You mean to tell me that a program running as an unpriviledged user can access priviledged files? That hasn't been my experience with WinXP. The indexer runs in the background as the user that installed the program.
Anyway, this is all moot. It was designed for single user systems (ie, 99% of the installed home user base).
But it's not supposed to let you see files you don't have access to. And apparently that's what the reporter found - they couldn't access the files directly, but they WERE able to access them through the google cache.
Okay, time to debunk this article.
Boys and girls, open your command prompt and type:
C:\Documents and Settings\ben>tasklist/V/FI "IMAGENAME eq GoogleDesktopIndex.exe"
Image Name - PID Session Name - Session# - Mem Usage - Status - User Name - CPU Time Window Title GoogleDesktopIndex.exe - 1604 Console - 0 - 2,220 K - Running - BLACKHOLE\ben - 0:00:00 - _GD_Index
(reformatted so that/. would let me post this, but the data is the same)
You will notice that the GoogleIndexer is actually running as my username (non-priviledged). In fact, all of the google programs currently running on my computer are running as the person logged in. If you happen to be running as Administrator, then you will be able to see all of the files on the computer. It is impossible for the indexer to look at files that I can't access through a normal way (via explorer). Conclusion, this article was probably written by a MS PR Monkey trying to cast a little FUD towards one of their main competitors in the search market...Google.
The problem as I see it is in the startlingly easy way google desktop search makes intrusion possible, sometimes even without the person searching intentionally looking into other user's data. Any keyword I type is an instantaneous hook into the world of the other user who used the pc before me. That is what I find scary.
But that's just it. It's a SEARCH tool. It's supposed to find things that you don't know about. If it didn't, it wouldn't be a very good search tool. This should not be installed on public computers. And, if you are personally are concerned about it, there are products out there that will store all that sensitive information (browser history, email files) on a USB drive that you plug into the public computer before use.
As it is, I don't know how useful it will be to the average/. user. It only indexes files in your Documents directory, it only indexes a handful of files (.doc,.xls,.txt,.html files for example). It has SEVERAL limitations that are annoying. For example: I want it to index my java source code and javadocs for the project I'm working on. However, it refuses to index them.
Also, it doesn't index my Firefox cache or history, nor does it index my Thunderbird mail files.
In other words, nice try Google, but it's not useful to me (yet).
you wouldn't need to be good at programming, just change some random bytes. or fill it up with goatse.
Actually, I believe bittorrent prevents people from doing this very thing. It uses checksums for each segment transferred, so you can't just insert any old data in. You would have to insert data that matched the checksum. Needless to say, this is not generally an easy thing to do.
No. Because there are differences in what a person who lives in California or New York wants out of a political system compared to someone who lives in Wyoming or Utah.
I live in Utah, and as it is even now, the candidates very very rarely even THINK about what I would like my government to do. If you got rid of the electoral college, then I might as well live in my own country, because I'm not going to get anything that the huge masses of humanity in California don't want.
And that is very likely what it would lead to. A large number of states that are ignored by one of the most powerful offices in our government because we would not affect the outcome in any election.
I'm all for some type of change, but not one that will diminish the little power that I do have as a voting citizen in a small state.
There are a couple alternatives to IR keyboards (which have to be in line of sight of the receiver, which is why they tend to miss keystrokes). You could get a bluetooth keyboard if their system supported it, or even the wireless keyboards and mice from Logitech, which use a radio to transmit the information. I have one of the logitech keyboards, and I can go around the corner of the room and I can still type without problems (except for the problem of not seeing the screen:).
Well, in view of that information, the problem isn't google, but the law. Personally, I don't care if people read my e-mail. It's quite boring, and I doubt anyone would ever find it useful.
If they would like to see that I'm going to visit my friend in October or call my sister then let them. Important information should be encrypted anyway.
What annoys me are all of the people who want to stop a company from providing a valuable service. The reason why google offers the service that lets you just archive mail and save it, is because some people like to keep their correspondence between friends. I know I do.
Utah Sate University Students get the same! Here in Utah, even the legislature got into the act. They made it mandatory for all students entering the state primarily to go to school pay out-of-state tuition for 2 years instead of one. Yay!
They claimed that students didn't contribute anything to the state (taxes or otherwise), so they didn't deserve in-state tuition after just one year.
This just goes to show that students should vote. Then they might be able to put a little fear into the politicians.
But the problem is that it's not really unsolicited. An invite is from somebody that you are likely to know. That means that the mail provider is actually throwing mail away from a friend. I find this much more offensive and wrong than the e-mail scanning that Google does to provide the text ads.
I have 4 accounts that I've been trying to give away. If you want one, I'll let you have one. The next 3 people who post beneath this message will also get one if they want.
It's weird, but apparently right now, only geeks want these (It's like pulling teeth to get my non-tech friends to leave hotmail or yahoo).
I did this. For $30 I bought some 2x2's and made a frame and then stretched 2 sheets over it and stapled it together. However, I couldn't stand watching a movie in the Real player. It is just too annoying. I'll wait until Apple or MS or some other third party that isn't so annoying.
I agree with you. I think one of the main problems with teachers at the University level is probably tenure. As soon as a professor attains his/her tenure, they basically will never lose their job no matter how many students level complaints in their direction. I know as a class we all signed a petition to have a teacher reprimanded for poor teaching (tuition is expensive! Why we wasted our money on that required class where we learned nothing is beyond me..other than to fill the requirement). It was completely ignored. Universities need to remember that the student is both the product and customer of the teaching. Too often they just focus on their research and let their teaching fall by the wayside. The teaching is much more important than any single peice of research that they may be doing.
There is a problem with SpamAssassin in that you can get around the little web-bug feature with a little setup on the server side. If the spammer were smart, they would use mod_rewrite to change the url from:
Apache then takes the a out of the url, rewrites it, and redirects it to a script which then records the hit from the user and notes that this address is valid.
Spam filters out there need to find a good way of detecting unique identifiers that can be used to track a user.
I'm personally moving towards the scorched earth method with my personal e-mail account. Blcok everything that isn't on my whitelist. If I know you, you're on my whitelist. It's certainly not the best method, but I hate spam.
I don't think they will start sending images with it. It will make their e-mail campaign much less effective. Given that a good sized html message is probably 8Kb, if you add images, it will triple or quadruple the size of the message. This means they will only be able to send a quarter of the normal messages at a time. Remember too that their lists probably aren't "clean". This means that they will be wasting that much more bandwidth and time on invalid e-mails.
So do your part! Enter false information into their database as much as possible! Fill in invalid e-mails on those little "raffle" tickets that you see trying to raffle off a car in the mall. Make sure it's an AOL account or something that delays sending back an error response instead of the instant error notifaction that some mail providers give. That way they have to worry about parsing the e-mail. Perhaps to make it even easier, maybe AOL could start sending randomized text back in their error messages to confuse the spammer's parsers.
This problem existed in FC2 Test 1 as well. I installed it on my computer, and it messed up the MBR. After installing FC2, I would get an error at boot informing me that none of my drives were bootable. I could use the WinXP Recovery mode, and see the contents of the drive, and I ran utilities to fix the MBR, but no dice. I eventually used Knoppix to fdisk the drive. I deleted all of the partitions, and recreated them (with the same values) and then booted and it worked fine.
Not going to install it now, since this bug is still there.
I have a gmail account, and they have a nice feature that actually lets you report a message as spam. I believe (and hope!) that this works in a similar way to a product like Cloudmark Spamnet, which basically lets the community of users determine what is spam. This then updates the community spam list, and affects the e-mail of all clients. As this gets more effective with more users, I hope gmail is very popular.
But the thing is, you can just make a new playlist. They're not preventing you from burning the song more than 7 times. Just delete the playlist, create a new one (identical if you want) and reburn it. The main idea here is to stop you from becoming your own little CD factory:).
I personally usually only burn a playlist once. But that's me.
1. You can copy the songs you purchase an unlimited number of times. (To CD, or to any number of iPods)
2. They don't cost as much as CD's, I spent $17 on Cake's "Prolonging the Magic" CD at Borders because it wasn't on iTunes, and when they finally did put it on iTunes, it costs $9.99..If only I had been more patient. These rumors of a price hike are false anyway, as Apple is denying them.
You complain about only having 5 years to listen to them, which doesn't make any sense. You replace your computer every year? So de-authorize the computer before you get rid of it, and it won't count towards your 5 computer limit.
My guess is that you've never even tried the iTMS.
Slashdot Mirror
You mean to tell me that a program running as an unpriviledged user can access priviledged files? That hasn't been my experience with WinXP. The indexer runs in the background as the user that installed the program. Anyway, this is all moot. It was designed for single user systems (ie, 99% of the installed home user base).
Okay, time to debunk this article.
Boys and girls, open your command prompt and type:
(reformatted so that
You will notice that the GoogleIndexer is actually running as my username (non-priviledged). In fact, all of the google programs currently running on my computer are running as the person logged in. If you happen to be running as Administrator, then you will be able to see all of the files on the computer. It is impossible for the indexer to look at files that I can't access through a normal way (via explorer). Conclusion, this article was probably written by a MS PR Monkey trying to cast a little FUD towards one of their main competitors in the search market...Google.
The problem as I see it is in the startlingly easy way google desktop search makes intrusion possible, sometimes even without the person searching intentionally looking into other user's data. Any keyword I type is an instantaneous hook into the world of the other user who used the pc before me. That is what I find scary.
/. user. It only indexes files in your Documents directory, it only indexes a handful of files (.doc, .xls, .txt, .html files for example). It has SEVERAL limitations that are annoying. For example: I want it to index my java source code and javadocs for the project I'm working on. However, it refuses to index them.
But that's just it. It's a SEARCH tool. It's supposed to find things that you don't know about. If it didn't, it wouldn't be a very good search tool. This should not be installed on public computers. And, if you are personally are concerned about it, there are products out there that will store all that sensitive information (browser history, email files) on a USB drive that you plug into the public computer before use.
As it is, I don't know how useful it will be to the average
Also, it doesn't index my Firefox cache or history, nor does it index my Thunderbird mail files.
In other words, nice try Google, but it's not useful to me (yet).
you wouldn't need to be good at programming, just change some random bytes. or fill it up with goatse.
Actually, I believe bittorrent prevents people from doing this very thing. It uses checksums for each segment transferred, so you can't just insert any old data in. You would have to insert data that matched the checksum. Needless to say, this is not generally an easy thing to do.
No. Because there are differences in what a person who lives in California or New York wants out of a political system compared to someone who lives in Wyoming or Utah. I live in Utah, and as it is even now, the candidates very very rarely even THINK about what I would like my government to do. If you got rid of the electoral college, then I might as well live in my own country, because I'm not going to get anything that the huge masses of humanity in California don't want. And that is very likely what it would lead to. A large number of states that are ignored by one of the most powerful offices in our government because we would not affect the outcome in any election. I'm all for some type of change, but not one that will diminish the little power that I do have as a voting citizen in a small state.
There are a couple alternatives to IR keyboards (which have to be in line of sight of the receiver, which is why they tend to miss keystrokes). You could get a bluetooth keyboard if their system supported it, or even the wireless keyboards and mice from Logitech, which use a radio to transmit the information. I have one of the logitech keyboards, and I can go around the corner of the room and I can still type without problems (except for the problem of not seeing the screen :).
They aren't that expensive either.
Well, in view of that information, the problem isn't google, but the law. Personally, I don't care if people read my e-mail. It's quite boring, and I doubt anyone would ever find it useful.
If they would like to see that I'm going to visit my friend in October or call my sister then let them. Important information should be encrypted anyway.
What annoys me are all of the people who want to stop a company from providing a valuable service. The reason why google offers the service that lets you just archive mail and save it, is because some people like to keep their correspondence between friends. I know I do.
I'm not sure where you might have seen that, but it was in my Discrete Math book in the section about RSA encryption. :)
Utah Sate University Students get the same! Here in Utah, even the legislature got into the act. They made it mandatory for all students entering the state primarily to go to school pay out-of-state tuition for 2 years instead of one. Yay! They claimed that students didn't contribute anything to the state (taxes or otherwise), so they didn't deserve in-state tuition after just one year. This just goes to show that students should vote. Then they might be able to put a little fear into the politicians.
Yes, but since it is being accelerated by a huge electromagnetic field, won't that fry the electronics necessary for a GPS guidance system?
But the problem is that it's not really unsolicited. An invite is from somebody that you are likely to know. That means that the mail provider is actually throwing mail away from a friend. I find this much more offensive and wrong than the e-mail scanning that Google does to provide the text ads.
I sent you the two invites. Check your mail and see if you got them. (And give one of those to a friend, you only really need one gmail account) :)
Sent. Hopefully you'll be able to get it soon. I'm all out of invites now!
Well, I've given all mine out now, but my friend has 6 more invites. I'll pass the info on to him if you would still like a gmail account.
Let me know where to mail the invitation and I'll send it your way.
I have 4 accounts that I've been trying to give away.
If you want one, I'll let you have one. The next 3 people who post beneath this message will also get one if they want.
It's weird, but apparently right now, only geeks want these (It's like pulling teeth to get my non-tech friends to leave hotmail or yahoo).
I did this. For $30 I bought some 2x2's and made a frame and then stretched 2 sheets over it and stapled it together. However, I couldn't stand watching a movie in the Real player. It is just too annoying. I'll wait until Apple or MS or some other third party that isn't so annoying.
I agree with you. I think one of the main problems with teachers at the University level is probably tenure. As soon as a professor attains his/her tenure, they basically will never lose their job no matter how many students level complaints in their direction. I know as a class we all signed a petition to have a teacher reprimanded for poor teaching (tuition is expensive! Why we wasted our money on that required class where we learned nothing is beyond me..other than to fill the requirement). It was completely ignored. Universities need to remember that the student is both the product and customer of the teaching. Too often they just focus on their research and let their teaching fall by the wayside. The teaching is much more important than any single peice of research that they may be doing.
There is a problem with SpamAssassin in that you can get around the little web-bug feature with a little setup on the server side. If the spammer were smart, they would use mod_rewrite to change the url from:
= [m d5sum]
j pg
http://spammerserver.com/cgi-bin/redirect.pl?id
to:
http://spammerserver.com/images/[md5sum]/image.
Apache then takes the a out of the url, rewrites it, and redirects it to a script which then records the hit from the user and notes that this address is valid.
Spam filters out there need to find a good way of detecting unique identifiers that can be used to track a user.
I'm personally moving towards the scorched earth method with my personal e-mail account. Blcok everything that isn't on my whitelist. If I know you, you're on my whitelist. It's certainly not the best method, but I hate spam.
I don't think they will start sending images with it. It will make their e-mail campaign much less effective. Given that a good sized html message is probably 8Kb, if you add images, it will triple or quadruple the size of the message. This means they will only be able to send a quarter of the normal messages at a time. Remember too that their lists probably aren't "clean". This means that they will be wasting that much more bandwidth and time on invalid e-mails.
So do your part! Enter false information into their database as much as possible! Fill in invalid e-mails on those little "raffle" tickets that you see trying to raffle off a car in the mall. Make sure it's an AOL account or something that delays sending back an error response instead of the instant error notifaction that some mail providers give. That way they have to worry about parsing the e-mail. Perhaps to make it even easier, maybe AOL could start sending randomized text back in their error messages to confuse the spammer's parsers.
This problem existed in FC2 Test 1 as well. I
installed it on my computer, and it messed up the
MBR. After installing FC2, I would get an error
at boot informing me that none of my drives were
bootable. I could use the WinXP Recovery mode,
and see the contents of the drive, and I ran
utilities to fix the MBR, but no dice.
I eventually used Knoppix to fdisk the drive.
I deleted all of the partitions, and recreated
them (with the same values) and then booted and
it worked fine.
Not going to install it now, since this bug is still there.
the cost of OS X server for the streaming platform = $0!
The best thing, is that they could get and use Darwin Streaming Server for free and use it on their current system.
I have a gmail account, and they have a nice feature that actually lets you report a message as spam. I believe (and hope!) that this works in a similar way to a product like Cloudmark Spamnet, which basically lets the community of users determine what is spam. This then updates the community spam list, and affects the e-mail of all clients. As this gets more effective with more users, I hope gmail is very popular.
But the thing is, you can just make a new playlist. They're not preventing you from burning the song more than 7 times. Just delete the playlist, create a new one (identical if you want) and reburn it. The main idea here is to stop you from becoming your own little CD factory :).
I personally usually only burn a playlist once. But that's me.
You're not quite right:
1. You can copy the songs you purchase an unlimited number of times. (To CD, or to any number of iPods)
2. They don't cost as much as CD's, I spent $17 on Cake's "Prolonging the Magic" CD at Borders because it wasn't on iTunes, and when they finally did put it on iTunes, it costs $9.99..If only I had been more patient. These rumors of a price hike are false anyway, as Apple is denying them.
You complain about only having 5 years to listen to them, which doesn't make any sense. You replace your computer every year? So de-authorize the computer before you get rid of it, and it won't count towards your 5 computer limit. My guess is that you've never even tried the iTMS.