So are extra USB ports. Just buy a powered USB hub and you're done. You can have something like 90 USB devices on a controller (I'm sure performance sucks, but that's the spec I think).
Are you on the BugTraq mailing list? It seems to me that a lot of people are out there banging on their software, trying to break it. That's just an opinion based on the level of traffic I see on there. Especially when I see messages like "Version 1.0 of software XXX has a flaw that allows retrieval of admin password using unicode". That certainly sounds like he was trying to break it to me. I personally would think that after all the Unicode bugs found in IIS, people would test that type of vulnerability. And it is possible to find bugs and flaws before they become breaches. I once again site OpenBSD.
Of course, all this is kinda moot, since security is always best in layers. Never depend on your firewall to block access to that machines port. If you don't need it, don't run it:)
It may be after the fact, but it's better than finding out that the flaw has existed for several months. Once the flaw has been fixed, the vendor is no longer responsible, it's up to the admin at that point. And until.NET (don't mean to bring MS into it, but I have a point), MS installed everything with most if not all ports open, even if you're just applying a service pack or something. Most Linux distros aren't any better, but at least they've started working on it. RedHat installs with most ports closed by default and offers to setup a firewall for you on install.
Actually, OpenBSD has done a pretty good job on being secure out of the box (no ports open on a default install). I don't think anyone ever said more eyes make bugs shallow, just that more eyes make it easier and quicker to fix. I would agree with you about the source code though. But wouldn't you love to be able to look at the source code of program if you knew what was wrong with it? I feel that way about a lot of the programs I use at work. If I could just get the source code, I could fix this little stupid problem (most of the problems are trivial and should've never made it into the shipping program).
Anyway, if you want to continue this debate, feel free to email me. I would be more than happy to carry it out over email (a lot easier than coming over to slashdot to post a reply:))
Oh please. MS breaks plenty of things. They recently broke some VBScript in IE that a lot of people use. Now they are trying to find a way to fix that. And I do believe that security up front is better. I'd rather know about the flaw so I can correct it, then have it hidden waiting for some script kiddie to come hack me.
Does that remove the whole thing? I know you can go into an inf file and take out the word hidden and then remove it from there, but doesn't that leave behind some of the dlls that say, IE or Outlook Express need to run? I honestly don't know, but I was under the impression that files are still left behind because the OS supposedly needs them.
3 days after the zlib bug was found it was fixed by every major vendor (including linux ones) except MS. I have yet to hear about any fixes that MS has created. It is my understanding that MS uses the zlib for a lot of stuff (directx, activex, other stuff I can't remember). If I missed any notices on bugtraq, then I'm wrong. I try to read the subjects every day. Sometimes I fall behind. They might brag about security, but I think it's more from a point of "we fix our bugs faster and get them out there" rather than "sshh. Don't tell anyone about that. Otherwise we'll have to fix it."
"People will complain that they are still installed and taking up "space". Nobody complains that Hyperterm is installed, taking up space, but not being used. The only difference is that most people don't even know what THAT program is used for."
If it's not used, I don't install it. Except I can't do that with IE and Messenger.
"So, I fail to see how IE is an issue in anybody's book. You can STILL install Netscape, you can STILL use other messengers, and you can STILL disassociate all your pictures, sounds, HTM/TXT, and video files to other applications other than those Microsoft provides for you. You don't HAVE to use Explorer, you don't HAVE to use Outlook Express, and you don't HAVE to use Windows Media Player."
Then I shouldn't have to keep them installed either. Or any of their shared components. And last I checked, CD recording is now a shared component of Media Player (in XP, I could be wrong, I don't use it). Shouldn't CD recording be something based in a Windows system driver, not something that requires a MEDIA PLAYER. Please feel free to correct me if I'm wrong.
"The SHARED components that Microsoft built into Windows and then designed the newest versions of explorer around also power the desktop and many other applications. That's the nature of shared components."
And what did Windows use for those shared components before IE? And actually, I believe they designed the shared components around IE so that IE would be your web browser and file explorer. With people still using modems, not being able to differentiate between your LOCAL file manager and your WEB browser is bad. Click on a file to open it and it opens 20 mins later because it's on a remote ftp site, but you couldn't tell because it all looks the same. I have seen this happen.
I don't hate MS because they are on top. I hate them because they always have to redesign the wheel just because they don't want to use already established standards. Look at NT for an example. Of course, they had to go back and redesign it for Win2k once they realized that it was junk, but they couldn't get rid of it completely.
Most other people hate MS because they constantly talk about innovating, yet they continue to use technology that has been around for 20 years. Hello, Terminal Services anyone? Just not nearly as useful as a remote X connection.
I think it depends on the bugs too. Perhaps you can post the bug numbers and others can take a look at them and see if they can reproduce them. Get a lot of people to vote for the bug and it'll get fixed real fast.
A Star Wars title never saved a console (remember Dreamcast?). And I think Halo is coming to the PC this fall. Assuming MS doesn't kill it that is. I know a lot of people are waiting for the PC version since it will probably have even better graphics (XBox is about half a generation behind now).
And we all know that the critical updates never cause a server to crash. Even the ones that can't be uninstalled. At least with Linux, if the recompile f&*#s your machine, reboot and use old kernel. And at least when Konqueror or Mozilla or X crashes, it doesn't take the whole box with it.
I myself wonder if LucasArts didn't screw something up when they wrote JK II. On their website, they recommend the 23.11 drivers for JK II, although a few people have had the latest ones work just fine as well.
Only because the airlines want you to pay the rediculous charge they have on airtime. I think it's something like $2.95/minute. That's insane! I turned my cell phone on during a flight once just to check what the time was (I was going into a different time zone and wasn't sure if the time would be changing or not). I got reception just fine and I really doubt that it caused any trouble in the cockpit. I believe one of the airlines recently removed all the cell phones from their planes citing extremely rare use as the reason.
I hope you're kidding and that you're really going to wait until March 22nd to go see it again. Otherwise, you'll be in for a nasty surprise when you sit through the closing credits and find that there is no trailer afterwards.
You're also forgetting that SMTP is a standard protocol. IM has no such standards. Therefore, AOL would have to accept SMTP, but they don't have to accept an IM protocol that is not their own.
Or the ISP could simply cap your bandwidth like AT&T Broadband does. That way, even if too many people are hooked up, they only start hurting themselves. Unlike Cox, AT&T will tell you that don't support networks and therefore won't help you troubleshoot beyond your cable modem. Recently, however, AT&T has started offering additional IPs at $4.95 each. Certainly cheaper than Cox, but still more expensive than just using the single computer NATing.
So what is the difference between someone sharing a 56k line and someone sharing a Cable/DSL line? Besides the speed of course.
Unless they have a specific clause that says you CANNOT put more than one machine on your link, they're really only digging their own graves.
I had this problem recently as well, except that I could run my system just fine and it would only lock up when using the network heavily. Turns out I needed the PCI Latency patch. I've been running for 3 days straight now (my uptime before was a day and a half) with no problems.
It doesn't make it ok or legit, but I wouldn't come down on AOL without coming down on every other cable company in the country.
And how are AOLs tactics anti-competitive? Are you forced to install their IM client like you are with MSN? Can you uninstall MSN? Not likely, but AIM is pretty easy to uninstall. Are you forced to use AOL as your internet front end? No, you're not.
I don't like AOL any more than everyone else on here, but calling some of the stuff they do monopolistic and anti-competitive is wrong. Nobody is forced to use any of their clients, you have to install them yourself (unlike a certain OS we all know of).
And don't give me that crap about everyone you know uses AIM so you don't have a choice. Ever try Trillian? Works great as an AIM, MSN, YIM, ICQ, and IRC client.
*when forced to do the former demanded terms that would be unprofitable for the competition.
*bought their 2 largest compeditors and swallowed them into their dialup service.
Not like any other large ISP out there, no sir (Can we say Netcom/Verio/Earthlink?).
*provide one massive IP block with no way to be able to ban just one user.
This might be shoddy design on their part, but IMO it's just nitpicking
*provide one IM service with little to no security(ICQ).
Don't know much about this one, but I think ICQ has improved quite a lot (although it is in constant beta)
*provide another IM service with no ability to block a user(AIM).
Excuse me? The setting "Allow only people on my buddy list to contact me" isn't good enough? They also have an Allow List if that is more to your liking. I think you mean someone can put you on their buddy list without you knowing. That doesn't keep you from blocking them once they send an IM though (just click block user).
*denied every last security hole and tried to hide the fact that customer creditcards has been compromised.
This ones probably true.
I thought everything we didn't like about MS was the FUD, the embrace, extend, extinguish, the monopolistic, anti-competitive tactics, and the lousy OS (which is actually pretty stable with Win2k and beyond).
Ah, ok, you are intelligent (not that I didn't think so before, but now it is fully apparent).
I manage Microsoft servers myself and I hate that kind of response too. They really don't know anything about the underlying architecture or how the code works or anything low level like that (not that MS even mentions it in any of their course work either).
I realized that as I was referencing the document. However, as you can see from posts higher than mine, the document was drafted well before 1995. The document (and standard) just happen to be finalized in 1997.
Slashdot Mirror
So are extra USB ports. Just buy a powered USB hub and you're done. You can have something like 90 USB devices on a controller (I'm sure performance sucks, but that's the spec I think).
Are you on the BugTraq mailing list? It seems to me that a lot of people are out there banging on their software, trying to break it. That's just an opinion based on the level of traffic I see on there. Especially when I see messages like "Version 1.0 of software XXX has a flaw that allows retrieval of admin password using unicode". That certainly sounds like he was trying to break it to me. I personally would think that after all the Unicode bugs found in IIS, people would test that type of vulnerability. And it is possible to find bugs and flaws before they become breaches. I once again site OpenBSD.
:)
Of course, all this is kinda moot, since security is always best in layers. Never depend on your firewall to block access to that machines port. If you don't need it, don't run it
It may be after the fact, but it's better than finding out that the flaw has existed for several months. Once the flaw has been fixed, the vendor is no longer responsible, it's up to the admin at that point. And until .NET (don't mean to bring MS into it, but I have a point), MS installed everything with most if not all ports open, even if you're just applying a service pack or something. Most Linux distros aren't any better, but at least they've started working on it. RedHat installs with most ports closed by default and offers to setup a firewall for you on install.
:))
Actually, OpenBSD has done a pretty good job on being secure out of the box (no ports open on a default install). I don't think anyone ever said more eyes make bugs shallow, just that more eyes make it easier and quicker to fix. I would agree with you about the source code though. But wouldn't you love to be able to look at the source code of program if you knew what was wrong with it? I feel that way about a lot of the programs I use at work. If I could just get the source code, I could fix this little stupid problem (most of the problems are trivial and should've never made it into the shipping program).
Anyway, if you want to continue this debate, feel free to email me. I would be more than happy to carry it out over email (a lot easier than coming over to slashdot to post a reply
Oh please. MS breaks plenty of things. They recently broke some VBScript in IE that a lot of people use. Now they are trying to find a way to fix that. And I do believe that security up front is better. I'd rather know about the flaw so I can correct it, then have it hidden waiting for some script kiddie to come hack me.
Does that remove the whole thing? I know you can go into an inf file and take out the word hidden and then remove it from there, but doesn't that leave behind some of the dlls that say, IE or Outlook Express need to run? I honestly don't know, but I was under the impression that files are still left behind because the OS supposedly needs them.
3 days after the zlib bug was found it was fixed by every major vendor (including linux ones) except MS. I have yet to hear about any fixes that MS has created. It is my understanding that MS uses the zlib for a lot of stuff (directx, activex, other stuff I can't remember). If I missed any notices on bugtraq, then I'm wrong. I try to read the subjects every day. Sometimes I fall behind. They might brag about security, but I think it's more from a point of "we fix our bugs faster and get them out there" rather than "sshh. Don't tell anyone about that. Otherwise we'll have to fix it."
"People will complain that they are still installed and taking up "space". Nobody complains that Hyperterm is installed, taking up space, but not being used. The only difference is that most people don't even know what THAT program is used for."
If it's not used, I don't install it. Except I can't do that with IE and Messenger.
"So, I fail to see how IE is an issue in anybody's book. You can STILL install Netscape, you can STILL use other messengers, and you can STILL disassociate all your pictures, sounds, HTM/TXT, and video files to other applications other than those Microsoft provides for you. You don't HAVE to use Explorer, you don't HAVE to use Outlook Express, and you don't HAVE to use Windows Media Player."
Then I shouldn't have to keep them installed either. Or any of their shared components. And last I checked, CD recording is now a shared component of Media Player (in XP, I could be wrong, I don't use it). Shouldn't CD recording be something based in a Windows system driver, not something that requires a MEDIA PLAYER. Please feel free to correct me if I'm wrong.
"The SHARED components that Microsoft built into Windows and then designed the newest versions of explorer around also power the desktop and many other applications. That's the nature of shared components."
And what did Windows use for those shared components before IE? And actually, I believe they designed the shared components around IE so that IE would be your web browser and file explorer. With people still using modems, not being able to differentiate between your LOCAL file manager and your WEB browser is bad. Click on a file to open it and it opens 20 mins later because it's on a remote ftp site, but you couldn't tell because it all looks the same. I have seen this happen.
I don't hate MS because they are on top. I hate them because they always have to redesign the wheel just because they don't want to use already established standards. Look at NT for an example. Of course, they had to go back and redesign it for Win2k once they realized that it was junk, but they couldn't get rid of it completely.
Most other people hate MS because they constantly talk about innovating, yet they continue to use technology that has been around for 20 years. Hello, Terminal Services anyone? Just not nearly as useful as a remote X connection.
I think it depends on the bugs too. Perhaps you can post the bug numbers and others can take a look at them and see if they can reproduce them. Get a lot of people to vote for the bug and it'll get fixed real fast.
A Star Wars title never saved a console (remember Dreamcast?). And I think Halo is coming to the PC this fall. Assuming MS doesn't kill it that is. I know a lot of people are waiting for the PC version since it will probably have even better graphics (XBox is about half a generation behind now).
Yeah, except console buyers don't keep buying crap. Probably why the PS2 is doing so well, since the PS1 did pretty well too.
And we all know that the critical updates never cause a server to crash. Even the ones that can't be uninstalled. At least with Linux, if the recompile f&*#s your machine, reboot and use old kernel. And at least when Konqueror or Mozilla or X crashes, it doesn't take the whole box with it.
I myself wonder if LucasArts didn't screw something up when they wrote JK II. On their website, they recommend the 23.11 drivers for JK II, although a few people have had the latest ones work just fine as well.
A binary only driver on a pre kernel.
Only because the airlines want you to pay the rediculous charge they have on airtime. I think it's something like $2.95/minute. That's insane! I turned my cell phone on during a flight once just to check what the time was (I was going into a different time zone and wasn't sure if the time would be changing or not). I got reception just fine and I really doubt that it caused any trouble in the cockpit. I believe one of the airlines recently removed all the cell phones from their planes citing extremely rare use as the reason.
I hope you're kidding and that you're really going to wait until March 22nd to go see it again. Otherwise, you'll be in for a nasty surprise when you sit through the closing credits and find that there is no trailer afterwards.
What if you want to paste over highlighted text with something you've previously highlighted? Oops, now you're just pasting the same text over itself.
It may suck, but:
Public transportation
Bicycle
Walking (my old boss used to do this everyday with no problem, keeps you in shape too).
:-P
You're also forgetting that SMTP is a standard protocol. IM has no such standards. Therefore, AOL would have to accept SMTP, but they don't have to accept an IM protocol that is not their own.
Or the ISP could simply cap your bandwidth like AT&T Broadband does. That way, even if too many people are hooked up, they only start hurting themselves. Unlike Cox, AT&T will tell you that don't support networks and therefore won't help you troubleshoot beyond your cable modem. Recently, however, AT&T has started offering additional IPs at $4.95 each. Certainly cheaper than Cox, but still more expensive than just using the single computer NATing.
So what is the difference between someone sharing a 56k line and someone sharing a Cable/DSL line? Besides the speed of course.
Unless they have a specific clause that says you CANNOT put more than one machine on your link, they're really only digging their own graves.
I had this problem recently as well, except that I could run my system just fine and it would only lock up when using the network heavily. Turns out I needed the PCI Latency patch. I've been running for 3 days straight now (my uptime before was a day and a half) with no problems.
It doesn't make it ok or legit, but I wouldn't come down on AOL without coming down on every other cable company in the country.
And how are AOLs tactics anti-competitive? Are you forced to install their IM client like you are with MSN? Can you uninstall MSN? Not likely, but AIM is pretty easy to uninstall. Are you forced to use AOL as your internet front end? No, you're not.
I don't like AOL any more than everyone else on here, but calling some of the stuff they do monopolistic and anti-competitive is wrong. Nobody is forced to use any of their clients, you have to install them yourself (unlike a certain OS we all know of).
And don't give me that crap about everyone you know uses AIM so you don't have a choice. Ever try Trillian? Works great as an AIM, MSN, YIM, ICQ, and IRC client.
*won't open up their broadband to competition
And what cable company has? None that I know of.
*when forced to do the former demanded terms that would be unprofitable for the competition.
*bought their 2 largest compeditors and swallowed them into their dialup service.
Not like any other large ISP out there, no sir (Can we say Netcom/Verio/Earthlink?).
*provide one massive IP block with no way to be able to ban just one user.
This might be shoddy design on their part, but IMO it's just nitpicking
*provide one IM service with little to no security(ICQ).
Don't know much about this one, but I think ICQ has improved quite a lot (although it is in constant beta)
*provide another IM service with no ability to block a user(AIM).
Excuse me? The setting "Allow only people on my buddy list to contact me" isn't good enough? They also have an Allow List if that is more to your liking. I think you mean someone can put you on their buddy list without you knowing. That doesn't keep you from blocking them once they send an IM though (just click block user).
*denied every last security hole and tried to hide the fact that customer creditcards has been compromised.
This ones probably true.
I thought everything we didn't like about MS was the FUD, the embrace, extend, extinguish, the monopolistic, anti-competitive tactics, and the lousy OS (which is actually pretty stable with Win2k and beyond).
Ah, ok, you are intelligent (not that I didn't think so before, but now it is fully apparent).
I manage Microsoft servers myself and I hate that kind of response too. They really don't know anything about the underlying architecture or how the code works or anything low level like that (not that MS even mentions it in any of their course work either).
I realized that as I was referencing the document. However, as you can see from posts higher than mine, the document was drafted well before 1995. The document (and standard) just happen to be finalized in 1997.
One search on google yielded plenty of restaurants that are open after 9pm. And only one was a chain.
Admit it, things aren't any better in LA. The only difference is that LA has more racial differences (call it cultures if you want) than OC.