious applications in downloaded and mounted disk images. Avoid this by not allowing disk images to be mounted automatically. You have to disable "Open Safe Files" (to avoid mounting disk images downloaded over http) and the disk: and disks: protocols. Having to mount all disk images by hand requires a decision from your side and gives you time to think about what you are doing.
The "help://runscript" issue caused by the Help Viewer accepting arbitrary commands. Disable the help: protocol, who needs it anyway?
The "telnet://-nfoo" issue caused by telnet's ability to overwrite existing files. Disable telnet:, ssh exists.
Correct me if I'm wrong, but with those protocols disabled I can see no way for the malware to get its stinky little bits on my harddrive.
To disable the protocols I used RCDefaultApp which is a neat (and missing) preference pane anyway.
With the steps above taken and P.A. installed I opened the sample exploit by the P.A. author (also linked from his white paper if you're paranoid which would seem normal under this circumstances). P.A. nicely asked me for permission, first for disk: and then for malware:. I granted both permissions, but since I had disabled the disk: protocol the image was never mounted and nothing happened.
Now, installing an additional prefPane and disabling individual protocols is not exactly an easy one-click workaround for my mom, but it would be possible to guide her through the process on the phone, and after that she would leave me alone... until the next flaw is found.
But then again, I still have some hope in Apple releasing a Security Update which is more convincing than the one they just released. With flaws that serious, I expect a bit more than just the replacement of one application which is obviously only part of the problem.
But later, BASIC facilitated an (extremely sketchy) introduction to the Macintosh toolbox. MS-BASIC on the mac had built-in pseudo toolbox calls so that you could change fonts, draw graphics primitives and buttons.
Did you know M$-QuickBASIC? I made my first Mac applications on it. Years later (after going through the hassle of coding scrollbars from scratch with C and the Mac Toolbox's Control Manager) I looked at that code again and found it very efficient. You could handle a lot of UI elements with only a few calls.
Having got to know pointers (and so-called handles) in Pascal and C, I realized I had been using them in QuickBASIC without even remotely understanding the concept behind it. It was just "a variable containing an image" or whatever.
Pointers started with a percent sign, handles with an ampersand.
I wonder whether you could implement a Java Virtual Machine in BASIC? Probably yes. Would it be efficient? Probably no.
HyperCard was waaaay ahead of its time. Years before the common user knew about HTML, JavaScript, or Wikis, all those concepts were already beautifully united in HyperCard. Well, the network was missing, but it was already WYSIWYG (en contraire to today's Wikis).
Seriously. I learnt to know HyperCard like 15 years ago and developed some nice applications, and I haven't used it again until recently, and then I was like saying: Wow, shit, it was all there already!
It wasn't perfect though because only a few people had macs, and I think it was too intuitive and required too much creativity from average Joe (OK, mod me down for my arrogance, come on, come on, give it to me, yeah)
--
Wars are God's way of teaching Americans geography.
Tippett argues that if we simply extend the present situation into the future, the level of complexity and vulnerability we would create will make a digital Pearl Harbor inevitable--and before 2010.
If we simply extend the present situation... but who is simple-minded enough to believe our world works like this?
"That [scenario] is appealing because it's one of the simplest things you can do with computers: restrict their abilities," says Peter Tippett, CTO of security vendor TruSecure and noted security expert.
Dear Peter, if you want to restrict all abilities of a computer which can possibly be used in a dangerous way, you'll have to pull the plug.
Tom's Rules For Reasoning About Tool Security:
It's not the tool that's dangerous, it's the person using it.
Every tool can be used to harm another person.
Making a tool illegal won't prevent a determined person from using it.
Tom's First Conclusions From His Rules For Reasoning About Tool Security:
Educate people about the responsibility they have for themselves and society.
Educate people to distinguish between statements which contribute to solve a problem, and those which just propagate FUD.
Educate people not to let authorities do the thinking for them.
Educate people to recognize when a tool / person / development is bad for them or others, and to recognize it as a result of their own thinking and values, and not because authorities or the law told them.
This is a nice example of how M$' our-products-are-blackboxes-policy is increasing the cost of using them.
In a world of open systems, everyone who felt like doing it could cache software updates, freeing money and bandwith for more sensible uses than trying to cure a dead horse.
Every precaution against terrorism will strengthen censorship, totalitarism and the destruction of democracy. Every citizen should be fully conscious of this.
For the US, the only sensitive way to fight against terrorism is to force the government to implement a foreign policy which doesn't ask for trouble.
I think besides functionality ergonomy is very important, because you probably sit on your desk many hours every day.
If you sit with your legs on the table all the time, and your desk doesn't "support" that feature, you'll end up in a wheelchair!
The only really robust and emergency-proof wireless devices I know of are walkie-talkies and carrier pigeons. Let the pigeon carry an USB drive, then you also have reasonable data rates. And it's also kind of a Post Office Protocol implementation, not very RFC-conform though.
If there's really something going on, every system which relies on fixed nodes (such as WiFi, cellphones) are very likely to fail.
Probably a satellite based system will work, although presumably Uncle Sam shuts down the satellites if it gets serios.
Since the VM is assumed to translate Java calls to the underlying OS without requiring the developer to know anything about that OS, you lose the platform independency advantage of Java if you have to deal with the VM because you want to bundle it.
For Mac OS X, quite a lot of Java applications are available (ProjectSCIM, Mac2Phone, just two examples out of many); sometimes you don't even notice it's Java (although the experienced user distinguishes the somewhat "rough" interfaces easily from the native ones).
Programming is something you know or you don't. Sure your skills improve over time, but there are some basics to that activity that won't change with different languages.
During a programmer's lifetime, you will have to learn a lot of languages, and frankly, if you know how to program, you can learn a new language in an afternoon, and get to be an expert after a month or so working with it.
So this is my advice: Choose a project for each of the languages, realize it, and you will know both of them well.
(I have to admit I never learnt COBOL so in a way I don't know what I'm speaking of. In another way, in my life I have learnt Basic, Pascal, C, C++, Java, Visual Basic, JavaScript and all that stuff, and I got easier every time.)
Slashdot Mirror
I'd like to think that under the hood Java3D uses whatever hardware accelerated 3D technology is available on the current system.
So whether Java is "just another 3D library" or an abstraction layer to truly make cross-platform development easier depends on the quality of the VM.
he defined the concept of using a special character to "escape" from one character set to another, and proposed to use the backslash for this (which hadn't existed in character sets until then).
the escape key has nothing to do with this!
thanks, slashdot editors, for misinforming people
It's really making me sad how many people are excitedly awaiting the features IE "will have in SP2 or Longhorn". All alternative browsers have those features today, you can download and use them right away.
If you don't know what a browser is or that you're using one, ask your local superuser to "repair" your computer. But then you're not reading this thread (site) anyway.
But if you know how to replace IE: Why let MS decide when you're going to get tabbed browsing and popups blocked? MS is a saturated monopolist making software for the wrong reasons. The are 1st in marketing strategy, but when it comes to product quality and innovation, it's a bunch of lazy schmucks.
If you've used a "real" browser just once, the next time MS announces that from the 22nd century on their browser will implement (insert your favorite IE web standards bug) correctly, you'll just shrug and probably feel a bit sorry for the poor bastards who get their ashes fscked (voluntarily or not) by an arrogant monopolist.
...but by somebody else.
Sorry, it was too easy a fsck, I couldn't resist.
Microsoft has the luxury of being able to hire the best people...
And the luxury of letting them make software of poor quality. I wonder about M$' enterprise culture, and I imagine it's somewhere between Spartacus and Indiana Jones II.
Or maybe once the "best people" work there and receive their heavy rewards they just say themselves "Wow, I did it, I fooled them into employing me", lean back and go reading
As for my part, I'm already into reading
The solution I proposed on the previous article already takes this into account.
Paranoid Android does not "protect" against anything, it just lets the user decide which URL schemes he wants to allow and which he doesn't, on a case by case basis. But not everyone is an IT professional and knows by heart which protocols are good and which are evil. My mom doesn't. So, is there a workaround that doesn't involve P.A.? I think so.
I can see three different (but related) issues here:
- The "new and unknown URL scheme" issue exploited by malicious applications in downloaded and mounted disk images. Avoid this by not allowing disk images to be mounted automatically. You have to disable "Open Safe Files" (to avoid mounting disk images downloaded over http) and the disk: and disks: protocols. Having to mount all disk images by hand requires a decision from your side and gives you time to think about what you are doing.
- The "help://runscript" issue caused by the Help Viewer accepting arbitrary commands. Disable the help: protocol, who needs it anyway?
- The "telnet://-nfoo" issue caused by telnet's ability to overwrite existing files. Disable telnet:, ssh exists.
Correct me if I'm wrong, but with those protocols disabled I can see no way for the malware to get its stinky little bits on my harddrive.To disable the protocols I used RCDefaultApp which is a neat (and missing) preference pane anyway.
With the steps above taken and P.A. installed I opened the sample exploit by the P.A. author (also linked from his white paper if you're paranoid which would seem normal under this circumstances). P.A. nicely asked me for permission, first for disk: and then for malware:. I granted both permissions, but since I had disabled the disk: protocol the image was never mounted and nothing happened.
Now, installing an additional prefPane and disabling individual protocols is not exactly an easy one-click workaround for my mom, but it would be possible to guide her through the process on the phone, and after that she would leave me alone
But then again, I still have some hope in Apple releasing a Security Update which is more convincing than the one they just released. With flaws that serious, I expect a bit more than just the replacement of one application which is obviously only part of the problem.
But later, BASIC facilitated an (extremely sketchy) introduction to the Macintosh toolbox. MS-BASIC on the mac had built-in pseudo toolbox calls so that you could change fonts, draw graphics primitives and buttons.
Did you know M$-QuickBASIC? I made my first Mac applications on it. Years later (after going through the hassle of coding scrollbars from scratch with C and the Mac Toolbox's Control Manager) I looked at that code again and found it very efficient. You could handle a lot of UI elements with only a few calls.
Having got to know pointers (and so-called handles) in Pascal and C, I realized I had been using them in QuickBASIC without even remotely understanding the concept behind it. It was just "a variable containing an image" or whatever.
Pointers started with a percent sign, handles with an ampersand.
I wonder whether you could implement a Java Virtual Machine in BASIC? Probably yes. Would it be efficient? Probably no.
HyperCard was waaaay ahead of its time. Years before the common user knew about HTML, JavaScript, or Wikis, all those concepts were already beautifully united in HyperCard. Well, the network was missing, but it was already WYSIWYG (en contraire to today's Wikis).
Seriously. I learnt to know HyperCard like 15 years ago and developed some nice applications, and I haven't used it again until recently, and then I was like saying: Wow, shit, it was all there already!
It wasn't perfect though because only a few people had macs, and I think it was too intuitive and required too much creativity from average Joe (OK, mod me down for my arrogance, come on, come on, give it to me, yeah)
--
Wars are God's way of teaching Americans geography.
Tippett argues that if we simply extend the present situation into the future, the level of complexity and vulnerability we would create will make a digital Pearl Harbor inevitable--and before 2010.
If we simply extend the present situation... but who is simple-minded enough to believe our world works like this?
"That [scenario] is appealing because it's one of the simplest things you can do with computers: restrict their abilities," says Peter Tippett, CTO of security vendor TruSecure and noted security expert.
Dear Peter, if you want to restrict all abilities of a computer which can possibly be used in a dangerous way, you'll have to pull the plug.
Tom's Rules For Reasoning About Tool Security:
- It's not the tool that's dangerous, it's the person using it.
- Every tool can be used to harm another person.
- Making a tool illegal won't prevent a determined person from using it.
Tom's First Conclusions From His Rules For Reasoning About Tool Security:Back in 1970, in SOVIET RUSSIA, they successfully returned samples from the moon to earth, no astronauts involved. Check it out here:
? sc=1970-072A
http://nssdc.gsfc.nasa.gov/database/MasterCatalog
This is a nice example of how M$' our-products-are-blackboxes-policy is increasing the cost of using them.
In a world of open systems, everyone who felt like doing it could cache software updates, freeing money and bandwith for more sensible uses than trying to cure a dead horse.
Every precaution against terrorism will strengthen censorship, totalitarism and the destruction of democracy. Every citizen should be fully conscious of this.
For the US, the only sensitive way to fight against terrorism is to force the government to implement a foreign policy which doesn't ask for trouble.
I think besides functionality ergonomy is very important, because you probably sit on your desk many hours every day. If you sit with your legs on the table all the time, and your desk doesn't "support" that feature, you'll end up in a wheelchair!
The only really robust and emergency-proof wireless devices I know of are walkie-talkies and carrier pigeons. Let the pigeon carry an USB drive, then you also have reasonable data rates. And it's also kind of a Post Office Protocol implementation, not very RFC-conform though.
If there's really something going on, every system which relies on fixed nodes (such as WiFi, cellphones) are very likely to fail.
Probably a satellite based system will work, although presumably Uncle Sam shuts down the satellites if it gets serios.
Since the VM is assumed to translate Java calls to the underlying OS without requiring the developer to know anything about that OS, you lose the platform independency advantage of Java if you have to deal with the VM because you want to bundle it.
For Mac OS X, quite a lot of Java applications are available (ProjectSCIM, Mac2Phone, just two examples out of many); sometimes you don't even notice it's Java (although the experienced user distinguishes the somewhat "rough" interfaces easily from the native ones).
Programming is something you know or you don't. Sure your skills improve over time, but there are some basics to that activity that won't change with different languages.
During a programmer's lifetime, you will have to learn a lot of languages, and frankly, if you know how to program, you can learn a new language in an afternoon, and get to be an expert after a month or so working with it.
So this is my advice: Choose a project for each of the languages, realize it, and you will know both of them well.
(I have to admit I never learnt COBOL so in a way I don't know what I'm speaking of. In another way, in my life I have learnt Basic, Pascal, C, C++, Java, Visual Basic, JavaScript and all that stuff, and I got easier every time.)