and set any temp directories to/tmp. Voila. Secure kiosk.
Under windows there is still a lot of software that STILL won't work without very liberal permissions because they want to write into C:\Program Files\Progname.
Standard operating procedure for our sysadmin, installing Debian:
- install completely disconnected from the network
- get patches from another, secure system
- install patches
- then connect to the Net
Somebody else said basically the same thing, so I'll reply to both here.
The thing is, let's say I want to do this with my favourite Linux distro. Let's call it SuperLinux. I can go to:
ftp://ftp.superlinux.com/pub/current/updates
and download everything in that directory to transfer to the freshly installed computer.
But what to do for Windows? Microsoft REALLY wants you to use Windows update -- a problem if you want to update a system not on the Internet yet. Appearantly they hide the individual hotfixes in impossible-to-find Knowledge Base articles (KB5423288 and so on).
In fact -- Microsoft seems to have shut down their FTP server. All attempts at getting through to ftp.microsoft.com are failing. A shame -- I know it used to exist.
Security must be a joke to Microsoft. I recently had to do two fresh installs of Win2K+SP3 from behind a dial-up connection.
With the first machine, I connected to the Internet and was infected with Welchia about 24 minutes later.
With the second machine, it was FIVE MINUTES.
In neither case did I even have enough time to get the latest patches (over 25mb of standalone patches + IE SP1 + SP4) before I was infected with a virus.
It's just plain ridiculous -- What happens when Joe Average User connects his computer he just bought from a local computer store (who I doubt would have installed the patches on every machine going out the door)? How is he supposed to know what to do?
If anyone is wondering what the hell this comment is about, a recent kernel patch that Mandrake used in 9.2 causes LG CD-ROM drives to commit suicide.
There was a Slashdot story on it..
Basically, what happened is the kernel patch passes a standard (but not frequently used) ATAPI command to the drive to query the format of the disc in it, and that triggered a bug in LG's firmware.
1) Media creation: Who still creates CAD drawings with a keyboard only? I used some early versions of Autocad that where keyboard-only -- they sucked. Sometimes a tangible pointer with a 1-to-1 interface mapping between a 2-D surface and the screen is superior.
I don't know.. when you are doing CAD, don't you need accuracy? Is it really easier to hit just the right pixel, or type (35,25)?
DISCLAIMER: I don't do CAD, don't really know anything about it.
When PriceWaterHouseCoopers decided to change their name to Introducing Monday (!!) they never
bothered to register introducingmonday.co.uk. So somebody else did.
Won't DRM make it difficult for the Library of Congress to archive these? What about when it needs to be transferred to a new digital format (because paper has been around for ages; computer technology completely changes every 10 years)?
One of the main problems is that, when you get down to it, the core functionality is putting images of a bunch of physical pages into one big file. This is fine when you can read it on a 1600x1200 screen, but when you need to view the image on a Palm, it doesn't work. (The text doesn't magically reflow to fit the Palm.)
Personally, I think simple HTML (i.e. HTML 3.2) would be perfect for e-books.. easily parsed by any device (Palm, PocketPC, Desktop Computer..) and it (with the exception of tables) easily reflows to fit any device.
I wouldn't call this easily worked around -- why would you want to jump through all these hoops when you could just have an IP for every machine for IPv6?
Once you put a little button asking for money in your program, what difference does it make? You've just effectively turned it into shareware. I hope FLOSS projects don't go this way.
A somewhat related cautionary tale about how easy it is to fool people that was mentioned recently in a comment on Slashdot..
Viewpoint: A Dangerous Experiment
I doubt it would be wise to go this route given that it is expensive and will likely be obseleted in a few years, I have a C-Band satellite dish and love it.
The quality is second-to-none (well, except for maybe the signal right at the TV station). I can't stand the overcompressed crap that DirecTV/Dish/Bell ExpressVu/StarChoice push out, and would rather take a high quality (semi-)analog signal over a digital one any day.
I get to select all my channels a la carte (buying single channels) and I pay approx CDN$60 per year for all my channels.
Until someone answers these questions I won't start *blaming* MSFT for bad security. It could simply be inevitable that a popular system has more exploits.
Netcraft says that Apache web server has 64.61% marketshare, while IIS has 23.46%.
We all know which one has more security flaws..
There goes the theory that more popular == more exploits.
Of course, for being so greedy you WILL discover that your download speed will slow and you won't get full pseed because you weren't sharing your fair share..
One of the beauties of BitTorrent..
Is there some particular reason you need to cap at 1kb/s?
Be careful -- this may bugger up Google and other legitimate search engines that follow it.. and you may find that you'll get banned from them because of it. (This is basically search engine spamming, even if you aren't using it to sell something)
I think putting the address in a robots.txt file would prevent the legitimate search engines from indexing it, and would let the spambots through, though.
Yikes! What happens when somebody gets assigned that VID and the next version of Linux/Windows/MacOS includes drivers that start recognizing your widget as a joystick?
Slashdot Mirror
And on Linux?
/tmp. Voila. Secure kiosk.
Create a user account (let's call them kiosk).
do:
[root@ki1214 home]$ chown 600 kiosk -R & chmod root.root kiosk & r
and set any temp directories to
Under windows there is still a lot of software that STILL won't work without very liberal permissions because they want to write into C:\Program Files\Progname.
The thing is, let's say I want to do this with my favourite Linux distro. Let's call it SuperLinux. I can go to:
ftp://ftp.superlinux.com/pub/current/updates
and download everything in that directory to transfer to the freshly installed computer.
But what to do for Windows? Microsoft REALLY wants you to use Windows update -- a problem if you want to update a system not on the Internet yet. Appearantly they hide the individual hotfixes in impossible-to-find Knowledge Base articles (KB5423288 and so on).
In fact -- Microsoft seems to have shut down their FTP server. All attempts at getting through to ftp.microsoft.com are failing. A shame -- I know it used to exist.
With the first machine, I connected to the Internet and was infected with Welchia about 24 minutes later.
With the second machine, it was FIVE MINUTES.
In neither case did I even have enough time to get the latest patches (over 25mb of standalone patches + IE SP1 + SP4) before I was infected with a virus.
It's just plain ridiculous -- What happens when Joe Average User connects his computer he just bought from a local computer store (who I doubt would have installed the patches on every machine going out the door)? How is he supposed to know what to do?
There was a Slashdot story on it..
Basically, what happened is the kernel patch passes a standard (but not frequently used) ATAPI command to the drive to query the format of the disc in it, and that triggered a bug in LG's firmware.
Come on, we all know that's the only thing of value geeks have on their hard drives. ;)
DISCLAIMER: I don't do CAD, don't really know anything about it.
When PriceWaterHouseCoopers decided to change their name to Introducing Monday (!!) they never bothered to register introducingmonday.co.uk. So somebody else did.
Won't DRM make it difficult for the Library of Congress to archive these? What about when it needs to be transferred to a new digital format (because paper has been around for ages; computer technology completely changes every 10 years)?
One of the main problems is that, when you get down to it, the core functionality is putting images of a bunch of physical pages into one big file. This is fine when you can read it on a 1600x1200 screen, but when you need to view the image on a Palm, it doesn't work. (The text doesn't magically reflow to fit the Palm.)
Personally, I think simple HTML (i.e. HTML 3.2) would be perfect for e-books.. easily parsed by any device (Palm, PocketPC, Desktop Computer..) and it (with the exception of tables) easily reflows to fit any device.
And also, since this is supposed to be a scale model of the Internet, does that make it midget porn? ;)
This is ridiculous flamebait and should probably be modded as such and not "4, Insightful".
As an aside, has anyone else noticed that Altavista and AllTheWeb have turned their websites into Google-clones?
This is a good thing; less cruft -- more searching.
I wouldn't call this easily worked around -- why would you want to jump through all these hoops when you could just have an IP for every machine for IPv6?
Voila. Adware.
Once you put a little button asking for money in your program, what difference does it make? You've just effectively turned it into shareware. I hope FLOSS projects don't go this way.
Or you could improve your query...
.. should do.
java +language -coffee -island
Not to mention the "activation system" included writing to your boot sector (!). What a ridiculously stupid idea..
He says this later -- Freudian slip the first time? (Talking about the Republican head of the company a few sentences prior)
A somewhat related cautionary tale about how easy it is to fool people that was mentioned recently in a comment on Slashdot..
Viewpoint: A Dangerous Experiment
Men from Mars? That's a different matter..
The quality is second-to-none (well, except for maybe the signal right at the TV station). I can't stand the overcompressed crap that DirecTV/Dish/Bell ExpressVu/StarChoice push out, and would rather take a high quality (semi-)analog signal over a digital one any day.
I get to select all my channels a la carte (buying single channels) and I pay approx CDN$60 per year for all my channels.
Netcraft says that Apache web server has 64.61% marketshare, while IIS has 23.46%.
We all know which one has more security flaws..
There goes the theory that more popular == more exploits.
Of course, for being so greedy you WILL discover that your download speed will slow and you won't get full pseed because you weren't sharing your fair share.. One of the beauties of BitTorrent.. Is there some particular reason you need to cap at 1kb/s?
I think putting the address in a robots.txt file would prevent the legitimate search engines from indexing it, and would let the spambots through, though.
You'll have a lot of angry customers..