Slashdot Mirror


User: aristotle-dude

aristotle-dude's activity in the archive.

Stories
0
Comments
3,438
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 3,438

  1. Land of freedom and choice? on Napster Canada Launched · · Score: 1
    Great, I have a choice between WMA, WMA or WMA. Oh joy and I have to be running windows to use the service. I don't even have an X86 PC. Back to P2p?

    What is the hold up with iTMS? Is the industry in Canada deliberately favoring WMA based services and locking out iTMS? It would seem so.

  2. Re:Eureka! Endorsements! on Kill Bill, IBM vs Microsoft · · Score: 1, Flamebait
    What's the problem? Realplayer is included with a lot of distros. Are you one of those GNU/RMS followers? Do you have a problem with all proprietary software? Do you make a living writing proprietary software? If the last statement is true, you would be a hypocrite for advocating against use of any proporietary software.

  3. Re:This is a Launch Services exploit on Yet Another Mac OS X Protocol Handler Exploit · · Score: 1
    I realize that but Launch services is not the issue but rather how those other file location urls are handled. Providing a user validation dialogue will prevent a meta refresh exploit.

    Destroying the registration feature is not the answer.

  4. Re:This is a Launch Services exploit on Yet Another Mac OS X Protocol Handler Exploit · · Score: 4, Interesting
    This is not a launch services exploit. Get your facts straight. It is an exploit that uses the disk protocol in conjunction with the Launch services "Registering Applications" feature. Application registration is a feature that I do not want to see disappear.

    I would like to Apple to add a mandatory confirmation dialogue with warnings about possible security risks from mounting images from untrusted sources on any attempt to mount a disk image from the internet.

    This would give the user ample warning and a chance to prevent the exploit.

    Another alternative would be to do the above and include the option in the security prefs pane to enable/disable mounting of internet disk images.

  5. Re:Some notes on Origins of Mac OS X's runscript Security Hole · · Score: 1
    I would rather put up up with the chance of having an exploit use this rather than putting up with complicated install routines and a central registry.

    There is no way to exploit this if you disable auto-mounting of disk images on download and the disk:/disks: protocols by with the default apps prefs pane.

    If Apple does release a patch to deal with this, I hope it only performs a check to see if the disk/disks protocols are called from the internet and provides a warning/confirmation dialog as the user if he/she wishes to mount the dmg.

    Safari should also have open downloaded files on download switch off by default.

  6. Re:Some notes on Origins of Mac OS X's runscript Security Hole · · Score: 1
    Umm... are you sure that all it needs is to exist on a mounted volume? Don't you have to execute the app in order to register the URL type with Launch Services?

    Is having the URL type in an info.plist enough?

    You can disable the disk: and disks: url handlers with the Default Apps prefs pane. I don't want to post a link to slashdot though. Use Google.

    I don't want Apple to disable the ability for apps to create their own protocols just because some malware some stupid user downloads might make use of it.

    There will always be some way for malware to get on a stupid user's machine.

  7. Re:Panther Defrag on Measuring Fragmentation in HFS+ · · Score: 2, Informative

    Have you heard of kernel extensions aka kernel modules? Drivers on OSX end with a .kext which denotes a kernel extension.

  8. Re:HFS+ defrag source on Measuring Fragmentation in HFS+ · · Score: 1

    Umm. No, I believe you and the parent are both wrong. Defrag on the fly occurs when files are written to the disk, not during write operations. Fragmentation would slow down both read and write operations. I could be wrong though concerning my first point. :)

  9. Re:and laptop makers would go for it because? on nVidia Announces MXM for Notebooks · · Score: 1
    Ok, who in their right mind would consider a laptop a heavy gaming platform?

    Laptops are for students and business travellers to do work on.

  10. Re:Missed opportunity? on nVidia Announces MXM for Notebooks · · Score: 0, Flamebait
    Imagine the possibilities for meltdown when the stupid geek puts in too many running hot components into a confined space.

    Fried laptop anyone?

  11. Re:Nope, but... on nVidia Announces MXM for Notebooks · · Score: 1
    Oh man, you have way too much time on your hands.

    People buy laptops from name brand companies because they want extended warranties and service in case they break and they don't want them to break down on the road.

    If you are a business man on the road, you want a laptop that you can count on and will easily work with any LCD projector. Time is money in the business world.

  12. Re:Prior art? Easy... on Apple Files Patent for Translucent Windows · · Score: 1

    Ok, who bought NeXT again? It was Apple. Afterstep is based on what GUI? NeXTStep perhaps? Come on /. reader where is your long term memory?

  13. Re:Vitrite -- Thank you for mentioning it on Apple Files Patent for Translucent Windows · · Score: 1

    They bought NeXT?

  14. Re:Prior art? Easy... on Apple Files Patent for Translucent Windows · · Score: 1
    Ok, what company did Apple buy out before MS brought out Windows 2000? It started with and "N". Apple owns the company that developed:

    -Translucent windows

    -The Dock

    and a compositing engine based on postscript.

    NeXT was that company.

  15. Re:Actually... on Mac Trojan Horse Disguised as Word 2004 · · Score: 1
    Again, this only applies to signed executables and prevents someone from trying to spoof one.

    The default windows install does not prevent running of unsigned executables. It is highly unlikely that a trojan would be signed. :)

  16. Re:Actually... on Mac Trojan Horse Disguised as Word 2004 · · Score: 2
    Sorry but no, there is no such mechanism in windows that would prevent this type of trojan. This signature mechanism will only protect you from someone altering the executable and trying to spoof with a valid MS signature. Nothing prevents windows from running unsigned executables.

    I'm a developer on Win32 btw and use Visual Studio tools. All that signing does is prevent someone from altering an executable that has been signed.

  17. Re:Actually... on Mac Trojan Horse Disguised as Word 2004 · · Score: 1
    Umm. No, this "feature" only applies to some internet plugins, not regular apps on windows.

    You must be confused between apps and signed "drivers".

  18. Re:Windows on Mac Trojan Horse Disguised as Word 2004 · · Score: 4, Informative

    I know this is meant to be a joke but this would happen on any platform with a stupid user at the helm. This is nothing like the proof of concept Trojan. It is a classic trojan (malware program claiming to be some useful program). Fortunately, the OSX security model prevented the damage from spreading outside of the home folder. An admin account (default on Home and Pro XP) would have the ability to totally destroy a system whereas Admin accounts on OS X are not root accounts.

  19. Re:Good for them... on Apple Wins iTunes Interface Patent · · Score: 4, Informative
    This is an urban myth. Apple actually paid money to Xerox for access to their GUI lab and they hired away a guy from Xerox.

    You must be thinking of MS which did not pay Xerox anything and ripped off Apple.

  20. Cracking the Fairplay DRM hurts everyone. on FairPlay v2 Reversed, Playfair Back Online · · Score: 1
    If this continues, the Record labels may end up demanding even greater restrictions on Fairplay.

    Don't like the current terms? Don't buy off the iTMS. Nobody is holding a gun to your head.

    I hear some people say they want to play iTMS songs on their linux box. There is a simple way to do with, burn them onto a CD with your mac or windows box.

    The guys writing Playfair are obviously amoralists. Please go away and get some help with your sociopathic issues.

  21. Re:looks like its time. on FairPlay v2 Reversed, Playfair Back Online · · Score: 3, Insightful
    Fairplay does not deny your right to fair use. You are free to burn a copy to disk just as you are free to photocopy portions of a book under fair use or tape record from the radio.

    Fair use does not gurantee you to the right to a perfect copy.

  22. Re:Place your bets, gentlemen! on European Space Shuttle Prototype Lands Safely In Sweden · · Score: 1

    3. Flying cars already exist http://www.moller.com/ Haven't you ordered yours yet? :-)

  23. Re:Home use only on Excel Clone for Linux Now in Beta · · Score: 1
    Sorry but what is Essbase and Peoplesoft. Not everyone in business use these plugins. They use the best tool for the job.

    Plugins sound like a hack to me. I don't want Excel to try to do everything.

  24. Re:Security through obscurity ? on Apple Uncommunicative About Security Holes · · Score: 1
    I don't think you know what security through obscurity means.

    In this case, they are notified of the issue and quickly issue a patch. They only delay disclosure until a fix is found and release.

    Real security through obscurity would be relying on obscurity to shield against vulnerabilities without making an attempt to find and release a patch for it in a timely manner.

  25. Re:Keeping quiet makes perfect sense to me! on Apple Uncommunicative About Security Holes · · Score: 2, Funny

    1. Paranoia is not healthy. 2. We are talking about home user's here, not ./ readers. 3. Exposing vulnerabilities only helps out the script kiddies and virus/trojan writers. They can write and release an exploit long before a patch comes out.