Yeah, I don't know why the Register is using that dangerous
HTML stuff!!
From the article (MS description of Windows Server 2003):
"Security level for the Internet zone is set to High. This setting disables scripts, ActiveX controls, Microsoft Java Virtual Machine
(MSJVM), HTML content, and file downloads."
There are a lot of cynics and sneerers on Slashdot who say that
Microsoft and their "Trustworthy Computing Initiative"®
is a lot of hot air and BS. But how many of you with your Linux boxes are
running a browser that renders that dangerous HTML stuff, eh?!
Hats off to MS for shipping a system that can't render HTML is what
I say!
If they carry on in the same vein, we can extrapolate that Longhorn
will in fact ship without a TCP/IP stack. Watch the script
kiddies try and break into that!
Microsoft is showing the world how to innovate and move forward as
ever...by....going backwards......errr, wait a minute....
Anyway, I just hope that the "Microsoft Crippled Software and
Environment"® (MCSE) initiative makes more headway and shows you
filthy hippies/commies how things are done in the Real World!
> I'm not sure exactly what killed my motherboard. During the process of
> taking it out of the old case, I knocked a white doohickey thing clean
> off the motherboard. It was attached one minute and then it fell off
> the next. "Oh well, screw it...can't be that important," I thought to
> myself as I ripped the motherboard out of the old case and started
> putting it into the new case.
I think the article can be paraphrased as: "Look at me, I don't
care!"
> THIS SOFTWARE IS PROVIDED "AS-IS" WITHOUT ANY WARRANTIES....
In this country (UK) the EULA isn't worth the paper it's written on.
All goods have to be "fit for purpose".
The EULA is a grossly misleading document when it comes to informing
you of your rights with regards to the software you have bought.
MS should be told by a court to remove it, or the worthless statements that are contained therein (wouldn't leave much of the EULA though).
I can't see how XP is currently fit for purpose. Stick it on
the 'net and you get infected in pretty short order. Most reputable
businesses give you stuff that is fit for purpose but MS have made a
habit of selling software that isn't. Nice if you've got a monopoly
isn't it?
My guess is that MS haven't fallen foul of consumer law yet
because:
- they've got an army of lawyers (more than coders)
- they've got deep pockets
- they play the buck passing game: "The OEM sold you the software".
- they can argue in court that equivalent commercial software is
garbage too.
The OEMs don't dare complain to MS about it, remember
that Judge Jackson found that the cost of MS softs went up for OEMs
that caused "trouble" for MS.
One day though somebody will take them to court and they'll get
buried. Good job too, I hate companies that rip off their customers
whilst simultaneously advertising how wonderful their software - certainly
not from a security POV.
I thought Ralph Nader had set himself up as the consumer's champion in
the states. He's turned politician now but I would have thought a
fight with MS might win him a few votes (put him in the public
eye if nothing else).
Is it just me who thinks it's dishonest for an OS manufacturer to sell
bug fixes for software they've produced? That way it suits their
bottom line to produce an OS that is riddled with holes.....oh,
wait...
> Most full-frontal nudity is banned on television,
> and you can't really show acts of penetration.
Remember too that this is the country where artists almost
end up
being prosecuted for indecency for displaying photos
of their naked children.
If I took photos of my niece and nephews naked and put
them up on my website would I make the BT blacklist?
Or would I only make the blacklist if the pictures were
accompanied by a scornful tract on GWB and Tony Blair?
I don't agree with people having sex with children
but I disagree even more with censorship because in
the long run it will lead to even worse horrors...
it's the D-Day commemoration today after all.
> One issue with Linux, is that it has a lot more contributors
> than *BSD, which tends to make things more complicated.
It shouldn't make things more complicated. Linux needs a
pr
system like FreeBSD so that contributions from people without
commit privileges can be made and more importantly tracked back
to the contributor
In the past, I could post a patch to the Linux kernel mailing
list and it might be cut and pasted by someone and committed but
without any subsequent trail back to me.
I don't know if this has changed but in the light of SCO it has
to be tightened up if it hasn't been already, or there maybe
further claims of stolen code made against Linux.
[District Attorneys] learn in District Attorney School that there are
two sure-fire ways to get a lot of favorable publicity:
..(2)
Raid an "adult book store" and hold a press conference where you
announce you are charging the owner with 850 counts of being a
piece of human sleaze. This also never fails, because you always
get a conviction. A juror at a pornography trial is not about to
state for the record that he finds nothing obscene about a movie
where actors engage in sexual activities with live snakes and a
fire extinguisher. He is going to convict the bookstore owner, and
vote for the death penalty just to make sure nobody gets the wrong
impression.
> They add detection for GNU Hurd, but not OpenBSD, FreeBSD and
> NetBSD. Funny, really.
Not funny but sad.
Although I suppose they can't really add an installer for
"real" FreeBSD and "real" NetBSD when Debian developers are
working on GNU/FreeBSD
and GNU/NetBSD
even if they both have the same amount of users as GNU/Hurd ....about 3 at the last count....although to be fair I wasn't
counting RMS:)
> I love gentoo but still wouldn't run it on a critical server
> because of the compile demands.
I point you to this page at Netcraft
where all the servers with the longest uptimes are BSD based.
Guess what? BSD based systems use compilation to install/build
softs.
You and others fail to realise that any multi-tasking OS worth
it's salt can carry on with it's work whilst software is being built.
The advantages of using a system based on ports/portage far
outweighs any performance hit from compiling your softs.
Especially for servers where you're not building bloatware like
Gnome, KDE, Mozilla etc.
I suggest that all Linux systems will one day use
ports/portage as it's the only way not to run into dependency
problems when upgrading the system.
This information comes to you from somebody who's FreeBSD system
is a 300MHz Celeron with dial-up access and can happily browse
Slashdot whilst software is being built and can rebuild the base
system in 3 hrs.
> Mr. Pratley just blogged on his 'personal philosophical'
> conversion from a Mac geek to a Microsoft devotee
Mr. Pratley's conversion from sex with women to spanking his
monkey.
Talking about masturbation, his blog is an unceasing exercise of
it. He forgot this sentence out at the end:
"Word won because I'm a genius"
Word won over WP because it came bundled on most new machines
with other MS softs. It's handy to have a stranglehold over
OEMs which you're prepared to abuse as documented in Judge
Jackson's findings of fact.
If Mr. Pratley is the sort of dishonest, intellectual midget that
heads up MS projects then I'm glad I don't use their software.
> According to Blunkett, it will help "combat terrorism".
> I want to know how it will do this exactly.
It wont. If you hear Blunketts's arguments and digest them they amount
to this:
"If there's a terrorist atrocity and I haven't introduced ID cards
then I will be culpable and lose my job. Hence, I will introduce ID
cards."
Blunkett puts his job security above considerations of efficacy and
cost not to mention personal freedom.
Check out my sig for other ways in which he is "enhancing" his job
security - by locking up people without trial for a start.
My personal opinion: Blunkett's a braindead piece of scum and anything
he promotes should be opposed vigorously. He's senseless in the true
meaning of the word (he's blind) and shouldn't hold high office due to
his disability IMHO.
Try and exercise hard for an hour each day and the
endorphins
produced will suppress the production of stress hormones.
I cycle. It's a geek thing to do as you can get into the engineering
side of cycle componentry whilst at the same time getting to learn
something about physiology and how to train yourself....
VO2 Max,
heart rate monitoring etc.
I find that the exercise is the only thing that keeps me sane in a
modern Western environment. I think that lack of exercise amongst
modern Westerners results in the increased depression and other
psychoses we're prone to.
> If he doesn't give you a license, you are stuck with
> the default rights under Copyright Law. That's DJB's "license".
Correct.
> As such you can't make changes and distribute them as part of a
> integrated set (in theory you could distribute just the patches but
> it's a grey area). Hence many people consider it "un-free". Some
> people see this as a problem.
Some people want too much. It's his copyrighted work and it's
his right to say how his work is to be distributed (if at all). There's
no "grey area" about patches, they're copyright of the person who wrote
them and they get to choose how to distribute them.
That doesn't mean that you can't approach djb and ask him for
license to distribute his software and patches; unless you choose to
instead moan and sulk about the software he wrote being "un-free"
as some Linux distributions have.
With djb's software you get a chance to negotiate a license
to re-distribute the software, with GPL you get the license thrust
upon you - take it or leave it.
I prefer the former both as a user and potential developer.
Hence, my copy of Qmail doesn't even get shipped with a license.
There's a lot of crap talked about the "evil Qmail license", crap
because no such thing exists unless you happen to ask djb to give you one. As djb puts it:
"If you think you need a license from the copyright holder, you've been bamboozled by Microsoft."
> At the last IT firm I worked for, the CEO had a four-letter
> password. I'm not going to say what it was, but it was the name
> of an animal.
>
> That was bad enough, but it was the name of an animal he had
> tattooed on his forearm.
> So the question remains, why aren't the dial-up users spending
> the extra US$ 10 to get always-on broadband DSL? I'm guessing
> many of the dial-up users can't get DSL in the first place. But
> that doesn't explain this article though.
Why? I'll tell you why, I can't afford it! I'm unemployed and
despite running an OS I build and maintain by source (FreeBSD), I
can't justify the increased expenditure for the luxury of
broadband.
You have to remember that there are poor people, even in the US,
some of whom can't even afford a dial-up.
Good point. Seymour Cray was obviously talking in the old days when there
weren't giant radioactive chickens stalking the Earth laying giant
eggs like
this one just outside of Chernobyl.
Attach a few of these radioctive chickens to your plough and you're
likely to break the sound barrier.
Beating the odds on a roulette wheel has been done before and was done
most famously by "the man who broke the bank at Monte Carlo" Joseph Jaggers.
He made $450,000 which in 1873 was a LOT of money.
AFAIK in order to circumvent predicting the numbers by this method,
the casinos regularly move the wheels from one table to another. The
act of moving the wheel throws the predictors off aswell as changing
any possible bias in the wheel.
This newer technique seems better, although it seems that you have to know
the coefficient of friction between ball and wheel which I suppose
could vary enough between each wheel to throw of your calculations.
> I think Turing and von Neumann had far more to do with
> the underpinnings of modern computers than Boole.
Q. How would Turing and von Neumann have done their work without Boolean
algebra?
Your attempt to categorise Boole, Neumann and Turing in some sort of
hierarchy when it comes to computing doesn't make any sense.
Newton's words about having stood upon the shoulders of giants comes
to mind. Newton realised he couldn't have done his work on calculus etc.
without Euclid and the others before him.
AP2004:03:24:
In a court decision that has sent the showbusiness world reeling,
a Californian court has ruled that the issues of whether the
"King of Pop" Michael Jackson's surgically enhanced features
contain the intellectual property of a small Utah based software
group needs further investigation.
The court has ordered that the King of Pop's nose, ears and other
body parts have to be submitted to the court for analysis by a
court appointed expert. It is contended by the software group,
SCO, that it's intellectual property was used in the creation of
the body parts and that it requires a license from Mr. Jackson
for him to use each part.
As news of the court's decision reached Hollywood, hundreds of
celebrities and many others with faces like brutalised rectums
were reported as getting ready to leave the country.
Mr. Jackson was unavailable for comment as he's in hiding, in
jail or visiting his local kindergarten.
> But let's be real, here. Last year in the span of six months,
> Debian, Gentoo, and GNU (twice!) were compromised. Now GNOME.
We'll have to wait for an explanation of how it happened but my
opinion is that Linux needs properly auditing and a security
officer needs to be appointed who's job it is to check out stuff
that goes into the tree.
The BSDs have this and they haven't had the security problems
that Linux has had. Maybe it's due to the popularity of Linux but
an audit/security officer wouldn't do any harm.
You have to expect that the admins of these boxes are far from
clueless yet they still got broken in to. To me that indicates a
problem with Linux development rather than use.
If an audit isn't done, then the cracks will keep on opening up & the reputation of Linux will be trashed.
Slashdot Mirror
> What, no macro virus-infected Word file?
Yeah, I don't know why the Register is using that dangerous HTML stuff!!
From the article (MS description of Windows Server 2003):
"Security level for the Internet zone is set to High. This setting
disables scripts, ActiveX controls, Microsoft Java Virtual Machine
(MSJVM), HTML content, and file downloads."
There are a lot of cynics and sneerers on Slashdot who say that
Microsoft and their "Trustworthy Computing Initiative"®
is a lot of hot air and BS. But how many of you with your Linux boxes are
running a browser that renders that dangerous HTML stuff, eh?!
Hats off to MS for shipping a system that can't render HTML is what I say!
If they carry on in the same vein, we can extrapolate that Longhorn
will in fact ship without a TCP/IP stack. Watch the script
kiddies try and break into that!
Microsoft is showing the world how to innovate and move forward as
ever...by....going backwards......errr, wait a minute....
Anyway, I just hope that the "Microsoft Crippled Software and
Environment"® (MCSE) initiative makes more headway and shows you
filthy hippies/commies how things are done in the Real World!
A sample from the FA:
> I'm not sure exactly what killed my motherboard. During the process of
> taking it out of the old case, I knocked a white doohickey thing clean
> off the motherboard. It was attached one minute and then it fell off
> the next. "Oh well, screw it...can't be that important," I thought to
> myself as I ripped the motherboard out of the old case and started
> putting it into the new case.
I think the article can be paraphrased as: "Look at me, I don't care!"
> THIS SOFTWARE IS PROVIDED "AS-IS" WITHOUT ANY WARRANTIES....
In this country (UK) the EULA isn't worth the paper it's written on. All goods have to be "fit for purpose".
The EULA is a grossly misleading document when it comes to informing you of your rights with regards to the software you have bought. MS should be told by a court to remove it, or the worthless statements that are contained therein (wouldn't leave much of the EULA though).
I can't see how XP is currently fit for purpose. Stick it on the 'net and you get infected in pretty short order. Most reputable businesses give you stuff that is fit for purpose but MS have made a habit of selling software that isn't. Nice if you've got a monopoly isn't it?
My guess is that MS haven't fallen foul of consumer law yet because:
- they've got an army of lawyers (more than coders)
- they've got deep pockets
- they play the buck passing game: "The OEM sold you the software".
- they can argue in court that equivalent commercial software is garbage too.
The OEMs don't dare complain to MS about it, remember that Judge Jackson found that the cost of MS softs went up for OEMs that caused "trouble" for MS.
One day though somebody will take them to court and they'll get buried. Good job too, I hate companies that rip off their customers whilst simultaneously advertising how wonderful their software - certainly not from a security POV.
I thought Ralph Nader had set himself up as the consumer's champion in the states. He's turned politician now but I would have thought a fight with MS might win him a few votes (put him in the public eye if nothing else).
1. Sell buggy OS.
2. Profit!
3. Don't spend money fixing bugs.
4. Profit!
5. Sell AV.
6. Profit!
7. ??
8. Profit!
Is it just me who thinks it's dishonest for an OS manufacturer to sell
bug fixes for software they've produced? That way it suits their
bottom line to produce an OS that is riddled with holes.....oh, wait...
> Most full-frontal nudity is banned on television,
> and you can't really show acts of penetration.
Remember too that this is the country where artists almost
end up being prosecuted for indecency for displaying photos
of their naked children.
If I took photos of my niece and nephews naked and put
them up on my website would I make the BT blacklist?
Or would I only make the blacklist if the pictures were
accompanied by a scornful tract on GWB and Tony Blair?
I don't agree with people having sex with children
but I disagree even more with censorship because in
the long run it will lead to even worse horrors...
it's the D-Day commemoration today after all.
> One issue with Linux, is that it has a lot more contributors
> than *BSD, which tends to make things more complicated.
It shouldn't make things more complicated. Linux needs a pr
system like FreeBSD so that contributions from people without
commit privileges can be made and more importantly tracked back
to the contributor
In the past, I could post a patch to the Linux kernel mailing
list and it might be cut and pasted by someone and committed but
without any subsequent trail back to me.
I don't know if this has changed but in the light of SCO it has
to be tightened up if it hasn't been already, or there maybe
further claims of stolen code made against Linux.
[District Attorneys] learn in District Attorney School that there are
two sure-fire ways to get a lot of favorable publicity:
Raid an "adult book store" and hold a press conference where you
announce you are charging the owner with 850 counts of being a
piece of human sleaze. This also never fails, because you always
get a conviction. A juror at a pornography trial is not about to
state for the record that he finds nothing obscene about a movie
where actors engage in sexual activities with live snakes and a
fire extinguisher. He is going to convict the bookstore owner, and
vote for the death penalty just to make sure nobody gets the wrong
impression.
> http://www.gotapex.com/
Good grief! You almost gave me a heart attack there....
for a minute I thought goate.cx had made a comeback from the dead.
> They add detection for GNU Hurd, but not OpenBSD, FreeBSD and
> NetBSD. Funny, really.
Not funny but sad.
Although I suppose they can't really add an installer for
"real" FreeBSD and "real" NetBSD when Debian developers are
working on GNU/FreeBSD and GNU/NetBSD
even if they both have the same amount of users as GNU/Hurd
> I love gentoo but still wouldn't run it on a critical server
> because of the compile demands.
I point you to this page at Netcraft
where all the servers with the longest uptimes are BSD based.
Guess what? BSD based systems use compilation to install/build
softs.
You and others fail to realise that any multi-tasking OS worth
it's salt can carry on with it's work whilst software is being built.
The advantages of using a system based on ports/portage far
outweighs any performance hit from compiling your softs.
Especially for servers where you're not building bloatware like
Gnome, KDE, Mozilla etc.
I suggest that all Linux systems will one day use
ports/portage as it's the only way not to run into dependency
problems when upgrading the system.
This information comes to you from somebody who's FreeBSD system
is a 300MHz Celeron with dial-up access and can happily browse
Slashdot whilst software is being built and can rebuild the base
system in 3 hrs.
> The final decision is based on total percieved value (in
> micro-econ you call this utility but don't analize
> where it comes from)
Don't worry, I had no intention of shoving it up my arse.
> Mr. Pratley just blogged on his 'personal philosophical'
> conversion from a Mac geek to a Microsoft devotee
Mr. Pratley's conversion from sex with women to spanking his
monkey.
Talking about masturbation, his blog is an unceasing exercise of
it. He forgot this sentence out at the end:
"Word won because I'm a genius"
Word won over WP because it came bundled on most new machines
with other MS softs. It's handy to have a stranglehold over
OEMs which you're prepared to abuse as documented in Judge
Jackson's findings of fact.
If Mr. Pratley is the sort of dishonest, intellectual midget that
heads up MS projects then I'm glad I don't use their software.
"Net thug" my arse.
For amusement it might be fun to give a PHB one of these HP calculators and watch the concept of RPN make their heads explode.
> According to Blunkett, it will help "combat terrorism".
> I want to know how it will do this exactly.
It wont. If you hear Blunketts's arguments and digest them they amount to this:
"If there's a terrorist atrocity and I haven't introduced ID cards then I will be culpable and lose my job. Hence, I will introduce ID cards."
Blunkett puts his job security above considerations of efficacy and cost not to mention personal freedom.
Check out my sig for other ways in which he is "enhancing" his job security - by locking up people without trial for a start.
My personal opinion: Blunkett's a braindead piece of scum and anything he promotes should be opposed vigorously. He's senseless in the true meaning of the word (he's blind) and shouldn't hold high office due to his disability IMHO.
Is the only way to deal with stress.
Try and exercise hard for an hour each day and the endorphins produced will suppress the production of stress hormones.
I cycle. It's a geek thing to do as you can get into the engineering side of cycle componentry whilst at the same time getting to learn something about physiology and how to train yourself.... VO2 Max, heart rate monitoring etc.
I find that the exercise is the only thing that keeps me sane in a modern Western environment. I think that lack of exercise amongst modern Westerners results in the increased depression and other psychoses we're prone to.
> If he doesn't give you a license, you are stuck with
> the default rights under Copyright Law. That's DJB's "license".
Correct.
> As such you can't make changes and distribute them as part of a
> integrated set (in theory you could distribute just the patches but
> it's a grey area). Hence many people consider it "un-free". Some
> people see this as a problem.
Some people want too much. It's his copyrighted work and it's his right to say how his work is to be distributed (if at all). There's no "grey area" about patches, they're copyright of the person who wrote them and they get to choose how to distribute them.
That doesn't mean that you can't approach djb and ask him for license to distribute his software and patches; unless you choose to instead moan and sulk about the software he wrote being "un-free" as some Linux distributions have.
With djb's software you get a chance to negotiate a license to re-distribute the software, with GPL you get the license thrust upon you - take it or leave it.
I prefer the former both as a user and potential developer.
> I continue to use BIND because I don't like DJB's licence.
I call FUD. djb thinks licensing is a lot of nonsense.
Hence, my copy of Qmail doesn't even get shipped with a license.
There's a lot of crap talked about the "evil Qmail license", crap because no such thing exists unless you happen to ask djb to give you one. As djb puts it:
"If you think you need a license from the copyright holder, you've been bamboozled by Microsoft."
> At the last IT firm I worked for, the CEO had a four-letter
> password. I'm not going to say what it was, but it was the name
> of an animal.
>
> That was bad enough, but it was the name of an animal he had
> tattooed on his forearm.
Was it a cock by any chance?
> So the question remains, why aren't the dial-up users spending
> the extra US$ 10 to get always-on broadband DSL? I'm guessing
> many of the dial-up users can't get DSL in the first place. But
> that doesn't explain this article though.
Why? I'll tell you why, I can't afford it! I'm unemployed and despite running an OS I build and maintain by source (FreeBSD), I can't justify the increased expenditure for the luxury of broadband.
You have to remember that there are poor people, even in the US, some of whom can't even afford a dial-up.
> How big are the chickens?
Good point. Seymour Cray was obviously talking in the old days when there weren't giant radioactive chickens stalking the Earth laying giant eggs like this one just outside of Chernobyl.
Attach a few of these radioctive chickens to your plough and you're likely to break the sound barrier.
Beating the odds on a roulette wheel has been done before and was done most famously by "the man who broke the bank at Monte Carlo" Joseph Jaggers. He made $450,000 which in 1873 was a LOT of money.
AFAIK in order to circumvent predicting the numbers by this method, the casinos regularly move the wheels from one table to another. The act of moving the wheel throws the predictors off aswell as changing any possible bias in the wheel.
This newer technique seems better, although it seems that you have to know the coefficient of friction between ball and wheel which I suppose could vary enough between each wheel to throw of your calculations.
> I think Turing and von Neumann had far more to do with
> the underpinnings of modern computers than Boole.
Q. How would Turing and von Neumann have done their work without Boolean algebra?
Your attempt to categorise Boole, Neumann and Turing in some sort of hierarchy when it comes to computing doesn't make any sense.
Newton's words about having stood upon the shoulders of giants comes to mind. Newton realised he couldn't have done his work on calculus etc. without Euclid and the others before him.
s/Euclid/Boole/ in this case.
AP 2004:03:24:
In a court decision that has sent the showbusiness world reeling,
a Californian court has ruled that the issues of whether the
"King of Pop" Michael Jackson's surgically enhanced features
contain the intellectual property of a small Utah based software
group needs further investigation.
The court has ordered that the King of Pop's nose, ears and other
body parts have to be submitted to the court for analysis by a
court appointed expert. It is contended by the software group,
SCO, that it's intellectual property was used in the creation of
the body parts and that it requires a license from Mr. Jackson
for him to use each part.
As news of the court's decision reached Hollywood, hundreds of
celebrities and many others with faces like brutalised rectums
were reported as getting ready to leave the country.
Mr. Jackson was unavailable for comment as he's in hiding, in
jail or visiting his local kindergarten.
> But let's be real, here. Last year in the span of six months,
> Debian, Gentoo, and GNU (twice!) were compromised. Now GNOME.
We'll have to wait for an explanation of how it happened but my opinion is that Linux needs properly auditing and a security officer needs to be appointed who's job it is to check out stuff that goes into the tree.
The BSDs have this and they haven't had the security problems that Linux has had. Maybe it's due to the popularity of Linux but an audit/security officer wouldn't do any harm.
You have to expect that the admins of these boxes are far from clueless yet they still got broken in to. To me that indicates a problem with Linux development rather than use.
If an audit isn't done, then the cracks will keep on opening up & the reputation of Linux will be trashed.
Wouldn't a geologist (I'm not but I did) conclude that earlier pictures showed clear signs of the rocks being sedimentary?
Look at the area below Zugspitze in the picture above and then try and tell me with a straightface that those striated rocks are igneous in origin.
The question is why did they wait so long to announce the fact that there were sedimentary rocks?
Maybe a geologist could tell me whether there are any igneous rock formations that might look sedimentary & they therefore had to do further analysis.