Do you think that scientists or reports would miss volcanic eruption output by 2 orders of magnitude at this point? If they did, then it should be easy to prove that volcanic activity produces at least as much output as man.
Write the word 'denier' at the top of a page. Get people to list their connotations. 'Holocaust denier' will be high up there.
You're smoking crack.
While what you say may be true for a tiny minority of people with vested interests, the vast majority of the population would never even think of "Holocaust denier" even should those two words appear on the same page on separate lines. Why? Because for most of us, a "Holocaust denier" is much like an "Earth is Round denier". If they ever run into one, they're considered a lunatic fringe and they move on.
If I only had mod points. Anyone that thinks we haven't had more significant changes over the past 5-8 generations than the last 30000 years with the exception of a few major plagues is smoking something.
I don't know - 1 kW of PV and 1100ah of batteries cost you $11K 4 years ago for a cost of $230/month. Based on your previous lifespan, you're about halfway through the expected life, meaning that you'll be down to $115/month. That's darn cheap if you ask me. Granted, you have generator maintenance which isn't included, but heck, I'd love to be anywhere near that cost/month. Granted, you already had 1500W of PV which would add significantly to the initial cost, but certainly worth it over the long haul.
None require a base root process to spawn an escalated privilege process like Windows does, even today in its latest incarnation - it's part of that fundamental insecurity built into the very foundation of windows.
What is that process? UAC is what provides that barrier - much like linux sudo, you don't just get to launch an un-trusted process as root without some confirmation.
Windows has a fundamental security issue that it cannot spawn nor escalate a security token higher than the parent token. In short, that means to do something as root, you have to be or ask a root process to do it for you. UAC isn't really a privilege escalation function, it's more of a watchdog function that acts as a gatekeeper whenever something asks to write something to certain areas of the system. This is fundamentally different than requiring proper credentials to write something to a location, which is how other OSes (BSD, OSX, Linux, IRIX, AIX, HP UX, etc, etc) all work. In those, unless you're a moron, you're not running as root or the equivalent, and you must provide the proper credentials before a write can occur.
There is nothing like Active X on any system but Windows - thank goodness
But there are browser plugins, and just because there is a sandbox, doesn't mean it is impossible to break out.
That's just a red herring. I don't think anyone will argue that ActiveX was a good idea at this point. To be honest, ActiveX is symptomatic of MS's total lack of understanding of how security should work. And yes, I will claim that publicly, since their security architecture is fundamentally upside down compared to every other system out there.
Regarding DLLs/Shared objects, no OS allows generic dynamic code injection into system code from an unprivileged account, except. of course, Windows
This hasn't been true since the "UAC band-aid". If you are trying to compare current securities, you can't argue that "Windows is insecure because Windows XP is insecure", by that logic, Max OS 9 didn't have ASLR, but that doesn't mean apple is an inherintly insecure platform.
AFAIK, dynamic code injection into system code (in-memory) from an unprivileged thread was still possible as in 2008 R2 as of Jan 2010. That dates after the Win7 release. I know, because I considered (only briefly) doing it myself when I was researching the (as of then) undocumented removal of security token manipulation routines.
Macs have had EFI, actual process security that didn't need UAC's bandaid, sandboxed processes, and well defined abstraction layers for years.
Why is UAC a band-aid? Is sudo a bandaid? So you want process security, but don't like the fix? I'm a little confused here.
Read above - UAC is essentially a watchdog process that attempts to intercept calls to write to specific areas in the system. Compare that with actual security requiring proper credentials, and you'll see why UAC is a bandaid. Comparing UAC to sudo is like comparing a sundial to a fine Swiss made timepiece. While they both appear to give indications of time, the latter has much more functionality and there are many posts out there to demonstrate just how powerful sudo is on allowing unprivileged users access to perform specific privileged actions.
While I don't know anything about EFI (except what I found on wikipedia), unless apple has something magic they also call EFI, I don't see how that's relevant. I also don't understand how abstraction layers have anything to do with inherent OS security....
EFI, properly UEFI, was listed by GP. GP actually has Apple to thank for bringing UEFI out into the mass market, since they were the first, and pretty much only ones running UEFI for quite a while. (Just try finding an UEFI Intel motherboard for sale more than 6 years afte
I use a different machine for general flash use for the kids. It's also a completely unprivileged account. I've been considering whether I could go to a pure LiveCD type installation to allow for flash etc, which IMNSHO is about the only "secure" way to run flash. Fortunately mine don't youtube yet.
All that said, I will note that there has been only one widespread malware vector exploited on OSX, and that was the Java vector mentioned above that is now closed. While some decry the 3 months Apple took to close it, versus the 3 weeks for other OSes, it did have one positive outcome: Oracle decided to take full ownership of the OSX version of Java, so hopefully in short order we'll have full parity between all versions on all systems, at least as far as can be done on VMs alone.
OSX is effectively sand boxed already, all unix systems are. None require a base root process to spawn an escalated privilege process like Windows does, even today in its latest incarnation - it's part of that fundamental insecurity built into the very foundation of windows. All *nix systems can elevate a process by providing proper credentials. So, properly setup, there's almost nothing that can be done on a *nix system unless additional credentials are supplied.
There is nothing like Active X on any system but Windows - thank goodness.
Since Apple makes all its own hardware/software, effectively all drivers are all signed.
Apple has been using EFI for years.
Regarding DLLs/Shared objects, no OS allows generic dynamic code injection into system code from an unprivileged account, except. of course, Windows.
Macs have had EFI, actual process security that didn't need UAC's bandaid, sandboxed processes, and well defined abstraction layers for years. Additionally, Apple introduced ASLR in 10.5, completing full ASLR in 10.8. DEP has existed since 10.6.
Java issues have been addressed, which were the same for Windows, mind you. Flash, well, flash is easily just removed. It's the only safe way to operate on any system as far as flash is concerned. It's very similar to running around a gun-powder factory with lighted sparklers. It's just not a good idea.
I'd say it's more like being raised in a Transformers movie - lots of glitz and shiny objects, but rather empty and pointless once you stop to think about it.
Why do executive like larger, rather than smaller, bonuses?
So let's start by getting rid of some executives....more bonuses for those that are left, and happier stock holders because the outstanding shares just went down and there's a reduction in losses.
I disagree with the main point - you can easily survive without a TV. It might be awkward at first, but eventually you'll adjust. See below.
I'd agree with your synopsis of options, but you left out a few, such as RebBox, BlockBuster, while they live, etc. Purchasing is not required. There's also OTA, and depending upon where you live, there's a fair amount available. The only questions are when are the cabal going to force subscriptions for users of any of those services, or force subscription payments for OTA reception? So far, the FCC forbids encryption of OTA signals, IIRC.
Back to the living without TV statement: It sounds radical when first stated. However, in my case, the TV died, and rather than run out and buy a new one immediately, we were busy, and just didn't get around to it until about a month later. We really didn't miss anything, and we figured out why: we don't watch any of those "pop culture" shows anyways, so we've been weaned from that aspect of the water cooler culture for a while already. Our actual total hours of TV watched a week is pretty low - low enough that the broken TV actually had a negligible impact on our schedules, since we generally watch everything DVR'd on our schedule anyways, we snipped the ties to broadcasting schedules long ago. Lastly, a/.er with only 1 TV? Yep, we'd just recycled the others, hadn't gotten around to buying any new ones, so when the main and last remaining died, we were TV-less. The experience also caused us to re-evaluate the initial thinking of buying additional TVs. Since we watch so little it made little sense to buy even a second unit, since we barely missed it when we had none.
HTTP is itself insecure. It's also TCP based, PTP, and there are a host of other reasons/limitations why it's unsuitable for a large range of purposes. But, if your world revolves around a simple insecure request/response model, I suppose it can accommodate.
It's still a "windows" phone, advertised as such, so any failings in operation that appear to be software related will justly be seen as an MS failing.
Perhaps it's time to give both of those shows the same treatment we're giving the rest of the entertainment industry? Let them accommodate or die. I'm sure someone somewhere will be online offering their own version(s) of these entities. Neither political nor sports talk shows are exclusives to cable.
And if you're so tied to a team you just must watch them, well, then you pay.
You beat me to the reply. You are absolutely correct. The fps made little difference, it was the Hz refresh rate more than anything. The fps is only relevant to FPS gamers (hmmm, interesting coincidence there) and then only because the faster their fps was, the earlier they might get a blip on the screen representing their next target, as the "frame" might be rendered a few ms faster.
Now the funny thing is that the true problem with current systems is latency. LCDs have horrible latency in general compared to CRTs, or at least they used to, which is why all gamers preferred CRTs for a long long time, and they still might for all I know. I don't participate in death matches and the like, so latency doesn't bother me. What does is color depth and gamut, and IPS screens are definitely showing their colors in these categories.
Pro-Choice was never about killing anyone. It's about allowing someone to remove something from their body. This operation is done all the time, more than a million times a year in the US and no one complains. (That would be those occurring somewhere near the 9 month mark.) There are also a fair number done earlier than the 6 month mark. These do not result in a sustainable living entity, no matter what is done.
You'd think all those gamers at 100+fps would already be used to this.
Then there's the 1080p at 24, 30 and 60 fps. The only thing I notice is smoother movement as the frames go up, but only to a point. Past 30 it's pretty smooth.
the same system is in use in finland still, some using the numbered codes, in which the bank asks you a specific code from the code card, some need you to mark codes as used as you go(and doesn't provide a hint which code you should input).
Asking for a specific code would be a good route, since that actually is a sort of challenge response handshake. If you combine that with 1 time use only and mark them off, phishing becomes harder, unless you get an exceptionally dense person that enters 10+ numbers into a fake web site.
Ugh, sounds painfully inefficient and ripe for abuse, even though conceptually single use keys should be secure, obviously this isn't.
Originally I was going to suggest that the bank maybe should't have been 100% at fault, but upon re-reading the article. it appears they're one of the few still using the TAN system. That alone should make their liability level higher, since everyone else has switched away from it.
Note that there are no known viruses for OSX, and a properly configured mac makes even malware difficult to run.
600K macs estimated to be infected with flashback, the only really known problem malware at the moment.
Off the top of my head, there's also Flshplyr, SabPub and Maljava. If you don't keep up with the tech world, at least check your facts before getting on your soapbox. There's been PLENTY of OSX malware, mostly trojans and scareware - the aforementioned, Dloadr, FakeAv, Miner, Imuler, Renepo. Yes, there have been viruses, worms and malware for OSX. This is a matter of indisputable fact. This is not the first, it's not the only vulnerability currently out there. None of this is news.
Flshplyr - Trojan 2012 (Java)
SabPub - Trojan 2012 (Java and MS Word Document variants)
Renepo - Worm 2004 - never seen in the wild, ie concept virus
So, with the exception of Renepo, which doesn't exist except as a concept and was for PPC Macs, the real problem was Flashback. All the other recent Trojans were targeted. I'll also note that Sophos now estimates the Flashback to be less than 275K infections as of last week. What was your point again?
I tried the Pandora route with about 20 different sets of seeds, and while I did find some bands I liked, none of them were new, even when dropping in as seeds songs published in last couple of years. I got lots of results that I was already aware of, and own in many cases. It is possible that the genres I like have been replaced by music with qualities I don't, c'est la vie, unfortunately.
Nah, no need, not even at a business level. Note that there are no known viruses for OSX, and a properly configured mac makes even malware difficult to run.
All that aside, this article is extremely suspect - 1 in 36 macs were infected with malware? 600K macs estimated to be infected with flashback, the only really known problem malware at the moment. So that would indicate about 22 million macs according to the story. According to Apple's Q1 2012 results, they sold over 5 million macs just this quarter, meaning that this article is saying 25% of the macs out there were sold this quarter? Of course, Sophos sells "security" software, so is this a surprise?
I said the same thing in the latest poll but from a business standpoint it's still throwing money down a hole. If they're not doing it for profit it's strange that they set it up as a business.
Actually, it's not. They're setting it up as a business for what most likely will be an entire series of new inventions and innovations that will come out of the research and implementation of progressing to their goal. Had NASA retained all patents on everything associated with the space program that they developed or funded, NASA would have been running this type of show in the 80s.
Except for most of the music...especially towards the end of the decade...ugh.
But the beginning was so great! Some of the best bands of all time came out of the late 70s early 80s. Then there was another brief blip of decent music around the early-mid 90s, and only occasional bands/releases since then.
Do you think that scientists or reports would miss volcanic eruption output by 2 orders of magnitude at this point? If they did, then it should be easy to prove that volcanic activity produces at least as much output as man.
False.
Write the word 'denier' at the top of a page. Get people to list their connotations. 'Holocaust denier' will be high up there.
You're smoking crack.
While what you say may be true for a tiny minority of people with vested interests, the vast majority of the population would never even think of "Holocaust denier" even should those two words appear on the same page on separate lines. Why? Because for most of us, a "Holocaust denier" is much like an "Earth is Round denier". If they ever run into one, they're considered a lunatic fringe and they move on.
If I only had mod points. Anyone that thinks we haven't had more significant changes over the past 5-8 generations than the last 30000 years with the exception of a few major plagues is smoking something.
I don't know - 1 kW of PV and 1100ah of batteries cost you $11K 4 years ago for a cost of $230/month. Based on your previous lifespan, you're about halfway through the expected life, meaning that you'll be down to $115/month. That's darn cheap if you ask me. Granted, you have generator maintenance which isn't included, but heck, I'd love to be anywhere near that cost/month. Granted, you already had 1500W of PV which would add significantly to the initial cost, but certainly worth it over the long haul.
None require a base root process to spawn an escalated privilege process like Windows does, even today in its latest incarnation - it's part of that fundamental insecurity built into the very foundation of windows.
What is that process? UAC is what provides that barrier - much like linux sudo, you don't just get to launch an un-trusted process as root without some confirmation.
Windows has a fundamental security issue that it cannot spawn nor escalate a security token higher than the parent token. In short, that means to do something as root, you have to be or ask a root process to do it for you. UAC isn't really a privilege escalation function, it's more of a watchdog function that acts as a gatekeeper whenever something asks to write something to certain areas of the system. This is fundamentally different than requiring proper credentials to write something to a location, which is how other OSes (BSD, OSX, Linux, IRIX, AIX, HP UX, etc, etc) all work. In those, unless you're a moron, you're not running as root or the equivalent, and you must provide the proper credentials before a write can occur.
There is nothing like Active X on any system but Windows - thank goodness
But there are browser plugins, and just because there is a sandbox, doesn't mean it is impossible to break out.
That's just a red herring. I don't think anyone will argue that ActiveX was a good idea at this point. To be honest, ActiveX is symptomatic of MS's total lack of understanding of how security should work. And yes, I will claim that publicly, since their security architecture is fundamentally upside down compared to every other system out there.
Regarding DLLs/Shared objects, no OS allows generic dynamic code injection into system code from an unprivileged account, except. of course, Windows
This hasn't been true since the "UAC band-aid". If you are trying to compare current securities, you can't argue that "Windows is insecure because Windows XP is insecure", by that logic, Max OS 9 didn't have ASLR, but that doesn't mean apple is an inherintly insecure platform.
AFAIK, dynamic code injection into system code (in-memory) from an unprivileged thread was still possible as in 2008 R2 as of Jan 2010. That dates after the Win7 release. I know, because I considered (only briefly) doing it myself when I was researching the (as of then) undocumented removal of security token manipulation routines.
Macs have had EFI, actual process security that didn't need UAC's bandaid, sandboxed processes, and well defined abstraction layers for years.
Why is UAC a band-aid? Is sudo a bandaid? So you want process security, but don't like the fix? I'm a little confused here.
Read above - UAC is essentially a watchdog process that attempts to intercept calls to write to specific areas in the system. Compare that with actual security requiring proper credentials, and you'll see why UAC is a bandaid. Comparing UAC to sudo is like comparing a sundial to a fine Swiss made timepiece. While they both appear to give indications of time, the latter has much more functionality and there are many posts out there to demonstrate just how powerful sudo is on allowing unprivileged users access to perform specific privileged actions.
While I don't know anything about EFI (except what I found on wikipedia), unless apple has something magic they also call EFI, I don't see how that's relevant. I also don't understand how abstraction layers have anything to do with inherent OS security....
EFI, properly UEFI, was listed by GP. GP actually has Apple to thank for bringing UEFI out into the mass market, since they were the first, and pretty much only ones running UEFI for quite a while. (Just try finding an UEFI Intel motherboard for sale more than 6 years afte
I use a different machine for general flash use for the kids. It's also a completely unprivileged account. I've been considering whether I could go to a pure LiveCD type installation to allow for flash etc, which IMNSHO is about the only "secure" way to run flash. Fortunately mine don't youtube yet.
All that said, I will note that there has been only one widespread malware vector exploited on OSX, and that was the Java vector mentioned above that is now closed. While some decry the 3 months Apple took to close it, versus the 3 weeks for other OSes, it did have one positive outcome: Oracle decided to take full ownership of the OSX version of Java, so hopefully in short order we'll have full parity between all versions on all systems, at least as far as can be done on VMs alone.
Where to start?
OSX is effectively sand boxed already, all unix systems are. None require a base root process to spawn an escalated privilege process like Windows does, even today in its latest incarnation - it's part of that fundamental insecurity built into the very foundation of windows. All *nix systems can elevate a process by providing proper credentials. So, properly setup, there's almost nothing that can be done on a *nix system unless additional credentials are supplied.
There is nothing like Active X on any system but Windows - thank goodness.
Since Apple makes all its own hardware/software, effectively all drivers are all signed.
Apple has been using EFI for years.
Regarding DLLs/Shared objects, no OS allows generic dynamic code injection into system code from an unprivileged account, except. of course, Windows.
Macs have had EFI, actual process security that didn't need UAC's bandaid, sandboxed processes, and well defined abstraction layers for years. Additionally, Apple introduced ASLR in 10.5, completing full ASLR in 10.8. DEP has existed since 10.6.
Java issues have been addressed, which were the same for Windows, mind you. Flash, well, flash is easily just removed. It's the only safe way to operate on any system as far as flash is concerned. It's very similar to running around a gun-powder factory with lighted sparklers. It's just not a good idea.
My final take on this is you had to be trolling.
Or, you could just build inherently safer designs in the first place.
I'd say it's more like being raised in a Transformers movie - lots of glitz and shiny objects, but rather empty and pointless once you stop to think about it.
Why do share holders like dividend increases?
Why do executive like larger, rather than smaller, bonuses?
So let's start by getting rid of some executives....more bonuses for those that are left, and happier stock holders because the outstanding shares just went down and there's a reduction in losses.
I disagree with the main point - you can easily survive without a TV. It might be awkward at first, but eventually you'll adjust. See below.
I'd agree with your synopsis of options, but you left out a few, such as RebBox, BlockBuster, while they live, etc. Purchasing is not required. There's also OTA, and depending upon where you live, there's a fair amount available. The only questions are when are the cabal going to force subscriptions for users of any of those services, or force subscription payments for OTA reception? So far, the FCC forbids encryption of OTA signals, IIRC.
Back to the living without TV statement: It sounds radical when first stated. However, in my case, the TV died, and rather than run out and buy a new one immediately, we were busy, and just didn't get around to it until about a month later. We really didn't miss anything, and we figured out why: we don't watch any of those "pop culture" shows anyways, so we've been weaned from that aspect of the water cooler culture for a while already. Our actual total hours of TV watched a week is pretty low - low enough that the broken TV actually had a negligible impact on our schedules, since we generally watch everything DVR'd on our schedule anyways, we snipped the ties to broadcasting schedules long ago. Lastly, a /.er with only 1 TV? Yep, we'd just recycled the others, hadn't gotten around to buying any new ones, so when the main and last remaining died, we were TV-less. The experience also caused us to re-evaluate the initial thinking of buying additional TVs. Since we watch so little it made little sense to buy even a second unit, since we barely missed it when we had none.
HTTP is itself insecure. It's also TCP based, PTP, and there are a host of other reasons/limitations why it's unsuitable for a large range of purposes. But, if your world revolves around a simple insecure request/response model, I suppose it can accommodate.
It's still a "windows" phone, advertised as such, so any failings in operation that appear to be software related will justly be seen as an MS failing.
The last good OS from Microsoft Was DOS 6.22. If you replaced command.com with 4dos.com.
I'd mod you +1 Funny and insightful for this if I had points. That brings back some memories.
Perhaps it's time to give both of those shows the same treatment we're giving the rest of the entertainment industry? Let them accommodate or die. I'm sure someone somewhere will be online offering their own version(s) of these entities. Neither political nor sports talk shows are exclusives to cable.
And if you're so tied to a team you just must watch them, well, then you pay.
You beat me to the reply. You are absolutely correct. The fps made little difference, it was the Hz refresh rate more than anything. The fps is only relevant to FPS gamers (hmmm, interesting coincidence there) and then only because the faster their fps was, the earlier they might get a blip on the screen representing their next target, as the "frame" might be rendered a few ms faster.
Now the funny thing is that the true problem with current systems is latency. LCDs have horrible latency in general compared to CRTs, or at least they used to, which is why all gamers preferred CRTs for a long long time, and they still might for all I know. I don't participate in death matches and the like, so latency doesn't bother me. What does is color depth and gamut, and IPS screens are definitely showing their colors in these categories.
Pro-Choice was never about killing anyone. It's about allowing someone to remove something from their body. This operation is done all the time, more than a million times a year in the US and no one complains. (That would be those occurring somewhere near the 9 month mark.) There are also a fair number done earlier than the 6 month mark. These do not result in a sustainable living entity, no matter what is done.
For Pro-Lifers, something to provoke thought.
You'd think all those gamers at 100+fps would already be used to this.
Then there's the 1080p at 24, 30 and 60 fps. The only thing I notice is smoother movement as the frames go up, but only to a point. Past 30 it's pretty smooth.
the same system is in use in finland still, some using the numbered codes, in which the bank asks you a specific code from the code card, some need you to mark codes as used as you go(and doesn't provide a hint which code you should input).
Asking for a specific code would be a good route, since that actually is a sort of challenge response handshake. If you combine that with 1 time use only and mark them off, phishing becomes harder, unless you get an exceptionally dense person that enters 10+ numbers into a fake web site.
Ugh, sounds painfully inefficient and ripe for abuse, even though conceptually single use keys should be secure, obviously this isn't.
Originally I was going to suggest that the bank maybe should't have been 100% at fault, but upon re-reading the article. it appears they're one of the few still using the TAN system. That alone should make their liability level higher, since everyone else has switched away from it.
Note that there are no known viruses for OSX, and a properly configured mac makes even malware difficult to run.
600K macs estimated to be infected with flashback, the only really known problem malware at the moment.
Off the top of my head, there's also Flshplyr, SabPub and Maljava. If you don't keep up with the tech world, at least check your facts before getting on your soapbox. There's been PLENTY of OSX malware, mostly trojans and scareware - the aforementioned, Dloadr, FakeAv, Miner, Imuler, Renepo. Yes, there have been viruses, worms and malware for OSX. This is a matter of indisputable fact. This is not the first, it's not the only vulnerability currently out there. None of this is news.
So, with the exception of Renepo, which doesn't exist except as a concept and was for PPC Macs, the real problem was Flashback. All the other recent Trojans were targeted. I'll also note that Sophos now estimates the Flashback to be less than 275K infections as of last week. What was your point again?
I tried the Pandora route with about 20 different sets of seeds, and while I did find some bands I liked, none of them were new, even when dropping in as seeds songs published in last couple of years. I got lots of results that I was already aware of, and own in many cases. It is possible that the genres I like have been replaced by music with qualities I don't, c'est la vie, unfortunately.
Nah, no need, not even at a business level. Note that there are no known viruses for OSX, and a properly configured mac makes even malware difficult to run.
All that aside, this article is extremely suspect - 1 in 36 macs were infected with malware? 600K macs estimated to be infected with flashback, the only really known problem malware at the moment. So that would indicate about 22 million macs according to the story. According to Apple's Q1 2012 results, they sold over 5 million macs just this quarter, meaning that this article is saying 25% of the macs out there were sold this quarter? Of course, Sophos sells "security" software, so is this a surprise?
I said the same thing in the latest poll but from a business standpoint it's still throwing money down a hole. If they're not doing it for profit it's strange that they set it up as a business.
Actually, it's not. They're setting it up as a business for what most likely will be an entire series of new inventions and innovations that will come out of the research and implementation of progressing to their goal. Had NASA retained all patents on everything associated with the space program that they developed or funded, NASA would have been running this type of show in the 80s.
Except for most of the music...especially towards the end of the decade...ugh.
But the beginning was so great! Some of the best bands of all time came out of the late 70s early 80s. Then there was another brief blip of decent music around the early-mid 90s, and only occasional bands/releases since then.