At the very least... Without going so far as to claim that AV companies actually release the viruses they write - it would be difficult to think that their researchers (and other security industry people) do NOT write / develop proof of concept viruses themselves. And then the AV companies add the signature of their own internal R&D viruses to their product - which Marketing thinks is great as they can now put a big *Over 10,000 viruses found and Removed* sticker on the box.
Software developers that have a problem with piracy are making an incorrect assumption. And that is that anything other than a small fraction of their user base is willing to pay.
They are, incorrectly, looking at the number of downloads, comparing that to the number of sales, and are seeing the difference as losses.
They are not.
I personally would never pay for Echelon. I may download it and use it if free, but if I had to pay for it, then it drops below my radar of things-I-want-to-do. Or, some other developer has a 30 day trial I can use.
The point is, some random small shareware app very rarely does something Im willing to consider paying money for. 90% of things like echelon I download Ill run once, think "thats cute" then totally forget about. Im not willing to spend $10 or more a time simply because Im curious about something.
Sheesh, Why these software authros think that their tool is going to become an indispensible part of my life such that I need to pay for it. Crikey.
Anyway, if shareware authors stopped lamentin gthe rampant "piracy", which is users of their software who would never buy it anyway, and concentrated instead on expanding the base of paying users, then they just might get somewhere.
This post isn't funny. I mean what? This guy actually thinks that he needs to defend himself against posts made by ignoramuses on Slashdot?
Given my distruct of both XML and SQL - hell anything that doesnt have a nice binary API - I was quite willing to belive him, but this bizarre behaviour has made me categorize him firmly as a loon.
This is true - normally. However, installation software is allowed/supposed to use the MoveFileEx API with some flag parameters to cover this exact situation: NT allows files to be renamed/moved anywhere on the same NTFS volume while they are open. This API is intended to be used by installation software that needs to solve this very problem.
On NTFS partitions, MoveFileEx API can rename a loaded & running Dll. This allows setup programs to install a new version of a Dll while an old version is still locked open.
If you know any unenligntened Windows programmers, point them here for the official word on the subject:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dllproc/base/dynamic_link_library_u pdates.asp
Unfortunately yes. Drivers dont HAVE to be installed using the official driver INF parser. Idiots can bypass that process and simply inject the necessary entries in the registry.
All you have to do on 2K/XP is fuck around with
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es
And then tell the user they need to reboot as, bypassing the official APIs that would do the WHQL checking means you dont get Plug and Play driver installation.
All the more reason to look with great suspicion on ANY windows app that needs a restart after installation. If the proper APIs are used the only time a Windows box really *needs* to be restarted is after youve downloaded a kernel security update.
And how is that NOT a zero sum game?
The 3rd person, who purchased the stocks at Q is, in your example, the looser.
If you ignore the long term players - the people looking to gain (or lose) actual stockholder voting power, and/or hoping to collect on dividend payouts, the rest of the market is both zero sum, and gambling.
She cant put up her baby photo's fool because of all the wierdo paedophile types that are visiting katie.com
Plus the excessive traffic means she can't put any graphically intensive content on the front page or shes footing the bill to server megabytes to people who are looking for the books homepage.
Lastly, as a result of katie.com, abused people and twisted sicko's alike are filling her email.
Uh, no, YOU think its a good thing. Which ironically is WHY its a bad thing.
Because standards ARE different all over the world, people have different ideas as to what works and what doesn't.
To stnadardize on a one size fits all approach is dangerous, and only a good idea if youre in a position such that the option taken is YOUR option.
Imperialist dog.
Well, im pretty certain its important. Stresses tell cells how to grow - without gravity providing feedback bones decalcify. Im sure there are growth processes that are pulse dependant that direct the proper functioning of blood vessle walls.
Pulses also have a pumping effect, where blockages down at the capillary level would be cleared by the pressure peaks whereas with a static pressure the blockage would not clear.
The issue is this. Nature - and by that I mean an awful lot of biological systems evolving at various rates - has not yet - to my knowledge - developed a single system where immunity is by security.
That is to say, no non trivial software system can be proved bug free. By induction, no non trivial system can be proved secure against the sort of "security holes" that will allow exploits to happen.
If security cant ever be proved... then we better come up with a different idea for mitigating the effects of virus attacks.
Perhaps though the "fixes" dont need to be viruses. Viruses have a certain economy of scale that allows them to propogate and infect many machines. Perhaps instead of self propogating patches we deploy a system of server propogated patches to systems. Major ISPs could deploy a network of machines designed to, in the event of a virus exploiting a known weakness, systematically transmit an exploit closing patch.
Sure, the counter patch might fuck a number of systems up, but by definition those would be systems that would otherwise be utterly compromised.
Unless this is the sort of business where you have actual owning shared its completely wrong to put up with this sort of crap.
Small startup companies where you have a good personal relationship with the owner, sure, use your own stuff.
In a corporate enviroment, no way: - if its used for work, the company pays.
Obviously the designers of TCP/IP all need to be locked up for producing a protocol that enabled the dissemination of copyright works accross a network that could survive nuclear war.
Or something.
For better or worse, personal storage is going to increase. Cellphones, watches, ipods, all these things are becomming increasingly necessary to remain competativly productive in the modern world.
Companies that dont figure out how to allow employees to use PDAs or cellphones or USB thumbdrives are going to find themselves at a disadvantage relative to companies that allow their employees to discover new ways to increase their productivity.
I mean its like every tosser who works out that their specific problem can be described by a phase space comes to the startling conclusion that a genetic algorithm is a neato way to explore the said phase space?
I think I should start submitting patent applications of the form "Method and algorithm for optimising , using a fitness function and genetic algorithms to find optima in a phase space".
The hacker diet was put together by a moron who cant debug his way out of a paper bag.
The human body has the ability to self regulate its energy intake and burn rates to achieve an "optimal" body fat ratio.
You just have to stop confusing the fuck out of it by consuming trans saturated fats and refined carbohydrates. And sugar of course. If you wanna get fat or stay fat, continue to fuck with your insulin regulation mechanisims by consuming high glycimic index food products.
If you wanna get thin - no amount of excercise will help you without a corresponding change in diet. Thats why all those excercise machines on TV that promise to make you thin and buff, include a "free" eating plan. Its the eating plan that does the weight loss.
RIAA forgets to pay royalties?
From the article it was the RIAA lawyer who brought the problem up.
The RIAA member companies were not forgetting to pay anyone. They had lost contact with the artists not through any fault of their own, but because the artists had not updated their contact details.
Shite - even evil entities are capable of acts of good. In this case the RIAA did the right thing.
No.
The creators of life critical systems that choose insecure components MUST be blamed - even though they are victims themselves.
Its only by making the coast guard, or the supplier of the system they use, accountable for the insecurity of the system that management will be given the incentive to choose against MS.
As long as the blame can be passed on, to MS or the virus writers, insititutions like the Coast Guard will continue to choose unstable/insecure systems because they are cheaper.
If you dotn hold people responsible for their choices (choosing a MS based system with insufficient safeguards) they can't be held responsible for choices.
If the Coast Guard is not held responsible today - whats to stop Air Traffic Control at Heathrow installing an internet exposed Windows based air traffic control system tomorrow?
Certain classes of systems should have, mandated by law, a required level of security compliance.
I mean - I feel sure that already - or merely soon - critical control systems of aircraft are going to be running some sort of MS OS, probably with systems written by some C#.NET muppet. Some fool will probably think it neat to network up the cockpit with 802.11b or some such, and then someone turns on his wireless enabled compromised laptop during landing and it infects the cockpit's various devices.
I hope this hypothetical case does not come about, BUT the only way to prevent it is not to come down hard on virus authors, or the software engineers who made the system with the flaw, you have to put the people who make the descisions asses on the line: management.
Seriously, whoever was responsible for designing and implementing the system the coast guard uses is at fault.
I can't belive that people who put together systems that perform life critical functions cannot be held liable for the choices they make -
I dont think the OS choice is relevent. Its the setting up of a system that is exposed to the internet. Systems on which peoplses lives depend have no business being connected to unsecure systems - they should be dealing ONLY with the data needed to perform their task.
Like all biological processes that will (should) be automatic.
The simple fact that there is a tooth forming will encourage the growth of blood and nerve endings.
Think about this. Before you get your teeth for the first time the plumbing is not yet wired in. Its only as the teeth start to grow that blood and nerves get wired up.
Slashdot Mirror
At the very least... Without going so far as to claim that AV companies actually release the viruses they write - it would be difficult to think that their researchers (and other security industry people) do NOT write / develop proof of concept viruses themselves. And then the AV companies add the signature of their own internal R&D viruses to their product - which Marketing thinks is great as they can now put a big *Over 10,000 viruses found and Removed* sticker on the box.
Duh! They made it themselves of course!
Software developers that have a problem with piracy are making an incorrect assumption. And that is that anything other than a small fraction of their user base is willing to pay. They are, incorrectly, looking at the number of downloads, comparing that to the number of sales, and are seeing the difference as losses. They are not. I personally would never pay for Echelon. I may download it and use it if free, but if I had to pay for it, then it drops below my radar of things-I-want-to-do. Or, some other developer has a 30 day trial I can use. The point is, some random small shareware app very rarely does something Im willing to consider paying money for. 90% of things like echelon I download Ill run once, think "thats cute" then totally forget about. Im not willing to spend $10 or more a time simply because Im curious about something. Sheesh, Why these software authros think that their tool is going to become an indispensible part of my life such that I need to pay for it. Crikey. Anyway, if shareware authors stopped lamentin gthe rampant "piracy", which is users of their software who would never buy it anyway, and concentrated instead on expanding the base of paying users, then they just might get somewhere.
This post isn't funny. I mean what? This guy actually thinks that he needs to defend himself against posts made by ignoramuses on Slashdot? Given my distruct of both XML and SQL - hell anything that doesnt have a nice binary API - I was quite willing to belive him, but this bizarre behaviour has made me categorize him firmly as a loon.
Dynamin-Link Library Updates @ MSDN
On NTFS partitions, MoveFileEx API can rename a loaded & running Dll. This allows setup programs to install a new version of a Dll while an old version is still locked open. If you know any unenligntened Windows programmers, point them here for the official word on the subject: http://msdn.microsoft.com/library/default.asp?url= /library/en-us/dllproc/base/dynamic_link_library_u pdates.asp
Unfortunately yes. Drivers dont HAVE to be installed using the official driver INF parser. Idiots can bypass that process and simply inject the necessary entries in the registry. All you have to do on 2K/XP is fuck around with HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es
And then tell the user they need to reboot as, bypassing the official APIs that would do the WHQL checking means you dont get Plug and Play driver installation.
All the more reason to look with great suspicion on ANY windows app that needs a restart after installation. If the proper APIs are used the only time a Windows box really *needs* to be restarted is after youve downloaded a kernel security update.
And how is that NOT a zero sum game? The 3rd person, who purchased the stocks at Q is, in your example, the looser. If you ignore the long term players - the people looking to gain (or lose) actual stockholder voting power, and/or hoping to collect on dividend payouts, the rest of the market is both zero sum, and gambling.
She cant put up her baby photo's fool because of all the wierdo paedophile types that are visiting katie.com Plus the excessive traffic means she can't put any graphically intensive content on the front page or shes footing the bill to server megabytes to people who are looking for the books homepage. Lastly, as a result of katie.com, abused people and twisted sicko's alike are filling her email.
Uh, no, YOU think its a good thing. Which ironically is WHY its a bad thing. Because standards ARE different all over the world, people have different ideas as to what works and what doesn't. To stnadardize on a one size fits all approach is dangerous, and only a good idea if youre in a position such that the option taken is YOUR option. Imperialist dog.
Well, im pretty certain its important. Stresses tell cells how to grow - without gravity providing feedback bones decalcify. Im sure there are growth processes that are pulse dependant that direct the proper functioning of blood vessle walls. Pulses also have a pumping effect, where blockages down at the capillary level would be cleared by the pressure peaks whereas with a static pressure the blockage would not clear.
The issue is this. Nature - and by that I mean an awful lot of biological systems evolving at various rates - has not yet - to my knowledge - developed a single system where immunity is by security. That is to say, no non trivial software system can be proved bug free. By induction, no non trivial system can be proved secure against the sort of "security holes" that will allow exploits to happen. If security cant ever be proved... then we better come up with a different idea for mitigating the effects of virus attacks. Perhaps though the "fixes" dont need to be viruses. Viruses have a certain economy of scale that allows them to propogate and infect many machines. Perhaps instead of self propogating patches we deploy a system of server propogated patches to systems. Major ISPs could deploy a network of machines designed to, in the event of a virus exploiting a known weakness, systematically transmit an exploit closing patch. Sure, the counter patch might fuck a number of systems up, but by definition those would be systems that would otherwise be utterly compromised.
Theres a big difference between "make contact" and "detect"
Unless this is the sort of business where you have actual owning shared its completely wrong to put up with this sort of crap. Small startup companies where you have a good personal relationship with the owner, sure, use your own stuff. In a corporate enviroment, no way: - if its used for work, the company pays.
Obviously the designers of TCP/IP all need to be locked up for producing a protocol that enabled the dissemination of copyright works accross a network that could survive nuclear war. Or something.
For better or worse, personal storage is going to increase. Cellphones, watches, ipods, all these things are becomming increasingly necessary to remain competativly productive in the modern world. Companies that dont figure out how to allow employees to use PDAs or cellphones or USB thumbdrives are going to find themselves at a disadvantage relative to companies that allow their employees to discover new ways to increase their productivity.
I mean its like every tosser who works out that their specific problem can be described by a phase space comes to the startling conclusion that a genetic algorithm is a neato way to explore the said phase space? I think I should start submitting patent applications of the form "Method and algorithm for optimising , using a fitness function and genetic algorithms to find optima in a phase space".
Um, no. Even the worst F1 drivers can routinely put in lap after lap within 0.10 seconds of each other.
And the presence of this filter is going to help you filter your babysitters how?
The hacker diet was put together by a moron who cant debug his way out of a paper bag. The human body has the ability to self regulate its energy intake and burn rates to achieve an "optimal" body fat ratio. You just have to stop confusing the fuck out of it by consuming trans saturated fats and refined carbohydrates. And sugar of course. If you wanna get fat or stay fat, continue to fuck with your insulin regulation mechanisims by consuming high glycimic index food products. If you wanna get thin - no amount of excercise will help you without a corresponding change in diet. Thats why all those excercise machines on TV that promise to make you thin and buff, include a "free" eating plan. Its the eating plan that does the weight loss.
RIAA forgets to pay royalties? From the article it was the RIAA lawyer who brought the problem up. The RIAA member companies were not forgetting to pay anyone. They had lost contact with the artists not through any fault of their own, but because the artists had not updated their contact details. Shite - even evil entities are capable of acts of good. In this case the RIAA did the right thing.
No. The creators of life critical systems that choose insecure components MUST be blamed - even though they are victims themselves. Its only by making the coast guard, or the supplier of the system they use, accountable for the insecurity of the system that management will be given the incentive to choose against MS. As long as the blame can be passed on, to MS or the virus writers, insititutions like the Coast Guard will continue to choose unstable/insecure systems because they are cheaper. If you dotn hold people responsible for their choices (choosing a MS based system with insufficient safeguards) they can't be held responsible for choices. If the Coast Guard is not held responsible today - whats to stop Air Traffic Control at Heathrow installing an internet exposed Windows based air traffic control system tomorrow?
Certain classes of systems should have, mandated by law, a required level of security compliance. I mean - I feel sure that already - or merely soon - critical control systems of aircraft are going to be running some sort of MS OS, probably with systems written by some C# .NET muppet. Some fool will probably think it neat to network up the cockpit with 802.11b or some such, and then someone turns on his wireless enabled compromised laptop during landing and it infects the cockpit's various devices.
I hope this hypothetical case does not come about, BUT the only way to prevent it is not to come down hard on virus authors, or the software engineers who made the system with the flaw, you have to put the people who make the descisions asses on the line: management.
Seriously, whoever was responsible for designing and implementing the system the coast guard uses is at fault. I can't belive that people who put together systems that perform life critical functions cannot be held liable for the choices they make - I dont think the OS choice is relevent. Its the setting up of a system that is exposed to the internet. Systems on which peoplses lives depend have no business being connected to unsecure systems - they should be dealing ONLY with the data needed to perform their task.
Like all biological processes that will (should) be automatic. The simple fact that there is a tooth forming will encourage the growth of blood and nerve endings. Think about this. Before you get your teeth for the first time the plumbing is not yet wired in. Its only as the teeth start to grow that blood and nerves get wired up.