You are referring to errors in non-optional non-admin applications in Linux. Gentoo has 7000 packages, but very few of them are required.
This fix is for a required, unremovable application which is embedded into the OS and allows a root of a machine simply by visiting a webpage (since like it or not, most Windows users run with admin priveleges). Imagine if a popular website was defaced with an exploit.
This is what makes it newsworthy.
While I don't doubt that OpenBSD concentrate a lot on security, their claim of "Only one remote hole in the default install, in more than 8 years!" is due to there being no services enabled by default at install time, rather than the quality of the kernel.
creating a non-admin user for web browsing
This assumes that there are no local exploits to promote users to superusers. It is a much better idea to use a secure product, rather than hoping that there are no security vulnerabilities in the Windows kernel.
There have been four security bugs found in Firefox in five months. These bugs were in the PR version, and they still exist in Firefox 1.0. These bugs have been known about for months and they still have not been fixed.
http://secunia.com/product/4227/
Many people go on about how Firefox will fix the bugs within 48 hours or whatever, but according to the statistics at Secunia, this does not appear to be the case.
Since Firefox went 1.0 about 5 months ago, it has received 5 security warnings from Secunia, and none of them have been fixed yet.
http://secunia.com/product/4227/
I hope this rate of fixing security problems will improve soon.
Re:Question to people who donate
on
LokiTorrent vs. MPAA
·
· Score: 2, Insightful
Instead of donating money to people violating the law,
The whole point is to try to prove that they are not violating the law. Let's wait to see what the outcome is first.
I don't know what distibution you are using, but most distributions have a package manager which handles installing/uninstalling of packages automatically, so you don't have to worry about where the files are. A single command will do the job.
From the website, they estimate from the brightness:
H - Absolute Magnitude, a measure of the intrinsic brightness of the object.
Diameter - This is an estimate, based on the absolute magnitude, and assuming a uniform spherical body with visual albedo pV = 0.154. Since the albedo is rarely well determined the diameter estimate should be considered quite rough, but in most cases will be accurate to within a factor of two.
According to the site they are only producing a CD version, but I hope that at some point they will make a DVD compilation with all the games from all the CD releases, plus some more. That would be an impressive DVD.
Hopefully they will have room for fish-fillets on the DVD edition!
And.....
Advisory: [AD_LAB-04006]Microsoft Windows winhlp32.exe Heap Overflow Vulnerability
Class: Design Error
DATE:12/20/2004
Remote: Yes
Vulnerable:
Windows NT
Windows 2000 SP0
Windows 2000 SP1
Windows 2000 SP2
Windows 2000 SP3
Windows 2000 SP4
Windows XP SP0
Windows XP SP1
Windows 2003
Windows XP SP2
Unvulnerable:
UnKnow
Gentoo comes with as little as possible in the default base install. The only packages which are installed are the bare necessities, such as portage, a kernel, a build chain, etc. Nothing is forced upon the user if it is not absolutely essential. Optional packages are easy to install though : emerge vim.
By the time you price a "complete" system, in-store pick-up, no free home delivery, whatever advantage Linux has disappears
How do the features that Linux offers 'disappear' just because some American company chooses to sell PCs with Windows pre-installed? Noone says you can't reformat the harddisk and install the OS of your choice[1]. Admittedly, the installation is the weak point on some Linux distributions.
If Windows had some sort of easy way to back up before installing a patch so that you can revert to a known previous working version (like when you change your resolution or change the registry) then there wouldn't be a problem. Think about how grub works - if the kernel won't boot it uses the last known working kernel.
I haven't heard of any method of making a page disappear from the rankings completely, only of methods of giving pages artificaially high rankings. I doubt that this is due to any form of 'googlebomb'. However I am surprised that Google would do this.
Perhaps they wanted to make a statement about the issue and instead of writing a strongly worded letter to the governement, decided to censor the pages, which creates a lot of commotion and brings more people to talk about it. It made us start talking about it. It certainly is not going to directly increase their profit (unless they were bribed?).
Theft, n. (Law) The act of stealing; specifically, the felonious taking and removing of personal property, with an intent to deprive the rightful owner of the same; larceny.
So, yes, it does mean that it is not theft to photocopy a book.
This does not happen when you download, thus it's not importation.
If this was true, then wouldn't everyone who downloads a copy of a Linux OS and pays for it over the web be entitled to NOT pay importation tax? That seems a little odd to me - importation is more about paying for something than receiving a tangible object that physically crosses a national border. Otherwise I think I should apply for a tax rebate...
Slashdot Mirror
You are referring to errors in non-optional non-admin applications in Linux. Gentoo has 7000 packages, but very few of them are required. This fix is for a required, unremovable application which is embedded into the OS and allows a root of a machine simply by visiting a webpage (since like it or not, most Windows users run with admin priveleges). Imagine if a popular website was defaced with an exploit. This is what makes it newsworthy.
Yes nice and quick. Only took nearly three months!
Release Date: 2004-10-20
http://secunia.com/advisories/12889/
While I don't doubt that OpenBSD concentrate a lot on security, their claim of "Only one remote hole in the default install, in more than 8 years!" is due to there being no services enabled by default at install time, rather than the quality of the kernel.
The source code for the exploit is all there. Use view-source.
creating a non-admin user for web browsing This assumes that there are no local exploits to promote users to superusers. It is a much better idea to use a secure product, rather than hoping that there are no security vulnerabilities in the Windows kernel.
Let me rephrase that....
There have been four security bugs found in Firefox in five months. These bugs were in the PR version, and they still exist in Firefox 1.0. These bugs have been known about for months and they still have not been fixed.
http://secunia.com/product/4227/
Many people go on about how Firefox will fix the bugs within 48 hours or whatever, but according to the statistics at Secunia, this does not appear to be the case.
Since Firefox went 1.0 about 5 months ago, it has received 5 security warnings from Secunia, and none of them have been fixed yet. http://secunia.com/product/4227/ I hope this rate of fixing security problems will improve soon.
Instead of donating money to people violating the law,
The whole point is to try to prove that they are not violating the law. Let's wait to see what the outcome is first.
even with a package manager, you can't even determine how big a given package is! (if you know how to with Portage, I'd like to know)
equery size package
equery is part of gentoolkit
I don't know what distibution you are using, but most distributions have a package manager which handles installing/uninstalling of packages automatically, so you don't have to worry about where the files are. A single command will do the job.
From the website, they estimate from the brightness:
H - Absolute Magnitude, a measure of the intrinsic brightness of the object.
Diameter - This is an estimate, based on the absolute magnitude, and assuming a uniform spherical body with visual albedo pV = 0.154. Since the albedo is rarely well determined the diameter estimate should be considered quite rough, but in most cases will be accurate to within a factor of two.
According to the site they are only producing a CD version, but I hope that at some point they will make a DVD compilation with all the games from all the CD releases, plus some more. That would be an impressive DVD.
Hopefully they will have room for fish-fillets on the DVD edition!
XP SP2 is also vulnerable to at least one of the exploits. See..
Advisory: [AD_LAB-04006]Microsoft Windows winhlp32.exe Heap Overflow Vulnerability
And..... Advisory: [AD_LAB-04006]Microsoft Windows winhlp32.exe Heap Overflow Vulnerability Class: Design Error DATE:12/20/2004 Remote: Yes Vulnerable: Windows NT Windows 2000 SP0 Windows 2000 SP1 Windows 2000 SP2 Windows 2000 SP3 Windows 2000 SP4 Windows XP SP0 Windows XP SP1 Windows 2003 Windows XP SP2 Unvulnerable: UnKnow
110% agree that gentoo's +2%, does not worth the trouble of compiling the whole system -i.e. emerge openoffice, then wait until summer or so.
emerge openoffice-bin
Learn it before you bash it.
>> There already is a site that will break your hash and give you *something* with the same hash, and it takes a couple days.
Can you provide a link please?
Gentoo comes with as little as possible in the default base install. The only packages which are installed are the bare necessities, such as portage, a kernel, a build chain, etc. Nothing is forced upon the user if it is not absolutely essential. Optional packages are easy to install though : emerge vim.
Impossible, huh? Is that a challenge?
By the time you price a "complete" system, in-store pick-up, no free home delivery, whatever advantage Linux has disappears
How do the features that Linux offers 'disappear' just because some American company chooses to sell PCs with Windows pre-installed? Noone says you can't reformat the harddisk and install the OS of your choice[1]. Admittedly, the installation is the weak point on some Linux distributions.
[1] Not yet anyway.
System Restore only works if your computer can boot!
If Windows had some sort of easy way to back up before installing a patch so that you can revert to a known previous working version (like when you change your resolution or change the registry) then there wouldn't be a problem. Think about how grub works - if the kernel won't boot it uses the last known working kernel.
I haven't heard of any method of making a page disappear from the rankings completely, only of methods of giving pages artificaially high rankings. I doubt that this is due to any form of 'googlebomb'. However I am surprised that Google would do this.
Perhaps they wanted to make a statement about the issue and instead of writing a strongly worded letter to the governement, decided to censor the pages, which creates a lot of commotion and brings more people to talk about it. It made us start talking about it. It certainly is not going to directly increase their profit (unless they were bribed?).
I'll give them the benefit of the doubt for now.
This whole way of extracting money from people just reach an unacceptable point here.
And other forms of blackmail are acceptable?
Legally, that means that it isn't theft.
http://dictionary.reference.com/search?q=theftTheft, n. (Law) The act of stealing; specifically, the felonious taking and removing of personal property, with an intent to deprive the rightful owner of the same; larceny.
So, yes, it does mean that it is not theft to photocopy a book.
This does not happen when you download, thus it's not importation. If this was true, then wouldn't everyone who downloads a copy of a Linux OS and pays for it over the web be entitled to NOT pay importation tax? That seems a little odd to me - importation is more about paying for something than receiving a tangible object that physically crosses a national border. Otherwise I think I should apply for a tax rebate...