Lets say Netscape was THE browser to have. Do you think anyone would be bothering to write IE exploits?
Your argument is based on the premise that IE and Netscape are the same in terms of design. Netscape/Mozilla can't be "hijacked" in the same manner because it doesn't use Windows' registry classes to determine what to do with a downloaded file, and it isn't integrated with the Explorer shell. A Netscape browser window instance can't be silently started (without a "head"), and a new filetype can't be opened without the user knowing, or taking action. Likewise, Sun Java and Javascript is limited to things done inside the browser, it doesn't have access to the rest of the operating system.
But disabling IE is not the answer. I predict within a few weeks of you doing this you are undoing it for some higher ranking manager. Then his buddy will find out, and so on. Soon you are supporting not 1 browser but 2. HAVE FUN with your crippling!
Obviously, I can't completely remove it, that would break Windows. I want to use it as a tool for running Windows Update, but I will have to make exceptions for certain trusted sites. It won't be my undoing because my superiors are well aware of the problems that malware causes, and would be happier without pop-ups and system instability. I'm not doing this in secret. I've explained to them the reasons, the effects, and the exceptions where some may have to use IE.
Make the people who are making your job misserable RESPONSABLE for their actions.
I can't go Stalin on my network users. Where there are standard configurations, we use DeepFreeze to restore the computers to the original configuration. Unfortunately, we can't use this everywhere, because it is to inflexible for the users with non-standard configurations.
But you're kidding yourself if you don't think the main reason there's more malware for Windows/IE than anything else is because of their popularity.
To agree with you, I'd have to accept that popularity, and not design, is what creates security flaws. No, sorry, I'm not buying it. Netscape, with it's 6 major vulnerabilities that have long since been patched, I can sit here and surf all day without picking up any malware. Windows is the problem, and IE is the enabler, if you will. I'm going to be switching our network workstations over to Netscape, and EULA-be-damned, I'm going to find a way to cripple IE.
As a brick & mortar retailer, I'm sick and tired of losing businesses to cheapskates who want to shave a few pennies off
Actually, that fellow's business is hurting partially because it is *not* a free market. State governments are actually creating a "black market" by imposing high taxes in an environment where it is easy to move goods across borders. The government created their own problem, and their fix was to tax out-of-state transactions. Now these state governments are trying to fix their fix, by making it harder to dodge the sales tax.
I'm surprised that we're hearing about this now. It just reinforces my theory that the majority of taxpayers have no clue that a "Sales and Use Tax" exists in their state, and has existed before the Internet was commercialized. It must cost a lot to enforce this, and in my home state, they make it very difficult to be honest on your S&U tax form (because revealing such information will most likely make them look into your buying habits in the past, or those of your spouse). Since the penalties include jail time, it is akin to self-incrimination if you just pick up and pay for the first time.
Spyware is a big problem which isn't Window's fault. Because windows is the biggest, it gets targetted by spyware.
Sorry, but that's complete and utter bullshit. My tech team spends too much time cleaning up after malware. I made the mistake of switching our organization over to IE several years ago, mainly due to complaints about compatibility. The majority of these nasty malware programs take advantage of design flaws in IE to enter the system and remain there.
I'm now testing Netscape 7 as a standard browser. It cannot be modified, or accessed through the operating system as can IE. Therefore, most of the loading schemes used by malware do not work. So IE is definitely part of the problem. IE is part of Windows, so it is Windows' fault. Malware programs modify Windows so that they can run as extensions to the operating system, and no actually up as a process in the process list.
No thanks. I have more trust for "disinterested" third parties that verify and publish on their own. A more helpful law would be one that protects the researchers (even amateur ones) from harassment (legal or otherwise). It's a slippery slope, it will not end with labeling.
I *don't* want that to happen with software! I'd much rather retain the right, as fair use, to legally modify crap-ware, and also have the right to discuss the details of that modification with other people.
This is seriously screwed up. If this isn't a blatant anti-trust violation, I don't know what is. Didn't the EU just assess a 1/2 billion dollar fine over this very behavior?
It is, and as you've noted, it's a glaringly obvious one at that. Aside from this, we see an article above where the text mentions "increased competition" to OpenGL from D3D. Another abuse of monopoly power. The OGL implementations I've seen so far way out-perform D3D. The problem is that D3D ships with 90+ per cent of the new desktop machines out there, so it can still be a piece of trash and still dominate the market.
Perhaps some folks just don't get it. Requiring Microsoft to sell Media Player separately isn't the same as preventing them from offering the feature to the public. The DOJ can take action without actually hurting Microsoft's shareholders. Hey, if Media Player could actually stand on its own legs against the competition, MS would actually stand to make more by selling it as a separate component.
It starts up along with your system, so you don't have to worry about malware infecting your system during the short period between booting your system and the operating system and necessary drivers loading up.
This is a Windows thing I presume? Don't know how the rest of the world works, but when my firewalled servers start, everything is "denied" while the interfaces are brought up. Once that happens, it loads my ruleset.
So, yes, it is a security hole, but it is also something that customers are happy about when they need it.
That's great, and I'm sure your customers appreciate it. But does it have to be 1) undocumented, and 2) on all the time without the option to be disabled? No, it doesn't. The customer should at least have to flip a switch to activate it. But because it doesn't work that way, ol' Fred has to always be looking over his shoulder and running his packet sniffers 24x7 because some manufacturer may have decided to include a major, trivially exploitable security hole on his hardware.
I don't buy the "that's the way the industry does it excuse." Obviously (judging from some of the other posters here) there is a better way to do it. There will always be a better way to do it.
Well, Cisco generally charges for a support contract before you're entitled to any firmware updates. Another reason not to use Cisco. OTOH, Cisco hardware doesn't die if you look at it crosseyed, so it's a tough choice I guess.
Oh, well that makes sense. Otherwise I'd have see the humor in the fact that the Japanese government is protecting industries that beat Intel in the past by flooding the RAM chip industry at a loss, then jacking up the price after the competitors were eliminated.
Yeah, that's about as demeaning as you can get. But, you can always get a tax number and offer to train the competitor's new hires to do your quality of work... For a small consulting fee of course.:o)
Households can purchase solar panels and more efficient appliances (dishwashers, clothes washer / drier, hot water heater, fridge, oven, air conditioning).
I look into solar power every once in a while. As it stands, a typical suburban grid-addict like myself has almost no useful options. First off, those appliances you list form a tidy list of things that you can't run off of solar-panel charged batteries; High-current appliances really make the batteries work hard, and heat becomes an issue in the battery bank. Heaven forbid you try to run two of those appliances at once. As a matter of fact, google some solar-power forums and ask folks that use solar power about it. They'll probably say, "it's not worth (or is somewhat dangerous) draining the batteries for those appliancies, use LPG-powered ones instead." That adds a layer of complexity to maintaining the appliances, as well as the cost of fuel (and the fact that you'd have to give your current appliances the heave-ho).
The second issue is the cost of the panels (and the location), wiring, batteries, and installation. I have less than a quarter acre of property, as do most of the people in my area. My neighbors would most likely lynch me if I stuck an array of panels out on the property. That leaves the roof, which would be the most expensive installation option. Even considering that, I don't get enough sun exposure per day to meet the power requirements of the lighting and smaller equipment in my house. I have to find a safe spot to place the battery banks, so I've lost a chunk of space in my basement. Even a modest set of panels, batteries and installation is going to total in the high end of a four-digit figure (USD). I priced a ~$4700 installation (before realizing that I couldn't legally do my own wiring). I'd only save about $20/month because my major appliances would still need to be on the grid. It would be nearly 20 years before I broke even on the cost, assuming (implausibly) that nothing needed replacement during that time.
Third, the amount of maintenance (or the incovenience thereof) puts alternative power out of the reach of most folks. It's not like we hire our own linemen when the power lines need maintenance, it's all worked into the monthly rate. Alternative power is more expensive and a lot less convenient (you still have to be very mindful of your power consumption in a big installation). That's not a winning combination. Folks off the grid end up using alternate power sources like wind and water during to sun's "off months". Those are definitely not an option in urban/suburban areas, where consumption is highest. A few scattered rural alternative-power solutions aren't going to make a dent in the power consumption.
Both will help reduce the amount of new powerlines required.
Only if everyone on your street goes with alternative power sources. Doubtful, considering the downsides.
In addition, laws can be passed requiring minimum efficiencies.
Now you're talking. But the regulators are going to have to be careful. Sometimes these things have unintended consequences, like low-water-use dishwashers that force the owners to practically wash dishes by hard first, or high-efficiency air-conditioners that have to be run four times as long as a "less efficient" model to bring the room down to the same temperature.
I think some sincere encouragement is the way to go first. For example: Compact fluorescent lightbulbs come in more styles now that ever before. They are instant-on, quiet, flicker-free, brighter than standard bulbs, and they last at least five times as long. People don't buy them. Why? Because they're penny-wise and pound-foolish. The super-twist bulbs may cost $5 as opposed to about 78 cents, but they use a quarter of the power. I just counted 15 bulbs that I replaced with super-twist fluorescent models. The bulbs have alre
Erm, that's a negative
on
Real Problems
·
· Score: 1
...but I'm sure no 'serious' company would consider it because they don't have their digital rights preserved."
I was just going to silently moderate in here until I read this line. There's nothing special about a WMA or Real Audio stream that prevents it from being dumped to disk, or prevents a program from dumping the decoded data to a file, so let's just drop it as far as "use-prevention" concerned. If it makes them feel safer, can't we just add a DRM spec to Vorbis? It won't protect the content, but it'll at least make Vorbis a contender. Given the choice between all the video and audio formats out there, I'd pick DiVX and Vorbis over all of them. Not because of royalty issues, but because they're technically superior to all the other garbage, and they're readable on all platforms. If I can't have Vorbis, then I'll take MP3 as a second pick.
So you can sue and use your journal as evidence? Who's going to believe that it is more reliable than the computer records?
The answer is: You can't trust either party, because both have something to gain by manipulating the measuring device. Aren't these systems independently verified for accuracy? I don't know why it's different in Texas, but everywhere I've worked (that had an electronic timecard system) *DID NOT* allow the system to be tampered with in any way. I haven't checked the law, but this leads me to believe there is a regulation regarding the integrity of these systems (probably only applies to non-union workers). If the system could be manipulated this easily by managers, what would stop the managers from manipulating anyone's hours arbitrarily? Think about it, what's to stop a manager from creating a cash-only merchandise theft ring with his employees? He's already doing something illegal by tampering with the system, why not get something more in return for the risk?
Any idiot lawmaker with one working brain cell must realize that you can't have a party calibrate its own equipment and make trade based on that, because that would be a conflict of interest. That's why the Post Office weighs your package, and not you. That's why gas pumps are calibrated and certified by a third party, and not the franchise owner. "Duh."
I was not aware that nvidia cards forced you to install every driver update.
I was not aware that "drivers" included DRM application software that cannot be separately uninstalled. There's not reason to dump this junk on consumers. It's "use protection", not "copy protection."
I don't understand why Sun can just pull Microsoft's license so they can't call it "Java" anymore. I would say Sun is a little shortsighted, but there's no hope for them with Ashcroft asleep at the wheel. The 2 billion is just a smokescreen. Microsoft wouldn't have budged if it didn't think it would be able to use its monopoly power to force a "C#" VM on the Windows users in the very near future.
Corel hasn't been that Linux-friendly in the past. They also historically ignored the "little" players with their application releases. Well, I've got StarOffice and OpenOffice now, so I no longer am looking for WP or Corel Draw on any platform.
If you aren't Microsoft, don't ignore the smaller players in the desktop PC field. You never know when Microsoft is going to use their monopoly power to take over your userbase.
Excellent! Would it be too much trouble for you to go outside and ask the SWAT dev team why the default is to look for smb.conf inside/usr/lib instead of/etc/samba? I mean, who puts configuration files in with userland libraries?
Slashdot Mirror
Lets say Netscape was THE browser to have. Do you think anyone would be bothering to write IE exploits?
Your argument is based on the premise that IE and Netscape are the same in terms of design. Netscape/Mozilla can't be "hijacked" in the same manner because it doesn't use Windows' registry classes to determine what to do with a downloaded file, and it isn't integrated with the Explorer shell. A Netscape browser window instance can't be silently started (without a "head"), and a new filetype can't be opened without the user knowing, or taking action. Likewise, Sun Java and Javascript is limited to things done inside the browser, it doesn't have access to the rest of the operating system.
But disabling IE is not the answer. I predict within a few weeks of you doing this you are undoing it for some higher ranking manager. Then his buddy will find out, and so on. Soon you are supporting not 1 browser but 2. HAVE FUN with your crippling!
Obviously, I can't completely remove it, that would break Windows. I want to use it as a tool for running Windows Update, but I will have to make exceptions for certain trusted sites. It won't be my undoing because my superiors are well aware of the problems that malware causes, and would be happier without pop-ups and system instability. I'm not doing this in secret. I've explained to them the reasons, the effects, and the exceptions where some may have to use IE.
Make the people who are making your job misserable RESPONSABLE for their actions.
I can't go Stalin on my network users. Where there are standard configurations, we use DeepFreeze to restore the computers to the original configuration. Unfortunately, we can't use this everywhere, because it is to inflexible for the users with non-standard configurations.
But you're kidding yourself if you don't think the main reason there's more malware for Windows/IE than anything else is because of their popularity.
To agree with you, I'd have to accept that popularity, and not design, is what creates security flaws. No, sorry, I'm not buying it. Netscape, with it's 6 major vulnerabilities that have long since been patched, I can sit here and surf all day without picking up any malware. Windows is the problem, and IE is the enabler, if you will. I'm going to be switching our network workstations over to Netscape, and EULA-be-damned, I'm going to find a way to cripple IE.
As a brick & mortar retailer, I'm sick and tired of losing businesses to cheapskates who want to shave a few pennies off
Actually, that fellow's business is hurting partially because it is *not* a free market. State governments are actually creating a "black market" by imposing high taxes in an environment where it is easy to move goods across borders. The government created their own problem, and their fix was to tax out-of-state transactions. Now these state governments are trying to fix their fix, by making it harder to dodge the sales tax.
I'm surprised that we're hearing about this now. It just reinforces my theory that the majority of taxpayers have no clue that a "Sales and Use Tax" exists in their state, and has existed before the Internet was commercialized. It must cost a lot to enforce this, and in my home state, they make it very difficult to be honest on your S&U tax form (because revealing such information will most likely make them look into your buying habits in the past, or those of your spouse). Since the penalties include jail time, it is akin to self-incrimination if you just pick up and pay for the first time.
"...no actually up as a process..."
Correction:
"...not actually show up as a process..."
Spyware is a big problem which isn't Window's fault. Because windows is the biggest, it gets targetted by spyware.
Sorry, but that's complete and utter bullshit. My tech team spends too much time cleaning up after malware. I made the mistake of switching our organization over to IE several years ago, mainly due to complaints about compatibility. The majority of these nasty malware programs take advantage of design flaws in IE to enter the system and remain there.
I'm now testing Netscape 7 as a standard browser. It cannot be modified, or accessed through the operating system as can IE. Therefore, most of the loading schemes used by malware do not work. So IE is definitely part of the problem. IE is part of Windows, so it is Windows' fault. Malware programs modify Windows so that they can run as extensions to the operating system, and no actually up as a process in the process list.
No thanks. I have more trust for "disinterested" third parties that verify and publish on their own. A more helpful law would be one that protects the researchers (even amateur ones) from harassment (legal or otherwise). It's a slippery slope, it will not end with labeling.
I *don't* want that to happen with software! I'd much rather retain the right, as fair use, to legally modify crap-ware, and also have the right to discuss the details of that modification with other people.
But if you were to watch a trailer, this is the way to do it. No stupid Windows-specific embed tags with CLSIDs. Just download, uncompress, and watch.
This is seriously screwed up. If this isn't a blatant anti-trust violation, I don't know what is. Didn't the EU just assess a 1/2 billion dollar fine over this very behavior?
It is, and as you've noted, it's a glaringly obvious one at that. Aside from this, we see an article above where the text mentions "increased competition" to OpenGL from D3D. Another abuse of monopoly power. The OGL implementations I've seen so far way out-perform D3D. The problem is that D3D ships with 90+ per cent of the new desktop machines out there, so it can still be a piece of trash and still dominate the market.
Perhaps some folks just don't get it. Requiring Microsoft to sell Media Player separately isn't the same as preventing them from offering the feature to the public. The DOJ can take action without actually hurting Microsoft's shareholders. Hey, if Media Player could actually stand on its own legs against the competition, MS would actually stand to make more by selling it as a separate component.
It starts up along with your system, so you don't have to worry about malware infecting your system during the short period between booting your system and the operating system and necessary drivers loading up.
This is a Windows thing I presume? Don't know how the rest of the world works, but when my firewalled servers start, everything is "denied" while the interfaces are brought up. Once that happens, it loads my ruleset.
Nope. I'm think about twenty years before that. :o)
I'd have no problem if those "albums" you speak of were going for $2.49. :o)
So, yes, it is a security hole, but it is also something that customers are happy about when they need it.
That's great, and I'm sure your customers appreciate it. But does it have to be 1) undocumented, and 2) on all the time without the option to be disabled? No, it doesn't. The customer should at least have to flip a switch to activate it. But because it doesn't work that way, ol' Fred has to always be looking over his shoulder and running his packet sniffers 24x7 because some manufacturer may have decided to include a major, trivially exploitable security hole on his hardware.
I don't buy the "that's the way the industry does it excuse." Obviously (judging from some of the other posters here) there is a better way to do it. There will always be a better way to do it.
Well, Cisco generally charges for a support contract before you're entitled to any firmware updates. Another reason not to use Cisco. OTOH, Cisco hardware doesn't die if you look at it crosseyed, so it's a tough choice I guess.
Oh, well that makes sense. Otherwise I'd have see the humor in the fact that the Japanese government is protecting industries that beat Intel in the past by flooding the RAM chip industry at a loss, then jacking up the price after the competitors were eliminated.
Anyway, go AMD!
That's also some damn good code. :>
Yeah, that's about as demeaning as you can get. But, you can always get a tax number and offer to train the competitor's new hires to do your quality of work... For a small consulting fee of course. :o)
I look into solar power every once in a while. As it stands, a typical suburban grid-addict like myself has almost no useful options. First off, those appliances you list form a tidy list of things that you can't run off of solar-panel charged batteries; High-current appliances really make the batteries work hard, and heat becomes an issue in the battery bank. Heaven forbid you try to run two of those appliances at once. As a matter of fact, google some solar-power forums and ask folks that use solar power about it. They'll probably say, "it's not worth (or is somewhat dangerous) draining the batteries for those appliancies, use LPG-powered ones instead." That adds a layer of complexity to maintaining the appliances, as well as the cost of fuel (and the fact that you'd have to give your current appliances the heave-ho).
The second issue is the cost of the panels (and the location), wiring, batteries, and installation. I have less than a quarter acre of property, as do most of the people in my area. My neighbors would most likely lynch me if I stuck an array of panels out on the property. That leaves the roof, which would be the most expensive installation option. Even considering that, I don't get enough sun exposure per day to meet the power requirements of the lighting and smaller equipment in my house. I have to find a safe spot to place the battery banks, so I've lost a chunk of space in my basement. Even a modest set of panels, batteries and installation is going to total in the high end of a four-digit figure (USD). I priced a ~$4700 installation (before realizing that I couldn't legally do my own wiring). I'd only save about $20/month because my major appliances would still need to be on the grid. It would be nearly 20 years before I broke even on the cost, assuming (implausibly) that nothing needed replacement during that time.
Third, the amount of maintenance (or the incovenience thereof) puts alternative power out of the reach of most folks. It's not like we hire our own linemen when the power lines need maintenance, it's all worked into the monthly rate. Alternative power is more expensive and a lot less convenient (you still have to be very mindful of your power consumption in a big installation). That's not a winning combination. Folks off the grid end up using alternate power sources like wind and water during to sun's "off months". Those are definitely not an option in urban/suburban areas, where consumption is highest. A few scattered rural alternative-power solutions aren't going to make a dent in the power consumption.
Only if everyone on your street goes with alternative power sources. Doubtful, considering the downsides.
Now you're talking. But the regulators are going to have to be careful. Sometimes these things have unintended consequences, like low-water-use dishwashers that force the owners to practically wash dishes by hard first, or high-efficiency air-conditioners that have to be run four times as long as a "less efficient" model to bring the room down to the same temperature.
I think some sincere encouragement is the way to go first. For example: Compact fluorescent lightbulbs come in more styles now that ever before. They are instant-on, quiet, flicker-free, brighter than standard bulbs, and they last at least five times as long. People don't buy them. Why? Because they're penny-wise and pound-foolish. The super-twist bulbs may cost $5 as opposed to about 78 cents, but they use a quarter of the power. I just counted 15 bulbs that I replaced with super-twist fluorescent models. The bulbs have alre
...but I'm sure no 'serious' company would consider it because they don't have their digital rights preserved."
I was just going to silently moderate in here until I read this line. There's nothing special about a WMA or Real Audio stream that prevents it from being dumped to disk, or prevents a program from dumping the decoded data to a file, so let's just drop it as far as "use-prevention" concerned. If it makes them feel safer, can't we just add a DRM spec to Vorbis? It won't protect the content, but it'll at least make Vorbis a contender. Given the choice between all the video and audio formats out there, I'd pick DiVX and Vorbis over all of them. Not because of royalty issues, but because they're technically superior to all the other garbage, and they're readable on all platforms. If I can't have Vorbis, then I'll take MP3 as a second pick.
Yes, I did recognize the author's use of sarcasm.
So you can sue and use your journal as evidence? Who's going to believe that it is more reliable than the computer records?
The answer is: You can't trust either party, because both have something to gain by manipulating the measuring device. Aren't these systems independently verified for accuracy? I don't know why it's different in Texas, but everywhere I've worked (that had an electronic timecard system) *DID NOT* allow the system to be tampered with in any way. I haven't checked the law, but this leads me to believe there is a regulation regarding the integrity of these systems (probably only applies to non-union workers). If the system could be manipulated this easily by managers, what would stop the managers from manipulating anyone's hours arbitrarily? Think about it, what's to stop a manager from creating a cash-only merchandise theft ring with his employees? He's already doing something illegal by tampering with the system, why not get something more in return for the risk?
Any idiot lawmaker with one working brain cell must realize that you can't have a party calibrate its own equipment and make trade based on that, because that would be a conflict of interest. That's why the Post Office weighs your package, and not you. That's why gas pumps are calibrated and certified by a third party, and not the franchise owner. "Duh."
I was not aware that nvidia cards forced you to install every driver update.
I was not aware that "drivers" included DRM application software that cannot be separately uninstalled. There's not reason to dump this junk on consumers. It's "use protection", not "copy protection."
I don't understand why Sun can just pull Microsoft's license so they can't call it "Java" anymore. I would say Sun is a little shortsighted, but there's no hope for them with Ashcroft asleep at the wheel. The 2 billion is just a smokescreen. Microsoft wouldn't have budged if it didn't think it would be able to use its monopoly power to force a "C#" VM on the Windows users in the very near future.
Corel hasn't been that Linux-friendly in the past. They also historically ignored the "little" players with their application releases. Well, I've got StarOffice and OpenOffice now, so I no longer am looking for WP or Corel Draw on any platform.
If you aren't Microsoft, don't ignore the smaller players in the desktop PC field. You never know when Microsoft is going to use their monopoly power to take over your userbase.
I guess we all know the alternate term for "trolls" hanging around in Usenet then. The definition hasn't really changed much in a generation.
Hold on, there's a SWAT team banging on my door.
/usr/lib instead of /etc/samba? I mean, who puts configuration files in with userland libraries?
Excellent! Would it be too much trouble for you to go outside and ask the SWAT dev team why the default is to look for smb.conf inside