This is not the reason to switch operating systems, it is a reason to use better software...
One could argue that Linux is better sofware, and that that alone is reason enough to switch. It is, however, still a good idea to keep your system updated and to have a security policy in place no matter what the operating system.
I'm a fairly competent internet programmer, so here's my analysis: follow the money. First thing to examine is the url that MS presents. I've split it into multiple lines for readability. Notice that it contains two other urls as parameters.
This url takes you back to the msn search site so that it can record your click. The search site responds with a code 302 (Document moved) and redirects you to ads.msn.com. Here is the url for that. Notice the similarity.
This ad site responds with another redirect that finally takes you to nightsurf. Here is the url for that.
http://apps.NightSurf.com/~wsapi/nssearch.dll?de al code=msn&src=1&key=xfree86
Now here's where it really gets interesting. Notice the dealcode and key parameters in particular. They would seem to imply that MSN has some kind of deal with NightSurf.
I have to conclude that NightSurf paid MSN to feature it's ad (that's what it is, not a search result) when users type in 'XFree86'. I had difficulty understanding why a porn search site would want to do something like that, so I started investigating. First stop, betterwhois.com. Here's what they have to say about NightSurf.com.
Administrative Contact, Technical Contact:
Inc., WP av4xg8hq3ck@networksolutionsprivateregistration.co m
ATTN: NIGHTSURF.COM
c/o Network Solutions
P.O. Box 447
Herndon, VA 20172-0447
570-708-8780
It seems that this is a private listing from Network Solutions and any further investigation will have to include sending an email to the listed address.
So the question remains, why is NightSurf.com (A.K.A. Web Power, Inc.) paying Microsoft for the XFree86 keyword? Did Microsoft knowingly accept that or was it more automated? Do I or do I not have a hole in my hat?
In a related phenomenon, I've found that most people who start a statement off with "I'm not a racist but..." follow it with the most racist crap imaginable. That sort of lead off is designed to soften an upopular and often unreasonable opinion. You can usually discount any statement that begins "I'm not a ______ but..." or "I believe ______ but..."
*I was in in Pittsburgh one year when the KKK was given the right to march and hold a rally espousing their racist views. Is this what Freedom of Speech was meant for?
Yes, yes it is. Absolutely. Just because their message is abhorrent does not mean that they cannot communicate it. If KKK cannot lawfully and peaceably assemble, then where do we draw the line? Once a goverment starts restricting that sort of speech, it starts down the road to totalitarianism. Once down that road, it is very difficult for a government to reverse itself and remain in power.
And btw, the KKK was not given the right to march, they excercised it. They already had that right and once they fulfilled the necessary requirements they were given a license to parade. The city had no real choice in the matter since denying the petition could have resulted in a legal liability. The ACLU has fought for the Klan in the past, rightfully so, and would do so again if necessary.
* probably unnecessary disclaimer: I absolutely abhor everything the Klan stands for, but I will defend their right to exist so long as they remain within the law.
Trojaned machines and spam are two different problems, although they are related. Certificates would stop people from simply spoofing email addresses. That's good, and it's difficult to argue otherwise.
You are correct in that the ability of spammers to use valid email addresses on trojaned machines would get around that, but that is a different issue that is best solved at the application and OS level of the compromised machines, not at the email server.
Security is made up of layers. Requiring certificates on the email server would simply be another important layer.
The question is, how much overhead is acceptable? Spam already incurrs lots of overhead, so any additional overhead that effectively limits that of spam would result in lower overall overhead. But what if there is a way to limit spam overhead without incurring the additional overhead of technical solutions?
I say go after the people pushing products through spam. Not the spammers themselvs, their customers. If they are overseas, then ban their products or pressure their government into controlling their behavior. Ultimately, the U.S. has the clout to pull the internet plug on most countries that don't go along.
You are absolutely correct. It is not the spammers themselves (as reprehensible as they might be) that are the problem, it is the companies that are willing to resort to spam-vertising to sell a product. They can't send you that type of crap through postal mail (unsolicited) and they shouldn't be allowed to send it through email. Nine-tenths of all spam can be traced to a company that wants to sell you something, if not to the guy that actually sent it, so go after them when the content is not appropriate.
How else does the Code Red author decide, "Hey! I found this buffer overflow routine in the unicode support for URLs in the IIS Indexing Server"?
Maybe the dude just ran a bunch really long URLs through ISS and studied the ones it barfed on. It really doesn't take that long once you know where the problem is, especially if certain patterns are known to work in other areas.
Do a search on his email address (rjones@devx.com) and you'll find that R. Jones has been writing about MS technologies for many years, including numerous articles on Visual Basic,.Net, and C#. Small wonder he feels threatened by open source, it's a direct challenge to his career.
I think you are underestimating the effect that bundling had on the first browser war. Way back when, one had to buy Netscape. Computer manufacturers would license Netscape so they could bundle it with new computers. That is the number one reason why Netscape became so popular. People that bought computers without Netscape would actually buy it from a store because they were used to it from experience with other computers.
Then Microsoft bought Internet Explorer and began to insist that any manufacturer that wanted to sell computers with the Windows OS had to include Internet Explorer instead of Netscape. When the manufacturers agreed to that, as they had no real choice, Netscape responded by offering their browser for free. That had a positive effect of slowing the rate at which they were losing market share, but it couldn't stop it.
This forced bundling of IE was the crux of the monopoly suit, and Microsoft was found guilty of anti-competitive practices. Oddly, they were not required to cease their behavior. By this time though, Netscape was ailing and no longer in any position to fight, so it lost the first browser war. I should probably mention that, at the time, Apache was gaining significant market share from Netscape's own very expensive web server. No doubt that had a significant effect on Netscape's ability to compete with Internet Explorer in the browser arena.
Personally, I don't think we'll ever see IE dethroned as the most used browser until manufacturers supply a Gecko based browser by defualt.
There was an Opera story recently about their IPO announcement. Aside from that, when was the last time you heard from them? When was the last release?
I'm not trying to denigrate Opera here, it's a wonderful browser, but they need to make more noise if they want to be in the news. Of course, they might just be happier selling embedded licenses while continuing to develop a great product.
That is one of the drawbacks of open source projects. New code is usually buggy, slow, and unstable - just like mozilla in the pre-1.0 stage. Since the development process is open, everyone gets to see exactly what a mess it is at first. Some people immediately start loudly proclaiming how much the project sucks.
As time passes though, the project makes extraordinary progress precisely through the same open process that allowed earlier, unfair criticism. Which, incidently, will have been largely silenced by this point because everyone can see exactly how much progress has been made.
It is possible, and has actually been available for some time. I use Kevin Roth'srich text editor. It works in any recent IE or Mozilla based browser. Other browsers should display a normal textarea input.
Can you even get to a command line in the latest version of Windows?
Yes, it's under Start->Programs->Accessories, but it's not very good.
Is Perl included?
No, but you can download a no-cost version from ActiveState.com
Can you easily write your own scripts?
Why yes, yes I can.
Obviously not, but some of them can do similar stuff, if not as well. OOo Writer, for instance, can use (non-VB) macros to do many things. I use them to write scripts that convert word and excel docs to HTML on the fly. I get approximately the same conversion quality you find over at google.
The virus we need is one that changes the wallpaper on a Windows(tm) machine to a big crotch shot. It can't be that hard...
Ahem. I think you meant to say difficult.
I hate to say it, I really do, but I think you're on to something. That would at least cause people to wake up to what this crap is all about. Besides, it's also a lot less damaging than the other stuff that could happen. Rioting in the streets, planes falling out of the sky, dogs and cats sleeping together. You know, stuff like that.
They've been in business for nine years. I wouldn't call an IPO now "selling up as fast as possible." An IPO is a business decision, and like all business decisions, the smart company will weigh it carefully before embracing it. Opera has survived too much for too long now, and can certainly not be described as stupid. I don't claim to know the reasoning behind their move, but I'm willing to think it is worthwhile from their point of view.
Hell, their reasoning could be that it will make the founders very rich. Sucks for the rest of us, but if it were my decision, I'd do it in a heartbeat.
Slashdot Mirror
This is not the reason to switch operating systems, it is a reason to use better software...
One could argue that Linux is better sofware, and that that alone is reason enough to switch. It is, however, still a good idea to keep your system updated and to have a security policy in place no matter what the operating system.
I'm a fairly competent internet programmer, so here's my analysis: follow the money. First thing to examine is the url that MS presents. I've split it into multiple lines for readability. Notice that it contains two other urls as parameters.
r ch.dll6 R .gif
_ TR.gif
e al code=msn&src=1&key=xfree86
o m
http://search.msn.com/adpassthru.aspx
?ADTARGET=http://ads.msn.com/ads/adredir.asp
%3F&TARGET=http://apps.NightSurf.com/~wsapi/nssea
%3Fdealcode%3Dmsn%26src%3D1%26key%3D&QUERY=xfree8
&IMG=http://ads.msn.com/ads/IMGWB3/004400170001_T
This url takes you back to the msn search site so that it can record your click. The search site responds with a code 302 (Document moved) and redirects you to ads.msn.com. Here is the url for that. Notice the similarity.
http://ads.msn.com/ads/adredir.asp
?url=http%3a%2f%2fapps.NightSurf.com
%2f%7ewsapi%2fnssearch.dll
%3fdealcode%3dmsn%26src%3d1%26key%3dxfree86
&image=http://ads.msn.com/ads/IMGWB3/004400170001
This ad site responds with another redirect that finally takes you to nightsurf. Here is the url for that.
http://apps.NightSurf.com/~wsapi/nssearch.dll?d
Now here's where it really gets interesting. Notice the dealcode and key parameters in particular. They would seem to imply that MSN has some kind of deal with NightSurf.
I have to conclude that NightSurf paid MSN to feature it's ad (that's what it is, not a search result) when users type in 'XFree86'. I had difficulty understanding why a porn search site would want to do something like that, so I started investigating. First stop, betterwhois.com. Here's what they have to say about NightSurf.com.
Registrant:
WebPower Inc.
ATTN: NIGHTSURF.COM
c/o Network Solutions
P.O. Box 447
Herndon, VA. 20172-0447
Domain Name: NIGHTSURF.COM
Administrative Contact, Technical Contact:
Inc., WP av4xg8hq3ck@networksolutionsprivateregistration.c
ATTN: NIGHTSURF.COM
c/o Network Solutions
P.O. Box 447
Herndon, VA 20172-0447
570-708-8780
It seems that this is a private listing from Network Solutions and any further investigation will have to include sending an email to the listed address.
So the question remains, why is NightSurf.com (A.K.A. Web Power, Inc.) paying Microsoft for the XFree86 keyword? Did Microsoft knowingly accept that or was it more automated? Do I or do I not have a hole in my hat?
This is duck tape
That depends on how
MDK 10 is in beta 1. If you are impatient and adventurous you could try this: http://qa.mandrakesoft.com/twiki/bin/view/Main/Man drakeLinux10ReleaseNotes. Note the section on upgrading. Of course, you could just wait for the official release.
In a related phenomenon, I've found that most people who start a statement off with "I'm not a racist but..." follow it with the most racist crap imaginable. That sort of lead off is designed to soften an upopular and often unreasonable opinion. You can usually discount any statement that begins "I'm not a ______ but..." or "I believe ______ but..."
So who's your psychic? How much for an hour?
*I was in in Pittsburgh one year when the KKK was given the right to march and hold a rally espousing their racist views. Is this what Freedom of Speech was meant for?
Yes, yes it is. Absolutely. Just because their message is abhorrent does not mean that they cannot communicate it. If KKK cannot lawfully and peaceably assemble, then where do we draw the line? Once a goverment starts restricting that sort of speech, it starts down the road to totalitarianism. Once down that road, it is very difficult for a government to reverse itself and remain in power.
And btw, the KKK was not given the right to march, they excercised it. They already had that right and once they fulfilled the necessary requirements they were given a license to parade. The city had no real choice in the matter since denying the petition could have resulted in a legal liability. The ACLU has fought for the Klan in the past, rightfully so, and would do so again if necessary.
* probably unnecessary disclaimer: I absolutely abhor everything the Klan stands for, but I will defend their right to exist so long as they remain within the law.
Trojaned machines and spam are two different problems, although they are related. Certificates would stop people from simply spoofing email addresses. That's good, and it's difficult to argue otherwise.
You are correct in that the ability of spammers to use valid email addresses on trojaned machines would get around that, but that is a different issue that is best solved at the application and OS level of the compromised machines, not at the email server.
Security is made up of layers. Requiring certificates on the email server would simply be another important layer.
The question is, how much overhead is acceptable? Spam already incurrs lots of overhead, so any additional overhead that effectively limits that of spam would result in lower overall overhead. But what if there is a way to limit spam overhead without incurring the additional overhead of technical solutions?
I say go after the people pushing products through spam. Not the spammers themselvs, their customers. If they are overseas, then ban their products or pressure their government into controlling their behavior. Ultimately, the U.S. has the clout to pull the internet plug on most countries that don't go along.
You are absolutely correct. It is not the spammers themselves (as reprehensible as they might be) that are the problem, it is the companies that are willing to resort to spam-vertising to sell a product. They can't send you that type of crap through postal mail (unsolicited) and they shouldn't be allowed to send it through email. Nine-tenths of all spam can be traced to a company that wants to sell you something, if not to the guy that actually sent it, so go after them when the content is not appropriate.
s/ISS/IIS/
How else does the Code Red author decide, "Hey! I found this buffer overflow routine in the unicode support for URLs in the IIS Indexing Server"?
Maybe the dude just ran a bunch really long URLs through ISS and studied the ones it barfed on. It really doesn't take that long once you know where the problem is, especially if certain patterns are known to work in other areas.
Do a search on his email address (rjones@devx.com) and you'll find that R. Jones has been writing about MS technologies for many years, including numerous articles on Visual Basic, .Net, and C#. Small wonder he feels threatened by open source, it's a direct challenge to his career.
I think you are underestimating the effect that bundling had on the first browser war. Way back when, one had to buy Netscape. Computer manufacturers would license Netscape so they could bundle it with new computers. That is the number one reason why Netscape became so popular. People that bought computers without Netscape would actually buy it from a store because they were used to it from experience with other computers.
Then Microsoft bought Internet Explorer and began to insist that any manufacturer that wanted to sell computers with the Windows OS had to include Internet Explorer instead of Netscape. When the manufacturers agreed to that, as they had no real choice, Netscape responded by offering their browser for free. That had a positive effect of slowing the rate at which they were losing market share, but it couldn't stop it.
This forced bundling of IE was the crux of the monopoly suit, and Microsoft was found guilty of anti-competitive practices. Oddly, they were not required to cease their behavior. By this time though, Netscape was ailing and no longer in any position to fight, so it lost the first browser war. I should probably mention that, at the time, Apache was gaining significant market share from Netscape's own very expensive web server. No doubt that had a significant effect on Netscape's ability to compete with Internet Explorer in the browser arena.
Personally, I don't think we'll ever see IE dethroned as the most used browser until manufacturers supply a Gecko based browser by defualt.
There was an Opera story recently about their IPO announcement. Aside from that, when was the last time you heard from them? When was the last release?
I'm not trying to denigrate Opera here, it's a wonderful browser, but they need to make more noise if they want to be in the news. Of course, they might just be happier selling embedded licenses while continuing to develop a great product.
That is one of the drawbacks of open source projects. New code is usually buggy, slow, and unstable - just like mozilla in the pre-1.0 stage. Since the development process is open, everyone gets to see exactly what a mess it is at first. Some people immediately start loudly proclaiming how much the project sucks.
As time passes though, the project makes extraordinary progress precisely through the same open process that allowed earlier, unfair criticism. Which, incidently, will have been largely silenced by this point because everyone can see exactly how much progress has been made.
It is possible, and has actually been available for some time. I use Kevin Roth's rich text editor. It works in any recent IE or Mozilla based browser. Other browsers should display a normal textarea input.
Because this is slashdot, not a news outlet.
And don't forget the speed holes.
Can you even get to a command line in the latest version of Windows? Yes, it's under Start->Programs->Accessories, but it's not very good. Is Perl included? No, but you can download a no-cost version from ActiveState.com Can you easily write your own scripts? Why yes, yes I can.
Obviously not, but some of them can do similar stuff, if not as well. OOo Writer, for instance, can use (non-VB) macros to do many things. I use them to write scripts that convert word and excel docs to HTML on the fly. I get approximately the same conversion quality you find over at google.
How can you be sure it was a puctuation error? Maybe he meant wives and his spelling sucks.
The virus we need is one that changes the wallpaper on a Windows(tm) machine to a big crotch shot. It can't be that hard...
Ahem. I think you meant to say difficult.
I hate to say it, I really do, but I think you're on to something. That would at least cause people to wake up to what this crap is all about. Besides, it's also a lot less damaging than the other stuff that could happen. Rioting in the streets, planes falling out of the sky, dogs and cats sleeping together. You know, stuff like that.
They've been in business for nine years. I wouldn't call an IPO now "selling up as fast as possible." An IPO is a business decision, and like all business decisions, the smart company will weigh it carefully before embracing it. Opera has survived too much for too long now, and can certainly not be described as stupid. I don't claim to know the reasoning behind their move, but I'm willing to think it is worthwhile from their point of view.
Hell, their reasoning could be that it will make the founders very rich. Sucks for the rest of us, but if it were my decision, I'd do it in a heartbeat.