Re:how much of a difference would it make..
on
The Joys Of Porting
·
· Score: 1
You don't know anything about programming for WinCE if you say "most NT applications are 'runable' on CE". While maybe not the most extremely difficult porting job to do, there are a LOT of platform differences between CE and NT. You can NOT take an app compiled for NT and run it on a WinCE device-- most noteable because of the CPU differences, but also because the WinCE API is much less capable than the NT API, simply as a way to make sure all platforms get the same features.
Rushing out a release solely to meet a release date (*especially* to prove some ass wrong) would be ridiculous. I always thought that was one of the cornerstones of open source-- there's no PR/marketing force driving the software releases, so the releases are released when they're ready and not until then.
Why is this such a problem for everyone? The only people that are having their bandwidth "hijacked" are those that voluntarily download and install this software.
This is another great example of overreaction on Slashdot.
Oddly enough, I believe the Windows SSH client we use at work uses this approach (SecureCRT 3). I don't see why every implementation doesn't use this method, as it is obviously trivial to code and provides that extra little layer of security (ie, enough to thwart this new "attack").
what about Red Hat? They are not huge like some corporations but are not exactly a mom and pop software house either. And last I checked, they were a public company. Red Hat is responsible for the R&D costs that end up producing a lot of open source code, and while not everything that comes with the Red Hat distro is high quality software, the stuff that is produced largely at Red Hat typically has a more polished feel.
No, I don't work for Red Hat and I no, I don't own any stock in them. BUT, I think they are the perfect company to rebutt about everything you said. Now, I know open source as a business model has mostly failed to this point. But some have obviously figured out a trick or two to making it work. I think as time progresses and people do more and more analysis on the ways open source can be used in a business model, open source will only become a bigger and bigger part.
In other words, open source is far from over. You get over it.
Why would a new license change affect previous downloads, particularly those which were covered under the GPL? Maybe there is some obscure provision in the GPL I'm not aware of that allows this, but I always thought the whole point of the GPL was that once something was licensed under it, regardless of future changes, there would always be the version that was licensed under the GPL.
He said it wasn't licensed for commercial use in UK-- which means it is unlikely a company is going to be able to sell a service based on it, not that it lacks range or whatever.
I'm not saying that every crash or whatever is the fault of 3rd-party drivers. I'm saying you're probably just as likely to experience a crash due to a problem in Windows as you are to experience a crash due to a faulty driver of some sort.
This company I buy a lot of commodity equipment from, Computer Surplus Outlet (http://www.computersurplusoutlet.com for the goatse.cx-paranoid), carries 4 or 5 different speeds of the Intel 486 still. The only time I ever bought one was to replace one in an old machine, but I can't imagine you'd have much problem building a new system around one...
The 486 chips are particularly popular in the embedded market because of their small size, low power consumption, low heat emission, and relatively high performance.
I imagine AMD just isn't making enough money on these CPUs (which is amazing because AMD is pretty popular in the embedded market) and therefore want to replace the machines making them with machines that will make the higher-margin Athlon CPUs.
VIA's MediaGX processor is fairly popular in the embedded market... As far as the WinChip, I was under the impression these things were completely gone, but I could be wrong.
IIS is NOT part of the default install for Win2k Pro. Whoever told you that is wrong and if it was installed when you booted the box for the first time, it was because whoever built your box put it there.
Think of the admin that has to test and de-worm a couple hundred or more machines. Then this tool becomes real nice.
It also removes some server mappings (which I believe are just registry entries), so while still nothing super difficult, it means everything is much faster than by hand and that the admin didn't have to spend time writing an app that could do all this himself.
You left out the part that said machines which are not visible to the Internet should just run this program and reboot. And machines which are visible to the Internet should do a complete rebuild.
Many machines that are invisible to the Internet by way of a firewall are visible to other machines on the same network that are visible to the Internet.
So while not completely bullet-proof, the possibility is certainly there that one machine visible to the Internet got infected and spread the infection to other machines on the network which are not visible to the Internet.
Stupid guidelines if you ask me, but certainly not ambiguous to me.
I highly doubt software makers will ever be held liable...
Particularly in the x86 market, there is such an abundance of 3rd party hardware that goes into most systems. This usually means 3rd party drivers. And because these all have to work together, who's to say that it wasn't a bug in Windows that caused that video driver to fail? Or was it a bug in the driver itself? Who is to be held liable here?
I don't think it is such a stretch to say that some software makers could (and maybe should) be held liable for their software. Such as in the case of the over-radiation that caused deaths. Last I checked, I didn't see the IIS bug causing anyone to croak and that last BSOD didn't give me any serious medical problems either. If traditional PC software makers were held liable for their software, the PC software market would simply collapse. And beyond that, the few companies left that could afford the added costs of this liability would be left to charge outrageously high prices for the software that they were able to sell.
So, at first, this maybe sounds like not such a bad idea. But after thinking about it, I'd definitely be against it (for the most part).
Microsoft admitted 3 months ago that they had a bug and promptly released a patch-- at least a month before Code Red ever surfaced. I highly doubt that they had much problem getting this past their lawyers since the original patch would have already been enough to admit the problem existed. I'm sure this was 100% the result of a PR directive.
I've been using different variants of UNIX for about 10 years and Windows for about 8. And as a competent professional, I know how completely absurd it is to assume that because someone is using Windows, they have no computer savvy.
I think more of the point is to keep these wonderful Slashdot editors in check... I can't remember ever seeing a story regarding Microsoft that put them in anything but a negative light-- even if it wasn't completely justified, as in this case.
The editors/story posters/whatever are always going to have the ability to put a little hint of MS bashing right there at the top of the page, so there has to be at least one person willing to try and set things straight...
IIRC, it was SP5 that broke the sequencing algorithm because I wanna say I remember them having an update to 5 shortly after called 5a. Regardless, even though 5 broke the sequencing, it did not open up any new holes in Windows. An attacker would have to already have access to the machine in order to exploit the broken sequencing.
I can't say much about Exchange because I don't have tons of experience on it. Only one of our customers insists on using it and even at that, the most I've ever had to do is add a new mail user.
I think the bottom line is that the original post was definitely FUD (although Im not sure how much I buy into the conspiracy theorist mentality of paid MS bashers). I see a difference between a service pack and individual security fixes, and at that, I've never seen a service pack open up any (real) new holes on any Windows box I've ever had to deal with.
IIS is not installed by default on W2K Pro. Therefore, whoever was responsible for installing your workstations is responsible for the fact that they are running IIS when they should not be. Granted, it is not the users' faults but it is no more MS's fault because it was happening on workstations that it shouldnt have been.
I'm not sure exactly what beta stage of IE6 I'm running, but its build 2462.
I only upgraded this Windows machine because VS.NET Beta2 requires it and was pretty weary because I had heard horror stories about earlier IE6 betas. But in use, I've had 0 problems with it-- no crashes, no slowdowns, nothing. I personally like the resize feature but that and the privacy features are about the only visible changes.
And btw, I don't know how far back you've been using Mozilla, but if you've never had Mozilla bring down your whole system, I applaud you. Granted I haven't seen one since 0.9 was released but I had more than one during the 0.8 series.
Re:I've read my TOS and it sucks.
on
Broadband Crackdown
·
· Score: 2, Insightful
Bupkis.
99.9% of security issues comes from companies that don't believe they are at risk. There are those running unpatched linux boxes at home. But compare that number to the number of companies with admins who either dont know any better or just don't care and it pales in comparison.
If you think the AUPs are that strict for any other reason than marketing, then you don't know corporate america well enough.
Netscape 3 was so fast because it ignored half of the HTML on the page.
</sarcasm>
The main advantage I'd give to Moz 0.9.3 is that it finally seems faster to me than 4.7. I think it still takes a few more seconds to startup, but once started, it is just as fast if not faster than 4.7. Beyond that, it actually renders correctly and (mostly) according to standards. Try bestowing that distinction upon 4.x.
And if you think IE still sucks as bad as it used to (pre-3.0 days), I certainly wonder what you're actually trying it out on. I've used IE extensively for the past couple years and I can't stop laughing at your assumption that it is still as bad. IMHO, IE 5 is the fastest, most feature complete browser available for any operating system. Maybe one day I'll be able to say this about Mozilla instead (and I hope I do!), but I certainly know that I won't ever say that about Netscape 4.x.
Slashdot Mirror
You don't know anything about programming for WinCE if you say "most NT applications are 'runable' on CE". While maybe not the most extremely difficult porting job to do, there are a LOT of platform differences between CE and NT. You can NOT take an app compiled for NT and run it on a WinCE device-- most noteable because of the CPU differences, but also because the WinCE API is much less capable than the NT API, simply as a way to make sure all platforms get the same features.
Rushing out a release solely to meet a release date (*especially* to prove some ass wrong) would be ridiculous. I always thought that was one of the cornerstones of open source-- there's no PR/marketing force driving the software releases, so the releases are released when they're ready and not until then.
If you ask me, it's incredibly smart from the credit card company's perspective...
Why is this such a problem for everyone? The only people that are having their bandwidth "hijacked" are those that voluntarily download and install this software.
This is another great example of overreaction on Slashdot.
Oddly enough, I believe the Windows SSH client we use at work uses this approach (SecureCRT 3). I don't see why every implementation doesn't use this method, as it is obviously trivial to code and provides that extra little layer of security (ie, enough to thwart this new "attack").
what about Red Hat? They are not huge like some corporations but are not exactly a mom and pop software house either. And last I checked, they were a public company. Red Hat is responsible for the R&D costs that end up producing a lot of open source code, and while not everything that comes with the Red Hat distro is high quality software, the stuff that is produced largely at Red Hat typically has a more polished feel.
No, I don't work for Red Hat and I no, I don't own any stock in them. BUT, I think they are the perfect company to rebutt about everything you said. Now, I know open source as a business model has mostly failed to this point. But some have obviously figured out a trick or two to making it work. I think as time progresses and people do more and more analysis on the ways open source can be used in a business model, open source will only become a bigger and bigger part.
In other words, open source is far from over. You get over it.
Why would a new license change affect previous downloads, particularly those which were covered under the GPL? Maybe there is some obscure provision in the GPL I'm not aware of that allows this, but I always thought the whole point of the GPL was that once something was licensed under it, regardless of future changes, there would always be the version that was licensed under the GPL.
He said it wasn't licensed for commercial use in UK-- which means it is unlikely a company is going to be able to sell a service based on it, not that it lacks range or whatever.
I'm not saying that every crash or whatever is the fault of 3rd-party drivers. I'm saying you're probably just as likely to experience a crash due to a problem in Windows as you are to experience a crash due to a faulty driver of some sort.
This company I buy a lot of commodity equipment from, Computer Surplus Outlet (http://www.computersurplusoutlet.com for the goatse.cx-paranoid), carries 4 or 5 different speeds of the Intel 486 still. The only time I ever bought one was to replace one in an old machine, but I can't imagine you'd have much problem building a new system around one...
The 486 chips are particularly popular in the embedded market because of their small size, low power consumption, low heat emission, and relatively high performance.
I imagine AMD just isn't making enough money on these CPUs (which is amazing because AMD is pretty popular in the embedded market) and therefore want to replace the machines making them with machines that will make the higher-margin Athlon CPUs.
VIA's MediaGX processor is fairly popular in the embedded market... As far as the WinChip, I was under the impression these things were completely gone, but I could be wrong.
IIS is NOT part of the default install for Win2k Pro. Whoever told you that is wrong and if it was installed when you booted the box for the first time, it was because whoever built your box put it there.
Think of the admin that has to test and de-worm a couple hundred or more machines. Then this tool becomes real nice.
It also removes some server mappings (which I believe are just registry entries), so while still nothing super difficult, it means everything is much faster than by hand and that the admin didn't have to spend time writing an app that could do all this himself.
You left out the part that said machines which are not visible to the Internet should just run this program and reboot. And machines which are visible to the Internet should do a complete rebuild.
Many machines that are invisible to the Internet by way of a firewall are visible to other machines on the same network that are visible to the Internet.
So while not completely bullet-proof, the possibility is certainly there that one machine visible to the Internet got infected and spread the infection to other machines on the network which are not visible to the Internet.
Stupid guidelines if you ask me, but certainly not ambiguous to me.
I highly doubt software makers will ever be held liable...
Particularly in the x86 market, there is such an abundance of 3rd party hardware that goes into most systems. This usually means 3rd party drivers. And because these all have to work together, who's to say that it wasn't a bug in Windows that caused that video driver to fail? Or was it a bug in the driver itself? Who is to be held liable here?
I don't think it is such a stretch to say that some software makers could (and maybe should) be held liable for their software. Such as in the case of the over-radiation that caused deaths. Last I checked, I didn't see the IIS bug causing anyone to croak and that last BSOD didn't give me any serious medical problems either. If traditional PC software makers were held liable for their software, the PC software market would simply collapse. And beyond that, the few companies left that could afford the added costs of this liability would be left to charge outrageously high prices for the software that they were able to sell.
So, at first, this maybe sounds like not such a bad idea. But after thinking about it, I'd definitely be against it (for the most part).
Microsoft admitted 3 months ago that they had a bug and promptly released a patch-- at least a month before Code Red ever surfaced. I highly doubt that they had much problem getting this past their lawyers since the original patch would have already been enough to admit the problem existed. I'm sure this was 100% the result of a PR directive.
I really figured this to be a joke and therefore, this guy to be a programmer (or at least mildly familiar with C)...
This deserves a -1,Retard.
I've been using different variants of UNIX for about 10 years and Windows for about 8. And as a competent professional, I know how completely absurd it is to assume that because someone is using Windows, they have no computer savvy.
Think a little bit before you post next time...
I think more of the point is to keep these wonderful Slashdot editors in check... I can't remember ever seeing a story regarding Microsoft that put them in anything but a negative light-- even if it wasn't completely justified, as in this case.
The editors/story posters/whatever are always going to have the ability to put a little hint of MS bashing right there at the top of the page, so there has to be at least one person willing to try and set things straight...
IIRC, it was SP5 that broke the sequencing algorithm because I wanna say I remember them having an update to 5 shortly after called 5a. Regardless, even though 5 broke the sequencing, it did not open up any new holes in Windows. An attacker would have to already have access to the machine in order to exploit the broken sequencing.
I can't say much about Exchange because I don't have tons of experience on it. Only one of our customers insists on using it and even at that, the most I've ever had to do is add a new mail user.
I think the bottom line is that the original post was definitely FUD (although Im not sure how much I buy into the conspiracy theorist mentality of paid MS bashers). I see a difference between a service pack and individual security fixes, and at that, I've never seen a service pack open up any (real) new holes on any Windows box I've ever had to deal with.
IIS is not installed by default on W2K Pro. Therefore, whoever was responsible for installing your workstations is responsible for the fact that they are running IIS when they should not be. Granted, it is not the users' faults but it is no more MS's fault because it was happening on workstations that it shouldnt have been.
I'm not sure exactly what beta stage of IE6 I'm running, but its build 2462.
I only upgraded this Windows machine because VS.NET Beta2 requires it and was pretty weary because I had heard horror stories about earlier IE6 betas. But in use, I've had 0 problems with it-- no crashes, no slowdowns, nothing. I personally like the resize feature but that and the privacy features are about the only visible changes.
And btw, I don't know how far back you've been using Mozilla, but if you've never had Mozilla bring down your whole system, I applaud you. Granted I haven't seen one since 0.9 was released but I had more than one during the 0.8 series.
Bupkis.
99.9% of security issues comes from companies that don't believe they are at risk. There are those running unpatched linux boxes at home. But compare that number to the number of companies with admins who either dont know any better or just don't care and it pales in comparison.
If you think the AUPs are that strict for any other reason than marketing, then you don't know corporate america well enough.
Netscape 3 was so fast because it ignored half of the HTML on the page.
</sarcasm>
The main advantage I'd give to Moz 0.9.3 is that it finally seems faster to me than 4.7. I think it still takes a few more seconds to startup, but once started, it is just as fast if not faster than 4.7. Beyond that, it actually renders correctly and (mostly) according to standards. Try bestowing that distinction upon 4.x.
And if you think IE still sucks as bad as it used to (pre-3.0 days), I certainly wonder what you're actually trying it out on. I've used IE extensively for the past couple years and I can't stop laughing at your assumption that it is still as bad. IMHO, IE 5 is the fastest, most feature complete browser available for any operating system. Maybe one day I'll be able to say this about Mozilla instead (and I hope I do!), but I certainly know that I won't ever say that about Netscape 4.x.