25 million downloads, right? That's a sizable chunk for any malware vendor, or aspiring intruder, to infiltrate.
I don't know about everybody else, but I downloaded Firefox 5 times since version 1.0 was released on this PC alone. The reasons were:
1.0 (upgrade from 1.0 preview releases)
1.0.1 (security update)
1.0.2 (security update)
1.0.3 (security update)
1.0.4 (security update)
as well as another 5 times each on two other peoples PCs. So, 25 million downloads could be 5 million people downloading 1.0, then running the security updater to download and install each new version as it came out.
P.S./.'s new "To confirm you're not a script" thing seems to have some problems.
I have used Mozilla for over a year now and have been VERY satisfied with the release schedule especially as it comes to security releases. I get alerted with the little icon, I press icon, I download update, restart Mozilla, done. When it comes to security updates I do not want to see the release hampered because the distros haven't built it yet because quite frankly most of the exploits out there are for Windows anyway. No, I will not be transitioning to Linux anytime soon but I do support it where I can:).
It isn't quite so easy when you're running as a non-Administrator (Limited) account. Firefox still allows you to click the little icon, but the installation will fail spectacularly.
The Mozilla team may not have a responsibility to AOL anymore, but lest you forget... AOL donated a lot of money and time to the Mozilla project over the years.
Why do we even have to have Java be part of the equation when there are other *free* platform independent languages out there, such as python.
Simple: Java already has a large install base on desktop systems. While your average server system has things like python installed, how many desktop systems do?
Now, compare that to the number of desktop systems that don't have Python on them (hint: you have to include Windows systems).
It is with some sadness that I've had to resign from LinuxWorld Magazine. Over the past nearly two years I've worked with a group of people with whom I've developed a great rapport and friendship. We were unpaid editors but we devoted a lot of time and energy to it nonetheless. It was a great experience for me and I look forward to other opportunities as they arise.
I may edit this post in the future and add more details.
After SuSE's purchase by Novell, it's been generally reported that people are leaving SuSE and anectdotally moving to Debian.
From what I've heard, large corporations are now picking up SuSE, because it is now Novell backed. In addition to two SuSE branded products (one each of client and server), there's also Novell Linux Desktop and Open Enterprise Server (basically Netware and SuSE Linux Enterprise Server).
Debian can drop almost 50% in one year? That's too many points in one year to be accepted as is. Being on the Debian mailing list I find very few mentions of people dropping or moving.
Every person I've talked to that formerly used Debian on their Desktop systems, now uses Ubuntu instead. They still use Debian for servers, though.
But will Linux be any safer with Joe Average User running it?
Linux users don't have Administrative access to a machine like all users do by default in Windows XP. Heck, if half the non-MS applications didn't suddenly stop working correctly when you try to run them as a Limited User in Windows, you could actually run Windows as a non-Admin user, making Windows more secure!
Granted, there's still problems with things like RPC in Windows...
2. mod_perl has problems with named subroutines. Put them in a module instead. Since your application will most likely have multiple perl scripts, put all your commonly used subroutines in a single module.
3. Preload the module you created, and any others you plan to use. This puts them in the Apache Shared Memory pool, which is accessable by all Apache children. I tend to do this using a PerlRequire/path/to/startup.pl and having it load every module I plan to use. Mine looks something like the following:
use lib '/path/to/custom/modules'; use File::Spec (); # Cross platform directory name building use Carp (); use CGI::Carp (); use CGI qw(-compile:cgi:form); # Compile CGI and Form commands instead of Autoloading use Apache::Session (); use Template (); use DBI (); DBI->install_driver('mysql'); # mysql is an example, works with any DBD:: module. use MyModule (); # Custom Module 1;
4. You can also preload perl scripts. However, you shouldn't do this until after you finish testing your scripts and put them into a production environment, as Apache would have to be restarted to see new versions of them.
He then proposes a secure ID system. Gee. Maybe if every connection to the network had a unique 32-bit number that could be traced somehow? Maybe there could be a world-wide database connecting names and administrative information to these numbers? If only that were possible. Thanks, Bob.
Just to be on the safe side, I think we should upgrade this to a 40-bit number after 20 or so years.
For instance, RunAs with Explorer is a really handy entry. For those of you who don't want to go read it, I'll summarize: Log in as your Administrator user (you can get the text login in XP by pressing Ctrl-Alt-Del twice at the Welcome screen), go to Control Panel, Folder Options, and click "Launch folder windows in a separate process". Now you can use the command line
(replacing ComputerName with the actual computer name) to launch explorer with superuser privileges.
Most icons in the control panel have their Run As... menu options show up if you hold down Shift while right-clicking them. Unfortunately, Printers and Faxes is one of the exceptions, so you have to use RunAs with Explorer, as outlined above, to modify them.
Actually, the technology in question is a variation on the standard MIDI made by Yamaha for their pianos (and high-end keyboards). The difference is that normally MIDI can only tell the note, duration, and voice. This format, however, can also tell key velocity.
That's incorrect. Velocity is sent as part of a Note On event in General MIDI 1.
No dependencies (except a few possible dll's, which can be included with the application)
I take it that you don't remember when the mfc42.dll included with Microsoft Visual C++ broke all sorts of programs, including ones that Microsoft wrote.
I still don't know why Microsoft decided to stop incrementing the number in the filename after Visual C++ 4.2 came out. If they were going to use the same filename for the DLL, they should have just renamed it to mfc.dll.
I haven't seen this mentioned in any of the comments I've read so far, but changing the TTL on your server will not have any immediate effect on other companies servers.
In fact, servers that are obeying TTL won't see the new record until the old record's TTL expires.
The querent doesn't say whether or not there was any wait for the old TTL to expire. They don't even mention what the old TTL was!
Any protection rm has, you're already circumventing with the -f option.
-f Do not prompt for confirmation. Do not write diagnostic messages or modify the exit status in the case of nonexistent operands. Any previous occurrences of the -i option shall be ignored.
My reaction? It's about time! This will help far more than any "Trusted Computing" initiative will.
Now before I continue, I'll comment that my workstation/gamestation is a Windows XP SP2 machine. My web services machine is a Debian Linux machine.
I have two accounts on my XP machine: One Administrator and one Limited User. I use the Limited User Account on a day to day basis for my classwork, Applications, and Games. I use the Administrator account to install new programs and program updates.
The biggest problem with a LUA policy on a Windows system is... Application manufacturers. Programs tend to be written with the impression that the program directory and HKEY_LOCAL_MACHINE part of the registry is always writable. Unfortunately, this is undoubtably because Windows 9x didn't have the concept of file or registry permissions.
On XP, by default, Limited Users can only write to their Profile directory on C:, and can only write to the HKEY_CURRENT_USER part of the registry. These are where user specific files and settings belong! The %USERPROFILE% and %APPDATA% environment variables are even set up for them! There's even an %OS% environment variable that tells the installer that this is a Windows NT system (It's set to Windows_NT).
The most recent offender for ignoring these restrictions, that I've installed, is World of Warcraft. Since it was written in 2004, its installer is aware of accounts and account types, and gave me an error that I needed to install it as an Administrator.
That's all well and good, but it still tries to write files to %ProgramFiles%\World of Warcraft\WTF\Account\[USERNAME]\ heirarchy every time it runs. While the game seems to work even if it can't write its files, you also can't save any settings changes.
DirectX being so vastly closed, and having dragged the hadrware market with it, has caused fundamental flaws in 3D/SDL in Linux.
There is an alternative to Direct3D. It's called OpenGL.
Both ATI and nVidia are voting members of the OpenGL Architecture Review Board, which writes the OpenGL standard.
The problem is, OpenGL sat there at version 1.x for several years longer than it should have. OpenGL 2.0 introduced Shader support in 2004. Direct3D introduced it in 2001. Had this been the other way around, OpenGL would most likely be the market leader and we wouldn't have this problem.
The EU might just declare that MS is not entitled to be paid for copies of WIndows - and it becomes available for free download from an EU site - that would give MS a shock!
Or more fun still, you can buy it for EUR5 from the EU government's bailiffs until such time as the revenues equal MS' unpaid fine.
...breaking all kind of copyright treaties, such as the WIPO Copyright Treaty, in the process. Since EU members are signatories to several such treaties, it would not be in their interests to break them. The effect would be the loss of copyright protection in signatory countries... which are the only ones that they're protected in anyway.
You represent and warrant that (a) all of the information provided by You to Google to enroll in the Program is correct and current; (b) You are the owner of each Site or that You are legally authorized to act on behalf of the owner of such Site(s) for the purposes of this Agreement and the Program; and (c) You have all necessary right, power and authority to enter into this Agreement and to perform the acts required of You hereunder.
No Google ad may be placed on pages published specifically for the purpose of showing ads, whether or not the page content is relevant.
Avoid hidden text or hidden links.
Do not participate in link schemes designed to increase your site's ranking or PageRank. In particular, avoid links to web spammers or "bad neighborhoods" on the web as your website may be affected adversely by those links.
I don't know whether the Google AdSense ads are Wordpress's or not. However, if not, it is clear that someone at Wordpress posted them on behalf of Hot Nacho, making them an accomplice.
I don't know about everybody else, but I downloaded Firefox 5 times since version 1.0 was released on this PC alone. The reasons were:
- 1.0 (upgrade from 1.0 preview releases)
- 1.0.1 (security update)
- 1.0.2 (security update)
- 1.0.3 (security update)
- 1.0.4 (security update)
as well as another 5 times each on two other peoples PCs. So, 25 million downloads could be 5 million people downloading 1.0, then running the security updater to download and install each new version as it came out.P.S. /.'s new "To confirm you're not a script" thing seems to have some problems.
I thought anti-aliasing was a good thing! ;)
It isn't quite so easy when you're running as a non-Administrator (Limited) account. Firefox still allows you to click the little icon, but the installation will fail spectacularly.
The Mozilla team may not have a responsibility to AOL anymore, but lest you forget... AOL donated a lot of money and time to the Mozilla project over the years.
Although, on the proprietary front, I've heard, IBM's JVMs and Java SDKs outperform Sun's.
Simple: Java already has a large install base on desktop systems. While your average server system has things like python installed, how many desktop systems do?
Now, compare that to the number of desktop systems that don't have Python on them (hint: you have to include Windows systems).
It is with some sadness that I've had to resign from LinuxWorld Magazine. Over the past nearly two years I've worked with a group of people with whom I've developed a great rapport and friendship. We were unpaid editors but we devoted a lot of time and energy to it nonetheless. It was a great experience for me and I look forward to other opportunities as they arise.
I may edit this post in the future and add more details.
From what I've heard, large corporations are now picking up SuSE, because it is now Novell backed. In addition to two SuSE branded products (one each of client and server), there's also Novell Linux Desktop and Open Enterprise Server (basically Netware and SuSE Linux Enterprise Server).
Debian can drop almost 50% in one year? That's too many points in one year to be accepted as is. Being on the Debian mailing list I find very few mentions of people dropping or moving.
Every person I've talked to that formerly used Debian on their Desktop systems, now uses Ubuntu instead. They still use Debian for servers, though.
Linux users don't have Administrative access to a machine like all users do by default in Windows XP. Heck, if half the non-MS applications didn't suddenly stop working correctly when you try to run them as a Limited User in Windows, you could actually run Windows as a non-Admin user, making Windows more secure!
Granted, there's still problems with things like RPC in Windows...
P.S. Microsoft already tried to replace it with VBScript.
1. They have to be in a specific directory. A sample setup is
2. mod_perl has problems with named subroutines. Put them in a module instead. Since your application will most likely have multiple perl scripts, put all your commonly used subroutines in a single module.
3. Preload the module you created, and any others you plan to use. This puts them in the Apache Shared Memory pool, which is accessable by all Apache children. I tend to do this using a PerlRequire /path/to/startup.pl and having it load every module I plan to use. Mine looks something like the following:
4. You can also preload perl scripts. However, you shouldn't do this until after you finish testing your scripts and put them into a production environment, as Apache would have to be restarted to see new versions of them.
Just to be on the safe side, I think we should upgrade this to a 40-bit number after 20 or so years.
For instance, RunAs with Explorer is a really handy entry. For those of you who don't want to go read it, I'll summarize: Log in as your Administrator user (you can get the text login in XP by pressing Ctrl-Alt-Del twice at the Welcome screen), go to Control Panel, Folder Options, and click "Launch folder windows in a separate process". Now you can use the command line
(replacing ComputerName with the actual computer name) to launch explorer with superuser privileges.Most icons in the control panel have their Run As... menu options show up if you hold down Shift while right-clicking them. Unfortunately, Printers and Faxes is one of the exceptions, so you have to use RunAs with Explorer, as outlined above, to modify them.
That's incorrect. Velocity is sent as part of a Note On event in General MIDI 1.
Yes, 31200bps really is limiting. Or rather, it would be if there wasn't MIDI over USB (PDF) and MIDI over IEEE-1394 (Firewire) (PDF).
This process is called erosion. :)
Visual C++ 6.0 was the version that broke mfc42.dll.
I take it that you don't remember when the mfc42.dll included with Microsoft Visual C++ broke all sorts of programs, including ones that Microsoft wrote.
I still don't know why Microsoft decided to stop incrementing the number in the filename after Visual C++ 4.2 came out. If they were going to use the same filename for the DLL, they should have just renamed it to mfc.dll.
In fact, servers that are obeying TTL won't see the new record until the old record's TTL expires.
The querent doesn't say whether or not there was any wait for the old TTL to expire. They don't even mention what the old TTL was!
Your ISP/upstream provider can terminate your Internet connection because your machine is spewing out viruses, worms, and/or spam.
My reaction? It's about time! This will help far more than any "Trusted Computing" initiative will.
Now before I continue, I'll comment that my workstation/gamestation is a Windows XP SP2 machine. My web services machine is a Debian Linux machine.
I have two accounts on my XP machine: One Administrator and one Limited User. I use the Limited User Account on a day to day basis for my classwork, Applications, and Games. I use the Administrator account to install new programs and program updates.
The biggest problem with a LUA policy on a Windows system is... Application manufacturers. Programs tend to be written with the impression that the program directory and HKEY_LOCAL_MACHINE part of the registry is always writable. Unfortunately, this is undoubtably because Windows 9x didn't have the concept of file or registry permissions.
On XP, by default, Limited Users can only write to their Profile directory on C:, and can only write to the HKEY_CURRENT_USER part of the registry. These are where user specific files and settings belong! The %USERPROFILE% and %APPDATA% environment variables are even set up for them! There's even an %OS% environment variable that tells the installer that this is a Windows NT system (It's set to Windows_NT).
The most recent offender for ignoring these restrictions, that I've installed, is World of Warcraft. Since it was written in 2004, its installer is aware of accounts and account types, and gave me an error that I needed to install it as an Administrator. That's all well and good, but it still tries to write files to %ProgramFiles%\World of Warcraft\WTF\Account\[USERNAME]\ heirarchy every time it runs. While the game seems to work even if it can't write its files, you also can't save any settings changes.
There is an alternative to Direct3D. It's called OpenGL.
Both ATI and nVidia are voting members of the OpenGL Architecture Review Board, which writes the OpenGL standard.
The problem is, OpenGL sat there at version 1.x for several years longer than it should have. OpenGL 2.0 introduced Shader support in 2004. Direct3D introduced it in 2001. Had this been the other way around, OpenGL would most likely be the market leader and we wouldn't have this problem.
Or more fun still, you can buy it for EUR5 from the EU government's bailiffs until such time as the revenues equal MS' unpaid fine.
In addition to what has already been posted, there's also this and this. Now, here's a cached copy of http://wordpress.org/articles/health-care--mesothe lioma-law-info.htm
I don't know whether the Google AdSense ads are Wordpress's or not. However, if not, it is clear that someone at Wordpress posted them on behalf of Hot Nacho, making them an accomplice.