I can see how the increased market share would make them more of a target, but I can't really imagine how the change in CPU would
The Harvard architecture that the PowerPC uses is inherently more secure than x86. A remote exploit on running code has a very low chance of working on the PPC, but nearly a 100% chance on the x86 (which is why all these IE exploits work all the time). When they fail to execute code, the PPC application just crashes. I'd think if someone went to a place that causes their browser to crash 10 times in a row, they'd stop trying to go there.
Then again, Apple has taken massive steps on the x86 side to prevent these kinds of attacks. Such as enforcing the NX/XD bit and enforcing a non-executable stack. The former goes a long way, it was even able to prevent the WMF exploit from working on Windows, if it was available in hardware. Luckily, all ICBMs ship with the hardware support.
It's just sad really. This Tom guy can't read crash reports. He reports the same TIFF crash as two different crashes, and then says there is a parsing error in CFAllocatorAllocate(), which does parse anything, it just allocates memory. In CF, most functions will call abort() and force an application crash if given bad parameters. Such as a 0 size for memory.
Most, if not all, of these just amount to DoS attacks and it's not actually possible to get them to run arbitrary executable code. But now days any kind of reproducible crash is incorrectly regarded as a massively massive security issue. It's people like Tom Ferris that make real computer security jobs into a joke.
This is also true of Windows. Except windows changed the size of an inch to incorporate 96 points. The distance between pixels and the size of the pixels are identical, the inch is just larger. Embracing and extending the inch..
Notice how I didn't say it uses it to blindly distribute it. It only does it to the computers you explicitly specify. And computers can only become nodes if they are specifically set up to do so.
Remember what they say about people that assume things, it makes you look like a troll.
In Bonjour, application developers describe the service used. For UPnP, The UPnP forum creates the profiles. If a profile doesn't exist, you must wait for the UPnP forum to create it. There appears to be a list of them here.
For example, there does not appear to be a profile for something like iChat (Internet Chat), Xcode (Distributed Computing), or Font Sharing. Yet Bonjour enables both of these since the standards bodies do not limit the services.
Bonjour allows arbitrary clients to discover arbitrary services they can "subscribe" to. Like iTunes looks for other programs that offer the iTunes service via Bonjour. Or iChat allows you to talk to any other user on the same network via Bonjour. or iPhoto allows you to see other photo albums on the network. The TiVo also uses to automatically discover music, pictures being shared from desktop clients. None of it requires you know about the host offering the service beforehand. ZeroConf is just one aspect of it.
Xcode uses it to discover which clients on a network it can distribute complies to to speed up the horribly slow GCC.
Well, my DSL contract ends in May...here I come Nex-Tech.
If Nex-Tech is a DSL provider you'd likely be using the exact same lines and still be going through AT&T's/SBC's systems.
Phone companies lease DSL to other companies to resell. If Nex-Tech is one of these, then you're still giving AT&T money, still using their lines, and still having all your porn requests send to the NSA.
It's obvious that this was just done so Apple can more easily load Windows XP by default on new Macs and phase out OS X. I mean, that's why Avie's leaving after all, his precious mach isn't used in Windows.
Pragmatic Studio offers a three-day, interactive Ruby on Rails workshop.
That's how they are attributed.
For example, Technote 2078 was written by Laurence Harris. His name is in this reference section.
Sadly, technote 2078 is now woefully out of date. The statement Don't pass FSRefs in AppleEvents. Because FSRefs are not guaranteed to be valid across processes in Mac OS X you shouldn't send them in AppleEvents is not true as of 10.4. FSRefs now work across processes (but still not across reboots). FSSpecs are also safe to pass between processes as of 10.4. Both gained this new ability (that Mac OS 9 had) since volume reference numbers are no longer per process.
There is attributed on these. They're usually the links in the "See also" at the bottom of the ADC articles when they're not written by an apple person.
Yes. It is not long after when you consider geological time periods. 100 years compared to the entire history of the Earth is "not long after" (unless you take the Bible literally, sheep). 100 years after the founding of the US is a very long time. Boobs.
Slashdot Mirror
Be prepared to wait well over a year then, love.
For Leopard I mean. The wait for vista is a given, sweety puimpkin.
I can see how the increased market share would make them more of a target, but I can't really imagine how the change in CPU would
The Harvard architecture that the PowerPC uses is inherently more secure than x86. A remote exploit on running code has a very low chance of working on the PPC, but nearly a 100% chance on the x86 (which is why all these IE exploits work all the time). When they fail to execute code, the PPC application just crashes. I'd think if someone went to a place that causes their browser to crash 10 times in a row, they'd stop trying to go there.
Then again, Apple has taken massive steps on the x86 side to prevent these kinds of attacks. Such as enforcing the NX/XD bit and enforcing a non-executable stack. The former goes a long way, it was even able to prevent the WMF exploit from working on Windows, if it was available in hardware. Luckily, all ICBMs ship with the hardware support.
It's just sad really. This Tom guy can't read crash reports. He reports the same TIFF crash as two different crashes, and then says there is a parsing error in CFAllocatorAllocate(), which does parse anything, it just allocates memory. In CF, most functions will call abort() and force an application crash if given bad parameters. Such as a 0 size for memory.
Most, if not all, of these just amount to DoS attacks and it's not actually possible to get them to run arbitrary executable code. But now days any kind of reproducible crash is incorrectly regarded as a massively massive security issue. It's people like Tom Ferris that make real computer security jobs into a joke.
This is also true of Windows. Except windows changed the size of an inch to incorporate 96 points. The distance between pixels and the size of the pixels are identical, the inch is just larger. Embracing and extending the inch..
Notice how I didn't say it uses it to blindly distribute it. It only does it to the computers you explicitly specify. And computers can only become nodes if they are specifically set up to do so.
Remember what they say about people that assume things, it makes you look like a troll.
In Bonjour, application developers describe the service used. For UPnP, The UPnP forum creates the profiles. If a profile doesn't exist, you must wait for the UPnP forum to create it. There appears to be a list of them here.
For example, there does not appear to be a profile for something like iChat (Internet Chat), Xcode (Distributed Computing), or Font Sharing. Yet Bonjour enables both of these since the standards bodies do not limit the services.
Bonjour allows arbitrary clients to discover arbitrary services they can "subscribe" to. Like iTunes looks for other programs that offer the iTunes service via Bonjour. Or iChat allows you to talk to any other user on the same network via Bonjour. or iPhoto allows you to see other photo albums on the network. The TiVo also uses to automatically discover music, pictures being shared from desktop clients. None of it requires you know about the host offering the service beforehand. ZeroConf is just one aspect of it.
Xcode uses it to discover which clients on a network it can distribute complies to to speed up the horribly slow GCC.
Is it a pain to carry around the same remote for your car? why can't you just put the remote on a keychain just like your car remote?
Well, my DSL contract ends in May...here I come Nex-Tech.
If Nex-Tech is a DSL provider you'd likely be using the exact same lines and still be going through AT&T's/SBC's systems.
Phone companies lease DSL to other companies to resell. If Nex-Tech is one of these, then you're still giving AT&T money, still using their lines, and still having all your porn requests send to the NSA.
The funny thing is that this is exactly the first thing that came to my mind.
After reading your comment I think thought, "And perhaps this is why Net Neutrality will never happen."
Indeed. Luckily I was there for the first failure. I hope I can be there for the second one as well. OMGWTFBBQ?!
But I hear Japan is humid as all hell in the summer.
Sorry, but I do believe my rationale is far more believable.
It's obvious that this was just done so Apple can more easily load Windows XP by default on new Macs and phase out OS X. I mean, that's why Avie's leaving after all, his precious mach isn't used in Windows.
Japanese mobile tech is at least 3 years ahead of everyone else. Vodafone just didn't get it.
And their toilets.. My god, their toilets
Sure there is. The very last link in the content:
Pragmatic Studio offers a three-day, interactive Ruby on Rails workshop.
That's how they are attributed.
For example, Technote 2078 was written by Laurence Harris. His name is in this reference section.
Sadly, technote 2078 is now woefully out of date. The statement Don't pass FSRefs in AppleEvents. Because FSRefs are not guaranteed to be valid across processes in Mac OS X you shouldn't send them in AppleEvents is not true as of 10.4. FSRefs now work across processes (but still not across reboots). FSSpecs are also safe to pass between processes as of 10.4. Both gained this new ability (that Mac OS 9 had) since volume reference numbers are no longer per process.
There is attributed on these. They're usually the links in the "See also" at the bottom of the ADC articles when they're not written by an apple person.
I had assumed they'd just release a Bubble Gum-like flavor called Web 2.0.
Perhaps we should ask The Question?
Well, all the better for you. I don't think CmdrTaco will get one as /. is about as fair and balanced as Fox News.
Funny how not using the Apple solution immediately means you're giving money to Microsoft, a convicted monopolist. Just saying..
Well, it's not just Winamp. Seems no one can get this format correct. Even iTunes had a problem http://lists.apple.com/archives/security-announce/ 2005/Jan/msg00000.html although whether it was actually exploitable or not is something else.
Well, the story was so nice it just had to be said twice!
Yes. It is not long after when you consider geological time periods. 100 years compared to the entire history of the Earth is "not long after" (unless you take the Bible literally, sheep). 100 years after the founding of the US is a very long time. Boobs.
Per application audio control? Like Detour on OS X? (All audio streams are per app but this lets you have fine control over them).
Well, I guess 16gigs max is at least 4GB (8GB with the current size of chips).
Yeah, even I wrote one such "review". But never said it cooked (other than maybe the extra heat...)