Slashdot Mirror


User: FireFury03

FireFury03's activity in the archive.

Stories
0
Comments
3,710
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 3,710

  1. Re:Another nail in Javascript's coffin on Corporate Servers Spreading IE Virus [Updated] · · Score: 2, Insightful

    Javascript is only a security risk if it is implemented badly. And like it or not, Javascript (or similar) is here to stay, there's so much you can do with it that can't be done another way.

  2. Re:public health comparison? on Corporate Servers Spreading IE Virus [Updated] · · Score: 1

    And if you got it wrong and warned about a site spreading the infection when it is infact clean, you would get sued into oblivion.

  3. Re:Wonder How Microsoft Will React on Corporate Servers Spreading IE Virus [Updated] · · Score: 2, Interesting

    Shame they didn't include links to Mozilla, FireFox, Opera, et-al in the story

  4. Re:If I was british on Win a Part in the Hitchhiker's Guide · · Score: 1

    Oddly enough we don't have that many glaciers here in Britain ;)

  5. Re:All the storage I need. on Hotmail, Others Follow Gmail's Storage Boost · · Score: 1

    Set a short TTL on your DNS records (like a week before you move, set the TTL down to an hour or something.) Then when you actually move the changes will propogate very quickly.

  6. Doesn't seem to be hacking on HOPE Conference Gets Wozniak, Mitnick, Biafra · · Score: 2, Interesting

    Hmm... looks more like cracking to me...

  7. Re:AOL's New Slogan on AOL Employee Arrested in Spam Scheme · · Score: 1

    Or use SPF since AOL have been publishing SPF records for a while now. (I believe SpamAssassin 3.00 supports SPF out of the box).

  8. Re:isn't white light made up of RBG? on Sony Projector Gets Bright Images From Black Screen · · Score: 3, Informative

    True white light (like what you get from the sun) consists of an equal spread of energy across all frequencies. You can make light that _appears_ white (to our eyes) by mixing a small number of different colours (for example, red, green and blue). See my other post.

  9. Re:Methinks we aren't getting the whole scoop here on Sony Projector Gets Bright Images From Black Screen · · Score: 4, Informative

    completely skirting around the fact that THERE IS NO SUCH THING AS WHITE LIGHT!

    Sure there is, there's no such thing as white monochromatic light, but white light exists. The term "white" (whether it be talking about light, sound, etc.) simply means that the energy is distributed evenly across all frequencies (technically between 0Hz and infinity, but in practice we're talking about more or less evenly over a given band of frequencies). Since the energy is distributed over such a wide frequency band, the energy of the white light in the very fine bands used by projectors will be very small, so by absorbing everything else you will almost be eliminating the white light's energy.

    Trueth be told, unless you're talking about monochromatic light, the simplistic names of colours only describe what we see - they can be generated by any number of combinations of different frequencies. I.e. monochromatic orange light has a wavelength of 590nm, but that would look the same to us as a mixture of red (650nm) and yellow (570nm) light (or any number of combinations of different wavelengths).

  10. Re:not the best for traveling on Sony Projector Gets Bright Images From Black Screen · · Score: 1

    All RGB projectors will work fine on the "black screen" - the screen works by reflecting the wavelengths used by all RGB projectors and absorbing everything else, there's nothing special about the projector itself.

  11. Re:limit port 25 on Major ISPs Publish Anti-Spam Best Practices · · Score: 2, Informative

    TFA says clearly that blocking port 25 is a problem for those of us who run our own SMTP servers (and no I won't be forwarding through my ISP's smarthost - it's pointless, adds another point of failure and like I trust an ISP to make services work right :). The article also says that ISPs must accommodate these people by allowing people to unblock port 25 if they have a legit use for it. IMHO the document is very well written - when I downloaded it I was expecting to see a "block everything except web" type overreaction and was pleasantly supprised.

  12. Re: Direct mail is not Destructive? Bull... on Confession For Two: A Spammer Spills it All · · Score: 1

    Whats wrong with a bit of conventional advertising?

  13. Re: Direct mail is not Destructive? Bull... on Confession For Two: A Spammer Spills it All · · Score: 3, Interesting

    If spammers were legitimate direct marketters then they would:

    a. not forge addresses and headers
    b. not repeatedly try to get around the filters that those of us who don't want spam set up.

    However, my oppinion on all direct marketting is that it should be banned - it is intrusive, I never asked for it and no matter how many times you ask the marketters not to contact you they still do. I make a point of never buying anything from anyone who has tried to direct market to me. I wonder if anyone has done any research on how many customers companies lose through direct marketting (obviously it's offset by the morons who respond to the marketting but I'd still be interested to see the results of such research).

    Most of the direct marketting I receive is completely untargetted:

    Mailshots - I get both junk addressed to me (even though I'm registered on the Mail Preference Service) and stuff hand delivered (no, oddly I'm not interested in selling my house... especially since there is a bloody "sold" sign outside indicating that I only just bought the place)

    Telemarketting - luckilly most of the telemarketters actually take notice of the Telephone Preference Service register and I don't get too many of these... I still occasionally get cellphone companies phoning my cellphone (which is still on contract - I can't change provider for another 10 months) asking if I want to switch provider.

    Spam - oddly enough I'm not interested in making my pen!5 big.g3r - it's just fine as it is thank you.

    SMS spam - all those people who claim that charging per email would prevent email spam take your lessons from SMS spam - the operators pay per message there and there is still a huge amount of untargetted crap delivered to my phone even though it's been illegal since December 11th last year. The messages also usually arrive in the middle of the night and wake me up (I have to have my phone turned on when I'm on call)

    I am also having problems with the reverse-billed SMS services - technically you have to subscribe to them, but I have never subscribed but have been receiving reverse billed SMS messages. My operator won't do anything about it and tell me I have to contact the company sending the messages (who never answer their phone), so instead I have to contact ICSTIS, who's phones are always busy. Orange have told me there is no way for me to block reverse billed SMS messages and that if I refuse the pay the bill then they will cancel both my handsets and record a bad debt on my credit record. Nice industry - I hate them more than the email spammers.

  14. Live video? on Mike Melvill Chosen To Fly SpaceShipOne · · Score: 1

    Does anyone know the URIs of any live news video streams that will be covering the launch? The BBC only seem to do a looped 15 minute clip of the current news.

  15. Re:Yet again... on Another Zero-Day IE Scripting Exploit · · Score: 2, Insightful

    They aren't...I mean, I know slashdot wants you to BELIEVE that Microsoft was actively trying to crush Netscape through the unfair practice of "not charging for their software,"

    That's completely untrue - if there is one thing that the antitrust lawsuits have shown anyone with half a brain is that MS has done everything it can to push out netscape et al - why else would they have so much of a problem with bundling other browsers to give people a choice?

    in fact they were just trying to offer a high quality web browser that would entice people to buy their web server software.

    It doesn't matter to a web server what client you have. And it's clear that they have no interest in building a high quality browser - if they did they would be up to (if not infront of) the competition such as FireFox. I'm sure that getting yourself a reputation for writing propriatory, nonstandard software that will only work with one platform is a perfect way to sell your web server.

    Sure, Microsoft integrated the browser into their OS, but that's not such a bad idea, either.

    I'm not sure the whole integration thing was an intentional (very bad) design or just an accident - running parts of a web browser in ring zero is an exceptionally stupid idea if you give a damn about any kind of security and stability.

    I mean, what proof -- heck, what vague hypothesis do you have that, since the "death" of Netscape, Microsoft has stood in the way of any of the dozens of alternative browsers out there? Opera's still around. Mozilla's still kicking. OmniWave, Konqueror and Safari are still working great (I am posting this FROM Safari, in fact). In fact, all of these are more copiously updated than Microsoft's web browser.

    Microsoft appear to have not stood in the way of any modern browsers. Given their normal business practices, this seems to be yet more proof that they just plain don't care about the browser market now they have such a large market share. If 95% of people use IE then no web designer will write a site that doesn't work in IE. There's very little you can do to take advantage of the excellent new features of the better browsers while making the site look perfectly good in IE, (which is mainly down to IE's rendering bugs). And the fact remains that most professional web designers seem to be lazy and have no clue how to write valid code - a web designer I was talking to a while ago absolutely stunned me by asking "what is HTML?"

    I firmly believe that all modern browsers should have built in validators and post a warning on the status bar if the code isn't valid. this would be useful because:
    1. When designing a web page you can easilly see if you've written valid code without bothering to run it through the validator
    2. If you hire a web designer and the results they produce cause a big red "The person who designed this page is a moron" warning to appear in the browser, are you really going to pay them (nomatter how computer illiterate you are)? It would certainly encourage web designers to do their jobs properly.
    3. It would give some kind of explanation to the end user as to why the page isn't working in their browser - valid code generally works in all modern browsers (it might not look good in some, but it is usually readable). Invalid code generally only works in one.

    Maybe eventually the web will get to a stage where browsers can go standards-strict and flatly refuse to render a page if it's invalid. It's certainly not possible at the moment since very few sites are complient, but XML specs state that the parser should abort if it hits an error and XHTML claims to be XML complient.

    It is my opinion that Microsoft wants to get rid of IE, or at the very least, stop improving it.

    If MS have no intention on fixing IE then they should bin it completely - leaving bundled with the OS means that most people will keep using it, and that ultimately holds back the development of the whole web since web designers are forced to accommodate IE's bugs.

  16. Re:Massive Problems & Market Dominance on Another Zero-Day IE Scripting Exploit · · Score: 1

    Most people seem to be under the impression that (after signing the EULA that says MS aren't accountable if Windows destroys your data/business/country/universe) if you pay lots for something then it will be better because the manufacturer can be held accountable if it fails. For systems that you pay a relatively small amount for (a RHEL server will set you back a lot less than a Windows server) then I wouldn't expect the manufacturer to be accountable, but I have to wonder if it's a bad thing that very expensive solutions like Windows force you to sign away all your rights.

  17. Re:Massive Problems & Market Dominance on Another Zero-Day IE Scripting Exploit · · Score: 1

    If Windows 95 were a car made in 1960 it would be legal to independently make parts for it according to the original specifications & design.

    If I had a 1960's car that I knew had a design flaw in the brakes that caused the to catastrophically fail I would want to replace them with a part that didn't suffer the same problem rather than replacing them with a part of the "same design and specification". The same would seem to apply to software - users of the flawed IE, which fails catastrophically on a regular basis can install a device which does the same job through a completely different design without the flaws - FireFox, Mozilla, Opera, etc.

    Similarly, users of the flawed Windows, which also fails catastrophically on a regular basis, can replace it with Linux.

    Now the question is, since everyone _knows_ IE has security problems (there's been so much press recently about the repeated exploits that even the most computer illiterate must know there's a problem), why do so few people install the alternatives? If the press published stories about the brakes on a certain type of car failing without warning and that there was a free 3rd party alternative that didn't suffer these problems, I would expect everyone to rush to change them.

    Having said all that, my website is gradually getting a lower proportion of hits from IE, and at work when we tell the customers to "install FireFox since it solves all the problems you're having" we frequently get "oh, that's a good idea" and "why didn't you tell me that before" where 18 months ago we would've got a completely negative "oh we can't do that" response. ...Maybe the tide is turning...

  18. Re:Yet again... on Another Zero-Day IE Scripting Exploit · · Score: 1

    But why even bother to expend the resources to develop a browser if you're not going to get anything out of it - they could've just bundled Netscape with windows. If MS hadn't cobbled IE together then Netscape wouldn't be competition anyway.

  19. Re:Massive Problems & Market Dominance on Another Zero-Day IE Scripting Exploit · · Score: 1

    How does Microsoft justify not fixing IE bugs on older platforms?

    All platforms get end-of-lifed, nomatter who produces them. It's just too expensive to keep supporting them. Do you see redhat releasing errata for RedHat Linux 6.0? Afterall, that was only released 5 years ago. No, infact RedHat nolonger even support RedHat Linux 9 anymore.

    Whilest some of these recent exploits have caused widespread headaches for network administrators, they have done no real damage as far as the end users are concerned - if people started getting their hard drives (or even firmware) erased then maybe they'd start paying more attention to security.

  20. Re:Time to get JavaScript off your site on Another Zero-Day IE Scripting Exploit · · Score: 3, Insightful

    While we're dealing with the extra load processing validations that used to be client side

    If you're not validating data server-side then you are asking for trouble - Client side validation makes things nicer for the end user since they are told about invalid data sooner, server-side validation stops someone (intentionally or unintentionally) entering junk into your systems. And remember that allowing a user to enter junk is potentially destructive to your systems. You should really be doing both client side and server side validation - the client is untrusted so never trust that the data coming from the client is valid, even if you _think_ it probably went through a validator on their end.

  21. Re:Time to get JavaScript off your site on Another Zero-Day IE Scripting Exploit · · Score: 1

    Web site design today needs to eliminate JavaScript

    Wrong - web site design should eliminate the _need_ for JavaScript, Java, Flash, etc. Of course if you turn on these extra plugins then you might get more functionality, etc but the site should be usable without them.

    From the end user point of view, JavaScript adds so much since it can do stuff quickly - you can do drag & drop objects and popup menus. You can validate form entries before talking to the server, which is much nicer than making someone fill in a whole form before telling them they're entering crap. (Of course the whole lot also needs to be validated server-side too).

    If you're scared about turning on JavaScript then you seriously need to ask yourself why you're running such an insecure system - JS by it's very design is supposed to be segregated from everything important (unlike ActiveX). That said, some work does need to be done on the JS engine in all current browers - it's possible to hang practically all of them with an infinite loop in javascript.

  22. Re:Yet again... on Another Zero-Day IE Scripting Exploit · · Score: 2, Interesting

    IE generates no revenue for MS and since people are willing to use it regardless of the holes, there's no incentive for them to overhaul it beyond the occasional patch.

    But why are MS always trying to put all the other browsers out of business for something they get nothing back from?

  23. Re:Not everyone can use Mozilla... on Another Zero-Day IE Scripting Exploit · · Score: 1

    You're talking about the same network administrators who force everyone on the network to use Outluck.

  24. Re:April Fool's on Microsoft Receives Patent For Double-Click · · Score: 1

    Apples don't count :)

  25. Re:April Fool's on Microsoft Receives Patent For Double-Click · · Score: 1

    I know exactly what you mean - I've dealt with a few supposidly "server" boxes (rackmount units) that had no bios option to force them to power up in the event of a failure... someone obviously didn't think very clearly when designing them coz you really don't want to have to manually power up a few data cabinets full of servers.