OK fanboi, did you even read the link I referred to? Here's an excerpt:
Safari on the Mac is easier to exploit. The things that Windows do to
make it harder (for an exploit to work), Macs don't do. Hacking
into Macs is so much easier. You don't have to jump through hoops and deal with
all the anti-exploit mitigations you'd find in Windows.
It's more about the operating system than the (target) program. Firefox on
Mac is pretty easy too. The underlying OS doesn't have anti-exploit
stuff built into it.
With my Safari exploit, I put the code into a process and I know exactly where
it's going to be. There's no randomization. I know when I jump there, the code
is there and I can execute it there. On Windows, the code might show up but
I don't know where it is. Even if I get to the code, it's not executable. Those
are two hurdles that Macs don't have.
It's clear that all three browsers (Safari, IE and Firefox) have bugs. Code
execution holes everywhere. But that's only half the equation. The other half
is exploiting it. There's almost no hurdle to jump through on Mac OS
X.
Those aren't my words, they're the guy's who pwned the Mac in a matter of seconds at CanSecWest.
Attempting (even facetiously) to blame SPAM on Windows is wrong. If every copy
of Windows on the Internet somehow magically disappeared, the SPAM problem would
not abate. Bot herders and spammers would simply shift their efforts to other
platforms.
They could have had Palm handhelds PROFITABLY for sale for $40-$50 in every grocery store in the US, if they'd followed the price-performance curve down to mass market levels.
Ultimately I don't think that would succeed. There has always been a drive for featurism in the marketplace. I think it stems from the fact that many purchasers are uncertain about choosing technical products. (Nobody wants to buy the next BetaMAX or HD-DVD, right?). There has to be an simple way to compare products. For computers, people used to compare processor clock speeds. For digital cameras, people compare megapixels. For LCD screens, it might be refresh rate or contrast ratio. People need something understandable to grasp on to.
So, getting back to Palm, I can see why handheld makers are pushed to constantly add new features, not just offer the same old product for less money. People are atttracted by the "gee whiz" factor in new products. "This one is cheaper, but this one can do X, Y and Z"!
is the incessant damn shaking of the camera by film makers these days whenever they want to evince a sense of action or urgency.
There was a time when holding a camera steady was considered the most basic of requirements for producing a watchable film, along with an editing style guided by the belief that anything worth putting up on the screen is worth leaving for on the screen for more than one second. That time ended abruptly when a TV show called "Miami Vice" came along. Suddenly it was "cool" to depict action
by having a one-legged cameraman chase your actors down the street with a handheld
camera.
There are brief instances where jolting the image around on screen is effective,
such as when the Enterprise is being struck by enemy fire, but for the most
part all this shaky camera work and split-second editing is a needless assault
on the senses. If, god forbid, these are combined with the necessity to sit
rather close to the screen in a packed theatre, the effect can be physically
nauseating.
I wish today's film directors would embrace the simple rules that amateurs
learned with the advent of "home movies" many years ago. Hold the
f***ing camera still, and make each shot long enough that viewers can actually
discern what the hell is on the screen.
at nearly 300 pounds for 1 cc, there aren't many common surfaces you could even set it on without causing damage. That kind of pressure would probably snap an average dining room table. On a surface like asphalt it would leave a deep impression. On dirt, it would sink out of sight.
I realize that not reading TFA is a standing joke around here, but seriously, do we need to mod comments "+5 Informative" for merely quoting a line from the article?
Actually, Google did not "start the ball rolling". They followed numerous other search engines such as AltaVista and HotBot. What Google did differently was to analyze the links between pages rather than just the page contents.
I must confess, however, that I'm not sure what you mean by "keyword-sculling". Sculling is a method of propelling a boat in my vocabulary.
I used to work on a commercial fishing vessel. With the the number of boats and the nets we used, the main reason we didn't take ALL the fish is that the ocean is so BIG. I've seen water churning with salmon which could not be located a short while later when fishing was allowed to begin.
If tools are now available to reliably track schools of fish in open waters, I think it's inevitable that the next step will be someone scooping them up in a net.
The guy you're referring to would be my oldest brother. I remember him carrying around homework assignments that consisted of a huge stack of punch cards. My first experience with a computer of any kind was playing tic-tac-toe on a TTY at his university. It reprinted the whole grid after every move. It seemed magical to play a game against a machine opponent. As for my brother, he's retiring this year.
Bah. Every version of Windows I've used has a command shell. Even when the available commands were basically equivalent to MS-DOS, it was possible to do almost anything via a.BAT file. One can pass variables, prompt for input, do conditional branching, loops, even create and call new batch files dynamically.
I personally enjoy the challenge of writing.BAT files that rely soley on native commands. As far back as Windows 95 I've written.BAT files that could: Run automatically on a per computer OR per user basis. Self-modify the conditions for running and log results. Perform updates, remove viruses, edit the Registry and more.
Using such techniques, I was able to automate updates on hundreds of Windows machines at a time before "Windows Update" even existed. So, yes, a Windows shell is useful. PowerShell merely enriches the scripting capabilities.
Damn straight!
The first thought that popped into my head when I read "VIA Quits Motherboard Chipset Business" was "Good riddance"!
I have years of experience in troubleshooting computers. I can usually home in on the cause of a problem in little time, and it's very rare that I am stumped. However, I've faced a couple of problems in the past year or two that were simply a NIGHTMARE to troubleshoot. Think systems that may run smoothly for more than three weeks, then reboot randomly 3 times in a day. Crash dumps that are inconsistent and useless. No meaningful error information. No heat or voltage problems. Memory diagnostics that can loop for days without error. Replacing RAM, power supply, CPU, even motherboard does not help. Updating firmware and running latest drivers for everything does not help. Reinstalling the operating system from scratch does not help. The only common factor in these cases was VIA chipsets. I swore I would never use a VIA-based motherboard again.
What's truly mind-blowing about the phonautograph is
that the inventor didn't even realize that the sounds he "recorded" could possibly
be played back! 148 years later somebody wrote a computer program that transformed
the machine's scribbling into an audible human voice.
Presumably people who want a strictly controlled list of allowed applications would be willing to make whatever changes from a default installation are required. So it's necessary to disable the secondary logon service. Big deal. The service allows you to run a program as a different user. (This is similar to the "su" program in *nix OS's, and which is commonly disabled in the sense that arbitrary users cannot "su" to root in the default configuration). Such a feature is not likely wanted in an environment designed to be highly restrictive.
In any case, I've yet to hear of any malware that right-clicks on programs and selects "Run As...".
And thanks for the links. It's an interesting discussion.
You make it sound like it's easy to dance around Software Restriction Policies. I wouldn't dismiss them so casually. The methods I've seen to circumvent certain policies can be prevented by more careful configuration. If you know of some magical method for arbitrarily side-stepping Software Restriction Policies, perhaps you'd care to elaborate?
"in this day and age IMHO it is kind of silly that I can't simply make a list of the two dozen or so programs that I use and have them be the only things that
are allowed to run".
I've faced the exact problems you describe, have tried the oft-touted solutions, and (since you're not averse to a commercial solution) I can tell you the answer:
I love it because (a) it eliminates a very high percentage of SPAM, (b) it has an extremely low false positive rate, and (c) it requires no fiddling - one easy installation and then forget it aside from occasional updates.
A big part of what makes Cloudmark Server Edition effective is human feedback. When a user flags a message as SPAM this sends information back to Cloudmark which helps identify SPAM for other users. Votes from users with a proven track record of accurately identifying SPAM are weighted accordingly. Due to to the large number of CSE users the system works amazingly well. It is by FAR the best solution I've tested. Bayesian filters, for example, require endless tuning and are subject to poisoning attacks. Greylisting is helpful, but it works on the assumption that spammers will never attempt delivery twice. I don't know how valid that assumption still is.
The Cloudmark website talks only about Microsoft Exchange, but there are versions of CSE that work with other types of mail servers.
I'm blocking thousands of junk messages every day on several servers with almost zero time spent on administration. Do yourself a favour and check it out.
It disappoints me that a three-word smartass comment gets modded up, even when it misses the point.
TFA addresses much larger issues than shopping for cheap electricity. It's about how the Internet companies require vastly more energy to run than most people realize, and how taxpayers are footing the bill for a lot of it.
If you took a closer look at your search results you'd see that there are three tabs - "All Items", "Auctions" and "Buy It Now". It defaults to "All Items", but you show only auctions with a single click on the appropriate tab.
You might have noticed 3COM.COM on that list, about half way down. Strictly speaking it was not allowed to use a number as the first letter in a DNS name. To quote from RFC 1035:
"The labels must follow the rules for ARPANET host names. They must start with a letter, end with a letter or digit, and have as interior characters only letters, digits, and hyphen. There are also some restrictions on the length. Labels must be 63 characters or less."
> don't pussyfoot around; get *serious* about correctness
This is OpenBSD you're talking about. The project began with an intensive audit of every line of code in the codebase. No one is more serious about correctness than Theo and his team.
First of all, to all you smug pricks who offer comments like "don't keep important data on a laptop" or "your business model is broken" - this ia a real problem for many people. If you don't have a real suggestion then STFU. It should be well understood in a place like Slashdot that not every IT guy gets to set corporate policy. Sometimes you have to work with what you've got.
On the topic of laptop backups, I've been dealing with this issue for years. Here are some thoughts:
For simply backing up a few critical files, consider a USB Flash Drive. I usually write a simple.bat file using xcopy to backup particular files or folders, then create a shortcut with a friendly name for users to double-click on. With a bit of thought you could probably create an autorun.inf file that backs up when the USB stick is inserted. One caution - drive letters may be slightly unpredictable.
For a more thorough backup, clone the entire drive to an external drive. There are many programs that can do this but these days my favourite is Acronis
True Image. Acronis could clone on a schedule if you can train users to connect an external drive overnight, for example. It's always nice to have a complete backup including OS, applications and data. Acronis also lets you browse inside a backup image and extract individual files if needed.
What I've always really wanted was a solution that would detect when a server was reachable and backup transparently. I use something just short of this on my own laptop - product called Mirror
Folder that I schedule to copy specific folders when I'm connected to my home network every night. This could probably work over a VPN as well. Very simple, very cheap.
If you have a larger budget than me you might be interested in something like Atempo
LiveBackup.
Slashdot Mirror
SAFARI on OSX is it's easier, not Mac OSX.p>
OK fanboi, did you even read the link I referred to? Here's an excerpt:
Those aren't my words, they're the guy's who pwned the Mac in a matter of seconds at CanSecWest.
Attempting (even facetiously) to blame SPAM on Windows is wrong. If every copy of Windows on the Internet somehow magically disappeared, the SPAM problem would not abate. Bot herders and spammers would simply shift their efforts to other platforms.
If your doubt this, consider what the winner of this year's PWN2OWN contest had to say about why it's easier to target Mac OS X.
BTW, this is not a troll, and I'm not a (Windows|Mac|Linux) evangelist of any kind. I just find kneejerk Windows bashing rather tiresome
They could have had Palm handhelds PROFITABLY for sale for $40-$50 in every grocery store in the US, if they'd followed the price-performance curve down to mass market levels.
Ultimately I don't think that would succeed. There has always been a drive for featurism in the marketplace. I think it stems from the fact that many purchasers are uncertain about choosing technical products. (Nobody wants to buy the next BetaMAX or HD-DVD, right?). There has to be an simple way to compare products. For computers, people used to compare processor clock speeds. For digital cameras, people compare megapixels. For LCD screens, it might be refresh rate or contrast ratio. People need something understandable to grasp on to.
So, getting back to Palm, I can see why handheld makers are pushed to constantly add new features, not just offer the same old product for less money. People are atttracted by the "gee whiz" factor in new products. "This one is cheaper, but this one can do X, Y and Z"!
is the incessant damn shaking of the camera by film makers these days whenever they want to evince a sense of action or urgency.
There was a time when holding a camera steady was considered the most basic of requirements for producing a watchable film, along with an editing style guided by the belief that anything worth putting up on the screen is worth leaving for on the screen for more than one second. That time ended abruptly when a TV show called "Miami Vice" came along. Suddenly it was "cool" to depict action by having a one-legged cameraman chase your actors down the street with a handheld camera.
There are brief instances where jolting the image around on screen is effective, such as when the Enterprise is being struck by enemy fire, but for the most part all this shaky camera work and split-second editing is a needless assault on the senses. If, god forbid, these are combined with the necessity to sit rather close to the screen in a packed theatre, the effect can be physically nauseating.
I wish today's film directors would embrace the simple rules that amateurs learned with the advent of "home movies" many years ago. Hold the f***ing camera still, and make each shot long enough that viewers can actually discern what the hell is on the screen.
at nearly 300 pounds for 1 cc, there aren't many common surfaces you could even set it on without causing damage. That kind of pressure would probably snap an average dining room table. On a surface like asphalt it would leave a deep impression. On dirt, it would sink out of sight.
I realize that not reading TFA is a standing joke around here, but seriously, do we need to mod comments "+5 Informative" for merely quoting a line from the article?
> This left the shortest dial time area code for a statewide code as 201..
Have you ever actually seen a rotary phone? Dialing "0" is the slowest digit of all. It's placed after the "9".
Actually, Google did not "start the ball rolling". They followed numerous other search engines such as AltaVista and HotBot. What Google did differently was to analyze the links between pages rather than just the page contents.
I must confess, however, that I'm not sure what you mean by "keyword-sculling". Sculling is a method of propelling a boat in my vocabulary.
I used to work on a commercial fishing vessel. With the the number of boats and the nets we used, the main reason we didn't take ALL the fish is that the ocean is so BIG. I've seen water churning with salmon which could not be located a short while later when fishing was allowed to begin.
If tools are now available to reliably track schools of fish in open waters, I think it's inevitable that the next step will be someone scooping them up in a net.
The guy you're referring to would be my oldest brother. I remember him carrying around homework assignments that consisted of a huge stack of punch cards. My first experience with a computer of any kind was playing tic-tac-toe on a TTY at his university. It reprinted the whole grid after every move. It seemed magical to play a game against a machine opponent. As for my brother, he's retiring this year.
Bah. Every version of Windows I've used has a command shell. Even when the available commands were basically equivalent to MS-DOS, it was possible to do almost anything via a .BAT file. One can pass variables, prompt for input, do conditional branching, loops, even create and call new batch files dynamically.
I personally enjoy the challenge of writing .BAT files that rely soley on native commands. As far back as Windows 95 I've written .BAT files that could: Run automatically on a per computer OR per user basis. Self-modify the conditions for running and log results. Perform updates, remove viruses, edit the Registry and more.
Using such techniques, I was able to automate updates on hundreds of Windows machines at a time before "Windows Update" even existed. So, yes, a Windows shell is useful. PowerShell merely enriches the scripting capabilities.
If you're going to all that trouble, why not install CAT6?
Damn straight! The first thought that popped into my head when I read "VIA Quits Motherboard Chipset Business" was "Good riddance"!
I have years of experience in troubleshooting computers. I can usually home in on the cause of a problem in little time, and it's very rare that I am stumped. However, I've faced a couple of problems in the past year or two that were simply a NIGHTMARE to troubleshoot. Think systems that may run smoothly for more than three weeks, then reboot randomly 3 times in a day. Crash dumps that are inconsistent and useless. No meaningful error information. No heat or voltage problems. Memory diagnostics that can loop for days without error. Replacing RAM, power supply, CPU, even motherboard does not help. Updating firmware and running latest drivers for everything does not help. Reinstalling the operating system from scratch does not help. The only common factor in these cases was VIA chipsets.
I swore I would never use a VIA-based motherboard again.
Check out the earliest recorded sounds of any kind.
What's truly mind-blowing about the phonautograph is that the inventor didn't even realize that the sounds he "recorded" could possibly be played back! 148 years later somebody wrote a computer program that transformed the machine's scribbling into an audible human voice.
The information you provide includes the fix:
sc stop seclogon
sc config seclogon start= disabled
Presumably people who want a strictly controlled list of allowed applications would be willing to make whatever changes from a default installation are required. So it's necessary to disable the secondary logon service. Big deal. The service allows you to run a program as a different user. (This is similar to the "su" program in *nix OS's, and which is commonly disabled in the sense that arbitrary users cannot "su" to root in the default configuration). Such a feature is not likely wanted in an environment designed to be highly restrictive.
In any case, I've yet to hear of any malware that right-clicks on programs and selects "Run As...".
And thanks for the links. It's an interesting discussion.
You make it sound like it's easy to dance around Software Restriction Policies. I wouldn't dismiss them so casually. The methods I've seen to circumvent certain policies can be prevented by more careful configuration. If you know of some magical method for arbitrarily side-stepping Software Restriction Policies, perhaps you'd care to elaborate?
"in this day and age IMHO it is kind of silly that I can't simply make a list of the two dozen or so programs that I use and have them be the only things that are allowed to run".
For Windows, what you are describing is Software Restriction Policies. This has been around for some time.
I've faced the exact problems you describe, have tried the oft-touted solutions, and (since you're not averse to a commercial solution) I can tell you the answer:
http://www.cloudmark.com/businesses/
I love it because (a) it eliminates a very high percentage of SPAM, (b) it has an extremely low false positive rate, and (c) it requires no fiddling - one easy installation and then forget it aside from occasional updates.
A big part of what makes Cloudmark Server Edition effective is human feedback. When a user flags a message as SPAM this sends information back to Cloudmark which helps identify SPAM for other users. Votes from users with a proven track record of accurately identifying SPAM are weighted accordingly. Due to to the large number of CSE users the system works amazingly well. It is by FAR the best solution I've tested. Bayesian filters, for example, require endless tuning and are subject to poisoning attacks. Greylisting is helpful, but it works on the assumption that spammers will never attempt delivery twice. I don't know how valid that assumption still is.
The Cloudmark website talks only about Microsoft Exchange, but there are versions of CSE that work with other types of mail servers.
I'm blocking thousands of junk messages every day on several servers with almost zero time spent on administration. Do yourself a favour and check it out.
It disappoints me that a three-word smartass comment gets modded up, even when it misses the point.
TFA addresses much larger issues than shopping for cheap electricity. It's about how the Internet companies require vastly more energy to run than most people realize, and how taxpayers are footing the bill for a lot of it.
"3 rather vigorous vibrators, rigged to turn on at full speed when they opened the bag".
What a singularly preposterous piece of bullshit! You have imagination and lying abilities of a 10 year-old kid.If you took a closer look at your search results you'd see that there are three tabs - "All Items", "Auctions" and "Buy It Now". It defaults to "All Items", but you show only auctions with a single click on the appropriate tab.
Interestingly, I noticed that when pre-GUI disk checking occurs on Server 2008 it says "Windows Vista" at the top of the screen.
At least this is true with the version I'm testing - June 2007 CTP (Community Technology Preview). I expect in later versions this will be obscured.
You might have noticed 3COM.COM on that list, about half way down. Strictly speaking it was not allowed to use a number as the first letter in a DNS name. To quote from RFC 1035:
"The labels must follow the rules for ARPANET host names. They must start with a letter, end with a letter or digit, and have as interior characters only letters, digits, and hyphen. There are also some restrictions on the length. Labels must be 63 characters or less."
I remember wondering how 3COM got away with it.
> don't pussyfoot around; get *serious* about correctness
This is OpenBSD you're talking about. The project began with an intensive audit of every line of code in the codebase. No one is more serious about correctness than Theo and his team.
First of all, to all you smug pricks who offer comments like "don't keep important data on a laptop" or "your business model is broken" - this ia a real problem for many people. If you don't have a real suggestion then STFU. It should be well understood in a place like Slashdot that not every IT guy gets to set corporate policy. Sometimes you have to work with what you've got.
On the topic of laptop backups, I've been dealing with this issue for years. Here are some thoughts:
For simply backing up a few critical files, consider a USB Flash Drive. I usually write a simple .bat file using xcopy to backup particular files or folders, then create a shortcut with a friendly name for users to double-click on. With a bit of thought you could probably create an autorun.inf file that backs up when the USB stick is inserted. One caution - drive letters may be slightly unpredictable.
For a more thorough backup, clone the entire drive to an external drive. There are many programs that can do this but these days my favourite is Acronis True Image. Acronis could clone on a schedule if you can train users to connect an external drive overnight, for example. It's always nice to have a complete backup including OS, applications and data. Acronis also lets you browse inside a backup image and extract individual files if needed.
What I've always really wanted was a solution that would detect when a server was reachable and backup transparently. I use something just short of this on my own laptop - product called Mirror Folder that I schedule to copy specific folders when I'm connected to my home network every night. This could probably work over a VPN as well. Very simple, very cheap.
If you have a larger budget than me you might be interested in something like Atempo LiveBackup.