Re:Comments from people who actually create Creati
on
Beginning GIMP
·
· Score: 1
Speaking of Photoshop Elements, is there anything like it in the FOSS world? A graphical editor that's not supposed to be fancy, just offer a lot of image altering functions, something novice users can use intuitively to play with their photos: cropping, resizing, rotation, flip, red eye reduction, converting to another format, some effects, batch processing, perhaps integration with camera/scanner import?
Is there any?
Re:Comments from people who actually create Creati
on
Beginning GIMP
·
· Score: 2, Insightful
Did you really need to read through that whole tutorial to figure out how to draw a line?
Yes. Yes, with GIMP, I did need a freakin' tutorial. The Shift thing didn't cross my feeble mind, unfortunately. Call me dumb all you want, it simply wasn't obvious. There was absolutely nothing even remotely hinting at the possibility. Stupid little me bravely tried to Just Use the mighty GIMP and was properly punished by the fact it took me months to accidentaly discover that you CAN in fact draw lines in it. Serves me right, I guess.
Come on, people, face the reality. GIMP needs some serious loving put into it if you want anybody other than the most hardened geeks using it.
Virtual monopolies are needed (especially in formats) to help consumers eventually. PCs took off because Windows provided an equal format for everyone.
And who says we're better of with PC being a de facto standard? Where would we be today if 5-6 alternative platforms and software, like Amiga and so on, would've split the market evenly? I say we, the consumers, would be a lot better off.
Competition brings on the good stuff, monopolies lead to stagnation. The corporate incentive is to innovate only when it brings them an advantage. Once they own the market they stop and milk it, they don't invent crap.
Where would we be today should Microsoft plus the PC be the only game in town? If there was no Linux, no Solaris, no Apple? We'd all wear patented, DRM-enabled Microsoft-made assplugs, that's where.
<F1 cockpit> "Where do you want to go today?" <F1 driver> *gasp* <Clippy> "I've noticed you are having some trouble. Would you like me to: drive the car for you; show you a map of the circuit; wipe your helmet's visor; stop by the pitstop for a fresh change of underwear; search the help files for '300kph collision'?"
You may be on to something here. From the things Wikipedia has been through so far I was very interested in seeing the shitstorm hit the fan when the US elections came along. This may be a smart and sneaky attempt of saving Wikipedia from this.
As for the concept itself, it's completely doomed from day one. Election time is a time when all forms of media will be assaulted with anything the interested people can get away with. Giving them a wiki, any wiki, is simple asking for it. Think of all the crap and manipulation you get to see on TV and newspapers every election. Now imagine it freely posted on a high traffic webpage which everyone can edit.
And if anybody mentions any kind of moderation, they only set themselves up for being accused of taking sides.
I don't think there is anything magical about Ubuntu or that it is vastly better than all the others. I think it is more a case of being the right distro at the right time. Linux distros had been evolving in this direction for a long time.
Yes, but it's still a matter of making the extra effort. The exact same bits and pieces of GNU and FOSS software are out there, available for anyone who gives a damn. And yet distributions like Ubuntu and SuSE manage to come out above in terms of user experience. It comes down to putting the pieces together just right.
I don't think people realise how extremely versatile Linux and the accompanying software can be. That old joke "does it run Linux" is actually half serious. You can make almost anything out of it. Someone was bound to smell the coffee and use it to put together a kickass desktop.
Incidentally, I think this is the best advantage Linux has and why it can afford to fight mano a mano with anything the big corporations throw at it: it can adapt, evolve and become anything. All it takes is people willing to make the effort.
Figures. Translating manga this way is extremely easy (well, if you know Japanese, anyway), because there's no need of redoing the original and put the English text in. That's the hardest part of a scanlation group's job.
Translated versions sometimes mirror the images so they follow the western convention. But manga geeks sneer at such conversions.
And rightfully so, because it's not a straightforward conversion. A character may refer to his left hand, for instance, in what may be a major plot twist. Mangas that can be mirrored perfectly are few and far between. Besides, it's not worth the effort. With a little practice one can read up-down/right-left comics very easily.
Why "outside" Europe and America? There are countries in Europe where $300 a month is considered a good salary. Give a third of that for Windows? Yeah, right.
And even in the US and the developed countries of Europe there are plenty of people barely making ends meet. If anybody's curios they should check out a recent US Census bureau report, which states that 37 million people in the US lived in poverty in 2004.
It's bloody elitist to consider that everybody buys ready-made PC's from Dell or that $99 is nothing. Let's not lose perspective here. There are lots of people out there who get their computer from second-hand parts and can't afford Windows. And if you were going to say "then they shouldn't use Windows" or "poor people don't use computers", that's elitist and stupid too. Computers and Windows are a de facto standard and they have to use them. You can't afford to tell a prospective employer "fuck MS Office, I use OpenOffice" or "I don't know how to use computers" when you're barely etching a living.
And even in the current releases of Firefox and IE6, respectively, the differences are obvious. The Firefox rendering of ACID2 resembles the intended result. IE6 renders a red patch at the bottom of the page.
Yes, I'm comparing Firefox 1.5.0.4 with IE6. That's what's out now. If I were to compare "would be" I'd compare the perfect rendering in the beta Firefox with the still imperfect rendering in IE7.
Here you go. While an actual figure like "10th in the World" is hard to compute accurately, the figures given in the link should show that Spain is not exactly a struggling country.
The analogy with living organisms an excellent one. More and more research shows that immune systems or rats and humans (and probably other organisms) are stronger as they exposed to infections. Children and rats who grow up in conditions too clean are more likely to get allergies and asthma as adults.
I don't deny the validity of the theory when applied to living organisms, but I deny its relevance when applied to computers. Living macro- and micro-organisms react to each other naturally. As we get exposed to new bacteria and viruses, our immune systems adapt by themselves.
That's nothing like computer security and malware. They don't evolve naturally, they are both the result of human thinking and intentions. As a consequence, there's no natural balance involved. Either side could make a breakthrough at any time, all it takes is knowledge and determination.
One could argue that a living microorganism could make a breakthrough as well, and cause a pandemia, like the bird flu virus might. Except there wouldn't be any sense of purpose involved, no malice, only random mutation. If you want a 100% valid analogy then consider a biological weapon, developed by humans against humans, with an express purpose of distruction. That's how bad computer malware can potentially be.
Still, there's something to the GP's point. If Brussels is a political node, it is likely that this decision may have some effect on its connections with other governments and official bodies as well. At the very least, it won't go unnoticed.
Except it's not ok. Glorifying "hacking" (used loosely) makes it look cool and omnipresent and makes it accepted at some level. Stupid young kids see it as a desirable activity.
And claiming that a certain amount of malware going around helps security measures stay alert is silly. The analogy with living organisms and biological malware is way off. Computer malware doesn't thrive in the wild, mutating randomly. It is powered by misguided humans and by misguided blacklisting approaches to security.
Perpetuating the status quo only perpetuates those misconceptions. It doesn't prevent anything in particular. The reason nothing really big has hit.gov sites is not because they were "immunized" by constant exposure to a certain amount of malware. That's just stupid. They aren't usually hit because (a) they usually employ good security, in all its forms, and (b) because there's hasn't been a REALLY bad piece of malware to hit the fan just yet.
Some day somebody will write a worm that will finally do something really distructive, like spread for a year undetected and then format 75% of the world's HDD's on the same day. Then we'll actually see if real security and chastizing wannabe hackers would've perhaps been better than stupid theories, except it will be too late.
Does FoxIt have a search feature that'll go through entire folders and search those documents at the same time? I use this frequently...
Ah, but how relevant are you? I'll go out on a limb and venture that most people do not need to do that. They just need to look at PDF's rendered properly, use their internal table of contents, do a text search and print.
I have trouble believing that bbcode or any other method is full proof. It depends what you translate the bbcode into in your app. You may still introduce an issue.
Nobody said it was perfect. The first rule is to be paranoid. And yes, issues may always appear, but it would be with something you control. Not with something controlled by anybody out there, which expands the possibilities for mischief 1000-fold.
Maybe we should start signing pages so that they don't display without a checksum, etc. [...] Raw xhtml in itself isn't bad.
You're just complicating the problem needlessly. Yes, raw HTML is bad, because raw HTML == JavaScript == XSS. When coming from the client-side, that is. Stop raw HTML and you stop XSS. Escape all input from the client-side and there's no more XSS.
Did that make the BBSes insecure? I say baloney. The BBSes weren't the problem. The problem was that my software would accept such text and render it as machine code.
Ho ho ho. And where did your software live? On the BBS. The problem was that your software had a classical security flaw: code injection. No matter what the code was. The software had a hole and in my book that makes the server it runs on "bad", as in "does bad things to users". So while the server itself wouldn't be compromised, was it desirable if it compromised the users or did bad things to them?
Browsers that run Javascript could be rigged so that some kind of activator has to be present in the main section or no later code will be recognized. They aren't so suddenly its the fault of every individual web form author who doesn't account for the possibility that someone might enter some code in to the form. No way. Put the fault where it belongs: the architecture of the Javascript language.
I don't think so. That's treating the symptoms instead of the cause. Browsers are meant to run JavaScript. End of story. If a website feeds a browser JavaScript, it will execute it. It is NOT the browser's job to care whether that JavaScript should be there or not. It is the website's job.
SQL Injection is trivial to prevent, just escape your user-provided content [...]
So is XSS. Just escape all HTML in user-provided content. Ah, but you don't want that, do you? You want your bold and italic tags. Would SQL injection still be trivial to prevent if you didn't escape it altogether and wanted for "some" SQL to pass through and some not?
XSS attacks are caused by sloppy web application developers that fail to encode user-supplied data for output in the appropriate way, and by sloppy web developers that trust that whatever was submitted by a user was submitted by the user intentionally.
That's how XSS happens. But why does it happen?
Because the website accepts raw HTML of some kind. And with raw HTML comes JavaScript. Forget about filtering it perfectly. Yahoo has tried for years on end and still the occasional JavaScript injection issue pops up. Because that's what XSS is: JavaScript injection, plain and simple.
Don't want JavaScript injection? Cut to the root of the problem. Deny the means of propagation: raw HTML. If your users need to format text and you don't trust them, then use something else: BB code or wiki syntax. End of story.
You probably can't do it via IP alone. If the site is hosted on a shared server and you don't own the IP, which is the case with a lot of them, the server needs the host name in order to serve the right website. Accessing a shared server by IP will most likely get you some kind of generic page or a redirect to the registrar/hoster's site.
Slashdot Mirror
Speaking of Photoshop Elements, is there anything like it in the FOSS world? A graphical editor that's not supposed to be fancy, just offer a lot of image altering functions, something novice users can use intuitively to play with their photos: cropping, resizing, rotation, flip, red eye reduction, converting to another format, some effects, batch processing, perhaps integration with camera/scanner import?
Is there any?
Come on, people, face the reality. GIMP needs some serious loving put into it if you want anybody other than the most hardened geeks using it.
Virtual monopolies are needed (especially in formats) to help consumers eventually. PCs took off because Windows provided an equal format for everyone.
And who says we're better of with PC being a de facto standard? Where would we be today if 5-6 alternative platforms and software, like Amiga and so on, would've split the market evenly? I say we, the consumers, would be a lot better off.
Competition brings on the good stuff, monopolies lead to stagnation. The corporate incentive is to innovate only when it brings them an advantage. Once they own the market they stop and milk it, they don't invent crap.
Where would we be today should Microsoft plus the PC be the only game in town? If there was no Linux, no Solaris, no Apple? We'd all wear patented, DRM-enabled Microsoft-made assplugs, that's where.
<F1 cockpit> "Where do you want to go today?"
<F1 driver> *gasp*
<Clippy> "I've noticed you are having some trouble. Would you like me to: drive the car for you; show you a map of the circuit; wipe your helmet's visor; stop by the pitstop for a fresh change of underwear; search the help files for '300kph collision'?"
*SLAM*
You may be on to something here. From the things Wikipedia has been through so far I was very interested in seeing the shitstorm hit the fan when the US elections came along. This may be a smart and sneaky attempt of saving Wikipedia from this.
As for the concept itself, it's completely doomed from day one. Election time is a time when all forms of media will be assaulted with anything the interested people can get away with. Giving them a wiki, any wiki, is simple asking for it. Think of all the crap and manipulation you get to see on TV and newspapers every election. Now imagine it freely posted on a high traffic webpage which everyone can edit.
And if anybody mentions any kind of moderation, they only set themselves up for being accused of taking sides.
I don't think there is anything magical about Ubuntu or that it is vastly better than all the others. I think it is more a case of being the right distro at the right time. Linux distros had been evolving in this direction for a long time.
Yes, but it's still a matter of making the extra effort. The exact same bits and pieces of GNU and FOSS software are out there, available for anyone who gives a damn. And yet distributions like Ubuntu and SuSE manage to come out above in terms of user experience. It comes down to putting the pieces together just right.
I don't think people realise how extremely versatile Linux and the accompanying software can be. That old joke "does it run Linux" is actually half serious. You can make almost anything out of it. Someone was bound to smell the coffee and use it to put together a kickass desktop.
Incidentally, I think this is the best advantage Linux has and why it can afford to fight mano a mano with anything the big corporations throw at it: it can adapt, evolve and become anything. All it takes is people willing to make the effort.
Post a story with screenshots of you playing Duke Nukem Forever on a Vista box and I think I can guarantee you'll get plenty of attention. Plen-tee.
Figures. Translating manga this way is extremely easy (well, if you know Japanese, anyway), because there's no need of redoing the original and put the English text in. That's the hardest part of a scanlation group's job.
Why "outside" Europe and America? There are countries in Europe where $300 a month is considered a good salary. Give a third of that for Windows? Yeah, right.
And even in the US and the developed countries of Europe there are plenty of people barely making ends meet. If anybody's curios they should check out a recent US Census bureau report, which states that 37 million people in the US lived in poverty in 2004.
It's bloody elitist to consider that everybody buys ready-made PC's from Dell or that $99 is nothing. Let's not lose perspective here. There are lots of people out there who get their computer from second-hand parts and can't afford Windows. And if you were going to say "then they shouldn't use Windows" or "poor people don't use computers", that's elitist and stupid too. Computers and Windows are a de facto standard and they have to use them. You can't afford to tell a prospective employer "fuck MS Office, I use OpenOffice" or "I don't know how to use computers" when you're barely etching a living.
And even in the current releases of Firefox and IE6, respectively, the differences are obvious. The Firefox rendering of ACID2 resembles the intended result. IE6 renders a red patch at the bottom of the page.
Yes, I'm comparing Firefox 1.5.0.4 with IE6. That's what's out now. If I were to compare "would be" I'd compare the perfect rendering in the beta Firefox with the still imperfect rendering in IE7.
Opera 9 renders it perfectly and is out now, BTW.
Here you go. While an actual figure like "10th in the World" is hard to compute accurately, the figures given in the link should show that Spain is not exactly a struggling country.
That's nothing like computer security and malware. They don't evolve naturally, they are both the result of human thinking and intentions. As a consequence, there's no natural balance involved. Either side could make a breakthrough at any time, all it takes is knowledge and determination.
One could argue that a living microorganism could make a breakthrough as well, and cause a pandemia, like the bird flu virus might. Except there wouldn't be any sense of purpose involved, no malice, only random mutation. If you want a 100% valid analogy then consider a biological weapon, developed by humans against humans, with an express purpose of distruction. That's how bad computer malware can potentially be.
Still, there's something to the GP's point. If Brussels is a political node, it is likely that this decision may have some effect on its connections with other governments and official bodies as well. At the very least, it won't go unnoticed.
Except it's not ok. Glorifying "hacking" (used loosely) makes it look cool and omnipresent and makes it accepted at some level. Stupid young kids see it as a desirable activity.
.gov sites is not because they were "immunized" by constant exposure to a certain amount of malware. That's just stupid. They aren't usually hit because (a) they usually employ good security, in all its forms, and (b) because there's hasn't been a REALLY bad piece of malware to hit the fan just yet.
And claiming that a certain amount of malware going around helps security measures stay alert is silly. The analogy with living organisms and biological malware is way off. Computer malware doesn't thrive in the wild, mutating randomly. It is powered by misguided humans and by misguided blacklisting approaches to security.
Perpetuating the status quo only perpetuates those misconceptions. It doesn't prevent anything in particular. The reason nothing really big has hit
Some day somebody will write a worm that will finally do something really distructive, like spread for a year undetected and then format 75% of the world's HDD's on the same day. Then we'll actually see if real security and chastizing wannabe hackers would've perhaps been better than stupid theories, except it will be too late.
You're just complicating the problem needlessly. Yes, raw HTML is bad, because raw HTML == JavaScript == XSS. When coming from the client-side, that is. Stop raw HTML and you stop XSS. Escape all input from the client-side and there's no more XSS.
Ho ho ho. And where did your software live? On the BBS. The problem was that your software had a classical security flaw: code injection. No matter what the code was. The software had a hole and in my book that makes the server it runs on "bad", as in "does bad things to users". So while the server itself wouldn't be compromised, was it desirable if it compromised the users or did bad things to them?
I don't think so. That's treating the symptoms instead of the cause. Browsers are meant to run JavaScript. End of story. If a website feeds a browser JavaScript, it will execute it. It is NOT the browser's job to care whether that JavaScript should be there or not. It is the website's job.
So is XSS. Just escape all HTML in user-provided content. Ah, but you don't want that, do you? You want your bold and italic tags. Would SQL injection still be trivial to prevent if you didn't escape it altogether and wanted for "some" SQL to pass through and some not?
That's how XSS happens. But why does it happen?
Because the website accepts raw HTML of some kind. And with raw HTML comes JavaScript. Forget about filtering it perfectly. Yahoo has tried for years on end and still the occasional JavaScript injection issue pops up. Because that's what XSS is: JavaScript injection, plain and simple.
Don't want JavaScript injection? Cut to the root of the problem. Deny the means of propagation: raw HTML. If your users need to format text and you don't trust them, then use something else: BB code or wiki syntax. End of story.
It's not as bad as you think. How many people actually go to RTFA?
I also recommend Gandi. Not one complaint from my part, in over 5 years and a lot of domains of all kinds.
You probably can't do it via IP alone. If the site is hosted on a shared server and you don't own the IP, which is the case with a lot of them, the server needs the host name in order to serve the right website. Accessing a shared server by IP will most likely get you some kind of generic page or a redirect to the registrar/hoster's site.
Which makes DNS even more powerful.