...they really should take into account severity, time until a fix was avaliable (from the time of discovery and not just disclosure to the public) and if the vulnrability was actually IN the OS or whether it was a third party app. Then perhaps the total numbers will start being a little more helpful.
" How many copyrights do most people own? If you guessed "none", you'd be right."
Um...no. Anybody who has *ever* written a school paper (without plagerising the whole thing) holds a copyright, anyone with a blog holds lots of copyrights, just use your common sense to find more examples.
I myself hold dozens of copyrights. Every essay, paper or blog entry I've ever written counts as copywrighted material. Now, how many copyrights do most people own? If you guessed "none", you'd be dead wrong.
Holy crap! Does that mean I'm a pre-op transexual because I'm not actually male and I use linux? My ruddy parents have been lying to me all this time! Dammit.
How come this is modded as flamebait? Wikipedia is *not* a reliable source of information. It is a very good place to start researching a topic but any information needs to be confirmed with a second, external source.
Wikipedia is very useful and I use it myself for papers and research projects but it shouldn't be considered solid due to it's changable nature (articles get updated all the time, people can post wrong information etc).
By all means use wikipedia as an information resource, but also make sure that you another source that validates the information.
I'm not sure why they can't do both. Perhaps journals could publish papers on the internet *after* they've been published in the paper jounal.
Also, it seems to me that there are still a very healthy number of people buying newspapers even though much of the news is freely avaliable online from various sites.
It *is* kind of security through obscurity. Disclosures a Good Thing. It gives the heads up to the people who have to manage this stuff. However, no usable exploit or even full details should be released until the company (this time MS) has had time to fix the problem and issue a patch (unless they're being lazy and unco-operative). The users need to know if there's a problem, just incase a malicious person notices the same vulnrability.
"He also pays the copyright holders that paricipate in his server. On top of that, he requires a fee to use his service."
Yes, the service is called Safari. The fee is because you can download entire books (which is also why the authors are payed). Google isn't planning on doing this. They just want books to be searchable without showing the user the entire book. Google and O'Reilly arn't doing the same thing. If you want to wander over to safari.oreilly.com and search through the books that you *could* have access to for a fee then you can do so. THAT is more like what google is trying to do. Let you search books without having full access to them, which is IMHO a very nice idea.
Why are google and Tim wrong? They want to enable people to search books to see if they contain useful information before they go out and buy them. Kind of like flicking through a copy of the book at the bookstore.
Seems to me the main problem is the number of problems. You have the input method problem, the screen size problem, the compatable periferal problem, the external storage problem and the performance problems.
All in all mobiles phones are small, (relatively) slow, vendor specific computers. I'd prefer to wait until laptops become smaller and more conveniant (or PDA's become a little more powerful) than wait for mobile phones to become usable as everyday personal computers:-\
I have a feeling it's more about control than money. As things stand at the moment Microsofts control over the market *is* making it a lot of money, but it's this issue with control that may well end up loosing them market share. It seems that as more people get annoyed with the whole vender lock-in thing more people are going to be looking for alternatives. It's a shame that Microsoft are having such a hard time letting go of an aging business scheme. They *could* be looking for ways to get ahead of the game (supporting some open standards) and let it help them continue to grow. If they gave support for the OpenDocument format I'd be willing to bet Mass would keep MS Office around AND Joe Public wouldn't be tipped off that they can use a free alternative (such as OO). Fighting OD is going to give it a whole lot of publicity that it wouldn't otherwise get.
Hmmm...but FF *isn't* as secure as many people believed. The fansboys, for example, acted like it was bugless and totally secure (which no software is).
I LIKE the way all of these problems are being found (and fixed). It means they're not there anymore. Provided the FF devs don't put too much fluff into future releases it'll also mean a better browser which is good for everybody.
Read the update notes. They'll tell you the best (and most reliable) way to get that 10.1 install over to 10.2.
I know the above poster suggested swaret, which is pretty nice, but for a version upgrade (and not just a few packages) I'd recommend reading the upgrade notes and following the instructions there.
But they DO give something useful back to society. They get some kids out into the open air doing something physical. Skateboarding (at a decient level) tends to require an amount of physical fitness, meaning kids doing it are less likely to be lounging around getting really fat and watching TV the whole time.
"I think that in the long run, encouraging the sort of person that decides jumping the Great Wall on a skateboard is doable will benefit society in the long run.":-)
What would you think of an applicant that had done work on a successful (ie. known and respected) OSS project? Would this be enough (along with any code snippets etc like you suggested) to impress you as a propestive employer? Or is working on an OSS project for experience not really worth the time and trouble?
I'm just asking as I was thinking of going along this route to get that all important experience that most employers demand.
Personally I'd say 2 weeks until I'd release a public notice that there IS a bug in programX and whether or not it can be exploited remotely or locally (or both). That'd be about it, no details, just a warning to system admins (and savvy users) that there's a problem with that program. Then I'd continue communicating with the person(s) responsible for patching the thing and wait until they've (a) Got a patch out or (b) are refusing to do what they should be doing (fixing it) before releasing any further details about the problem.
Exactly. If somebody else manages to get your PIN the banks are likely to tell you that you have been negligent and must deal with it.
The other problem with chip and pin cards is that the theif no longer has to go off and practice your sig anymore (giving you more time to notice your cards gone). They can just enter a number and be done with it.
I wouldn't exactly consider myself "videogame design elite" (more a casual gamer) but I can see the problem. There seem to be more games produced today that at any other time and they're all getting a little "samey". I'm far from saying that there isn't ever anything new or innovative, IMHO there is but the gaps are getting bigger.
I absolutely love it when I find something that's unlike other games I've played. The games industry needs less formula copying and more creating. If they don't they won't collapse but they'll get stale and that's not good for anyone involved.
Im sure if you transferred the data off of those reels and posted them on the internet or another (modern) media GP could find something to read those EBCDIC-encoded files just fine. Heck, GP could even do the conversion here
How come you didn't try another alternative? There are a few out there (although I can only think of opera right now) that might suit you a little better.
Unfortunatly I don't know the capabilities of anything that's not IE or firefox but I'm sure you could find some sort of compromise.
Perhaps to get people who only know how to use IE using firefox with the minimum of fuss. If they don't know it's not IE they won't complain and they'll get better security thrown in as a bonus. IMHO it'd be a great little plug in.
Slashdot Mirror
...they really should take into account severity, time until a fix was avaliable (from the time of discovery and not just disclosure to the public) and if the vulnrability was actually IN the OS or whether it was a third party app. Then perhaps the total numbers will start being a little more helpful.
" How many copyrights do most people own? If you guessed "none", you'd be right."
Um...no. Anybody who has *ever* written a school paper (without plagerising the whole thing) holds a copyright, anyone with a blog holds lots of copyrights, just use your common sense to find more examples.
I myself hold dozens of copyrights. Every essay, paper or blog entry I've ever written counts as copywrighted material. Now, how many copyrights do most people own? If you guessed "none", you'd be dead wrong.
Holy crap! Does that mean I'm a pre-op transexual because I'm not actually male and I use linux? My ruddy parents have been lying to me all this time! Dammit.
Try and remember, minority != non-existant.
How come this is modded as flamebait? Wikipedia is *not* a reliable source of information. It is a very good place to start researching a topic but any information needs to be confirmed with a second, external source.
Wikipedia is very useful and I use it myself for papers and research projects but it shouldn't be considered solid due to it's changable nature (articles get updated all the time, people can post wrong information etc).
By all means use wikipedia as an information resource, but also make sure that you another source that validates the information.
I'm not sure why they can't do both. Perhaps journals could publish papers on the internet *after* they've been published in the paper jounal.
Also, it seems to me that there are still a very healthy number of people buying newspapers even though much of the news is freely avaliable online from various sites.
It *is* kind of security through obscurity. Disclosures a Good Thing. It gives the heads up to the people who have to manage this stuff. However, no usable exploit or even full details should be released until the company (this time MS) has had time to fix the problem and issue a patch (unless they're being lazy and unco-operative). The users need to know if there's a problem, just incase a malicious person notices the same vulnrability.
"He also pays the copyright holders that paricipate in his server. On top of that, he requires a fee to use his service."
Yes, the service is called Safari. The fee is because you can download entire books (which is also why the authors are payed). Google isn't planning on doing this. They just want books to be searchable without showing the user the entire book. Google and O'Reilly arn't doing the same thing. If you want to wander over to safari.oreilly.com and search through the books that you *could* have access to for a fee then you can do so. THAT is more like what google is trying to do. Let you search books without having full access to them, which is IMHO a very nice idea.
Why are google and Tim wrong? They want to enable people to search books to see if they contain useful information before they go out and buy them. Kind of like flicking through a copy of the book at the bookstore.
BBC news has some piccys and a video. Unfortunatly I think you either need real player or WMP to see it :-\
http://news.bbc.co.uk/1/hi/sci/tech/4288772.stm#
Seems to me the main problem is the number of problems. You have the input method problem, the screen size problem, the compatable periferal problem, the external storage problem and the performance problems.
:-\
All in all mobiles phones are small, (relatively) slow, vendor specific computers. I'd prefer to wait until laptops become smaller and more conveniant (or PDA's become a little more powerful) than wait for mobile phones to become usable as everyday personal computers
Just my 2 cents.
I have a feeling it's more about control than money. As things stand at the moment Microsofts control over the market *is* making it a lot of money, but it's this issue with control that may well end up loosing them market share. It seems that as more people get annoyed with the whole vender lock-in thing more people are going to be looking for alternatives. It's a shame that Microsoft are having such a hard time letting go of an aging business scheme. They *could* be looking for ways to get ahead of the game (supporting some open standards) and let it help them continue to grow. If they gave support for the OpenDocument format I'd be willing to bet Mass would keep MS Office around AND Joe Public wouldn't be tipped off that they can use a free alternative (such as OO). Fighting OD is going to give it a whole lot of publicity that it wouldn't otherwise get.
Hmmm...but FF *isn't* as secure as many people believed. The fansboys, for example, acted like it was bugless and totally secure (which no software is).
I LIKE the way all of these problems are being found (and fixed). It means they're not there anymore. Provided the FF devs don't put too much fluff into future releases it'll also mean a better browser which is good for everybody.
Read the update notes. They'll tell you the best (and most reliable) way to get that 10.1 install over to 10.2.
I know the above poster suggested swaret, which is pretty nice, but for a version upgrade (and not just a few packages) I'd recommend reading the upgrade notes and following the instructions there.
Some sound advice :-) Thanks.
But they DO give something useful back to society. They get some kids out into the open air doing something physical. Skateboarding (at a decient level) tends to require an amount of physical fitness, meaning kids doing it are less likely to be lounging around getting really fat and watching TV the whole time.
:-)
"I think that in the long run, encouraging the sort of person that decides jumping the Great Wall on a skateboard is doable will benefit society in the long run."
What would you think of an applicant that had done work on a successful (ie. known and respected) OSS project? Would this be enough (along with any code snippets etc like you suggested) to impress you as a propestive employer? Or is working on an OSS project for experience not really worth the time and trouble?
I'm just asking as I was thinking of going along this route to get that all important experience that most employers demand.
And to make matters worse he's not been keeping in contact with them to check on the status of the problem.
I think he needs to take a more responsible approach to disclosing security holes instead of rushing off to publish and get his little bit of fame.
The "exploit" doesn't work for me either, I get sent over to google.
The only extensions that I have in your list are adblock and flashblock, neither of which I can imagine being the random fix.
I'm guessing the guy who found the problem didn't bother checking this out very well before he published.
Personally I'd say 2 weeks until I'd release a public notice that there IS a bug in programX and whether or not it can be exploited remotely or locally (or both). That'd be about it, no details, just a warning to system admins (and savvy users) that there's a problem with that program. Then I'd continue communicating with the person(s) responsible for patching the thing and wait until they've (a) Got a patch out or (b) are refusing to do what they should be doing (fixing it) before releasing any further details about the problem.
"Any time my computer does something without my permission"
Luckily this "spyware" doesn't install and run itself under the radar.
Exactly. If somebody else manages to get your PIN the banks are likely to tell you that you have been negligent and must deal with it.
The other problem with chip and pin cards is that the theif no longer has to go off and practice your sig anymore (giving you more time to notice your cards gone). They can just enter a number and be done with it.
I wouldn't exactly consider myself "videogame design elite" (more a casual gamer) but I can see the problem. There seem to be more games produced today that at any other time and they're all getting a little "samey". I'm far from saying that there isn't ever anything new or innovative, IMHO there is but the gaps are getting bigger.
I absolutely love it when I find something that's unlike other games I've played. The games industry needs less formula copying and more creating. If they don't they won't collapse but they'll get stale and that's not good for anyone involved.
Im sure if you transferred the data off of those reels and posted them on the internet or another (modern) media GP could find something to read those EBCDIC-encoded files just fine. Heck, GP could even do the conversion here
"...by switching from a Unix server platform to Linux running on Itanium."
Why are you talking about windows security? They're not using it.
How come you didn't try another alternative? There are a few out there (although I can only think of opera right now) that might suit you a little better.
Unfortunatly I don't know the capabilities of anything that's not IE or firefox but I'm sure you could find some sort of compromise.
Perhaps to get people who only know how to use IE using firefox with the minimum of fuss. If they don't know it's not IE they won't complain and they'll get better security thrown in as a bonus. IMHO it'd be a great little plug in.