I will only get one if a) They play my 300+ dvd movies i already have [both burned and original] b) the player comes down in price comparable to a normal DVD player c) the movies themselves sell for as much as DVDs cost now and d) I can play burned blue-ray movies [when the technology comes out for home use] in the player.
Yea, it'll be a few years before I buy one of these as well. To your list I'll add (e) I have the cash to buy a new HD display.
When they talk about "DVD will be around for a while" they're talking about guys like you and I. As an added bonus for waiting until all of our requirements are met, we'll also get (f) the ability to pick the winning format between Blu-ray and HD-DVD.
If it's a mistake you shouldn't have any problem finding the x86 xnu source tree for 10.4.5 on opensource.apple.com.
Well now, that is interesting... it isn't there for 10.4.4 either, though... and I see it's still there for OS X PPC. Just not x86.
Disappointing. Not necessarily taking anything away from us there, I suppose, but still disappointing.
Previously, you could compile the source for either PPC or x86. Does the source listed under PPC not compile for x86 ? Perhaps we're just not seeing the xnu source in the x86 listing because it's not x86 specific ? yea, I know... grasping at straws, I have no idea what's going on here, I'm not even seriously remotely interested in diving that far down... if I were to run a *nix on Intel, it'd be Linux, BSD, or Solaris ( probably in that order ), and GNUStep will compile on any of those, so no real interest in Darwin here, except as an academic exercise.
I was actually talking about the cctools thing being a mistake, though, in my defense. The xnu bit... well, I certainly wouldn't be shocked that Apple might hold back some of the 'real' guts they use there, even if they do release something usable as a kernel in source eventually... still sad, though. It'd be best if Apple felt they could let ( and even help ) people build Darwin on a generic machine similar to their own x86 machines.
On the right hand side, for instance of that moon landing page, click "Download". Pick iPod or PSP so you get an actual mp4 instead of a crappy google video player link.
If it really bothers you that you can't have 'em for download, well...you can pay for the digitization, too.
Just for the record, this comment was much more helpful than yours.
There's not a lot of political will for the government to digitize all this stuff on its own
It's interesting... you don't find that odd? How much could it really cost? Wouldn't it benefit the public good for the government to provide for wider distribution the publicly-owned historicaly imporant content of it's libraries' film archives? Is the public good, knowledge, and academics really that unimportant to the government and people of the United States ?
Might not the government be able to partner with private industry, i.e. a company like Google, to get the work done at a minimum of taxpayer expense ? Why wouldn't that be a good thing to do? Who would oppose it ? Would it really cost that much to even do a limited amount of such digitization, say a staff of five and their equipment to get the really 'important' stuff ?
Saying there's no political will, without saying why, seems like a bit of a cop-out. I mean, you're welcome to the position... it just seems odd to effectively say "there's no reason it should be done". A lot of taxpayers would like to see it done... why wouldn't it be done?
since we *own* it, we should really be able to download our own copies of this footage, rather than being forced to get a broadband connection to the internet and access Google's ( kinda junky, IMHO ) in-browser web player every time we want to view these.
I do like the fact that Google is digitizing this footage, though IMHO the government spending money on doing that and providing the end result to the public would be a much, much better way to spend our tax dollars than several other much more expensive expensive government projects I can think of...
...considering Yahoo's music service uses a proprietary media player (Yahoo's) with a proprietary DRM implementation (Microsoft's) on the subscription model where your music is all deleted when you cancel your subscription... by DRM.
Very, very interesting... that this is the guy saying 'DRM hurts the customer experience' speaks volumes, because he's speaking from the experience of the online music retailer. He's speaking from the experience of running a service which ostensibly makes the same offering, but gets it's ass handed to it by iTMS... and you just know Yahoo has done the research and it all comes down 'customer experience', i.e. there's stuff people would like to and expect to do that they get annoyed about when they find they are restricted by DRM, be it keep 'their' music after the subscription ends, burn a CD, or put music on an iPod without ( to the average user, very difficult ) DRM-stripping and format conversion.
People are quick to blame the iPod's FairPlay-only DRM and Apple's refusal to license that, or to open up the iPod to Windows DRM, but really, it's the DRM in general that's hurting things, and part of the reason that iTMS is doing so well may have less to do with the iPod ( though there is a bit of that ) and more to do with the overall 'consumer experience', including the lighter DRM restrictions; you can burn MP3 CDs, you get to keep your music 'forever', you get to move your music between several computers, put it on as many iPods as you want, etc... as much as record company execs want to pretend the users don't care about that stuff, it's clear that they are wrong.
Disclaimer : I don't buy music online, I still buy CDs... about as many as ever, which is not many, because they're so damn expensive...
It would have been something REALLY embarrassing. Like a Britney song. Or some of that American Idle (no typo) crap.
Or imagine him DLing some Boyband junk. Or Tokyo Hotel. Oh, the ways of f..ing up when DLing music today are so numerous, you could get ridiculed for pretty much anything there is in the charts today.
You really think Coldplay isn't as bad as any of that other stuff you mentioned ?
Man, you're in *denial*.
p.s... out of morbid curiosity, what's Tokyo Hotel? Nothing shows up in iTunes for that, and Google just wants to show you places to stay no matter how many words like "pop" and "music" I add to the search...
But really, Britney less embarassing than Coldplay ? You wish...
Ok, I'm going to admit this is somewhat redundant, as a number of posts already point this out, but the story just isn't true.
Might the Intel transition impact Darwin's open source status a bit? Sure, it might. It will certainly make releases a bit slower as code is reviewed and seriously sensitive bits ( if any ) removed, but I'm not sure I see the reason why Darwin builds shouldn't be able to be done going forward...
Dude, THE EXECUTE BIT IS SET, otherwise bash wouldn't have tried to run it as a command (rather than as an argument to/bin/bash).
Ah, I see... sorry for being dense, I didn't think bash had a chance to check the execute bit once Terminal grabbed the file. Now I see the sample attack does have the execute bit set; Terminal's.term files don't need to have the execute bit set, I thought the same was true here, but it's not. This begs the question... why the heck doesn't Safari or Mail notice that ( even just one file of ) the attachment has the execute bit set and sound the warning bell ? That seems like the most basic check- what, it only gives you the warning if there's an actual.app package with a.app suffix?!? That's stupid, sorry Apple...
I also see your point that even Safari checking for the execute bit is not enough, but uh... I also see the point that people in general ( and some people specifically ) are a lot less paranoid about security than you and I are. I'm sure you think they are idiots, and I would agree, but there are plenty of people out there who would rather have a word file open when downloaded than be safe against this sort of attack. That shouldn't be the default option, but if you want to go motorcycle riding without a helmet, Apple shouldn't be the one to stop you, really...
All that being true, I should *still* be able to tell from looking at a file in the Finder if the execute bit is set. Like I said, forget Safari and Mail. If this file is sitting on a file server or CD, and I'm using Finder to look at it, there should be some visual indication that it's executable, as there is when you type 'ls' in a shell!
~/Desktop% ls Heise.jpg
Heise.jpg*
To me, the fact that the Finder and any other in-application ( say, Mail attachment ) representation of the file gives no indication of that important feature of the file is, IMHO, the *real* problem... forget Safari and Mail, they're just ways of getting the file, what I need to know as a user is "data or executable", and I should always be able to tell at a glance.
Abandon Finder and start over with the NeXTStep File Manager.
You're preaching to the choir on that one... not going to happen, we realize, but amen, brotha.
Stop using metadata for icons and file handlers and keep all that info separately from the files.
Possibly appropriate, but creates other problems and restricts what you can do with icons in a way that a lot of people would be unhappy about. Personally, I am not thrilled with the idea of icons being completely arbitrary ( as they are ), I think it causes too many problems, but... meh... some people like icons for JPEGs being previews of those jpegs, and I'm not sure enough that this helps...
Abandon "Open Safe Files After Download" and replace it with a system like LaunchServices but restricted to applications that are intended to handle "unsafe" files.
Like a Launch Services that has a list of apps like Terminal ( and what else, Word because of VB macros? Safari because of plugins that could write to your file system? Any developer tools? How do you enforce that ? ) and raises a warning if a downloaded file targets one of the apps on that list? Hmmm. Maybe.
Your list of fixes points to what a big problem this is, though. I thought slapping a band-aid on by requiring #! at the start of script...er , "Terminal command files" so that Mail and Safari could flag them was making a big change, your list is huge and not without it's issues!
really, I agree, though. There should be a preview ( image, or something else ) and an icon, and the two should not be the same. For a data file, the icon should tell you what application it's going to open with, anything else is broken; I'm pretty sure we definitely agree on that much.
There is. It's called "the execute bit". If the execute bit is set, then the file it's set on is executed. If it can't be executed by the kernel (based on the magic number on the first to bytes of the file), it's executed by the shell directly.
Again, you seem to somehow miss my point... won't a script ( let's call it foo.sh ) still execute ( even without the execute bit set ) if you give the command "bash foo.sh" ? That's a whole lot more like what happens when you double-click on a file; before that double-click, there is no shell. Launch Services checks the file meta-data, finds that it says "Terminal.app" then says "Terminal.app open foo.sh", roughly. So I don't think the execute bit helps or even comes into play here, and if it does, it's useless. The execute bit is a little ( but not much ) like the "open with" meta-data here, isn't it?
That might be one way to deal with this, though... rather than require the #! as I'd suggested, require an execute bit be set for Terminal.app to open a 'command file' as the Terminal help file stupidly calls them. Since there doesn't appear to be a UI for setting the execute bit, you'd have to do it _from_ the shell, and so although the attack would still be possible from a local file share ( or CD, etc ) it would be more difficult from a web browser or something that doesn't preserve permissions... meaning that downloaded scripts can't be executed with a double-click, which I guess fixes the problem, though if you *meant* to download a script you might be slightly inconvenienced, I suppose it'd be a fair trade-off.
I'd still prefer to be able to look at a file, or have a web browser or mail program look at a file, and tell me if it's going to run as a script or macro, or if it's actually a JPEG file. I realize that's actually a tall order, though.
America's Job Bank seems to be pretty good, specifically their subsidiary state sites. Postal Code is the generic international term for what we call a zip code.
To really be helpful, you should provide a link, it's not that hard. I'm going to have to disagree about the state sites, I couldn't even figure out where to do the job search for my state. It does provide a nice map and list of career training resources and the like, though! If I was entering/re-entering the job market, or didn't have specialized training, this might be very useful.
The zip code search isn't very useful, however, since for some bizarre reason it's restricted to "50 miles from the zip code" that you enter, so I'm still stuck looking at results that are easily 3 hour commutes from anywhere in my zip... really not much better than Yahoo's metro search, to be honest. I mean, shouldn't a zip code search limit you to *inside* that zip code, or at least provide that ability?
Anyway, thanks for pointing me at a job board I didn't even know about...
Its in fact a problem of BASH running shell scripts without #!
This is clearely GNUsabotage from RMS
Cool, I don't know if that's Funny or a Troll !
It may be a BASH problem ( that would be news to me ). If BASH will run a script without #!, that is a dumb thing... there *should* be some sort of way to tell if a file is going to execute in some manner, or that in itself is a security problem. If Apple can't change BASH, perhaps they should prevent Terminal from executing scripts from files that don't end in.sh or something like that.
I'm afraid we won't see a fix for this for a while, as it might take some time to get people to agree what the problem/fix really is...
BASH aside, though, it's Terminal.app that gets the Open command and loads the file, so it *does* have a chance to check for #! before handing off the script. I mean, maybe what comes after #! isn't/bin/sh, anyway.
You're using "censorship" in a nonstandard way -- one that is contrary to the spirit of its normal use.
Like I said, I understand what you're trying to say, but, in fact, when you look at the definitions and usage of "literary censorship", which is what you ( I think ) are talking about... no, it does not matter *who* is doing the censoring, just that the censoring is happening.
You seem convinced that your understanding of the word and it's usage is correct, without refering to anything other than your own thoughts, so I'm convinced that I won't be able to sway your viewpoint on the matter, but just consider for yourself that I am not the only person who has replied to your comment pointing out that your usage of the word censorship to mean "editorial censorship" or "institutional/government censorship" is not necessarily the one we all think of initially... nor, according to the resources I linked to previously, is it the accepted, broadly-used form of the word.
You are free to have a different opinion, and I do understand how you are intending to use the word. I'm just suggesting that it is perhaps not as clear as you think, and would like to recommend qualifying the word in the future to avoid misunderstanding.
My kid was using a mouse proficiently by the time he was 2 and a half. Yea, I finally figured out what that one-button Apple Pro mouse is good for.
Seriously ( although the above is true ), your kid should be doing lots of work with crayons and more traditional, tactile stuff... as well as spending some very heavily supervised time exploring a very basic MacPaint-style program on the computer... or a website or two. I cannot heap enough praise on some of the Flash apps ( god, I never thought I'd say it ) on Noggin or Sesame street. The animated coloring book apps ( with Oobi, the greatest googly-eyed hand ever ) are really fun and exciting, and a lot of the other games really focus on counting, letters, and memory skills... and they're just fun, too.
Really, you want your kid to get a head start reading ? Read them books every ( every ) night.
You want them to be artistic ? Sit down with them for a couple of hours every ( every ) day and do some coloring, painting, banging on drums.
You want your kid to be physically fit ? Spend some time with them every day throwing a ball, playing tag, playing with animals, riding a trike/bike, going for a nature walk.
You want your kid to be familiar with technology ? Well... just try to stop them, really, they're going to figure out how to work just about any electronic device around if they have any normal amount of curiosity, but if you want to give them a head start or a push in that direction, the same basic advice follows. Spend time with them in front of the computer... after you find some stuff you think is age-appropriate that they might enjoy, like a paint program ( hint: pattern fill tools and shading tools give kids a charge ) or a Flash game with their favorite Muppet or whatever... later you can introduce them to model rockets, electronics kits, 'food science' kits, science kits, and much later, simple programming tools.
Eventually, you may find that your biggest challenge is unplugging your kid and getting them to run around outside like people used to do back before cable and Tivo and Playstations. So programming your kid to like and do physical stuff might be your first goal... but there's nothing ( IMHO ) wrong with showing your kid how to use a computer. Personally, I'd recommend a Mac with a one-button mouse and a seriously locked-down user account ( with only the apps they might use enabled, and a carefully-picked set of bookmarked websites ) and you sitting there next to them, and limiting the duration, and not pushing it at all if they're disinterested or frustrated... there's plenty of time later for them to spend behind a screen. They should be playing with other kids as much as possible, really... balance is always good.
And yea. You should see a four-year-old kid's reaction to a model rocket shooting 600 feet in the air. BIG eyes.
what's the demographic of the average slashdot reader? late-teens to late twenties
I hate to break it to you, but given the number of people here who were senior-level developers during the dot-com era, I'm going to guess ( and that's all that we can do ) that the average age is much higher than you suspect. This website has been around for a long time. People who lurked for a long time before getting an account, and people who have low ID numbers ( um... yours isn't that high now that i mention it )... they're likely to be over 28 unless they started reading while in college.
Besides, I've seen people talking intelligently about Fortran and Cobol on this site... those guys have to push the average age up quite a bit;-)
No offense, but the/. crew is the LAST group of people on earth I would turn to for advice on parenting.
That's a different matter entirely. For the record, my kid was using a mouse proficiently well before his third birthday.
Bunch of left wing, tree hugging whiners if you ask me. Next you'll be spouting some dribble about voting in honest elections and representative government. Give those lefties an inch and they'll run this god-fearing nation right into the ground.
Worse, they'll start talking about "Geneva conventions", as if laws should apply to the executive branch! Don't these people know we're *at war*!?!
Just one real question, though... I'm not aware how these things work, but...
what's the problem with confiscating a few servers and taking a business offline?
I know eDonkey sells client software, but was this Razorback2 thing a business? How did it make money ? Was it run by the folks who sell client software, or is there some other business operation there ?
Ohh... I know I made an earlier comment here, but I just learned a little tidbit which is actually very important.
The real bug is in Terminal.app - it runs scripts even if they don't start with the shebang ( #! )... and that #! is what Safari and Mail would ( and, to my surprise, do ! ) look for to spot a script and warn the user that this file is an executable of sorts.
So, there is a real, live, no-good bug with security implications here... it's just in Terminal.app. The general problem of scripts as data doesn't go away, but such things ( outside of maybe MS Office macros ) tend to be far and few between, and are very much application-specific security issues that users of those apps will, I suppose, just have to be aware of...
There is no supression of information, simply a refusal to share with you.
That's a mighty fine line you're walking there... are you sure the sentance above doesn't look sort of silly?
Don't get me wrong; I think I understand exactly what you're trying to say... but I'm not sure even google agrees entirely with your narrow definition of censorship. Censorship is a broad term, and if you're going to make specific statements about it, it's best to qualify it to mean what you expect it to mean. If I do a Google define on censor, I get
ban: forbid the public distribution of ( a movie or a newspaper)
The user has banned the public distribution of this movie in the U.S.
If I look up the same word in the good ol' Merriam-Webster, I get :
Function: noun
1 a : the institution, system, or practice of censoring
with "censoring" linked to
to examine in order to suppress or delete anything considered objectionable
While you may argue that I could get it somewhere else ( if it were offered somewhere else, which is another matter all together ), the simple truth is that the user censored their copy in the U.S. It's not government censorship, it's not official censorship in any obvious manner, but to argue that it's not censorship as you do is to argue the very definition of the word censorship. Yes, it is censorship when a publisher decides not to publish information for whatever reason. No, censorship as such is not necessarily evil, but does almost always limit the free flow of information, by definition. Yes, the origin of the word has to do with government ( the Roman government, according to my sources ) suppressing information systematically, but... wasn't the google user's ( and in particular, Google's ) suppre... uh, sorry, refusal to share information... at least somewhat systematic ?
See, it's all a matter of definition, and unless you're saying "government censorship", instead of "censorship", then... sorry, it looks like this is censorship, even if just by a Google user with Google's help.
And no, I did not mean to imply, nor did I imply, that this was government censorship... although the reclassification without justification of public record as described in the story certainly is censorship by any definition... again, another matter.
I thank my lucky stars everyday that I'm allowed to work from home.
The worst part for a job seeker, though, is that your employee likely doesn't mention that fact until as late in the process as possible... likely well after the hire. There are a couple of companies on the other side of the area from me that I'd love to apply for, and that I know of people who work from home at those companies, but asking for that ability up-front would put me at such a disadvantage I'd likely never get hired, and there's no way I could survive that commute if I really had to do it every day.
This is very very like naming a Windows file foo.jpg.vbs... and I'm not sure, but I think this has always been around. In OS X, both the file extension and the icon are independant properties of the application the file opens with.
The default setup for OS X is to not even show the file extension, isn't it ? The file extension in this 'attack' is almost a side note.
Most importantly, I think it's a good thing to notice that there's no real fix possible to this issue. Always using Lauch Service's default file mapping ( doing what windows does, essentially ) just 'limits' the problem to files with.jpo or.jpg._weirdextension_ extensions, and users who don't 'show extensions' by defaults are still going to go by the icon and double-click that file... a virus-scanning program won't detect these files, they're *data*...
The only 'ultimate' workaround to this would be what, to prevent any application from running a script as part of it's data file?
Ultimately, this just boils down to not double-clicking on random files loaded off of the internet, and keeping good backups as the only real way to protect your data... it sucks, but it's reality...
Not running as an Admin user is a good idea, too, but that just protects your system files, and it's the user data files that are most precious to your typical user...
This is not Google censoring anything, the person who uploaded the video just indicated that it should not be viewable in the USA.
So the person uploading it censored it, is that what you're saying? Or they're just using a Google feature than enables per-country censorship ? Or are you somehow trying to infer that this isn't censorship, although it's terribly like censorship?
I just want to be clear on this... and make sure we're all clear that this doesn't have anything to do with the classification ( or not ) of the video ( or other documents ) by the CIA.
Who would really want to spend 45 minutes _driving_ to work? *shudder*
I know someone responded to you with "average LA worker dreams of a commute that short", and I'd like to second that for the SF Bay Area worker. The average commute time for someone living in Contra Costa county in *2000* was nearly 35 minutes, and no county showed an average less than 20 minutes... and that's the statistical average, accounting for folks ( like me ) who work very close to home, and things have gotten worse, not better.
And we're talking about looking for a new job here, so that 45 minutes is a *maximum*, and at some point ( depending on the location ) most sane people would consider moving closer to their work... but many of us know we should be able to find employment closer to our current location, and don't want to uproot our family for a gig without being really, really certain, so yea, 45 minutes isn't bad. The problem is that a 45 minute commute in one direction might be a lot longer than a 45 minute commute in another direction, but the point is, most websites don't even give a good way of searching by a group of cities, much less zip codes or even much much less point-to-point distances, which is what we *really* want.
Postal and Zip code distances can be calculated - every online dating site can tell you if you are X kms from another user based on postal code.
So... would you care to point out the jobs website that displays and/or lets you sort results by zip code ? Because I'd like to use it, and it's not Moster, Yahoo or DICE.
If the websites would even give that much information, that'd be a start, but even then... Yahoo jobs will let you sort by city, but that *sucks*, to be honest, it's not what we want... there are 25 or so cities in my "metro search" area, and maybe 9 that I'd consider working in... PITA search, I have to tell you. DICE lets you search by area code, but that sucks, too- some area codes are *huge* areas!
I must agree with the parent post that this is the biggest failure from the applicant's side, once recruiters are filtered out of the picture ( which, uh, a lot of sites actually have that feature ). I think they don't implement a good search-area filter because it'd limit the employer's hits, to be honest.
what's a postal code as opposed to a zip code, btw ? Is that the full 9-digit zip?
Slashdot Mirror
Yea, it'll be a few years before I buy one of these as well. To your list I'll add (e) I have the cash to buy a new HD display.
When they talk about "DVD will be around for a while" they're talking about guys like you and I. As an added bonus for waiting until all of our requirements are met, we'll also get (f) the ability to pick the winning format between Blu-ray and HD-DVD.
Man, I'd be so happy if a PS3 was $300. I'm going to have to belive it'll be closer to $500, though, at least until I see it.
Well now, that is interesting... it isn't there for 10.4.4 either, though... and I see it's still there for OS X PPC. Just not x86.
Disappointing. Not necessarily taking anything away from us there, I suppose, but still disappointing.
Previously, you could compile the source for either PPC or x86. Does the source listed under PPC not compile for x86 ? Perhaps we're just not seeing the xnu source in the x86 listing because it's not x86 specific ? yea, I know... grasping at straws, I have no idea what's going on here, I'm not even seriously remotely interested in diving that far down... if I were to run a *nix on Intel, it'd be Linux, BSD, or Solaris ( probably in that order ), and GNUStep will compile on any of those, so no real interest in Darwin here, except as an academic exercise.
I was actually talking about the cctools thing being a mistake, though, in my defense. The xnu bit... well, I certainly wouldn't be shocked that Apple might hold back some of the 'real' guts they use there, even if they do release something usable as a kernel in source eventually... still sad, though. It'd be best if Apple felt they could let ( and even help ) people build Darwin on a generic machine similar to their own x86 machines.
Thanks. That's the comment I was looking for.
Just for the record, this comment was much more helpful than yours.
There's not a lot of political will for the government to digitize all this stuff on its own
It's interesting... you don't find that odd? How much could it really cost? Wouldn't it benefit the public good for the government to provide for wider distribution the publicly-owned historicaly imporant content of it's libraries' film archives? Is the public good, knowledge, and academics really that unimportant to the government and people of the United States ?
Might not the government be able to partner with private industry, i.e. a company like Google, to get the work done at a minimum of taxpayer expense ? Why wouldn't that be a good thing to do? Who would oppose it ? Would it really cost that much to even do a limited amount of such digitization, say a staff of five and their equipment to get the really 'important' stuff ?
Saying there's no political will, without saying why, seems like a bit of a cop-out. I mean, you're welcome to the position... it just seems odd to effectively say "there's no reason it should be done". A lot of taxpayers would like to see it done... why wouldn't it be done?
I do like the fact that Google is digitizing this footage, though IMHO the government spending money on doing that and providing the end result to the public would be a much, much better way to spend our tax dollars than several other much more expensive expensive government projects I can think of...
Very, very interesting... that this is the guy saying 'DRM hurts the customer experience' speaks volumes, because he's speaking from the experience of the online music retailer. He's speaking from the experience of running a service which ostensibly makes the same offering, but gets it's ass handed to it by iTMS... and you just know Yahoo has done the research and it all comes down 'customer experience', i.e. there's stuff people would like to and expect to do that they get annoyed about when they find they are restricted by DRM, be it keep 'their' music after the subscription ends, burn a CD, or put music on an iPod without ( to the average user, very difficult ) DRM-stripping and format conversion.
People are quick to blame the iPod's FairPlay-only DRM and Apple's refusal to license that, or to open up the iPod to Windows DRM, but really, it's the DRM in general that's hurting things, and part of the reason that iTMS is doing so well may have less to do with the iPod ( though there is a bit of that ) and more to do with the overall 'consumer experience', including the lighter DRM restrictions; you can burn MP3 CDs, you get to keep your music 'forever', you get to move your music between several computers, put it on as many iPods as you want, etc... as much as record company execs want to pretend the users don't care about that stuff, it's clear that they are wrong.
Disclaimer : I don't buy music online, I still buy CDs... about as many as ever, which is not many, because they're so damn expensive...
You really think Coldplay isn't as bad as any of that other stuff you mentioned ?
Man, you're in *denial*.
p.s... out of morbid curiosity, what's Tokyo Hotel? Nothing shows up in iTunes for that, and Google just wants to show you places to stay no matter how many words like "pop" and "music" I add to the search...
But really, Britney less embarassing than Coldplay ? You wish...
Might the Intel transition impact Darwin's open source status a bit? Sure, it might. It will certainly make releases a bit slower as code is reviewed and seriously sensitive bits ( if any ) removed, but I'm not sure I see the reason why Darwin builds shouldn't be able to be done going forward...
Ah, I see... sorry for being dense, I didn't think bash had a chance to check the execute bit once Terminal grabbed the file. Now I see the sample attack does have the execute bit set; Terminal's .term files don't need to have the execute bit set, I thought the same was true here, but it's not. This begs the question... why the heck doesn't Safari or Mail notice that ( even just one file of ) the attachment has the execute bit set and sound the warning bell ? That seems like the most basic check- what, it only gives you the warning if there's an actual .app package with a .app suffix?!? That's stupid, sorry Apple...
I also see your point that even Safari checking for the execute bit is not enough, but uh... I also see the point that people in general ( and some people specifically ) are a lot less paranoid about security than you and I are. I'm sure you think they are idiots, and I would agree, but there are plenty of people out there who would rather have a word file open when downloaded than be safe against this sort of attack. That shouldn't be the default option, but if you want to go motorcycle riding without a helmet, Apple shouldn't be the one to stop you, really...
All that being true, I should *still* be able to tell from looking at a file in the Finder if the execute bit is set. Like I said, forget Safari and Mail. If this file is sitting on a file server or CD, and I'm using Finder to look at it, there should be some visual indication that it's executable, as there is when you type 'ls' in a shell!
To me, the fact that the Finder and any other in-application ( say, Mail attachment ) representation of the file gives no indication of that important feature of the file is, IMHO, the *real* problem... forget Safari and Mail, they're just ways of getting the file, what I need to know as a user is "data or executable", and I should always be able to tell at a glance.
You're preaching to the choir on that one... not going to happen, we realize, but amen, brotha.
Stop using metadata for icons and file handlers and keep all that info separately from the files.
Possibly appropriate, but creates other problems and restricts what you can do with icons in a way that a lot of people would be unhappy about. Personally, I am not thrilled with the idea of icons being completely arbitrary ( as they are ), I think it causes too many problems, but... meh... some people like icons for JPEGs being previews of those jpegs, and I'm not sure enough that this helps...
Abandon "Open Safe Files After Download" and replace it with a system like LaunchServices but restricted to applications that are intended to handle "unsafe" files.
Like a Launch Services that has a list of apps like Terminal ( and what else, Word because of VB macros? Safari because of plugins that could write to your file system? Any developer tools? How do you enforce that ? ) and raises a warning if a downloaded file targets one of the apps on that list? Hmmm. Maybe.
Your list of fixes points to what a big problem this is, though. I thought slapping a band-aid on by requiring #! at the start of script...er , "Terminal command files" so that Mail and Safari could flag them was making a big change, your list is huge and not without it's issues!
really, I agree, though. There should be a preview ( image, or something else ) and an icon, and the two should not be the same. For a data file, the icon should tell you what application it's going to open with, anything else is broken; I'm pretty sure we definitely agree on that much.
Again, you seem to somehow miss my point... won't a script ( let's call it foo.sh ) still execute ( even without the execute bit set ) if you give the command "bash foo.sh" ? That's a whole lot more like what happens when you double-click on a file; before that double-click, there is no shell. Launch Services checks the file meta-data, finds that it says "Terminal.app" then says "Terminal.app open foo.sh", roughly. So I don't think the execute bit helps or even comes into play here, and if it does, it's useless. The execute bit is a little ( but not much ) like the "open with" meta-data here, isn't it?
That might be one way to deal with this, though... rather than require the #! as I'd suggested, require an execute bit be set for Terminal.app to open a 'command file' as the Terminal help file stupidly calls them. Since there doesn't appear to be a UI for setting the execute bit, you'd have to do it _from_ the shell, and so although the attack would still be possible from a local file share ( or CD, etc ) it would be more difficult from a web browser or something that doesn't preserve permissions... meaning that downloaded scripts can't be executed with a double-click, which I guess fixes the problem, though if you *meant* to download a script you might be slightly inconvenienced, I suppose it'd be a fair trade-off.
I'd still prefer to be able to look at a file, or have a web browser or mail program look at a file, and tell me if it's going to run as a script or macro, or if it's actually a JPEG file. I realize that's actually a tall order, though.
To really be helpful, you should provide a link, it's not that hard. I'm going to have to disagree about the state sites, I couldn't even figure out where to do the job search for my state. It does provide a nice map and list of career training resources and the like, though! If I was entering/re-entering the job market, or didn't have specialized training, this might be very useful.
The zip code search isn't very useful, however, since for some bizarre reason it's restricted to "50 miles from the zip code" that you enter, so I'm still stuck looking at results that are easily 3 hour commutes from anywhere in my zip... really not much better than Yahoo's metro search, to be honest. I mean, shouldn't a zip code search limit you to *inside* that zip code, or at least provide that ability?
Anyway, thanks for pointing me at a job board I didn't even know about...
Cool, I don't know if that's Funny or a Troll !
It may be a BASH problem ( that would be news to me ). If BASH will run a script without #!, that is a dumb thing... there *should* be some sort of way to tell if a file is going to execute in some manner, or that in itself is a security problem. If Apple can't change BASH, perhaps they should prevent Terminal from executing scripts from files that don't end in .sh or something like that.
I'm afraid we won't see a fix for this for a while, as it might take some time to get people to agree what the problem/fix really is...
BASH aside, though, it's Terminal.app that gets the Open command and loads the file, so it *does* have a chance to check for #! before handing off the script. I mean, maybe what comes after #! isn't /bin/sh, anyway.
Like I said, I understand what you're trying to say, but, in fact, when you look at the definitions and usage of "literary censorship", which is what you ( I think ) are talking about... no, it does not matter *who* is doing the censoring, just that the censoring is happening.
You seem convinced that your understanding of the word and it's usage is correct, without refering to anything other than your own thoughts, so I'm convinced that I won't be able to sway your viewpoint on the matter, but just consider for yourself that I am not the only person who has replied to your comment pointing out that your usage of the word censorship to mean "editorial censorship" or "institutional/government censorship" is not necessarily the one we all think of initially... nor, according to the resources I linked to previously, is it the accepted, broadly-used form of the word.
You are free to have a different opinion, and I do understand how you are intending to use the word. I'm just suggesting that it is perhaps not as clear as you think, and would like to recommend qualifying the word in the future to avoid misunderstanding.
Seriously ( although the above is true ), your kid should be doing lots of work with crayons and more traditional, tactile stuff... as well as spending some very heavily supervised time exploring a very basic MacPaint-style program on the computer... or a website or two. I cannot heap enough praise on some of the Flash apps ( god, I never thought I'd say it ) on Noggin or Sesame street. The animated coloring book apps ( with Oobi, the greatest googly-eyed hand ever ) are really fun and exciting, and a lot of the other games really focus on counting, letters, and memory skills... and they're just fun, too.
Really, you want your kid to get a head start reading ? Read them books every ( every ) night.
You want them to be artistic ? Sit down with them for a couple of hours every ( every ) day and do some coloring, painting, banging on drums.
You want your kid to be physically fit ? Spend some time with them every day throwing a ball, playing tag, playing with animals, riding a trike/bike, going for a nature walk.
You want your kid to be familiar with technology ? Well... just try to stop them, really, they're going to figure out how to work just about any electronic device around if they have any normal amount of curiosity, but if you want to give them a head start or a push in that direction, the same basic advice follows. Spend time with them in front of the computer... after you find some stuff you think is age-appropriate that they might enjoy, like a paint program ( hint: pattern fill tools and shading tools give kids a charge ) or a Flash game with their favorite Muppet or whatever... later you can introduce them to model rockets, electronics kits, 'food science' kits, science kits, and much later, simple programming tools.
Eventually, you may find that your biggest challenge is unplugging your kid and getting them to run around outside like people used to do back before cable and Tivo and Playstations. So programming your kid to like and do physical stuff might be your first goal... but there's nothing ( IMHO ) wrong with showing your kid how to use a computer. Personally, I'd recommend a Mac with a one-button mouse and a seriously locked-down user account ( with only the apps they might use enabled, and a carefully-picked set of bookmarked websites ) and you sitting there next to them, and limiting the duration, and not pushing it at all if they're disinterested or frustrated... there's plenty of time later for them to spend behind a screen. They should be playing with other kids as much as possible, really... balance is always good.
And yea. You should see a four-year-old kid's reaction to a model rocket shooting 600 feet in the air. BIG eyes.
I hate to break it to you, but given the number of people here who were senior-level developers during the dot-com era, I'm going to guess ( and that's all that we can do ) that the average age is much higher than you suspect. This website has been around for a long time. People who lurked for a long time before getting an account, and people who have low ID numbers ( um... yours isn't that high now that i mention it )... they're likely to be over 28 unless they started reading while in college.
Besides, I've seen people talking intelligently about Fortran and Cobol on this site... those guys have to push the average age up quite a bit ;-)
No offense, but the /. crew is the LAST group of people on earth I would turn to for advice on parenting.
That's a different matter entirely. For the record, my kid was using a mouse proficiently well before his third birthday.
Worse, they'll start talking about "Geneva conventions", as if laws should apply to the executive branch! Don't these people know we're *at war*!?!
Just one real question, though... I'm not aware how these things work, but...
what's the problem with confiscating a few servers and taking a business offline?
I know eDonkey sells client software, but was this Razorback2 thing a business? How did it make money ? Was it run by the folks who sell client software, or is there some other business operation there ?
The real bug is in Terminal.app - it runs scripts even if they don't start with the shebang ( #! )... and that #! is what Safari and Mail would ( and, to my surprise, do ! ) look for to spot a script and warn the user that this file is an executable of sorts.
So, there is a real, live, no-good bug with security implications here... it's just in Terminal.app. The general problem of scripts as data doesn't go away, but such things ( outside of maybe MS Office macros ) tend to be far and few between, and are very much application-specific security issues that users of those apps will, I suppose, just have to be aware of...
That's a mighty fine line you're walking there... are you sure the sentance above doesn't look sort of silly?
Don't get me wrong; I think I understand exactly what you're trying to say... but I'm not sure even google agrees entirely with your narrow definition of censorship. Censorship is a broad term, and if you're going to make specific statements about it, it's best to qualify it to mean what you expect it to mean. If I do a Google define on censor, I get
The user has banned the public distribution of this movie in the U.S.
If I look up the same word in the good ol' Merriam-Webster, I get :
with "censoring" linked to
While you may argue that I could get it somewhere else ( if it were offered somewhere else, which is another matter all together ), the simple truth is that the user censored their copy in the U.S. It's not government censorship, it's not official censorship in any obvious manner, but to argue that it's not censorship as you do is to argue the very definition of the word censorship. Yes, it is censorship when a publisher decides not to publish information for whatever reason. No, censorship as such is not necessarily evil, but does almost always limit the free flow of information, by definition. Yes, the origin of the word has to do with government ( the Roman government, according to my sources ) suppressing information systematically, but... wasn't the google user's ( and in particular, Google's ) suppre... uh, sorry, refusal to share information... at least somewhat systematic ?
See, it's all a matter of definition, and unless you're saying "government censorship", instead of "censorship", then... sorry, it looks like this is censorship, even if just by a Google user with Google's help.
And no, I did not mean to imply, nor did I imply, that this was government censorship... although the reclassification without justification of public record as described in the story certainly is censorship by any definition... again, another matter.
The worst part for a job seeker, though, is that your employee likely doesn't mention that fact until as late in the process as possible... likely well after the hire. There are a couple of companies on the other side of the area from me that I'd love to apply for, and that I know of people who work from home at those companies, but asking for that ability up-front would put me at such a disadvantage I'd likely never get hired, and there's no way I could survive that commute if I really had to do it every day.
The default setup for OS X is to not even show the file extension, isn't it ? The file extension in this 'attack' is almost a side note.
Most importantly, I think it's a good thing to notice that there's no real fix possible to this issue. Always using Lauch Service's default file mapping ( doing what windows does, essentially ) just 'limits' the problem to files with .jpo or .jpg._weirdextension_ extensions, and users who don't 'show extensions' by defaults are still going to go by the icon and double-click that file... a virus-scanning program won't detect these files, they're *data*...
The only 'ultimate' workaround to this would be what, to prevent any application from running a script as part of it's data file?
Ultimately, this just boils down to not double-clicking on random files loaded off of the internet, and keeping good backups as the only real way to protect your data... it sucks, but it's reality...
Not running as an Admin user is a good idea, too, but that just protects your system files, and it's the user data files that are most precious to your typical user...
So the person uploading it censored it, is that what you're saying? Or they're just using a Google feature than enables per-country censorship ? Or are you somehow trying to infer that this isn't censorship, although it's terribly like censorship?
I just want to be clear on this... and make sure we're all clear that this doesn't have anything to do with the classification ( or not ) of the video ( or other documents ) by the CIA.
I know someone responded to you with "average LA worker dreams of a commute that short", and I'd like to second that for the SF Bay Area worker. The average commute time for someone living in Contra Costa county in *2000* was nearly 35 minutes, and no county showed an average less than 20 minutes... and that's the statistical average, accounting for folks ( like me ) who work very close to home, and things have gotten worse, not better.
And we're talking about looking for a new job here, so that 45 minutes is a *maximum*, and at some point ( depending on the location ) most sane people would consider moving closer to their work... but many of us know we should be able to find employment closer to our current location, and don't want to uproot our family for a gig without being really, really certain, so yea, 45 minutes isn't bad. The problem is that a 45 minute commute in one direction might be a lot longer than a 45 minute commute in another direction, but the point is, most websites don't even give a good way of searching by a group of cities, much less zip codes or even much much less point-to-point distances, which is what we *really* want.
So... would you care to point out the jobs website that displays and/or lets you sort results by zip code ? Because I'd like to use it, and it's not Moster, Yahoo or DICE.
If the websites would even give that much information, that'd be a start, but even then... Yahoo jobs will let you sort by city, but that *sucks*, to be honest, it's not what we want... there are 25 or so cities in my "metro search" area, and maybe 9 that I'd consider working in... PITA search, I have to tell you. DICE lets you search by area code, but that sucks, too- some area codes are *huge* areas!
I must agree with the parent post that this is the biggest failure from the applicant's side, once recruiters are filtered out of the picture ( which, uh, a lot of sites actually have that feature ). I think they don't implement a good search-area filter because it'd limit the employer's hits, to be honest.
what's a postal code as opposed to a zip code, btw ? Is that the full 9-digit zip?