Mozilla has revealed how it plans to integrate plain text commands directly into future versions of Firefox. Dubbed Taskfox, the move sees Mozilla's Ubiquity project become part of the browser itself, allowing users to type commands directly into the address bar.
ummmm...what happened to firefox being a bare bones base that you'd add your own addons to?
"Rich Internet Applications" You mean like web browsers, IRC clients, email, streaming video? Those things are pretty convincingly useful. Reading the article I discovered that this was actually an incorrect reference to 'web applications'. The internet is not just the web.
It's not really a problem. If you can't split a single task over multiple CPUS, you can just run multiple separate tasks(like erlang does).
- burning DVDS - playing videos - generating sweet fractals - web browser(recently being more CPU intensive) - Bit torrent - BOINC - Indexing files for searching later - Rendering frames - Compiling updates - Compressing backups - While still having enough spare resources to remain responsive.
Most people have a UPS these days anyway(laptops), so data loss due to power failure is very rare.
If you're writing important stuff to disk, using fsync() has been the rule for decades.
The reason it's not the default is because most applications write large amounts of useless junk to disk (caches of network data, scratch space etc.) which makes disk access very slow.
The KDE devs have no excuse and should know better.
so-called 'soft targets' like schools, hospitals, churches,...cafes, fast food outlets, office buildings, clothes shops, pet shops, computer shops, banks, police stations, fire stations, parks and gardens, nightclubs, mobile phone towers, telephone exchanges, factories, libraries, universities, food courts, beer gardens, pubs, bars and government buildings to protect them from terrorists.
I purpose we blur out everything in a populated area, and then cut out everyone's eyes so terrorists can't scope out a possible target by just walking around.
I'm just trying to stop terrorists, what's the problem?
during which a federal official said "that open source was anti-capitalist."
I always find it strange that people come to that conclusion, it's a very narrow view of capitalism. Open source and even free software is very capitalist. Capitalism is about an evolving market that is based on competition, open source software allows for a huge amount of competition because it's very easy to get in to the market.
Building a modern operating system requires a lot of resources, thus only a select few large companies have the resources to build one. But there is a wide variety of things within the development and support of software where companies could compete.
eg. support contracts, patch timeframes, deployment and custom configuration etc.
Development of the software in the first place is a very small piece of that pie and without the source code and the ability to modify and distribute it only one company gets to compete in that huge market, which is very bad for the consumer.
lol, police still think they can spy on the conversations of criminals? They'll only get the stupid ones, which aren't the ones that you need a wiretap to find.
Yes, this isn't just a problem for Windows. It's a problem for most operating systems, but that doesn't mean it has to continue to be a problem.
It may be YOUR computer and you may think YOU'RE in complete control, and that makes YOU and idiot. You gave up complete control the instant you started using software you didn't write
Actually, to be more accurate, I give up control the instant I run software that I can't predict the behaviour of. I don't have to write it, I just have to be certain of what it will do and when it do it and for this behaviour to be agreeable with my goals.
I seriously doubt you have ever written a line of code, let alone BIOS or other firmware.
I've been doing various coding for upwards of 15 years, I haven't done a lot of system level stuff, but I have a good understanding of what's possible.
This has nothing to do with Mozilla and everything to do with Microsoft. Mozilla has no way to prevent this, software installation and permissions in the responsibility of the operating system. Using Windows, you ran the installer and you gave the installer the permissions to modify the files required to install an addon on for firefox.
If this is a problem for you then you should get an operating system that prevents this kind of problem occurring. This is software running on YOUR computer, YOU'RE in complete control.
This guy smoked too much crack while watching too much Star Trek. He appears to lack an understanding of network and computer security and for some reason is calling software "a robot". Sounds pretty skutz to me.
Basically you're screwed. Microsoft has given you a task that is outside of currently known computer science.
Microsoft can't give more than just their word either, but by being sneaky they've put the burden of proof on to you. No software(aside from a few trivial examples in research labs) is currently secure, and you can't even really estimate security in software, because security bugs by their nature are unknown.
They are your notes as you wrote them. But also, whether or not she had copyright over them, it's still illegal for her to steal them from your possession. If she actually did have copyright over them, she would still need to take you to court, and that would only allow her to prevent you from distributing them. No one can stop to from possessing or recieving copyrighted material. eg. It's not ilegal to download copyrighted content from a P2P network, but it is ilegal for the person distributing the content(if you're using bittorrent, you're also distributing it).
"Oddly enough, digital music sales are up" It's not Odd at all, 95% of those ilegal downloads wouldn't have resulted in a sale anyway. People will get things from file sharing that they would never pay for themselves, thus the industry loses very little and actually gains due to higher exposure.
People buy music to support the bands, because if they don't the band will disappear and there will be no more music, so they do.
My phone company(also my isp) sends me email alerts if my call charges go 50% above the average for a month. Seems like something most service providers should do.
In Australia to get a bank account you have to provide 100 points of ID. So my bank knows who I am. Amazon is a company that provides a service, they don't care who you are as long as they get their money(eg. like a supermarket etc.).
I imagine your clients would regret not having more information about your identity if they paid you and you failed to produce the work required.
Online identity could be the same as physical identity if online services required you to actually provide some form of identification(eg. credit card number, copy of driver's license, etc.) although I've always been horrified at how little is required to prove one's identity and how much that identity gains you.
If I received papers via Facebook I'd just ignore them, as there is not way anyone else could know whether I received them, or that the account was actually me.
Seems to be some kind of revenge system. "hey you stole my laptop, so now I've made it useless" This doesn't prevent theft and because it's not likely to be the default behaviour of the laptop it doesn't even discourage theft.
yes, you won't be able to sell software. But you will be able to sell your programming skills because someone has to write the open source code. If a company needs a feature added then they will pay someone to write that feature. If a company needs a piece of software adapted to their needs it will have to pay someone to do that. Most of the main people working on open source projects are getting getting paid to do it because some company (intel,Sun, IBM, microsoft, etc.) has some need for the software.
And sandboxes are designed to control how a program interacts with the rest of the system.
Sandboxing is usually about controlling an untrusted program and denying it access to requested resources it's not authorised to access. I'd prefer a program was trusted and didn't make requests for access to unauthorised resources.
Most languages still can't parse string arguments deeply enough to distinguish open() in the user's home directory from open() elsewhere...
Yeah, so you don't even include open() in the standard lib of the language, so the programmer can't even make the request. Then you create a different syscall that's more restricted. Similar to how the Bitfrost #P_DOCUMENT section handles it.
Why even run untrustworthy code?
Because the major vendors of computer hardware for use in a home environment have declined to provide a convenient way to mark code developed by an amateur programmer as trustworthy.
This doesn't require hardware support(it would be nice, but not required), it just means that you have a small piece of code for a launcher that you must hand review that checks if a piece of code is correctly signed
This is only an issue for a complete Turing machine, by limiting what a program can do you can avoid this problem.
The relevant parts of a possibly malicious program to a user or admin is how it interacts with the rest of the system. Because what ever it's doing is mostly irrelevant until it's outputting it to somewhere. This is very easy to notice and impossible to obscure. As all of this interaction goes through calls to system libraries
and then have all programs define a contract with the system as to what resources they need to use on the system
In other words, you're recommending sandboxing....I can see, no such software for creating and managing sandboxes comes with home editions of the Windows operating system.
I wasn't actually recommending sandboxing, I was recommending language based system security(singularity, inferno etc). Why even run untrustworthy code? Thanks for the link to Bitfrost haven't seen that project yet, has some similar ideas.
In fact you are wrong. Computer aren't as complicated as that. It's easy enough to design a system to make obscuring the purpose of a piece of code impossible and then have all programs define a contract with the system as to what resources they need to use on the system, this information is conveyed to the user in a nice way and now the user will know straight away if a program is going to act maliciously before they run it.
0-day arbitrary code execution vulnerabilities are created due to a small set of things that overworked programmers forget sometimes, and can be easily abstracted away (it's just that C is such a shit programming language yet it's so widely used)
Nothing can protect you? how about not running code that is malicious?
I've always found the concept of 'computer security' fairly strange. It's your computer, you control what runs on it... why are people running code that acts counter to their interests? why are operating systems designed in such a way that a user can have no idea what a program is going to do?
Anyone that makes a claim like that is just trying to get media attention.
Bad science is great at making money. Evolution is never over. If we aren't evolving, then that's because we are currently in the best state for our current environment.
But then there is the study that says we've evolving more rapidly now than ever.
Slashdot Mirror
Mozilla has revealed how it plans to integrate plain text commands directly into future versions of Firefox. Dubbed Taskfox, the move sees Mozilla's Ubiquity project become part of the browser itself, allowing users to type commands directly into the address bar.
ummmm...what happened to firefox being a bare bones base that you'd add your own addons to?
"Rich Internet Applications"
You mean like web browsers, IRC clients, email, streaming video? Those things are pretty convincingly useful.
Reading the article I discovered that this was actually an incorrect reference to 'web applications'. The internet is not just the web.
It's not really a problem. If you can't split a single task over multiple CPUS, you can just run multiple separate tasks(like erlang does).
- burning DVDS
- playing videos
- generating sweet fractals
- web browser(recently being more CPU intensive)
- Bit torrent
- BOINC
- Indexing files for searching later
- Rendering frames
- Compiling updates
- Compressing backups
- While still having enough spare resources to remain responsive.
Most people have a UPS these days anyway(laptops), so data loss due to power failure is very rare.
If you're writing important stuff to disk, using fsync() has been the rule for decades.
The reason it's not the default is because most applications write large amounts of useless junk to disk (caches of network data, scratch space etc.) which makes disk access very slow.
The KDE devs have no excuse and should know better.
so-called 'soft targets' like schools, hospitals, churches,...cafes, fast food outlets, office buildings, clothes shops, pet shops, computer shops, banks, police stations, fire stations, parks and gardens, nightclubs, mobile phone towers, telephone exchanges, factories, libraries, universities, food courts, beer gardens, pubs, bars and government buildings to protect them from terrorists.
I purpose we blur out everything in a populated area, and then cut out everyone's eyes so terrorists can't scope out a possible target by just walking around.
I'm just trying to stop terrorists, what's the problem?
during which a federal official said "that open source was anti-capitalist."
I always find it strange that people come to that conclusion, it's a very narrow view of capitalism.
Open source and even free software is very capitalist. Capitalism is about an evolving market that is based on competition, open source software allows for a huge amount of competition because it's very easy to get in to the market.
Building a modern operating system requires a lot of resources, thus only a select few large companies have the resources to build one.
But there is a wide variety of things within the development and support of software where companies could compete.
eg. support contracts, patch timeframes, deployment and custom configuration etc.
Development of the software in the first place is a very small piece of that pie and without the source code and the ability to modify and distribute it only one company gets to compete in that huge market, which is very bad for the consumer.
- Jesse McNelis
lol, police still think they can spy on the conversations of criminals?
They'll only get the stupid ones, which aren't the ones that you need a wiretap to find.
Yes, this isn't just a problem for Windows. It's a problem for most operating systems, but that doesn't mean it has to continue to be a problem.
It may be YOUR computer and you may think YOU'RE in complete control, and that makes YOU and idiot. You gave up complete control the instant you started using software you didn't write
Actually, to be more accurate, I give up control the instant I run software that I can't predict the behaviour of. I don't have to write it, I just have to be certain of what it will do and when it do it and for this behaviour to be agreeable with my goals.
I seriously doubt you have ever written a line of code, let alone BIOS or other firmware.
I've been doing various coding for upwards of 15 years, I haven't done a lot of system level stuff, but I have a good understanding of what's possible.
This has nothing to do with Mozilla and everything to do with Microsoft. Mozilla has no way to prevent this, software installation and permissions in the responsibility of the operating system.
Using Windows, you ran the installer and you gave the installer the permissions to modify the files required to install an addon on for firefox.
If this is a problem for you then you should get an operating system that prevents this kind of problem occurring. This is software running on YOUR computer, YOU'RE in complete control.
This guy smoked too much crack while watching too much Star Trek. He appears to lack an understanding of network and computer security and for some reason is calling software "a robot". Sounds pretty skutz to me.
Basically you're screwed.
Microsoft has given you a task that is outside of currently known computer science.
Microsoft can't give more than just their word either, but by being sneaky they've put the burden of proof on to you.
No software(aside from a few trivial examples in research labs) is currently secure, and you can't even really estimate security in software, because security bugs by their nature are unknown.
They are your notes as you wrote them.
But also, whether or not she had copyright over them, it's still illegal for her to steal them from your possession. If she actually did have copyright over them, she would still need to take you to court, and that would only allow her to prevent you from distributing them. No one can stop to from possessing or recieving copyrighted material. eg. It's not ilegal to download copyrighted content from a P2P network, but it is ilegal for the person distributing the content(if you're using bittorrent, you're also distributing it).
Most people don't put in effort to learn QWERTY, they just learn because they have to type on it.
To switch to Dvorak you actually have to put in effort to learn it, thus people type faster on Dvorak because they've had more focused practice.
"Oddly enough, digital music sales are up"
It's not Odd at all, 95% of those ilegal downloads wouldn't have resulted in a sale anyway.
People will get things from file sharing that they would never pay for themselves, thus the industry loses very little and actually gains due to higher exposure.
People buy music to support the bands, because if they don't the band will disappear and there will be no more music, so they do.
lol
DRM doesn't work. It's technically impossible.
Your best bet is to not give the document to untrusted parties.
- Jesse McNelis
throw windows away, it's way to complex for such a person, throw Gnome and KDE out too.
Work out your requirements and build up a system to match them. Trying to cut things out of windows to make it fit your requirements won't work
My phone company(also my isp) sends me email alerts if my call charges go 50% above the average for a month. Seems like something most service providers should do.
In Australia to get a bank account you have to provide 100 points of ID. So my bank knows who I am.
Amazon is a company that provides a service, they don't care who you are as long as they get their money(eg. like a supermarket etc.).
I imagine your clients would regret not having more information about your identity if they paid you and you failed to produce the work required.
Online identity could be the same as physical identity if online services required you to actually provide some form of identification(eg. credit card number, copy of driver's license, etc.) although I've always been horrified at how little is required to prove one's identity and how much that identity gains you.
If I received papers via Facebook I'd just ignore them, as there is not way anyone else could know whether I received them, or that the account was actually me.
- Jesse McNelis
Seems to be some kind of revenge system.
"hey you stole my laptop, so now I've made it useless"
This doesn't prevent theft and because it's not likely to be the default behaviour of the laptop it doesn't even discourage theft.
yes, you won't be able to sell software.
But you will be able to sell your programming skills because someone has to write the open source code.
If a company needs a feature added then they will pay someone to write that feature.
If a company needs a piece of software adapted to their needs it will have to pay someone to do that.
Most of the main people working on open source projects are getting getting paid to do it because some company (intel,Sun, IBM, microsoft, etc.) has some need for the software.
And sandboxes are designed to control how a program interacts with the rest of the system.
Sandboxing is usually about controlling an untrusted program and denying it access to requested resources it's not authorised to access. I'd prefer a program was trusted and didn't make requests for access to unauthorised resources.
Most languages still can't parse string arguments deeply enough to distinguish open() in the user's home directory from open() elsewhere...
Yeah, so you don't even include open() in the standard lib of the language, so the programmer can't even make the request. Then you create a different syscall that's more restricted. Similar to how the Bitfrost #P_DOCUMENT section handles it.
Why even run untrustworthy code?
Because the major vendors of computer hardware for use in a home environment have declined to provide a convenient way to mark code developed by an amateur programmer as trustworthy.
This doesn't require hardware support(it would be nice, but not required), it just means that you have a small piece of code for a launcher that you must hand review that checks if a piece of code is correctly signed
Given: The purpose of a piece of code is either to halt or to loop. Deciding even this has been proven impossible.
This is only an issue for a complete Turing machine, by limiting what a program can do you can avoid this problem.
The relevant parts of a possibly malicious program to a user or admin is how it interacts with the rest of the system. Because what ever it's doing is mostly irrelevant until it's outputting it to somewhere. This is very easy to notice and impossible to obscure. As all of this interaction goes through calls to system libraries
and then have all programs define a contract with the system as to what resources they need to use on the system
In other words, you're recommending sandboxing....I can see, no such software for creating and managing sandboxes comes with home editions of the Windows operating system.
I wasn't actually recommending sandboxing, I was recommending language based system security(singularity, inferno etc). Why even run untrustworthy code? Thanks for the link to Bitfrost haven't seen that project yet, has some similar ideas.
In fact you are wrong.
Computer aren't as complicated as that.
It's easy enough to design a system to make obscuring the purpose of a piece of code impossible and then have all programs define a contract with the system as to what resources they need to use on the system, this information is conveyed to the user in a nice way and now the user will know straight away if a program is going to act maliciously before they run it.
0-day arbitrary code execution vulnerabilities are created due to a small set of things that overworked programmers forget sometimes, and can be easily abstracted away (it's just that C is such a shit programming language yet it's so widely used)
Nothing can protect you?
how about not running code that is malicious?
I've always found the concept of 'computer security' fairly strange. It's your computer, you control what runs on it...
why are people running code that acts counter to their interests?
why are operating systems designed in such a way that a user can have no idea what a program is going to do?
Seems kind of insane to me.
Anyone that makes a claim like that is just trying to get media attention.
Bad science is great at making money. Evolution is never over. If we aren't evolving, then that's because we are currently in the best state for our current environment.
But then there is the study that says we've evolving more rapidly now than ever.