We examined all internet related folders and files before October 19, 2004, during October 19, 2004 and after October 19, 2004. Most significantly, we noted freeze.com, screensaver.com, eharmony.com and zedo.com were being accessed regularly.
Sounds like the regular classroom teacher had a lot of time on her hands to go surfing around.
Stallman, however, indicated that the ban does not apply to products meant to be used primarily in business environments.
This is an interesting quote. It appears I'm going to have to research the GPL v3 a little bit further.
Aside from that - I don't see much REAL news here. Tivo basically has stated that they are riding on the backs of open source developers, haven't done much of anything in return, and now that those developers have an easy option of migrating to a license that protects their work from the likes of Tivo they have to spend some time thinking about how exactly to move forward.
Tivo certainly could migrate to foundational software with BSD style licenses, but it will take some time rebuilding everything and re-testing. They can also migrate to proprietary licensed software as a foundation. Further, they have the alternative of re-structuring their DRM protection. They could also spend time, money, and energy lobbying needed GPL projects for alternative licensing.
They are not without options, and given the fact that their "innovation" has made zero contributions back to the group of developers that formed the foundation of their business, and given the fact that they prefer to strip rights from consumers(DRM), developers(licenses), and other innovators(patents) I don't see why they gain much sympathy at all.
If you don't like GPL3, don't develop under it. FSF and the GPL are designed to foster the OSS community. If you want to provide your users with more freedom, provide an alternative license, use an alternative license, or write your own license. If you don't like GPL3 from an end user perspective, don't use GPL3 software, lobby for alternative licensing, or promote alternative projects that don't make use of the GPL.
At the moment, the powers that be enjoy a great deal of control over what information the masses in a given geographic region have access to. Certainly, you can go on the internet and check out whatever third-tier media outlet has to say, but the majority of people in even the most high tech regions get their information from broadcast television or broadcast radio.
In the States, we pull our information primarily from one of four major networks. Imagine how much more difficult it would be to manage propoganda campaigns if our sources shifted to 1000 different media outlets sourced globally. While slingbox place-shifting is really a personal solution the concept has major ramifications if it is taken to the next level.
I imagine the litigation/lobbying will get to a point where we are allowed to place shift away from our home, but rebroadcasting to mass markets will be taken off the table completely with the decision. It gives the citizenry the impression that somebody fought for our own rights, maintains the revenue stream for the existing entertainment companies, and focuses our information gathering capabilities on a small amount of reasonably controllable resources.
I know that I sound like Captain Conspiracy right now, but this road of "copyright protection" that we have been going down for I don't know how long always seems to end up protecting the rights and revenue streams of a small group of very wealthy people while trampling on innovation, education, and communication. It's rare that the big picture ever takes precedence these days. Capitalism is all about rewarding citizens for hard work and innovation, not protecting wealth by preventing changes to the status quo.
After seeing this list, I picked an item and decided to try Digging it to see what the response would be.
Not a single Digg since I submitted it nearly 3 hours ago. The story submitted just after it has received 7 Diggs, just prior to it 5 Diggs. Granted, the political section of Digg isn't highly trafficed, but the majority that do traffic it in my experience either lean pretty hard left or are Ron Paul supporters.
Maybe the editors at large were accurate in their assessment that the stories are not of general interest to the community.
Yes, the list itself is on the whole pretty liberal - but reviewing the list it looks like these are all articles that people should be very concerned about. Perhaps it is because the issues generally are fairly complex - i.e. you can't really truly understand the stories with a quick blurb.
The story that I submitted was in regards to the Office of Special Counsel being investigated for Political Corruption (not unlike the US Attorney Scandal) and for not actually defending any whistleblowers which is one of the primary functions of the Office.
Agreed. Another point to be made is that many enterprise applications use the database layer as a storage mechanism and either don't optimize for the database platform or don't take full advantage of optimization capabilities on individual platforms.
When it comes down to it, most enterprise apps would not see a significant performance shift in either direction based on platform and in those situations it is better to go with the database vendor with which your staff has the most experience. Enterprise applications rarely support MySQL or even Postgres except via slow ODBC connectivity.
For those applications that do maintain extraordinarily large data sets and see very high traffic levels there is still the factor of familiarity and experience to deal with. For a cost differential adding up to 100s of thousands of dollars in those scenarios it is unwise to not to at least take a look at open source platforms.
I could go into which platform I prefer in different scenarios but it's really not a very black and white thing. From a CIO perspective the best thing that you can do is to push software vendors to support open source DB platforms out of the box.
So a few years ago, I bought a BMW 530. My wife took it to the mall for the first time with my daughter who was about 6 months old. Upon returning to the car, she put my daughter in her car seat, and in doing so tossed the keys into the driver seat. She closed the door, walked around, and lo and behold, the BMW had locked itself up before she got to the drivers door.
The AAA locksmith shows up some time later, my daughter stuck inside a VERY hot automobile. They have no idea how to get in. So they used one of those airbag things to split open the driver door to stick a coat hanger or something inside the car to get it unlocked.
I have to call the dealership and ask where the unlock button is.
After I find out where it is and relay that to my now very panicked wife who fills in the locksmith, we come to find out that the car has detected a break-in and disabled the unlock button.
All the while we are yelling at them to just take a hammer to the window to break in. Apparently the damn car has some sort of unbreakable glass.
I finally get through to BMW's version of on-star and guess what - they can't unlock the car via satelite. As it turns out, the only thing BMW on-star is good for is asking for driving directions (there's a GPS in the car) and reserving movie tickets.
In the end, after consulting with the dealer again, I have to tell the now on-scene fire department that they CAN break the glass on the short split section of the passenger side rear window - apparently a feature designed just for these situations. Of course, that's exactly where my daughter is sitting, but thank goodness we had window shades that were drawn up.
So my wife brings my 1 day old car home that I haven't driven yet and it takes 6 weeks to get a new window. Of course, when the 6 weeks comes up and I discover they haven't ordered the window yet, they are all of a sudden in abundance and it only takes 24 hours.
So... pointless/counter-productive/bizarre features? 1) auto-locking doors 2) overly extravagent security 3) satellite communications link for directions in a car with a GPS 4) a window designed to be broken
Of course I haven't even mentioned 5) voice command (more distracting than buttons) 6) GPS Volume button is the radio button. You have to adjust the volume WHILE the GPS lady is giving you directions. 7) A radio that mysteriously reboots. 8) An integrated car management system that disables radio, air conditioning, and navigation when it doesn't boot properly. 9) A flat tire sensor that has presented at least a dozen false alarms and has never actually detected a flat tire.
Actually GPL v2 gives the licensee the option of using the current GPL license or any future version of the GPL license if I'm not mistaken. I've seen several instances where that line was stripped from the license text - but it's there by default.
I haven't run into a company yet that is standardized on a Eudora mail client, nor one that would send official e-mail through an ISP.
You should plan on a response from them shortly and a visit to Atlanta to be present in court.
No legal department would put their stamp of approval on such a statement - especially preceded by
Your Blog, which we have copied, has been turned over to our lawyers.
And the last part -
I am not allowed to make any further statement regarding this matter at this time.
implies that this message has been reviewed and approved.
They fail to mention the actual offending page, the offending text on the offending page, nor the action they would like to see taken. The message is a vague and baseless and includes a threat of legal action which in and of itself is illegal if there is no intent to pursue legal action.
If this email were legitimate - it implies that there is no IT department (no IT department issues computers with systemnames like "NewLaptop", no legal department, no internal email servers, and no direct connectivity to the internet from within the business (if they had, the e-mail would not have come through a dialup account). That's doubtful, since they actually broadcast shows over the web.
Further, the e-mail also implies that there is no way to verify the authenticity of the message AND leaves no contact information for clarification of the message. There is also no signature or even a name of the individual that sent the message.
The original email message is posted here. The message headers are as follows:
X-Originating-IP: [209.86.89.64] Return-Path: Received: from 209.86.89.64 (EHLO elasmtp-curtail.atl.sa.earthlink.net)
(209.86.89.64) by mta103.mail.re3.yahoo.com with SMTP; Mon, 14 May 2007 05:09:00 -0700 Received: from [65.37.133.42] (helo=NewLaptop.eathlink.net) by elasmtp-curtail.atl.sa.earthlink.net with asmtp (TLSv1:AES256-SHA:256) (Exim 4.34) id 1HnZMJ-0001Gv-Hd for xxxxxxxxxxx@yahoo.ca; Mon, 14 May 2007 08:08:59 -0400 Message-Id: X-Mailer: QUALCOMM Windows Eudora Version 7.0.1.0 Date: Mon, 14 May 2007 08:08:58 -0400 From: "Jazz Colors"
The Text of the message:
Your Blog, which we have copied, has been turned over to our lawyers. You should plan on a response from them shortly and a visit to Atlanta to be present in court. I am not allowed to make any further statement regarding this matter at this time.
This doesn't look like a legitimate email to me in the least - from the earthlink origination to the cheesy wording of the message. Sounds like Slashdot has either been blog-spammed, or this guy is another chicken little.
"IIS 6 hasn't had a public remotely exploitable bug in it. Ever."
I laughed. From there...
First guy responded with - "don't laugh. It's true. And don't go telling me about the public remotely exploitable bug that everyone knows about since that doesn't count"
I responded with a link to a google search containing 695,000 results for IIS 6 exploits
Second guy responded with - "The fact remains, IIS 6 has never had a remotely exploitable hole." - even though I had already plainly shown plenty
I responded again - showing that guy #2 was obviously a MS zealout of some sort, and also feeling that there was already plenty of information in the thread about IIS 6 exploits
Third guy responds with "You suck. And don't go looking to see if I'm an astroturfer. I'm anonymous." and "why not actually link to an IIS6 exploit meeting the stated criteria"
Fourth guy jumps in "Answer his question"
Then I again follow up by spelling out a long public remote IIS exploit, since 695,000 results just isn't enough.
And here you jump in saying "that exploit isn't an exploit" when it plainly is
I stand by my laughter at the statement:
"IIS 6 hasn't had a public remotely exploitable bug in it. Ever."
If you don't think it's funny, fine. If you want to use IIS, fine. Do it at your own risk.
IIS 5 was so insecure that you could actually execute code on the host machine by simply accessing a URL - leaving the machine vulnerable even if you were just serving up static HTML files.
IIS 6 is so secure that an end user has to upload a file to execute code on the host machine, or they could just send a webDAV request and effectively remove the machine from service. If you call that secure, fine. You and I obviously have differing opinions.
Yes, IIS 6 is better than IIS 5. To purport that it is a SECURE platform that has never been exploited is just plain false.
Amit Klein has reported a vulnerability in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to the WebDAV XML Message Handler not limiting the number of attributes that can be specified in an XML element. This can be exploited through Internet Information Services by sending a specially crafted WebDAV PROPFIND request.
Successful exploitation causes the WebDAV XML Message Handler to consume all CPU resources for a period of time.
1) It's a remote request 2) It's public 3) It's an exploit ================= But then again, you'd know about that if you followed my first link.
There's a reason that companies like JS Wurzler charge a 15% premium to IIS users.
Count me among the webmasters who abandoned IIS long before the Code Red virus came along. If you want to keep treading in those waters blindly believing that IIS is the most secure web platform feel free. Even Gartner has recommended against using IIS. Yeah, that was before version 6 came out, but really - if things went so far that Gartner actually issued a recommendation do you think it's a smart thing to start using it again as soon as a version upgrade is released?
You can play games all you want with words - "we don't have any <insert restrictive adjective here> exploits" the fact is that IIS has historically been and always will be a security nightmare.
It took Microsoft what - 10 years - to actually prioritize security measures in their web server? And you think they got it right the first time?
ODF is unnecessarily complex and not very useful at all as it currently stands. Most of the people here are willing to accept a MS conspiracy theory. If anything, MS should want ODF to become a frozen standard so that they could
a) develop compatibility to the standard. b) develop MS-only standard enhancements/extensions. c) Argue against ODF adoption in government because of deficiencies frozen into the standard. d) Release an upgrade to office that contains document formatting features not available within the ODF standard.
Agreed. I recently discovered while googling that a family member had at the top of the search results a particularly negative one. For myself, since I've been online and active for quite some time, I found that my results were all positive - and in fact that I controlled most of the results - either from my own web properties or because they were contributions I had made to various forums, newsgroups, or other online communities.
I made a decision a while back that it wasn't possible for me to maintain any real semblence of anonymity online, so I might as well be forthcoming with my name. Certainly there are drawbacks, but controlling my own online reputation is a positive side effect.
I don't disagree with you, but allow me to play devil's advocate.
The constitutional ban on warrantless searches was intended to prevent unwarranted intrusions, which were common in early America. The intrusion of a wiretap does not exhibit the same kind of personal violation that the constitution was intended to prevent - the citizen is not inconvenienced, and the possibility of manufactured evidence is removed. If a person is innocent, they would have nothing to worry about.
The wiretap itself does violate the constitution because the search does not happen on the personal effects of the citizen, but on the property of a cooperative third party.
National Security requires this power.
Now, you and I can see the transparency of these arguments, as can most of the slashdot community. We can also see how scary the world can be if these arguments would be considered legitimate.
The problem is that these arguments are exactly why FISA exists in the first place.
You can spend all your time worrying about the entities that want to do harm to our country - be they terrorists, foreign spies, or some other relentlessly propogandized evil entity. Or you can spend your time solidifying the foundation that makes our country great. People don't need to give up rights to be secure. Their rights are what makes them secure.
A populous that enjoys a sense of freedom not available anywhere else in the world will defend the nation against all it's real enemies to no bounds. Conversely a citizenry that has systematically been stripped of rights will eventually overturn the government all on its own.
It's very easy to fight terrorism, spies, and drugs without stripping our citizens of their rights. Unfortunately for us, effectively eliminating these "threats to our security" would mean shooting the golden goose for those who profit from the "struggle".
"Wars" on communism, drugs, terrorism, etc. are all excuses to plunder the treasury and increase centralized power. They aren't actually threats to the american way of life.
This problem has been around since the begining of web stats in general. There was a time not long ago when people didn't differentiate between hits and page views or visits. 100,000 hits on a given site could mean anywhere between 1,000 and 50,000 page views.
Some people intentionally inflate their stats, others end up inflating them unintentionally. Drudge reports an absurd amount of page views in their advertising page, but if you stay on the home page for any length of time you see the page auto-refreshing. Does that count? If you are selling CPM advertising, it probably does. If you are buying it, you hope it doesn't.
In the end, advertisers either are doing brand advertising or conversion advertising. If they are doing conversion advertising it's simple - identify potentially good advertising locations and figure out the comparitive ROI with a trial run. If you are doing brand advertising, you can base your dollars on alexa or nielsen or some other marketshare stat vendor, or you can simply research the site niches yourself to determine the extent of their advertising power within the community.
Advertising has been wrought with snake oil vendors since the beginning. Nothing has changed and nothing ever will. Like anything else - if a deal is too good to be true, it probably is. And just because a deal is priced in congruency with the rest of the market doesn't mean that you can accept it at face value. PR firms don't just exist to put out a public image, they exist because they are supposed to understand the advertising marketplace better than most people would ever care to.
I spent a good deal of my professional life in the telco arena before I opted to regain my sanity - both on the 911 side of the street and on the telco (in some cases both).
911 isn't rocket science, but a lot of the "integration" points are much more manual than you might think. 911 is as serious as it gets - mistakes can cost lives. Many of the smaller players have just a single guy or a couple of guys that are tasked with ensuring that 911 gets their information and validating that they processed the information correctly. A history of mistakes on either side of the street would certainly mean that the relationship can no longer continue until things get worked out - and that means either the technical people start working together in a more friendly manner or that those people get replaced. Either way, that process can be time intensive as there are not a lot of people out there who have experience with the data models, the technology, and the business models.
There is no way that this wasn't a looming problem that was discussed over and over in meetings, but knowing the telco environment it isn't unreasonable to assume that even though the problem was urgent it was not properly addressed. I've been in software design meetings where the subject of whether to use the phrase "Work In Progress", "In Progress", or "Working" took the better part of three days simply because strong personalities were involved that wouldn't let it go (and in the end executive involvement was necessary to move forward).
This isn't a conspiracy to push people back to land lines. It's a case of management incompetence. A conspiracy would require a spirit of cooperation, and that simply does not exist at the management level or at the executive level within the telco vertical.
I built a map of my high school, and of my college as well.
It's a natural thing to do as one of your first few maps.
Granted I did it ages before columbine or VTech ever came around, but you can't seriously associate map building for video games with terrorism. That's a leap of logic that isn't possible to make.
I tivo pay-per-view movies all the time - which is effectively the same thing that you guys are talking about. I rent a movie once and then I can watch it as many times as I want in the future.
The issue for DVD sales is much different than CD sales. Very rarely do people buy a DVD and then watch it 100 times. Even with one of these devices, I would expect that most people would watch a movie less than a total of 10 times.
You would think that a "backup copy" would fall under fair use - the same as having a copy of a VHS tape. It's in the interest of the movie-makers to allow the consumers to do what they want. You are much more likely to develop a cult following if you aren't nickel-and-diming your customer base - and cult followings can be monetized a hundred different and more profitable ways than simply selling a single DVD.
I would think in the near future a monopoly breakup is in order. The way the MPAA operates anti-trust issues are glaring all over the place. Either that or a smaller and hungry movie-house would push for non-css protected DVDs.
Slashdot Mirror
This woman was a substitute teacher.
Sounds like the regular classroom teacher had a lot of time on her hands to go surfing around.
Here's a direct link to the fuel cells: http://www.acumentrics.com/products-power-generato rs.htm
This is an interesting quote. It appears I'm going to have to research the GPL v3 a little bit further.
Aside from that - I don't see much REAL news here. Tivo basically has stated that they are riding on the backs of open source developers, haven't done much of anything in return, and now that those developers have an easy option of migrating to a license that protects their work from the likes of Tivo they have to spend some time thinking about how exactly to move forward.
Tivo certainly could migrate to foundational software with BSD style licenses, but it will take some time rebuilding everything and re-testing. They can also migrate to proprietary licensed software as a foundation. Further, they have the alternative of re-structuring their DRM protection. They could also spend time, money, and energy lobbying needed GPL projects for alternative licensing.
They are not without options, and given the fact that their "innovation" has made zero contributions back to the group of developers that formed the foundation of their business, and given the fact that they prefer to strip rights from consumers(DRM), developers(licenses), and other innovators(patents) I don't see why they gain much sympathy at all.
If you don't like GPL3, don't develop under it. FSF and the GPL are designed to foster the OSS community. If you want to provide your users with more freedom, provide an alternative license, use an alternative license, or write your own license. If you don't like GPL3 from an end user perspective, don't use GPL3 software, lobby for alternative licensing, or promote alternative projects that don't make use of the GPL.
At the moment, the powers that be enjoy a great deal of control over what information the masses in a given geographic region have access to. Certainly, you can go on the internet and check out whatever third-tier media outlet has to say, but the majority of people in even the most high tech regions get their information from broadcast television or broadcast radio.
In the States, we pull our information primarily from one of four major networks. Imagine how much more difficult it would be to manage propoganda campaigns if our sources shifted to 1000 different media outlets sourced globally. While slingbox place-shifting is really a personal solution the concept has major ramifications if it is taken to the next level.
I imagine the litigation/lobbying will get to a point where we are allowed to place shift away from our home, but rebroadcasting to mass markets will be taken off the table completely with the decision. It gives the citizenry the impression that somebody fought for our own rights, maintains the revenue stream for the existing entertainment companies, and focuses our information gathering capabilities on a small amount of reasonably controllable resources.
I know that I sound like Captain Conspiracy right now, but this road of "copyright protection" that we have been going down for I don't know how long always seems to end up protecting the rights and revenue streams of a small group of very wealthy people while trampling on innovation, education, and communication. It's rare that the big picture ever takes precedence these days. Capitalism is all about rewarding citizens for hard work and innovation, not protecting wealth by preventing changes to the status quo.
After seeing this list, I picked an item and decided to try Digging it to see what the response would be.
Not a single Digg since I submitted it nearly 3 hours ago. The story submitted just after it has received 7 Diggs, just prior to it 5 Diggs. Granted, the political section of Digg isn't highly trafficed, but the majority that do traffic it in my experience either lean pretty hard left or are Ron Paul supporters.
Maybe the editors at large were accurate in their assessment that the stories are not of general interest to the community.
Yes, the list itself is on the whole pretty liberal - but reviewing the list it looks like these are all articles that people should be very concerned about. Perhaps it is because the issues generally are fairly complex - i.e. you can't really truly understand the stories with a quick blurb.
The story that I submitted was in regards to the Office of Special Counsel being investigated for Political Corruption (not unlike the US Attorney Scandal) and for not actually defending any whistleblowers which is one of the primary functions of the Office.
Agreed. Another point to be made is that many enterprise applications use the database layer as a storage mechanism and either don't optimize for the database platform or don't take full advantage of optimization capabilities on individual platforms.
When it comes down to it, most enterprise apps would not see a significant performance shift in either direction based on platform and in those situations it is better to go with the database vendor with which your staff has the most experience. Enterprise applications rarely support MySQL or even Postgres except via slow ODBC connectivity.
For those applications that do maintain extraordinarily large data sets and see very high traffic levels there is still the factor of familiarity and experience to deal with. For a cost differential adding up to 100s of thousands of dollars in those scenarios it is unwise to not to at least take a look at open source platforms.
I could go into which platform I prefer in different scenarios but it's really not a very black and white thing. From a CIO perspective the best thing that you can do is to push software vendors to support open source DB platforms out of the box.
So a few years ago, I bought a BMW 530. My wife took it to the mall for the first time with my daughter who was about 6 months old. Upon returning to the car, she put my daughter in her car seat, and in doing so tossed the keys into the driver seat. She closed the door, walked around, and lo and behold, the BMW had locked itself up before she got to the drivers door.
The AAA locksmith shows up some time later, my daughter stuck inside a VERY hot automobile. They have no idea how to get in. So they used one of those airbag things to split open the driver door to stick a coat hanger or something inside the car to get it unlocked.
I have to call the dealership and ask where the unlock button is.
After I find out where it is and relay that to my now very panicked wife who fills in the locksmith, we come to find out that the car has detected a break-in and disabled the unlock button.
All the while we are yelling at them to just take a hammer to the window to break in. Apparently the damn car has some sort of unbreakable glass.
I finally get through to BMW's version of on-star and guess what - they can't unlock the car via satelite. As it turns out, the only thing BMW on-star is good for is asking for driving directions (there's a GPS in the car) and reserving movie tickets.
In the end, after consulting with the dealer again, I have to tell the now on-scene fire department that they CAN break the glass on the short split section of the passenger side rear window - apparently a feature designed just for these situations. Of course, that's exactly where my daughter is sitting, but thank goodness we had window shades that were drawn up.
So my wife brings my 1 day old car home that I haven't driven yet and it takes 6 weeks to get a new window. Of course, when the 6 weeks comes up and I discover they haven't ordered the window yet, they are all of a sudden in abundance and it only takes 24 hours.
So... pointless/counter-productive/bizarre features?
1) auto-locking doors
2) overly extravagent security
3) satellite communications link for directions in a car with a GPS
4) a window designed to be broken
Of course I haven't even mentioned
5) voice command (more distracting than buttons)
6) GPS Volume button is the radio button. You have to adjust the volume WHILE the GPS lady is giving you directions.
7) A radio that mysteriously reboots.
8) An integrated car management system that disables radio, air conditioning, and navigation when it doesn't boot properly.
9) A flat tire sensor that has presented at least a dozen false alarms and has never actually detected a flat tire.
Actually GPL v2 gives the licensee the option of using the current GPL license or any future version of the GPL license if I'm not mistaken. I've seen several instances where that line was stripped from the license text - but it's there by default.
And here I thought IIS was supposed to be invulnerable to exploits. This must not affect IIS 6.
No legal department would put their stamp of approval on such a statement - especially preceded by
And the last part -
implies that this message has been reviewed and approved.
They fail to mention the actual offending page, the offending text on the offending page, nor the action they would like to see taken. The message is a vague and baseless and includes a threat of legal action which in and of itself is illegal if there is no intent to pursue legal action.
If this email were legitimate - it implies that there is no IT department (no IT department issues computers with systemnames like "NewLaptop", no legal department, no internal email servers, and no direct connectivity to the internet from within the business (if they had, the e-mail would not have come through a dialup account). That's doubtful, since they actually broadcast shows over the web.
Further, the e-mail also implies that there is no way to verify the authenticity of the message AND leaves no contact information for clarification of the message. There is also no signature or even a name of the individual that sent the message.
The original email message is posted here. The message headers are as follows:
The Text of the message:
This doesn't look like a legitimate email to me in the least - from the earthlink origination to the cheesy wording of the message. Sounds like Slashdot has either been blog-spammed, or this guy is another chicken little.
The article summary itself states:
I laughed. From there...
- First guy responded with - "don't laugh. It's true. And don't go telling me about the public remotely exploitable bug that everyone knows about since that doesn't count"
- I responded with a link to a google search containing 695,000 results for IIS 6 exploits
- Second guy responded with - "The fact remains, IIS 6 has never had a remotely exploitable hole." - even though I had already plainly shown plenty
- I responded again - showing that guy #2 was obviously a MS zealout of some sort, and also feeling that there was already plenty of information in the thread about IIS 6 exploits
- Third guy responds with "You suck. And don't go looking to see if I'm an astroturfer. I'm anonymous." and "why not actually link to an IIS6 exploit meeting the stated criteria"
- Fourth guy jumps in "Answer his question"
- Then I again follow up by spelling out a long public remote IIS exploit, since 695,000 results just isn't enough.
- And here you jump in saying "that exploit isn't an exploit" when it plainly is
I stand by my laughter at the statement:If you don't think it's funny, fine. If you want to use IIS, fine. Do it at your own risk.
IIS 5 was so insecure that you could actually execute code on the host machine by simply accessing a URL - leaving the machine vulnerable even if you were just serving up static HTML files.
IIS 6 is so secure that an end user has to upload a file to execute code on the host machine, or they could just send a webDAV request and effectively remove the machine from service. If you call that secure, fine. You and I obviously have differing opinions.
Yes, IIS 6 is better than IIS 5. To purport that it is a SECURE platform that has never been exploited is just plain false.
1) It's a remote request
2) It's public
3) It's an exploit
=================
But then again, you'd know about that if you followed my first link.
There's a reason that companies like JS Wurzler charge a 15% premium to IIS users.
Count me among the webmasters who abandoned IIS long before the Code Red virus came along. If you want to keep treading in those waters blindly believing that IIS is the most secure web platform feel free. Even Gartner has recommended against using IIS. Yeah, that was before version 6 came out, but really - if things went so far that Gartner actually issued a recommendation do you think it's a smart thing to start using it again as soon as a version upgrade is released?
You are plainly wrong, and frankly it's not worth arguing about any more.
Your comment history shows an uncanny bias towards Microsoft products in defiance of logic. So what are you, an MS employed astroturfer or a fanboi?
Have a peek at the 695,000 google results.
You can play games all you want with words - "we don't have any <insert restrictive adjective here> exploits" the fact is that IIS has historically been and always will be a security nightmare.
It took Microsoft what - 10 years - to actually prioritize security measures in their web server? And you think they got it right the first time?
LMAO.
Did Microsoft hire Baghdad Bob as their PR guy?
ODF is unnecessarily complex and not very useful at all as it currently stands. Most of the people here are willing to accept a MS conspiracy theory. If anything, MS should want ODF to become a frozen standard so that they could
a) develop compatibility to the standard.
b) develop MS-only standard enhancements/extensions.
c) Argue against ODF adoption in government because of deficiencies frozen into the standard.
d) Release an upgrade to office that contains document formatting features not available within the ODF standard.
Agreed. I recently discovered while googling that a family member had at the top of the search results a particularly negative one. For myself, since I've been online and active for quite some time, I found that my results were all positive - and in fact that I controlled most of the results - either from my own web properties or because they were contributions I had made to various forums, newsgroups, or other online communities.
I made a decision a while back that it wasn't possible for me to maintain any real semblence of anonymity online, so I might as well be forthcoming with my name. Certainly there are drawbacks, but controlling my own online reputation is a positive side effect.
This problem has been around since the begining of web stats in general. There was a time not long ago when people didn't differentiate between hits and page views or visits. 100,000 hits on a given site could mean anywhere between 1,000 and 50,000 page views.
Some people intentionally inflate their stats, others end up inflating them unintentionally. Drudge reports an absurd amount of page views in their advertising page, but if you stay on the home page for any length of time you see the page auto-refreshing. Does that count? If you are selling CPM advertising, it probably does. If you are buying it, you hope it doesn't.
In the end, advertisers either are doing brand advertising or conversion advertising. If they are doing conversion advertising it's simple - identify potentially good advertising locations and figure out the comparitive ROI with a trial run. If you are doing brand advertising, you can base your dollars on alexa or nielsen or some other marketshare stat vendor, or you can simply research the site niches yourself to determine the extent of their advertising power within the community.
Advertising has been wrought with snake oil vendors since the beginning. Nothing has changed and nothing ever will. Like anything else - if a deal is too good to be true, it probably is. And just because a deal is priced in congruency with the rest of the market doesn't mean that you can accept it at face value. PR firms don't just exist to put out a public image, they exist because they are supposed to understand the advertising marketplace better than most people would ever care to.
"Nothing built on Javascript will ever achieve the security, cross-platform reliability, and programmatic friendliness that Web 2.0 needs."
Just because you don't understand xml and javascript doesn't mean that nobody does.
I spent a good deal of my professional life in the telco arena before I opted to regain my sanity - both on the 911 side of the street and on the telco (in some cases both).
911 isn't rocket science, but a lot of the "integration" points are much more manual than you might think. 911 is as serious as it gets - mistakes can cost lives. Many of the smaller players have just a single guy or a couple of guys that are tasked with ensuring that 911 gets their information and validating that they processed the information correctly. A history of mistakes on either side of the street would certainly mean that the relationship can no longer continue until things get worked out - and that means either the technical people start working together in a more friendly manner or that those people get replaced. Either way, that process can be time intensive as there are not a lot of people out there who have experience with the data models, the technology, and the business models.
There is no way that this wasn't a looming problem that was discussed over and over in meetings, but knowing the telco environment it isn't unreasonable to assume that even though the problem was urgent it was not properly addressed. I've been in software design meetings where the subject of whether to use the phrase "Work In Progress", "In Progress", or "Working" took the better part of three days simply because strong personalities were involved that wouldn't let it go (and in the end executive involvement was necessary to move forward).
This isn't a conspiracy to push people back to land lines. It's a case of management incompetence. A conspiracy would require a spirit of cooperation, and that simply does not exist at the management level or at the executive level within the telco vertical.
I built a map of my high school, and of my college as well.
It's a natural thing to do as one of your first few maps.
Granted I did it ages before columbine or VTech ever came around, but you can't seriously associate map building for video games with terrorism. That's a leap of logic that isn't possible to make.
I tivo pay-per-view movies all the time - which is effectively the same thing that you guys are talking about. I rent a movie once and then I can watch it as many times as I want in the future.
The issue for DVD sales is much different than CD sales. Very rarely do people buy a DVD and then watch it 100 times. Even with one of these devices, I would expect that most people would watch a movie less than a total of 10 times.
You would think that a "backup copy" would fall under fair use - the same as having a copy of a VHS tape. It's in the interest of the movie-makers to allow the consumers to do what they want. You are much more likely to develop a cult following if you aren't nickel-and-diming your customer base - and cult followings can be monetized a hundred different and more profitable ways than simply selling a single DVD.
I would think in the near future a monopoly breakup is in order. The way the MPAA operates anti-trust issues are glaring all over the place. Either that or a smaller and hungry movie-house would push for non-css protected DVDs.
Cue thousands of wikipedia clone spam sites full of adsense and YPN in 3... 2... 1...