And what's the market share of Windows these days?
Try to compare apples to apples...
Divide the # of viruses by the user base of the affected platform, see who is ahead at that point. I have no idea, my guess is it's probably fairly even, probably just a little slanted in favor of Linux.
Being associated with OSS and Linux is sexy right now.
Yea, it's really helping everyone on/. get the chicks.
I can see it now:
CowboyNeal:Hi, I'm CowboyNeal, and you are...? Object of Attention:I'm not impressed CN:Allrighty then... so what do you do? OoA:I'm a $1000-an-hour nude model and occasional porn star. What's your job, assuming you have one? CN:I'm working with Linux and Open Source these days. OoA:Really! Hmm... Hey, why don't we go someplace a little more... private.
... can't this fellow just get Freeme or something similar and un-DRM his WM9? Note the third link, this may no longer apply.
Has anyone else tried this to know if you really need to install InterActual? I despise that software, and I see no reason that a Windows Media 9 DRM file would require 3rd party software to work. I could understand if there was some kind of codec to be installed, but the only reason I've ever needed IA is when I wiped my computer and hadn't reinstalled DVD playback software yet.
Will USER directives do what you want automatically? I'm not sure what Apache classifies as CGI, PHP may or may not be included.
User directive
Special note: Use of this directive in <VirtualHost> requires a properly configured suEXEC wrapper. When used inside a in this manner, only the user that CGIs are run as is affected. Non-CGI requests are still processed with the user specified in the main User directive.
Who can specifically give me a reason to switch from A1 to A2 if I'm using PHP? Not that I have control over it on my ISP, but I'm curious as to what A2 adds that I should need, independent of developing in PHP.
For the record, I'm still using Win2k and Office97 @ home because I see no reason to upgrade. I have XP @ work, and it's great, but it's not better enough for me to care.
I agree with the link in the second article, though, that the PHP documentation shouldn't single out A2 unless it also notes compatibility problems with other OS/WS combinations.
And it wasn't made clear, what is the reason that PHP doesn't like multi-threaded mode? It suggests that the programs/libraries that PHP utilizes are not thread-safe, but if PHP is itself multi-threaded, why does it make a difference?
The one thing that MS has as far as development goes is a nice integrated solution with a lot of tools. I have yet to find a free IDE with similiar features.
That is the definition of an Integrated Development Environment, and that is why I have yet to switch to *Linux / *BSD: I don't have something that I can just install and it just works for a development environment. Screw the multi-core CPU and gigs of RAM, just give me a real IDE!
I am an advocate of FOSS on Win32 for just this reason. There are applications that I still have to use that aren't available cross-platform, but if I can start to migrate those same tasks to these open apps (MSO->OOo, IE->Moz, PS->Gimp, Notes->TBird) then at some point I will be able to switch.
Until the business side is satisfied with the options, it simply isn't going to happen. It's not a matter of advocacy, only reality. If Lumbergh has a vital new app, I need a FOSS alternative for my current platform. If I do have the FOSS and can somehow get it implemented, then at some point down the road it might even be possible to get fully switched because "it won't be a big deal, that app is available on xyzOS too." If I don't have something, then we're locked in because of that app, and it mostly doesn't matter what the relative merits of MS and xyzOS are, I'm stuck with MS until that app is gone (probably 5-10 years if it's remotely useful).
Might suit for a home network, but I can't think of a multinational company that would block one of the largest population masses in the world.
How many multinational companies are there in the world versus the number of small businesses or national companies? I'd guess the number was quite small. If I sell left-handed widgets to the greater Topeka, KS area, why on earth would I ever want people from China, Brazil, or even Canada to send me e-mail?
Personally, I know people in exactly four countries, and I wouldn't lose any sleep over a default-deny rule for any ISP outside of those, primary domain contacts excepted (webmaster@, abuse@, etc.).
Also, if you R'dTFA, you would see that these are people from the US setting up business in China, because the US has started to crack down on spammers. China should do the same.
It would act as a Faraday cage just like the average car does, and we all know that nobody EVER drives their car while talking on their cellphone, right?
Been there, tried that, started getting more than 10k messages an hour to other random addresses on my domain.
Now I/dev/null everything that doesn't have a known address on it, but that means I have to keep up a list of 100+ addresses for the sites that are legitimate and that I trust to stay that way. Not much fun.
I find it uncomfortable to hold a laptop in my lap and try to type. The angle is all wrong.
This might not be applicable, but could it be that you're just too short? I have a problem using my laptop if it's squished right up next to my beanbag, but if it's further down - at or just hanging over my knees - then typing isn't too bad. I'm just under 2 meters tall, so that helps a bit, too.
I'd have to agree that most laptops are really just portables, at least around here. Probably half of the people with laptops have a docking station @home for them as well as one here @work, and the rest just leave the laptops docked all the time.
slashdot easter egg:
HEAD slashdot.org | grep X-[B,F]
Try wget -qsO- slashdot.org | grep X-[B,F] instead... that'll fetch w/ headers and grep all at once. Now I just need to find mod_Futurama for my Apache!
The accepted answer: They could, but they really shouldn't be.
The long, drawn-out answer: The user has to explicitly open / run some type of executable, so they were obviously fooled into running it in one way or another. It could be (rampant) ignorance, it could be an honest mistake, but somehow the user thought they were getting A and they really got B. The ILoveYou "virus" is a perfect example: people thought they were getting a message from an admirer, so they opened the attachment. That attachment wasn't just some file that had been co-opted by a virus, it was 100% pure trojan. It didn't do anything but screw them, and not in the good way.
These "viruses" aren't other programs that happen to be infected with viral content, they are purpose-written programs completely of their own. These viruses don't insinuate themselves in other, pre-existing content as a classic virus would, or even as macro viruses do, they're just the equivalent of a utility like RM or VNC and they socially engineer people into running them.
Will everyone please use the proper terms for these objects? "Misnaming Viruses" would've been my choice for the peeve poll:
A virus is a self-replicating program that spreads by inserting copies of itself into other executable code or documents.
A Trojan is a malicious program that is disguised as legitimate software.
A computer worm is self-replicating, but is self-contained and does not need to be part of another program to propagate itself.
So most of the so-called viruses that are out there are really Trojans - they claim to be one thing, but are actually something else. Once you delete the original(s), you're finished; they don't generally infect your other files to propagate, they just make several copies of themselves independent of your programs. Other than macro viruses, there are very few true viruses in the wild these days.
Someone with the knowledge and will and time can come up with a way to circumvent almost any protective scheme they come up with.
The entire point of cryptography is to make it hard enough that you won't bother attacking the algorithm, you'll just rough up the guy with the password or do something else to get your protected content.
Things like AES and PGP have been checked through by smart people to make sure there are no obvious cheats, but every algorithm has a glaring weakness: brute force.
If you try every single possible password / key / hash / whatever, you are guaranteed to get the answer. The only point of cryptography is to make it so that:
Brute-force* is the fastest way to get what you want - there is no magic key that will get you there faster
Brute-force will take too long for it to be useful to anyone.
I can collide any SHA-1 hash you give me, guaranteed, with only 2^160 tries. The only problem with trying all 2^160 combinations is that it'll take more than a billion billion billion years.
* = Most clever tricks included - if you have some clever trick that cuts your search space down by a billion times, that's great, but it'll still take a billion billion years. This is the case with things like Quadratic Sieves versus test division for prime factorization: both will get the answer, and QS is thousands / millions / billions of times faster than division, but it's still infeasible to factor 1000-bit composites.
If someone can push a hacked file up to some site for download, couldn't they just hack the advertised MD5 too? What sort of precautions are in-place to defeat this?
This is why people are supposed to get their distros and digests from two or more different sources. It's nice to check my MD5 sums to see if what I have matches what the site had, but it's an entirely separate problem to verify that either one of those items is the correct item.
XiaoyunWang, Dengguo Feng, Xuejia Lai, and Hongbo Yu
"Collisions for hash functions md4, md5,haval-128 and ripemd"
Re:Answer 50 years. BTW, THIS IS TRUSTED COMPUTIN
on
i-Names Pick Up Steam
·
· Score: 1
Allow me to be the first to officially say: WTF?!
...the Trust chip even DEFEATS THE GPL! Having the source code and being able to modify and compile it is USELESS when that recompiled code DOES NOT WORK. The Trust chip forbids the recompiled code from access to the required encryption keys. The recompiled code will "run", but it will not WORK because it cannot read it's encrypted files and it cannot interoperate.
What is the basis for this? Are you saying I won't be able to write any programs on my own? If I can write my own programs, I can get the source code and compile it. If I write a program which creates files, I sure as hell better be able to read said files from another program...
Also, further up you say something about tying DRM to a credit card. Isn't that what basically ALL DRM does? And how is this technology any different from the CPU Serial debacle that occured when the P3 first came out? (or was it P2, don't remember) The World was outraged, and all manufacturers pretty much turned it off by default. End of story, beginning of tinfoil hat bubble.
The i-name you have requested is an XNS "reserved" name. If you are the orginal XNS name registrant, you can reclaim it and convert it to a new global i-name here. If the original registrant of that i-name doesn't claim it during the EGS period, the i-name will become available again for registration on a first come first serve basis.
I haven't found in the FAQs or anywhere on the site what that EGS period is... anyone out there have an idea of when I can register myself?
Imagine the computational power needed for high FPS first person holographic virtual reality games!
Or if you want to take the rest of the comments on this article into account, just imagine the computational power necessary to simulate that holopr0n chick's interest in a slashdotter!
I know that "over 700" leaves a lot of room, but I think my highest was about 1600, where AdAware found three and four copies each of several spyware apps. Are you talking about Post-Spybot findings? That would surprise me a LOT!.
The owner of the computer above called me to upgrade his RAM because his computer was too slow, and he was at 128 and wanted 512. I put the RAM in, and what had been a ten-minute XP boot process turned into a five-minute one. After three cycles of Ad-Aware (with the 1600 on the first one, maybe 15 between the other two), it was a minute between power-on and the login screen, and maybe 30 seconds beyond that for everything to settle.
Slashdot Mirror
And what's the market share of Windows these days?
Try to compare apples to apples...
Divide the # of viruses by the user base of the affected platform, see who is ahead at that point. I have no idea, my guess is it's probably fairly even, probably just a little slanted in favor of Linux.
I can see it now:
CowboyNeal: Hi, I'm CowboyNeal, and you are...?
Object of Attention: I'm not impressed
CN: Allrighty then... so what do you do?
OoA: I'm a $1000-an-hour nude model and occasional porn star. What's your job, assuming you have one?
CN: I'm working with Linux and Open Source these days.
OoA: Really! Hmm... Hey, why don't we go someplace a little more... private.
Did you actually read what you wrote? All the others are proprietary, but not OpenGL.
... can't this fellow just get Freeme or something similar and un-DRM his WM9? Note the third link, this may no longer apply.
Has anyone else tried this to know if you really need to install InterActual? I despise that software, and I see no reason that a Windows Media 9 DRM file would require 3rd party software to work. I could understand if there was some kind of codec to be installed, but the only reason I've ever needed IA is when I wiped my computer and hadn't reinstalled DVD playback software yet.
Will USER directives do what you want automatically? I'm not sure what Apache classifies as CGI, PHP may or may not be included.
I saw this yesterday on a.... uhh... "anatomic reference" site:
This site is defaced!!! NeverEverNoSanity WebWorm generation 10.
I tried to find some kind of reference and Googled for it, but I got no results.
Still nothing on it, wonder how long it'll be before it shows up?
MSN search returns 3 results, that's just a bit short of 39,000, so I guess they must be using the beta engine for the article.
Who can specifically give me a reason to switch from A1 to A2 if I'm using PHP? Not that I have control over it on my ISP, but I'm curious as to what A2 adds that I should need, independent of developing in PHP.
For the record, I'm still using Win2k and Office97 @ home because I see no reason to upgrade. I have XP @ work, and it's great, but it's not better enough for me to care.
I agree with the link in the second article, though, that the PHP documentation shouldn't single out A2 unless it also notes compatibility problems with other OS/WS combinations.
And it wasn't made clear, what is the reason that PHP doesn't like multi-threaded mode? It suggests that the programs/libraries that PHP utilizes are not thread-safe, but if PHP is itself multi-threaded, why does it make a difference?
I am an advocate of FOSS on Win32 for just this reason. There are applications that I still have to use that aren't available cross-platform, but if I can start to migrate those same tasks to these open apps (MSO->OOo, IE->Moz, PS->Gimp, Notes->TBird) then at some point I will be able to switch.
Until the business side is satisfied with the options, it simply isn't going to happen. It's not a matter of advocacy, only reality. If Lumbergh has a vital new app, I need a FOSS alternative for my current platform. If I do have the FOSS and can somehow get it implemented, then at some point down the road it might even be possible to get fully switched because "it won't be a big deal, that app is available on xyzOS too." If I don't have something, then we're locked in because of that app, and it mostly doesn't matter what the relative merits of MS and xyzOS are, I'm stuck with MS until that app is gone (probably 5-10 years if it's remotely useful).
Personally, I know people in exactly four countries, and I wouldn't lose any sleep over a default-deny rule for any ISP outside of those, primary domain contacts excepted (webmaster@, abuse@, etc.).
Also, if you R'dTFA, you would see that these are people from the US setting up business in China, because the US has started to crack down on spammers. China should do the same.
It would act as a Faraday cage just like the average car does, and we all know that nobody EVER drives their car while talking on their cellphone, right?
Been there, tried that, started getting more than 10k messages an hour to other random addresses on my domain.
/dev/null everything that doesn't have a known address on it, but that means I have to keep up a list of 100+ addresses for the sites that are legitimate and that I trust to stay that way. Not much fun.
Now I
There is one, it's called the Half-bakery.
It has a specific category for Spam Avoidance, plus a lot of other entertaining half-baked ideas.
I find it uncomfortable to hold a laptop in my lap and try to type. The angle is all wrong.
This might not be applicable, but could it be that you're just too short? I have a problem using my laptop if it's squished right up next to my beanbag, but if it's further down - at or just hanging over my knees - then typing isn't too bad. I'm just under 2 meters tall, so that helps a bit, too.
I'd have to agree that most laptops are really just portables, at least around here. Probably half of the people with laptops have a docking station @home for them as well as one here @work, and the rest just leave the laptops docked all the time.
slashdot easter egg:
HEAD slashdot.org | grep X-[B,F]
Try wget -qsO- slashdot.org | grep X-[B,F] instead... that'll fetch w/ headers and grep all at once. Now I just need to find mod_Futurama for my Apache!
The short answer:
Technically, yes.
The accepted answer:
They could, but they really shouldn't be.
The long, drawn-out answer:
The user has to explicitly open / run some type of executable, so they were obviously fooled into running it in one way or another. It could be (rampant) ignorance, it could be an honest mistake, but somehow the user thought they were getting A and they really got B. The ILoveYou "virus" is a perfect example: people thought they were getting a message from an admirer, so they opened the attachment. That attachment wasn't just some file that had been co-opted by a virus, it was 100% pure trojan. It didn't do anything but screw them, and not in the good way.
These "viruses" aren't other programs that happen to be infected with viral content, they are purpose-written programs completely of their own. These viruses don't insinuate themselves in other, pre-existing content as a classic virus would, or even as macro viruses do, they're just the equivalent of a utility like RM or VNC and they socially engineer people into running them.
Much like a gift horse from the Trojan Army. =)
Will everyone please use the proper terms for these objects? "Misnaming Viruses" would've been my choice for the peeve poll:
A virus is a self-replicating program that spreads by inserting copies of itself into other executable code or documents.
A Trojan is a malicious program that is disguised as legitimate software.
A computer worm is self-replicating, but is self-contained and does not need to be part of another program to propagate itself.
So most of the so-called viruses that are out there are really Trojans - they claim to be one thing, but are actually something else. Once you delete the original(s), you're finished; they don't generally infect your other files to propagate, they just make several copies of themselves independent of your programs. Other than macro viruses, there are very few true viruses in the wild these days.
Or MD5 and SHA-1, as pointed out in the paper. The two files generate the same MD5 hash, but disparate SHA-1 hashes.
Things like AES and PGP have been checked through by smart people to make sure there are no obvious cheats, but every algorithm has a glaring weakness: brute force.
If you try every single possible password / key / hash / whatever, you are guaranteed to get the answer. The only point of cryptography is to make it so that:
Brute-force* is the fastest way to get what you want - there is no magic key that will get you there faster
Brute-force will take too long for it to be useful to anyone.
I can collide any SHA-1 hash you give me, guaranteed, with only 2^160 tries. The only problem with trying all 2^160 combinations is that it'll take more than a billion billion billion years.
* = Most clever tricks included - if you have some clever trick that cuts your search space down by a billion times, that's great, but it'll still take a billion billion years. This is the case with things like Quadratic Sieves versus test division for prime factorization: both will get the answer, and QS is thousands / millions / billions of times faster than division, but it's still infeasible to factor 1000-bit composites.
It depends on the two hash algos and how much/little they inter-relate.
For algorithms that are provably unrelated, it should approach A*B.
However, if they're closely tied to each other (not sure, but probably MD5 and MD4?), it could be as little as A+B.
No, but I believe this one is:
XiaoyunWang, Dengguo Feng, Xuejia Lai, and Hongbo Yu
"Collisions for hash functions md4, md5,haval-128 and ripemd"
Also, further up you say something about tying DRM to a credit card. Isn't that what basically ALL DRM does? And how is this technology any different from the CPU Serial debacle that occured when the P3 first came out? (or was it P2, don't remember) The World was outraged, and all manufacturers pretty much turned it off by default. End of story, beginning of tinfoil hat bubble.
I believe that's what an i-broker is...
The owner of the computer above called me to upgrade his RAM because his computer was too slow, and he was at 128 and wanted 512. I put the RAM in, and what had been a ten-minute XP boot process turned into a five-minute one. After three cycles of Ad-Aware (with the 1600 on the first one, maybe 15 between the other two), it was a minute between power-on and the login screen, and maybe 30 seconds beyond that for everything to settle.