Denying people access altogether is not such a bright idea. A banner somewhere on the page should do just as well.
But in case you want to be more evil, how about using the same tactics microsoft.com used against Opera? Make the site look b0rked for IE and also have that banner in their face so they know what's wrong.
The beautiful part is, you don't even have to do anything purposely malicious to accomplish this. Simply use CSS that should be in IE and isn't. "Does this site look bad? You must be using that pathetic excuse of a browser that is IE. Go get a decent one."
NetLimiter: I do not understand the point of this application. Why would you ever want to do per-application bandwidth shaping when you can do global L7 QoS?[..]
Obviously, because sometimes I'm in a place where I can't do L7 QoS in a central point such as a router. All I control is my own machine.
The real problem with pointing at these sorts of applications is that this kind of functionality is just not needed on Linux.
Are you presuming to tell me what I need on my box? Please accept that sometimes I cannot do QoS on a router, nor do I want to do it in the console, using cumbersome HTB scripts. I like how NetLimiter does it: you open the NetLimiter window, you see all the currently network-enabled applications. Next to each one you see the up and down bandwidth currently consumed and a checkbox for activating limitations, and a spinner for setting the limit in KB. That's all.
Why can't it be this simple? If you tell me "go build your own or else you're unworthy of Linux", fine, I can dig that. But don't tell me that I don't know what I want or that there's plenty of such apps out there (there aren't).
strip_tags() is just a shortcut. You can obtain the same effect with a regular expression. Since you're talking about "bad programmers", how about not blaming PHP creators but instead blame whoever relies on strip_tags blindly. The limitations of this functions are pretty clearly explained in the manual. If someone uses it thinking it will end JavaScript injection, it's their own fault for assuming that.
What you're describing is basically a blacklist of all the ways that JavaScript could make its way into HTML. Blacklisting is a very poor security method, because it makes you chase your tail indefinitely, including more and more badware into your list with no end in sight. It didn't work for antiviruses and antispyware and it's not going to work here, although there are people crazy enough to try. If anything, this is treating the symptoms, not what the GP proposed.
Furthermore, your approach relies on a pretty wild presumption: that the source is properly structured HTML. If HTML was properly structured they wouldn't have had to invent XHTML instead. Plus, today's browsers will try to interpret both XHTML and HTML even if they're not structured properly, so invalid [X]HTML still becomes a JavaScript carrier and your blacklist enterprise is doomed to a neverending journey of catching all the possible ways of abusing this markup. Good luck with that.
For what it's worth, there is already a very good implementation of this idea, called Kses. It's a very thorough filtering library, it's being used internally by WordPress, and still hasn't stopped recent versions of WordPress 2.x from suffering from this kind of security vulnerability.
By contrast, consider the whitelist approach proposed by strip_tags + BBcode. You use strip_tags and thus you wipe clean every trace of JS exploit attempt. Then you interpret BBcode in a controlled manner, a markup which has no way of being interpreted in "creative" ways should it escape as is into a browser. And you're done.
That is what I call secure and simple. Simple is good, because it's not complex. The more complex the solution, the more chance for mistakes which allow for security holes.
Some things you can reverse engineer, some you cannot. The process of fabricating a soft drink is very hard to R.E. But there are plenty of other things which can be dismantled and you can infer how they work, how they were put together, what materials were used and so on.
Bwahaha, I'm moving my blog to clay tablets. They will undoubtedly survive the next Ice Age and the people of year 5000 will be forced to read about my cat, how I hate Emo's and that guy at work who doesn't wash. But first I'll change my blog nick to "Earth Imperial Overlord Supreme", just to fuck with them future dudes.
Not to mind the rest of your argument, but this was a bad example. XP (and 2000, I believe) has native workspace support. The screen you see when you hit Ctrl-Alt-Del is a separate workspace. And there's a Powertool from Microsoft (as well as third-party applications) which can be used to make use of them.
The downside, of course, is that is a hardly publicized feature, and very few applications are written with multi-workspace support in mind. This includes being aware of the current workspace, respecting a sticky flag, knowing that one of its windows is on another workspace and so on. And you also need to run one explorer on each new workspace, that is, if you want to retain the Start bar and desktop icons.
The whole thing reminds me of how I felt in my first couple of months using linux, when I really, really wanted Linux versions of GetRight and ZoneAlarm. Shows how much I knew then, really.
In all fairness, you've struck onto something here. That is, application-level network rules on Linux. Example: a self-sensing firewall like ZoneAlarm, which pops up and tells you that application Foo is trying to connect to the Internet. The closest thing I've seen is FireStarter, which has a panel (no popup) which shows blocked connections (but not per application). You have to hunt for them and mentally associate blockage with what you're trying to do and figure out which application uses what ports. This requires quite a bit of knowledge about networking and firewalls.
A second example which is sorely missed is the likes of NetLimiter. That is, a tool that can do per-application (or global) bandwidth shaping. I have no idea why this can't be done. From my (feeble) knowledge of kernel networking internals, it's a matter of using network QoS and marking a certain way, then slapping a pretty interface on once the kernel support is there. Yet Linux doesn't have anything like this. The closest I've seen is trickle, which uses a trick: you have to preload its own networking library onto programs you want to shape.
Seriously now, cue the FUD machine. Wanna bet there's soon gonna be a backlash of articles and studies, some "independent", putting down the $100 laptop and recommending an alternative? Like, oh, I dunno, the Ultra Mobile PC. What's different about UMPC? It's got Microsoft and Intel elbow deep in it, unlike the $100 laptop which has AMD and Linux.
Only MS having the ability to write software that operates at the highest privelege level is a monopolistic practice.
I never quite understood why they can't be allowed to do whatever they want with their own software. Don't like it? Don't buy it. Very simple.
If I, John Doe, write a program right now and warn potential users that upon running it will find and delete competition software, what would happen? People either wouldn't install it, or install it knowing what will happen. Very simple.
But because Microsoft is already big and Windows is all over the place and people are already using it, they can't be allowed to do this. That about sums it up?
If Redmond locks out 3rd party security and utility vendors from full ring 0 access they become the only ones able to provide the most powerful utilities and security products.
But how can it be done? From the Agnitum story I for one understood that it's not possible to achieve this.
Sure, they can actually and fully deny access to low level kernel functions to every piece of software, but in that case how will certain things get done? Some stuff needs access to get it's job done. Obviously not a choice.
Or, they can just not document the API (which I get the impression is what they're trying to do now), in which case people will reverse engineer the software that uses it and they'll find out how what they need to know. Malware writers and legit software writers alike.
I'd like a saner alternative, myself. But how can the kernel tell which software is legit and which is not? Should the software present a key? Not really an airtight solution. Should the software ask the user to enter the admin password? Again, can be circumvented and misused.
So, how can one safely regulate access to a machine's lower functions? Deny it all? Allow it all? What if you want something in between?
Why would it, you ask. Because that's the supreme form of "eat your own dog food" a CMS can offer. Having it's own administration interface implemented as a site built on top of its own CMS engine, or having everything, down to user accounts, implemented as objects within the same CMS engine.
I mean, if it's a really good CMS it should be able to implement any site, right? So why not its own administration?
There are bootstrapped CMS engines out there. Look for them. Typo3 is not one of them.
For the last two years, I've been looking for a Unified Content Management System[..] The closest I've come to something that is a Unified Content Management System is Drupal. However, it lacks the slashdot style moderation. It also seems overly complex to install, setup, and admin. Finally the biggest problem is that all of its pages are dynamically generated.[..]
Given all the requirements you listed, of course you're going to need a complex, dinamical CMS. Be realistic now.
A CMS that is able to do anything is not going to be simple enough for a technical n00b to use. It will have a powerful engine based on some kind of object abstraction, a powerful template engine and extensibility via plugins. Not quite in the n00b ballpark, as you can see. And add a steep learning curve, as well as a half-decent web developer using it, but it comes with the territory.
Considering the plethera of OS plugins available, I'd be hard pressed to think of something that *can't* be done using WordPress.
Just because it can be done doesn't make WordPress a full blown CMS. It wasn't meant for it and it would require quite a bit of work to be made into one. Off the top of my head, it lacks an elegant and complete I18N solution, it doesn't have a fully integrated file manager, it doesn't have a way of refering its own pages and posts consistently (ie. similar to eznode:// in ez Publish, for example), it doesn't have unified form composition and processing.
Yes, the platform is capable and all this can probably be implemented, but it's not here now. So why call WordPress a good CMS? With some work you can turn WordPress into an image gallery or torrent tracker, but that doesn't make it a great image gallery or torrent tracker. Just an acceptable stand-in for one.
I use and I love WordPress for what it does best, but let's get some perspective on this whole thing. There are much, much better open-source CMS products out there. I know because I've used and examined quite a few, and whenever I get a job implementing a corporate website I do NOT turn to WordPress.
The thought that WordPress might win just because that's all that millions of bloggers ever heard of, which is to say, due to mass ignorance, kind of saddens me.
The problem here is that virus don't typically exploit any hole. They are simply programs that run with the privileges of the user who executes them.
I dunno about you guys, buy I consider malicious foreign code executing on my machine without my permission a security hole.
And once you look at it like that you start thinking that maybe we should take the proactive prevention a bit further. I mean, if reactive methods were gonna work they would've worked by now. If user education was gonna work... same thing. Time to invent something new.
There are many interesting ideas out there. Stuff like Deep Freeze'ing parts of the system, whitelisting binaries allowed to run, installing only from trusted software kit repositories. But heh, of course the AV companies are not interested in challenging the stalemate.
And while they rack in the dough like a regular "protection" scheme, it's us regular users getting shafted. It's our files getting lost, our computers turned into spam networks, the connections we pay with our money used by malware, got spyware stealing our credit card numbers and watching where we surf. And we're so stupid we keep paying the big bucks for the "priviledge". Jesus.
[..]unknown if the memory leaks that cause this to skyrocket when viewing dynamic sites (such as this) are fixed.
I must say, I'm not seeing that in the Linux version. And since we're on the subject, the Linux version is much more responsive in certain respects, such as opening the history panel, which happens instantly on Linux and very slow and painfully on Windows. This is with identical extension setups on both installations and comparable history size.
Look at RSS, for instance; it's about the simplest thing which could do the job it does.
But may I point out, in addition to your comment, that such technologies have fared well as long as the human element is closely involved with them. RSS, social bookmarks, tags, microformats.
On the other hand, Tim Berners-Lee seems to stress the fact that the semantic Web is all about AI doing content classification for us. So I think it's time we remember the old joke, "artificial inteligence is no match for natural stupidity". Or for human malice, I should add.
I see a problem in all this AI involvement. It's a single point of failure of sorts, if you will, similar in a way to the one involved in precisely identifying people's identity: the more you trust an automated system, the more badly you'll be burned if the system is abused into reporting the wrong thing.
The theory is wonderful, so's the Web, the Internet, computers and so on. But they are used by people. I have a hard time believing people will behave and resist the temptation to abuse this system just like they have abused countless others before.
I don't think he's "another Anti-Semanticist". He's just saying that the whole semantic Web concept is based on this: that people will classify content properly and in good faith. Let's be fair, what are the chances of it not being abused? And if so, doesn't it mean that the semantic Web is doomed from the start?
Think of all the things that were fouled by abuse. Email was a very sweet thing until it got perverted by spam. Newsgroups too. If the possibility for abuse exists, it will happen.
I used to get a fat paycheck and great bonuses. Now I make less money and no longer touch Microsoft software. I'm much much happier. Money isn't everything.
Slashdot Mirror
Denying people access altogether is not such a bright idea. A banner somewhere on the page should do just as well.
But in case you want to be more evil, how about using the same tactics microsoft.com used against Opera? Make the site look b0rked for IE and also have that banner in their face so they know what's wrong.
The beautiful part is, you don't even have to do anything purposely malicious to accomplish this. Simply use CSS that should be in IE and isn't. "Does this site look bad? You must be using that pathetic excuse of a browser that is IE. Go get a decent one."
Are you presuming to tell me what I need on my box? Please accept that sometimes I cannot do QoS on a router, nor do I want to do it in the console, using cumbersome HTB scripts. I like how NetLimiter does it: you open the NetLimiter window, you see all the currently network-enabled applications. Next to each one you see the up and down bandwidth currently consumed and a checkbox for activating limitations, and a spinner for setting the limit in KB. That's all.
Why can't it be this simple? If you tell me "go build your own or else you're unworthy of Linux", fine, I can dig that. But don't tell me that I don't know what I want or that there's plenty of such apps out there (there aren't).
strip_tags() is just a shortcut. You can obtain the same effect with a regular expression. Since you're talking about "bad programmers", how about not blaming PHP creators but instead blame whoever relies on strip_tags blindly. The limitations of this functions are pretty clearly explained in the manual. If someone uses it thinking it will end JavaScript injection, it's their own fault for assuming that.
What you're describing is basically a blacklist of all the ways that JavaScript could make its way into HTML. Blacklisting is a very poor security method, because it makes you chase your tail indefinitely, including more and more badware into your list with no end in sight. It didn't work for antiviruses and antispyware and it's not going to work here, although there are people crazy enough to try. If anything, this is treating the symptoms, not what the GP proposed.
Furthermore, your approach relies on a pretty wild presumption: that the source is properly structured HTML. If HTML was properly structured they wouldn't have had to invent XHTML instead. Plus, today's browsers will try to interpret both XHTML and HTML even if they're not structured properly, so invalid [X]HTML still becomes a JavaScript carrier and your blacklist enterprise is doomed to a neverending journey of catching all the possible ways of abusing this markup. Good luck with that.
For what it's worth, there is already a very good implementation of this idea, called Kses. It's a very thorough filtering library, it's being used internally by WordPress, and still hasn't stopped recent versions of WordPress 2.x from suffering from this kind of security vulnerability.
By contrast, consider the whitelist approach proposed by strip_tags + BBcode. You use strip_tags and thus you wipe clean every trace of JS exploit attempt. Then you interpret BBcode in a controlled manner, a markup which has no way of being interpreted in "creative" ways should it escape as is into a browser. And you're done.
That is what I call secure and simple. Simple is good, because it's not complex. The more complex the solution, the more chance for mistakes which allow for security holes.
Some things you can reverse engineer, some you cannot. The process of fabricating a soft drink is very hard to R.E. But there are plenty of other things which can be dismantled and you can infer how they work, how they were put together, what materials were used and so on.
Yeah that's rich. This is Slashdot, it's a badge of honor to NOT RTFA.
Wonderful! I've long wanted to have categories such as "spam but about tits so it's ok" or "not spam but damn this chick can ramble".
Bwahaha, I'm moving my blog to clay tablets. They will undoubtedly survive the next Ice Age and the people of year 5000 will be forced to read about my cat, how I hate Emo's and that guy at work who doesn't wash. But first I'll change my blog nick to "Earth Imperial Overlord Supreme", just to fuck with them future dudes.
The downside, of course, is that is a hardly publicized feature, and very few applications are written with multi-workspace support in mind. This includes being aware of the current workspace, respecting a sticky flag, knowing that one of its windows is on another workspace and so on. And you also need to run one explorer on each new workspace, that is, if you want to retain the Start bar and desktop icons.
A second example which is sorely missed is the likes of NetLimiter. That is, a tool that can do per-application (or global) bandwidth shaping. I have no idea why this can't be done. From my (feeble) knowledge of kernel networking internals, it's a matter of using network QoS and marking a certain way, then slapping a pretty interface on once the kernel support is there. Yet Linux doesn't have anything like this. The closest I've seen is trickle, which uses a trick: you have to preload its own networking library onto programs you want to shape.
I wish Slashdot offered payed moderator positions.
Seriously now, cue the FUD machine. Wanna bet there's soon gonna be a backlash of articles and studies, some "independent", putting down the $100 laptop and recommending an alternative? Like, oh, I dunno, the Ultra Mobile PC. What's different about UMPC? It's got Microsoft and Intel elbow deep in it, unlike the $100 laptop which has AMD and Linux.
If I, John Doe, write a program right now and warn potential users that upon running it will find and delete competition software, what would happen? People either wouldn't install it, or install it knowing what will happen. Very simple.
But because Microsoft is already big and Windows is all over the place and people are already using it, they can't be allowed to do this. That about sums it up?
Sure, they can actually and fully deny access to low level kernel functions to every piece of software, but in that case how will certain things get done? Some stuff needs access to get it's job done. Obviously not a choice.
Or, they can just not document the API (which I get the impression is what they're trying to do now), in which case people will reverse engineer the software that uses it and they'll find out how what they need to know. Malware writers and legit software writers alike.
I'd like a saner alternative, myself. But how can the kernel tell which software is legit and which is not? Should the software present a key? Not really an airtight solution. Should the software ask the user to enter the admin password? Again, can be circumvented and misused.
So, how can one safely regulate access to a machine's lower functions? Deny it all? Allow it all? What if you want something in between?
Ah, but is Typo3 bootstrapped onto itself?
Why would it, you ask. Because that's the supreme form of "eat your own dog food" a CMS can offer. Having it's own administration interface implemented as a site built on top of its own CMS engine, or having everything, down to user accounts, implemented as objects within the same CMS engine.
I mean, if it's a really good CMS it should be able to implement any site, right? So why not its own administration?
There are bootstrapped CMS engines out there. Look for them. Typo3 is not one of them.
A CMS that is able to do anything is not going to be simple enough for a technical n00b to use. It will have a powerful engine based on some kind of object abstraction, a powerful template engine and extensibility via plugins. Not quite in the n00b ballpark, as you can see. And add a steep learning curve, as well as a half-decent web developer using it, but it comes with the territory.
FWIW, you can give ez Publish a try.
Yes, the platform is capable and all this can probably be implemented, but it's not here now. So why call WordPress a good CMS? With some work you can turn WordPress into an image gallery or torrent tracker, but that doesn't make it a great image gallery or torrent tracker. Just an acceptable stand-in for one.
I use and I love WordPress for what it does best, but let's get some perspective on this whole thing. There are much, much better open-source CMS products out there. I know because I've used and examined quite a few, and whenever I get a job implementing a corporate website I do NOT turn to WordPress.
The thought that WordPress might win just because that's all that millions of bloggers ever heard of, which is to say, due to mass ignorance, kind of saddens me.
And once you look at it like that you start thinking that maybe we should take the proactive prevention a bit further. I mean, if reactive methods were gonna work they would've worked by now. If user education was gonna work... same thing. Time to invent something new.
There are many interesting ideas out there. Stuff like Deep Freeze'ing parts of the system, whitelisting binaries allowed to run, installing only from trusted software kit repositories. But heh, of course the AV companies are not interested in challenging the stalemate.
And while they rack in the dough like a regular "protection" scheme, it's us regular users getting shafted. It's our files getting lost, our computers turned into spam networks, the connections we pay with our money used by malware, got spyware stealing our credit card numbers and watching where we surf. And we're so stupid we keep paying the big bucks for the "priviledge". Jesus.
Freudian slip?
On the other hand, Tim Berners-Lee seems to stress the fact that the semantic Web is all about AI doing content classification for us. So I think it's time we remember the old joke, "artificial inteligence is no match for natural stupidity". Or for human malice, I should add.
I see a problem in all this AI involvement. It's a single point of failure of sorts, if you will, similar in a way to the one involved in precisely identifying people's identity: the more you trust an automated system, the more badly you'll be burned if the system is abused into reporting the wrong thing.
The theory is wonderful, so's the Web, the Internet, computers and so on. But they are used by people. I have a hard time believing people will behave and resist the temptation to abuse this system just like they have abused countless others before.
I don't think he's "another Anti-Semanticist". He's just saying that the whole semantic Web concept is based on this: that people will classify content properly and in good faith. Let's be fair, what are the chances of it not being abused? And if so, doesn't it mean that the semantic Web is doomed from the start?
Think of all the things that were fouled by abuse. Email was a very sweet thing until it got perverted by spam. Newsgroups too. If the possibility for abuse exists, it will happen.