Most porn sites flash the single picture up and then show only the text of the image (usually the URL).
Works for me on most porn sites. I've used Mozilla for all of my porn browsing since about 0.9.6 but for other things only since 0.9.8 or 0.9.9. Can you give me a URL that breaks in the way you describe so I can find out what's happening? Give me the URL for an html page, not for an image, and tell me which link to click.
Example? In writing bookmarklets that take advantage of DOM2 and CSS, I've found that I crash Opera 20% of the time, IE 10% of the time, and Mozilla 5% of the time. Netscape 4 doesn't crash because it doesn't even try to support the DOM2 functions I use.
I have two domains registered at register.com, and I got a similar letter from Verisign. My parents opened the letter but luckily just kept it for me to look at when I got home. I looked at it for a minute before I saw the Verisign logo, and if I hadn't known from reading Slashdot that Verisign tends to do sneaky things, I might have fallen for the trap anyway.
I'd be interested to see if other companies promoting new development tools will use a similar strategy. For example, Intel might pick a well-known open-source project and show that their compiler makes the program run considerably faster than it does under gcc or msvc.
That's interesting. I think we can then say that we are no longer allowed to bitch about Microsoft proposing mandates regarding the same kind of behavior. When Microsoft wants to hide an exploit, we all cry foul. When OSS vendors do it, it's cooperation for the sake of security. Double standard?
Perhaps, but not as severe a double-standard as you say.
* The open-source world called the zlib bug a "vulnerability" and fixed it even no exploit other than a simple DoS had been developed. It makes sense for server software to want to be free of remotely exploitable crashes, but even complex client software like Mozilla (which doesn't try to hide the fact that it sometimes crashes) rushed to fix the bug despite the absense of a larger exploit.
* Red Hat, Mozilla, etc. all announced the fix at the same time, at the same time they made the security hole became public. I can get a rough idea of what's going to be on windowsupdate.microsoft.com for the next few weeks by reading http://jscript.dk/unpatched/, a page that lists known, unpatched IE security holes.
* Commercial products have to be tested before a release, which takes time, and releasing a new version is more expensive for them than simply posting a patch or including the patch in a planned nightly/monthly release. You might notice that Netscape has not (yet) released a 6.2.2 fixing the zlib bug.
Similarly, Bugzilla is not Slashdot. If you're just ranting about a known bug, please do so here, especially if the bug already has a lot of comments:)
It's not accurate to say the vulnerability was discovered "just a few hours" ago. I got an e-mail from a Mozilla security list on Feb. 19 with the subject "serious zlib vulnerability". The first line of the message was "It's very important that this doesn't leak out until after March 11th, when vendors should have fixes available." If you look at the references from Red Hat's page about the vulnerability, you'll see documents with dates like 2/5 and 2/7.
Asa informs me that the zlib bug and its announcement on Slashdot today didn't influence the decision to release Mozilla 0.9.9 today. He was already planning to release today, and since the zlib vulnerability was made public this morning, it made sense for the release notes to mention that it is fixed in this build.
If Mozilla is now good enough to recommend to your non-geek friends, why do you say "Mozilla's so close" in your subject? What is it close to?
Re:Cross Platform Performance Improving
on
Mozilla 0.9.9 Released
·
· Score: 2, Informative
If you open and close browser windows often, and don't want to keep track of whether the window you're about to close is the last one, it makes sense to use Quick Launch to keep Mozilla from exiting completely when you close the last window. If you always keep (at least) one browser window open, then Quick Launch only borrows from the time it takes to start up your OS, so there's little point in using it. I don't see why it should matter whether you're using Windows or Linux.
The release after 0.9.9 will be 1.0, but it's possible that 1.1 alpha will be released before 1.0. If that happens, I'd expect to see a "1.0 beta" or "1.0 release candidate" before 1.1 alpha. (See the Mozilla Development Roadmap for more.)
I hope the reputation of the phrases like "This site is AOL-friendly" and "AOL users click here" doesn't slow web developers from making their sites compatible with Mozilla. I still see sites complain about the "AOL browser's" weak support for png, so I hope AOL can find a way to prevent web developers from confusing the ancient AOL browser with a Gecko-based AOL browser (embedded Mozilla).
If the URL for a search engine changed, they could always update their fwd script and prevent users from going to a broken page
Google would never break old URL patterns for searches. There are zillions of forms pointing at Google search, as well as links to specific queries. Heck, I even have a Google form on my start page.
I'd be more worried about the impact on search speed from the redirects than about the fact that Netscape sees the search terms. Either way, I prefer Opera's strategy of adding "&sourceid=opera" to searches from the search box in the browser's toolbar. Given Google's reputation, Netscape shouldn't have any trouble letting Google count for them.
"Moot point" is another phrase that often irks me, since so many people use it as if it meant "irrelevant" instead of (correctly) using it to mean "arguable either way."
m-w.com gives both definitions. Dictionary.com's copy of American Heritage gives both definitions, followed by a usage note that says that the Usage Panel was divided roughly evenly on whether it was appropriate to use "moot" to mean "irrelevant". Several other dictionaries on dictionary.com leave out this disputed definition. My copy of The M-W Dictionary of English Usage says "this sense has become as firmly fixed in general English as it is in legal English" but does not recommend or recommend against the new use.
* Not have anything like DMCA or WIPO treaty (sorry, USA)
* Strong crypto is legal (sorry, France)
* Not have pro-censorship laws (sorry, Germany, Australia, USA)
* Not have weird libel laws (sorry, UK)
* Searches and siezures only done with a warrant (sorry, USA)
* Not take Scientologists and their kind seriously (sorry, USA)
What are you selling? Devices to circumvent encryption on Scientology documnets? (I assume you're selling something because you want strong crypto.)
Plus, language is relatively simple and has quite a patterns compared to an encrypted stream that runs through many different circuits before popping out the other end.
I'd have to disagree with you there. An encryption algorithm can be described in a page of text or two lines of perl code; a language can be described approximately by a fat book. An encryption algorithm can be broken by a high school student, languages require large teams to understand.
Right you are - a very strange browser cache problem. It was there when I went to the page originally and I even downloaded the source code. A shift reload cleared it all up (normal reload didn't).
What browser are you using? If a normal reload doesn't validate frames with an If-Modified-Since, that's a bug.
I learned about thinkgeek through slashdot banner ads and later returned to look for a gift. I bought a shirt that wasn't advertised directly on slashdot.
What are the New Account Bonus requirements? To receive the $5 New Account Bonus, U.S. members must verify their account, add $250 by electronic funds transfer, and sign up for our Money Market Reserve Fund to start earning a return on their money.
Raise or lower windows; What is this? I really can't imagine that it is what it says, 'cause I don't see any purpose. Anyway - as with the previous point - I appreciate your effort in helping me, but I would rather do this myself. This time and forever.
It corresponds to the javascript function window.focus(). On Windows 98, that brings a window to the front, makes its titlebar blue, and directs keyboard commands to that window.
Window.focus() used almost exclusively in two situations: 1. Immediately after opening a window, focus the old window (only pop-under ads). 2. Immediately after opening a window, focus the new window (pop-up ads and useful windows). I don't know why sites do this, since it seems unnecessary, but many do.
If you've disabled "open unrequested windows", I recommend that you enable "raise and lower windows" so sites using #2 legitimately don't encounter a javascript error when they try to focus the window they just opened.
Once bug 117707 is fixed, window.focus() will do nothing instead of halting javascript execution when you have it disabled.
Konqueror has something called "smart popup policy"... This will only allow popups, that are activated either by mouse clicks or key operations.
That's essentially what unchecking Mozilla's "allow scripts to open unrequested windows" option does. Thanks for pointing that out, though; I didn't know Konq had a similar feature.
For some reason that setting broke an applicaiton I was working on that uses "requested" (onClick) popup windows.
That sounds like a Mozilla bug. Please file a bug and include a small bit of code that demonstrates the problem. Also, I'd appreciate it if you would reply to this comment with the bug number.
If you have Audiogalaxy give you a list of artists while searching, each one will have "People who liked this band also liked...". I don't know if it has a feature that looks at everything you have and tries to make a suggestion specifically for you. I'm not sure that would work very well though... what do you think it would suggest after looking through my collection of celtic music and sci-fi filk?
Why not just use anti-cracking laws, laws against denial of service attacks, and laws that require (some?) sites to be reasonably usable by a blind person? Note that none of these laws are really "new" or specific to the tech world: there are "real-world" laws against breaking and entering with the intent to steal, breaking other people's toys, and building a store that is unnecessarily difficult for disabled people to navigate.
Slashdot Mirror
Most porn sites flash the single picture up and then show only the text of the image (usually the
URL).
Works for me on most porn sites. I've used Mozilla for all of my porn browsing since about 0.9.6 but for other things only since 0.9.8 or 0.9.9. Can you give me a URL that breaks in the way you describe so I can find out what's happening? Give me the URL for an html page, not for an image, and tell me which link to click.
Jesse
Member, Pornzilla project
Sigh, too bad that JS still crashes it!
Example? In writing bookmarklets that take advantage of DOM2 and CSS, I've found that I crash Opera 20% of the time, IE 10% of the time, and Mozilla 5% of the time. Netscape 4 doesn't crash because it doesn't even try to support the DOM2 functions I use.
I have two domains registered at register.com, and I got a similar letter from Verisign. My parents opened the letter but luckily just kept it for me to look at when I got home. I looked at it for a minute before I saw the Verisign logo, and if I hadn't known from reading Slashdot that Verisign tends to do sneaky things, I might have fallen for the trap anyway.
I'd be interested to see if other companies promoting new development tools will use a similar strategy. For example, Intel might pick a well-known open-source project and show that their compiler makes the program run considerably faster than it does under gcc or msvc.
That's interesting. I think we can then say that we are no longer allowed to bitch about Microsoft proposing mandates regarding the same kind of behavior. When Microsoft wants to hide an exploit, we all cry foul. When OSS vendors do it, it's cooperation for the sake of security. Double standard?
Perhaps, but not as severe a double-standard as you say.
* The open-source world called the zlib bug a "vulnerability" and fixed it even no exploit other than a simple DoS had been developed. It makes sense for server software to want to be free of remotely exploitable crashes, but even complex client software like Mozilla (which doesn't try to hide the fact that it sometimes crashes) rushed to fix the bug despite the absense of a larger exploit.
* Red Hat, Mozilla, etc. all announced the fix at the same time, at the same time they made the security hole became public. I can get a rough idea of what's going to be on windowsupdate.microsoft.com for the next few weeks by reading http://jscript.dk/unpatched/, a page that lists known, unpatched IE security holes.
* Commercial products have to be tested before a release, which takes time, and releasing a new version is more expensive for them than simply posting a patch or including the patch in a planned nightly/monthly release. You might notice that Netscape has not (yet) released a 6.2.2 fixing the zlib bug.
Similarly, Bugzilla is not Slashdot. If you're just ranting about a known bug, please do so here, especially if the bug already has a lot of comments :)
It's not accurate to say the vulnerability was discovered "just a few hours" ago. I got an e-mail from a Mozilla security list on Feb. 19 with the subject "serious zlib vulnerability". The first line of the message was "It's very important that this doesn't leak out until after March 11th, when vendors should have fixes available." If you look at the references from Red Hat's page about the vulnerability, you'll see documents with dates like 2/5 and 2/7.
Asa informs me that the zlib bug and its announcement on Slashdot today didn't influence the decision to release Mozilla 0.9.9 today. He was already planning to release today, and since the zlib vulnerability was made public this morning, it made sense for the release notes to mention that it is fixed in this build.
If Mozilla is now good enough to recommend to your non-geek friends, why do you say "Mozilla's so close" in your subject? What is it close to?
If you open and close browser windows often, and don't want to keep track of whether the window you're about to close is the last one, it makes sense to use Quick Launch to keep Mozilla from exiting completely when you close the last window. If you always keep (at least) one browser window open, then Quick Launch only borrows from the time it takes to start up your OS, so there's little point in using it. I don't see why it should matter whether you're using Windows or Linux.
The release after 0.9.9 will be 1.0, but it's possible that 1.1 alpha will be released before 1.0. If that happens, I'd expect to see a "1.0 beta" or "1.0 release candidate" before 1.1 alpha. (See the Mozilla Development Roadmap for more.)
I hope the reputation of the phrases like "This site is AOL-friendly" and "AOL users click here" doesn't slow web developers from making their sites compatible with Mozilla. I still see sites complain about the "AOL browser's" weak support for png, so I hope AOL can find a way to prevent web developers from confusing the ancient AOL browser with a Gecko-based AOL browser (embedded Mozilla).
If the URL for a search engine changed, they could always update their fwd script and prevent users from going to a broken page
Google would never break old URL patterns for searches. There are zillions of forms pointing at Google search, as well as links to specific queries. Heck, I even have a Google form on my start page.
I'd be more worried about the impact on search speed from the redirects than about the fact that Netscape sees the search terms. Either way, I prefer Opera's strategy of adding "&sourceid=opera" to searches from the search box in the browser's toolbar. Given Google's reputation, Netscape shouldn't have any trouble letting Google count for them.
"Moot point" is another phrase that often irks me, since so many people use it as if it meant "irrelevant" instead of (correctly) using it to mean "arguable either way."
m-w.com gives both definitions. Dictionary.com's copy of American Heritage gives both definitions, followed by a usage note that says that the Usage Panel was divided roughly evenly on whether it was appropriate to use "moot" to mean "irrelevant". Several other dictionaries on dictionary.com leave out this disputed definition. My copy of The M-W Dictionary of English Usage says "this sense has become as firmly fixed in general English as it is in legal English" but does not recommend or recommend against the new use.
* Not have anything like DMCA or WIPO treaty (sorry, USA)
* Strong crypto is legal (sorry, France)
* Not have pro-censorship laws (sorry, Germany, Australia, USA)
* Not have weird libel laws (sorry, UK)
* Searches and siezures only done with a warrant (sorry, USA)
* Not take Scientologists and their kind seriously (sorry, USA)
What are you selling? Devices to circumvent encryption on Scientology documnets? (I assume you're selling something because you want strong crypto.)
Plus, language is relatively simple and has quite a patterns compared to an encrypted stream that runs through many different circuits before popping out the other end.
I'd have to disagree with you there. An encryption algorithm can be described in a page of text or two lines of perl code; a language can be described approximately by a fat book. An encryption algorithm can be broken by a high school student, languages require large teams to understand.
Right you are - a very strange browser cache problem. It was there when I went to the page originally and I even downloaded the source code. A shift reload cleared it all up (normal reload didn't).
What browser are you using? If a normal reload doesn't validate frames with an If-Modified-Since, that's a bug.
I learned about thinkgeek through slashdot banner ads and later returned to look for a gift. I bought a shirt that wasn't advertised directly on slashdot.
the number of comments written by people like you and I
What were you saying about editing skills?
http://www.paypal.com/cgi-bin/webscr?cmd=p/gen/bon us-faq-outside
What are the New Account Bonus requirements?
To receive the $5 New Account Bonus, U.S. members must verify their account, add $250 by electronic funds transfer, and sign up for our Money Market Reserve Fund to start earning a return on their money.
Raise or lower windows; What is this? I really can't imagine that it is what it says, 'cause I don't see any purpose. Anyway - as with the previous point - I appreciate your effort in helping me, but I would rather do this myself. This time and forever.
It corresponds to the javascript function window.focus(). On Windows 98, that brings a window to the front, makes its titlebar blue, and directs keyboard commands to that window.
Window.focus() used almost exclusively in two situations:
1. Immediately after opening a window, focus the old window (only pop-under ads).
2. Immediately after opening a window, focus the new window (pop-up ads and useful windows). I don't know why sites do this, since it seems unnecessary, but many do.
If you've disabled "open unrequested windows", I recommend that you enable "raise and lower windows" so sites using #2 legitimately don't encounter a javascript error when they try to focus the window they just opened.
Once bug 117707 is fixed, window.focus() will do nothing instead of halting javascript execution when you have it disabled.
Konqueror has something called "smart popup policy"... This will only allow popups, that are activated either by mouse clicks or key operations.
That's essentially what unchecking Mozilla's "allow scripts to open unrequested windows" option does. Thanks for pointing that out, though; I didn't know Konq had a similar feature.
For some reason that setting broke an applicaiton I was working on that uses "requested" (onClick) popup windows.
That sounds like a Mozilla bug. Please file a bug and include a small bit of code that demonstrates the problem. Also, I'd appreciate it if you would reply to this comment with the bug number.
If you have Audiogalaxy give you a list of artists while searching, each one will have "People who liked this band also liked...". I don't know if it has a feature that looks at everything you have and tries to make a suggestion specifically for you. I'm not sure that would work very well though... what do you think it would suggest after looking through my collection of celtic music and sci-fi filk?
Why not just use anti-cracking laws, laws against denial of service attacks, and laws that require (some?) sites to be reasonably usable by a blind person? Note that none of these laws are really "new" or specific to the tech world: there are "real-world" laws against breaking and entering with the intent to steal, breaking other people's toys, and building a store that is unnecessarily difficult for disabled people to navigate.