Lol - that's a brilliant quote I had forgotten. I haven't seen the TV series or heard the original radio series... but one part of me insists that I shouldn't see it so as not to ruin the picture I've got from reading it!
You know what else makes a cool linux router? FreeBSD on a very, very old machine that you probably have 3 of in your basement.
I've tried this but reverted back to my standard DSL router after a few weeks. I'll pick up or build a MITX system soon, as some of them can run fanless I gather (based on the VIA C3) with external power supplies too. Which is ideal for the home - I got fed up of the noise mainly.
Yep, I expect you could but it takes up time. Time to set up POP3/IMAP, SMTP, webmail and integrate it all - not fun. Also backup for instance. Google's data storage is mirrored across lots of machines for reliability - chances are a normal hosting package would have limits on liability so that data storage isn't important to the contract. They assume you just upload your files to them and you have a copy locally.
I've heard a lot about the lack of folders but once you get used to the labels you wonder why nobody else had implemented it first. It's great being able more then one label to a message.
Opera users with M2, the built in mail client have been doing this for ages...:)
I agree though, it's brilliant, I gave up using M2 though for other reasons.
Quite right - very few people would want to risk their production machines on a new kernel series. 2.4 works very well as well all know, and it has the security support too.
As long as people keep putting 2.6 (or the latest series) on their "unstable" machines or desktop machines (I use it on all of mine) then support for all the new devices can be seriously tested to allow the 2.6 series to mature and be fully ready and time tested for production use.
The system works well thanks to the continued support for both series.
I am for one. I'm starting a new project that was going to originally be done in Java but as other users may want to run a free (as in freedom) language, I've decided I should be able to work it in PHP 5 as the object model's a bit better.
Although it can't compare to Java for a lot of things, it'll do the job for me where PHP 4 wouldn't.
It should verify that the supplied address strictly conforms to E-mail address standards and then invoke the user's default mail application.
By using the standard handler system provided by the underlying OS or desktop system?
In general, Mozilla can invoke protocol handlers whose function it knows after verifying that the arguments passed to those protocol handlers are safe for that protocol.
Sorry, in my opinion, this isn't up to Mozilla and its opinion. If a particular handler cannot be trusted with certain arguments then either the OS should not provide the handler and it should be disabled, or the application that the handler calls should check the supplied data.
It can't do that for shell: because it doesn't even recognize the protocol, let alone know what kinds of arguments would be safe to pass to that protocol handler.
Surely safe arguments are for the OS or the application that handles shell (presumably cmd.exe or something) to check? Maybe a flag should be used to indicate that the supplied data is potentially unsafe and it is still up to the default handling application to decide what to do with it.
Say you had an rtsp URL - surely it isn't the browser's job to understand the URL for starters and also have an opinion on its safety. The main reason behind my argument is that remember - any application on the system could call that handler, including Internet Explorer and other browsers/e-mail applications/messaging apps etc. Can you imagine the nightmare of each program trying to verify and check all the possible protocols people might want to link to?
What happens if a new application emerges that registers its own handler (e.g. AOL Messenger I believe uses 'aim:') - databases would have to be updated to allow the application to work, the maintainer of the databases would have to determine safe URLs and filter for anything other than that (and you'd have to get the specs for the app too, not easy with closed source) - and all maintainers would have varying positions on whether AIM is a safe application. It's a complete nightmare. It cannot be done on a per application basis.
The only effective solution IMHO, is a layer at the operating system level defining either how "safe" an application is or even better - for the application that registers the handler to judge for itself.
Speaking about OS layer stuff, it's obvious that such a system wouldn't/couldn't be implemented for few years, even if they wanted to. Maybe it's a new possibility for an application? One that intercepts all handlers (by overwriting the values in the registry) and presents a dialog box to the user asking whether they want to load the application, "always do this" (while the application remains the same) and maybe regularly updates itself with security information from an central database so if it's realised a handler has an exploit, the program can put up a big warning against it.
Of course the database would have to be trusted, open and very secure - and only the security concious people amongst us would actually use such a program.
Remember - most people on Windows use Internet Explorer. If Internet Explorer doesn't understand a URL, it passes it to the OS - that's where the security layer should be.
Yeah, but when IE gets tabs it won't be that really shitty implementation that Mozilla, Opera or Firefox have.
For example, both of those products fully support tearing a tab to make it a free-floating window, which means you can decide whenever you want to move a browser window to another monitor. Try that in Firefox.
Try that in Opera. I just did. Right clicked the tab, clicked "Detach" then dragged the window to my other monitor.
I personally don't like Firefox + Mozilla much but Opera rocks.
And it might just be me but I get less impressed by KDE 3.2 every day... I still use it on my main machine but I'm slowly moving over to Gnome 2.6 which seems more stable and has a lot more thought put into it's UI.
I want the Mozilla group to evaluate the possible mis-use of a "mailto:" link in general, and decide whether setting up that handler is safe and/or necessary in general considering the variety of handlers out there. At that point it becomes the responsibility of the people writing all the different handlers.
Remember, if Mozilla doesn't know about a handler, it will pass it to the underlying OS to decode. So that could be a mailto handler, an rstp (streaming video) handler etc. If a remote exploit came out that targetted RealPlayer or something (a common program to handle rtsp AFAIK) then it wouldn't be up to the Mozilla team to protect against a link to it, that's what the OS layer is for.
I want to be asked for what to use for the handler.
The choice is there - in the Windows registry - that's where the handler data is stored and what will happen when the handler is called. If you don't like the way something's handled, you can change it.
I don't trust anyone else. I trust Mozilla's developers, and I trust me. No one else, certainly not my OS vendor.
I don't think it's Mozilla's job to make up the failings of your OS vendor - if you don't trust them then your problem lies elsewhere.
Likewise I do not want 3rd party programs deciding on what to do with various protocols.
That seems to contradict what you were just saying about you wanting "someone I trust evaluating the general safety of a class of handlers" - you say that you trust the Mozilla team - but aren't they a 3rd party program?
The protocol handling is down the OS at the end of the day - if Mozilla can't handle the type itself then it's up to the OS to work out what to do with it. As others have pointed out, a shell handler isn't the brightest idea ever.
If you look at the patch source for Mozilla, all they're doing is flipping a preference that enables blacklisting of protocols then telling Mozilla to blacklist the shell one. Yes it works, but it isn't a system wide fix. A system wide fix would be to remove the shell handler (I doubt it's actually used) - this is just a quick fix for Mozilla, and not actually fixing the root of the problem (i.e. Windows).
I do agree with you about the whitelisting - maybe a good option to put in Windows (assuming the default set of handlers isn't dangerous (i.e. shell handler)) would be a confirmation dialog box to appear when a program tries to register a new handler.
I'm thinking of something like the box that appears when a site tries setting your homepage - it'd probably have to be off by default but it'd be a good option for those who really want to maintain the security of their systems. Also a control panel applet that defines the protocol handlers (like the file types one) so they can be edited.
But there's no chance of Microsoft ever implementing that:)
Mozilla should just handle the protocols it knows to handle and give an error message for everything else. What it is actually doing, handing off unknown things to the OS is just the sort of OS integration that causes so many problems for Microsoft applications as well.
What about when you click on a 'mailto:' link? Do you want Mozilla to pop up and say it can't handle it? Or do you want it to use your default mail application to start up a compose message window?
I half agree that the K mania has gone a bit too far, however I'm going to carry on with your point about MS Word (yes, a sensible name) as another/.er pointed out a week or two ago.
What would you think Microsoft Excel did if you hadn't used it? Likewise, Microsoft Access?
Similarly, if somebody hasn't explained "a zip file", a computer newbie has no chance of guessing.
IIRC WinXP will overwrite the boot loader during the setup program without a choice (which would probably only confuse newbs). XP doesn't overwrite it regularly - only when set up.
As such, people install XP first then put Linux on after, and put GRUB/LILO in the boot loader's place.
I see your point, however I personally haven't had any problems getting multiple video cards in one machine running under Linux. There's not much the machine has to do to make it "capable" of holding four graphics cards - as long as you've got a decent sized motherboard and good cooling.
Maybe it's luck, but I've seen other people fail to get them running under MS Windows. I remember one machine with an nVidia GF card in it, and an ATI Rage II - Windows just refused to start the ATI card. It could see it was there but just couldn't work it.
X terminals are a good solution - but if you have four members of staff, say secretaries all working next to each other in cubicles or something then this immediately becomes a far more practical solution. You won't need five boxes sitting around - four where the staff are and then another somewhere else for the server. You also won't need a network running - or the extra traffic generated by four X terminals (not much).
I remember reading something a while back about BartPE which would build a LiveCD of Windows. Haven't tried it - don't want to (*clutches debian cd*) but might you be able to run their utility under that?
Hehe... that reminds me of a time when I was standing in front of a fairly large display of Panasonic TVs and AV equipment, and we had the local station on the radio (boss's choice...) when an advert came on:
"John Smith Electronics, we have the largest selection of Panasonic and Technics equipment in the area, helpful staff and excellent service, come and visit us at..." (name changed)
The customer looked up at me and I just shrugged my shoulders back... I don't remember ever getting that sale:)
I wouldn't say that - the unstable tree runs with almost all the latest packages. Sometimes you might have to wait a week or so on the less common packages for the latest version to be packaged but it gets there.
Sure, the stable tree is behind, although a new release is in the works but it's like a snapshot of releases that are proven to work. The reason stuff like X.org isn't in yet, as dmaxwell said, all the tidying of scripts and building for multiple architectures - currently 10 with two being prepared for release.
I think I'd support the idea of Debian packages being released on platforms that they're currently available and then filling up the other, lesser used platforms later. But I can see those platforms being forgotton about and a lot of packages only available for say x86.
AFAIK, Debian is the most ported distro around - most of the others are just x86.
Mozilla, I feel is slow and bloated. Tried Firefox, just didn't feel right, Opera feels much more usable to me - as has already been mentioned - the tabs rock.
Really well coded gestures - you don't have to be exact at all to get it to recognise what you want to do. Nicely placed keyboard shortcuts also.
M2, the mail client integrates brilliantly and the idea of "views" instead of filtering into different folders I find brilliant. You can then have a mail in two seperate folders - you can also "label" e-mails too.
It's also standards compliant and the default skin on v7.50 is beautiful.
I'm going to give Firefox a whirl again, but Opera rocks.
Re:for actually using a computer (writing document
on
Is Caps Lock Dead?
·
· Score: 1
The memories! A guy who would do the tills at my last job was dreadful for this... I'd watch him while he tried typing in a customer's name and address and it was painful.
He's not the fastest of typers (two fingered hunt and peck) and whenever he reached a capital letter he did that. In addition, I'd taught him how to use Alt+underlined letter to shortcut through the EPOS system.
Only thing was that the EPOS system was written by a couple guys in VB (yes, had I known before the PHB bought it one day it wouldn't have happened!) and required five keystrokes to add a single item onto the current purchase (despite it using a barcode scanner).
To close the purchase, it required an "Alt+S", about five tabs and three hits of return. My colleague however could handle the alt+s and tabs (he knew how to use those, and shift+tab) but when it came to using return, he'd find the mouse and click on it...!
From the pictures in the link it doesn't look that difficult to get a rover into - I think the main problem is traction when trying to get it out.
According to NASA they're aluminium wheels and their main purpose looks like it was to absorb the shock and go over rocks than get the traction required to climb back out of a crater.
I'd imagine they have quite a bit of weight behind them too...
I don't think it's the actual web hosting that's the problem - I'm sure many people could lend a hand with that. As the home page of grsecurity says, it's having a leader for the project - to think of the ideas and implementations.
I am the sole developer and originator of ideas for the project. Though it would be possible for others to handle maintenance of the project, the quality won't be held to the same standards and will not progress with the same goals I have set for the project.
Which isn't "fairly simple" unfortunately - there's a lot of time and effort involved. And money.
Slashdot Mirror
Lol - that's a brilliant quote I had forgotten. I haven't seen the TV series or heard the original radio series... but one part of me insists that I shouldn't see it so as not to ruin the picture I've got from reading it!
You know what else makes a cool linux router? FreeBSD on a very, very old machine that you probably have 3 of in your basement.
I've tried this but reverted back to my standard DSL router after a few weeks. I'll pick up or build a MITX system soon, as some of them can run fanless I gather (based on the VIA C3) with external power supplies too. Which is ideal for the home - I got fed up of the noise mainly.
Yep, I expect you could but it takes up time. Time to set up POP3/IMAP, SMTP, webmail and integrate it all - not fun. Also backup for instance. Google's data storage is mirrored across lots of machines for reliability - chances are a normal hosting package would have limits on liability so that data storage isn't important to the contract. They assume you just upload your files to them and you have a copy locally.
I've heard a lot about the lack of folders but once you get used to the labels you wonder why nobody else had implemented it first. It's great being able more then one label to a message.
:)
Opera users with M2, the built in mail client have been doing this for ages...
I agree though, it's brilliant, I gave up using M2 though for other reasons.
Quite right - very few people would want to risk their production machines on a new kernel series. 2.4 works very well as well all know, and it has the security support too.
As long as people keep putting 2.6 (or the latest series) on their "unstable" machines or desktop machines (I use it on all of mine) then support for all the new devices can be seriously tested to allow the 2.6 series to mature and be fully ready and time tested for production use.
The system works well thanks to the continued support for both series.
I am for one. I'm starting a new project that was going to originally be done in Java but as other users may want to run a free (as in freedom) language, I've decided I should be able to work it in PHP 5 as the object model's a bit better.
Although it can't compare to Java for a lot of things, it'll do the job for me where PHP 4 wouldn't.
It should verify that the supplied address strictly conforms to E-mail address standards and then invoke the user's default mail application. By using the standard handler system provided by the underlying OS or desktop system?
In general, Mozilla can invoke protocol handlers whose function it knows after verifying that the arguments passed to those protocol handlers are safe for that protocol.
Sorry, in my opinion, this isn't up to Mozilla and its opinion. If a particular handler cannot be trusted with certain arguments then either the OS should not provide the handler and it should be disabled, or the application that the handler calls should check the supplied data.
It can't do that for shell: because it doesn't even recognize the protocol, let alone know what kinds of arguments would be safe to pass to that protocol handler.
Surely safe arguments are for the OS or the application that handles shell (presumably cmd.exe or something) to check? Maybe a flag should be used to indicate that the supplied data is potentially unsafe and it is still up to the default handling application to decide what to do with it.
Say you had an rtsp URL - surely it isn't the browser's job to understand the URL for starters and also have an opinion on its safety. The main reason behind my argument is that remember - any application on the system could call that handler, including Internet Explorer and other browsers/e-mail applications/messaging apps etc. Can you imagine the nightmare of each program trying to verify and check all the possible protocols people might want to link to?
What happens if a new application emerges that registers its own handler (e.g. AOL Messenger I believe uses 'aim:') - databases would have to be updated to allow the application to work, the maintainer of the databases would have to determine safe URLs and filter for anything other than that (and you'd have to get the specs for the app too, not easy with closed source) - and all maintainers would have varying positions on whether AIM is a safe application. It's a complete nightmare. It cannot be done on a per application basis.
The only effective solution IMHO, is a layer at the operating system level defining either how "safe" an application is or even better - for the application that registers the handler to judge for itself.
Speaking about OS layer stuff, it's obvious that such a system wouldn't/couldn't be implemented for few years, even if they wanted to. Maybe it's a new possibility for an application? One that intercepts all handlers (by overwriting the values in the registry) and presents a dialog box to the user asking whether they want to load the application, "always do this" (while the application remains the same) and maybe regularly updates itself with security information from an central database so if it's realised a handler has an exploit, the program can put up a big warning against it.
Of course the database would have to be trusted, open and very secure - and only the security concious people amongst us would actually use such a program.
Remember - most people on Windows use Internet Explorer. If Internet Explorer doesn't understand a URL, it passes it to the OS - that's where the security layer should be.
Yeah, but when IE gets tabs it won't be that really shitty implementation that Mozilla, Opera or Firefox have.
For example, both of those products fully support tearing a tab to make it a free-floating window, which means you can decide whenever you want to move a browser window to another monitor. Try that in Firefox.
Try that in Opera. I just did. Right clicked the tab, clicked "Detach" then dragged the window to my other monitor.
I personally don't like Firefox + Mozilla much but Opera rocks.
And it might just be me but I get less impressed by KDE 3.2 every day... I still use it on my main machine but I'm slowly moving over to Gnome 2.6 which seems more stable and has a lot more thought put into it's UI.
I want the Mozilla group to evaluate the possible mis-use of a "mailto:" link in general, and decide whether setting up that handler is safe and/or necessary in general considering the variety of handlers out there. At that point it becomes the responsibility of the people writing all the different handlers.
:)
Remember, if Mozilla doesn't know about a handler, it will pass it to the underlying OS to decode. So that could be a mailto handler, an rstp (streaming video) handler etc. If a remote exploit came out that targetted RealPlayer or something (a common program to handle rtsp AFAIK) then it wouldn't be up to the Mozilla team to protect against a link to it, that's what the OS layer is for.
I want to be asked for what to use for the handler.
The choice is there - in the Windows registry - that's where the handler data is stored and what will happen when the handler is called. If you don't like the way something's handled, you can change it.
I don't trust anyone else. I trust Mozilla's developers, and I trust me. No one else, certainly not my OS vendor.
I don't think it's Mozilla's job to make up the failings of your OS vendor - if you don't trust them then your problem lies elsewhere.
Likewise I do not want 3rd party programs deciding on what to do with various protocols.
That seems to contradict what you were just saying about you wanting "someone I trust evaluating the general safety of a class of handlers" - you say that you trust the Mozilla team - but aren't they a 3rd party program?
The protocol handling is down the OS at the end of the day - if Mozilla can't handle the type itself then it's up to the OS to work out what to do with it. As others have pointed out, a shell handler isn't the brightest idea ever.
If you look at the patch source for Mozilla, all they're doing is flipping a preference that enables blacklisting of protocols then telling Mozilla to blacklist the shell one. Yes it works, but it isn't a system wide fix. A system wide fix would be to remove the shell handler (I doubt it's actually used) - this is just a quick fix for Mozilla, and not actually fixing the root of the problem (i.e. Windows).
I do agree with you about the whitelisting - maybe a good option to put in Windows (assuming the default set of handlers isn't dangerous (i.e. shell handler)) would be a confirmation dialog box to appear when a program tries to register a new handler.
I'm thinking of something like the box that appears when a site tries setting your homepage - it'd probably have to be off by default but it'd be a good option for those who really want to maintain the security of their systems. Also a control panel applet that defines the protocol handlers (like the file types one) so they can be edited.
But there's no chance of Microsoft ever implementing that
Mozilla should just handle the protocols it knows to handle and give an error message for everything else. What it is actually doing, handing off unknown things to the OS is just the sort of OS integration that causes so many problems for Microsoft applications as well.
What about when you click on a 'mailto:' link? Do you want Mozilla to pop up and say it can't handle it? Or do you want it to use your default mail application to start up a compose message window?
I half agree that the K mania has gone a bit too far, however I'm going to carry on with your point about MS Word (yes, a sensible name) as another /.er pointed out a week or two ago.
What would you think Microsoft Excel did if you hadn't used it? Likewise, Microsoft Access?
Similarly, if somebody hasn't explained "a zip file", a computer newbie has no chance of guessing.
IIRC WinXP will overwrite the boot loader during the setup program without a choice (which would probably only confuse newbs). XP doesn't overwrite it regularly - only when set up.
As such, people install XP first then put Linux on after, and put GRUB/LILO in the boot loader's place.
I see your point, however I personally haven't had any problems getting multiple video cards in one machine running under Linux. There's not much the machine has to do to make it "capable" of holding four graphics cards - as long as you've got a decent sized motherboard and good cooling.
Maybe it's luck, but I've seen other people fail to get them running under MS Windows. I remember one machine with an nVidia GF card in it, and an ATI Rage II - Windows just refused to start the ATI card. It could see it was there but just couldn't work it.
X terminals are a good solution - but if you have four members of staff, say secretaries all working next to each other in cubicles or something then this immediately becomes a far more practical solution. You won't need five boxes sitting around - four where the staff are and then another somewhere else for the server. You also won't need a network running - or the extra traffic generated by four X terminals (not much).
I remember reading something a while back about BartPE which would build a LiveCD of Windows. Haven't tried it - don't want to (*clutches debian cd*) but might you be able to run their utility under that?
Hehe... that reminds me of a time when I was standing in front of a fairly large display of Panasonic TVs and AV equipment, and we had the local station on the radio (boss's choice...) when an advert came on:
:)
"John Smith Electronics, we have the largest selection of Panasonic and Technics equipment in the area, helpful staff and excellent service, come and visit us at..." (name changed)
The customer looked up at me and I just shrugged my shoulders back... I don't remember ever getting that sale
Try out Gnumeric - it's a native Gnome application but is rather lost because of OO's "mindshare".
It is - at least you can check the code to see if it's designed to do the job and not just show a pretty progress bar...
Agreed though on the rest of your message!
I wouldn't say that - the unstable tree runs with almost all the latest packages. Sometimes you might have to wait a week or so on the less common packages for the latest version to be packaged but it gets there.
Sure, the stable tree is behind, although a new release is in the works but it's like a snapshot of releases that are proven to work. The reason stuff like X.org isn't in yet, as dmaxwell said, all the tidying of scripts and building for multiple architectures - currently 10 with two being prepared for release.
I think I'd support the idea of Debian packages being released on platforms that they're currently available and then filling up the other, lesser used platforms later. But I can see those platforms being forgotton about and a lot of packages only available for say x86.
AFAIK, Debian is the most ported distro around - most of the others are just x86.
You sure?
;-)
Their page on viewing techniques doesn't seem to be working
No way would I use IE.
Mozilla, I feel is slow and bloated. Tried Firefox, just didn't feel right, Opera feels much more usable to me - as has already been mentioned - the tabs rock.
Really well coded gestures - you don't have to be exact at all to get it to recognise what you want to do. Nicely placed keyboard shortcuts also.
M2, the mail client integrates brilliantly and the idea of "views" instead of filtering into different folders I find brilliant. You can then have a mail in two seperate folders - you can also "label" e-mails too.
It's also standards compliant and the default skin on v7.50 is beautiful.
I'm going to give Firefox a whirl again, but Opera rocks.
The memories! A guy who would do the tills at my last job was dreadful for this... I'd watch him while he tried typing in a customer's name and address and it was painful.
;-)
He's not the fastest of typers (two fingered hunt and peck) and whenever he reached a capital letter he did that. In addition, I'd taught him how to use Alt+underlined letter to shortcut through the EPOS system.
Only thing was that the EPOS system was written by a couple guys in VB (yes, had I known before the PHB bought it one day it wouldn't have happened!) and required five keystrokes to add a single item onto the current purchase (despite it using a barcode scanner).
To close the purchase, it required an "Alt+S", about five tabs and three hits of return. My colleague however could handle the alt+s and tabs (he knew how to use those, and shift+tab) but when it came to using return, he'd find the mouse and click on it...!
I gave in after reminding him for a week
From the pictures in the link it doesn't look that difficult to get a rover into - I think the main problem is traction when trying to get it out.
According to NASA they're aluminium wheels and their main purpose looks like it was to absorb the shock and go over rocks than get the traction required to climb back out of a crater.
I'd imagine they have quite a bit of weight behind them too...
I don't think it's the actual web hosting that's the problem - I'm sure many people could lend a hand with that. As the home page of grsecurity says, it's having a leader for the project - to think of the ideas and implementations.
I am the sole developer and originator of ideas for the project. Though it would be possible for others to handle maintenance of the project, the quality won't be held to the same standards and will not progress with the same goals I have set for the project.
Which isn't "fairly simple" unfortunately - there's a lot of time and effort involved. And money.
I have a hard enough time getting mobile phone coverage where I am anyway, let alone Mars...