This being slashdot, I know the first thing everyone thinks about when someone says "computer" is "OOOOOH is it a windows mac or linux????" You're thinking way too narrowly about the definition of a computer. Chances are, they have a custom-made OS, or even no OS at all (i.e. no need to overclock)--the truster control software might just run directly on the CPU. In fact, the CPU might not even be what you usually hear--I'm quite certain it's not a modern Intel/AMD processor (probably more processing power than is needed). Actually I just did some research, and they just use a bunch of 386s (http://www.dansdata.com/spacecomp.htm), clearly nothing modern. btw, this doesn't at all imply that it needs to run a consumer OS.
this is the only wireless chip fit for the job. if you want another company with more open source policies to make the same thing, you're asking them to dump a whole lot of $$$ on r&d, and they either won't bother, or if they do, it'll take forever for it to come to production. Marvell can live without OLPC's support. Under the license agreement for the hardware, OLPC has to use the proprietary firmware.
So what they heck do you expect to do, then?
that's how many ATTACKS the darn machine received. Leave a *nix machine, or an apple, or even a nice router on the internet, look through the incoming/outgoing logs, and it should not be surprising that you'll find a million attempted attacks. They're just all the infected bots on the internet still trying to infect everyone else. I'd be more concerned if the holes were actually open, and it just infected itself if you left it on the 'net. A windows machine does not attract more infection attempts than other OSes; it simply (at least used to) be more susceptible to being successfully infected.
someone wayyy above made a point i'd like to address: the majority of users do not know what they're doing and do not know the proper safety precautions. Well, ignoring the fact that norton and mcafee crpsoftware come preinstalled (as dummy trial versions, of course) on most prebuilt PCs (obviously most "regular" consumers do not build computers and at this time probably wont' even install xp themselves), you can't expect them to figure out how to use all of the open source stuff, either, can you?
yes, that's right, open source--or in the hardware world, DIY.
open source software on top of open source hardware. Expandable software and hardware capabilities.
Trust me, I have plans up my sleeves--just wait; _______ will kill apple the same way firefox is about to kill IE.
Have fun with your short-lived dominance, apple, have fun. . . while you can
=D
i agree! I don't see why anyone even has to report on this issue--it's inherently true, and I didn't even need a test to know that. As previous posters have pointed out, WMA is a more complex format. But a larger issue is that WMA has DRM, and DRM uses encryption, and whoever argues that it doesn't take more CPU to decrypt a file than to just read it is out of his/her mind. More CPU = Less battery life.
There's nothing astonishing about this article. Just more fodder for those with a pocket full of anti-DRM, anti-Microsoft puns waiting for a +5 funny on their damn posts.
it's not too impressive a DIY project. it's just reversing a lens for macro--this is a pretty well known way of making a lens macro (the other way is to use extension tubes). People have definitely done this before--and probably with better results.
There are reverse adapters for lens mounts, and they're relatively cheap, anyway. Some of the more expensive ones also maintain the contacts for the lenses, allowing for autofocus and automatic shutter control.
[rant] i'm getting kind of sick of how slashdot seems to post a lot of off-topic stuff--i mean, this is supposed to be open-source computer/internet news, not photography, not physics or science: i often find many posters to be misinformed on these topics (which obviously isn't their forte) [/rant]
I agree, CSS cross-scripting is a problem, and i'm quite certain this exploit works on most IEs.
But I've been lowering the security on my IE all the way for the past 15 minutes and I still can't get this damned thing to become exploited! It's only worked when I placed hacker.co.il on my trusted sites list. I suspect that it's because I've fixed up a lot of the default security settings in IE ("navigate sub-frames across different domains", almost blatantly a CSS "feature" that's left enabled on IE by default) and the settings only get updated if I restart my computer (which I'm too lazy to do right now).
Whenever I test this exploit, it only returns a JavaScript error saying "access is denied" for the line where the exploit tries to access the cssText property.
I'd bet most of you right now are reaching for that mod +funny button, but I'm serious here. For those three other people on slashdot who still use IE, fix your internet zone settings so that all the weird options in "miscellaneous" to "disable", restart, and see if the exploit still works.
If it doesn't, well, looks like we've caught microsoft shipping IE with XSS turned on by default. If it still does work, then ignore this post. I've seriously f***ed up my IE beyond its normal set of exploits and bugs.
I don't know why no one has ever really mentioned this, but there's a class of enzymes called lysins which are essentially bacterial bleach--they'll kill specific bacteria within seconds through lysis. Not just that, there's a lysin that's been found to be specific for the antrax bacteria. I find this to be a more likely and more interesting branch of research--I personally think these will be the next generation of antibiotics.
Abstract: http://www.nature.com/nature/journal/v418/n6900/ab s/nature01026.html
abstract doesn't really say much, though
i agree--it's not the best e-mail system ever, although it is good; i personally don't think any web interface so far can beat using thunderbird or some other e-mail program
I've been using napster for more than 6 months now, before they had the to-go service, and it fit my personal needs perfectly. Maybe it's enough for some of you, but my few-hundred p2p'd + ripped tracks just weren't enough. not just that, i found p2p to be incredibly slow. it wasn't good for helping me discover any music, either.
I had considered a service called pressplay a while ago, but their model gave a limit on the number of streams (no downloads) per month, although they did include a limited number of included purchase credits per month. But now, I checked their site to find that they were now bought by roxio and renamed napster. They had a new unlimited stream/download subscription model, too. I signed up, and within a few weeks I found myself with around 2000 new tracks and at least 10 new artists i really liked.
So personally, I really find 10,000 tracks (or even more) to be something appealling. in fact, i'm almost there (i've got around 8000+ songs from napster). I guess some of you aren't so keen on the idea of exploring music and listening to too much more than just a few hundred songs, so it won't be for you. I don't think Napster will ever expand enough to be the driving force of the online music industry, but it'll always be there, with a some people like me who listen to tons of music.
you could probably use the same idea on any sort of sound that comes out of your computer. like you could use yahoo's launch music video service and rip out the sound from there. for free. and forever.
napster really doesn't deserve to be the target of all this hype.
I've been using Napster for the last 3 months and it's really not a replacement for buying cds or buying permanent songs over the internet--it's much more useful as a music discovery tool. I can decide which artists are actually good before I go ahead and buy cds (which have better sound quality than mp3s/wmas). I haven't bought a single cd that i'm not disappointed with since i started using napster, and i've found at least 5 new artists i like.
I also don't see how rental of songs for a montly fee wouldn't appeal to someone--online music downloads are at least.79, and i've already downloaded ~4000 tracks from napster, and 3*$15 = $45 flat fee for those 3 months, while downloading each track would have cost $4000. For me, the fact that they're only temporary downloads doesn't matter, simply because the value is just too great, i also save money by not buying bad cds, and i dont expect for napster to become bankrupt or me to cancel my subscription anytime soon.
I always have pretty restrictive internet explorer policies, and it seems that my "navigate sub-frames across domains" is preventing this exploit from actually working. You won't have to go so restrictive as to disable ActiveX to work around this.
I've only skimmed through the full report a little bit, and there's already a problem with some of its logic and data. It mentions that Microsoft's web site restarts on an average of only 59 days; yet, this does not necessarily represent the true uptime of their servers, as they are actually proxied and protected by linux servers on the front end [http://news.zdnet.co.uk/software/linuxunix/0,3902 0390,39115920,00.htm]
Slashdot Mirror
This being slashdot, I know the first thing everyone thinks about when someone says "computer" is "OOOOOH is it a windows mac or linux????" You're thinking way too narrowly about the definition of a computer. Chances are, they have a custom-made OS, or even no OS at all (i.e. no need to overclock)--the truster control software might just run directly on the CPU. In fact, the CPU might not even be what you usually hear--I'm quite certain it's not a modern Intel/AMD processor (probably more processing power than is needed). Actually I just did some research, and they just use a bunch of 386s (http://www.dansdata.com/spacecomp.htm), clearly nothing modern. btw, this doesn't at all imply that it needs to run a consumer OS.
this is the only wireless chip fit for the job. if you want another company with more open source policies to make the same thing, you're asking them to dump a whole lot of $$$ on r&d, and they either won't bother, or if they do, it'll take forever for it to come to production. Marvell can live without OLPC's support. Under the license agreement for the hardware, OLPC has to use the proprietary firmware. So what they heck do you expect to do, then?
that's how many ATTACKS the darn machine received. Leave a *nix machine, or an apple, or even a nice router on the internet, look through the incoming/outgoing logs, and it should not be surprising that you'll find a million attempted attacks. They're just all the infected bots on the internet still trying to infect everyone else. I'd be more concerned if the holes were actually open, and it just infected itself if you left it on the 'net. A windows machine does not attract more infection attempts than other OSes; it simply (at least used to) be more susceptible to being successfully infected. someone wayyy above made a point i'd like to address: the majority of users do not know what they're doing and do not know the proper safety precautions. Well, ignoring the fact that norton and mcafee crpsoftware come preinstalled (as dummy trial versions, of course) on most prebuilt PCs (obviously most "regular" consumers do not build computers and at this time probably wont' even install xp themselves), you can't expect them to figure out how to use all of the open source stuff, either, can you?
yes, that's right, open source--or in the hardware world, DIY. open source software on top of open source hardware. Expandable software and hardware capabilities. Trust me, I have plans up my sleeves--just wait; _______ will kill apple the same way firefox is about to kill IE. Have fun with your short-lived dominance, apple, have fun. . . while you can =D
i agree! I don't see why anyone even has to report on this issue--it's inherently true, and I didn't even need a test to know that. As previous posters have pointed out, WMA is a more complex format. But a larger issue is that WMA has DRM, and DRM uses encryption, and whoever argues that it doesn't take more CPU to decrypt a file than to just read it is out of his/her mind. More CPU = Less battery life. There's nothing astonishing about this article. Just more fodder for those with a pocket full of anti-DRM, anti-Microsoft puns waiting for a +5 funny on their damn posts.
it's not too impressive a DIY project. it's just reversing a lens for macro--this is a pretty well known way of making a lens macro (the other way is to use extension tubes). People have definitely done this before--and probably with better results.
There are reverse adapters for lens mounts, and they're relatively cheap, anyway. Some of the more expensive ones also maintain the contacts for the lenses, allowing for autofocus and automatic shutter control.
[rant]
i'm getting kind of sick of how slashdot seems to post a lot of off-topic stuff--i mean, this is supposed to be open-source computer/internet news, not photography, not physics or science: i often find many posters to be misinformed on these topics (which obviously isn't their forte)
[/rant]
yep.
not a real slr?
not interested.
i prefer the viewfinder over a crappy low-res lcd preview.
I agree, CSS cross-scripting is a problem, and i'm quite certain this exploit works on most IEs.
But I've been lowering the security on my IE all the way for the past 15 minutes and I still can't get this damned thing to become exploited! It's only worked when I placed hacker.co.il on my trusted sites list. I suspect that it's because I've fixed up a lot of the default security settings in IE ("navigate sub-frames across different domains", almost blatantly a CSS "feature" that's left enabled on IE by default) and the settings only get updated if I restart my computer (which I'm too lazy to do right now).
Whenever I test this exploit, it only returns a JavaScript error saying "access is denied" for the line where the exploit tries to access the cssText property.
I'd bet most of you right now are reaching for that mod +funny button, but I'm serious here. For those three other people on slashdot who still use IE, fix your internet zone settings so that all the weird options in "miscellaneous" to "disable", restart, and see if the exploit still works.
If it doesn't, well, looks like we've caught microsoft shipping IE with XSS turned on by default. If it still does work, then ignore this post. I've seriously f***ed up my IE beyond its normal set of exploits and bugs.
I don't know why no one has ever really mentioned this, but there's a class of enzymes called lysins which are essentially bacterial bleach--they'll kill specific bacteria within seconds through lysis. Not just that, there's a lysin that's been found to be specific for the antrax bacteria. I find this to be a more likely and more interesting branch of research--I personally think these will be the next generation of antibiotics. Abstract: http://www.nature.com/nature/journal/v418/n6900/ab s/nature01026.html
abstract doesn't really say much, though
i agree--it's not the best e-mail system ever, although it is good; i personally don't think any web interface so far can beat using thunderbird or some other e-mail program
I've been using napster for more than 6 months now, before they had the to-go service, and it fit my personal needs perfectly. Maybe it's enough for some of you, but my few-hundred p2p'd + ripped tracks just weren't enough. not just that, i found p2p to be incredibly slow. it wasn't good for helping me discover any music, either. I had considered a service called pressplay a while ago, but their model gave a limit on the number of streams (no downloads) per month, although they did include a limited number of included purchase credits per month. But now, I checked their site to find that they were now bought by roxio and renamed napster. They had a new unlimited stream/download subscription model, too. I signed up, and within a few weeks I found myself with around 2000 new tracks and at least 10 new artists i really liked. So personally, I really find 10,000 tracks (or even more) to be something appealling. in fact, i'm almost there (i've got around 8000+ songs from napster). I guess some of you aren't so keen on the idea of exploring music and listening to too much more than just a few hundred songs, so it won't be for you. I don't think Napster will ever expand enough to be the driving force of the online music industry, but it'll always be there, with a some people like me who listen to tons of music.
you could probably use the same idea on any sort of sound that comes out of your computer. like you could use yahoo's launch music video service and rip out the sound from there. for free. and forever. napster really doesn't deserve to be the target of all this hype.
I've been using Napster for the last 3 months and it's really not a replacement for buying cds or buying permanent songs over the internet--it's much more useful as a music discovery tool. I can decide which artists are actually good before I go ahead and buy cds (which have better sound quality than mp3s/wmas). I haven't bought a single cd that i'm not disappointed with since i started using napster, and i've found at least 5 new artists i like. I also don't see how rental of songs for a montly fee wouldn't appeal to someone--online music downloads are at least .79, and i've already downloaded ~4000 tracks from napster, and 3*$15 = $45 flat fee for those 3 months, while downloading each track would have cost $4000. For me, the fact that they're only temporary downloads doesn't matter, simply because the value is just too great, i also save money by not buying bad cds, and i dont expect for napster to become bankrupt or me to cancel my subscription anytime soon.
I always have pretty restrictive internet explorer policies, and it seems that my "navigate sub-frames across domains" is preventing this exploit from actually working. You won't have to go so restrictive as to disable ActiveX to work around this.
I've only skimmed through the full report a little bit, and there's already a problem with some of its logic and data. It mentions that Microsoft's web site restarts on an average of only 59 days; yet, this does not necessarily represent the true uptime of their servers, as they are actually proxied and protected by linux servers on the front end [http://news.zdnet.co.uk/software/linuxunix/0,3902 0390,39115920,00.htm]