Make Congress Read the Bills. If they have to sit through a reading, maybe they'll cut down on the length and complexity of the laws. Here, apparently nobody knew what they were passing into law.
Yes. The analysis above is for 1.8.5. The version available before 2007-02-07 (presumably 1.8.4) actually did delete the home directory, according to Reza's own admission.
No, read his public letter again. The version available before the seventh of February actually did delete the home directory. The version currently available only deletes certain preferences. This means that my analysis above is correct, but also that Koingo Software might have had their home directory deleted. He realized how bad an idea it was long before the story broke on The Inquirer and Slashdot, but decided to quietly change the program, leaving people with the impression that piracy could have dire consequences.
Koingo Software admit that they were investigating the competition. If they're the competition, they could have a motive to spread FUD about Display Eater. Maybe Koingo Software "investigated" the DE and found some strings suggesting that it had some vigilante piracy fighting and then they drew their own conclusions and decided to exaggerate in the review based on what they thought would happen if they entered a pirated key.
Or, it could be that their home directory was actually deleted -- maybe they were using an older version or destroy() function malfunctioned. It could happen. The developer has probably rarely _tested_ the anti-piracy functionality, which means that it might not behave as he thought it would. I've seen programs that always crash when the trial expires -- the developers were presumably always using the full version.
I doubt that Koingo, as serious Mac developers, would go to such lengths as to use a pirated key just to "investigate the competition". Which is why I suspect that they "embellished" their story about permanently losing data.
Either way, I could have made a mistake in my 10 minute investigation and would welcome someone else to actually try it on a dummy (non-admin) account and see what happens. Personally I will never ever install a program by this developer on a production system.
The article and submission build on a misunderstanding. I conducted some research of my own and I've found that it does not attempt to delete the full home directory. It only deletes the ~/Library/Application Support/display_eater/ directory, i.e. files created by the trial version of the program. In fact, the developer says that the program will delete something from the home directory, but doesn't say what.
While I didn't acquire one of the pirated serial numbers that trigger the behavior, I have disassembled the program and these are my conclusions: The deletion is done by a function destroy() at offset 0xd148 that takes a single argument specifying the path to delete. destroy is called from a single location in the program:
destroy() loops over each thing contained by this directory and deletes it. I've invoked the function in this way, and it does not delete anything since that directory does not exist on my system.
So, while this anti-piracy tactic sure won't convince any potential pirates to actually pay for the software, it is not as egregious as the summary suggests.
It would be nice if someone would verify these conclusions, perhaps using a real pirated key.
No, they do _not_ "need to grow up". They have donated their time. They can choose to just leave for any reason. If they leave, Wikipedia will suffer (ad revenue will not help).
Of course this particular policy will do absolutely nothing to counter these problems. This is only to prevent repeated vandalism from users who are not in good standing.
So what if the phisher had intercepted a previous mail from your bank, containing the bank account number suffix?
If they gain control of a large mail server or active router, they could easily and reliably associate thousands of account digits with the correct email addresses, and use that information to gain credibility. Email that's this important should be sent encrypted for the receiver and the signature verified against a certificate exchanged when the account or service was established.
Me too, (I'm guessing we fell for the same examples).
Showing that the financial institutions are doing their part in confusing people. There were definite evidence of phishing in those messages (bank name being a sub domain of an obscure domain and a variation of the primary name). Why does Bank of America point its customers to bankofamerica1.com if they're aware of phishing issues?
Even with edge-cases like this removed, I doubt the results would be much more encouraging. But 4 % success rate is worse than chance, so there must be something phishy going on.
Wikipedia is supported by donations as it is, and it works quite well. The latest fund drive met its goal and then some.
The greatest asset is already provided by the same people who created the No Ads project page -- namely the content. If Wikipedia turns into something its contributors don't like, Wikipedia will not stay alive for long.
Wikipedia will likely never have any ads, since the community as a whole generally opposes them on the project that they have donated thousands of hours to. Thankfully, if by some chance a consensus of Wikipedians decide to support ads, there is nothing to stop other contributors (or anyone else for that matter) from copying the full content and continue working on it in some other form (without ads).
You are right, Sir. In fact, all games are released for Linux. Macromedia and Adobe release all their design / graphics stuff for Linux. And every productivity package is available for Linux, except for MS Office.
Apple has not announced a patch. They have not even publicly acknowledged the problem. This is a rumor from a rumor site, based on reports from beta testers (bound by NDA) who probably only have a rough idea of the release schedule.
make link-exchange deals with other sites and encourage bookmarking, for example
These are good things IMHO. Links keep the web together. It is only in the grandest tradition of the WWW that links are "traded" between site owners. Encouraging bookmarking is hardly unethical either.
Slashdot Mirror
Make Congress Read the Bills. If they have to sit through a reading, maybe they'll cut down on the length and complexity of the laws. Here, apparently nobody knew what they were passing into law.
I'll tell you what's ironic: People pointing out ironic things under the assumption they're not. That may make this message is ironic.
Yes. The analysis above is for 1.8.5. The version available before 2007-02-07 (presumably 1.8.4) actually did delete the home directory, according to Reza's own admission.
By the way, someone else did do the full analysis of 1.8.5: Behind the Curtain With Display Eater -- Yet Another Mac Dev Blog. Nice work.
No, read his public letter again. The version available before the seventh of February actually did delete the home directory. The version currently available only deletes certain preferences. This means that my analysis above is correct, but also that Koingo Software might have had their home directory deleted. He realized how bad an idea it was long before the story broke on The Inquirer and Slashdot, but decided to quietly change the program, leaving people with the impression that piracy could have dire consequences.
Koingo Software admit that they were investigating the competition. If they're the competition, they could have a motive to spread FUD about Display Eater. Maybe Koingo Software "investigated" the DE and found some strings suggesting that it had some vigilante piracy fighting and then they drew their own conclusions and decided to exaggerate in the review based on what they thought would happen if they entered a pirated key.
Or, it could be that their home directory was actually deleted -- maybe they were using an older version or destroy() function malfunctioned. It could happen. The developer has probably rarely _tested_ the anti-piracy functionality, which means that it might not behave as he thought it would. I've seen programs that always crash when the trial expires -- the developers were presumably always using the full version.
I doubt that Koingo, as serious Mac developers, would go to such lengths as to use a pirated key just to "investigate the competition". Which is why I suspect that they "embellished" their story about permanently losing data.
Either way, I could have made a mistake in my 10 minute investigation and would welcome someone else to actually try it on a dummy (non-admin) account and see what happens. Personally I will never ever install a program by this developer on a production system.
The article and submission build on a misunderstanding. I conducted some research of my own and I've found that it does not attempt to delete the full home directory. It only deletes the ~/Library/Application Support/display_eater/ directory, i.e. files created by the trial version of the program. In fact, the developer says that the program will delete something from the home directory, but doesn't say what.
While I didn't acquire one of the pirated serial numbers that trigger the behavior, I have disassembled the program and these are my conclusions: The deletion is done by a function destroy() at offset 0xd148 that takes a single argument specifying the path to delete. destroy is called from a single location in the program:
+276 0000d3e4 3863a020 addi r3,r3,0xa020 ~/Library/Application Support/display_eater/ +280 0000d3e8 4bfffd39 bl _destroydestroy() loops over each thing contained by this directory and deletes it. I've invoked the function in this way, and it does not delete anything since that directory does not exist on my system.
So, while this anti-piracy tactic sure won't convince any potential pirates to actually pay for the software, it is not as egregious as the summary suggests.
It would be nice if someone would verify these conclusions, perhaps using a real pirated key.
No, they do _not_ "need to grow up". They have donated their time. They can choose to just leave for any reason. If they leave, Wikipedia will suffer (ad revenue will not help).
Of course this particular policy will do absolutely nothing to counter these problems. This is only to prevent repeated vandalism from users who are not in good standing.
So what if the phisher had intercepted a previous mail from your bank, containing the bank account number suffix?
If they gain control of a large mail server or active router, they could easily and reliably associate thousands of account digits with the correct email addresses, and use that information to gain credibility. Email that's this important should be sent encrypted for the receiver and the signature verified against a certificate exchanged when the account or service was established.
Ok ok, so it isn't worse than chance no matter how you calculate it, but it _was_ a good pun. ;-) My bad.
Me too, (I'm guessing we fell for the same examples).
Showing that the financial institutions are doing their part in confusing people. There were definite evidence of phishing in those messages (bank name being a sub domain of an obscure domain and a variation of the primary name). Why does Bank of America point its customers to bankofamerica1.com if they're aware of phishing issues?
Even with edge-cases like this removed, I doubt the results would be much more encouraging. But 4 % success rate is worse than chance, so there must be something phishy going on.
It belongs to Microsoft.
No, it's like fining somebody for leaving their door unlocked and _not_ getting burglarized.
Wikipedia is supported by donations as it is, and it works quite well. The latest fund drive met its goal and then some.
The greatest asset is already provided by the same people who created the No Ads project page -- namely the content. If Wikipedia turns into something its contributors don't like, Wikipedia will not stay alive for long.
Wikipedia will likely never have any ads, since the community as a whole generally opposes them on the project that they have donated thousands of hours to. Thankfully, if by some chance a consensus of Wikipedians decide to support ads, there is nothing to stop other contributors (or anyone else for that matter) from copying the full content and continue working on it in some other form (without ads).
That is more than a rumor. That is exactly what the Xcode that was released on the day of the announcement back in July does.
Uhm, yeah, that's why it is called Secure Sockets Layer.
iTunes can play MP3, Wav and AIFF.
Menus that change isn't good design.
You are right, Sir. In fact, all games are released for Linux. Macromedia and Adobe release all their design / graphics stuff for Linux. And every productivity package is available for Linux, except for MS Office.
Before the Vatican can get coast-to-coast wireless, they will have to expand their land holdings significantly. See, it's a catch-22 situation. ;-).
False dichotomy.
Yeah, because companies are obviously much more important than anything else under the sun...
Apple has not announced a patch. They have not even publicly acknowledged the problem. This is a rumor from a rumor site, based on reports from beta testers (bound by NDA) who probably only have a rough idea of the release schedule.
They don't actually. They only get complete system access after the user has acknowledged that the widget is being run for the first time.
These are good things IMHO. Links keep the web together. It is only in the grandest tradition of the WWW that links are "traded" between site owners. Encouraging bookmarking is hardly unethical either.