This is great! Now all the users that really wanted a different browser finally will be able to get one!
(And all users that don't care or don't understand will pick something at random, from a list of up to 12 (!) different browsers, is going to make life interesting for developers again now that we finally were seeing IE6 starting to disappear:)
Ah, yes. Now instead of needing to realistically support 3 major browsers, web developers will need to make sure they completely support 12 (!) browsers. The distribution of these 12 (!) will probably begin to even out as well since most users are just going to pick one at random since the average user does NOT read dialog boxes. They just click until it goes away.
All this decision will do is increase the number of those retarded "This webpage does not support your browser. Go get a real browser to view this site!" messages.
This will NOT help web developers in any way. IE6 may have been evil, but at least it was an evil we knew and understood. That is much better than 12 (!) unknowns.
I was reading some Wiki articles on Boeing's jets and saw that the Boeing 777 uses the General Electric GE90 turbofan engine. These machines are sheer marvels of technology and engineering. In addition to being the largest, the most powerful, and the longest ranged jet engine in the world, here are two facts I found particularly amazing:
A single GE90-115B delivers a power which is roughly equivalent to 111,526 HP, twice the power of the Titanic.
At take off thrust, a single GE90 engine can ingest around two million cubic feet of air per minute.
And there are two of these engines on every 777. Just... wow.
Because it's a sane method of delivering software, which is becoming widely used (i.e. Steam, iTunes Store, etc) vs the traditional "Herpes" model used by Windows?
Yes, software repositories are all nice and fuzzy until you want to install a new (or old) version of a program which is not in the repository. Now you get to install it by hand which causes two problems: all related libraries may have to be upgraded or downgraded, and you've completely broken your package-managed system, putting you in a state of limbo that is worse than either all-packages (Linux) or no-packages (Windows). Any future changes you make by using the repository have a good chance of breaking that manual install.
While I see the advantages to repositories, I also see the disadvantages. That's part of not being a fanboy (that, and not throwing around meaningless comments like "herpes model"). At least on Windows I can download software directly from the publisher (no unknown middleman) and install it using their installer (not some broken "patched" installer -- Debian-branded OpenSSH anyone?). If the program requires some special version of a library it can be contained in the installer and installed if needed without disrupting the rest of my system.
Is installing common, generic software easier with a repository? Yes, probably. Is installing specific (or even just newest) versions all software easier with a repository? Certainly not. I like the fact that the version of Windows I might run has no bearing on the versions of Firefox, Office, Eclipse, PHP, etc that I can run (within reason obviously - some things won't run on old systems of a vastly different architecture).
What I don't understand is why people aren't still ripping Microsoft for this. They make software with an exploit that can prevent your PC from booting
You're kidding, right? Go rm -rf/etc,/boot,/etc/password, or/etc/shadow and see what happens.
I don't understand why people aren't ripping on these stupid Linux distributions have such easily exploitable flaws!
Users with root/administrative privileges can preform (directly or via a software proxy) destructive actions to their operating system. This is not an exploit, it is by design.
That would be comparable to the US having horrible fiscal responsibility and then caring about other countries fiscal responsibility.
Oh, I see, I must have missed the point in the conversation when the fiscal policies of either nation were being discussed. You don't mind pointing that out, do you?
He brought that up as part of the "argument" just so he could bash the US (whether deserved or not isn't relevant) via the implied conclusion. That's a straw man.
Yeah I had that same thought. The Chinese have as much standing to complain about IP violations as the United States has to lecture on fiscal responsibility.
Wow, a blatant strawman like that gets +5 Insightful on Slashdot these days?
The GP said he was surprised that China (a country that typically ignores IP) ruled against Microsoft's (alleged) IP violation. You respond by saying you are surprised the US is lecturing on fiscal responsibility. The problem is that nobody here is even discussing Chinese or US fiscal policies.
You set up the fiscal strawman just so you could knock it down and look smart. The sad thing is that the mods bought it.
No post about polygraphy is complete without a link to antipolygraph.
For anyone interested, the site has a lot of great information, including a free book that goes into intimate details regarding how polygraphs are operated and how their results are interpreted to mean either "truth" or "lies". They even have the operator's handbooks and interpretation guides for giving an examination and information on how to "beat the box".
Very interesting stuff -- doubly so for anyone who might sometime be in a position where taking a polygraph is required for a job or security clearance.
If you were talking about a cost difference of $100 or maybe even $10, I'd understand it
It adds up fast. You also have to include the cost of running the portion of the government assigned to design, test and enforce all these laws being put into place to "protect" the people.
According to that electrical problems cause 67,800 fires, 485 deaths, and $868 million in property losses.
Did you read that page or just pull numbers out of it?
Most electrical fires result from problems with "fixed wiring" such as faulty electrical outlets and old wiring. Problems with cords and plugs, such as extension and appliance cords, also cause many home electrical fires.
In urban areas, faulty wiring accounts for 33% of residential electrical fires.
Many avoidable electrical fires can be traced to misuse of electric cords, such as overloading circuits, poor maintenance and running the cords under rugs or in high traffic areas.
Nothing on that page indicates that shock or property damage has anything to do with touching the exposed wiring of a plug as it is inserted or removed from the wall. Nobody here is saying that nobody ever gets electrocuted or that electrical fires don't happen -- they are saying that very, very few incidents are due to the shape or design of the US plug.
Why should safety vs savings be immune to a normal cost/benefit analysis?
How many people are significantly (or even mildly) injured due to the design of the standard US plug? How many fewer are injured with the UK plug? Now, how much does it cost a society (taking everything into account, from the cost a table lamp to the cost of a meal at a restaurant which uses appliances with these plugs) to mandate the use the UK plug over the US plug?
Safety over savings is a laudable goal, but taking it too far or removing personal responsibility (for example, by a totalitarian nanny state) can be just as detrimental as having no safety at all.
The scene establishes the depth of evil and the cold bloodedness of a rogue Russian villain and his unit. By establishing that evil, it adds to the urgency of the player's mission to stop them.
Does not equal this (from TFS):
Footage shows the player engaged in killing civilians with terrorists
Which one is it (or is it both somehow)? This sounds like a bunch of uproar over a cutscene nobody understands the context of.
Really? Bonuses for individual employees that do great work are more important to you than the greater social good that is potentially created by a fair and balanced taxation system?
Why, yes. While I recognize the need for a certain level of taxes (maintaining infrastructure, financial costs of the government's operation), I would much rather reward and retain individuals that are skilled and industrious workers than distribute that money as a free handout to everyone in the US.
There's a reason we organize into political structures, the common good is one of the key ones.
Maybe for some people (and an excuse for others). Most people just don't want to have to deal with the day-to-day work required to keep society (such as it is) functioning. We pay other people (politicians) to do this for us, which they're happy to do since they are usually the kind of people who enjoy having that power.
When the individual becomes MORE important than the collective you're standing on the precipice of a slippery slope.
And when the collective even thinks about trumping individual rights it's time for revolution, Comrade. There is nothing slippery about this. The reason we're organized as a "collective" is because it benefits the individuals -- military protection, law enforcement, etc. If enough people decide that the costs of maintaining this collective have become too high, it's time to find a better system.
In all of these cases an elite group of individuals *espoused* the importance of the collective good, while simultaneously protecting their own selfish interests.
And that's different than now, how exactly? Sticking with your example of Medicare, do you know anything about the Congressional health care plan? I didn't think so.
I clearly remember the days before CMS and it looked like this
Ha! The planetarium scheduler for the the school I work at has an HTML file she edits in Word to create the current month's calendar. This file has been used for some 2-3 years. Pulling it up right now, it is 682 KB in size and has over 6,000 lines of CSS at the top of the document. Here's a snippet:
because it's a popular CMS and has a lot of people looking through it's code for exploits, it's also a lot more secure
As pointed out, Wordpress easily proves this long-believed mantra false. It's one of the mostly widely used blogging applications and it is consistently in the news for high-profile hacks and exploits. That, and Drupal hardly seems immune.
What's even more interesting is the possibility for intentional security flaws in the code. Interested parties can start submitting patches and changes to the Drupal codebase with inherent flaws. These might even be distributed (module A has a flaw that uses module B's flaw that uses module C's flaw...), which combined with submissions over a series of weeks or months and it seems unlikely they'll be easily spotted.
This is the real downside to using open source code in government applications -- In four months the White House website may be running code written by Chineses (or Russian or whoever) hackers (who may or may not be government employees) for the sole purpose of exploiting the site. Expand this into internally used applications like MediaWiki, Pidgin and it has even bigger implications for intelligence gathering and infiltration.
Major programs like these are big and complex. If the Debian OpenSSH fiasco taught us anything it should be that when you combine big and complex, don't be surprised if those many average eyes are insufficient to catch what the few skilled and experience hands put in the codebase.
Anyway, why Ruby? Not that I have anything against it but really why did they pick Ruby?
Maybe they wanted to emulate that nice slow ka-CHUNK action of the lever-pull voting machines? For that they'd need the absoluteslowest popular programming language available. Hence, Ruby.
so if someone does this apple could sue them to death
So Apple is a patent troll? Patenting an idea (even a bad idea) just to keep other people from using it is not what the patent system was designed for. This is the kind of behavior Slashdot normally crucifies companies for, doubly so for trolling software patents.
As somebody who avoids Apple products I hope they are granted the patent and it is vigorously enforced. If a company wants to pursue such amazingly stupid advertising techniques like these, I'd be just fine with having them confined to the Apple product line. (What I find interesting is Steve Jobs being listed as the "inventor". Does he have nothing better to do than sit around and come up with ways to screw over his customers?)
Even better is requiring other companies (who also wish to shoot themselves in the face) to pay to license the technology. Stupid company + expensive licensing fees + lost customers = failed stupid company == the system works.
Somebody has to file a bug against FireFox that plugins/add-ons are even allowed to prevent user from disabling them.
Mark it up as another example of how the Firefox developers don't understand a multi-user, restricted-user environment. It is often desirable to install programs on a machine-wide basis so that all users, regardless of their local security access, can use them. In Firefox, plugins that are installed in this manner cannot be disabled by the user, even if the user has local administrative rights on the computer.
It's the same deal with Firefox's automatic updater allowing normal users to download and try installing browser updates but then failing over and over because the user doesn't have write access to C:\Program Files\Mozilla or the HKLM portion of the registry.
You're setting up a straw man and then knocking it down.
What? Where's the straw man? Don't use phrases until you know what they mean.
motivation to insert some of their technology into Firefox which they can then later withdraw to make Firefox look bad so they could drive users back towards IE
Can I borrow your crystal ball? I'd like to look up stock figures for next year.
disabled the ability of the user to get rid of it
This is a flaw with Firefox, not an intentional act of malice on Microsoft's part. The MS plugins are machine-wide so that all the users of a computer can use them, however machine-wide browser plugins cannot be removed via the Firefox user interface.
He is not a real person anyhow, but a member of Microsoft's psy-op team, spreading disinformation.
If that's the case them I'm short a paycheck or two.
The real story can be found on the Mozila discussion board.
Funny, that's the exact same link I posted!
Fundamentally, Microsoft introduced a security risk into Firefox with these add-ons. That risk came to fruition and thus Mozilla closed the risk entirely.
Yes, and nuking New York City would take care of the rat problem. The issue is most logical people wouldn't see that as a valid solution. Of course, in this case it would be more like nuking New York City to get rid of the rats, but doing it after somebody else has already safely killed off 90% of the rat population.
If it's not 100% then it's vulnerable and hence the block.
So you suggest that punishing all users for a few users is a good idea?
Mozila suggests that if you are one of the very small minority that need this software [...] then you request Microsoft to write a clean version completely free of this and Mozilla can allow that through.
There is so much wrong with this.
- Assuming very few people use a program just because you don't is a bad idea. - Microsoft should write the software to be free of what? - So now Mozilla is dictating what software users are and are not allowed to use? Super idea there.
Really, part of the problem is the mechanism that Firefox uses with regards to system-wide extensions. It is a flaw in the browser that these kinds of extensions are not allowed to be removed by the user. It's common for system admins or software vendors to need to install something that everybody using the computer can use, not just a single user. The idea of a multi-user, restricted-user environment seems completely foreign to the Firefox developers (see Firefox's automatic update feature for another example, it will try to let a non-admin user install updates and then fail over and over and over...). While not the reason for this problem, it is the reason that users have a difficult time removing the.NET extensions for Firefox.
Microsoft have embraced Firefox by writing software for it, Extended it's functionality to add support for their own proprietary "standards"
False. How is this different than Adobe writing Flash plugin software for Firefox? Adobe Flash is proprietary and contains a lot of their own "standards". Many, many more businesses currently rely on Adobe's Flash than do on Microsoft's XAML WPF apps. If the Mozilla team blacklisted Flash tomorrow, how many people would that piss off? How many would switch back to IE or Opera?
and now they are trying to extinguish Firefox by forcing Mozilla to remove a plugin that some users have come to rely on.
False. There was a security flaw in the Microsoft plugin for Firefox. This isn't debated. However, it was the Mozilla team that decided to block the plugin software, not Microsoft. Microsoft has already released a patch for the flawed programs. I'm not seeing any "extinguish" involved here.
If microsoft were serious about adding functionality to Firefox then they would have contributed source code to this open source project.
False. The hundreds or thousands of plugins and extensions for Firefox (popular ones include Flash, PDF support [from dozens of vendors], audio/video support, etc) show this to be misguided and invalid thinking.
All the addon did was to add a piece of text in useragent that told the website.NET version. How do you manage to fuck up that?
For anyone curious as to the real state of affairs behind this MS plugin issue, you might be interested in a few things. For everyone else just enjoying a good anti-Microsoft circle-jerk, ignore this post.
The plugins being discussed do more than just change the User Agent of the browser. They allow for XAML applications to run in Firefox and ClickOnce program distribution. For everyone that normally cries about Microsoft pushing IE and trying to lock users into their browser, this is an attempt to allow people to use an alternative browser while still having access to their other Microsoft-centric technologies (.NET in this case). Isn't this a good thing?
This is the bug in question. There is a lot of interesting comment there, including the fact that while everyone is crying about Microsoft "secretly" adding the plugin and preventing users from disabling it, Mozilla doesn't even give users an option to enable it! Their blocklist is all or nothing. Why doesn't that bother anyone here? One poster is very insightful:
Many corporations have begun implementing Firefox and telling their users that it is an equally if not more capable but more secure browser. For a subset of those corporations, the action of removing necessary tech without consent or a secure method for re-enabling it will result in the removal of the browser from the system completely. It will be called a failed experiment. The following day, sys-admins around the world will be left explaining to the non-enthusiast employees that the reversal came because certain business apps would not function in FF. Those users will only hear that FF is not as capable.
But perhaps the best thing about this entire issue, is that Mozilla didn't block the plugins until AFTER they were patched and the mechanism of the block is retarded. Mozilla is claiming that Microsoft agreed to issuing the block of the affected plugins, and that might be true, but only to an extent. Mozilla is currently blocking the plugins based on the name of the plugin, not the version, which means users who have installed the patched version of the plugs (at this point almost everyone using Windows Update) are still unable to use the plugins and have no way to re-enable them.
So essentially, by issuing this patch, Mozilla is doing nothing but hurting its business customers. Slashdotters can scratch their heads trying to figure out who uses these technologies, but the answer is a lot of businesses do. This absolute, non-scriptable and non-changeable block of these plugins will just remind corporations that open source isn't ready for the big leagues and they should just stick with Microsoft and IE. The sad thing is that if this kind of knee-jerk, carte-blanche blocking behavior becomes the norm for Mozilla, they will probably be right! Taking this kind of control away from the users is simply unacceptable, doubly so for businesses.
If you're wondering what MS says about this, you might take a look at this:
First we'd like to make it clear that any customers that have applied the update associated with MS09-054 are protected, regardless of the attack vector. And most customers need not take any action as they'll receive this update automatically through Automatic Updates.
Surprise surprise: programming for the iPhone is as lucrative as programming for any other platform.
At least with most other platforms you know in advance if your target audience will even be able to run your program. And then, even if your program is accepted, every day is another day that Apple can revoke your program for any reason they care to make up -- essentially rendering it meaningless.
Windows Mobile may be an inferior platform, but at least it can run whatever you want, whenever you want, for as long as you want. For real software companies, this is the kind of stability they require before investing real capital in development. Serious Company A isn't going to allow itself to be held at the whim of another (potentially rival) company, in this case Apple.
To be honest, this is one of the reasons I refuse to purchase an iPod Touch. As a software developer, I find Apple's practices so anti-developer I want nothing to do with the platform. I understand the need for control of the application store, but the locked nature of the device itself (which includes a remote kill-switch) is just going too far.
A bank in Australia begins to get suspicious if there are 10 logins from Russia, if they are from the same IP and using different accounts that gets flagged pretty quickly.
As I pointed out in another post, you are completely missing the point that the malware is running on your computer. The attacker doesn't need to access your bank from Russia, or even from a different IP address. They can just as easily access it from your own computer and your own IP address -- even using your own browser if they want to.
Do you really think the people authoring and operating malware as sophisticated as this are going to be thwarted by something as mundane as checking an IP address? Not likely.
Slashdot Mirror
and teleportitis without TC.
Oooh, I remember when Lieutenant Barclay got that. Pretty nasty stuff.
Just have them coalesce your pattern through the transient bypass buffer a few times. That should sort you out.
This is great! Now all the users that really wanted a different browser finally will be able to get one!
(And all users that don't care or don't understand will pick something at random, from a list of up to 12 (!) different browsers, is going to make life interesting for developers again now that we finally were seeing IE6 starting to disappear :)
Ah, yes. Now instead of needing to realistically support 3 major browsers, web developers will need to make sure they completely support 12 (!) browsers. The distribution of these 12 (!) will probably begin to even out as well since most users are just going to pick one at random since the average user does NOT read dialog boxes. They just click until it goes away.
All this decision will do is increase the number of those retarded "This webpage does not support your browser. Go get a real browser to view this site!" messages.
This will NOT help web developers in any way. IE6 may have been evil, but at least it was an evil we knew and understood. That is much better than 12 (!) unknowns.
Noone is forcing Microsoft to do anything, but if they want to be a part of the EU market they will have to abide by its laws.
So your answer to someone saying "The government is violating our rights" is to say "They make the rules, leave if you don't like it."
Wow. Governments just love people like you.
The really amazing thing about jet engines [...]
I was reading some Wiki articles on Boeing's jets and saw that the Boeing 777 uses the General Electric GE90 turbofan engine. These machines are sheer marvels of technology and engineering. In addition to being the largest, the most powerful, and the longest ranged jet engine in the world, here are two facts I found particularly amazing:
And there are two of these engines on every 777. Just... wow.
Because it's a sane method of delivering software, which is becoming widely used (i.e. Steam, iTunes Store, etc) vs the traditional "Herpes" model used by Windows?
Yes, software repositories are all nice and fuzzy until you want to install a new (or old) version of a program which is not in the repository. Now you get to install it by hand which causes two problems: all related libraries may have to be upgraded or downgraded, and you've completely broken your package-managed system, putting you in a state of limbo that is worse than either all-packages (Linux) or no-packages (Windows). Any future changes you make by using the repository have a good chance of breaking that manual install.
While I see the advantages to repositories, I also see the disadvantages. That's part of not being a fanboy (that, and not throwing around meaningless comments like "herpes model"). At least on Windows I can download software directly from the publisher (no unknown middleman) and install it using their installer (not some broken "patched" installer -- Debian-branded OpenSSH anyone?). If the program requires some special version of a library it can be contained in the installer and installed if needed without disrupting the rest of my system.
Is installing common, generic software easier with a repository? Yes, probably. Is installing specific (or even just newest) versions all software easier with a repository? Certainly not. I like the fact that the version of Windows I might run has no bearing on the versions of Firefox, Office, Eclipse, PHP, etc that I can run (within reason obviously - some things won't run on old systems of a vastly different architecture).
What I don't understand is why people aren't still ripping Microsoft for this. They make software with an exploit that can prevent your PC from booting
You're kidding, right? Go rm -rf /etc, /boot, /etc/password, or /etc/shadow and see what happens.
I don't understand why people aren't ripping on these stupid Linux distributions have such easily exploitable flaws!
Users with root/administrative privileges can preform (directly or via a software proxy) destructive actions to their operating system. This is not an exploit, it is by design.
That would be comparable to the US having horrible fiscal responsibility and then caring about other countries fiscal responsibility.
Oh, I see, I must have missed the point in the conversation when the fiscal policies of either nation were being discussed. You don't mind pointing that out, do you?
He brought that up as part of the "argument" just so he could bash the US (whether deserved or not isn't relevant) via the implied conclusion. That's a straw man.
Yeah I had that same thought. The Chinese have as much standing to complain about IP violations as the United States has to lecture on fiscal responsibility.
Wow, a blatant strawman like that gets +5 Insightful on Slashdot these days?
The GP said he was surprised that China (a country that typically ignores IP) ruled against Microsoft's (alleged) IP violation. You respond by saying you are surprised the US is lecturing on fiscal responsibility. The problem is that nobody here is even discussing Chinese or US fiscal policies.
You set up the fiscal strawman just so you could knock it down and look smart. The sad thing is that the mods bought it.
No post about polygraphy is complete without a link to antipolygraph.
For anyone interested, the site has a lot of great information, including a free book that goes into intimate details regarding how polygraphs are operated and how their results are interpreted to mean either "truth" or "lies". They even have the operator's handbooks and interpretation guides for giving an examination and information on how to "beat the box".
Very interesting stuff -- doubly so for anyone who might sometime be in a position where taking a polygraph is required for a job or security clearance.
If you were talking about a cost difference of $100 or maybe even $10, I'd understand it
It adds up fast. You also have to include the cost of running the portion of the government assigned to design, test and enforce all these laws being put into place to "protect" the people.
According to that electrical problems cause 67,800 fires, 485 deaths, and $868 million in property losses.
Did you read that page or just pull numbers out of it?
Nothing on that page indicates that shock or property damage has anything to do with touching the exposed wiring of a plug as it is inserted or removed from the wall. Nobody here is saying that nobody ever gets electrocuted or that electrical fires don't happen -- they are saying that very, very few incidents are due to the shape or design of the US plug.
God forbid safety comes before savings.
Why should safety vs savings be immune to a normal cost/benefit analysis?
How many people are significantly (or even mildly) injured due to the design of the standard US plug? How many fewer are injured with the UK plug? Now, how much does it cost a society (taking everything into account, from the cost a table lamp to the cost of a meal at a restaurant which uses appliances with these plugs) to mandate the use the UK plug over the US plug?
Safety over savings is a laudable goal, but taking it too far or removing personal responsibility (for example, by a totalitarian nanny state) can be just as detrimental as having no safety at all.
I'm confused.
This (from TFA and Activision):
Does not equal this (from TFS):
Which one is it (or is it both somehow)? This sounds like a bunch of uproar over a cutscene nobody understands the context of.
Really? Bonuses for individual employees that do great work are more important to you than the greater social good that is potentially created by a fair and balanced taxation system?
Why, yes. While I recognize the need for a certain level of taxes (maintaining infrastructure, financial costs of the government's operation), I would much rather reward and retain individuals that are skilled and industrious workers than distribute that money as a free handout to everyone in the US.
There's a reason we organize into political structures, the common good is one of the key ones.
Maybe for some people (and an excuse for others). Most people just don't want to have to deal with the day-to-day work required to keep society (such as it is) functioning. We pay other people (politicians) to do this for us, which they're happy to do since they are usually the kind of people who enjoy having that power.
When the individual becomes MORE important than the collective you're standing on the precipice of a slippery slope.
And when the collective even thinks about trumping individual rights it's time for revolution, Comrade. There is nothing slippery about this. The reason we're organized as a "collective" is because it benefits the individuals -- military protection, law enforcement, etc. If enough people decide that the costs of maintaining this collective have become too high, it's time to find a better system.
In all of these cases an elite group of individuals *espoused* the importance of the collective good, while simultaneously protecting their own selfish interests.
And that's different than now, how exactly? Sticking with your example of Medicare, do you know anything about the Congressional health care plan? I didn't think so.
I clearly remember the days before CMS and it looked like this
Ha! The planetarium scheduler for the the school I work at has an HTML file she edits in Word to create the current month's calendar. This file has been used for some 2-3 years. Pulling it up right now, it is 682 KB in size and has over 6,000 lines of CSS at the top of the document. Here's a snippet:
The actual body of the document is about 400 lines of the most awful HTML table markup the universe has ever seen.
To see this file in its entirety is a most humbling experience.
because it's a popular CMS and has a lot of people looking through it's code for exploits, it's also a lot more secure
As pointed out, Wordpress easily proves this long-believed mantra false. It's one of the mostly widely used blogging applications and it is consistently in the news for high-profile hacks and exploits. That, and Drupal hardly seems immune.
What's even more interesting is the possibility for intentional security flaws in the code. Interested parties can start submitting patches and changes to the Drupal codebase with inherent flaws. These might even be distributed (module A has a flaw that uses module B's flaw that uses module C's flaw...), which combined with submissions over a series of weeks or months and it seems unlikely they'll be easily spotted.
This is the real downside to using open source code in government applications -- In four months the White House website may be running code written by Chineses (or Russian or whoever) hackers (who may or may not be government employees) for the sole purpose of exploiting the site. Expand this into internally used applications like MediaWiki, Pidgin and it has even bigger implications for intelligence gathering and infiltration.
Major programs like these are big and complex. If the Debian OpenSSH fiasco taught us anything it should be that when you combine big and complex, don't be surprised if those many average eyes are insufficient to catch what the few skilled and experience hands put in the codebase.
Anyway, why Ruby? Not that I have anything against it but really why did they pick Ruby?
Maybe they wanted to emulate that nice slow ka-CHUNK action of the lever-pull voting machines? For that they'd need the absolute slowest popular programming language available. Hence, Ruby.
so if someone does this apple could sue them to death
So Apple is a patent troll? Patenting an idea (even a bad idea) just to keep other people from using it is not what the patent system was designed for. This is the kind of behavior Slashdot normally crucifies companies for, doubly so for trolling software patents.
As somebody who avoids Apple products I hope they are granted the patent and it is vigorously enforced. If a company wants to pursue such amazingly stupid advertising techniques like these, I'd be just fine with having them confined to the Apple product line. (What I find interesting is Steve Jobs being listed as the "inventor". Does he have nothing better to do than sit around and come up with ways to screw over his customers?)
Even better is requiring other companies (who also wish to shoot themselves in the face) to pay to license the technology. Stupid company + expensive licensing fees + lost customers = failed stupid company == the system works.
Somebody has to file a bug against FireFox that plugins/add-ons are even allowed to prevent user from disabling them.
Mark it up as another example of how the Firefox developers don't understand a multi-user, restricted-user environment. It is often desirable to install programs on a machine-wide basis so that all users, regardless of their local security access, can use them. In Firefox, plugins that are installed in this manner cannot be disabled by the user, even if the user has local administrative rights on the computer.
It's the same deal with Firefox's automatic updater allowing normal users to download and try installing browser updates but then failing over and over because the user doesn't have write access to C:\Program Files\Mozilla or the HKLM portion of the registry.
You're setting up a straw man and then knocking it down.
What? Where's the straw man? Don't use phrases until you know what they mean.
motivation to insert some of their technology into Firefox which they can then later withdraw to make Firefox look bad so they could drive users back towards IE
Can I borrow your crystal ball? I'd like to look up stock figures for next year.
disabled the ability of the user to get rid of it
This is a flaw with Firefox, not an intentional act of malice on Microsoft's part. The MS plugins are machine-wide so that all the users of a computer can use them, however machine-wide browser plugins cannot be removed via the Firefox user interface.
He is not a real person anyhow, but a member of Microsoft's psy-op team, spreading disinformation.
If that's the case them I'm short a paycheck or two.
The real story can be found on the Mozila discussion board.
Funny, that's the exact same link I posted!
Fundamentally, Microsoft introduced a security risk into Firefox with these add-ons. That risk came to fruition and thus Mozilla closed the risk entirely.
Yes, and nuking New York City would take care of the rat problem. The issue is most logical people wouldn't see that as a valid solution. Of course, in this case it would be more like nuking New York City to get rid of the rats, but doing it after somebody else has already safely killed off 90% of the rat population.
If it's not 100% then it's vulnerable and hence the block.
So you suggest that punishing all users for a few users is a good idea?
Mozila suggests that if you are one of the very small minority that need this software [...] then you request Microsoft to write a clean version completely free of this and Mozilla can allow that through.
There is so much wrong with this.
- Assuming very few people use a program just because you don't is a bad idea.
- Microsoft should write the software to be free of what?
- So now Mozilla is dictating what software users are and are not allowed to use? Super idea there.
Really, part of the problem is the mechanism that Firefox uses with regards to system-wide extensions. It is a flaw in the browser that these kinds of extensions are not allowed to be removed by the user. It's common for system admins or software vendors to need to install something that everybody using the computer can use, not just a single user. The idea of a multi-user, restricted-user environment seems completely foreign to the Firefox developers (see Firefox's automatic update feature for another example, it will try to let a non-admin user install updates and then fail over and over and over...). While not the reason for this problem, it is the reason that users have a difficult time removing the .NET extensions for Firefox.
Microsoft have embraced Firefox by writing software for it, Extended it's functionality to add support for their own proprietary "standards"
False. How is this different than Adobe writing Flash plugin software for Firefox? Adobe Flash is proprietary and contains a lot of their own "standards". Many, many more businesses currently rely on Adobe's Flash than do on Microsoft's XAML WPF apps. If the Mozilla team blacklisted Flash tomorrow, how many people would that piss off? How many would switch back to IE or Opera?
and now they are trying to extinguish Firefox by forcing Mozilla to remove a plugin that some users have come to rely on.
False. There was a security flaw in the Microsoft plugin for Firefox. This isn't debated. However, it was the Mozilla team that decided to block the plugin software, not Microsoft. Microsoft has already released a patch for the flawed programs. I'm not seeing any "extinguish" involved here.
If microsoft were serious about adding functionality to Firefox then they would have contributed source code to this open source project.
False. The hundreds or thousands of plugins and extensions for Firefox (popular ones include Flash, PDF support [from dozens of vendors], audio/video support, etc) show this to be misguided and invalid thinking.
All the addon did was to add a piece of text in useragent that told the website .NET version. How do you manage to fuck up that?
For anyone curious as to the real state of affairs behind this MS plugin issue, you might be interested in a few things. For everyone else just enjoying a good anti-Microsoft circle-jerk, ignore this post.
The plugins being discussed do more than just change the User Agent of the browser. They allow for XAML applications to run in Firefox and ClickOnce program distribution. For everyone that normally cries about Microsoft pushing IE and trying to lock users into their browser, this is an attempt to allow people to use an alternative browser while still having access to their other Microsoft-centric technologies (.NET in this case). Isn't this a good thing?
This is the bug in question. There is a lot of interesting comment there, including the fact that while everyone is crying about Microsoft "secretly" adding the plugin and preventing users from disabling it, Mozilla doesn't even give users an option to enable it! Their blocklist is all or nothing. Why doesn't that bother anyone here? One poster is very insightful:
But perhaps the best thing about this entire issue, is that Mozilla didn't block the plugins until AFTER they were patched and the mechanism of the block is retarded. Mozilla is claiming that Microsoft agreed to issuing the block of the affected plugins, and that might be true, but only to an extent. Mozilla is currently blocking the plugins based on the name of the plugin, not the version, which means users who have installed the patched version of the plugs (at this point almost everyone using Windows Update) are still unable to use the plugins and have no way to re-enable them.
So essentially, by issuing this patch, Mozilla is doing nothing but hurting its business customers. Slashdotters can scratch their heads trying to figure out who uses these technologies, but the answer is a lot of businesses do. This absolute, non-scriptable and non-changeable block of these plugins will just remind corporations that open source isn't ready for the big leagues and they should just stick with Microsoft and IE. The sad thing is that if this kind of knee-jerk, carte-blanche blocking behavior becomes the norm for Mozilla, they will probably be right! Taking this kind of control away from the users is simply unacceptable, doubly so for businesses.
If you're wondering what MS says about this, you might take a look at this:
So there it is -- pretty much everyone
Surprise surprise: programming for the iPhone is as lucrative as programming for any other platform.
At least with most other platforms you know in advance if your target audience will even be able to run your program. And then, even if your program is accepted, every day is another day that Apple can revoke your program for any reason they care to make up -- essentially rendering it meaningless.
Windows Mobile may be an inferior platform, but at least it can run whatever you want, whenever you want, for as long as you want. For real software companies, this is the kind of stability they require before investing real capital in development. Serious Company A isn't going to allow itself to be held at the whim of another (potentially rival) company, in this case Apple.
To be honest, this is one of the reasons I refuse to purchase an iPod Touch. As a software developer, I find Apple's practices so anti-developer I want nothing to do with the platform. I understand the need for control of the application store, but the locked nature of the device itself (which includes a remote kill-switch) is just going too far.
A bank in Australia begins to get suspicious if there are 10 logins from Russia, if they are from the same IP and using different accounts that gets flagged pretty quickly.
As I pointed out in another post, you are completely missing the point that the malware is running on your computer. The attacker doesn't need to access your bank from Russia, or even from a different IP address. They can just as easily access it from your own computer and your own IP address -- even using your own browser if they want to.
Do you really think the people authoring and operating malware as sophisticated as this are going to be thwarted by something as mundane as checking an IP address? Not likely.